Commit Graph

1860 Commits (943c5a94ee97e00199bbb56a49af6f4d1d36eace)
 

Author SHA1 Message Date
David Goodwin 8bb1c4f459 update squirrelmail plugin 8 years ago
David Goodwin 27b835c161 remove php4 constructor; hide some cNav_bar variables and rename some variables 8 years ago
Martin Oemus 6a6e1c8352 use Config-class, check auth first, fixed redirect 8 years ago
Christian Boltz 7833ac9ab7 Merge pull request #24 from Janfred/broadcast_improvements
Broadcast improvements:
- allow to send to mailboxes only
- allow to send to only some domains
- allow domain admins to send to their domains - new config option $CONF['sendmail_all_admins']
8 years ago
Jan-Frederik Rieckers 54532e7cee
Fix issue with checkbox in broadcast 8 years ago
Jan-Frederik Rieckers 5712a35f71
Fix some Language issues in broadcast 8 years ago
Christian Boltz 8aecf3eae3 Merge branch 'master' into broadcast_improvements 8 years ago
Christian Boltz 88bd9bfd19
drop $db_conn parameter from escape_string()
Connection caching is now done in db_connect() which is a much better
place.

This reverts most of c253ef7dbd
8 years ago
Christian Boltz 6ee85ac6cc Merge pull request #41 from froonix/mysqli-connect
Better static DB connection cache

(+ lots of whitespace fixes)
8 years ago
Christian Boltz 9df6de65af
Finally get rid of variables.inc.php
Initialize $error and $tMailbox where needed.

The other variables in variables.inc.php are already initialized
everywhere.
8 years ago
Christian Boltz 1ec2ec1199
Move initialization of $fDomain to viewlog.php
The other files using this variable (vacation.php and list-virtual.php)
initialize it properly.
8 years ago
Christian Boltz f4f2d1b0f4
Get rid of most variable definitions in variables.inc.php
variables.inc.php is an old hack to save having to declare variables
before using them in pages.

Lots of the variables there are unused (leftovers from the old
create-*.php or edit-*.php scripts) or properly initialized in the file
using them, so there's no need to keep them in variables.inc.php.

The remaining variables in this file should also be dropped after
further investigation.
8 years ago
Tjebbe Westendorp b3b87385e0 Fix for PHP 7+ (#43)
Removed $fDomains as it's not used anymore and produced a PHP 7+ warning
8 years ago
Christian Schrötter 846dcb756c
Remove unnecessary code 8 years ago
Christian Boltz f7f3781770
Fix default for $CONF[create_mailbox_subdirs_hostoptions]
array('') means to include an empty item, and that results in an invalid
remote specification with a trailing "/"

Using an empty array() fixes this.

Reported by oftc_ftw on IRC.
8 years ago
Christian Schrötter e28f3f5959
Fix for mysqli_connect() 8 years ago
Christian Schrötter 2dea9fadd4
Remove whitespace 8 years ago
Christian Boltz 0b82dec825
Fix filename for *.menu.conf.php in gitignore
Looks like svn:ignore was wrong or outdated ;-)
8 years ago
Christian Boltz c5564c2af9 Merge pull request #36 from isleshocky77/git-ignore
Add a .gitignore file which follows the svn:ignore
8 years ago
Stephen Ostrow a3e08dd2f8 Adding a .gitignore file which follows the svn:ignore for now 8 years ago
Christian Boltz 7edbfb045b Merge pull request #33 from acs-ferreira/patch-1
Update French language
8 years ago
Carlos Ferreira 83836a2477 Update fr.lang 8 years ago
Carlos Ferreira 1b9fa66493 Small fix 8 years ago
Carlos Ferreira 061f950661 Update French language 8 years ago
Jan-Frederik Rieckers 797da4f694
Fix typo 8 years ago
Jan-Frederik Rieckers 7ee587bb87
[Broadcast] Use db_in_clause instead of a foreach loop 8 years ago
Christian Boltz 67a6d0e27a
use $CONF[page_size] in viewlog.php
This replaces the hardcoded "LIMIT 10" with "LIMIT <page_size>".

