Commit Graph

30 Commits (532712303a40b0bd72337cdfa437a9e96e6bd66d)

Author SHA1 Message Date
Christian Boltz 69b3df10e4 config.inc.php
- new config option $CONF['password_validation'] - array with regular
  expressions to check if a password is valid/good enough.
  The default configuration enforces:
  - minimum length 5 characters/digits/whatever
  - at least 2 characters
  - at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
  $CONF['password_validation']

functions.inc.php
- new function validate_password to check a given password against
  $CONF['password_validation']
- generate_password: generated password is always 8 chars long
  (instead of $CONF['min_password_length'])

edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']

This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 9f2a0db106 create_admin() cleanup
functions.inc.php:
- create_admin(): use db_insert instead of INSERT queries
  (this includes automatic escaping of all values)

create-admin.php:
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- remove superfluous emptying of empty $tDomains for GET
- allow htmlentities-escaping for pAdminCreate_admin_username_text
- some whitespace / linebreak changes

setup.php:
- load config.inc.php only once (loading it twice will break if custom
  hook functions exist in config.*.php - "can't redefine function ...")
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- escape $tUsername with htmlentities() instead of escape_string



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1190 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 5fdb814ca4 setup.php:
- renamed $tMessage to $setupMessage

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1078 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz d0327cbbc7 setup.php:
- make check for $CONF['configured'] more strict (=== instead of ==)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@976 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4c912f1da8 list-virtual.php:
- hand over $search to smarty templates

templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting

templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
  (was displayed once per mailbox alias target)

css/default.css:
- add style for ".searchresult"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Sebastian e701d6e756 - improved error message of setup.php
- Use $incpath in setup.php to make sure nobody is doing evil things

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@763 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian cf40467570 - accidentially deleted header.php. Needed for setup
- add some error checks.

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@759 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 562ab4dc14 setup.php:
- define('POSTFIXADMIN') to avoid session_start() call in common.php
  This avoids breakage if php5-session is not installed. Fixes
  https://sourceforge.net/tracker/?func=detail&aid=2855430&group_id=191583&atid=937964

common.php
- only define('POSTFIXADMIN') if it is not yet defined (avoids a warning)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@733 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 5ec73b7044 setup.php:
- added form to create setup password hash. It will be displayed if
  a) no setup password is defined yet
  b) the "lost password" link was clicked
- moved checks for empty and too short passwort into check_setup_password()
- added an optional $lostpw_mode parameter to check_setup_password() which
  causes slightly different behaviour (enforces generation of new hash, even
  if the password would match)
- changed check_password_setup() return value to array($error, $message)
- moved displaying $tMessage above the form - it is more useful there.
- removed "see config.inc.php" notice from password field in "create superadmin" 
  form - this hint doesn't help much with the hashed password ;-)
- TODO: The if statements to decide which form to display is quite difficult
  (and will become unreadable in case we need another form ;-)
  We should think about a better way to select the form to display...
  (maybe flash_error / flash_info + redirect?)

upgrade.php:
- added missing <p> tag


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@648 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin c4c88ccabb setup.php: remove duplication of error message ...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@633 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz 05e832ca8c setup.php:
- setup_password is now checked against a hashed value instead of plain text
- setup.php will display the hash value of the entered password if it 
  doesn't match - copy&paste ready to include in config.inc.php. 
  No need to compute the password hash yourself ;-)
- see generate_setup_password_salt(), encrypt_setup_password() and
  check_setup_password() for details how the password hashing works.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@629 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz ac26b96152 setup.php:
- remove "define('POSTFIXADMIN', 1)" and inclusion of en.lang - this is 
  already done by common.php (used since r616).
  This fixes a "already defined" warning.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@623 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin e4498461ba setup.php: reindent; require setup_password before it will add an admin user
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@616 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin f22ac38db3 require php5
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@576 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz 11c39af699 - added/fixed vim: lines to nearly all *.php files (exception: templates/*)
(ts=3 or ts=4 depending on the file content)
- several whitespace fixes
- (no code changes)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@566 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 43cfa0136f try to be more helpful
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@523 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 2e2ae0c36b setup.php: fix table_by_key issue for domain table
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@489 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz d81a199597 setup.php:
- check if imap_open is available. If not, print a warning.
  This was indirectly ;-) requested in
  https://sourceforge.net/forum/forum.php?thread_id=2071718&forum_id=676076


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@379 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz c9e613c1e5 setup.php:
- remove warning that apache version can't be detected when running on
  another webserver software
  https://sourceforge.net/tracker/index.php?func=detail&aid=1865122&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@370 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin 45ee01a551 setup.php - call upgrade.php to undertake DB upgrade/table creation as necessary (revert previous change to $CONF[configured] too)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@328 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz ba0c3780b4 setup.php:
- added hardcoded $CONF['theme_logo'] and $CONF['theme_css'] to fix the 
  layout


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@320 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz 88c3246764 setup.php:
- added check for $CONF['configured']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@289 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz d821e03b93 setup.php:
- added check for multibyte string extension (mb_encode_mimeheader)
- added note that Apache version check failure can be ignored if another
  webserver is used


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@268 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz 9ef961a770 setup.php:
- added missing define('POSTFIXADMIN', 1);
  https://sourceforge.net/forum/message.php?msg_id=4660403


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@258 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin 39953d029d rename templates to .php instead of .tpl
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@250 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin ef7b6f0925 setup.php: try and make sure the "ALL" domain exists to start with when creating the super admin user; fix html so li elements are closed
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@180 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz 2d65b8b858 - setup.php now has a "create superadmin" form
- completely reworked HTML code in setup.php
- moved admin creation code from create_admin.php to functions.php,
  function create_admin
- several related changes in functions.inc.php:
  - use table_by_key() directly instead of the cached variables (which
    are empty if config.inc.php was not read before functions.php)
  - add an additional (optional) parameter $setup to db_connect, changed
    many die(msg) calls to $error_message .= msg.
    If $setup is given, the return value is array($link, $error_text)
    instead of $link
  - db_connect now checks for invalid $CONF['database_type']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@135 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin dc51d62e15 update license headers
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@107 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin 68511080ff setup.php: setting magic quotes off should be the ideal setting
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@66 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Mischa Peters 85dc57beee Initial Import in SourceForge
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago