banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
PostfixAdmin for BananaNetwork - to apply required patches before release or release in async to the official version https://github.com/postfixadmin/postfixadmin
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1,792 Commits
5 Branches
40 Tags
9.3 MiB
PHP 79.8%
JavaScript 8.2%
Smarty 4.4%
Perl 2.7%
Gettext Catalog 1.5%
Other 3.3%
 
 
 
 
 
 
postfixadmin_3.2
master
feature-php-crypt-prefix
gh-pages
postfixadmin-2.3
release-2020-05-22-11-27
postfixadmin-1.3.7
postfixadmin-1.4.0
postfixadmin-1.5.0
postfixadmin-1.5.1
postfixadmin-1.5.2
postfixadmin-1.5.3
postfixadmin-1.5.4
postfixadmin-2.0.0
postfixadmin-2.0.1
postfixadmin-2.0.2
postfixadmin-2.0.3
postfixadmin-2.0.4
postfixadmin-2.0.5
postfixadmin-2.1.0
postfixadmin-2.2.0
postfixadmin-2.2.1
postfixadmin-2.2.1.1
postfixadmin-2.3.3
postfixadmin-2.3.4
postfixadmin-2.3.5
postfixadmin-2.3.6
postfixadmin-2.3.7
postfixadmin-2.3beta
postfixadmin-2.3rc1
postfixadmin-2.3rc2
postfixadmin-2.3rc3
postfixadmin-2.3rc4
postfixadmin-2.3rc5
postfixadmin-2.3rc6
postfixadmin-2.3rc7
postfixadmin-2.91
postfixadmin-3.0.2
postfixadmin-3.1
postfixadmin-3.2
postfixadmin-3.2.1
postfixadmin-3.2.2
postfixadmin-3.2.3
postfixadmin-3.2.4
push
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ffb84283c2'
${ noResults }
Go to file
Sylvain Tissot ffb84283c2
Harden password reset process 
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
 		7 years ago
ADDITIONS fix surname typo 7 years ago
DOCUMENTS update for https://github.com/postfixadmin/postfixadmin/issues/66 7 years ago
VIRTUAL_VACATION renamed to INSTALL.md 7 years ago
configs migrate search input field to use search[_], and use list.tpl for alias domains 9 years ago
css default.css: 8 years ago
debian improve config file loading when installed from a debian package 7 years ago
images postfixadmin2.xcf: 9 years ago
languages Harden password reset process 7 years ago
model Harden password reset process 7 years ago
scripts fix perms (executable) 7 years ago
smarty bump file 7 years ago
templates Harden password reset process 7 years ago
tests this will probably migrate us to phpunit; stupid dev env is misbehaving though so it is hard to test 13 years ago
users Harden password reset process 7 years ago
.gitignore Fix filename for *.menu.conf.php in gitignore 7 years ago
CHANGELOG.TXT changelog update etc. for 3.1 release 7 years ago
GPL-LICENSE.TXT Initial Import in SourceForge 17 years ago
INSTALL.TXT update requirements and links in INSTALL.TXT 7 years ago
LICENSE.TXT LICENSE.TXT: 13 years ago
README.md Update/remove outdated information 7 years ago
backup.php functions.inc.php: 11 years ago
broadcast-message.php Fixed: php 5.4 array shortcut syntax errors on 5.3 7 years ago
calendar.js - big merge of Postfixadmin smarty into trunk 15 years ago
common.php Finally get rid of variables.inc.php 7 years ago
config.inc.php Harden password reset process 7 years ago
delete.php delete.php: 10 years ago
edit.php Add CSRF protection for POST requests 8 years ago
editactive.php editactive.php: 9 years ago
favicon.ico Non-empty ;-) favicon 7 years ago
functions.inc.php Harden password reset process 7 years ago
index.php remove silencing of @include_once - fixes #20 7 years ago
list-virtual.php remove php4 constructor; hide some cNav_bar variables and rename some variables 7 years ago
list.php list.php: 9 years ago
login.php Harden password reset process 7 years ago
main.php remove "postfixadmin.com" in comments in lots of files 11 years ago
password-change.php Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
password-recover.php Allows a user or admin to reset his/her forgotten password with a code sent by email/SMS #18 7 years ago
sendmail.php Finally get rid of variables.inc.php 7 years ago
setup.php Correct some "=+ 1" -> "+= 1" typos in setup.py. 7 years ago
smarty.inc.php clear stat cache so the is_writeable() result will eventually change with subsequent page reloads if the user has actually fixed the dir 7 years ago
upgrade.php Harden password reset process 7 years ago
vacation.php Finally get rid of variables.inc.php 7 years ago
viewlog.php Fix syntax error in viewlog.php 7 years ago
xmlrpc.php fix xmlrpc function call (non-static method being called statically); fix method docblock which is read by Zend_XmlRpc_Server etc 10 years ago

README.md

postfixadmin

PostfixAdmin - web based administration interface for Postfix mail servers

Useful Links