The high-level db_*() functions (like db_update(), and also
_db_add_field() in upgrade.php) call table_by_key() internally, which
also means the unwrangled table name needs to be handed over to them.
If handing over an already table_by_key()'d table name, it gets modified
again and results in something like prefix_prefix_mailbox.
The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
- add support for list_header (like ":: Alias" in list-virtual)
PFAHandler:
- add empty default for $msg['list_header']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1776 a1433add-5e2c-0410-b055-b7f2511e0802
- assign(): additionally provide the unsanitized values as RAW_$key
PFAHandler.php:
- document 'html' field type (used for raw html), including a big warning
list.tpl:
- add handling to display raw html fields
This is a preparation to use the status markers with list.tpl without
introducing too big changes.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1775 a1433add-5e2c-0410-b055-b7f2511e0802
User-visible changes:
- alias domain list can be downloaded as CSV
- no more search highlighting for alias domains
list-virtual.php:
- expect $search to be an array
- change alias domain handling to use list.php instead of
list-virtual_alias_domain.tpl, and move some logic from the template
to list-virtual.php. (The template file is kept as list.tpl wrapper.)
- adopt mailbox and alias search to $search[_]
- adopt pagebrowser to $search[_]
list-virtual_alias_domain.tpl:
- replace custom output generation with {include 'list.php'} and some
variable assignments
PFAHandler.php:
- add $this->id_field to $this->msg (avoids another smarty template
variable)
configs/menu.conf:
- change input name to search[_]
list-virtual_alias.tpl, list-virtual_mailbox.tpl:
- adopt to $search[_] by setting $search in a backwards-compatible way
list.tpl:
- add special handling for aliasdomain.target_domain linking
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1773 a1433add-5e2c-0410-b055-b7f2511e0802
- build_select_query(): add support for $search['_'] (searching if one
of the $this->searchfields contains the search text)
- getList(): make sure '_' is kept in the search parameters
functions.inc.php:
- db_where_clause(): slightly relax checks - if $condition is empty,
only error out if $additional_raw_where is also empty
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1772 a1433add-5e2c-0410-b055-b7f2511e0802
- add protected $searchfields = array(); - list of fields to search by
default, if just a search term is given. This will be done with
$search['_'], but that code is not implemented yet.
- add $this->msg['show_simple_search'] (true if $searchfields is non-empty)
list.tpl:
- display search input box and search overview only if $searchfields is
not empty
AliasdomainHandler:
- add 'alias_domain' and 'target_domain' to $searchfields
MailboxHandler:
- add 'username' to $searchfields
AliasHandler:
- add 'address' and 'goto' to $searchfields
This effectively means that the search input box is no longer displayed
in list.php for admin, domain and fetchmail listings.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1770 a1433add-5e2c-0410-b055-b7f2511e0802
PFAHandler:
- add $msg['can_create'] (true by default)
DomainHandler:
- set $msg['can_create'] based on is_superadmin
list.tpl:
- display 'create' button only if $msg['can_create'] is true
Note: This is only an optical improvement, not a permission check.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1769 a1433add-5e2c-0410-b055-b7f2511e0802
- set(): if errormsg is set for a field, assume it's invalid (even if
the validator functions did not (or forgot to) return False)
In theory this should never happen, but it's a nice safety net against
programming errors in validator functions that don't have an explicit
return False;
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1768 a1433add-5e2c-0410-b055-b7f2511e0802
- add getPagebrowser() (returns an array of pagebrowser keys)
AliasHandler.php:
- change getList() to work with empty $condition
- add getPagebrowser() to filter out mailboxes
list-virtual.php:
- replace $alias_pagebrowser_query and the create_page_browser() call
with $handler->getPagebrowser()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1757 a1433add-5e2c-0410-b055-b7f2511e0802
- split off build_select_query() from read_from_db() as preparation for
using build_select_query() to generate the pagebrowser query
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1756 a1433add-5e2c-0410-b055-b7f2511e0802
- add support for 'b64p' fields (passwords stored base64-encoded)
as preparation to migrate fetchmail.php to FetchmailHandler
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1750 a1433add-5e2c-0410-b055-b7f2511e0802
- add $msg['confirm'] (confirmation message when attemping to delete an
item, displayed by list.php)
*.lang:
- add various confirm_delete_* texts needed by *Handler
- rename confirm_domain to confirm_delete_domain
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1749 a1433add-5e2c-0410-b055-b7f2511e0802
- read_from_db(), getList():
- add $searchmode parameter (_before_ $limit and $offset!) to be able to
use query different query modes, not only "="
- add a warning that $condition will be changed to array only in the future
- getList(): filter $condition for fields that are available to the user
to avoid information leaks by using search parameters
(filter is only applied if $condition is an array!)
functions.inc.php:
- db_where_clause():
- add $additional_raw_where parameter for additional query parameters
- add $searchmode parameter to be able to use query different
query modes, not only "=" (see $allowed_operators)
- check for allowed operators in $searchmode
- split query into WHERE and HAVING (if a parameter has
$struct[select] set, HAVING is used)
list-virtual.php:
- adopt getList() call to the new syntax
AliasHandler:
- adopt getList() definition and call to the new syntax
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1731 a1433add-5e2c-0410-b055-b7f2511e0802
- add $this->label_field and $this->label (defaults to $this->id_field
and $this->id) to allow nicer messages
- use $this->label in various messages
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1729 a1433add-5e2c-0410-b055-b7f2511e0802
Add $can_edit and $can_delete flags. This makes it possible to make
some, but not all items non-editable or non-deletable (based on a
database column/query or read_from_db_postprocess())
- add $can_edit and $can_delete
- after initStruct, check if $struct contains _can_edit and _can_delete.
