banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- setup.php now has a "create superadmin" form

Browse Source 
- completely reworked HTML code in setup.php
- moved admin creation code from create_admin.php to functions.php,
  function create_admin
- several related changes in functions.inc.php:
  - use table_by_key() directly instead of the cached variables (which
    are empty if config.inc.php was not read before functions.php)
  - add an additional (optional) parameter $setup to db_connect, changed
    many die(msg) calls to $error_message .= msg.
    If $setup is given, the return value is array($link, $error_text)
    instead of $link
  - db_connect now checks for invalid $CONF['database_type']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@135 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-2.3
Christian Boltz 17 years ago
parent a9d2038098
commit 2d65b8b858
3 changed files with 281 additions and 72 deletions
Show Stats Download Patch File Download Diff File

174
functions.inc.php
Unescape Escape View File

@ -737,9 +737,7 @@ function list_domains ()
//
function admin_exist ($username)
{
global $table_admin;
$result = db_query ("SELECT 1 FROM $table_admin WHERE username='$username'");
$result = db_query ("SELECT 1 FROM " . table_by_key ('admin') . " WHERE username='$username'");
if ($result['rows'] != 1)
{
return false;
@ -1236,65 +1234,87 @@ $DEBUG_TEXT = "\n
";
//
// db_connect
// Action: Makes a connection to the database if it doesn't exist
// Call: db_connect ()
//
function db_connect ()
/**
* db_connect
* Action: Makes a connection to the database if it doesn't exist
* Call: db_connect ()
* Optional parameter: $setup = TRUE, used by setup.php
*
* Return value:
* a) without $setup or $setup == 0
* - $link - the database connection -OR-
* - call die() in case of connection problems
* b) with $setup == TRUE
* array($link, $error_text);
*/
function db_connect ($setup = 0)
{
global $CONF;
global $DEBUG_TEXT;
if ($setup != 0) $DEBUG_TEXT = '';
$error_text = '';
$link = 0;
if ($CONF['database_type'] == "mysql")
{
if (function_exists ("mysql_connect"))
{
$link = @mysql_connect ($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die ("<p />DEBUG INFORMATION:<br />Connect: " . mysql_error () . "$DEBUG_TEXT");
$link = @mysql_connect ($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or $error_text .= ("<p />DEBUG INFORMATION:<br />Connect: " . mysql_error () . "$DEBUG_TEXT");
if ($link) {
@mysql_query("SET CHARACTER SET utf8",$link);
@mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'",$link);
$succes = @mysql_select_db ($CONF['database_name'], $link) or die ("<p />DEBUG INFORMATION:<br />MySQL Select Database: " . mysql_error () . "$DEBUG_TEXT");
$succes = @mysql_select_db ($CONF['database_name'], $link) or $error_text .= ("<p />DEBUG INFORMATION:<br />MySQL Select Database: " . mysql_error () . "$DEBUG_TEXT");
}
}
else
{
print "<p />DEBUG INFORMATION:<br />MySQL 3.x / 4.0 functions not available!<br />database_type = 'mysql' in config.inc.php, are you using a different database? $DEBUG_TEXT";
die();
$error_text .= "<p />DEBUG INFORMATION:<br />MySQL 3.x / 4.0 functions not available!<br />database_type = 'mysql' in config.inc.php, are you using a different database? $DEBUG_TEXT";
}
}
if ($CONF['database_type'] == "mysqli")
elseif ($CONF['database_type'] == "mysqli")
{
if (function_exists ("mysqli_connect"))
{
$link = @mysqli_connect ($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die ("<p />DEBUG INFORMATION:<br />Connect: " . mysqli_connect_error () . "$DEBUG_TEXT");
$link = @mysqli_connect ($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or $error_text .= ("<p />DEBUG INFORMATION:<br />Connect: " . mysqli_connect_error () . "$DEBUG_TEXT");
if ($link) {
@mysqli_query($link,"SET CHARACTER SET utf8");
@mysqli_query($link,"SET COLLATION_CONNECTION='utf8_general_ci'");
$success = @mysqli_select_db ($link, $CONF['database_name']) or die ("<p />DEBUG INFORMATION:<br />MySQLi Select Database: " . mysqli_error ($link) . "$DEBUG_TEXT");
$success = @mysqli_select_db ($link, $CONF['database_name']) or $error_text .= ("<p />DEBUG INFORMATION:<br />MySQLi Select Database: " . mysqli_error ($link) . "$DEBUG_TEXT");
