Commit Graph

83 Commits (75bcf3091b37b8ce3b60d276db56c8c903d2a73d)

Author SHA1 Message Date
Christian Boltz ab666b6b7f
Fix microtime() usage
By default, microtime() returns a string :-/ which unsurprisingly causes
a warning when doing math on it.
7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 8bb6000072 Merge pull request #60 from Vilican/master
Security fixes
7 years ago
Matyáš Koc 9f30aa5ff4 Handle logout in a new way (user login) 7 years ago
Sylvain Tissot 9c9ba64a7f Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
Matyáš Koc 3486a5c593 Updated comment-documentation 7 years ago
Matyáš Koc 019209abab Added CSRF check to user login 7 years ago
Martin Oemus 6a6e1c8352 use Config-class, check auth first, fixed redirect 8 years ago
Martin Oemus 9aba43ee48 added config option to disable "edit_alias" function for users 8 years ago
Christian Boltz 13cdd50d0a Add checks to login.php and cli to ensure database layout is up to date
- add check_db_version() to functions.inc.php
- add $min_db_version (needs to be updated at least before the release)
- call check_db_version in login.php, users/login.php and CLI - they'll
  error out if the database layout is outdated
- change setup.php to use check_db_version()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1853 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 52a7df2b3a Add CSRF protection for POST requests
Add the CSRF token to all forms, and validate it when those forms are
submitted.

https://sourceforge.net/p/postfixadmin/bugs/372/



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1842 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 1d520423a9 login.php, users/login.php:
- trim() $fUsername - MySQL thinks "foo" == "foo  " (and therefore allows
  login as "foo@example.com " - but later we'll get funny "undefined index"
  problems in PFAHander->view()) when an admin wants to change the password


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1665 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 619a419611 users/password.php:
- include the username in messages containing %s


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1662 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 9f062cf181 login.php, users/login.php
- error_log() failed login attemps
  https://sourceforge.net/p/postfixadmin/feature-requests/111/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1600 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz b871b47709 As a side effect of the previous commit (r1568), we can use login.php
for logout.

This means:
- change logout URL to login.php in menu.conf and users_main.tpl
- delete logout.php and users/logout.php



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1569 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz fbc18ff993 login.php, common.php:
- when login.php is requested, logout the current admin/user
  https://sourceforge.net/p/postfixadmin/bugs/284/



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1568 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 1a79b2798e delete.php:
- require token for CSRF protection, see
  https://sourceforge.net/p/postfixadmin/bugs/269/

login.php, users/login.php:
- create token and store it in $_SESSION

templates/*:
- add token to all delete.php links

templates/list-virtual_alias_domain.tpl:
- change delete confirmation dialog to contain "from->target"


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1564 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 6e2e132bac remove "postfixadmin.com" in comments in lots of files
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1558 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 08c9b4e49f *.lang:
- renamed some $PALANG texts:
  - pOverview_button => go
  - pOverview_mailbox_name => name
  - pSendmail_admin => from
  - pAdminEdit_admin_username => admin
  - pEdit_alias_goto => to 
- deleted obsolete or duplicate $PALANG texts:
  - pOverview_alias_goto
  - pCreate_alias_goto
  - pEdit_alias_button
  - pEdit_mailbox_name
  - pEdit_mailbox_button
  - pViewlog_username
  - pViewlog_button
  - pAdminList_admin_username
  - pAdminList_virtual_button
  - pAdminList_virtual_alias_address
  - pAdminList_virtual_alias_goto
  - pAdminList_virtual_mailbox_name
  - pAdminEdit_domain_button
  - pAdminEdit_admin_button
  - pBroadcast_from
  - pBroadcast_send

model/*, setup.php, templates/*, users/edit-alias.php:
- update to use the renamed $PALANG texts


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1513 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 3b7606b654 users/password.php:
- update to use non-static MailboxHandler->login()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1492 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz e7ea1f167e users/login.php:
- use imported variables instead of $_POST


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1488 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz c711467174 users/login.php:
- don't escape_string() username and password


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1487 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 8ff856df12 MailboxHandler.php:
- make login() a non-static function
- login: use $this->db_table and $this->id_field instead of hardcoded names

users/login.php, xmlrpc.php:
- adopt to now non-static MailboxHandler->login()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1484 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 871bcbbe2f functions.inc.php:
- check_domain(), check_email(): instead of calling flash_error(),
  return string with error message - or empty string if everything is ok

model/AdminHandler.php, model/AliasHandler.php,
model/DomainHandler.php, model/MailboxHandler.php,
sendmail.php, users/edit-alias.php:
- adopt to changed check_domain() and check_email() return value


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1451 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 89ffcbf25f smarty.inc.php:
- replace (last) usage of $CONF['postfix_admin_url'] with $rel_path
  (relative path to CSS etc., set to '../' in users/*)

users/*.php:
- set $rel_path to '../'

https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1395 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 56a8d1c52f MailboxHandler:
- start rewrite based on PFAHandler
- add initStruct(), initMsg(), webformConfig(), validate_new_id(), 
  create_allowed()
- drop old __construct() and view()
- replace $this->username with $this->id
- replace check of old password in change_pw() with $this->login 
 
users/password.php:
- adopt to *Handler syntax

scripts/shells/mailbox.php:
- adopt to *Handler view() syntax
- add TODO - maildir column isn't displayed
  
xmlrpc.php:
- adopt to *Handler syntax

Note: as usual, the changes in xmlrpc.php are untested ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1360 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e9d8fa1ff9 remove obsolete functions from AliasHandler (part 2/2)
AliasHandler.php:
- remove obsolete functions update(), is_mailbox_alias(), 
  is_vacation_address(), hasAliasRecord()
- updated delete() to use new *Handler syntax (most of it should be
  moved to PFAHandler, but that's another story ;-)

users/edit-alias.php:
- replace $ah->update with $ah->set / $ah->store
- use 0/1 for $fForward_and_store instead of YES/NO
- use safepost instead of isset()

templates/users_edit-alias.tpl:
- use 0/1 for $fForward_and_store instead of YES/NO

xmlrpc.php:
- replace $ah->update with new *Handler syntax

Note: the changes in xmlrpc.php are untested again ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1358 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz fff6654634 AliasHandler:
- remove deprecated functions get() and hasStoreAndForward()

scripts/shells/alias.php:
- ViewTask: switch to *Handler syntax
- ViewTask: display is_mailbox, goto_mailbox and on_vacation status

users/edit-alias.php:
- replace $ah->get() and $ah->hasStoreAndForward() with *Handler syntax
- remove outdated comment in header

xmlrpc.php:
- switch get() and hasStoreAndForward() to *Handler syntax

Note: the changes in xmlrpc.php are untested!


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1357 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 2f3d4bcb9c users/edit-alias.php:
- remove unused variable $USERID_DOMAIN


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1346 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz da9a69dd0d AliasHandler.php:
- add initStruct() (not the final version, but works for now)
- add initMsg()
- replace $this->username with $this->id everywhere
- drop __construct() - default __construct will be used now

users/edit-alias.php, xmlrpc.php, VacationHandler.php, scripts/shells/alias.php:
- use default init sequence for AliasHandler (new, then ->init())


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1310 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e95dffb55a users/edit-alias.php:
- remove unused $vacation_domain and $vacation_goto


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1280 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 69b3df10e4 config.inc.php
- new config option $CONF['password_validation'] - array with regular
  expressions to check if a password is valid/good enough.
  The default configuration enforces:
  - minimum length 5 characters/digits/whatever
  - at least 2 characters
  - at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
  $CONF['password_validation']

functions.inc.php
- new function validate_password to check a given password against
  $CONF['password_validation']
- generate_password: generated password is always 8 chars long
  (instead of $CONF['min_password_length'])

edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']

This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e38ba1f7cf users/password.php, edit-admin.php, edit-mailbox.php, *.lang:
- rename $PALANG['pPasswordTooShort'] to $PALANG['password_too_short']

*.lang:
- add $PALANG['password_no_characters'] and $PALANG['password_no_digits']
  (will be used by my next commit)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1191 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 9bee8d89c1 Merge users/vacation.php and edit-vacation.php into vacation.php
vacation.php
- result of merging edit-vacation.php and users/vacation.php
- vacation.php comes with the svn history of edit-vacation.php
- display "vacation already active" (only) in user mode if vacation is active
  (would be useful in admin mode too, but needs a text change)
- various comment updates
- add username in $PALANG[pVacation_result_removed] and
  $PALANG[pVacation_result_added] using sprintf
- change compared to Jan Kruis' patch:
  - set return url for users to main.php instead of users/main.php
  - set return url for admins after setting $fDomain. Otherwise the return url
    does not contain the domain.
  - removed unused variable $tDomain

users/vacation.php:
- require(../vacation.php)
- remove everything else
- whitespace changes in the license header
- note: this is completely different from Jan Kruis' patch - his intention was
  to remove this file and use ../vacation.php. However, with his way all links
  in the users menu would point to the wrong place/directory

edit-vacation.php:
- deleted

templates/vacation.tpl
- display username only in admin mode

templates/list-virtual_mailbox.tpl
- link changed to merged vacation.php

languages/en.lang
- add username in $PALANG[pVacation_result_removed] and
  $PALANG[pVacation_result_added] as sprintf variable
- (comments added by Jan Kruis' patch are not part of this commit)

languages/nl.lang
- translation updates
- already contains the sprintf variable in $PALANG[pVacation_result_removed]
  and $PALANG[pVacation_result_added]

(updates for other *.lang files follow in another commit)

The following parts of Jan Kruis' patch are not part of this commit:
- rejected:
  - variables.inc.php: don't add $Admin_role and $Return_url
    If we initialize them, it should be done directly in (edit-)vacation.php,
    but the current code always sets them already in all cases.
  - templates/users_main.tpl: do not change url for vacation.php
- postponed:
  - added comments in en.lang about obsolete texts


Most parts of this commit (see exceptions above) were provided as patch 
by Jan Kruis (jan-kruis@SF), see
https://sourceforge.net/tracker/?func=detail&aid=3383236&group_id=191583&atid=937966



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1169 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 1695f1a7b2 Merged edit-vacation.tpl and users_vacation.tpl.
Prepare merging of edit-vacation.php and users/vacation.php

users/vacation.php, edit-vacation.php:
- first step of merging
- renamed some variables to fit vacation.tpl
- some code sorting and cleanup
- replaced JS redirect on cancel with handling in PHP

users_vacation.tpl, edit-vacation.tpl:
- deleted (merged to vacation.tpl)

vacation.tpl:
- new file, result of merging edit-vacation.tpl and users_vacation.tpl
- display mail address to users also (to be discussed)

Thanks to J.Kruis (jan-kruis@SF) for the patch,
https://sourceforge.net/tracker/?func=detail&aid=3383236&group_id=191583&atid=937966


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1163 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz b26012ca18 users/edit-alias.php:
- fix undefined smarty variables


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1150 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz ab636c92e5 Merge password.tpl and users_password.tpl
users/password.php:
- use SESSID_USERNAME instead of USERID_USERNAME to match the smarty
  variable name in the password module for admins
- switch to 'password' template
 
templates/password.tpl:
- display "exit" button if logged in as user
- change form name to something more useful

templates/users_password.tpl:
- deleted


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1140 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz b065366a91 Merge template for admin login and user login
login.php, users/login.php:
- set logintype=admin/user smarty variable
- cleanup: move smarty assignments outside of GET/POST handling - it's
  the same for both

users/login.php:
- do not pre-fill username on failed login

templates/login.tpl:
- merge in users_login.tpl
- add some {if} to handle the differences between admin and user login

templates/users_login.tpl:
- deleted

*.lang:
- mark pUsersLogin_username, pUsersLogin_password, pUsersLogin_language 
  and pUsersLogin_button as obsolete
- add some notes if pLogin_* and pUsersLogin differ


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1137 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz ceb24297c7 users/edit-alias.php, users/password.php, users/vacation.php, users/login.php:
- replaced tMessage with flash_error() / flash_info()

users/vacation.php:
- set today as default date if vacation start/end date are empty

users/edit-alias.php:
- removed now superfluous code to join multiple tMessage texts with <br>
- removed a </font> that was appended to $PALANG['pEdit_alias_goto_text_error2']

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1085 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 058f46f1a5 users/vacation.php, edit-vacation.php, backup.php:
- supress warnings about PHP's date.timezone not set.

  The risk of doing this is low IMHO - the worst thing that can happen 
  is a wrong default date for vacation or a "wrong" tempfile name for
  backup.php


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1076 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz d66262f00e Remove usage of $CONF['postfix_admin_url'] in various Location: headers
to avoid problems with wrong values of $CONF['postfix_admin_url'].

https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3039042&group_id=191583
contains the technical details and reasons.

Note: $CONF['postfix_admin_url'] is still used at some places that are
a bit harder to change.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1021 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz b89b94cf83 Renamed UserHandler to MailboxHandler to make clear it's about mailboxes
(as discussed with GingerDog on IRC yesterday).
Also renamed user to mailbox in the CLI.

- renamed model/UserHandler.php to MailboxHandler.php
- renamed scripts/shells/user.php to mailbox.php
- replaced UserHandler / user with MailboxHandler / mailbox in various files

- unrelated cleanup: deleted obsolete scripts/models-ext directory


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1019 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz f8cd54a468 variables.inc.php:
- cleanup: move some vars to password.php and users/password.php
- drop $pPassword_admin_text - was always empty

password.php, users/password.php:
- init $pPassword_password_text and $pPassword_password_current_text
  (previously in variables.inc.php)

templates/password.tpl, templates/users_password.tpl:
- drop $pPassword_admin_text - was always empty

These changes should also fix some undefined variable warnings reported 
by makomi on IRC.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1004 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 9c5084af04 model/UserHandler.php: fix verifying old password in change_pw()
- if you want to verify the old password, you should compare it against 
  the OLD and not the NEW password ;-)
- fix database calls

In other words: changing the password in users/password.php works again ;-)

users/password.php:
- switch from obsolete change_pass() to change_pw()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@916 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz f6cb87eb6e users/edit-alias.php:
- another fix for fForward_and_store on validation errors


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@914 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 5381f96426 users/edit-alias.php: prepared for updated AliasHandler, small fixes
- prepared for updated AliasHandler from scripts/
- user could cause an empty alias with a trick (or form manipulation).
  Checking forward_and_store for != YES instead of == NO fixes this.
- don't replace spaces in the middle of an (BTW: invalid) alias target
- preserve user input on validation error
- allowed displaying of multiple error messages
- removed unused $_POST[fVacation] variable
- some whitespace fixes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@911 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4c912f1da8 list-virtual.php:
- hand over $search to smarty templates

templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting

templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
  (was displayed once per mailbox alias target)

css/default.css:
- add style for ".searchresult"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Sebastian 9ddf15439f - fix some display errors after rev. 788, found and patch supplied by Jan-Kruis, thx.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@791 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian 283c563d84 - small bugfix. Display date correctly
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@766 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian 2dca007dbf - add some images
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@765 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago