# Postfix Admin # # LICENSE # This source file is subject to the GPL license that is bundled with # this package in the file LICENSE.TXT. # # Further details on the project are available at http://postfixadmin.sf.net # # Last update: # $Id$ Version ***svn*** - 2013/12/09 - SVN r*** ----------------------------------- Summary of major changes: - new command-line interface "postfixadmin-cli" - major rewrite: - move lots of code into *Handler classes, which are used by web and command-line interface - replace various edit-*.php and create-*.php with a generic editform (edit.php/editform.tpl) - this also means it's easy to customize forms, add fields etc. (see $CONF['*_struct_hook']) - lots of code cleanup, remove/merge lots of duplicated code and templates - use smarty for templates - various enhancements everywhere - redesign login page, list and edit pages (goodbye, green!) and make them wider - several new config options and changed defaults - NOTE: changes from the 2.3.x releases also apply to this version new config options: - $CONF['language_hook'] Hook function to override or add translations to $PALANG. Example hook function included (commented out). - $CONF['password_validation'] - array with regular expressions to check if a password is valid/good enough. The default configuration enforces: - minimum length 5 characters/digits/whatever - at least 2 characters - at least 2 digits - $CONF['*_struct_hook'] - make $struct in the *Handler classes customizeable - $CONF['vacation_choice_of_reply'] - list of reply interval options - $CONF[domain_quota] - total quota per domain - $CONF['theme_custom_css'] - to add some custom CSS without editing the default CSS file - $CONF['motd_*'] - replaces motd*.txt changed config defaults (with their new default value): - $CONF['database_type'] = 'mysqli'; - $CONF['dovecotpw'] = "/usr/sbin/doveadm pw"; $CONF['new_quota_table'] = 'YES'; (for dovecot 2) - $CONF['domain_path'] = 'YES'; $CONF['domain_in_mailbox'] = 'NO'; (results in domain.tld/username/ maildirs) - $CONF['alias_control'] = 'YES'; $CONF['alias_control_admin'] = 'YES'; - $CONF['backup'] = 'NO'; - $CONF['show_status']='YES'; $CONF['show_status_key']='YES'; $CONF['show_undeliverable']='YES'; $CONF['show_popimap']='YES'; $CONF['show_undeliverable_exceptions'] - "gmail.com" removed - $CONF[*_post*_script] - add empty defaults - $CONF['admin_email'] = '' IMPORTANT: If set, this will be used as mail sender for all mails (2.3.x used the currently logged in admin's username in most cases). $CONF['admin_email'] = '' will match the 2.3.x behaviour. removed config options: - $CONF['min_password_length'] - now handled in /.{5}/ in $CONF['password_validation'] - $CONF[postfix_admin_url] - relative paths are now used everywhere list-virtual.php: - display percentage of quota usage - display alias domains less confusing (using From/To) - list-virtual can now display only mailboxes, only aliases or only alias domains - or all in one page as in 2.3 - extreme speedup of page browser in list-virtual if a large number of mailboxes or aliases exist - include search support (replaces search.php and brings various bug fixes for free) - fix: delivery to mailbox with a recipient delimiter (mailbox+foo@domain) was marked as "forward only" - fix: don't mark mailboxes with vacation active as undeliverable - fix: undeliverable targets were not flagged if another target pointed to a domain in $CONF[show_undeliverable_exceptions] fetchmail.php, fetchmail.pl: - add sslcertck, sslcertpath, sslfingerprint fields/check (sslcertpath and sslfingerprint require $CONF[fetchmail_extra_options] because they don't have input validation) functions.inc.php - allowed_quota: if $CONF[quota] == NO, just return 0 (unlimited) - authentification_get_username() - honor POSTFIXADMIN_SETUP to avoid a redirect to login.php after creating an admin with setup.php and to get "SETUP.PHP" for db_log() - check_domain(), check_email(): instead of calling flash_error(), return string with error message - or empty string if everything is ok - check_email(): - replace $CONF[vacation_domain] only at the end of the mail address - don't trim() mail address to avoid that aliases starting with a space are allowed. This fixes http://sourceforge.net/p/postfixadmin/bugs/210/ - check_language(): remove things like ";q=0.8" before checking if a language exists - check_owner(): - escape_string() $username and $domain to prevent SQL injections - db_pgsql() - new function to replace lots of "if ($CONF[database_type] == 'pgsql')) checks - db_delete(): allow to specify additional conditions for the WHERE clause - db_get_boolean(): allow 0 and 1 as parameters, not only boolean true/false - db_log(): - allow log actions create_admin and edit_admin - add edit_admin_state and delete_admin as comment/reminder that they should also be logged - db_query(): error_log() failed query - db_where_clause($condition, $struct) - new function to create a WHERE clause (bool values are converted with db_get_boolean() based on $struct) - _flash_string(): - also accept an array of messages, not only a string - html-escape messages to fix XSS if the message contains user-supplied input - generate_password(): make generated password always 8 chars long (instead of $CONF['min_password_length']) - get_domain_properties(): use DomainHandler (function result mostly unchanged, only difference: instead of quota_sum in bytes it now returns total_quota in MB) - list_domains_for_admin(): - rewrite to work for superadmins also (will list all domains now instead of "ALL"), which means we can drop the admin vs. superadmin check at various places - pacrypt(): - no longer escape_string() the result. This fixes http://sourceforge.net/p/postfixadmin/bugs/218/ - for 'system' encryption, use full hashed password as salt https://sourceforge.net/p/postfixadmin/bugs/2/ - dovecot:*: - add support for dovecot *-CRYPT passwords (needs dovecot >= 2.1) - allow "." in dovecot method (to allow a suffix like ".b64") - Also, the {METHOD} part is no longer removed (passwords without {METHOD} still work) - remove_from_array() - new function - safesession() - new function (like safeget(), but for $_SESSION) - smtp_mail(): error_log() the error message if fsockopen() fails - table_by_key() now always prepends $CONF['database_prefix'] NOTE: If you have/had an incomplete database_tables array and use $CONF['database_prefix'], you might need to rename the affected tables manually (add the database_prefix in their name). - moved several functions to the *Handler classes - deleted no longer used functions: - admin_exist() - authentication_is_admin() - authentication_is_user() - boolconf() (moved to Config::bool()) - check_string() - create_admin() - check_alias() (moved to AliasHandler->create_allowed()) - db_boolean_to_int() - domain_exist() - get_admin_properties() - get_mailbox_properties() - get rid of global $table_* variables, use table_by_key() instead PFAHandler.php: - parent class for all *Handler classes - contains code shared between all classes AdminHandler.php: - Handler class for admins - for now, set the superadmin column and add "ALL" in domain_admins to keep the database backwards-compatible with 2.3.x AdminpasswordHandler.php: - used for the "change password" form for admins DomainHandler.php - handler class for domains - delete(): do not allow to delete a domain if it is an alias domain target AliasdomainHandler.php: - handler class for alias domains - alias domains can now be edited AliasHandler.php: - rewrite based on PFAHandler - we even get a "deliver to local mailbox" checkbox :-) - only allow @domain as target if $this->id is a catchall - remove deprecated functions: - get() - hasStoreAndForward() - update() - is_mailbox_alias() - is_vacation_address() - hasAliasRecord() MailboxHandler (previously named UserHandler in 2.3): - rewrite based on PFAHandler - drop old __construct(), view() and change_pass() - replace check of old password in change_pw() with $this->login - delete(): also cleanup fetchmail, quota and quota2 tables - always check password with validate_password() - always display correct available quota (using allowed_quota()) - do not escape the password coming from $_POST. Fixes http://sourceforge.net/p/postfixadmin/bugs/218/ VacationHandler: - rewrite based on PFAHandler (not useable yet) - add ability to choose activation date, end date and reply interval for vacation message - http://sourceforge.net/p/postfixadmin/patches/111/ vacation.pl: - allow to use original subject in vacation reply subject ("Re: $SUBJECT") http://sourceforge.net/p/postfixadmin/patches/117/ - encode subject - https://sourceforge.net/p/postfixadmin/bugs/272/ , https://sourceforge.net/p/postfixadmin/patches/119/ - add a friendly from address to vacation messages ($friendly_from) - make error handling if we cannot send the reply more robust - add $smtp_client config option to specify the helo name - added custom noreply detection ($noreply_pattern, $custom_noreply_pattern) Config.php - new class to store $CONF - also used to store $PALANG texts (Config::Lang()) - contains functions to read config entries in various ways (bool etc.) edit.php - generic edit page for everything (admins, domains, mailboxes, aliases, ...) - use ?table= parameter to decide what will be edited (basically $tableHandler) - read handler-specific configuration from $handler->webformConfig() and use it at various places - always redirect to edit.php?table=$table after adding an item to ensure correct initialization for next item - call $handler->mergeId if $id_field is editable, but not displayed in form (usecase: merge localpart + domain to address) - set $form_fields and $id_field later (after $hander->init()) - needed for AliasHandler to decide if goto_mailbox should be displayed - only set $values if a field is editable and displayed in the form editform.tpl: - generic edit form template, uses $struct to render the form - implement handling of 'list' fields (