}
}
else
{
print "<p />DEBUG INFORMATION:<br />MySQL 4.1 functions not available!<br />database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT";
die();
$error_text .= "<p />DEBUG INFORMATION:<br />MySQL 4.1 functions not available!<br />database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT";
}
}
if ($CONF['database_type'] == "pgsql")
elseif ($CONF['database_type'] == "pgsql")
{
if (function_exists ("pg_pconnect"))
{
$connect_string = "host=" . $CONF['database_host'] . " dbname=" . $CONF['database_name'] . " user=" . $CONF['database_user'] . " password=" . $CONF['database_password'];
$link = @pg_pconnect ($connect_string) or die ("<p />DEBUG INFORMATION:<br />Connect: failed to connect to database. $DEBUG_TEXT");
pg_set_client_encoding($link, 'UNICODE');
$link = @pg_pconnect ($connect_string) or $error_text .= ("<p />DEBUG INFORMATION:<br />Connect: failed to connect to database. $DEBUG_TEXT");
if ($link) pg_set_client_encoding($link, 'UNICODE');
}
else
{
print "<p />DEBUG INFORMATION:<br />PostgreSQL functions not available!<br />database_type = 'pgsql' in config.inc.php, are you using a different database? $DEBUG_TEXT";
die();
$error_text .= "<p />DEBUG INFORMATION:<br />PostgreSQL functions not available!<br />database_type = 'pgsql' in config.inc.php, are you using a different database? $DEBUG_TEXT";
}
}
else
{
$error_text = "<p />DEBUG INFORMATION:<br />Invalid \$CONF['database_type']! Please fix your config.inc.php! $DEBUG_TEXT";
}
if ($link)
if ($setup)
{
return array($link, $error_text);
}
elseif ($error_text != "")
{
print $error_text;
die();
}
elseif ($link)
{
return $link;
}
@ -1846,6 +1866,106 @@ function gen_show_status ($show_alias)
return $stat_string;
}
/*
Called by create-admin.php and setup.php
Returns:
array(
'error' => 0, # 0 on success, otherwise > 0
'tMessage' => '', # success / failure message
'pAdminCreate_admin_username_text' => '', # help text / error message for username
'pAdminCreate_admin_password_text' => '' # error message for username
)
*/
function create_admin($fUsername, $fPassword, $fPassword2, $fDomains, $no_generate_password=0)
{
global $PALANG;
global $CONF;
$error = 0;
$tMessage = '';
$pAdminCreate_admin_username_text = '';
$pAdminCreate_admin_password_text = '';
if (!check_email ($fUsername))
{
$error = 1;
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text_error1'];
}
if (empty ($fUsername) or admin_exist ($fUsername))
{
$error = 1;
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text_error2'];
}
if (empty ($fPassword) or empty ($fPassword2) or ($fPassword != $fPassword2))
{
if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES" && $no_generate_password == 0)
{
$fPassword = generate_password ();
}
else
{
$error = 1;
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
$pAdminCreate_admin_password_text = $PALANG['pAdminCreate_admin_password_text_error'];
}
}
if ($error != 1)
{
$password = pacrypt($fPassword);
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
$result = db_query ("INSERT INTO " . table_by_key('admin') . " (username,password,created,modified) VALUES ('$fUsername','$password',NOW(),NOW())");
if ($result['rows'] != 1)
{
$tMessage = $PALANG['pAdminCreate_admin_result_error'] . "<br />($fUsername)<br />";
}
else
{
if (!empty ($fDomains[0]))
{
for ($i = 0; $i < sizeof ($fDomains); $i++)
{
$domain = $fDomains[$i];
$result = db_query ("INSERT INTO " . table_by_key ('domain_admins') . " (username,domain,created) VALUES ('$fUsername','$domain',NOW())");
}
}
$tMessage = $PALANG['pAdminCreate_admin_result_success'] . "<br />($fUsername";
if ($CONF['generate_password'] == "YES" && $no_generate_password == 0)
{
$tMessage .= " / $fPassword)</br />";
}
else
{
if ($CONF['show_password'] == "YES" && $no_generate_password == 0)
{
$tMessage .= " / $fPassword)</br />";
}
else
{
$tMessage .= ")</br />";
}
}
}
}
# TODO: should we log creation, editing and deletion of admins?
# Note: needs special handling in viewlog, because domain is empty
# db_log ($SESSID_USERNAME, '', 'create_admin', "$fUsername");
return array(
$error,
$tMessage,
$pAdminCreate_admin_username_text,
$pAdminCreate_admin_password_text
);
}
$table_admin = table_by_key ('admin');
$table_alias = table_by_key ('alias');