Patch by Dan <dannyro @SF>, https://sourceforge.net/p/postfixadmin/patches/133/

Additional change on top of Dan's patch:
- wrap $CONF['page_size'] in intval() to avoid that a broken config
  setting can break or exploit the query
8 years ago
Christian Boltz 29364b4734
ensure some fields are really latin1
The previous commit changed vacation_notificatoin.notified,
alias_domain.alias_domain and alias_domain.target_domain to latin1, but
did this only in their original upgrade function.

upgrade_1836_mysql() also applies this change to existing databases.
(It's unlikely that these fields are not latin1 - creating them as utf8
or utf8mb4 would break at the index length, but better safe than sorry ;-)
8 years ago
Christian Boltz ba94c3a75e
fix problems with utf8mb4 as default charset
When trying to create a new database with utf8mb4 as default charset,
upgrade.php fails at various places because of too long indexes.

- no longer run upgrade_1_mysql, upgrade_2_mysql and upgrade_3_mysql
  which all affect updates from pre-2.1 database layout
- add {LATIN1} to vacation_notificatoin.notified,
  alias_domain.alias_domain and alias_domain.target_domain

Thanks to martinx who reported this on IRC and helped to debug it.
8 years ago
David Goodwin 7e496094e0 fall back to sys_get_temp_dir() if we cannot write to a templates_c like place 8 years ago
David Goodwin c253ef7dbd allow escape_string() to take a db connection as a parameter; should improve performance when there are a large number of things to escape 8 years ago
David Goodwin 1a7b2df81f fix undefined variable 8 years ago
Martin Oemus 9aba43ee48 added config option to disable "edit_alias" function for users 8 years ago
David Goodwin 71e412f6c2 make error messages red; fix slightly invalid html; remove templates_c check (unnecessary); note we want php5+; add label tags to input elements 8 years ago
David Goodwin 8c2d447421 remove silencing of @include_once - fixes #20 8 years ago
Jan-Frederik Rieckers 2e92eb5cd1
Fix small syntax bug 8 years ago
Christian Boltz 04e54508e5 Merge pull request #19 from rmcaninch/rmcaninch-patch-1
add css id #update-check to footer.tpl

This allows to hide the "check for updates" link using a custom CSS with '#update-check { display:none; }'
8 years ago
Jan-Frederik Rieckers 3c360f646f
Switch config item for broadcast.
The new config item is now `sendmail_all_admins`
8 years ago
Jan-Frederik Rieckers eb871de916
Add new broadcst message language keys 8 years ago
Jan-Frederik Rieckers 3c3d844130
Improve the broadcast message tool
* Make it possible by config option that non global admins can send
  broadcast messages to their domains.
* Allow the sender to select the domains the broadcast message should be
  delivered to
* Allow the sender to decide if the broadcast message should just be
  delivered to mailboxes
8 years ago
Christian Boltz ace8597bb3 3.0.2 again - this time with correct SVN revision
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1895 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 28703935b3 3.0.2 release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1894 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 7ddac2ac4b evil hack to make vacation work while we are using Mail::Sender - see also https://sourceforge.net/p/postfixadmin/patches/136/
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1893 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 0ec8064fe6 changelog update
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1892 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin f2a9131938 bump debian/changelog
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1891 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 80d381f644 Make VacationHandler compatible with MySQL strict mode again
The MySQL database layout includes a 'cache' column for historical
reasons, the PostgreSQL database never did.

r1883 removed the 'cache' column from VacationHandler to unbreak
PostgreSQL, and at the same time broke MySQL in strict mode.

This patch re-adds the 'cache' column only for MySQL to fix this
regression.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1890 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz bf9ec09829 Merge pull request #23 from Janfred/bugfix_aliasdelete
Security fix: don't allow to delete protected aliases (CVE-2017-5930)
8 years ago
Jan-Frederik Rieckers 800f07816a
Fix wrong way of check for can_delete 8 years ago
Jan-Frederik Rieckers 03f4bad49c
Add Language-Key for protected_alias_cant_be_deleted 8 years ago
Jan-Frederik Rieckers 7bb36d0bbc
Fix security hole in AliasHandler
Without this fix it is possible to delete a protected alias via editing
the request parameter of the alias to delete.
8 years ago