- added form to create setup password hash. It will be displayed if
a) no setup password is defined yet
b) the "lost password" link was clicked
- moved checks for empty and too short passwort into check_setup_password()
- added an optional $lostpw_mode parameter to check_setup_password() which
causes slightly different behaviour (enforces generation of new hash, even
if the password would match)
- changed check_password_setup() return value to array($error, $message)
- moved displaying $tMessage above the form - it is more useful there.
- removed "see config.inc.php" notice from password field in "create superadmin"
form - this hint doesn't help much with the hashed password ;-)
- TODO: The if statements to decide which form to display is quite difficult
(and will become unreadable in case we need another form ;-)
We should think about a better way to select the form to display...
(maybe flash_error / flash_info + redirect?)
upgrade.php:
- added missing <p> tag
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@648 a1433add-5e2c-0410-b055-b7f2511e0802
- removed the $CONF['configured'] = 'I_know_the_risk_of_not_deleting_setup.php'
developer hack (no longer needed since setup.php requires a password)
- this also makes index.php redirecting to login.php again (the old check tested
for file_exists(setup.php)...)
common.php:
- removed a superfluous check for $CONF[setup_password] (see mailinglist for details)
config.inc.php:
- removed a small outdated comment
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@640 a1433add-5e2c-0410-b055-b7f2511e0802
- setup_password is now checked against a hashed value instead of plain text
- setup.php will display the hash value of the entered password if it
doesn't match - copy&paste ready to include in config.inc.php.
No need to compute the password hash yourself ;-)
- see generate_setup_password_salt(), encrypt_setup_password() and
check_setup_password() for details how the password hashing works.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@629 a1433add-5e2c-0410-b055-b7f2511e0802
- remove session_start() - the session is already started in common.php
model/UserHandler.php:
- db_log() used undefined variable $USERID_USERNAME - use $username instead
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@625 a1433add-5e2c-0410-b055-b7f2511e0802
- remove "define('POSTFIXADMIN', 1)" and inclusion of en.lang - this is
already done by common.php (used since r616).
This fixes a "already defined" warning.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@623 a1433add-5e2c-0410-b055-b7f2511e0802
- fix displaying of vacation status in search results - was broken for
a) super admins (wrong nesting of if statements)
b) mailboxes with vacation switched off (empty and therefore invisible link)
templates/admin_search.php:
- deleted unused file
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@622 a1433add-5e2c-0410-b055-b7f2511e0802
- honor alias_domain.active (see mail from Daniel Reichelt in postfixadmin-devel)
- fix query for maildir in virtual_mailbox_maps - the maildir field already
contains the domain (exact layout depends on the $CONF settings), so there's
no need to prepend it again
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@620 a1433add-5e2c-0410-b055-b7f2511e0802
- only list fetchmail entries for domains/mailboxes someone owns
- better sort order for list mode (mailbox, src_server, src_user) - best
would be to sort by domain first, but this isn't that easy without a
domain column. Anyways, everything is better than "order by id" ;-)
- changes partly done to prepare "fetchmail for users", see patch at
https://sourceforge.net/tracker/?func=detail&aid=2715675&group_id=191583&atid=937966
(patch will be included after the 2.3 release)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@604 a1433add-5e2c-0410-b055-b7f2511e0802
Christian Boltz