Commit Graph

314 Commits (018f5d9e05d355d874dc06b5efda27b896ead022)

Author SHA1 Message Date
Christian Boltz 5bc85bec44
fix error message in Config::read_array(() 6 years ago
David Goodwin 570972944d Merge remote-tracking branch 'origin/master' into feature-try-pdo 6 years ago
David Goodwin 5d47b85b9d remove attribute that is in parent class 6 years ago
David Goodwin 020343999a
Merge pull request #221 from SuperVirus/fetchmail_different_source_port
Allow different port for fetchmail
6 years ago
David Goodwin 803e2342f8 fix psalm issues; reformat; rename new db functions 6 years ago
David Goodwin 1176c9ce78 reformat; fix some transition bugs 6 years ago
David Goodwin ea33d9951a try migrating to pdo 6 years ago
David Goodwin d78fb1fbbd move to Shell 6 years ago
David Goodwin e5cacbec90 add missing attribute 6 years ago
David Goodwin 4fcdba9cf4 run php-cs-fixer (code reforamt) 6 years ago
David Goodwin 19cda31849 remove psalm warnings from code; fix password_expiry behaviour when enabled/disabled on MySQL 6 years ago
David Goodwin 74002bbf57 psalm fixes 6 years ago
David Goodwin 173d5775cd psalm fixes 6 years ago
Christoph 'SuperVirus' Heitkamp d35e66808b Allow different port for fetchmail 6 years ago
David Goodwin 69e234f668
Merge pull request #200 from doktoil-makresh/master
Support for password expiration, managed in PostFix Admin
6 years ago
David Goodwin afd418675c pointless comment 6 years ago
David Goodwin 77d1b6c2e7 rename sql fields to just have mailbox.password_expiry and domain.password_expiry 6 years ago
Damien Martins ce60b9fa59 Now password expiration is managed through Postfix Admin GUI 6 years ago
Damien Martins e786609aa9 Adding support for password expiration. Please read README.password_expiration for more details 6 years ago
David Goodwin 76ee147375 phpdoc fix 7 years ago
David Goodwin ec085b668b missing class property 7 years ago
David Goodwin 9c0e1dd575 phpdoc fixes 7 years ago
David Goodwin c44e82cc2d phpdoc fix 7 years ago
David Goodwin b48f99d4c6 reformat (phpcs) 7 years ago
David Goodwin 94f05bf9e4 switch to store $config internally within an array 7 years ago
Christian Boltz 24ad5cc3d8
Set $reset_by_sms even if password reset is disabled
... to avoid an "undefined variable" warning
7 years ago
Christian Boltz 3f1866d041
display phone number field only if $CONF[sms_send_function] is set
Without a way to send a SMS, asking users for their mobile number is
pointless.
7 years ago
Christian Boltz cdf3c9acb9
initStruct(): use multiopt for 'id' 'dont_write_to_db'
This also means we can drop the 0 for not_in_db because this is the
default.
7 years ago
Christian Boltz d2588a4de2
Fix phpcs whitespace breakage in initStruct etc. 7 years ago
Christian Boltz 12c4a4f29e
move shells/shell.php to model/Shell.php
... and drop a few lines in postfixadmin-cli.php that became superfluous
by this move (thanks autoloader!)
7 years ago
Christian Boltz 500c847fe0
re-add lost comment 7 years ago
Christian Boltz 91c07c9eae
VacationHandler: re-enable and fix code in validate_new_id()
Note that vacation.php doesn't use this function yet, so it's not
surprising that users didn't notice the broken code.
7 years ago
David Goodwin 4fb4d406ee phpdoc; disable function init() - seems invalid 7 years ago
David Goodwin fef2591335 phpdoc fixes 7 years ago
David Goodwin cb34da4f46 phpcs reformat 7 years ago
David Goodwin 152975d05c move to use db_assoc() rather than db_array() (code assumes assoc. array) 7 years ago
David Goodwin 5e1855632a allow local aliases - see #134 7 years ago
Adrien Crivelli 15df6c1d7b
Reformat everything with PHP-Cs-Fixer 7 years ago
Christian Boltz 8fb67e6fbf
Fix broken table names caused by doubled table_by_key() calls
The high-level db_*() functions (like db_update(), and also
_db_add_field() in upgrade.php) call table_by_key() internally, which
also means the unwrangled table name needs to be handed over to them.
If handing over an already table_by_key()'d table name, it gets modified
again and results in something like prefix_prefix_mailbox.
7 years ago
houmingtao 5f1ac12d72 use current time as default token_validity value 7 years ago
root 4670182d79 fix invalid value for token_validity 7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Christian Boltz a366654757
Better use Config::Lang instead of global $PALANG 8 years ago
David Goodwin 8508b8e119 global PALANG 8 years ago
Christian Boltz 80d381f644 Make VacationHandler compatible with MySQL strict mode again
The MySQL database layout includes a 'cache' column for historical
reasons, the PostgreSQL database never did.

r1883 removed the 'cache' column from VacationHandler to unbreak
PostgreSQL, and at the same time broke MySQL in strict mode.

This patch re-adds the 'cache' column only for MySQL to fix this
regression.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1890 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Jan-Frederik Rieckers 800f07816a
Fix wrong way of check for can_delete 8 years ago
Jan-Frederik Rieckers 7bb36d0bbc
Fix security hole in AliasHandler
Without this fix it is possible to delete a protected alias via editing
the request parameter of the alias to delete.
8 years ago
David Goodwin 2f2db5949a fix date formatting in non-english languages, thanks to uz@musoftware.de
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1884 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin bd8e0e3ae3 apparently dead columns - thanks to uz@musoftware.de
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1883 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago