banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
715 Commits
5 Branches
40 Tags
9.3 MiB
postfixadmin_3.2
master
feature-php-crypt-prefix
gh-pages
postfixadmin-2.3
release-2020-05-22-11-27
postfixadmin-1.3.7
postfixadmin-1.4.0
postfixadmin-1.5.0
postfixadmin-1.5.1
postfixadmin-1.5.2
postfixadmin-1.5.3
postfixadmin-1.5.4
postfixadmin-2.0.0
postfixadmin-2.0.1
postfixadmin-2.0.2
postfixadmin-2.0.3
postfixadmin-2.0.4
postfixadmin-2.0.5
postfixadmin-2.1.0
postfixadmin-2.2.0
postfixadmin-2.2.1
postfixadmin-2.2.1.1
postfixadmin-2.3.3
postfixadmin-2.3.4
postfixadmin-2.3.5
postfixadmin-2.3.6
postfixadmin-2.3.7
postfixadmin-2.3beta
postfixadmin-2.3rc1
postfixadmin-2.3rc2
postfixadmin-2.3rc3
postfixadmin-2.3rc4
postfixadmin-2.3rc5
postfixadmin-2.3rc6
postfixadmin-2.3rc7
postfixadmin-2.91
postfixadmin-3.0.2
postfixadmin-3.1
postfixadmin-3.2
postfixadmin-3.2.1
postfixadmin-3.2.2
postfixadmin-3.2.3
postfixadmin-3.2.4
push
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '894d83d3e1'
${ noResults }
Commit Graph

715 Commits (894d83d3e18ef3cd75fcb11759ec52b07a3cebc9)
 

Author SHA1 Message Date
Norman Messtorff 894d83d3e1 Merged debian/* stuff from trunk to postfixadmin-2.3 branch 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1334 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz fac93bf28b functions.inc.php: 
- pacrypt(): escape_string() $salt for mysql_encrypt to be on the safe side


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1333 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz bf0892aa9c More XSS fixes: 
create-alias.php, edit-alias.php:
- fix XSS in error message
    
templates/admin_list-domain.php:
- fix XSS (by values stored in the database) in "description" field

templates/fetchmail.php:
- fix XSS (by values stored in the database) in any field

templates/list-virtual.php:
- fix XSS (by values stored in the database) in "name" field

+ CHANGELOG.TXT update

Again, thanks to Filippo Cavallarin for pointing out those issues.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1330 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz d60276e864 functions.inc.php: 
- PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin
  therefore we have to wrap our function (which fortunately gives the same
  results) with function_exists().
  Reported by MadOtis on #postfixadmin


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1329 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz 71f7b03801 update CHANGELOG.TXT with latest commits/fixes 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1325 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz 638f2755eb edit-vacation.php, templates/edit-vacation.php: 
- only urlencode() $fDomain, not the whole fCanceltarget (otherwise
  the ? is also encoded, which results in a 404 error)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1324 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz 8f5047cb20 templates/admin_create-domain.php: 
- fix XSS in domain and description field
  (Thanks to Filippo Cavallarin!)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1323 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
David Goodwin 5c4d9e48bd escape provided url better (fix XSS vuln) - thanks to Flippo Cavallarin for reporting this 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1322 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
David Goodwin 9fb0f040c9 fix xss from poor sanitisation/checking of $_GET[domain], thanks to Flippo Cavallarin for reporting this 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1321 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
David Goodwin 9dd00fb0a7 fix sql injection hole where value fields were not being escaped in the stored file - (thanks to Filippo Cavallarin) 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1320 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
David Goodwin d8895ccdc2 fix sql injection hole in pacrypt if $CONF[encrypt] == mysql_encrypt (thanks to Filippo Cavallarin) 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1319 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz ef0c84283f list-virtual.php: 
- delivery to mailbox with a recipient delimiter (mailbox+foo@domain)
  was marked as "forward only"

This fixes 
https://sourceforge.net/tracker/?func=detail&aid=3420440&group_id=191583&atid=937964
reported by <stderr1> on #postfixadmin

(backport of trunk r1198)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1199 a1433add-5e2c-0410-b055-b7f2511e0802
 14 years ago
Christian Boltz 22fb5c5cb2 de.lang: 
- fix typo

(backport of trunk r1182)
(not worth a changelog entry)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1187 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz dba89ba42e functions.inc.php / create_admin(): 
- fix SQL injection (only exploitable by superadmins)

