PDO::ERRMODE_EXCEPTION, PDO::ATTR_PERSISTENT => PERSISTENT ] ); } catch ( PDOException ) { http_response_code( 500 ); die( 'No Connection to MySQL database!' ); } return $db; } function z_base32_encode( string $input ): string { $map = [ 'y', 'b', 'n', 'd', 'r', 'f', 'g', '8', // 7 'e', 'j', 'k', 'm', 'c', 'p', 'q', 'x', // 15 'o', 't', '1', 'u', 'w', 'i', 's', 'z', // 23 'a', '3', '4', '5', 'h', '7', '6', '9', // 31 ]; if ( empty( $input ) ) { return ''; } $input = str_split( $input ); $binaryString = ''; $c = count( $input ); for ( $i = 0; $i < $c; ++$i ) { $binaryString .= str_pad( decbin( ord( $input[ $i ] ) ), 8, '0', STR_PAD_LEFT ); } $fiveBitBinaryArray = str_split( $binaryString, 5 ); $base32 = ''; $i = 0; $c = count( $fiveBitBinaryArray ); while ( $i < $c ) { $base32 .= $map[ bindec( $fiveBitBinaryArray[ $i ] ) ]; ++$i; } return $base32; } function send_captcha(): void { if ( CAPTCHA_DIFFICULTY === 0 || ! extension_loaded( 'gd' ) ) { return; } $db = get_db_instance(); $captchachars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $length = strlen( $captchachars ) - 1; $code = ''; for ( $i = 0; $i < 5; ++$i ) { $code .= $captchachars[ mt_rand( 0, $length ) ]; } $randid = mt_rand(); $time = time(); $stmt = $db->prepare( 'INSERT INTO captcha (id, time, code) VALUES (?, ?, ?);' ); $stmt->execute( [ $randid, $time, $code ] ); echo '

Copy:
'; if ( CAPTCHA_DIFFICULTY === 1 ) { $im = imagecreatetruecolor( 55, 24 ); $bg = imagecolorallocate( $im, 0, 0, 0 ); $fg = imagecolorallocate( $im, 255, 255, 255 ); imagefill( $im, 0, 0, $bg ); imagestring( $im, 5, 5, 5, $code, $fg ); echo '

'; echo '

'; } function check_captcha( string $challenge, string $captcha_code ): bool { $db = get_db_instance(); if ( CAPTCHA_DIFFICULTY > 0 ) { if ( empty( $challenge ) ) { return false; } $code = ''; $stmt = $db->prepare( 'SELECT code FROM captcha WHERE id=?;' ); $stmt->execute( [ $challenge ] ); $stmt->bindColumn( 1, $code ); if ( ! $stmt->fetch( PDO::FETCH_BOUND ) ) { return false; } $time = time(); $stmt = $db->prepare( 'DELETE FROM captcha WHERE id=? OR time < ?;' ); $stmt->execute( [ $challenge, $time - 600 ] ); if ( $captcha_code !== $code ) { if ( CAPTCHA_DIFFICULTY !== 3 || strrev( $captcha_code ) !== $code ) { return false; } } } return true; } function validate_email_list( array $targets, string &$msg = '' ): string { $alias_goto = ''; $targets = array_unique( $targets ); foreach ( $targets as $email ) { $validator = new EmailValidator(); if ( $validator->isValid( $email, new NoRFCWarningsValidation() ) ) { $alias_goto .= ",$email"; } else { $msg .= '

Oops, the email "' . htmlspecialchars( $email ) . '" doesn\' look like a valid email address and thus wasn\'t added to the forwarding list.

'; } } return ltrim( $alias_goto, ',' ); } function check_domain_access( string &$email, string &$msg = '' ): bool { if ( ! $_SESSION[ 'email_admin_superadmin' ] ) { $db = get_db_instance(); $parser = new EmailParser( new EmailLexer() ); $parser->parse( $email ); $domain = $parser->getDomainPart(); $stmt = $db->prepare( 'SELECT target_domain FROM alias_domain WHERE alias_domain = ? AND active=1;' ); $stmt->execute( [ $domain ] ); if ( $tmp = $stmt->fetch( PDO::FETCH_ASSOC ) ) { $domain = $tmp[ 'target_domain' ]; $email = preg_replace( '~@[^@+]$~iu', "@$domain", $email ); } $managed_domains = []; $stmt = $db->prepare( 'SELECT domain FROM domain_admins WHERE username = ?;' ); $stmt->execute( [ $_SESSION[ 'email_admin_user' ] ] ); while ( $tmp = $stmt->fetch( PDO::FETCH_ASSOC ) ) { $managed_domains [] = $tmp[ 'domain' ]; } if ( ! in_array( $domain, $managed_domains, true ) ) { $msg .= '

You are not allowed to manage this domain.

'; return false; } } return true; } function check_email_valid( string $email, string &$msg = '' ): bool { $validator = new EmailValidator(); if ( ! $validator->isValid( $email, new NoRFCWarningsValidation() ) ) { $msg .= '

Invalid email address.

'; return false; } return true; }