mirror/postfixadmin
0
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2024-09-20 03:36:20 +02:00
Code
2,686 Commits 10 Branches 55 Tags 16 MiB
a51cc34b83
Commit Graph

422 Commits

Author SHA1 Message Date
David Goodwin
b868f950bf refactor Login stuff out of Handler classes into Login... add tests 2020-09-25 21:32:53 +01:00
David Goodwin
f091948381 move password check and recovery code generation out of PFAHandlers and into a Login class 2020-09-25 21:32:03 +01:00
David Goodwin
3c7da4f3b8 Refactor some methods 
PFAHandler::store() -> PFAHandler::save();
 PFAHandler::storemore() -> PFAHandler::postSave();
 PFAHandler::beforestore() -> PFAHandler::preSave();
 2020-09-25 21:29:45 +01:00
David Goodwin
3d46ec7959 revert: 1d1960a476 - see https://github.com/postfixadmin/postfixadmin/issues/384 2020-09-12 21:04:18 +01:00
David Goodwin
12f68a6e3a composer format time 2020-08-13 15:27:47 +01:00
David Goodwin
5bd5bdc25b merge https://github.com/postfixadmin/postfixadmin/pull/375 add unit test 2020-08-13 15:00:22 +01:00
GermanCoding
fe3e9e2702 Disallow alias that points to itself (fixes #358) 
Based on an older commit, but this time done right. This change prevents any user-defined aliases
that point to themselves, because such aliases are not supported by Postfix and cause mail
delivery errors.
 2020-08-07 22:15:45 +02:00
David Goodwin
c3a8875ca6 psalm fixes 2020-08-06 21:10:30 +01:00
David Goodwin
89aebea61d Revert "Disallow aliases that point to themselves (fixes postfixadmin/postfixadmin/issues/358)" 
This reverts commit c3d5b26740.
 2020-08-06 20:28:20 +01:00
GermanCoding
c3d5b26740 Disallow aliases that point to themselves (fixes postfixadmin/postfixadmin/issues/358) 
See github.com/postfixadmin/postfixadmin/issues/358 for details
 2020-08-06 16:12:04 +01:00
David Goodwin
e8f27969a3 psalm fixes 2020-06-21 16:44:43 +01:00
David Goodwin
bbf41c7acc formatting 2020-06-02 12:59:47 +01:00
David Goodwin
864065cd37 fix MailboxHandler -> adding mailbox with empty quota field 2020-05-15 20:30:31 +01:00
David Goodwin
85e15790bb should fix: #351 2020-05-02 19:08:47 +01:00
David Goodwin
df9a400ea2 remove debug stuff 2020-04-22 09:37:31 +01:00
David Goodwin
fd48714615 fix issue reported with __LANG.$var - 844840c6a8 (commitcomment-38653465) 2020-04-22 09:34:25 +01:00
David Goodwin
844840c6a8 simplify Config use; drop support for dotty name notation which we are not using 2020-04-14 21:26:01 +01:00
David Goodwin
e4158d6d7e psalm fix 2020-04-14 21:25:36 +01:00
David Goodwin
ffc7787b76 psalm fix 2020-04-14 21:09:18 +01:00
David Goodwin
d81363541a fix psalm 2020-03-18 21:03:27 +00:00
David Goodwin
338fb8c564 Fix quota storage; see https://github.com/postfixadmin/postfixadmin/issues/342 2020-03-18 14:36:53 +00:00
David Goodwin
d3295a59bb format 2020-03-16 14:10:05 +00:00
David Goodwin
d540d904db cast mailbox['quota'] to be integer. 