158
setup.php
Unescape Escape View File

@ -22,17 +22,19 @@
*
* Form POST \ GET Variables: -none-
*/
require_once("languages/en.lang");
require_once("functions.inc.php");
$CONF['show_header_text'] = 'NO';
require('templates/header.tpl');
?>
<html>
<head>
<title>Postfix Admin Setup Checker</title>
</head>
<body>
<img id="login_header_logo" src="images/postbox.png" />
<img id="login_header_logo" src="images/postfixadmin2.png" />
<h2>Postfix Admin Setup Checker 1.0.0</h2>
Running software:<br />
<p />
<div class='setup'>
<h2>Postfix Admin Setup Checker</h2>
<p>Running software:
<ul>
<?php
//
// Check for availablilty functions
@ -57,29 +59,28 @@ if ($f_phpversion == 1)
{
if (phpversion() < 5) $phpversion = 4;
if (phpversion() >= 5) $phpversion = 5;
print "- PHP version " . phpversion () . "<br />\n";
print "<li>PHP version " . phpversion () . "\n";
}
else
{
print "<li><b>Unable to check for PHP version. (missing function: phpversion())</b><br />\n";
print "<li><b>Unable to check for PHP version. (missing function: phpversion())</b>\n";
}
print "<p />\n";
//
// Check for Apache version
//
if ($f_apache_get_version == 1)
{
print "- " . apache_get_version() . "<br /><p />\n";
print "<li>" . apache_get_version() . "\n";
}
else
{
print "<li><b>Unable to check for Apache version. (missing function: apache_get_version())</b><br />\n";
print "<li><b>Unable to check for Apache version. (missing function: apache_get_version())</b>\n";
}
print "<p />\n";
print "Checking for dependencies:<br />\n";
print "<p />\n";
print "</ul>";
print "<p>Checking for dependencies:\n";
print "<ul>\n";
//
// Check for Magic Quotes
@ -88,26 +89,27 @@ if ($f_get_magic_quotes_gpc == 1)
{
if (get_magic_quotes_gpc () == 0)
{
print "- Magic Quotes: Disabled - OK<br /><p />\n";
print "<li>Magic Quotes: Disabled - OK\n";
}
else
{
print "<li><b>Warning: Magic Quotes: ON (internal workaround used)</b><br /><p />\n";
print "<li><b>Warning: Magic Quotes: ON (internal workaround used)</b>\n";
}
}
else
{
print "<li><b>Unable to check for Magic Quotes. (missing function: get_magic_quotes_gpc())</b><br />\n";
print "<li><b>Unable to check for Magic Quotes. (missing function: get_magic_quotes_gpc())</b>\n";
}
print "<p />\n";
//
// Check for config.inc.php
//
$config_loaded = 0;
if ($file_config == 1)
{
print "- Depends on: presence config.inc.php - OK<br />\n";
print "<li>Depends on: presence config.inc.php - OK\n";
require_once('config.inc.php');
$config_loaded = 1;
}
else
{
@ -117,7 +119,6 @@ else
print "<pre>% cp config.inc.php.sample config.inc.php</pre>\n";
$error =+ 1;
}
print "<p />\n";
//
// Check if there is support for at least 1 database
@ -150,9 +151,8 @@ if (($f_mysql_connect == 0) and ($f_mysqli_connect == 0) and ($f_pg_connect == 0
//
if ($f_mysql_connect == 1)
{
print "- Depends on: MySQL 3.23, 4.0 - OK<br />\n";
print "<li>Depends on: MySQL 3.23, 4.0 - OK\n";
}
print "<p />\n";
//
// MySQL 4.1 functions
@ -161,26 +161,45 @@ if ($phpversion >= 5)
{
if ($f_mysqli_connect == 1)
{
print "- Depends on: MySQL 4.1 - OK (change the database_type in config.inc.php!!)<br />\n";
print "<li>Depends on: MySQL 4.1 - OK\n";
if ( !($config_loaded && $CONF['database_type'] == 'mysqli') ) {
print "(change the database_type to 'mysqli' in config.inc.php!!)\n";
}
}
}
print "<p />\n";
//
// PostgreSQL functions
//
if ($f_pg_connect == 1)
{
print "- Depends on: PostgreSQL - OK (change the database_type in config.inc.php!!)<br />\n";
