- 'itemkey' escaping again. I found another corner case that was broken
with |escape:"html". Therefore switch to the exact htmlentities() call
that we use in smarty.inc.php.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1827 a1433add-5e2c-0410-b055-b7f2511e0802
- getting the key from $RAW_item.$id_field turned out to be broken in
corner cases, leading to empty output. The better (and simpler) fix is
to just let the foreach loop set 'itemkey'.
- the example for special handling of a specific table and field
contained a superfluous </tr>
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1826 a1433add-5e2c-0410-b055-b7f2511e0802
list-virtual and viewlog were the last users of select_options()
smarty.inc.php:
- drop (now unused) select_options()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1822 a1433add-5e2c-0410-b055-b7f2511e0802
- base edit, editactive and delete links on $RAW_item to avoid double
escaping ($items is already html-escaped, and we url-escape it for
links). This fixes the remaining part of
http://sourceforge.net/p/postfixadmin/bugs/356/
- simplify displaying "html" fields by using $RAW_item. This also fixes
problems with funny[tm] item names that differ when html-encoded (like
the ' char)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1812 a1433add-5e2c-0410-b055-b7f2511e0802
- gen_show_status(): escape mail addresses in query.
Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
(mostly - the edit/delete/... links in list-virtual are double-escaped)
In theory this could allow SQL injection, in practise the mail address
regex limits this issue to a DOS (creating a mail address with ' caused
an invalid query that broke list-virtual)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.
Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
- after creating a superadmin, display a note that the setup is done and
it's possible to login now (idea by t-ask on IRC)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1788 a1433add-5e2c-0410-b055-b7f2511e0802
Pale Purple Ltd