- gen_show_status(): escape mail addresses in query.
Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
(mostly - the edit/delete/... links in list-virtual are double-escaped)
In theory this could allow SQL injection, in practise the mail address
regex limits this issue to a DOS (creating a mail address with ' caused
an invalid query that broke list-virtual)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.
Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
default aliases if special_alias_control is off and not superadmin
list.tpl:
- use $item._can_edit instead of $check_alias_owner
list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
(replaced by the code added in AliasHandler)
- drop unused $sql_domain
functions.inc.php:
- delete no longer used check_alias_owner() function
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1774 a1433add-5e2c-0410-b055-b7f2511e0802
- build_select_query(): add support for $search['_'] (searching if one
of the $this->searchfields contains the search text)
- getList(): make sure '_' is kept in the search parameters
functions.inc.php:
- db_where_clause(): slightly relax checks - if $condition is empty,
only error out if $additional_raw_where is also empty
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1772 a1433add-5e2c-0410-b055-b7f2511e0802
- better formatting in db_quota_text() and db_quota_percent() results
(for example, infinity sign instead of / 0 for unlimited)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1744 a1433add-5e2c-0410-b055-b7f2511e0802
- read_from_db(), getList():
- add $searchmode parameter (_before_ $limit and $offset!) to be able to
use query different query modes, not only "="
- add a warning that $condition will be changed to array only in the future
- getList(): filter $condition for fields that are available to the user
to avoid information leaks by using search parameters
(filter is only applied if $condition is an array!)
functions.inc.php:
- db_where_clause():
- add $additional_raw_where parameter for additional query parameters
- add $searchmode parameter to be able to use query different
query modes, not only "=" (see $allowed_operators)
- check for allowed operators in $searchmode
- split query into WHERE and HAVING (if a parameter has
$struct[select] set, HAVING is used)
list-virtual.php:
- adopt getList() call to the new syntax
AliasHandler:
- adopt getList() definition and call to the new syntax
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1731 a1433add-5e2c-0410-b055-b7f2511e0802
- pacol():
- add $linkto parameter (if list mode should link to something)
- replace $not_in_db with $multiopt - the remaining parameters can
now be specified as associated array (backwards-compatible)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1719 a1433add-5e2c-0410-b055-b7f2511e0802
- add functions db_quota_text() and db_quota_percent() to generate
queries for used quota ("x/y" and percentage)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1712 a1433add-5e2c-0410-b055-b7f2511e0802
- db_query(): do not print out the failed query, error_log() it instead
to avoid information leaks.
- update SF forum URL
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1592 a1433add-5e2c-0410-b055-b7f2511e0802
- new function db_pgsql() to replace lots of
"if ($CONF[database_type] == 'pgsql')) checks
- delete unused function boolconf()
several files:
- use db_pgsql() instead of checking $CONF[database_type]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1582 a1433add-5e2c-0410-b055-b7f2511e0802
- move mailbox_postdeletion() to MailboxHandler
- move domain_postcreation() and domain_postdeletion() to
DomainHandler
- adopt those functions for usage inside the *Handler (replace
print with $this->errormsg etc.)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1579 a1433add-5e2c-0410-b055-b7f2511e0802
found out that the 'Config' class is too static - it shares its static
data with the 'Lang' child class.
This caused a conflict because we have $CONF[transport] and
$PALANG[transport], and Config::read('transport') returned the $PALANG
text.
To fix this, all texts are now stored as $CONF[__LANG].
I also dropped the 'Lang' class.
model/Config.php:
- mark the 'Config' class as final to ensure we don't trap into the
"too static" problem again.
- bool(): display and log an error message if a $CONF option does not
contain YES or NO (that would have uncovered this bug much earlier)
- add lang() and lang_f() wrapper functions to get $PALANG texts
- remove unused $__cache and $__objects
model/Lang.php:
- deleted
common.php:
- store $PALANG as $CONF[__LANG]
lots of files:
- replace Lang::read() and Lang::read_f() calls with Config::lang()
and Config::lang_f()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
- getList: change return value to be always true (even if the database
result is an empty array), and die() if the database result is not an
array.
