Postfix Admin Setup Checker

Running software:

"; print "

Checking environment:\n"; print "

"; if ($error != 0) { print "

Please fix the errors listed above.

"; } else { print "

Everything seems fine... attempting to create/update database structure

\n"; require_once(dirname(__FILE__) . '/upgrade.php'); $tUsername = ''; $setupMessage = ''; $lostpw_error = 0; $setuppw = ""; if (isset($CONF['setup_password'])) { $setuppw = $CONF['setup_password']; } if (safepost("form") == "setuppw") { # "setup password" form submitted if (safepost('setup_password') != safepost('setup_password2')) { $setupMessage = "The two passwords differ!"; $lostpw_error = 1; } else { list($lostpw_error, $lostpw_result) = check_setup_password(safepost('setup_password'), 1); $setupMessage = $lostpw_result; $setuppw = "changed"; } } elseif (safepost("form") == "createadmin") { # "create admin" form submitted list($pw_check_error, $pw_check_result) = check_setup_password(safepost('setup_password')); if ($pw_check_result != 'pass_OK') { $error += 1; $setupMessage = $pw_check_result; } if ($error == 0 && $pw_check_result == 'pass_OK') { // XXX need to ensure domains table includes an 'ALL' entry. $table_domain = table_by_key('domain'); $rows = db_query_all("SELECT * FROM $table_domain WHERE domain = 'ALL'"); if (empty($rows)) { db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => '')); // all other fields should default through the schema. } $values = array( 'username' => safepost('username'), 'password' => safepost('password'), 'password2' => safepost('password2'), 'superadmin' => 1, 'domains' => array(), 'active' => 1, ); list($error, $setupMessage, $errormsg) = create_admin($values); if ($error != 0) { $tUsername = htmlentities($values['username']); } else { $setupMessage .= "

You are done with your basic setup. "; $setupMessage .= "

You can now login to PostfixAdmin using the account you just created."; } } } if (!isset($_SERVER['HTTPS'])) { echo "

Warning: connection not secure, switch to https if possible

"; } ?>
For a new installation, you need to generate a 'setup_password' to go into your config.local.php file.

You can use the form below, or run something like

php -r 'echo "somesalt:" . sha1("somesalt:" . "password");'
in a shell, after changing the salt.

EOF; $change = "Generate"; } ?>

$CONF['setup_password']

Add a SuperAdmin Account

Since version 2.3 there is no requirement to delete setup.php

Check the config.inc.php file for any other settings that you may need to change.

{$errors[$key]}"; } function generate_setup_password_salt() { $salt = time() . '*' . $_SERVER['REMOTE_ADDR'] . '*' . mt_rand(0, 60000); $salt = md5($salt); return $salt; } function encrypt_setup_password($password, $salt) { return $salt . ':' . sha1($salt . ':' . $password); } /* returns: array( 'error' => 0 (or 1), 'message => text ) */ function check_setup_password($password, $lostpw_mode = 0) { global $CONF; $error = 1; # be pessimistic $setuppw = ""; if (isset($CONF['setup_password'])) { $setuppw = $CONF['setup_password']; } list($confsalt, $confpass, $trash) = explode(':', $setuppw . '::'); $pass = encrypt_setup_password($password, $confsalt); $validpass = validate_password($password); if ($password == "") { # no password specified? $result = "Setup password must be specified
If you didn't set up a setup password yet, enter the password you want to use."; } elseif (count($validpass) > 0) { $result = $validpass[0]; # TODO: honor all error messages, not only the first one } elseif ($pass == $setuppw && $lostpw_mode == 0) { # correct passsword (and not asking for a new password) $result = "pass_OK"; $error = 0; } else { $pass = encrypt_setup_password($password, generate_setup_password_salt()); $result = ""; if ($lostpw_mode == 1) { $error = 0; # non-matching password is expected when the user asks for a new password } else { $result = '

Setup password not specified correctly

'; } $result .= '

If you want to use the password you entered as setup password, edit config.inc.php or config.local.php and set

'; $result .= "
\$CONF['setup_password'] = '$pass';
"; } return array($error, $result); } function create_admin($values) { DEFINE('POSTFIXADMIN_SETUP', 1); # avoids instant redirect to login.php after creating the admin $handler = new AdminHandler(1, 'setup.php'); $formconf = $handler->webformConfig(); if (!$handler->init($values['username'])) { return array(1, "", $handler->errormsg); } if (!$handler->set($values)) { return array(1, "", $handler->errormsg); } if (!$handler->store()) { return array(1, "", $handler->errormsg); } return array( 0, $handler->infomsg['success'], array(), ); } /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ ?>