From 2bfe9f297c430f543bf42a4aeaad5f36439f78c9 Mon Sep 17 00:00:00 2001
From: Chris
Date: Sat, 11 Nov 2023 14:36:34 +0100
Subject: [PATCH] almost done with the rework. Just the JSON API missing
---
README.md | 7 +++--
web/css/opentrashmail.css | 8 ++++++
web/inc/OpenTrashmailBackend.class.php | 30 ++++++++++++++++++-
web/inc/core.php | 40 +++++++++++++++++++++++++-
web/index.php | 3 +-
web/templates/account-list.html.php | 24 ++++++++++++++++
web/templates/email.html.php | 10 +++++--
web/templates/index.html.php | 2 +-
8 files changed, 116 insertions(+), 8 deletions(-)
create mode 100644 web/templates/account-list.html.php
diff --git a/README.md b/README.md
index f8b4bbe..7407e5d 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,9 @@
- 100% file based, no database needed
- Can be used as Email Honeypot
+# JSON API
+
+
## [INFO] March '23
Since Docker Hub won't allow team Organizations anymore, we moved our images to GitHub Container Registry. So if you want to use the latest version, please use the new image ghcr.io/hascheksolutions/opentrashmail instead of hascheksolutions/opentrashmail
@@ -60,9 +63,9 @@ Just edit the `config.ini` You can use the following settings
- [x] Admin overview for all available email addresses
- [x] Option to show raw email
- [x] Delete messages
- - [ ] Secure HTML, so no malicious things can be loaded
+ - [x] Make better theme
+ - [x] Secure HTML, so no malicious things can be loaded
- [ ] Display embedded images inline using Content-ID
- - [ ] Make better theme
- [ ] Configurable settings
- [x] Choose domains for random generation
- [x] Choose if out-of-scope emails are discarded
diff --git a/web/css/opentrashmail.css b/web/css/opentrashmail.css
index cdf36a1..a2a164f 100644
--- a/web/css/opentrashmail.css
+++ b/web/css/opentrashmail.css
@@ -20,4 +20,12 @@ tr.htmx-swapping td {
.htmx-indicator{
display:none;
+}
+
+
+/* pico css overrides */
+
+:root {
+ --form-element-spacing-vertical: 0.15rem;
+ --form-element-spacing-horizontal: 1rem;
}
\ No newline at end of file
diff --git a/web/inc/OpenTrashmailBackend.class.php b/web/inc/OpenTrashmailBackend.class.php
index 3cf6389..c3f1261 100644
--- a/web/inc/OpenTrashmailBackend.class.php
+++ b/web/inc/OpenTrashmailBackend.class.php
@@ -18,6 +18,12 @@ class OpenTrashmailBackend{
return $this->listAccount($_REQUEST['email']?:$this->url[2]);
case 'read':
return $this->readMail($_REQUEST['email']?:$this->url[2],$_REQUEST['id']?:$this->url[3]);
+ case 'listaccounts':
+ if($this->settings['SHOW_ACCOUNT_LIST'])
+ return $this->listAccounts();
+ else return '403 Forbidden';
+ case 'raw-html':
+ return $this->getRawMail($this->url[2],$this->url[3],true);
case 'raw':
return $this->getRawMail($this->url[2],$this->url[3]);
case 'attachment':
@@ -28,6 +34,8 @@ class OpenTrashmailBackend{
$addr = generateRandomEmail();
//add header HX-Redirect
return $this->listAccount($addr);
+ case 'deleteaccount':
+ return $this->deleteAccount($_REQUEST['email']?:$this->url[2]);
default:
return false;
}
@@ -51,6 +59,24 @@ class OpenTrashmailBackend{
else return false;
}
+
+ function deleteAccount($email)
+ {
+ if(!filter_var($email, FILTER_VALIDATE_EMAIL))
+ return $this->error('Invalid email address');
+ $path = getDirForEmail($email);
+ if(is_dir($path))
+ delTree($path);
+ }
+
+ function listAccounts()
+ {
+ $accounts = listEmailAdresses();
+ return $this->renderTemplate('account-list.html',[
+ 'emails'=>$accounts,
+ 'dateformat'=>$this->settings['DATEFORMAT']
+ ]);
+ }
function deleteMail($email,$id)
{
@@ -64,7 +90,7 @@ class OpenTrashmailBackend{
return '';
}
- function getRawMail($email,$id)
+ function getRawMail($email,$id,$htmlbody=false)
{
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
return $this->error('Invalid email address');
@@ -73,6 +99,8 @@ class OpenTrashmailBackend{
else if(!emailIDExists($email,$id))
return $this->error('Email not found');
$emaildata = getEmail($email,$id);
+ if($htmlbody)
+ exit($emaildata['parsed']['htmlbody']);
header('Content-Type: text/plain');
echo $emaildata['raw'];
exit;
diff --git a/web/inc/core.php b/web/inc/core.php
index 209e878..4e6dff4 100644
--- a/web/inc/core.php
+++ b/web/inc/core.php
@@ -177,4 +177,42 @@ function generateRandomEmail()
return $adjectives[array_rand($adjectives)] . '.' . $nouns[array_rand($nouns)].'@'.$dom;
-}
\ No newline at end of file
+}
+
+function removeScriptsFromHtml($html) {
+ // Remove script tags
+ $html = preg_replace('/
@@ -18,7 +17,14 @@
- = nl2br(escape($emaildata['parsed']['body'])) ?>
+
+
+
+
Render email in HTML
+
+
+
= nl2br(escape($emaildata['parsed']['body'])) ?>
+