This avoids some if blocks in various files to implement a fallback
to array() on empty results.
functions.inc.php:
- list_admins(): simplify after the *Handler->getList() change
- get_domain_properties(): change a forgotten $handler->return to
$handler->result() (follow-up for r1534)
list-domain, list-virtual.php:
- simplify after the *Handler->getList() change
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1535 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt(), dovecot:* method:
- allow "." in dovecot method (to allow a suffix like ".b64")
- blacklist SCRAM-SHA-1 (needs -u)
- check against list of non-salted methods to be backward compatible
with dovecot < 2.1 again
Thanks to Szilagyi Jozsef <szjozsef AT yahoo DOT com> for providing
the list of non-salted methods etc.
functions.inc.php, scripts/postfixadmin-cli.php:
- drop unused global variables $table_admin and $table_alias_domain
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1529 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt: digest-md5 hashes include the username - until someone
implements it, let's declare it as unsupported and error out
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1525 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt(): some small changes after Szilagyi Jozsef's patch:
- comment out unused $crypt_method
- change $dovecotpw default to "doveadm pw" (unrelated to the patch)
- set $dovepasstest to "-t $pw_db" instead of having two similar
command lines, and also shellescapearg() $pw_db
- use "if (empty($dovepasstest))" instead of "if (empty($pw_db))"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1524 a1433add-5e2c-0410-b055-b7f2511e0802
doveadmin pw now has an option "-t $hash" which allows to verify
salted passwords (added in dovecot 2.1 AFAIK)
Also, the {METHOD} part is no longer removed.
Patch by Szilagyi Jozsef <szjozsef [at] yahoo.com> - thanks!
(The schemes which requires also the username -u option is still not supported)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1523 a1433add-5e2c-0410-b055-b7f2511e0802
- check_quota ()
- allowed_quota()
- mailbox_postcreation()
- mailbox_postedit()
- create_mailbox_subfolders()
The code was moved without any changes, except
- added leading whitespace
- removed "TODO: move to MailboxHandler" ;-)
MailboxHandler:
- change function calls for moved functions
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1515 a1433add-5e2c-0410-b055-b7f2511e0802
check_quota()
mailbox_postcreation()
mailbox_postedit()
create_mailbox_subfolders()
- use Config::read() / Config::bool() instead of $CONF
- update comment header
- some minor changes to make the code better readable
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1514 a1433add-5e2c-0410-b055-b7f2511e0802
- move boolconf() to Config::bool()
boolconf() will stay for backwards compability, but new code
should use Config::bool()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1467 a1433add-5e2c-0410-b055-b7f2511e0802
- check_domain(), check_email():
use Lang::read and Config::read instead of global variables
(global variables, at least $PALANG, don't seem to work with CLI)
- boolconf():
- use Config::read instead of global $CONF
- drop isset() check - doesn't make sense when using Config::read
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1452 a1433add-5e2c-0410-b055-b7f2511e0802
- check_domain(), check_email(): instead of calling flash_error(),
return string with error message - or empty string if everything is ok
model/AdminHandler.php, model/AliasHandler.php,
model/DomainHandler.php, model/MailboxHandler.php,
sendmail.php, users/edit-alias.php:
- adopt to changed check_domain() and check_email() return value
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1451 a1433add-5e2c-0410-b055-b7f2511e0802
- allowed_quota: if $CONF[quota] == NO, just return 0 (unlimited)
list-virtual.php:
- only eval_size($limit['maxquota']) if $CONF[quota] == YES
($limit['maxquota'] is not set if $CONF[quota] == NO)
Both issues (which caused PHP warnings) were found by TigerP on IRC
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1445 a1433add-5e2c-0410-b055-b7f2511e0802
configs/menu.conf:
- change url_create_mailbox to edit.php?table=mailbox
templates/list-virtual.tpl:
- replace hardcoded create-mailbox.php with {#url_create_mailbox#}
functions.inc.php:
- delete functions that are now part of MailboxHandler:
- check_mailbox()
- multiply_quota()
- add some TODO notes
config.inc.php:
- rewrite a comment that referenced create-mailbox.php
create-mailbox.php:
- delete - no longer needed
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1433 a1433add-5e2c-0410-b055-b7f2511e0802
- create_page_browser(): revert r1387 and...
- db_query(): ...replace it with the correct fix ;-) (avoid mysqli
reconnects)
The problem was that db_query() used is_resource() to check if we
already have a database connection, but a mysqli connection is an
object, not a resource.
This resulted in a new database connection for each query. Therefore
mysqli "forgot" the value of SET @row before executing the following
SELECT query (which used a new mysqli connection).
The fix is to also check with is_object() to avoid mysqli reconnects.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1388 a1433add-5e2c-0410-b055-b7f2511e0802
- create_page_browser(): include MOD(idx.row, $page_size) in outer SELECT.
This is needed on some MySQL setups which otherwise return an empty set.
Thanks to f-dens_ on IRC for helping to debug it.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1387 a1433add-5e2c-0410-b055-b7f2511e0802
- change list_admins() to use AdminHandler (code from list-admin.php)
Note: this changes the return value format to include all details,
not only the usernames. Use array_keys(list_admins()) if you need
the previous return format.
list-admin.php:
- replace code with a list_admins() call
list-domain.php:
- adopt to new list_admins() return value
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1386 a1433add-5e2c-0410-b055-b7f2511e0802
- _flash_string(): also accept an array of messages, not only a string
- comment updates for _flash_info() and flash_error() to reflect this change
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1378 a1433add-5e2c-0410-b055-b7f2511e0802
- PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin
therefore we have to wrap our function (which fortunately gives the same
results) with function_exists().
Reported by MadOtis on #postfixadmin
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1328 a1433add-5e2c-0410-b055-b7f2511e0802
- deleted, obsoleted by edit.php?table=alias
functions.inc.php:
- drop function check_alias() - it was only used by create-alias.php
(AliasHandler has a similar function create_allowed(), which is a
copy of check_alias() with superfluous {...} removed)
configs/menu.conf
- replace create-alias.php with edit.php?table=alias
- append "?" to url_create_mailbox to avoid temporary change in menu.tpl
(create-mailbox is the only one which still needs ? instead of &)
templates/list-virtual.tpl:
- use {#url_create_alias#} instead of hardcoded create-alias.php
templates/menu.tpl:
- $url_domain: url-escape domain, use & instead of ?
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1317 a1433add-5e2c-0410-b055-b7f2511e0802
- add rewritten function create_admin() (now using AdminHandler,
which means 25 instead of 80 lines)
- various follow-up changes to match the rewritten function create_admin()
functions.inc.php:
- delete function create_admin() - setup.php was the last file calling it
- honor POSTFIXADMIN_SETUP in authentification_get_username() to avoid
a redirect to login.php after creating an admin with setup.php and to
get "SETUP.PHP" for db_log()
model/AdminHandler.php:
- add TODO: implement generate_password
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1301 a1433add-5e2c-0410-b055-b7f2511e0802
- allow log actions create_admin and edit_admin
- add edit_admin_state and delete_admin as comment/reminder that they
should also be logged
*.lang:
- add text for the new "create admin" and "edit admin" log actions
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1298 a1433add-5e2c-0410-b055-b7f2511e0802
- use AdminHandler
- move displaying the superadmin flag to the template
templates/adminlistadmin.tpl:
- update to the fieldnames provided by AdminHandler (name->username)
- move displaying the superadmin flag to the template
functions.inc.php:
- delete function get_admin_properties() (was only used by list-admin
and is not needed anymore) -> 48 lines less :-)
- add TODO to list_admins() to use AdminHandler
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1282 a1433add-5e2c-0410-b055-b7f2511e0802
- add log action 'edit_alias_domain'
- update outdated comment to point to $action_list instead of
maintaining the list as comment _and_ variable
languages/*.lang
- add $PALANG['pViewlog_action_edit_alias_domain']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1278 a1433add-5e2c-0410-b055-b7f2511e0802
- rewrite to work for superadmins also (will list all domains now
instead of "ALL"), which means we can drop the admin vs. superadmin
check at various places
- escape_string $username
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1265 a1433add-5e2c-0410-b055-b7f2511e0802
- get_domain_properties(): use DomainHandler (function result mostly
unchanged, only difference: instead of quota_sum in bytes it now
returns total_quota in MB)
- allowed_quota(): adopt to slightly changed return value of
get_domain_properties()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1248 a1433add-5e2c-0410-b055-b7f2511e0802
- pacol(): new parameter $dont_write_to_db - needed to skip JOINt in
columns which (of course) aren't available on INSERT or UPDATE
model/DomainHandler.php:
- initStruct(): mark JOINt in columns with the dont_write_to_db flag
- store(): skip columns with the dont_write_to_db flag set (not_in_db
columns are also/still skipped)
In non-technical terms: create-domain works now :-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1244 a1433add-5e2c-0410-b055-b7f2511e0802
- use a new SELECT query syntax (sub-SELECTs) that gets all needed
information (including alias count, mailbox count and total quota)
in one query and is fast as light.
Better don't ask how long it took me to write this query, and I
seriously hope it works with postgresql. Otherwise...!
- add alias_count, mailbox_count and total_quota (including the required
SQL magic) to $struct
- add support for funny[tm] query tricks in $struct:
- replacement for field name in SELECT statement
- additional SQL after the FROM xy clause - useful for JOINs
- new function getList($condition) to get a list of domains
- order SELECT results by $this->id_field (needed for getList)
- add comment about the values used in $struct[*][type]
functions.inc.php:
- add two more optional parameters to pacrypt(): $select and $extrafrom
scripts/shells/domain.php:
- display number of existing aliases and mailboxes
- display quota sum
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1230 a1433add-5e2c-0410-b055-b7f2511e0802
- new function db_where_clause($condition, $struct) to create a WHERE clause.
bool values are converted with db_get_boolean() based on $struct
model/DomainHandler.php - view():
- build WHERE clause with db_where_clause()
- new array $colformat for columns which need special handling in the field list
(that's more readable than tons of elseif on the long term, and allows easier
customization (hook/$CONF value?))
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1228 a1433add-5e2c-0410-b055-b7f2511e0802
- new function db_boolean_to_int() to convert boolean values from the
database to integer (0 or 1)
- db_get_boolean(): error out on unknown $CONF[database_type]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1208 a1433add-5e2c-0410-b055-b7f2511e0802
- new config option $CONF['password_validation'] - array with regular
expressions to check if a password is valid/good enough.
The default configuration enforces:
- minimum length 5 characters/digits/whatever
- at least 2 characters
- at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
$CONF['password_validation']
functions.inc.php
- new function validate_password to check a given password against
$CONF['password_validation']
- generate_password: generated password is always 8 chars long
(instead of $CONF['min_password_length'])
edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']
This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
functions.inc.php:
- create_admin(): use db_insert instead of INSERT queries
(this includes automatic escaping of all values)
create-admin.php:
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- remove superfluous emptying of empty $tDomains for GET
- allow htmlentities-escaping for pAdminCreate_admin_username_text
- some whitespace / linebreak changes
setup.php:
- load config.inc.php only once (loading it twice will break if custom
hook functions exist in config.*.php - "can't redefine function ...")
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- escape $tUsername with htmlentities() instead of escape_string
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1190 a1433add-5e2c-0410-b055-b7f2511e0802
- integrate $defaults in $struct to have everything in one place
- integrate field labels, descriptions etc. in $struct
- $struct now has named keys and is filled with the new pacal() helper function
- replaced TODO comments with new ones ;-)
functions.inc.php:
- new function pacol() to fill $struct with an associative array
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1145 a1433add-5e2c-0410-b055-b7f2511e0802
- change default of $CONF['admin_email'] to '' and updated the comment.
