The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
login.php, users/login.php:
- set logintype=admin/user smarty variable
- cleanup: move smarty assignments outside of GET/POST handling - it's
the same for both
users/login.php:
- do not pre-fill username on failed login
templates/login.tpl:
- merge in users_login.tpl
- add some {if} to handle the differences between admin and user login
templates/users_login.tpl:
- deleted
*.lang:
- mark pUsersLogin_username, pUsersLogin_password, pUsersLogin_language
and pUsersLogin_button as obsolete
- add some notes if pLogin_* and pUsersLogin differ
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1137 a1433add-5e2c-0410-b055-b7f2511e0802
- changed <h4> to <th>
- mark labels with <label>
- added a label to the language selector
- removed tMessage
languages/*:
- added PALANG[pLogin_language]
changes compared to Dale's patch:
- users_login.tpl:
- do not add the <div class="field_container"> ... </div> wraps
- use PALANG[pLogin_language] instead of PALANG[pUsersLogin_language]
to avoid a superfluous string/translation
- login.tpl:
- removed wrong colspan for language selector and login button
- de.lang: added german translation for PALANG[pLogin_language]
This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1089 a1433add-5e2c-0410-b055-b7f2511e0802
- hand over $search to smarty templates
templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting
templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
(was displayed once per mailbox alias target)
css/default.css:
- add style for ".searchresult"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
Sylvain Tissot