From 5ec73b7044219febb157704d3cd99f719cb1a86d Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Sat, 2 May 2009 20:24:58 +0000
Subject: [PATCH] setup.php: - added form to create setup password hash. It
 will be displayed if   a) no setup password is defined yet   b) the "lost
 password" link was clicked - moved checks for empty and too short passwort
 into check_setup_password() - added an optional $lostpw_mode parameter to
 check_setup_password() which   causes slightly different behaviour (enforces
 generation of new hash, even   if the password would match) - changed
 check_password_setup() return value to array($error, $message) - moved
 displaying $tMessage above the form - it is more useful there. - removed "see
 config.inc.php" notice from password field in "create superadmin"   form -
 this hint doesn't help much with the hashed password ;-) - TODO: The if
 statements to decide which form to display is quite difficult   (and will
 become unreadable in case we need another form ;-)   We should think about a
 better way to select the form to display...   (maybe flash_error / flash_info
 + redirect?)

upgrade.php:
- added missing <p> tag


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@648 a1433add-5e2c-0410-b055-b7f2511e0802
---
 setup.php   | 106 +++++++++++++++++++++++++++++++++++++++-------------
 upgrade.php |   4 +-
 2 files changed, 81 insertions(+), 29 deletions(-)

diff --git a/setup.php b/setup.php
index 5961fed0..a62d8e2d 100644
--- a/setup.php
+++ b/setup.php
@@ -302,23 +302,27 @@ else
     $pAdminCreate_admin_password_text = "";
     $tUsername = '';
     $tMessage = '';
+    $lostpw_error = 0;
 
+    $setuppw = "";
+    if (isset($CONF['setup_password'])) $setuppw = $CONF['setup_password'];
 
-    if ($_SERVER['REQUEST_METHOD'] == "POST")
-    {
-        # ensure setup password is correct
-        if (safepost('setup_password') == "" ) {
-            $error += 1;
-            $tMessage = "Setup password must be specified<br />If you didn't set up a setup password yet, enter the password you want to use.";
-        } elseif (strlen(safepost('setup_password')) < $CONF['min_password_length']) {
-            $error += 1;
-            $tMessage = "The setup password you entered is too short. Please choose a better one.";
+    if (safepost("form") == "setuppw") {
+        # "setup password" form submitted
+        if (safepost('setup_password') != safepost('setup_password2')) {
+            $tMessage = "The two passwords differ!";
+            $lostpw_error = 1;
         } else {
-            $pw_check_result = check_setup_password(safepost('setup_password'));
-            if ($pw_check_result != 'pass_OK') {
-                $error += 1;
-                $tMessage = $pw_check_result;
-            }
+            list ($lostpw_error, $lostpw_result) = check_setup_password(safepost('setup_password'), 1);
+            $tMessage = $lostpw_result;
+            $setuppw = "changed";
+        }
+    } elseif (safepost("form") == "createadmin") {
+        # "create admin" form submitted
+        list ($pw_check_error, $pw_check_result) = check_setup_password(safepost('setup_password'));
+        if ($pw_check_result != 'pass_OK') {
+            $error += 1;
+            $tMessage = $pw_check_result;
         }
 
         if($error == 0 && $pw_check_result == 'pass_OK') {
@@ -338,21 +342,52 @@ else
                 if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']);
             }
         }
-    }
+    } 
 
-    if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0)
-    {
-?>
+    if ( ($setuppw == "" || $setuppw == "changeme" || safeget("lostpw") == 1 || $lostpw_error != 0) /* && $_SERVER['REQUEST_METHOD'] != "POST" */ ) {
+# show "create setup password" form
+    ?>
 
+<div class="standout"><?php print $tMessage; ?></div>
+<div id="edit_form">
+<form name="setuppw" method="post" action="setup.php">
+<input type="hidden" name="form" value="setuppw" />
+<table>
+      <td colspan="3"><h3>Change setup password</h3></td>
+   </tr>
+   <tr>
+      <td>Setup password</td>
+      <td><input class="flat" type="password" name="setup_password" value="" /></td>
+      <td></td>
+   </tr>
+   <tr>
+      <td>Setup password (again)</td>
+      <td><input class="flat" type="password" name="setup_password2" value="" /></td>
+      <td></td>
+   </tr>
+   <tr>
+      <td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="Generate password hash" /></td>
+   </tr>
+</table>
+</form>
+</div>
+
+<?php
+
+    } elseif ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0 || $lostpw_error == 0) {
+        ?>
+
+<div class="standout"><?php print $tMessage; ?></div>
 <div id="edit_form">
 <form name="create_admin" method="post">
+<input type="hidden" name="form" value="createadmin" />
 <table>
       <td colspan="3"><h3>Create superadmin account</h3></td>
    </tr>
    <tr>
-      <td>Setup password (see config.inc.php)</td>
+      <td>Setup password</td>
       <td><input class="flat" type="password" name="setup_password" value="" /></td>
-      <td></td>
+      <td><a href="setup.php?lostpw=1">Lost password?</a></td>
    </tr>
    <tr>
       <td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td>
@@ -372,9 +407,6 @@ else
    <tr>
       <td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php print $PALANG['pAdminCreate_admin_button']; ?>" /></td>
    </tr>
-   <tr>
-      <td colspan="3" class="standout"><?php print $tMessage; ?></td>
-   </tr>
 </table>
 </form>
 </div>
@@ -401,22 +433,42 @@ function encrypt_setup_password($password, $salt) {
     return $salt . ':' . sha1($salt . ':' . $password);
 }
 
-function check_setup_password($password) {
+
+/*
+    returns: array(
+        'error' => 0 (or 1),
+        'message => text
+    )
+*/
+function check_setup_password($password, $lostpw_mode = 0) {
     global $CONF;
+    $error = 1; # be pessimistic
+
     $setuppw = "";
     if (isset($CONF['setup_password'])) $setuppw = $CONF['setup_password'];
 
     list($confsalt, $confpass, $trash) = explode(':', $setuppw . '::');
     $pass = encrypt_setup_password($password, $confsalt);
-    if ($pass == $setuppw) { # correct passsword
+
+    if ($password == "" ) { # no password specified?
+        $result = "Setup password must be specified<br />If you didn't set up a setup password yet, enter the password you want to use.";
+    } elseif (strlen($password) < $CONF['min_password_length']) { # password too short?
+        $result = "The setup password you entered is too short. Please choose a better one.";
+    } elseif ($pass == $setuppw && $lostpw_mode == 0) { # correct passsword (and not asking for a new password)
         $result = "pass_OK";
+        $error = 0;
     } else {
         $pass = encrypt_setup_password($password, generate_setup_password_salt());
-        $result = '<p><b>Setup password not specified correctly</b></p>';
+        $result = "";
+        if ($lostpw_mode == 1) {
+            $error = 0; # non-matching password is expected when the user asks for a new password
+        } else {
+            $result = '<p><b>Setup password not specified correctly</b></p>';
+        }
         $result .= '<p>If you want to use the password you entered as setup password, edit config.inc.php and set</p>';
         $result .= "<pre>\$CONF['setup_password'] = '$pass';</pre>";
     }
-    return $result;
+    return array ($error, $result);
 }
 
 /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
diff --git a/upgrade.php b/upgrade.php
index 1bfe519e..9aa4eaf6 100644
--- a/upgrade.php
+++ b/upgrade.php
@@ -109,8 +109,8 @@ function _do_upgrade($current_version) {
     $target_version = preg_replace('/[^0-9]/', '', '$Revision$');
 
     if ($current_version >= $target_version) {
-# already up to date
-        echo "Database is up to date";
+        # already up to date
+        echo "<p>Database is up to date</p>";
         return true;
     }