IMPORTANT: If set, this will be used as mail sender for all mails
(2.3.x used the currently logged admin's username in most cases).
$CONF['admin_email'] = '' will match the 2.3.x behaviour.
functions.inc.php:
- new function smtp_get_admin_email() to get mail sender address
($CONF[admin_email] or currently logged in admin if not set)
- changes compared to Dale's patch:
- added @return in comment
- switched to /** comment style
This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1093 a1433add-5e2c-0410-b055-b7f2511e0802
- if dovecotpw does not give the expected output, read stderr and write
it to error_log()
This would have made the debugging session I just had with makomi on IRC
about an hour shorter ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1071 a1433add-5e2c-0410-b055-b7f2511e0802
- do not leave the while loop with break - this could hide some
undeliverable alias targets from being flagged if another alias
target points to a domain in $CONF[show_undeliverable_exceptions]
- do not add a blank $CONF[show_status_text] if
$CONF[show_undeliverable] is disabled - it only wastes space ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1069 a1433add-5e2c-0410-b055-b7f2511e0802
don't show vacation_domain as undeliverable + various code cleanup
- don't show the vacation domain as undeliverable
In theory this should already have worked already, but $stat_vacdomain
missed the first letter of the domain ("xample.com" instead of
"example.com") which broke it.
Fixed by using $stat_domain, which has the same content anyway.
This fixes part (2) of
https://sourceforge.net/tracker/?func=detail&aid=1951926&group_id=191583&atid=937967
- generate the regex for $CONF[recipient_delimiter] at the start of the
function. Besides saving some CPU cycles, this makes the code more
readable.
- generate $stat_domain earlier and in a regex-free way
- drop $stat_catchall - it's nothing else than @ + $stat_domain
- use in_array() to check $CONF[show_undeliverable_exceptions] instead
of a while loop
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1068 a1433add-5e2c-0410-b055-b7f2511e0802
- explicitely check for unlimited maxquota when checking if
$quota > $limit[maxquota]. Without this, $quota was always
considered as being too big (not surprising, everything is >0 ;-)
This fixes https://sourceforge.net/tracker/?func=detail&aid=3306926&group_id=191583&atid=937964
(caused by domain quota patch, therefore not affecting 2.3.x)
- replaced setting $rval with return in some cases if the decision is
final without needing to check domain quota
- added lots of comments to make understanding the function easier
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1065 a1433add-5e2c-0410-b055-b7f2511e0802
Based on a patch from W. Rossmann (W. Rossmann@SF),
https://sourceforge.net/tracker/index.php?func=detail&aid=2974928&group_id=191583&atid=937966
with some modifications, cleanup and adoptions to trunk (especially templates)
config.inc.php:
- new config option $CONF['domain_quota'] to enable/disable domain-level
quota (default: enabled)
- new config option $CONF['domain_quota_default'] (default: 2 GB)
functions.inc.php - check_quota():
- add code to check the quota sum on a domain
- add optional parameter $username (to exclude that username from quota
calculation, used by edit-mailbox)
edit-domain.php, create-domain.php,
admin_edit-domain.tpl, admin_create-domain.tpl:
- add input field and handling for domain-level quota
list-domain.php, overview-get.tpl, adminlistdomain.tpl:
- display allocated and allowed domain quota
- beautify quota and max_quota fields - display "unlimited" instead of "-1"
edit-mailbox.php:
- hand over username to check_quota()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1042 a1433add-5e2c-0410-b055-b7f2511e0802
- db_delete(): if no row was deleted, return 0 (not true)
This should not affect any existing code, but makes more sense
for future usage.
- whitespace changes in db_delete()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1035 a1433add-5e2c-0410-b055-b7f2511e0802
fully working MySQL version of create_page_browser()
- force $page_size to int and die() if it is < 2
- dropped $item_count parameter - the function now counts itsself
- include last row in the query
- return empty array (= no pagebrowser) if all rows fit in one page
- PgSQL queries are still on my TODO list
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1030 a1433add-5e2c-0410-b055-b7f2511e0802
- new function create_page_browser()
Function to create the page browser index ("a-c, d-h, ...") with light
speed (at least when compared with the current code that can take several
minutes(!) for people with lots of mailboxes or aliases).
At the moment, it only works with MySQL, has several big TODO notes
(including notices how to implement the PostgreSQL query) and is not
yet actively used.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1022 a1433add-5e2c-0410-b055-b7f2511e0802
*fixed VacationHandler.php
*changed edit-vacation to us VacationHandler
*added todopoint to upgrade.php
*fixed problem in AliasHandler
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@981 a1433add-5e2c-0410-b055-b7f2511e0802
(will be detected by authentication_get_username() instead)
scripts/postfixadmin-cli.php:
- define ("POSTFIXADMIN_CLI", 1) (we have no session running and need a
way to tell authentication_get_username() that this is a CLI access)
functions.inc.php:
- authentication_get_username(): check for POSTFIXADMIN_CLI constant,
return 'CLI' if set
(hmmm, do we need a similar thing for XMLRPC?)
- db_log(): override $username parameter with authentication_get_username()
(removing it from function parameters will be my next big commit)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@965 a1433add-5e2c-0410-b055-b7f2511e0802
column and value are separate parameters now
functions.inc.php:
- changed function db_update() parameters - column name and value for the WHERE
condition are now two separate parameters. This means we don't need to
escape_string(), add quotes etc. for most UPDATE queries.
Example call: db_update('alias', 'address', $this->username, $values_array)
- the previous db_update() is now called db_update_q()
model/UserHandler.php:
- changed db_update call to the new parameters
- removed now unused variables
- renamed $username to $E_username
- call pacrypt directly when setting the $set array, no need for $new_db_password
model/AliasHandler.php
- changed db_update call to the new parameters
edit-mailbox.php
- switched to db_update_q()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@931 a1433add-5e2c-0410-b055-b7f2511e0802
- smtp_mail(): added another (currently optional) parameter.
It can now be called with subject and body, no need to build the mail
header in every script that needs to send a mail.
- db_delete() did not use table_by_key. Fixed, backport queued for
2.3 branch
- db_insert() now has array(created,modified) as default for timestamp
columns so that most calls can be done without that parameter
- db_update() now has array(modified) as default for timestamp column
so that most calls can be done without that parameter
- new functions db_begin / db_commit / db_rollback - BEGIN / COMMIT /
ROLLBACK wrapped in a check for $CONF['database_type'] == "pgsql".
One more step to get rid of database-specific code in all files.
- db_log():
- migrated to db_insert. This should also fix some missing quoting.
- sorted $action_list to make it more readable
- backport queued for 2.3 branch for both changes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@907 a1433add-5e2c-0410-b055-b7f2511e0802
- check_domain(): don't trim() the domain - whitespace is an error.
This catches "foo@ domain.com" that wasn't catched before.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@902 a1433add-5e2c-0410-b055-b7f2511e0802
- hand over $search to smarty templates
templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting
templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
(was displayed once per mailbox alias target)
css/default.css:
- add style for ".searchresult"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
functions.inc.php:
- added error message if the check_owner query returns more than one result.
This can happen with old databases (pre-2.3) where the domain_admins table
contains "ALL" _and_ a domain for a superadmin - which results in the
superadmin not able to edit mailboxes etc. for this domain.
(Error message not translatable - this is a corner case.)
list-virtual.php:
- add "invalid parameter" error message before redirecting to list-domain
if the user doesn't have permissions for a domain
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@778 a1433add-5e2c-0410-b055-b7f2511e0802
list-virtual.php:
- merge search functionality into list-virtual.php (even more performant
for domain admins now - search.php checked domain ownership after
querying all domains...)
(Use list-virtual.php?search=searchterm to test searching)
- allow to display mailbox alias targets in mailbox list
Fields added to the mailbox list array:
* goto_mailbox (mailbox (=1) or forward-only (=0))
* goto_other (array with aliases not pointing to the mailbox)
* (vacation alias is skipped)
open question: is $display_mailbox_aliases = boolconf('special_alias_control')
correct? I'm slightly confused with alias_control, alias_control_admin
and special_alias_control...
- build mailbox query step by step instead of having several variants
which overlap 90% (and include a high bug potential, as already
demonstrated by me ;-)
templates/list-virtual.php
- added search result highlighting
- added displaying of mailbox aliases (goto_mailbox and goto_other)
- removed ?domain= parameter for edit-alias.php, other edit-*.php have
to follow (otherwise we'll have to extract the domain from the address
to avoid incorrect parameters in search mode)
functions.inc.php
- added db_in_clause() which builds a "field in(x, y)" clause for
database queries
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@751 a1433add-5e2c-0410-b055-b7f2511e0802
upgrade.php
- create quota and quota2 table (upgrade_729)
- create the triggers required by dovecot (upgrade_730_pgsql)
list-virtual.php
- updated to work with both quota tables
Patch by Varren Volz, https://sourceforge.net/tracker/?func=detail&aid=2867629&group_id=191583&atid=937966
- changed query for 1.1 quota table to
WHERE [...] AND ( $table_quota.path='quota/storage' OR $table_quota.path IS NULL )
This fixes https://sourceforge.net/tracker/?func=detail&aid=2794247&group_id=191583&atid=937964
(users not shown when initial email is not sent)
config.inc.php, functions.php
- new config option $CONF['new_quota_table'] (YES means dovecot 1.2 format)
- set variables for new quota2 table
DOCUMENTS/DOVECOT.txt
- added note that quota table is automatically created
- added note about different quota tables for dovecot 1.0/1.1 and >= 1.2
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@730 a1433add-5e2c-0410-b055-b7f2511e0802
https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966
because
- it undermines the $CONF[*alias_control*] settings more or less -
mailbox aliases with non-default targets are always shown in
the "Aliases" section - see comment from 2009-05-04 on
https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964
- it introduced some "funny" bugs - a nice example is
http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964
Files / sections affected by the revert:
- list-virtual.php: all numbers (alias count etc.) correct?
(the changes in this file are the largest ones)
- functions.inc.php: SQL queries in get_domain_properties()
- delete.php: the only change since r572 affected code that was inserted
in r572 (and is now deleted again) - nothing should break here
- create-alias.php: had no changes since r572 - therefore nothing should
break here
Exceptions (not reverted):
- edit-alias: this change looks useful (hide mailbox alias target from
admins if they don't have permissions to change it). The actual code
has changed in the meantime, but the functionality stays.
Additionally, reverting this would be very hard or throw useful later
changes away.
BUT: shouldn't the page completely forbid to edit a mailbox alias if
the admin doesn't have permissions for it?
- functions.inc.php: comment for pacrypt() ;-)
- linebreaks in long SQL queries
Please check if everything is still working as expected (especially the domain
list and the virtual list) - I did only some quick tests.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
- added dovecotpw encryption support (patch from cmuelle8 (trendypack) + some fixes
from me, see tracker for details)
https://sourceforge.net/tracker2/?func=detail&aid=2607332&group_id=191583&atid=937966
- replaced most "if" with "elseif" to be able to check for invalid $CONF[encrypt] settings
- added error check/message for invalid $CONF[encrypt] settings
config.inc.php:
- $CONF[encrypt]: added description for dovecot:xy
- added new $CONF['dovecotpw'] setting (path to dovecotpw binary)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@580 a1433add-5e2c-0410-b055-b7f2511e0802
- added comment about courier-authlib supporting only two-character salt
(see mail from Jan Röhrich in postfixadmin-devel about r560)
- fixed vim: line - functions.inc.php uses 4 spaces
- replaced "else if" with "elseif"
- replaced tabs with spaces
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@564 a1433add-5e2c-0410-b055-b7f2511e0802
- move DNS checks from check_email() to check_domain()
- add clear error message on non-resolvable domains (using flash_error() -
this is probably not the best solution, but better than nothing)
- made error messages translatable
create-domain.php:
- avoid duplicated call to check_domain (to avoid duplicated error message)
- domains are now DNS-checked on creation - see the changes in check_domain()
in functions.inc.php
languages/*:
- added error messages for the above changes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@429 a1433add-5e2c-0410-b055-b7f2511e0802
- added $CONF['alias_domain'] switch to disable alias domains
(includes lots of whitespace changes in list-virtual.php)
functions.php:
- added some comments to boolconf()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@419 a1433add-5e2c-0410-b055-b7f2511e0802
- removed (now) unused function table_by_pos
I'm quite sure we won't need it again, basically it answered questions
like "what's the 3rd table in $CONF['database_tables']?"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@407 a1433add-5e2c-0410-b055-b7f2511e0802
https://sourceforge.net/tracker/index.php?func=detail&aid=1923030&group_id=191583&atid=937966
- added quota parameter in mailbox_postcreation() hook
- new hook to update the quota after editing a mailbox
Modifications to the patch:
- made $quota an required parameter in the mailbox_postedit and
mailbox_postcreation functions
- the scripts always get the quota as 4th parameter. In case $quota
is <= 0, it is set to 0.
config.inc.php:
- new option $CONF['mailbox_postedit_script']
edit-mailbox.php:
- call mailbox_postedit() after editing the mailbox
functions.inc.php:
- added $quota parameter to mailbox_postcreation()
- new function mailbox_postedit()
create-mailbox.php:
- added $quota parameter on mailbox_postcreation() call
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@373 a1433add-5e2c-0410-b055-b7f2511e0802
- check_language(): use global $supported_languages so that we don't
have to maintain the list of supported languages at different places
(this finally enables users to choose japanese language at login)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@307 a1433add-5e2c-0410-b055-b7f2511e0802
functions.inc.php:
- function check_language
- new optional parameter $use_post (needed by login.php)
- check for language cookie
- check for $_POST['lang']
- removed substr() call because it made pt-br translation unuseable
- new function language_selector
- returns a HTML dropdown language selector
- new function safecookie
- similar to safeget, but for cookies
templates/login.php, templates/users_login.php:
- display language selector dropdown
login.php, users/login.php:
- check for selected language
- set cookie if user selected non-default language
languages/language.php: (NEW FILE)
- list of supported languages
- language names taken from phpMyAdmin login form
common.php:
- include languages/language.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@280 a1433add-5e2c-0410-b055-b7f2511e0802
- encode_header(): made charset parameter optional, defaults to utf-8
- db_delete(): escape_string() $where and $delete
create-mailbox.php:
- always encode mail header and insert Content-Type etc. headers
(previous code never did this, $PALANG['charset'] is not set in any
language. so this code part was never used)
sendmail.php:
- always encode mail header and insert Content-Type etc. headers
(had the same bug as create-mailbox.php)
- merge GET and POST
These changes fix
http://sourceforge.net/tracker/index.php?func=detail&aid=1811214&group_id=191583&atid=937964
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@199 a1433add-5e2c-0410-b055-b7f2511e0802
- new function db_update ($table, $where, $values, $timestamp = array())
to update a database entry with the values given as array
- added optional $timestamp parameter to db_insert()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@184 a1433add-5e2c-0410-b055-b7f2511e0802
- added optional $ignore_errors parameter to db_query()
- db_query() now returns 'error' as additional key in the result array
- renamed $setup to $ignore_errors in db_connect()
- added fallback to $table_key to table_by_key()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@171 a1433add-5e2c-0410-b055-b7f2511e0802
- completely reworked HTML code in setup.php
- moved admin creation code from create_admin.php to functions.php,
function create_admin
- several related changes in functions.inc.php:
- use table_by_key() directly instead of the cached variables (which
are empty if config.inc.php was not read before functions.php)
- add an additional (optional) parameter $setup to db_connect, changed
many die(msg) calls to $error_message .= msg.
If $setup is given, the return value is array($link, $error_text)
instead of $link
- db_connect now checks for invalid $CONF['database_type']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@135 a1433add-5e2c-0410-b055-b7f2511e0802
Christian Boltz