see:  https://github.com/postfixadmin/postfixadmin/issues/342
 2020-03-16 13:11:51 +00:00
David Goodwin
3303f25bcc add some php 7+ array type hints. 2020-03-16 13:11:15 +00:00
David Goodwin
48e236ffc0 use hash_equals for login - see: https://github.com/postfixadmin/postfixadmin/issues/58 2020-03-14 22:04:54 +00:00
David Goodwin
fefe3f7df5 default domain_quota_default to -1 if not specified - see https://github.com/postfixadmin/postfixadmin/issues/299 2020-03-14 21:08:50 +00:00
David Goodwin
d2b8f7ac15 might fix: https://github.com/postfixadmin/postfixadmin/issues/306 2020-03-13 22:03:40 +00:00
David Goodwin
30f97c97ee avoid: A non-numeric value encountered errors from no quota being specified 2020-03-02 09:55:13 +00:00
David Goodwin
9dfc866edd composer format 2020-02-23 18:59:07 +00:00
David Goodwin
95d92a2345 psalm fix: rewrite to avoid php error (@) suppression 2020-02-12 21:33:55 +00:00
Christian Boltz
bee61f329b
Only show password expiration if enabled in config 2020-02-12 17:12:19 +01:00
David Goodwin
1ad184641d php7.4 / psalm fixes 2020-01-31 16:30:46 +00:00
David Goodwin
bcae218cbb composer format time 2019-10-19 21:36:27 +01:00
David Goodwin
87824ef970 psalm fixes/workarounds; require PHP 5.6+ 2019-10-19 20:51:05 +01:00
David Goodwin
4aa3110712 phpdoc/psalm fixes 2019-10-19 20:01:25 +01:00
David Goodwin
2742849e7b reformat 2019-09-17 21:06:00 +01:00
David Goodwin
7965a83aff tighten psalm checks even more 2019-09-17 21:05:08 +01:00
David Goodwin
034a50836c tighten psalm checks 2019-09-17 20:50:42 +01:00
David Goodwin
f7c7e35b34 fix formatting 2019-09-15 11:42:21 +01:00
David Goodwin
80418e6412 try and avoid hitting : https://github.com/postfixadmin/postfixadmin/issues/51 2019-09-14 21:19:39 +01:00
David Goodwin
9cd7dac187 initial attempt at trying to return an exit value within the cli 2019-09-14 20:09:56 +01:00
David Goodwin
34cf66110e see https://github.com/postfixadmin/postfixadmin/issues/251 - avoid things breaking if imap_open is not present 2019-09-05 18:10:07 +01:00
David Goodwin
296fc2f48e silence psalm error - cast $show_password_fields to an int in model/MailboxHandler.php lines 33/34 2019-08-13 08:53:43 +01:00
David Goodwin
8b19ef21cf add default value for password_expiry (default to one year) 
should fix: https://github.com/postfixadmin/postfixadmin/issues/280
 2019-07-16 19:01:48 +01:00
David Goodwin
c53d17fff7 support TRUE orFALSE strings just incase 2019-07-12 10:53:27 +01:00
Felix Ableitner
600248e955 Add option to use smtp password when sending admin emails (fixes #272) 2019-07-02 13:41:58 +02:00
David Goodwin
651688c802 if we are generating passwords, there will only be one password value; so reduce the fields we check before deciding whether to update password_expiry - see https://github.com/postfixadmin/postfixadmin/issues/266 2019-06-11 21:05:53 +01:00
David Goodwin
1d1960a476 if CONF['generate_password'] == 'YES' then do not display password fields 
Given we autogenerate a password ....
 2019-06-11 21:03:39 +01:00
David Goodwin
3ff2436f2f try a bit harder to avoid non-numeric argument issues with $multiplier 
(see https://github.com/postfixadmin/postfixadmin/issues/266 )
 2019-06-10 20:13:22 +01:00
David Goodwin
8e2e4eb189 run: composer format 2019-06-08 20:38:54 +01:00
David Goodwin
03b9483204 default to providing a password_expiry datetime value - even if password_expiry is turned off - this should fix https://github.com/postfixadmin/postfixadmin/issues/280 2019-06-08 20:34:07 +01:00
David Goodwin
3322b43bb6 see: https://github.com/postfixadmin/postfixadmin/issues/282 - try and ensure local_part contains an @ on creating a mailbox 2019-06-08 20:05:33 +01:00
David Goodwin
71402e9051 comment 2019-04-26 11:46:57 +01:00
David Goodwin
045a19ae33 re-format 2019-02-27 14:44:20 +00:00
David Goodwin
7ed57a0cda assume the db updates work if no exception was thrown 2019-02-27 14:44:20 +00:00
David Goodwin
9024dddf46 move password_expiration code into the MailboxHandler. 2019-02-27 14:44:20 +00:00
David Goodwin
df99e66b2d try and stop "A non-numeric value encountered in ..."; see #239 2019-02-27 14:44:20 +00:00
David Goodwin
28e687ff5b sqlite does not support NOW(), use a string comparison 2019-02-18 21:11:17 +00:00
Christian Boltz
5bc85bec44
fix error message in Config::read_array(() 2019-01-28 00:48:05 +01:00
David Goodwin
570972944d Merge remote-tracking branch 'origin/master' into feature-try-pdo 2019-01-08 13:38:38 +00:00
David Goodwin
5d47b85b9d remove attribute that is in parent class 2019-01-08 13:22:44 +00:00
David Goodwin
020343999a
Merge pull request #221 from SuperVirus/fetchmail_different_source_port 
Allow different port for fetchmail
 2019-01-07 21:56:28 +00:00
David Goodwin
803e2342f8 fix psalm issues; reformat; rename new db functions 2019-01-06 21:32:58 +00:00
David Goodwin
1176c9ce78 reformat; fix some transition bugs 2019-01-06 21:32:58 +00:00
David Goodwin
ea33d9951a try migrating to pdo 2019-01-06 21:32:58 +00:00
David Goodwin
d78fb1fbbd move to Shell 2019-01-03 19:47:28 +00:00
David Goodwin
e5cacbec90 add missing attribute 2019-01-03 19:47:16 +00:00
David Goodwin
4fcdba9cf4 run php-cs-fixer (code reforamt) 2018-12-28 19:31:43 +00:00
David Goodwin
19cda31849 remove psalm warnings from code; fix password_expiry behaviour when enabled/disabled on MySQL 2018-12-28 19:27:33 +00:00
David Goodwin
74002bbf57 psalm fixes 2018-12-27 21:43:11 +00:00
David Goodwin
173d5775cd psalm fixes 2018-12-27 13:55:02 +00:00
Christoph 'SuperVirus' Heitkamp
d35e66808b Allow different port for fetchmail 2018-12-17 13:29:07 +01:00
David Goodwin
69e234f668
Merge pull request #200 from doktoil-makresh/master 
Support for password expiration, managed in PostFix Admin
 2018-11-27 09:14:36 +00:00
David Goodwin
afd418675c pointless comment 2018-09-07 11:01:50 +01:00
David Goodwin
77d1b6c2e7 rename sql fields to just have mailbox.password_expiry and domain.password_expiry 2018-08-28 21:19:56 +01:00
Damien Martins
ce60b9fa59 Now password expiration is managed through Postfix Admin GUI 2018-08-20 15:32:53 +02:00
Damien Martins
e786609aa9 Adding support for password expiration. Please read README.password_expiration for more details 2018-08-17 16:07:14 +02:00
David Goodwin
76ee147375 phpdoc fix 2018-06-18 21:42:34 +01:00
David Goodwin
ec085b668b missing class property 2018-06-18 21:34:24 +01:00
David Goodwin
9c0e1dd575 phpdoc fixes 2018-06-18 21:34:10 +01:00
David Goodwin
c44e82cc2d phpdoc fix 2018-06-10 21:24:06 +01:00
David Goodwin
b48f99d4c6 reformat (phpcs) 2018-05-02 12:54:17 +01:00
David Goodwin
94f05bf9e4 switch to store $config internally within an array 2018-04-29 21:52:57 +01:00
Christian Boltz
24ad5cc3d8
Set $reset_by_sms even if password reset is disabled 
... to avoid an "undefined variable" warning
 2018-04-27 23:23:57 +02:00
Christian Boltz
3f1866d041
display phone number field only if $CONF[sms_send_function] is set 
Without a way to send a SMS, asking users for their mobile number is
pointless.
 2018-04-22 22:55:55 +02:00
Christian Boltz
cdf3c9acb9
initStruct(): use multiopt for 'id' 'dont_write_to_db' 
This also means we can drop the 0 for not_in_db because this is the
default.
 2018-04-22 20:09:38 +02:00
Christian Boltz
d2588a4de2
Fix phpcs whitespace breakage in initStruct etc. 2018-04-22 18:24:41 +02:00
Christian Boltz
12c4a4f29e
move shells/shell.php to model/Shell.php 
... and drop a few lines in postfixadmin-cli.php that became superfluous
by this move (thanks autoloader!)
 2018-03-25 21:44:42 +02:00
Christian Boltz
500c847fe0
re-add lost comment 2018-03-25 19:16:21 +02:00
Christian Boltz
91c07c9eae
VacationHandler: re-enable and fix code in validate_new_id() 
Note that vacation.php doesn't use this function yet, so it's not
surprising that users didn't notice the broken code.
 2018-03-25 15:22:51 +02:00
David Goodwin
4fb4d406ee phpdoc; disable function init() - seems invalid 2018-03-16 20:07:52 +00:00
David Goodwin
fef2591335 phpdoc fixes 2018-03-16 20:07:21 +00:00
David Goodwin
cb34da4f46 phpcs reformat 2018-02-18 19:59:37 +00:00
David Goodwin
152975d05c move to use db_assoc() rather than db_array() (code assumes assoc. array) 2018-02-10 21:08:35 +00:00
David Goodwin
5e1855632a allow local aliases - see #134 2018-02-09 21:19:45 +00:00
Adrien Crivelli
15df6c1d7b
Reformat everything with PHP-Cs-Fixer 2018-01-26 23:54:37 +09:00
Christian Boltz
8fb67e6fbf
Fix broken table names caused by doubled table_by_key() calls 
The high-level db_*() functions (like db_update(), and also
_db_add_field() in upgrade.php) call table_by_key() internally, which
also means the unwrangled table name needs to be handed over to them.
If handing over an already table_by_key()'d table name, it gets modified
again and results in something like prefix_prefix_mailbox.
 2017-12-30 11:55:55 +01:00
houmingtao
5f1ac12d72 use current time as default token_validity value 2017-11-24 16:04:39 +08:00
root
4670182d79 fix invalid value for token_validity 2017-10-12 14:54:47 +08:00
Sylvain Tissot
ffb84283c2
Harden password reset process 
The improvements are:

- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
 2017-10-09 11:45:51 +09:00