mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
setup.php
- add rewritten function create_admin() (now using AdminHandler, which means 25 instead of 80 lines) - various follow-up changes to match the rewritten function create_admin() functions.inc.php: - delete function create_admin() - setup.php was the last file calling it - honor POSTFIXADMIN_SETUP in authentification_get_username() to avoid a redirect to login.php after creating an admin with setup.php and to get "SETUP.PHP" for db_log() model/AdminHandler.php: - add TODO: implement generate_password git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1301 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
parent
f6425e025b
commit
ee33647232
@ -31,6 +31,10 @@ function authentication_get_username() {
|
||||
return 'CLI';
|
||||
}
|
||||
|
||||
if (defined('POSTFIXADMIN_SETUP')) {
|
||||
return 'SETUP.PHP';
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['sessid'])) {
|
||||
header ("Location: login.php");
|
||||
exit(0);
|
||||
@ -2226,84 +2230,6 @@ function gen_show_status ($show_alias) {
|
||||
)
|
||||
*/
|
||||
|
||||
function create_admin($fUsername, $fPassword, $fPassword2, $fDomains, $no_generate_password=0) {
|
||||
global $PALANG;
|
||||
global $CONF;
|
||||
$error = 0;
|
||||
$pAdminCreate_admin_message = '';
|
||||
$pAdminCreate_admin_username_text_error = '';
|
||||
$pAdminCreate_admin_password_text_error = '';
|
||||
|
||||
if (!check_email ($fUsername)) {
|
||||
$error = 1;
|
||||
$pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error1'];
|
||||
}
|
||||
|
||||
if (empty ($fUsername) or admin_exist ($fUsername)) {
|
||||
$error = 1;
|
||||
$pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error2'];
|
||||
}
|
||||
|
||||
$generated_password = 0;
|
||||
if (empty ($fPassword) or empty ($fPassword2) or ($fPassword != $fPassword2)) {
|
||||
if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES" && $no_generate_password == 0) {
|
||||
$fPassword = generate_password ();
|
||||
$generated_password = 1;
|
||||
} else {
|
||||
$error = 1;
|
||||
$pAdminCreate_admin_password_text_error = $PALANG['pAdminCreate_admin_password_text_error'];
|
||||
}
|
||||
}
|
||||
|
||||
$validpass = validate_password($fPassword);
|
||||
if(count($validpass) > 0 && $generated_password == 0) { # skip this check for generated passwords
|
||||
$pAdminCreate_admin_password_text_error = $validpass[0]; # TODO: honor all error messages, not only the first one
|
||||
$error = 1;
|
||||
}
|
||||
|
||||
if ($error != 1) {
|
||||
$password = pacrypt($fPassword);
|
||||
// $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
|
||||
|
||||
$db_values = array(
|
||||
'username' => $fUsername,
|
||||
'password' => $password,
|
||||
);
|
||||
$result = db_insert('admin', $db_values);
|
||||
if ($result != 1) {
|
||||
$pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_error'] . "<br />($fUsername)<br />";
|
||||
} else {
|
||||
if (!empty ($fDomains[0])) {
|
||||
for ($i = 0; $i < sizeof ($fDomains); $i++) {
|
||||
$domain = $fDomains[$i];
|
||||
$db_values = array(
|
||||
'username' => $fUsername,
|
||||
'domain' => $domain,
|
||||
);
|
||||
$result = db_insert('domain_admins', $db_values, array('created'));
|
||||
}
|
||||
}
|
||||
$pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_success'] . "<br />($fUsername";
|
||||
if ($CONF['show_password'] == "YES" || $generated_password == 1) {
|
||||
$pAdminCreate_admin_message .= " / $fPassword";
|
||||
}
|
||||
$pAdminCreate_admin_message .= ")</br />";
|
||||
}
|
||||
}
|
||||
|
||||
# TODO: should we log creation, editing and deletion of admins?
|
||||
# Note: needs special handling in viewlog, because domain is empty
|
||||
# db_log ('', 'create_admin', "$fUsername");
|
||||
|
||||
return array(
|
||||
$error,
|
||||
$pAdminCreate_admin_message,
|
||||
$pAdminCreate_admin_username_text_error,
|
||||
$pAdminCreate_admin_password_text_error
|
||||
);
|
||||
|
||||
|
||||
}
|
||||
function getRemoteAddr() {
|
||||
$REMOTE_ADDR = 'localhost';
|
||||
if (isset($_SERVER['REMOTE_ADDR']))
|
||||
|
@ -206,6 +206,10 @@ class AdminHandler extends PFAHandler {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# TODO: generate password if $new, no password specified and $CONF['generate_password'] is set
|
||||
# TODO: except if $this->admin_username == setup.php
|
||||
|
||||
/**
|
||||
* compare password / password2 field
|
||||
* error message will be displayed at the password2 field
|
||||
|
57
setup.php
57
setup.php
@ -340,10 +340,6 @@ else
|
||||
}
|
||||
|
||||
if($error == 0 && $pw_check_result == 'pass_OK') {
|
||||
$fUsername = safepost('fUsername');
|
||||
$fPassword = safepost('fPassword');
|
||||
$fPassword2 = safepost('fPassword2');
|
||||
|
||||
// XXX need to ensure domains table includes an 'ALL' entry.
|
||||
$table_domain = table_by_key('domain');
|
||||
$r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'");
|
||||
@ -351,9 +347,19 @@ else
|
||||
db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema.
|
||||
}
|
||||
|
||||
list ($error, $setupMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE);
|
||||
$values = array(
|
||||
'username' => safepost('username'),
|
||||
'password' => safepost('password'),
|
||||
'password2' => safepost('password2'),
|
||||
'superadmin' => 1,
|
||||
'domains' => array(),
|
||||
'active' => 1,
|
||||
);
|
||||
|
||||
list ($error, $setupMessage, $errormsg) = create_admin($values);
|
||||
|
||||
if ($error != 0) {
|
||||
$tUsername = htmlentities($fUsername);
|
||||
$tUsername = htmlentities($values['username']);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -405,18 +411,18 @@ else
|
||||
</tr>
|
||||
<tr>
|
||||
<td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td>
|
||||
<td><input class="flat" type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td>
|
||||
<td><?php print $pAdminCreate_admin_username_text; ?></td>
|
||||
<td><input class="flat" type="text" name="username" value="<?php print $tUsername; ?>" /></td>
|
||||
<td><?php if (isset($errormsg['username'])) print $errormsg['username']; ?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><?php print $PALANG['pAdminCreate_admin_password'] . ":"; ?></td>
|
||||
<td><input class="flat" type="password" name="fPassword" /></td>
|
||||
<td><?php print $pAdminCreate_admin_password_text; ?></td>
|
||||
<td><input class="flat" type="password" name="password" /></td>
|
||||
<td><?php if (isset($errormsg['password'])) print $errormsg['password']; ?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td><?php print $PALANG['pAdminCreate_admin_password2'] . ":"; ?></td>
|
||||
<td><input class="flat" type="password" name="fPassword2" /></td>
|
||||
<td> </td>
|
||||
<td><input class="flat" type="password" name="password2" /></td>
|
||||
<td><?php if (isset($errormsg['password2'])) print $errormsg['password2']; ?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php print $PALANG['pAdminCreate_admin_button']; ?>" /></td>
|
||||
@ -487,5 +493,32 @@ function check_setup_password($password, $lostpw_mode = 0) {
|
||||
return array ($error, $result);
|
||||
}
|
||||
|
||||
function create_admin($values) {
|
||||
|
||||
DEFINE('POSTFIXADMIN_SETUP', 1); # avoids instant redirect to login.php after creating the admin
|
||||
|
||||
$handler = new AdminHandler(1, 'setup.php');
|
||||
$formconf = $handler->webformConfig();
|
||||
|
||||
if (!$handler->init($values['username'])) {
|
||||
return array(1, "", $handler->errormsg);
|
||||
}
|
||||
|
||||
if (!$handler->set($values)) {
|
||||
return array(1, "", $handler->errormsg);
|
||||
}
|
||||
|
||||
if (!$handler->store()) {
|
||||
return array(1, "", $handler->errormsg);
|
||||
}
|
||||
|
||||
return array(
|
||||
0,
|
||||
Lang::read($formconf['successmessage']),
|
||||
array(),
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
|
||||
?>
|
||||
|
Loading…
Reference in New Issue
Block a user