Commit Graph

126 Commits (master)

Author SHA1 Message Date
David Goodwin 3b9d8f867e merge sha512.b64 encrypt support - see https://github.com/postfixadmin/postfixadmin/issues/58 5 years ago
David Goodwin a4afebbe77 verify ssl certs when connecting to the db by default (we also do if this setting is not present) 5 years ago
David Goodwin 212415db56 document better 5 years ago
Christian Boltz 3d0add075a
Add empty $CONF['database_socket'] to avoid warnings
... about reading an undefined config option
5 years ago
David Goodwin 52e0d3e4b0 work around nano highlighting - see https://github.com/postfixadmin/postfixadmin/issues/320 5 years ago
David Goodwin 87824ef970 psalm fixes/workarounds; require PHP 5.6+ 5 years ago
gotty 13549cea0f Favicon config and ru_lang:
1. Favicon configuration of the project:
  a. Fixed incorrect link to favicon from the subfolder /users/
  b. Added ability to set favicon via config
2. Completed translation of all string constants into Russian language.
5 years ago
David Goodwin 758ccb9a19 add note in config for mailbox subdir creation requiring imap extension 5 years ago
Felix Ableitner a46245eecc Add config option for TLS 5 years ago
Felix Ableitner 600248e955 Add option to use smtp password when sending admin emails (fixes #272) 5 years ago
Sven Strickroth 56395709f3 Make quota levels configurable
Signed-off-by: Sven Strickroth <email@cs-ware.de>
6 years ago
David Goodwin cdacb5697f improve formatting of error message; remove use of db_array (to be removed). 6 years ago
David Goodwin 20b1eb842e fix sqlite display of password expired check for mailboxes 6 years ago
David Goodwin 766c947190 fix case of $conf; improve comments 6 years ago
David Goodwin 74002bbf57 psalm fixes 6 years ago
Damien Martins 12ce418f79 No need to have password expiration value in config file 6 years ago
Damien Martins 84533224ba Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins b33d79125c Merge branch 'master' of github.com:doktoil-makresh/postfixadmin 6 years ago
Damien Martins d809e0fbf7 Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins 72dddbc93b Adds colored indicators for password expired, account disabled and vacation enabled accounts 6 years ago
Damien Martins e786609aa9 Adding support for password expiration. Please read README.password_expiration for more details 6 years ago
David Goodwin ba14535489
Merge pull request #172 from abonanni/bootstrap
Bootstrap Integration
6 years ago
Aleksi Kinnunen 48c19a1cbd
Combine encrypt CONF-keys
Went through the old PR #25, updated the encrypt rounds/cost setting to be in the encrypt -configuration key as per suggestion from @cboltz
7 years ago
Aleksi Kinnunen 7b16e8a1c2
Add info about php_crypt and encrypt_difficulty to sample config 7 years ago
root fb3e968cfc Bootstrap template integration 7 years ago
David Goodwin f7ba904800 see #171 7 years ago
Christian Boltz 7c38bdd871
add a big notice about using config.local.php 7 years ago
Christian Boltz 3f1866d041
display phone number field only if $CONF[sms_send_function] is set
Without a way to send a SMS, asking users for their mobile number is
pointless.
7 years ago
Lee Clemens ebbd9025e4 Add support for MySQL connections over SSL 7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 4b999b3f6b improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73 7 years ago
Christian Boltz 2251c00fb8
disable password reset until it is secure
For some unknown reason, the insecure version of pull request 18 (which
uses easily guessable reset codes) was merged. This commit disables the
password reset until someone makes it secure.

See the comments in https://github.com/postfixadmin/postfixadmin/pull/18
for details.
7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Christian Boltz f18f16c004
move $CONF['edit_alias'] next to $CONF['alias_control'] 7 years ago
Christian Boltz 4d9a0717d0 Merge pull request #26 from medarion/master
added config option to disable "edit_alias" function for users
7 years ago
David Goodwin 0951629a48 config.inc.php: debian has doveadm in /usr/bin not /usr/sbin 8 years ago
Christian Boltz 8aecf3eae3 Merge branch 'master' into broadcast_improvements 8 years ago
Christian Boltz f7f3781770
Fix default for $CONF[create_mailbox_subdirs_hostoptions]
array('') means to include an empty item, and that results in an invalid
remote specification with a trailing "/"

Using an empty array() fixes this.

Reported by oftc_ftw on IRC.
8 years ago
Martin Oemus 9aba43ee48 added config option to disable "edit_alias" function for users 8 years ago
Jan-Frederik Rieckers 3c360f646f
Switch config item for broadcast.
The new config item is now `sendmail_all_admins`
8 years ago
Jan-Frederik Rieckers 3c3d844130
Improve the broadcast message tool
* Make it possible by config option that non global admins can send
  broadcast messages to their domains.
* Allow the sender to select the domains the broadcast message should be
  delivered to
* Allow the sender to decide if the broadcast message should just be
  delivered to mailboxes
8 years ago
David Goodwin 491df198cc Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 4c2ff84d52 upate wiki links
mediawiki -> SF wiki


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1876 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 17d1cce041 Merge remote-tracking branch 'svnexport/master' 8 years ago
Christian Boltz 62b872491f config.inc.php: add pointers between $CONF[encrypt] = 'authlib' and $CONF[authlib_default_flavor]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1874 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 6bc747ba9b Merge remote-tracking branch 'svnexport/master' 9 years ago
Christian Boltz a46720c8c8 config.inc.php:
- add more detailed notes about unsupported dovecot:* encryption types
  (after hunting them down with r00t^2 on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1833 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 6ee6574076 include_once(config.local.php) instead of include()ing it
This should avoid problems with endless include loops like in
https://sourceforge.net/p/postfixadmin/bugs/367/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1830 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
CaptainArk 21c4ec0dd8 smtp_client variable empty by default 9 years ago