- added form to create setup password hash. It will be displayed if
a) no setup password is defined yet
b) the "lost password" link was clicked
- moved checks for empty and too short passwort into check_setup_password()
- added an optional $lostpw_mode parameter to check_setup_password() which
causes slightly different behaviour (enforces generation of new hash, even
if the password would match)
- changed check_password_setup() return value to array($error, $message)
- moved displaying $tMessage above the form - it is more useful there.
- removed "see config.inc.php" notice from password field in "create superadmin"
form - this hint doesn't help much with the hashed password ;-)
- TODO: The if statements to decide which form to display is quite difficult
(and will become unreadable in case we need another form ;-)
We should think about a better way to select the form to display...
(maybe flash_error / flash_info + redirect?)
upgrade.php:
- added missing <p> tag
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@648 a1433add-5e2c-0410-b055-b7f2511e0802
- setup_password is now checked against a hashed value instead of plain text
- setup.php will display the hash value of the entered password if it
doesn't match - copy&paste ready to include in config.inc.php.
No need to compute the password hash yourself ;-)
- see generate_setup_password_salt(), encrypt_setup_password() and
check_setup_password() for details how the password hashing works.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@629 a1433add-5e2c-0410-b055-b7f2511e0802
- remove "define('POSTFIXADMIN', 1)" and inclusion of en.lang - this is
already done by common.php (used since r616).
This fixes a "already defined" warning.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@623 a1433add-5e2c-0410-b055-b7f2511e0802
- added check for multibyte string extension (mb_encode_mimeheader)
- added note that Apache version check failure can be ignored if another
webserver is used
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@268 a1433add-5e2c-0410-b055-b7f2511e0802
- completely reworked HTML code in setup.php
- moved admin creation code from create_admin.php to functions.php,
function create_admin
- several related changes in functions.inc.php:
- use table_by_key() directly instead of the cached variables (which
are empty if config.inc.php was not read before functions.php)
- add an additional (optional) parameter $setup to db_connect, changed
many die(msg) calls to $error_message .= msg.
If $setup is given, the return value is array($link, $error_text)
instead of $link
- db_connect now checks for invalid $CONF['database_type']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@135 a1433add-5e2c-0410-b055-b7f2511e0802