borekon/disposable-mailbox
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1 from synox/master

Browse Source 
Update to Master
This commit is contained in:
Spegeli 2017-04-13 17:43:22 +02:00 committed by GitHub
commit 620d2924f4
10 changed files with 132 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitignore vendored
View File

@ -1,5 +1,2 @@
logs
node_modules/
.vagrant
.idea
target
*.patch

17
readme.md
View File

@ -3,9 +3,9 @@
[![Join the chat at https://gitter.im/synox/disposable-mailbox](https://badges.gitter.im/synox/disposable-mailbox.svg)](https://gitter.im/synox/disposable-mailbox?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
## Goals:
* easy to use: generate random name or use custom name, auto refresh
* easy to host: just php5 + imap extension
* easy to install: just copy some files
* easy to use: random or custom name, auto refresh
* easy to host: just php5 with imap extension, catch-all mailbox
* easy to install: copy-paste and imap config
* minimal code base: minimal features and complexity
| ![Screenshot](screenshot.png) |
@ -19,11 +19,11 @@
* Licence: <a rel="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">disposable-mailbox</span> by <a xmlns:cc="http://creativecommons.org/ns#" href="https://github.com/synox/disposable-mailbox" property="cc:attributionName" rel="cc:attributionURL">github:synox</a> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/">Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License</a>.
## Webserver requirements
## Requirements
* php >=5.3.0
* [imap extension](http://php.net/manual/book.imap.php)
* apache 2 (let me know how it works on nginx!)
* apache 2 webserver with php >=5.3.0 (let me know how it works on nginx!)
* php [imap extension](http://php.net/manual/book.imap.php)
* IMAP account and a domain with catch-all configuration. (all mails go to one mailbox).
## Installation
@ -32,9 +32,10 @@
<?php print imap_base64("SU1BUCBleHRlbnNpb24gc2VlbXMgdG8gYmUgaW5zdGFsbGVkLiA="); ?>
2. download a [release](https://github.com/synox/disposable-mailbox/releases) or clone this repository
3. copy the `src` directory to your web server.
3. copy the files in the `src` directory to your web server (not the whole repo!).
4. rename `config.sample.php` to `config.php` and apply the imap settings. Move `config.php` to a safe location outside the `public_html`.
5. edit `backend.php` and set the new path to `config.php`.
6. open it in your browser, check your php error log for messages.
## Build it yourself

