diff --git a/functions.inc.php b/functions.inc.php
index 0c83d712..7489a36b 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -31,6 +31,10 @@ function authentication_get_username() {
return 'CLI';
}
+ if (defined('POSTFIXADMIN_SETUP')) {
+ return 'SETUP.PHP';
+ }
+
if (!isset($_SESSION['sessid'])) {
header ("Location: login.php");
exit(0);
@@ -2226,84 +2230,6 @@ function gen_show_status ($show_alias) {
)
*/
-function create_admin($fUsername, $fPassword, $fPassword2, $fDomains, $no_generate_password=0) {
- global $PALANG;
- global $CONF;
- $error = 0;
- $pAdminCreate_admin_message = '';
- $pAdminCreate_admin_username_text_error = '';
- $pAdminCreate_admin_password_text_error = '';
-
- if (!check_email ($fUsername)) {
- $error = 1;
- $pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error1'];
- }
-
- if (empty ($fUsername) or admin_exist ($fUsername)) {
- $error = 1;
- $pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error2'];
- }
-
- $generated_password = 0;
- if (empty ($fPassword) or empty ($fPassword2) or ($fPassword != $fPassword2)) {
- if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES" && $no_generate_password == 0) {
- $fPassword = generate_password ();
- $generated_password = 1;
- } else {
- $error = 1;
- $pAdminCreate_admin_password_text_error = $PALANG['pAdminCreate_admin_password_text_error'];
- }
- }
-
- $validpass = validate_password($fPassword);
- if(count($validpass) > 0 && $generated_password == 0) { # skip this check for generated passwords
- $pAdminCreate_admin_password_text_error = $validpass[0]; # TODO: honor all error messages, not only the first one
- $error = 1;
- }
-
- if ($error != 1) {
- $password = pacrypt($fPassword);
- // $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
-
- $db_values = array(
- 'username' => $fUsername,
- 'password' => $password,
- );
- $result = db_insert('admin', $db_values);
- if ($result != 1) {
- $pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_error'] . "
($fUsername)
";
- } else {
- if (!empty ($fDomains[0])) {
- for ($i = 0; $i < sizeof ($fDomains); $i++) {
- $domain = $fDomains[$i];
- $db_values = array(
- 'username' => $fUsername,
- 'domain' => $domain,
- );
- $result = db_insert('domain_admins', $db_values, array('created'));
- }
- }
- $pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_success'] . "
($fUsername";
- if ($CONF['show_password'] == "YES" || $generated_password == 1) {
- $pAdminCreate_admin_message .= " / $fPassword";
- }
- $pAdminCreate_admin_message .= ")";
- }
- }
-
- # TODO: should we log creation, editing and deletion of admins?
- # Note: needs special handling in viewlog, because domain is empty
- # db_log ('', 'create_admin', "$fUsername");
-
- return array(
- $error,
- $pAdminCreate_admin_message,
- $pAdminCreate_admin_username_text_error,
- $pAdminCreate_admin_password_text_error
- );
-
-
-}
function getRemoteAddr() {
$REMOTE_ADDR = 'localhost';
if (isset($_SERVER['REMOTE_ADDR']))
diff --git a/model/AdminHandler.php b/model/AdminHandler.php
index 198c7c8b..c00f167b 100644
--- a/model/AdminHandler.php
+++ b/model/AdminHandler.php
@@ -206,6 +206,10 @@ class AdminHandler extends PFAHandler {
}
}
+
+# TODO: generate password if $new, no password specified and $CONF['generate_password'] is set
+# TODO: except if $this->admin_username == setup.php
+
/**
* compare password / password2 field
* error message will be displayed at the password2 field
diff --git a/setup.php b/setup.php
index f8ca6145..05e94264 100644
--- a/setup.php
+++ b/setup.php
@@ -340,10 +340,6 @@ else
}
if($error == 0 && $pw_check_result == 'pass_OK') {
- $fUsername = safepost('fUsername');
- $fPassword = safepost('fPassword');
- $fPassword2 = safepost('fPassword2');
-
// XXX need to ensure domains table includes an 'ALL' entry.
$table_domain = table_by_key('domain');
$r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'");
@@ -351,9 +347,19 @@ else
db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema.
}
- list ($error, $setupMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE);
+ $values = array(
+ 'username' => safepost('username'),
+ 'password' => safepost('password'),
+ 'password2' => safepost('password2'),
+ 'superadmin' => 1,
+ 'domains' => array(),
+ 'active' => 1,
+ );
+
+ list ($error, $setupMessage, $errormsg) = create_admin($values);
+
if ($error != 0) {
- $tUsername = htmlentities($fUsername);
+ $tUsername = htmlentities($values['username']);
}
}
}
@@ -405,18 +411,18 @@ else
|
- |
- |
+ |
+ |
|
- |
- |
+ |
+ |
|
- |
- |
+ |
+ |
|
@@ -487,5 +493,32 @@ function check_setup_password($password, $lostpw_mode = 0) {
return array ($error, $result);
}
+function create_admin($values) {
+
+ DEFINE('POSTFIXADMIN_SETUP', 1); # avoids instant redirect to login.php after creating the admin
+
+ $handler = new AdminHandler(1, 'setup.php');
+ $formconf = $handler->webformConfig();
+
+ if (!$handler->init($values['username'])) {
+ return array(1, "", $handler->errormsg);
+ }
+
+ if (!$handler->set($values)) {
+ return array(1, "", $handler->errormsg);
+ }
+
+ if (!$handler->store()) {
+ return array(1, "", $handler->errormsg);
+ }
+
+ return array(
+ 0,
+ Lang::read($formconf['successmessage']),
+ array(),
+ );
+}
+
+
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
?>