The high-level db_*() functions (like db_update(), and also
_db_add_field() in upgrade.php) call table_by_key() internally, which
also means the unwrangled table name needs to be handed over to them.
If handing over an already table_by_key()'d table name, it gets modified
again and results in something like prefix_prefix_mailbox.
The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
The MySQL database layout includes a 'cache' column for historical
reasons, the PostgreSQL database never did.
r1883 removed the 'cache' column from VacationHandler to unbreak
PostgreSQL, and at the same time broke MySQL in strict mode.
This patch re-adds the 'cache' column only for MySQL to fix this
regression.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1890 a1433add-5e2c-0410-b055-b7f2511e0802
set_is_mailbox_extrafrom() restricts the domain list to the domain that
needs to be checked (in normal list-virtual listing one domain), and is
then used to restore the default extrafrom.
This improves the performance for most usecases even for superadmins.
Note: Search mode might still be slow because by default it searches in
all domains available to the admin.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1882 a1433add-5e2c-0410-b055-b7f2511e0802
AliasHandler:
- initStruct(): handle __mailbox_username as separate field (needed to
make it searchable)
- split off a condition_ignore_mailboxes() function (used in getList()
and getPagebrowser()) to add '__mailbox_username IS NULL' to the search
condition array. Also, make sure $condition can be an array (preferred)
or a string with a raw query
list-virtual.php:
- hand over a search array instead of a raw query
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1879 a1433add-5e2c-0410-b055-b7f2511e0802
This improves performance on setups with lots of mailboxes.
Well, except for superadmins because restricting to "all domains"
doesn't really help ;-)
Thanks to gygy for reporting this on IRC, and for testing the patch.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1877 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): in 'aliases_quot' and '_aliases_quot_percent', use
coalesce(__mailbox_count,0) - without, we always get _0_ aliases if
a domain doesn't have mailboxes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1783 a1433add-5e2c-0410-b055-b7f2511e0802
list-virtual.php:
- use list.tpl for aliases
- move show_gen_status handling for aliases to AliasHandler
AliasHandler:
- initStruct():
- add 'status' column (hidden by default)
- hide 'created'
- move 'active' after 'modified' to match old list-virtual.php layout
- initMsg: add list_header
- webformConfig(): if $CONF[show_status], set display_in_list for
'status' column. Also set a (whitespace) label to make sure it's
displayed
- db_read_from_db_postprocess(): if 'status' column is requested, call
gen_show_status() for each row
list-virtual.tpl
- remove alias table header and create alias button (which should have
been in list-virtual_alias.tpl)
list-virtual_alias.tpl:
- replace code to generate the alias table with {include 'list.tpl'}
(and some variable assignments)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1777 a1433add-5e2c-0410-b055-b7f2511e0802
- add support for list_header (like ":: Alias" in list-virtual)
PFAHandler:
- add empty default for $msg['list_header']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1776 a1433add-5e2c-0410-b055-b7f2511e0802
- assign(): additionally provide the unsanitized values as RAW_$key
PFAHandler.php:
- document 'html' field type (used for raw html), including a big warning
list.tpl:
- add handling to display raw html fields
This is a preparation to use the status markers with list.tpl without
introducing too big changes.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1775 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
default aliases if special_alias_control is off and not superadmin
list.tpl:
- use $item._can_edit instead of $check_alias_owner
list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
(replaced by the code added in AliasHandler)
- drop unused $sql_domain
functions.inc.php:
- delete no longer used check_alias_owner() function
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1774 a1433add-5e2c-0410-b055-b7f2511e0802
David Goodwin