- require token for CSRF protection, see
https://sourceforge.net/p/postfixadmin/bugs/269/
login.php, users/login.php:
- create token and store it in $_SESSION
templates/*:
- add token to all delete.php links
templates/list-virtual_alias_domain.tpl:
- change delete confirmation dialog to contain "from->target"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1564 a1433add-5e2c-0410-b055-b7f2511e0802
- use *Handler for deletion
(which also means delete.php only has 17 lines of code now - 130 lines
less than before :-)
templates/list-virtual_*.tpl:
- remove now superfluous "domain" parameter in delete.php link
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1563 a1433add-5e2c-0410-b055-b7f2511e0802
- rewrite and simplify delete()
- also cleanup fetchmail, quota and quota2 tables
AliasHandler.php:
- update delete() to match the workflow in other classes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1562 a1433add-5e2c-0410-b055-b7f2511e0802
- make error messages in _inp_*() translateable
- make date format in SQL "translateable"
*.lang:
- add the texts needed for the changes listed above
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1556 a1433add-5e2c-0410-b055-b7f2511e0802
- remove unused $CONF['usercontol'] which leaked in with an unrelated
patch in r1374
- fixed some typos in comments
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1551 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): remove description for current password - it doesn't
exist in $PALANG and we don't really need a description here
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1550 a1433add-5e2c-0410-b055-b7f2511e0802
- call Config::write() earlier, because check_language() uses it
- later add $PALANG with Config::write(__LANG)
Thanks to <controlcde> for reporting the results of this bug on IRC
(even if I had to hunt it down to find the reason ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1548 a1433add-5e2c-0410-b055-b7f2511e0802
- move header() calls from index.tpl to smarty.inc.php, which means
we no longer need to use SmartyBC class
- use Smarty instead of SmartyBC class
- eval_size(): use Config::Lang instead of $PALANG
templates/header.tpl:
- move header() calls to smarty.inc.php, and drop {php} usage
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1544 a1433add-5e2c-0410-b055-b7f2511e0802
- use AdminHandler to find out if the logged in user is a superadmin
- add hint about config.local.php in "unconfigured" warning
- move some lines around to match users/login.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1543 a1433add-5e2c-0410-b055-b7f2511e0802
- move "unmaintained" warning to templates/backupwarning.tpl (that's
the easiest way to have working HTML tags)
- remove <p> tag from pgsql error message
templates/backupwarning.tpl
- new file, contains the "unmaintained" warning for backup.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1542 a1433add-5e2c-0410-b055-b7f2511e0802
found out that the 'Config' class is too static - it shares its static
data with the 'Lang' child class.
This caused a conflict because we have $CONF[transport] and
$PALANG[transport], and Config::read('transport') returned the $PALANG
text.
To fix this, all texts are now stored as $CONF[__LANG].
I also dropped the 'Lang' class.
model/Config.php:
- mark the 'Config' class as final to ensure we don't trap into the
"too static" problem again.
- bool(): display and log an error message if a $CONF option does not
contain YES or NO (that would have uncovered this bug much earlier)
- add lang() and lang_f() wrapper functions to get $PALANG texts
- remove unused $__cache and $__objects
model/Lang.php:
- deleted
common.php:
- store $PALANG as $CONF[__LANG]
lots of files:
- replace Lang::read() and Lang::read_f() calls with Config::lang()
and Config::lang_f()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
- getList: change return value to be always true (even if the database
result is an empty array), and die() if the database result is not an
array.
This avoids some if blocks in various files to implement a fallback
to array() on empty results.
functions.inc.php:
- list_admins(): simplify after the *Handler->getList() change
- get_domain_properties(): change a forgotten $handler->return to
$handler->result() (follow-up for r1534)
list-domain, list-virtual.php:
- simplify after the *Handler->getList() change
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1535 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): set default for 'goto' to empty array()
This fixes a problem with the cli when --goto was not specified
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1530 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt(), dovecot:* method:
- allow "." in dovecot method (to allow a suffix like ".b64")
- blacklist SCRAM-SHA-1 (needs -u)
- check against list of non-salted methods to be backward compatible
with dovecot < 2.1 again
Thanks to Szilagyi Jozsef <szjozsef AT yahoo DOT com> for providing
the list of non-salted methods etc.
functions.inc.php, scripts/postfixadmin-cli.php:
- drop unused global variables $table_admin and $table_alias_domain
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1529 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt: digest-md5 hashes include the username - until someone
implements it, let's declare it as unsupported and error out
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1525 a1433add-5e2c-0410-b055-b7f2511e0802
- pacrypt(): some small changes after Szilagyi Jozsef's patch:
- comment out unused $crypt_method
- change $dovecotpw default to "doveadm pw" (unrelated to the patch)
- set $dovepasstest to "-t $pw_db" instead of having two similar
command lines, and also shellescapearg() $pw_db
- use "if (empty($dovepasstest))" instead of "if (empty($pw_db))"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1524 a1433add-5e2c-0410-b055-b7f2511e0802
doveadmin pw now has an option "-t $hash" which allows to verify
salted passwords (added in dovecot 2.1 AFAIK)
Also, the {METHOD} part is no longer removed.
Patch by Szilagyi Jozsef <szjozsef [at] yahoo.com> - thanks!
(The schemes which requires also the username -u option is still not supported)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1523 a1433add-5e2c-0410-b055-b7f2511e0802
ADDITIONS/fetchmail.pl
- add sslcertck, sslcertpath and sslfingerprint to fetchmail config
- some whitespace fixes
fetchmail.php
- add sslcertck, sslcertpath, sslfingerprint fields
(sslcertpath and sslfingerprint require $CONF[fetchmail_extra_options]
because they don't have input validation)
languages/*.lang
- add new texts needed for the added fields
templates/fetchmail.tpl:
- add the new fields
- also add extra_options and mda fields - they were not displayed yet
upgrade.php
- fix _db_add_field() to call _db_field_exists() with correct table name
- upgrade_1519(): add sslcertck, sslcertpath, sslfingerprint fields to the
fetchmail table
Most parts of this commit are based on the work of Lars Engelhard
(modified files sent on the mailinglist 2013-07-30)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1519 a1433add-5e2c-0410-b055-b7f2511e0802
- create_mailbox_subfolders(), check_quota():
use class variables instead of parameters
- create_mailbox_subfolders(): remove check for empty $this-id - this can
never happen because it would fail much earlier in the class
- check_quota(), allowed_quota(), mailbox_post_script(),
create_mailbox_subfolders(): mark as protected
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1517 a1433add-5e2c-0410-b055-b7f2511e0802
- new function mailbox_post_script()
- result of merging mailbox_postcreation() and mailbox_postedit(),
replaces those two functions
- drop all parameters, read them from class variables instead
- store warn message in $this->errormsg[] instead of using print
- changed function calls to use mailbox_post_script()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1516 a1433add-5e2c-0410-b055-b7f2511e0802
- check_quota ()
- allowed_quota()
- mailbox_postcreation()
- mailbox_postedit()
- create_mailbox_subfolders()
The code was moved without any changes, except
- added leading whitespace
- removed "TODO: move to MailboxHandler" ;-)
MailboxHandler:
- change function calls for moved functions
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1515 a1433add-5e2c-0410-b055-b7f2511e0802
check_quota()
mailbox_postcreation()
mailbox_postedit()
create_mailbox_subfolders()
- use Config::read() / Config::bool() instead of $CONF
- update comment header
- some minor changes to make the code better readable
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1514 a1433add-5e2c-0410-b055-b7f2511e0802