This avoids that users get a 403 error (if DirectoryIndex is disabled)
or a directory listing after updating to 3.2.
This is what likely happened in
https://github.com/postfixadmin/postfixadmin/issues/30 (see the comment
from Apr 24, 2018)
- removed the $CONF['configured'] = 'I_know_the_risk_of_not_deleting_setup.php'
developer hack (no longer needed since setup.php requires a password)
- this also makes index.php redirecting to login.php again (the old check tested
for file_exists(setup.php)...)
common.php:
- removed a superfluous check for $CONF[setup_password] (see mailinglist for details)
config.inc.php:
- removed a small outdated comment
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@640 a1433add-5e2c-0410-b055-b7f2511e0802
Note: Developers can use
$CONF['configured'] == 'I_know_the_risk_of_not_deleting_setup.php'
to avoid deletion of setup.php after every "svn up".
WARNING:
THIS ALLOWS NON-AUTHENTIFICATED USERS TO CREATE SUPERADMIN ACCOUNTS!
Use this setting only on development systems, where the database is not
used by postfix.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@137 a1433add-5e2c-0410-b055-b7f2511e0802
Christian Boltz