banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

setup.php: reindent; require setup_password before it will add an admin user

Browse Source 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@616 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-2.3
David Goodwin 16 years ago
parent b4dfc638f5
commit e4498461ba
1 changed files with 157 additions and 138 deletions
Show Stats Download Patch File Download Diff File

29
setup.php
Unescape Escape View File

@ -26,7 +26,7 @@
define('POSTFIXADMIN', 1); # checked in included files define('POSTFIXADMIN', 1); # checked in included files
require_once("languages/en.lang"); require_once("languages/en.lang");
require_once("functions.inc.php"); require_once('common.php');
$CONF['show_header_text'] = 'NO'; $CONF['show_header_text'] = 'NO';
$CONF['theme_logo'] = 'images/logo-default.png'; $CONF['theme_logo'] = 'images/logo-default.png';
@ -309,6 +309,17 @@ else
if ($_SERVER['REQUEST_METHOD'] == "POST") if ($_SERVER['REQUEST_METHOD'] == "POST")
{ {
// ensure password is correct.
if(!isset($_POST['setup_password'])) {
$error += 1;
$tMessage = "Setup password must be specified";
}
if($_POST['setup_password'] != $CONF['setup_password']) {
$error += 1;
$tMessage = "Setup password not specified correctly";
}
if($error == 0) {
if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']); if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']); if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);
@ -325,9 +336,13 @@ else
if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']);
} else { } else {
print "<p><b>$tMessage</b></p>"; print "<p><b>$tMessage</b></p>";
echo "<p><b>Delete (or rename) setup.php, and then click <a href='login.php'>here to login</a>.</b></p>";
} }
} }
else {
print "<p><b>$tMessage</b></p>";
}
}
if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0) if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0)
{ {
@ -336,9 +351,13 @@ else
<div id="edit_form"> <div id="edit_form">
<form name="create_admin" method="post"> <form name="create_admin" method="post">
<table> <table>
<tr>
<td colspan="3"><h3>Create superadmin account</h3></td> <td colspan="3"><h3>Create superadmin account</h3></td>
</tr> </tr>
<tr>
<td>Setup password (see config.inc.php)</td>
<td><input class="flat" type="password" name="setup_password" value="" /></td>
<td></td>
</tr>
<tr> <tr>
<td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td> <td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td>
<td><input class="flat" type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td> <td><input class="flat" type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
@ -367,8 +386,8 @@ else
<?php <?php
} }
print "<b>Make sure you delete this setup.php file!</b><br />\n"; print "<b>Since version 2.3 there is no requirement to delete setup.php!</b><br />\n";
print "Also check the config.inc.php file for any settings that you might need to change!<br />\n"; print "<b>Check the config.inc.php file for any other settings that you might need to change!<br />\n";
} }
?> ?>
</div> </div>

Write Preview
Loading…
Cancel
Save