The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
- add check_db_version() to functions.inc.php
- add $min_db_version (needs to be updated at least before the release)
- call check_db_version in login.php, users/login.php and CLI - they'll
error out if the database layout is outdated
- change setup.php to use check_db_version()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1853 a1433add-5e2c-0410-b055-b7f2511e0802
- trim() $fUsername - MySQL thinks "foo" == "foo " (and therefore allows
login as "foo@example.com " - but later we'll get funny "undefined index"
problems in PFAHander->view()) when an admin wants to change the password
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1665 a1433add-5e2c-0410-b055-b7f2511e0802
for logout.
This means:
- change logout URL to login.php in menu.conf and users_main.tpl
- delete logout.php and users/logout.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1569 a1433add-5e2c-0410-b055-b7f2511e0802
- require token for CSRF protection, see
https://sourceforge.net/p/postfixadmin/bugs/269/
login.php, users/login.php:
- create token and store it in $_SESSION
templates/*:
- add token to all delete.php links
templates/list-virtual_alias_domain.tpl:
- change delete confirmation dialog to contain "from->target"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1564 a1433add-5e2c-0410-b055-b7f2511e0802
- make login() a non-static function
- login: use $this->db_table and $this->id_field instead of hardcoded names
users/login.php, xmlrpc.php:
- adopt to now non-static MailboxHandler->login()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1484 a1433add-5e2c-0410-b055-b7f2511e0802
- check_domain(), check_email(): instead of calling flash_error(),
return string with error message - or empty string if everything is ok
model/AdminHandler.php, model/AliasHandler.php,
model/DomainHandler.php, model/MailboxHandler.php,
sendmail.php, users/edit-alias.php:
- adopt to changed check_domain() and check_email() return value
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1451 a1433add-5e2c-0410-b055-b7f2511e0802
- start rewrite based on PFAHandler
- add initStruct(), initMsg(), webformConfig(), validate_new_id(),
create_allowed()
- drop old __construct() and view()
- replace $this->username with $this->id
- replace check of old password in change_pw() with $this->login
users/password.php:
- adopt to *Handler syntax
scripts/shells/mailbox.php:
- adopt to *Handler view() syntax
- add TODO - maildir column isn't displayed
xmlrpc.php:
- adopt to *Handler syntax
Note: as usual, the changes in xmlrpc.php are untested ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1360 a1433add-5e2c-0410-b055-b7f2511e0802
AliasHandler.php:
- remove obsolete functions update(), is_mailbox_alias(),
is_vacation_address(), hasAliasRecord()
- updated delete() to use new *Handler syntax (most of it should be
moved to PFAHandler, but that's another story ;-)
users/edit-alias.php:
- replace $ah->update with $ah->set / $ah->store
- use 0/1 for $fForward_and_store instead of YES/NO
- use safepost instead of isset()
templates/users_edit-alias.tpl:
- use 0/1 for $fForward_and_store instead of YES/NO
xmlrpc.php:
- replace $ah->update with new *Handler syntax
Note: the changes in xmlrpc.php are untested again ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1358 a1433add-5e2c-0410-b055-b7f2511e0802
- remove deprecated functions get() and hasStoreAndForward()
scripts/shells/alias.php:
- ViewTask: switch to *Handler syntax
- ViewTask: display is_mailbox, goto_mailbox and on_vacation status
users/edit-alias.php:
- replace $ah->get() and $ah->hasStoreAndForward() with *Handler syntax
- remove outdated comment in header
xmlrpc.php:
- switch get() and hasStoreAndForward() to *Handler syntax
Note: the changes in xmlrpc.php are untested!
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1357 a1433add-5e2c-0410-b055-b7f2511e0802
- add initStruct() (not the final version, but works for now)
- add initMsg()
- replace $this->username with $this->id everywhere
- drop __construct() - default __construct will be used now
users/edit-alias.php, xmlrpc.php, VacationHandler.php, scripts/shells/alias.php:
- use default init sequence for AliasHandler (new, then ->init())
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1310 a1433add-5e2c-0410-b055-b7f2511e0802
- new config option $CONF['password_validation'] - array with regular
expressions to check if a password is valid/good enough.
The default configuration enforces:
- minimum length 5 characters/digits/whatever
- at least 2 characters
- at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
$CONF['password_validation']
functions.inc.php
- new function validate_password to check a given password against
$CONF['password_validation']
- generate_password: generated password is always 8 chars long
(instead of $CONF['min_password_length'])
edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']
This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
- rename $PALANG['pPasswordTooShort'] to $PALANG['password_too_short']
*.lang:
- add $PALANG['password_no_characters'] and $PALANG['password_no_digits']
(will be used by my next commit)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1191 a1433add-5e2c-0410-b055-b7f2511e0802
vacation.php
- result of merging edit-vacation.php and users/vacation.php
- vacation.php comes with the svn history of edit-vacation.php
- display "vacation already active" (only) in user mode if vacation is active
(would be useful in admin mode too, but needs a text change)
- various comment updates
- add username in $PALANG[pVacation_result_removed] and
$PALANG[pVacation_result_added] using sprintf
- change compared to Jan Kruis' patch:
- set return url for users to main.php instead of users/main.php
- set return url for admins after setting $fDomain. Otherwise the return url
does not contain the domain.
