Commit Graph

1968 Commits (c1b5e66e272a9dcb202c3719b5677304061c158e)
 

Author SHA1 Message Date
Christian Boltz b06d25de8f
Merge pull request #108 from HLFH/master
favicon within images folder
7 years ago
HLFH 0972df8243 favicon within images folder 7 years ago
David Goodwin 768d29623e patch from https://github.com/bofh16/postfixadmin/blob/master/bg.lang.patch - thanks! 7 years ago
David Goodwin 7afb26fcc8 variables for docker 7 years ago
David Goodwin bdade520f4
Merge pull request #85 from julywind/master
fix invalid value for token_validity
7 years ago
houmingtao 5f1ac12d72 use current time as default token_validity value 7 years ago
David Goodwin 8bd435039b
Merge pull request #92 from leeclemens/feature-91/mysql-ssl
Add support for MySQL connections over SSL
7 years ago
Lee Clemens ebbd9025e4 Add support for MySQL connections over SSL 7 years ago
David Goodwin dbbc40b327 add example docker compose settings 7 years ago
David Goodwin ba47f2df2a update docker entrypoint - require db connection params; default to sqlite; revert to using upgrade.php as we do not need the setup.php checks 7 years ago
David Goodwin 72f32f0b3d
Merge pull request #90 from pbkwee/patch-1
singular correction.  Update en.lang
7 years ago
pbkwee f217524524
Update en.lang
"Your email address or password are not correct".  Message indicates one thing is wrong.  So use is not are.
7 years ago
David Goodwin 5720e73732 + cd docker 7 years ago
David Goodwin a77d08a92c initial Docker readme 7 years ago
David Goodwin 699267a915 fall back to sqlite for docker image 7 years ago
David Goodwin 356ca84144
Merge pull request #64 from J0WI/docker
[WIP] add Dockerfile
7 years ago
David Goodwin 0f09b8c176 _db_add_field() calls table_by_key - so avoid calling it twice ... 7 years ago
David Goodwin 17e347de7f Add id autoincrement field to log table; ought to fix #89 7 years ago
David Goodwin 90d3a0ded7 see #86 - remove unnecessary config user/group 7 years ago
David Goodwin 56e1215994 upgrade.php: output current/target version 7 years ago
root 4670182d79 fix invalid value for token_validity 7 years ago
Christian Boltz fe5e256b6d Merge pull request #79 from Ecodev/harden-password-reset
Harden password reset process
7 years ago
Sylvain Tissot ffb84283c2
Harden password reset process
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
7 years ago
David Goodwin 8bb6000072 Merge pull request #60 from Vilican/master
Security fixes
7 years ago
David Goodwin db06ac919c Merge pull request #82 from evaryont/sqlite-v1837
Upgrade SQlite db to v1837
7 years ago
Colin Shea f568309ef5 Upgrade SQlite db to v1837
Includes a TODO for v1836. Not sure if it's needed... Haven't ran into
any issues yet.
7 years ago
jowi 39dca79879 Add SQLite and PDO support 7 years ago
David Goodwin c5136c408d improve config file loading when installed from a debian package 7 years ago
jowi ec2cc0041e fix postgres dependency 7 years ago
Christian Boltz ae56c2b700
Fix syntax error in viewlog.php
Reported in issue #74
7 years ago
David Goodwin dd06aa75e0 attempt at fixing various .deb issues - link templates_c to /var/cache/postfixadmin; add postfixadmin-cli to deb and symlink into /usr/bin 7 years ago
David Goodwin 252d42dcc0 fix perms (executable) 7 years ago
David Goodwin 5c2e3d1e00 possible changes for deb package to include postfixadmin-cli in /usr/bin 7 years ago
David Goodwin 6258cc669d update quilt patches 7 years ago
David Goodwin 2fc36e82ad see #74 - fix undefined $CONF[page_size] 7 years ago
David Goodwin 4b999b3f6b improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73 7 years ago
Matyáš Koc 3c95ec4a09 Add CSRF token 7 years ago
Matyáš Koc 9f30aa5ff4 Handle logout in a new way (user login) 7 years ago
Matyáš Koc 74c29f8a10 Handle logout in a new way (admin login) 7 years ago
David Goodwin 82e7bdfda3 fix surname typo 7 years ago
David Goodwin 9dbeb68f9a add TODO 7 years ago
David Goodwin 2b04b72072 remove unnecessary nesting, reindent, make it print out what it might do before breaking stuff etc 7 years ago
David Goodwin 9b16645c0f Merge pull request #70 from Seitanas/master
virtualmaildel.php with PHP mysqli extension.
7 years ago
Seitanas 72288b8402 Updated to use PHP mysqli extension. 7 years ago
David Goodwin 0b70b5c686 resync debian/control with debian stretch 7 years ago
jowi dbe8475ed2 pgsql support (wip) 7 years ago
David Goodwin 9841c7c86b bump file 7 years ago
David Goodwin c476a61ec4 clear stat cache so the is_writeable() result will eventually change with subsequent page reloads if the user has actually fixed the dir 7 years ago
David Goodwin 14ec596cbf bump Smarty to v1.3.31 (various fixes); add custom modifier.needle.php 7 years ago
David Goodwin a40e99c8ed renamed to INSTALL.md 7 years ago