Reported by Matthias Bethke (msbethke@SF),
https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3412484&group_id=191583

(+ changelog update for this and the previous commit)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1185 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz d196f38dde *.lang: 
- add missing pAdminDelete_admin_error text
  (already existed in trunk, but was missing in 2.3.x)

Reported by Matthias Bethke (msbethke@SF) 
https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3412476&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1184 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 8d16ebdab3 update version numbers etc. for the 2.3.4 release 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1180 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
David Goodwin 591680764a update debian/changelog in preparation of new release 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1179 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 1e766a2b39 CHANGELOG.TXT: 
- whitespace fix - tabs vs. spaces


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1178 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 1c76c35e6c import_users_from_csv.py: 
- update FSF address (the openSUSE build check complained ;-)

(Backport of trunk r1158)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1165 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 19c65d5441 ADDITIONS/delete-mailq-by-domain.pl, 
ADDITIONS/squirrelmail-plugin/**/postfixadmin.po:
- whitespace fix: replace DOS line ends with Linux line ends
  (no other changes)

This commit backports trunk r1160 to the 2.3 branch.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1161 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz ac3eadc17c functions.inc.php - pacrypt(): 
- if dovecotpw does not give the expected output, read stderr and write
  it to error_log()
- backported from SVN trunk r1071


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1159 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 3be1184a9b vacation.pl: 
- (really) log to "mail" syslog facility

reported by Johan Meiring (jmeiring) in 
http://sourceforge.net/tracker/index.php?func=detail&aid=3086890&group_id=191583&atid=937964

This is a backport of r1073 to the SVN branch.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1074 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 5153b1e5b4 Text change: Logged _in_ as ... (the 'in') was missing. 
This is a backport of r1062 from trunk. (Only the real change, 
not all the translator comments.)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1063 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 3804413c82 create-domain.php: 
- force domain name to lowercase to avoid problems with PgSQL foreign keys

Reported by Munroe Sollog (roe1234@SF),
https://sourceforge.net/tracker/?func=detail&aid=3287965&group_id=191583&atid=937964
after some bughunting on #postfixadmin



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1037 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 86aabcfa06 list-domain.php: 
- add explicit field list in SELECT to avoid PgSQL problems with custom columns

Reported by ksb (ksb4ever@SF),
https://sourceforge.net/tracker/?func=detail&aid=2859165&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1029 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz eb8fafbc89 functions.inc.php: 
- generate_password(): generate more secure random password

Based on a patch from Pierre Fagrell (mrfrenzy@SF),
https://sourceforge.net/tracker/?func=detail&aid=2958698&group_id=191583&atid=937964
(with some modifications)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1027 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 04e743f262 fix typo in variable name 
Reported by Gabriele Vivinetto (gabrielev@SF),
https://sourceforge.net/tracker/?func=detail&aid=3266862&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1025 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz c106ecab76 de.lang: 
- remove half/invalid utf-8 char in $PALANG['pCreate_dbLog_createalias']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1014 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
David Goodwin bf7d3bc783 bump revision number + date to keep cboltz happy ;-) 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1010 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
David Goodwin bd67419e00 debian: update patch files for 2.3.3 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1009 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
David Goodwin fc50224284 bump version number due to r1006 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1007 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
David Goodwin 34bb12a5cc update debian/changelog for 2.3.3 release 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1006 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz fa14577c2a r999 is the 2.3.3 release :-) 
update CHANGELOG and functions.inc.php


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@999 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 4b7e59b662 edit-vacation: 
- db_log vacation changes

Known bug: enabling vacation causes two log entries if the user used 
vacation before. Better than not logging vacation changes at all.

trunk already has a different fix - it uses VacationHandler which does
indirect logging via AliasHandler.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@987 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 386ca66f88 functions.inc.php: 
- db_delete(): revert table_by_key() call - otherwise I would have to merge the
  changes from r977 to delete.php which is the only file calling db_delete in
  2.3.x and expects that db_delete does not run table_by_key().
  That's a risk we can avoid because (interesting math follows...)
      buggy db_delete() + buggy delete.php = working code :-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@980 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz c2071fc7a0 Merging in various fixes from trunk. 
upgrade.php:
- change domain.quota, domain.maxquota and mailbox.quota to bigint in PostgreSQL

setup.php:
- strict boolean check for $CONF['configured'] - similar to the check in login.php


