- gen_show_status(): escape mail addresses in query.
Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
(mostly - the edit/delete/... links in list-virtual are double-escaped)
In theory this could allow SQL injection, in practise the mail address
regex limits this issue to a DOS (creating a mail address with ' caused
an invalid query that broke list-virtual)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.
Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
- after creating a superadmin, display a note that the setup is done and
it's possible to login now (idea by t-ask on IRC)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1788 a1433add-5e2c-0410-b055-b7f2511e0802
- split upgrade_1763() into mysql and pgsql versions because pgsql
doesn't support SUBSTRING_INDEX
(reported by darix on IRC)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1786 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): in 'aliases_quot' and '_aliases_quot_percent', use
coalesce(__mailbox_count,0) - without, we always get _0_ aliases if
a domain doesn't have mailboxes
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1783 a1433add-5e2c-0410-b055-b7f2511e0802
- display the "Go" button only if javascript is disabled (the dropdowns
have an onchange event defined, which makes the "Go" button superfluous)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1780 a1433add-5e2c-0410-b055-b7f2511e0802
- improve headline:
- in search mode, display the search term instead of the last selected
domain (which isn't useful at all when displaying search results)
- display number of aliases and mailboxes only in domain mode (they
are useless/wrong in search mode)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1779 a1433add-5e2c-0410-b055-b7f2511e0802
list-virtual.php:
- use list.tpl for aliases
- move show_gen_status handling for aliases to AliasHandler
AliasHandler:
- initStruct():
- add 'status' column (hidden by default)
- hide 'created'
- move 'active' after 'modified' to match old list-virtual.php layout
- initMsg: add list_header
- webformConfig(): if $CONF[show_status], set display_in_list for
'status' column. Also set a (whitespace) label to make sure it's
displayed
- db_read_from_db_postprocess(): if 'status' column is requested, call
gen_show_status() for each row
list-virtual.tpl
- remove alias table header and create alias button (which should have
been in list-virtual_alias.tpl)
list-virtual_alias.tpl:
- replace code to generate the alias table with {include 'list.tpl'}
(and some variable assignments)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1777 a1433add-5e2c-0410-b055-b7f2511e0802
- add support for list_header (like ":: Alias" in list-virtual)
PFAHandler:
- add empty default for $msg['list_header']
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1776 a1433add-5e2c-0410-b055-b7f2511e0802
- assign(): additionally provide the unsanitized values as RAW_$key
PFAHandler.php:
- document 'html' field type (used for raw html), including a big warning
list.tpl:
- add handling to display raw html fields
This is a preparation to use the status markers with list.tpl without
introducing too big changes.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1775 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
default aliases if special_alias_control is off and not superadmin
list.tpl:
- use $item._can_edit instead of $check_alias_owner
list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
(replaced by the code added in AliasHandler)
- drop unused $sql_domain
functions.inc.php:
- delete no longer used check_alias_owner() function
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1774 a1433add-5e2c-0410-b055-b7f2511e0802
User-visible changes:
- alias domain list can be downloaded as CSV
- no more search highlighting for alias domains
list-virtual.php:
- expect $search to be an array
- change alias domain handling to use list.php instead of
list-virtual_alias_domain.tpl, and move some logic from the template
to list-virtual.php. (The template file is kept as list.tpl wrapper.)
- adopt mailbox and alias search to $search[_]
- adopt pagebrowser to $search[_]
list-virtual_alias_domain.tpl:
- replace custom output generation with {include 'list.php'} and some
variable assignments
PFAHandler.php:
- add $this->id_field to $this->msg (avoids another smarty template
variable)
configs/menu.conf:
- change input name to search[_]
list-virtual_alias.tpl, list-virtual_mailbox.tpl:
- adopt to $search[_] by setting $search in a backwards-compatible way
list.tpl:
- add special handling for aliasdomain.target_domain linking
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1773 a1433add-5e2c-0410-b055-b7f2511e0802
- build_select_query(): add support for $search['_'] (searching if one
of the $this->searchfields contains the search text)
- getList(): make sure '_' is kept in the search parameters
functions.inc.php:
- db_where_clause(): slightly relax checks - if $condition is empty,
only error out if $additional_raw_where is also empty
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1772 a1433add-5e2c-0410-b055-b7f2511e0802
- initStruct(): Adjust columns to match list-virtual.php layout:
- make 'alias_domain' a link
- move 'active' after 'modified'
- don't display 'created'
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1771 a1433add-5e2c-0410-b055-b7f2511e0802
- add protected $searchfields = array(); - list of fields to search by
default, if just a search term is given. This will be done with
$search['_'], but that code is not implemented yet.
- add $this->msg['show_simple_search'] (true if $searchfields is non-empty)
list.tpl:
- display search input box and search overview only if $searchfields is
not empty
AliasdomainHandler:
- add 'alias_domain' and 'target_domain' to $searchfields
MailboxHandler:
- add 'username' to $searchfields
AliasHandler:
- add 'address' and 'goto' to $searchfields
This effectively means that the search input box is no longer displayed
in list.php for admin, domain and fetchmail listings.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1770 a1433add-5e2c-0410-b055-b7f2511e0802
PFAHandler:
- add $msg['can_create'] (true by default)
DomainHandler:
- set $msg['can_create'] based on is_superadmin
list.tpl:
- display 'create' button only if $msg['can_create'] is true
Note: This is only an optical improvement, not a permission check.
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1769 a1433add-5e2c-0410-b055-b7f2511e0802