print "<li>Depends on: PostgreSQL - OK \n";
if ( !($config_loaded && $CONF['database_type'] == 'pgsql') ) {
print "(change the database_type to 'pgsql' in config.inc.php!!)\n";
}
}
//
// Database connection
//
if ($config_loaded) {
list ($link, $error_text) = db_connect(TRUE);
if ($error_text == "") {
print "<li>Testing database connection - OK";
} else {
print "<li><b>Error: Can't connect to database</b><br />\n";
print "Please edit the \$CONF['database_*'] parameters in config.inc.php.\n";
print "$error_text\n";
$error ++;
}
}
print "<p />\n";
//
// Session functions
//
if ($f_session_start == 1)
{
print "- Depends on: session - OK<br />\n";
print "<li>Depends on: session - OK\n";
}
else
{
@ -192,14 +211,13 @@ else
print "% portinstall php$phpversion-session</pre>\n";
$error =+ 1;
}
print "<p />\n";
//
// PCRE functions
//
if ($f_preg_match == 1)
{
print "- Depends on: pcre - OK<br />\n";
print "<li>Depends on: pcre - OK\n";
}
else
{
@ -211,15 +229,81 @@ else
print "% portinstall php$phpversion-pcre</pre>\n";
$error =+ 1;
}
print "<p />\n";
if ($error == 0)
print "</ul>";
if ($error != 0)
{
print "Everything seems fine... you are ready to rock & roll!</br>\n";
print "<p><b>Please fix the errors listed above.</b></p>";
}
else
{
print "<p>Everything seems fine... you are ready to rock & roll!</p>\n";
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
$pAdminCreate_admin_password_text = "";
$tUsername = '';
$tMessage = '';
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);
list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE);
if ($error != 0) {
if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']);
} else {
print "<p><b>$tMessage</b></p>";
echo "<p><b>You can now log in to Postfix Admin.</b></p>";
}
}
if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0)
{
?>
<div id="edit_form">
<form name="create_admin" method="post">
<table>
<tr>
<td colspan="3"><h3>Create superadmin account</h3></td>
</tr>
<tr>
<td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td>
<td><input class="flat" type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
<td><?php print $pAdminCreate_admin_username_text; ?></td>
</tr>
<tr>
<td><?php print $PALANG['pAdminCreate_admin_password'] . ":"; ?></td>
<td><input class="flat" type="password" name="fPassword" /></td>
<td><?php print $pAdminCreate_admin_password_text; ?></td>
</tr>
<tr>
<td><?php print $PALANG['pAdminCreate_admin_password2'] . ":"; ?></td>
<td><input class="flat" type="password" name="fPassword2" /></td>
<td>&nbsp;</td>
</tr>
<tr>
<td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php print $PALANG['pAdminCreate_admin_button']; ?>" /></td>
</tr>
<tr>
<td colspan="3" class="standout"><?php print $tMessage; ?></td>
</tr>
</table>
</form>
</div>
<?php
}
print "<b>Make sure you delete this setup.php file!</b><br />\n";
print "Also check the config.inc.php file for any settings that you might need to change!<br />\n";
print "Click here to go to the <a href=\"admin\">admin section</a> (make sure that your .htaccess is setup properly)\n";
}
?>
</div>
</body>
</html>

13
stylesheet.css
Unescape Escape View File

@ -21,10 +21,6 @@ a:visited, a:active {
color: #888888;
}
ul {
padding-left: 0px;
}
table {
// border-spacing: 0;
// padding: 0;
@ -250,4 +246,13 @@ table {
color: #777777;
}
div.setup {
width:700px;
margin-left:auto;
margin-right:auto;
text-align: left;
}
div.setup li {
padding-bottom:1em;
}

Write Preview
Loading…
Cancel
Save