Commit Graph

26 Commits (c2ce2518e833f5b9376b9bf702a1269bd42a65cb)

Author SHA1 Message Date
Christian Boltz e3a701ba24
drop fallback for templates_c, die() instead
Using /tmp/ as fallback is insecure (predictible filenames in a
world-writeable directory enable symlink attacks). Better die() with an
useful error message.
7 years ago
David Goodwin 7e496094e0 fall back to sys_get_temp_dir() if we cannot write to a templates_c like place 8 years ago
David Goodwin b8051515db check whether we can use templates_c (this seems a better idea than falling back to using something in /tmp)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1886 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
David Goodwin 2bed4110a5 update Smarty to 3.1.29
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1841 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz ba46282f92 use smarty html_options instead of select_options()
list-virtual and viewlog were the last users of select_options()

smarty.inc.php:
- drop (now unused) select_options()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1822 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 35fad174f7 smarty.inc.php:
- assign(): additionally provide the unsanitized values as RAW_$key

PFAHandler.php:
- document 'html' field type (used for raw html), including a big warning

list.tpl:
- add handling to display raw html fields

This is a preparation to use the status markers with list.tpl without
introducing too big changes.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1775 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
David Goodwin c7bceb77cb smarty.inc.php : use !empty to avoid php moaning
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1625 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz ee90f4a74e smarty.inc.php:
- move header() calls from index.tpl to smarty.inc.php, which means 
  we no longer need to use SmartyBC class
- use Smarty instead of SmartyBC class
- eval_size(): use Config::Lang instead of $PALANG

templates/header.tpl:
- move header() calls to smarty.inc.php, and drop {php} usage



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1544 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 96b1c3c7f4 list-virtual.php, smarty.inc.php:
- replace boolconf() calls with Config::bool()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1475 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 89ffcbf25f smarty.inc.php:
- replace (last) usage of $CONF['postfix_admin_url'] with $rel_path
  (relative path to CSS etc., set to '../' in users/*)

users/*.php:
- set $rel_path to '../'

https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1395 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 06c2d414ef smarty.inc.php: some fixes after the Smarty upgrade:
- use SmartyBC (Backwards Compatible) instead of Smarty class to keep 
  {php} in templates working (do we really need this?)
- remove obsolete allow_php_tag
- config_dir default value is now an array



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1289 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz dc54de1657 smarty.inc.php - select_options():
- escape $val with htmlentities() (function result will/must be used
  unescaped later)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1189 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 3dcd56c77a Replaced motd*.txt with $CONF[motd_*] options
config.inc.php:
- new config options $CONF['motd_user'], $CONF['motd_admin'] and
  $CONF['motd_superadmin']

templates/index.tpl:
- added $CONF[motd_*] handling

css/default.css:
- new style #motd

templates/users_menu.tpl, templates/menu.tpl:
- removed inclusion of motd-users.txt / $motd_file

smarty.inc.php:
- removed handling for motd*.txt files

templates/motd-users.txt, templates/motd.txt:
- deleted


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1142 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 484e7a74f0 smarty.inc.php:
- prefix $CONF['theme_custom_css'] with $CONF['postfix_admin_url']
  - difference to Dale's patch: only do this if $CONF[theme_custom_css]
    is not empty

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1097 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 7dc3d62f3d smarty.inc.php:
- replaced last usage of $CONF['postfix_admin_path'] with $incpath

config.inc.php:
- drop (now unused) $CONF['postfix_admin_path'] config variable


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1070 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 43d1b71d4d smarty.inc.php:
- cleanup flash messages after displaying them

This fixes
https://sourceforge.net/tracker/?func=detail&aid=3232174&group_id=191583&atid=937964
reported by john doe (johndoe64@SF)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1048 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 240079c16f smarty.inc.php:
- set $this->template->allow_php_tag = true instead of editing 
  smarty/libs/Smarty.class.php after every smarty upgrade

added smarty/smarty_version with:
- a note about the current smarty version
- a note about additional files not part of the smarty package


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@973 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz e3b25d99b4 smarty.inc.php:
- use correct variable name instead of $smarty in __construct()
- everything else in this commit: whitespace changes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@964 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz a93d63a692 smarty.inc.php: interface cleanup etc.
- move initialisation of $smarty->template_dir, compile_dir and 
  config_dir into __construct() of PFASmarty class
- remove usage of /tmp/postfixadmin_templates_c/ to avoid security
  risks (symlink attacks etc.)
- remove __set, __get and __call from PFASmarty class to ensure we
  have a clearly documented interface to the template layer
- whitespace changes (mostly in select_options())
- added vim: line

See also the discussion about the r949 commit in postfixadmin-devel
for details.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@957 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
David Goodwin 7424cb0c1a remove strict standards issue with redefinition of smarty::assign() with different parameters than parent class; ideally I should not put the __get/__set/__call methods in here as living without them would reduce our dependency on smarty, but meh (PFASmarty should stil appear and BEHAVE like a Smarty object, it just technically is not one - it is just using one
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@949 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4c912f1da8 list-virtual.php:
- hand over $search to smarty templates

templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting

templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
  (was displayed once per mailbox alias target)

css/default.css:
- add style for ".searchresult"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
David Goodwin 017b062acd extend the Smarty class so when assigning data to it, it is automatically escaped (unless specified otherwise with a 3rd parameter (false) in the assign function call). This will probably cause some breakage esp where translations have html embedded within them - however i would rather this were the case than the application be vulnerable to XSS
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@782 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian 4a3e525f24 - small fix to smarty.inc.php. Really use our compile and templates directory
- Fix in menu.tpl to honor "show fetchmail tab"

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@768 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian 8360ca09d0 - fixed one more short open tag.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@762 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian 0b41887b36 - add <?php tags.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@760 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian b1287d97e2 - big merge of Postfixadmin smarty into trunk
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@757 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago