Commit Graph

1565 Commits (431bd3d8108bd3477bb3968be25e53880b67cee2)
 

Author SHA1 Message Date
Christian Boltz 431bd3d810 rename session cookie
With the default PHPSESSID cookie name, there are some rare (and hard to
debug) cases that break logging in if a different application on the
domain also uses a PHPSESSID cookie. See
https://sourceforge.net/p/postfixadmin/bugs/314/ for details.

Using 'postfixadmin_session' as cookie name should fix this.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1846 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 1d76c5af88 VacationHandler: Fill 'cache' field on INSERT
The 'cache' field is a leftover from PostfixAdmin 2.2 and unused (except
if someone still uses an ancient vacation.pl). However, MySQL in strict
mode errors out if isn't included in INSERTs because it doesn't have a
default value.

Fixes https://sourceforge.net/p/postfixadmin/bugs/345/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1845 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 98659f4005 translate several german texts
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1844 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 694d13f6db delete suprefluous whitespace
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1843 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 52a7df2b3a Add CSRF protection for POST requests
Add the CSRF token to all forms, and validate it when those forms are
submitted.

https://sourceforge.net/p/postfixadmin/bugs/372/



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1842 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 2bed4110a5 update Smarty to 3.1.29
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1841 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 54603b0968 reforamt cli commands; update code to php v5 syntax; remove regexp and use filter_var for email validation; use private/protected/public
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1840 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a00e8a811d functions.inc.php:
- check_domain(): someone had the great idea to allow punicode
  even in TLDs, so we better allow it.
  https://sourceforge.net/p/postfixadmin/feature-requests/93/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1839 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a0151bd5a1 functions.inc.php:
- pacrypt(): don't stripslashes($pw) because this breaks passwords with
  backslashes. This stripslashes() existed since forever, but probably
  became harmful with all the rewrites in the last years.
  https://sourceforge.net/p/postfixadmin/bugs/349/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1838 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 5dac4295a4 postfixadmin-cli.php:
- whitelist '-1' as valid value instead of misinterpreting it as option
  https://sourceforge.net/p/postfixadmin/bugs/369/
- don't remove quote chars (") from parameter values


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1837 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 8ad849e7b6 default.css:
- set z-index 101 for submenus to ensure quota usage bars don't hide them


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1836 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 336d7a8e28 upgrade.php:
- change default date for 'created' and 'updated' columns from
  0000-00-00 (which causes problems with MySQL strict mode) to
  2000-01-01. This is done with a new {DATETIME} marker to reduce
  code duplication.
- add upgrade_1835_mysql() to apply the same change to existing
  databases

This fixes
  https://sourceforge.net/p/postfixadmin/bugs/5/ and
  https://sourceforge.net/p/postfixadmin/bugs/373/
(which are effectively duplicates)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1835 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9335232024 functions.inc.php:
- fix db_quota_text() for postgresql (concat() vs. ||)
  https://sourceforge.net/p/postfixadmin/bugs/370/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1834 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a46720c8c8 config.inc.php:
- add more detailed notes about unsupported dovecot:* encryption types
  (after hunting them down with r00t^2 on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1833 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz ac43e1ad2a update changelog with changes up to r1830
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1831 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 6ee6574076 include_once(config.local.php) instead of include()ing it
This should avoid problems with endless include loops like in
https://sourceforge.net/p/postfixadmin/bugs/367/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1830 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 530c489ec4 editform.tpl:
- add {if} block for description column to make customization for
  special fields/cases easier


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1829 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a9bb4b83ad cs.lang:
translation update by updated by Jan Laufik (jlaufik @ sf)
https://sourceforge.net/p/postfixadmin/patches/130/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1828 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 2102c1baa8 list.tpl:
- 'itemkey' escaping again. I found another corner case that was broken
  with |escape:"html". Therefore switch to the exact htmlentities() call
  that we use in smarty.inc.php.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1827 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 48dde6468a list.tpl:
- getting the key from $RAW_item.$id_field turned out to be broken in
  corner cases, leading to empty output. The better (and simpler) fix is
  to just let the foreach loop set 'itemkey'.
- the example for special handling of a specific table and field
  contained a superfluous </tr>




git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1826 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 80e99e1b54 tw.lang language update by Wally LEE <Wally @SF>
https://sourceforge.net/p/postfixadmin/bugs/362/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1825 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz b261db86c7 Merge pull request #9 from phyrog/master
Add sqlite backend option (thank you @phyrog for doing this)