If not, fill with default values (allowed)
- init(): set $this->can_edit and $this->can_delete (only in view/edit mode)
- set(): abort if !$this->can_edit
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1716 a1433add-5e2c-0410-b055-b7f2511e0802
- automatically skip quot, vnum and vtxt fields in store()
(as if dont_write_to_db == 1)
- document new field types vtxt and quot and mark field types that will
never be stored in db
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1713 a1433add-5e2c-0410-b055-b7f2511e0802
- add validation for "enma" field type - list of options, must be given
in column "options" as associative array (value => displayed value)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1711 a1433add-5e2c-0410-b055-b7f2511e0802
- displays the database scheme (for usage in upgrade.php)
PFAHandler:
- add "Scheme" to the list of available tasks
postfixadmin-cli.php:
- add "scheme" to help
This is the first patch of a series sponsored by
Bund der Deutschen Landjugend (german rural youth)
http://bdl.landjugend.info/
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1710 a1433add-5e2c-0410-b055-b7f2511e0802
fix logging - log the domain instead of $this->id
- add protected $domain (used for logging)
- add function domain_from_id()
- http://sourceforge.net/p/postfixadmin/bugs/317/
AliasHandler.php:
- add function domain_from_id()
MailboxHandler.php:
- add function domain_from_id()
- init(): use $this->domain instead of splitting $this-id again
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1684 a1433add-5e2c-0410-b055-b7f2511e0802
- use prefill values from $_SESSION (if not provided in GET/POST)
- remember prefill values for next usage of the form
list-virtual.php
- set prefill values for edit.php
PFAHandler.php:
- let prefill() store the value in $struct if no prefill_$field()
function exists
This fixes the remaining parts of
http://sourceforge.net/p/postfixadmin/bugs/298/
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1594 a1433add-5e2c-0410-b055-b7f2511e0802
- new function db_pgsql() to replace lots of
"if ($CONF[database_type] == 'pgsql')) checks
- delete unused function boolconf()
several files:
- use db_pgsql() instead of checking $CONF[database_type]
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1582 a1433add-5e2c-0410-b055-b7f2511e0802
model/CliHelp.php:
- new class, used for "postfixadmin-cli $module help"
- replaces the PostfixAdmin* classes in scripts/shells/*.php
model/PFAHandler.php
- add public $taskNames with the list of supported CLI commands
scripts/postfixadmin-cli.php - dispatch():
- directly set the classes to load instead of using shell->loadTasks()
- when "postfixadmin-cli $module" is called, display help instead of
error message about "invalid command ''"
- make it more readable by moving error checks to the beginning
(replaces deeply nested if's with return statements)
- remove unused code parts
scripts/shells/*.php:
- remove PostfixAdmin* classes (obsoleted by CliHelp)
- remove $tasks (now in PFAHandler)
- delete alias.php and domain.php because nothing is left
- mailbox.php still contains PasswordTask
scripts/shells/shell.php:
- remove $taskNames (moved to PFAHandler)
- remove loadTasks() (integrated in postfixadmin-cli.php's dispatch())
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1575 a1433add-5e2c-0410-b055-b7f2511e0802
- make error messages in _inp_*() translateable
- make date format in SQL "translateable"
*.lang:
- add the texts needed for the changes listed above
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1556 a1433add-5e2c-0410-b055-b7f2511e0802
found out that the 'Config' class is too static - it shares its static
data with the 'Lang' child class.
This caused a conflict because we have $CONF[transport] and
$PALANG[transport], and Config::read('transport') returned the $PALANG
text.
To fix this, all texts are now stored as $CONF[__LANG].
I also dropped the 'Lang' class.
model/Config.php:
- mark the 'Config' class as final to ensure we don't trap into the
"too static" problem again.
- bool(): display and log an error message if a $CONF option does not
contain YES or NO (that would have uncovered this bug much earlier)
- add lang() and lang_f() wrapper functions to get $PALANG texts
- remove unused $__cache and $__objects
model/Lang.php:
- deleted
common.php:
- store $PALANG as $CONF[__LANG]
lots of files:
- replace Lang::read() and Lang::read_f() calls with Config::lang()
and Config::lang_f()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
- getList: change return value to be always true (even if the database
result is an empty array), and die() if the database result is not an
array.
This avoids some if blocks in various files to implement a fallback
to array() on empty results.
functions.inc.php:
- list_admins(): simplify after the *Handler->getList() change
- get_domain_properties(): change a forgotten $handler->return to
$handler->result() (follow-up for r1534)
list-domain, list-virtual.php:
- simplify after the *Handler->getList() change
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1535 a1433add-5e2c-0410-b055-b7f2511e0802