- removed unused variable $tDomain
users/vacation.php:
- require(../vacation.php)
- remove everything else
- whitespace changes in the license header
- note: this is completely different from Jan Kruis' patch - his intention was
to remove this file and use ../vacation.php. However, with his way all links
in the users menu would point to the wrong place/directory
edit-vacation.php:
- deleted
templates/vacation.tpl
- display username only in admin mode
templates/list-virtual_mailbox.tpl
- link changed to merged vacation.php
languages/en.lang
- add username in $PALANG[pVacation_result_removed] and
$PALANG[pVacation_result_added] as sprintf variable
- (comments added by Jan Kruis' patch are not part of this commit)
languages/nl.lang
- translation updates
- already contains the sprintf variable in $PALANG[pVacation_result_removed]
and $PALANG[pVacation_result_added]
(updates for other *.lang files follow in another commit)
The following parts of Jan Kruis' patch are not part of this commit:
- rejected:
- variables.inc.php: don't add $Admin_role and $Return_url
If we initialize them, it should be done directly in (edit-)vacation.php,
but the current code always sets them already in all cases.
- templates/users_main.tpl: do not change url for vacation.php
- postponed:
- added comments in en.lang about obsolete texts
Most parts of this commit (see exceptions above) were provided as patch
by Jan Kruis (jan-kruis@SF), see
https://sourceforge.net/tracker/?func=detail&aid=3383236&group_id=191583&atid=937966
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1169 a1433add-5e2c-0410-b055-b7f2511e0802
Prepare merging of edit-vacation.php and users/vacation.php
users/vacation.php, edit-vacation.php:
- first step of merging
- renamed some variables to fit vacation.tpl
- some code sorting and cleanup
- replaced JS redirect on cancel with handling in PHP
users_vacation.tpl, edit-vacation.tpl:
- deleted (merged to vacation.tpl)
vacation.tpl:
- new file, result of merging edit-vacation.tpl and users_vacation.tpl
- display mail address to users also (to be discussed)
Thanks to J.Kruis (jan-kruis@SF) for the patch,
https://sourceforge.net/tracker/?func=detail&aid=3383236&group_id=191583&atid=937966
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1163 a1433add-5e2c-0410-b055-b7f2511e0802
users/password.php:
- use SESSID_USERNAME instead of USERID_USERNAME to match the smarty
variable name in the password module for admins
- switch to 'password' template
templates/password.tpl:
- display "exit" button if logged in as user
- change form name to something more useful
templates/users_password.tpl:
- deleted
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1140 a1433add-5e2c-0410-b055-b7f2511e0802
login.php, users/login.php:
- set logintype=admin/user smarty variable
- cleanup: move smarty assignments outside of GET/POST handling - it's
the same for both
users/login.php:
- do not pre-fill username on failed login
templates/login.tpl:
- merge in users_login.tpl
- add some {if} to handle the differences between admin and user login
templates/users_login.tpl:
- deleted
*.lang:
- mark pUsersLogin_username, pUsersLogin_password, pUsersLogin_language
and pUsersLogin_button as obsolete
- add some notes if pLogin_* and pUsersLogin differ
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1137 a1433add-5e2c-0410-b055-b7f2511e0802
- replaced tMessage with flash_error() / flash_info()
users/vacation.php:
- set today as default date if vacation start/end date are empty
users/edit-alias.php:
- removed now superfluous code to join multiple tMessage texts with <br>
- removed a </font> that was appended to $PALANG['pEdit_alias_goto_text_error2']
This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1085 a1433add-5e2c-0410-b055-b7f2511e0802
- supress warnings about PHP's date.timezone not set.
The risk of doing this is low IMHO - the worst thing that can happen
is a wrong default date for vacation or a "wrong" tempfile name for
backup.php
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1076 a1433add-5e2c-0410-b055-b7f2511e0802
(as discussed with GingerDog on IRC yesterday).
Also renamed user to mailbox in the CLI.
- renamed model/UserHandler.php to MailboxHandler.php
- renamed scripts/shells/user.php to mailbox.php
- replaced UserHandler / user with MailboxHandler / mailbox in various files
- unrelated cleanup: deleted obsolete scripts/models-ext directory
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1019 a1433add-5e2c-0410-b055-b7f2511e0802
- cleanup: move some vars to password.php and users/password.php
- drop $pPassword_admin_text - was always empty
password.php, users/password.php:
- init $pPassword_password_text and $pPassword_password_current_text
(previously in variables.inc.php)
templates/password.tpl, templates/users_password.tpl:
- drop $pPassword_admin_text - was always empty
These changes should also fix some undefined variable warnings reported
by makomi on IRC.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1004 a1433add-5e2c-0410-b055-b7f2511e0802
- if you want to verify the old password, you should compare it against
the OLD and not the NEW password ;-)
- fix database calls
In other words: changing the password in users/password.php works again ;-)
users/password.php:
- switch from obsolete change_pass() to change_pw()
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@916 a1433add-5e2c-0410-b055-b7f2511e0802
- prepared for updated AliasHandler from scripts/
- user could cause an empty alias with a trick (or form manipulation).
Checking forward_and_store for != YES instead of == NO fixes this.
- don't replace spaces in the middle of an (BTW: invalid) alias target
- preserve user input on validation error
- allowed displaying of multiple error messages
- removed unused $_POST[fVacation] variable
- some whitespace fixes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@911 a1433add-5e2c-0410-b055-b7f2511e0802
- hand over $search to smarty templates
templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting
templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
(was displayed once per mailbox alias target)
css/default.css:
- add style for ".searchresult"
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802