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@969 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 2d48df75c1 Merging in various fixes from trunk. 
INSTALL.TXT
- add a warning about external HOWTOs
- mention config.local.php 
- various small changes

DOCUMENTS/UPGRADE.txt:
- add note about upgrading postfix config for alias domains
- various small additions

functions.inc.php:
- fix db_delete to use table_by_key (didn't work with non-default table 
  names before)
- use db_insert for logging

languages/sk.lang:
- big translation update by Ondrej Zary (rnbw @sf)

CHANGELOG.TXT:
- updated with the most important changes from above


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@943 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 1d3aa6c328 config.inc.php: 
- better documentation for $CONF[alias_control], $CONF[alias_control_admin]
  and $CONF[special_alias_control] because the existing comments were 
  confusing (as pointed out by libertytrek in #postfixadmin)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@935 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 2c9f015714 CHANGELOG.TXT: 
- added changes of the previous commits


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@904 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 81ddc9416c functions.inc.php: 
- check_domain(): don't trim() the domain - whitespace is an error.
  This catches "foo@ domain.com" that wasn't catched before.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@903 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 7fd366e46e edit-alias: 
some small fixes that came up while integrating the multiple alias
target patch from anexius (r898):
- replace spaces only at the start and end of a line, not in the
  middle of an (BTW: invalid) mail address
- prevent input data loss on validation errors
- allow multiple error messages (separated by <br />

(I'll port that to trunk also.)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@899 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 90766b88cf create-alias: support multiple alias targets 
- support multiple alias targets, patch by anexius@SF,
  http://sourceforge.net/projects/postfixadmin/forums/forum/676076/topic/4004442
  The patch fixes
  https://sourceforge.net/tracker/?func=detail&aid=2706290&group_id=191583&atid=937964

additional small fixes:
- replace spaces only at the start and end of a line, not in the
  middle of an (BTW: invalid) mail address
- allow multiple error messages (separated by <br />
- prevent input data loss on validation errors

(I'll port this to trunk.)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@898 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 0c6f5c6d8c upgrade.php: 
- backport of r894 (replaced split() with explode(), added $Id)
- already covered in CHANGELOG.TXT


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@895 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 303acce580 Backport of various fixes from trunk to the 2.3 branch 
- list-virtual: fix displaying of 'modified' column for aliases when using
  postgres
- replaced deprecated split() with preg_split() or explode()
- functions.inc.php: better error messages when database functions are missing
- create domain: fixed typo in variable name that broke the default value for
  default aliases
- create domain: backup MX checkbox is now XHTML compliant
- vacation.pl logged literal $variable instead of the variable content at two
  places
- POSTFIX_CONF.txt: fixed filename for quota map
- config.inc.php: removed double $CONF['database_prefix']
- config.inc.php: fixed comments about domain_post* script parameters
- CHANGELOG.TXT: add new section for 2.3.3, include all the above



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@893 a1433add-5e2c-0410-b055-b7f2511e0802
 15 years ago
Christian Boltz 19dbcdeec7 merged most bugfix changes between 2.3 release and SVN r791 to 
2.3 branch

- merged: SVN r745, r746, r747, r748, r749, r750, r752, r754, r756, 
  r767, r770, r771, r772, r773, r774, r777, r778, r779, r789, r790 
- r763 partly merged (except smarty part)
- r787 - only part a) merged
- see CHANGELOG.txt changes ;-) or SVN log for details

ToDo: display alias targets for mailboxes (r751 and r787 part b)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@792 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago
Christian Boltz 8420ff730c templates/main.php: 
- fix php short open tags
  https://sourceforge.net/tracker/?func=detail&atid=937964&aid=2908994&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@786 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago
David Goodwin 1f57b94d7e login.php: fix XSS hole as per bug 2905599 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@783 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago
David Goodwin f7be4a7494 postfixadmin 2.3 branch 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@740 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago
Christian Boltz 7c890a49ea postfixadmin 2.3 final(ly) :-) 
- updating version number in various places


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@739 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago
David Goodwin eb68607f56 create the plpgsql language if it is not already there; will error if already enabled, but we will just ignore this - this may cause issues if the db user does not have priviledges to create language ... if this is the case the next query will fail 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@738 a1433add-5e2c-0410-b055-b7f2511e0802
 16 years ago