postfixadmin

Commit Graph

Author	SHA1	Message	Date
David Goodwin	318ac048d5	psalm fixes	7 years ago
Aleksi Kinnunen	2df4348f09	Typo fix	7 years ago
Aleksi Kinnunen	48c19a1cbd	Combine encrypt CONF-keys Went through the old PR #25, updated the encrypt rounds/cost setting to be in the encrypt -configuration key as per suggestion from @cboltz	7 years ago
Aleksi Kinnunen	c1b5e66e27	Add missing global ... you should never edit with the GitHub web GUI, lazy me.	7 years ago
Aleksi Kinnunen	b676e8337f	Allow empty $CONF['encrypt_difficulty'] for defaults	7 years ago
Aleksi Kinnunen	9c2161a549	Added support for password generation cost/rounds $CONF["php_crypt_difficulty"], only for php_crypt:BLOWFISH, php_crypt:SHA256 and php_crypt:SHA512	7 years ago
David Goodwin	3754381f0e	Merge pull request #175 from racerxdl/master 'row' is a reserved word in MySQL 8.0	7 years ago
Lucas Teske	11f9680963	'row' is a reserved word in MySQL 8.0	7 years ago
Christian Boltz	2eb5a7ed60	simplify function_exists() checks for random_int() It's easier to define a compat function than to have function_exists() checks all over the code.	7 years ago
David Goodwin	b4849b8431	bump minimum db version	7 years ago
David Goodwin	4c6bcdbc39	update version	7 years ago
David Goodwin	5b7f4cda48	add phpdoc comments, default php_crypt hash to use SHA512 rather than MD5	7 years ago
David Goodwin	7282928e6d	update generate_password() to allow length to be specified; update test	7 years ago
Christian Boltz	a3feba7c73	change default for php_crypt to SHA512 (+ a few whitespace changes)	7 years ago
David Goodwin	b48f99d4c6	reformat (phpcs)	7 years ago
David Goodwin	e7f9d536d9	change default salt method with php_crypt	7 years ago
David Goodwin	f543c7d403	use random_int() if available	7 years ago
David Goodwin	7c0cb82be8	use random_int if it is available	7 years ago
snuggeman	11f0ceb615	added php_crypt scheme	7 years ago
David Goodwin	9a07772626	remove commented out echo	7 years ago
Christian Boltz	30c61e81b3	better comment for pacol() parameter	7 years ago
Lucas Teske	50ac4c7597	Fixed "Incorrect integer value: 'Array' for column" error in updates.	7 years ago
David Goodwin	d57aa46eb5	remove explode()	7 years ago
David Goodwin	2a1d8daeba	remove unused variables	7 years ago
David Goodwin	b79ad2ae28	composer format ...	7 years ago
David Goodwin	6446f3f6cc	split up pacrypt() into different functions; add some minimal test coverage	7 years ago
David Goodwin	6ed1527497	fix phpdoc	7 years ago
David Goodwin	cb34da4f46	phpcs reformat	7 years ago
David Goodwin	43a2493876	remove unused code.	7 years ago
David Goodwin	4dec9cd24e	refactor (reduce nesting)	7 years ago
David Goodwin	d088651fd6	Drop db_commit(), db_rollback(), db_begin() functions (unused).	7 years ago
David Goodwin	0b66cd6bd2	Do not try to db_escape() an SQL field.	7 years ago
David Goodwin	4e9d166765	use db_assoc() rather than db_array() as we're depending on an assoc array afterall.	7 years ago
David Goodwin	45a1073b97	change to use foreach($a as $k => $v) { ... }	7 years ago
David Goodwin	8ac94394cb	improve phpdoc	7 years ago
David Goodwin	e2b1233269	Use filter_var($x, FILTER_VALIDATE_EMAIL) as an extra check if we can in check_email(...)	7 years ago
David Goodwin	5e1855632a	allow local aliases - see #134	7 years ago
Adrien Crivelli	15df6c1d7b	Reformat everything with PHP-Cs-Fixer	7 years ago
David Goodwin	a320b67508	possible fix for issue in #112 - PostgreSQL does not like backticks (only do them for MySQL)	7 years ago
Christian Boltz	977f335a0f	Fix quoting in table_by_key() This fixes a regression introduced by https://github.com/postfixadmin/postfixadmin/pull/112 which became only visible when using a $CONF['database_prefix']	7 years ago
er1cs	7b8626ca81	Update functions.inc.php I found that Mysql 8 don't like table names without `` in requests. So i make changes in function table_by_key in functions.inc.php and in upgrade.php . Now it works. FreeBSD 11.1 Apache/2.4.29 (FreeBSD) PHP/7.1.11 Mysql 8	7 years ago
Lee Clemens	ebbd9025e4	Add support for MySQL connections over SSL	7 years ago
Sylvain Tissot	ffb84283c2	Harden password reset process The improvements are: - Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config - Redirect user to main page after password change using relative URL - Don't leak info whether user exists or has recovery info defined - Throttle password reset requests to prevent brute force attacks - Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled - Make database upgrade code compatible with other databases types - Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.	7 years ago
David Goodwin	4b999b3f6b	improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73	7 years ago
Sylvain Tissot	9c9ba64a7f	Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18	7 years ago
Christian Boltz	be5fafa9fb	changelog update etc. for 3.1 release	7 years ago
Christian Boltz	64f1593818	revert "support unicode domain names - see #47" Unicode support is a much bigger can of worms (see the discussion in #47), and having just a little part of unicode support in is a bad idea. You can of course use the xn--whatever notation for unicode domains ;-)	7 years ago
David Goodwin	a09a3fa3b0	support unicode domain names - see #47	8 years ago
Christian Boltz	88bd9bfd19	drop $db_conn parameter from escape_string() Connection caching is now done in db_connect() which is a much better place. This reverts most of `c253ef7dbd`	8 years ago
Christian Schrötter	846dcb756c	Remove unnecessary code	8 years ago

1 2 3 4 5 ...

279 Commits (299735773e624faf2f22be9b3bb61509a6d8377a)