BIN
screenshot.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 66 KiB

After

Width:  |  Height:  |  Size: 98 KiB

92
src/backend.php
View File

@ -21,13 +21,20 @@ function error($status, $text) {
}
/**
* print all mails for the given $user as a json string.
* print all mails for the given $user.
* @param $username string username
* @param $address string email address
*/
function print_emails($username, $address) {
$mail_ids = _search_mails($address);
global $mailbox;
// Search for mails with the recipient $address in TO or CC.
$mailsIdsTo = imap_sort($mailbox->getImapStream(), SORTARRIVAL, true, SE_UID, 'TO "' . $address . '"');
$mailsIdsCc = imap_sort($mailbox->getImapStream(), SORTARRIVAL, true, SE_UID, 'CC "' . $address . '"');
$mail_ids = array_merge($mailsIdsTo, $mailsIdsCc);
$emails = _load_emails($mail_ids, $address);
header('Content-type: application/json');
print(json_encode(array("mails" => $emails, 'username' => $username, 'address' => $address)));
}
@ -35,25 +42,59 @@ function print_emails($username, $address) {
/**
* deletes emails by id and username. The $address must match the recipient in the email.
*
* @param $mailid integer imap email id (integer)
* @param $mailid integer imap email id
* @param $address string email address
* @internal param the $username matching username
*/
function delete_email($mailid, $address) {
global $mailbox;
// in order to avoid https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
// the recipient in the email has to match the $address.
$emails = _load_emails(array($mailid), $address);
if (count($emails) === 1) {
if (_load_one_email($mailid, $address) !== null) {
$mailbox->deleteMail($mailid);
$mailbox->expungeDeletedMails();
header('Content-type: application/json');
print(json_encode(array("success" => true)));
} else {
error(404, 'delete error: invalid username/mailid combination');
}
}
/**
* download email by id and username. The $address must match the recipient in the email.
*
* @param $mailid integer imap email id
* @param $address string email address
* @internal param the $username matching username
*/
function download_email($mailid, $address) {
global $mailbox;
if (_load_one_email($mailid, $address) !== null) {
header("Content-Type: message/rfc822; charset=utf-8");
header("Content-Disposition: attachment; filename=\"$address-$mailid.eml\"");
$headers = imap_fetchheader($mailbox->getImapStream(), $mailid, FT_UID);
$body = imap_body($mailbox->getImapStream(), $mailid, FT_UID);
print ($headers . "\n" . $body);
} else {
error(404, 'download error: invalid username/mailid combination');
}
}
/**
* Load exactly one email, the $address in TO or CC has to match.
* @param $mailid integer
* @param $address String address
* @return email or null
*/
function _load_one_email($mailid, $address) {
// in order to avoid https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References
// the recipient in the email has to match the $address.
$emails = _load_emails(array($mailid), $address);
return count($emails) === 1 ? $emails[0] : null;
}
/**
* Load emails using the $mail_ids, the mails have to match the $address in TO or CC.
* @param $mail_ids array of integer ids
@ -67,27 +108,11 @@ function _load_emails($mail_ids, $address) {
foreach ($mail_ids as $id) {
$mail = $mailbox->getMail($id);
// imap_search also returns partials matches. The mails have to be filtered again:
if (!array_key_exists($address, $mail->to) && !array_key_exists($address, $mail->cc)) {
continue;
}
if (array_key_exists($address, $mail->to) || array_key_exists($address, $mail->cc)) {
$emails[] = $mail;
}
return $emails;
}
/**
* Search for mails with the recipient $address.
* @param $address string address that has to match TO or CC.
* @return array email ids
*/
function _search_mails($address) {
global $mailbox;
$filterTO = 'TO "' . $address . '"';
$filterCC = 'CC "' . $address . '"';
$mailsIdsTo = imap_sort($mailbox->getImapStream(), SORTARRIVAL, true, SE_UID, $filterTO);
$mailsIdsCc = imap_sort($mailbox->getImapStream(), SORTARRIVAL, true, SE_UID, $filterCC);
return array_merge($mailsIdsTo, $mailsIdsCc);
return $emails;
}
/**
@ -98,34 +123,27 @@ function _search_mails($address) {
function _clean_username($username) {
$username = strtolower($username);
$username = preg_replace('/@.*$/', "", $username); // remove part after @
$username = preg_replace('/[^A-Za-z0-9_.+-]/', "", $username); // remove special characters
return $username;
return preg_replace('/[^A-Za-z0-9_.+-]/', "", $username); // remove special characters
}
/**
* deletes messages older than X days.
*/
function delete_old_messages() {
global $mailbox;
global $mailbox, $config;
$date = date('d-M-Y', strtotime('30 days ago'));
$ids = $mailbox->searchMailbox('BEFORE ' . $date);
$ids = $mailbox->searchMailbox('BEFORE ' . date('d-M-Y', strtotime($config['delete_messages_older_than'])));
foreach ($ids as $id) {
$mailbox->deleteMail($id);
}
$mailbox->expungeDeletedMails();
}
header('Content-type: application/json');
// Never cache requests:
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
if (isset($_GET['username'])) {
// perform common validation:
$username = _clean_username($_GET['username']);
@ -135,7 +153,9 @@ if (isset($_GET['username'])) {
$address = $username . "@" . $config['mailHostname'];
// simple router:
if (isset($_GET['delete_email_id'])) {
if (isset($_GET['download_email_id'])) {
download_email($_GET['download_email_id'], $address);
} else if (isset($_GET['delete_email_id'])) {
delete_email($_GET['delete_email_id'], $address);
} else {
print_emails($username, $address);

16
src/client-libs/index.js
View File

@ -39,6 +39,8 @@ app.filter("autolink", function () {
app.controller('MailboxController', ["$interval", "$http", "$log", function ($interval, $http, $log) {
var self = this;
self.backend_url = backend_url;
self.updateUsername = function (username) {
username = username.replace(/[@].*$/, ''); // remove part after "@"
if (self.username !== username) {
@ -50,8 +52,7 @@ app.controller('MailboxController', ["$interval", "$http", "$log", function ($in
self.address = self.username; // use username until real address has been loaded
self.updateMails();
} else {
self.address = null;
self.mails = [];
self.randomize();
}
}
self.inputFieldUsername = self.username;
@ -82,15 +83,16 @@ app.controller('MailboxController', ["$interval", "$http", "$log", function ($in
};
self.loadEmailsAsync = function (username) {
$log.debug("updating mails for ", username);
$http.get(backend_url, {params: {username: username}})
.then(function successCallback(response) {
$log.debug("received mails for ", username);
if (response.data.mails) {
self.error = null;
self.mails = response.data.mails;
self.address = response.data.address;
self.username = response.data.username;
if (self.inputFieldUsername === self.username) {
self.inputFieldUsername = self.address;
}
} else {
self.error = {
title: "JSON_ERROR",
@ -109,11 +111,13 @@ app.controller('MailboxController', ["$interval", "$http", "$log", function ($in
});
};
self.deleteMail = function (mailid, index) {
self.deleteMail = function (mail, index) {
// instantly remove from frontend.
self.mails.splice(index, 1);
// remove on backend.
$http.get(backend_url, {params: {username: self.username, delete_email_id: mailid}})
var firstTo = Object.keys(mail.to)[0];
$http.get(backend_url, {params: {username: firstTo, delete_email_id: mail.id}})
.then(
function successCallback(response) {
self.updateMails();

BIN
src/client-libs/octicon-inbox.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 262 B

13
src/client-libs/style.css
View File

@ -17,15 +17,15 @@ div.min-height {
min-height: 400px;
}
.nav-container {
header {
background-color: #D9E2E9;
/* leave some space on top */
padding-top: 5px;
}
.octicon-inbox {
display: inline-block;
width: 26px;
height: 23px;
background: url('octicon-inbox.gif') no-repeat;
#openRandomButton {
/* center vertically */
margin-top: 6px;
}
.sticky-header {
@ -81,3 +81,4 @@ div.min-height {
div.min-height {
min-height: 400px;
}

8
src/config.sample.php
View File

@ -12,11 +12,13 @@ error_reporting(E_ALL);
// see https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
// header("Access-Control-Allow-Origin: *");
// setup imap connection
$config['imap']['host'] = "localhost";
$config['imap']['url'] = '{' . $config['imap']['host'] . '/imap/ssl}INBOX';
// Change IMAP settings (check SSL flags on http://php.net/manual/en/function.imap-open.php)
$config['imap']['url'] = '{example.com/imap/ssl}INBOX';
$config['imap']['username'] = "test";
$config['imap']['password'] = "test";
// email domain, usually different from imap hostname:
$config['mailHostname'] = "example.com";
// When to delete old messages?
$config['delete_messages_older_than'] = '30 days ago';

BIN
src/favicon.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 243 B

79
src/index.html
View File

@ -8,38 +8,40 @@
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="description" content="Mailbox">
<link rel="icon" href="data:;base64,iVBORw0KGgo=">
<link rel="shortcut icon" href="favicon.gif" type="image/x-icon">
<link rel="stylesheet" href="client-libs/style.css">
<link rel="stylesheet" href="client-libs/angular-stickyfill-0.1.0/angular-stickyfill.css">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css"
integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
</head>
<body>
<div ng-controller="MailboxController as $ctrl" ng-cloak>
<div class="nav-container">
<header>
<div class="container">
<nav class="navbar navbar-light">
<a class="navbar-brand"><span class="octicon-inbox"></span>
&nbsp;
{{$ctrl.address}}
&nbsp;
<span ng-if="$ctrl.mailcount" class="tag tag-pill tag-default">{{$ctrl.mailcount}}</span>
</a>
<form class="form-inline float-xs-right" ng-submit="$ctrl.updateUsername($ctrl.inputFieldUsername)">
<input ng-model="$ctrl.inputFieldUsername"
placeholder="username"
type="text" class="form-control"/>
<button type="submit" class="btn btn-outline-success">login</button>
<button ng-click="$ctrl.randomize()" type="button" class="btn btn-outline-primary">randomize
<form ng-submit="$ctrl.updateUsername($ctrl.inputFieldUsername)">
<small id="emailHelp" class="form-text text-muted">
You have <span class="tag tag-pill tag-default">{{$ctrl.mails.length}}</span> mails in your
mailbox:
</small>
<div class="form-group row">
<div class="col-sm-8">
<input id="inputFieldUsername" ng-model="$ctrl.inputFieldUsername"
placeholder="new username"
type="text" class="form-control form-control-lg" onclick="this.select()"/>
</div>
<div class="col-sm-2">
<button id="openRandomButton" ng-click="$ctrl.randomize()" type="button"
class="btn btn-outline-primary">open random
</button>
</div>
</div>
</form>
</nav>
</div>
</div>
</header>
<main>
<div class="container min-height">
@ -53,28 +55,38 @@
browser and your php error logs. </p>
</div>
<p ng-if="!$ctrl.username">
Use the buttons above to create a new inbox, or open a specific mailbox.
</p>
<div ng-if="$ctrl.username && $ctrl.mails.length == 0">
<div class="waiting-screen">
<p class="lead">Inbox is empty.</p>
<p class="lead">Your mailbox <strong>{{$ctrl.address}}</strong> is ready. </p>
<p>Emails will appear here automatically. They will be deleted after 30 days.</p>
<p><br/>
<img src="client-libs/spinner.gif">
<br/></p>
<p class="lead">Emails to {{address}} will be automatically displayed on this page. </p>
<br/>
</p>
</div>
</div>
<div ng-if="$ctrl.username" ng-repeat="mail in $ctrl.mails | orderBy:'-date' track by $index"
class="email-table">
<section class="email">
<section class="email" ng-init="htmlTabActive=false">
<div class="row sticky-header" ec-stickyfill>
<div class="col-sm-12 email-summary">{{mail.subject}}
<form class="form-inline float-xs-right">
<button ng-click="$ctrl.deleteMail(mail.id)" type="button"
<button ng-show="htmlTabActive" class="btn btn-outline-info btn-sm"
ng-click="htmlTabActive=false">show text
</button>
<button ng-show="mail.textHtml && !htmlTabActive" class="btn btn-outline-info btn-sm"
ng-click="htmlTabActive=true">show html
</button>
<a role="button" class="btn btn-sm btn-outline-primary"
href="{{$ctrl.backend_url}}?download_email_id={{mail.id}}&username={{$ctrl.username}}"
download="true">Download
</a>
<button ng-click="$ctrl.deleteMail(mail, $index)" type="button"
class="btn btn-sm btn-outline-danger">Delete
</button>
</form>
@ -98,14 +110,7 @@
</div>
</div>
<div class="row mail-content" ng-init="htmlTabActive=false">
<button ng-show="htmlTabActive" class="btn btn-outline-info btn-sm"
ng-click="htmlTabActive=false">show text
</button>
<button ng-show="mail.textHtml && !htmlTabActive" class="btn btn-outline-info btn-sm"
ng-click="htmlTabActive=true">show html
</button>
<div class="row mail-content">
<div ng-if="!htmlTabActive" class="mail-content"
ng-bind-html="mail.textPlain | nl2br | autolink "></div>
<div ng-if="htmlTabActive" class="mail-content" ng-bind-html="mail.textHtml"></div>