(imported from github)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1824 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 4b37a249c7 remove incorrect advice; see bug report:359
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1823 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz ba46282f92 use smarty html_options instead of select_options()
list-virtual and viewlog were the last users of select_options()

smarty.inc.php:
- drop (now unused) select_options()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1822 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 96a89889a2 apparently a typo - thanks marcin-github - see d93c56e34a
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1821 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d1dad8a31c merge patch from 54a77ecb9c - thanks lisergey - encode message body with wide-chars UTF8
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1820 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 085e7e4bfb list.tpl:
- base edit, editactive and delete links on $RAW_item to avoid double
  escaping ($items is already html-escaped, and we url-escape it for
  links). This fixes the remaining part of
  http://sourceforge.net/p/postfixadmin/bugs/356/
- simplify displaying "html" fields by using $RAW_item. This also fixes
  problems with funny[tm] item names that differ when html-encoded (like
  the ' char)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1812 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 680e96b590 list-virtual_alias_domain:
- also assign RAW_items (from $RAW_tAliasDomains)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1811 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 129a65b8c5 functions.inc.php:
- gen_show_status(): escape mail addresses in query.
  Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
  (mostly - the edit/delete/... links in list-virtual are double-escaped)
  In theory this could allow SQL injection, in practise the mail address
  regex limits this issue to a DOS (creating a mail address with ' caused
  an invalid query that broke list-virtual)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz dd652974e0 refresh debian/patches/db_credentials
Also update the changelog once more - let's hope this is really the
beta3 release now ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1801 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9636fe9de3 3.0 beta3 (= 2.93) release - update $version and changelog
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1799 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin dbc8204ab1 try and support older versions of PHP (e.g 5.3) which do not support closures etc
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1798 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 2a0720d93c fix https://sourceforge.net/p/postfixadmin/bugs/320/ - allow mariadb to be used instead of mysql
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1797 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz c9b43879de config.inc.php:
- mention MariaDB as another option for 'mysqli' database type
  https://sourceforge.net/p/postfixadmin/feature-requests/103/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1796 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 73ffaad7e8 upgrade.php:
- change fetchmail.date from DATECURRENT to date
  https://sourceforge.net/p/postfixadmin/bugs/351/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1795 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz faed3a47d3 Changelog update (up to r1793)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1794 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz d401139d24 sv.lang translation update
by Thomas Karlsson, https://sourceforge.net/p/postfixadmin/patches/128/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1793 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 9c022f7e01 merge patch from https://sourceforge.net/p/postfixadmin/bugs/347/ (thank you Eugene Grosbein) - explictly set session_cache_limiter to nocache
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1792 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin 15648b7d1c merge in from github - thanks to marcin-github
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1791 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 5307cfe48a functions.inc.php check_domain():
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.

Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
David Goodwin 1cca7bf54a a2b8705ad4 (git pull request from smeinecke - typo fix
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1789 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 7a873cc22a setup.php:
- after creating a superadmin, display a note that the setup is done and
  it's possible to login now (idea by t-ask on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1788 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz a89bd5f573 config.inc.php:
- remove unused $CONF['users_domain_controle'] 



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1787 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 7f87d130d7 upgrade.php:
- split upgrade_1763() into mysql and pgsql versions because pgsql
  doesn't support SUBSTRING_INDEX
  (reported by darix on IRC)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1786 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz b3750272e4 postfixadmin2.xcf:
- add white background for the mailbox (as separate layer)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1785 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 3640a1b804 postfixadmin-cli.php:
- add fetchmail to module list


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1784 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz c837eac20a DomainHandler:
- initStruct(): in 'aliases_quot' and '_aliases_quot_percent', use
  coalesce(__mailbox_count,0) - without, we always get _0_ aliases if
  a domain doesn't have mailboxes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1783 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz e14bb9038e editactive.php:
- drop unused $values
- some whitespace fixes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1782 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 23bdd02dcb broadcast-message.php, sendmail.php, MailboxHandler, *.lang:
- include mailbox name in pSendmail_result_error and
  pSendmail_result_success



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1781 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago