Commit Graph

26 Commits (c2ce2518e833f5b9376b9bf702a1269bd42a65cb)

Author SHA1 Message Date
Christian Boltz 52a7df2b3a Add CSRF protection for POST requests
Add the CSRF token to all forms, and validate it when those forms are
submitted.

https://sourceforge.net/p/postfixadmin/bugs/372/



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1842 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 6e2e132bac remove "postfixadmin.com" in comments in lots of files
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1558 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 08c9b4e49f *.lang:
- renamed some $PALANG texts:
  - pOverview_button => go
  - pOverview_mailbox_name => name
  - pSendmail_admin => from
  - pAdminEdit_admin_username => admin
  - pEdit_alias_goto => to 
- deleted obsolete or duplicate $PALANG texts:
  - pOverview_alias_goto
  - pCreate_alias_goto
  - pEdit_alias_button
  - pEdit_mailbox_name
  - pEdit_mailbox_button
  - pViewlog_username
  - pViewlog_button
  - pAdminList_admin_username
  - pAdminList_virtual_button
  - pAdminList_virtual_alias_address
  - pAdminList_virtual_alias_goto
  - pAdminList_virtual_mailbox_name
  - pAdminEdit_domain_button
  - pAdminEdit_admin_button
  - pBroadcast_from
  - pBroadcast_send

model/*, setup.php, templates/*, users/edit-alias.php:
- update to use the renamed $PALANG texts


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1513 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 871bcbbe2f functions.inc.php:
- check_domain(), check_email(): instead of calling flash_error(),
  return string with error message - or empty string if everything is ok

model/AdminHandler.php, model/AliasHandler.php,
model/DomainHandler.php, model/MailboxHandler.php,
sendmail.php, users/edit-alias.php:
- adopt to changed check_domain() and check_email() return value


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1451 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 89ffcbf25f smarty.inc.php:
- replace (last) usage of $CONF['postfix_admin_url'] with $rel_path
  (relative path to CSS etc., set to '../' in users/*)

users/*.php:
- set $rel_path to '../'

https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1395 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e9d8fa1ff9 remove obsolete functions from AliasHandler (part 2/2)
AliasHandler.php:
- remove obsolete functions update(), is_mailbox_alias(), 
  is_vacation_address(), hasAliasRecord()
- updated delete() to use new *Handler syntax (most of it should be
  moved to PFAHandler, but that's another story ;-)

users/edit-alias.php:
- replace $ah->update with $ah->set / $ah->store
- use 0/1 for $fForward_and_store instead of YES/NO
- use safepost instead of isset()

templates/users_edit-alias.tpl:
- use 0/1 for $fForward_and_store instead of YES/NO

xmlrpc.php:
- replace $ah->update with new *Handler syntax

Note: the changes in xmlrpc.php are untested again ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1358 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz fff6654634 AliasHandler:
- remove deprecated functions get() and hasStoreAndForward()

scripts/shells/alias.php:
- ViewTask: switch to *Handler syntax
- ViewTask: display is_mailbox, goto_mailbox and on_vacation status

users/edit-alias.php:
- replace $ah->get() and $ah->hasStoreAndForward() with *Handler syntax
- remove outdated comment in header

xmlrpc.php:
- switch get() and hasStoreAndForward() to *Handler syntax

Note: the changes in xmlrpc.php are untested!


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1357 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 2f3d4bcb9c users/edit-alias.php:
- remove unused variable $USERID_DOMAIN


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1346 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz da9a69dd0d AliasHandler.php:
- add initStruct() (not the final version, but works for now)
- add initMsg()
- replace $this->username with $this->id everywhere
- drop __construct() - default __construct will be used now

users/edit-alias.php, xmlrpc.php, VacationHandler.php, scripts/shells/alias.php:
- use default init sequence for AliasHandler (new, then ->init())


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1310 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e95dffb55a users/edit-alias.php:
- remove unused $vacation_domain and $vacation_goto


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1280 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz b26012ca18 users/edit-alias.php:
- fix undefined smarty variables


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1150 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz ceb24297c7 users/edit-alias.php, users/password.php, users/vacation.php, users/login.php:
- replaced tMessage with flash_error() / flash_info()

users/vacation.php:
- set today as default date if vacation start/end date are empty

users/edit-alias.php:
- removed now superfluous code to join multiple tMessage texts with <br>
- removed a </font> that was appended to $PALANG['pEdit_alias_goto_text_error2']

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1085 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz f6cb87eb6e users/edit-alias.php:
- another fix for fForward_and_store on validation errors


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@914 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 5381f96426 users/edit-alias.php: prepared for updated AliasHandler, small fixes
- prepared for updated AliasHandler from scripts/
- user could cause an empty alias with a trick (or form manipulation).
  Checking forward_and_store for != YES instead of == NO fixes this.
- don't replace spaces in the middle of an (BTW: invalid) alias target
- preserve user input on validation error
- allowed displaying of multiple error messages
- removed unused $_POST[fVacation] variable
- some whitespace fixes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@911 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4c912f1da8 list-virtual.php:
- hand over $search to smarty templates

templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting

templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
  (was displayed once per mailbox alias target)

css/default.css:
- add style for ".searchresult"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Sebastian 9ddf15439f - fix some display errors after rev. 788, found and patch supplied by Jan-Kruis, thx.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@791 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian b1287d97e2 - big merge of Postfixadmin smarty into trunk
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@757 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin 667b00d13f fix errors e.g. see https://sourceforge.net/tracker/?func=detail&aid=2711888&group_id=191583&atid=937964
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@603 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 53182c4922 refactoring of users (most app logic is now in /model)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@575 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz 11c39af699 - added/fixed vim: lines to nearly all *.php files (exception: templates/*)
(ts=3 or ts=4 depending on the file content)
- several whitespace fixes
- (no code changes)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@566 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 39953d029d rename templates to .php instead of .tpl
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@250 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Christian Boltz 664aa2b860 users/edit-alias.php:
- trim() goto targets to avoid wrong messages about empty goto field
  if first line is empty
  https://sourceforge.net/tracker/index.php?func=detail&aid=1839061&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@247 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin dc51d62e15 update license headers
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@107 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin 075d15b4b1 db_log patch from amsys - make db logging translatable
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@90 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
David Goodwin cf5b117aa5 admin/*, users/* - code refactoring
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@67 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
Mischa Peters 85dc57beee Initial Import in SourceForge
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago