Christian Boltz
ab666b6b7f
Fix microtime() usage
...
By default, microtime() returns a string :-/ which unsurprisingly causes
a warning when doing math on it.
2017-12-30 11:55:58 +01:00
Christian Boltz
8fb67e6fbf
Fix broken table names caused by doubled table_by_key() calls
...
The high-level db_*() functions (like db_update(), and also
_db_add_field() in upgrade.php) call table_by_key() internally, which
also means the unwrangled table name needs to be handed over to them.
If handing over an already table_by_key()'d table name, it gets modified
again and results in something like prefix_prefix_mailbox.
2017-12-30 11:55:55 +01:00
David Goodwin
a27f80c01d
Merge pull request #113 from er1cs/patch-2
...
Update upgrade.php
2017-12-24 19:59:08 +00:00
David Goodwin
24b447f8e5
Merge pull request #112 from er1cs/patch-1
...
Update functions.inc.php
2017-12-24 19:58:49 +00:00
er1cs
a4467a7e0b
Update upgrade.php
2017-12-24 17:27:24 +02:00
er1cs
7b8626ca81
Update functions.inc.php
...
I found that Mysql 8 don't like table names without `` in requests. So i make changes in function table_by_key in functions.inc.php and in upgrade.php . Now it works. FreeBSD 11.1 Apache/2.4.29 (FreeBSD) PHP/7.1.11 Mysql 8
2017-12-24 16:32:06 +02:00
David Goodwin
e478eb8b9f
Merge pull request #110 from Erwane/syslog-ident
...
#109 : syslog ident set to "vacation"
2017-12-19 11:10:46 +00:00
Breton Erwane
37d4279c52
syslog ident set to "vacation"
2017-12-19 10:50:05 +01:00
David Goodwin
43fb0bde77
log IP address for failed logins as well - see #105
2017-12-17 20:35:12 +00:00
Christian Boltz
b06d25de8f
Merge pull request #108 from HLFH/master
...
favicon within images folder
2017-12-16 18:24:14 +01:00
HLFH
0972df8243
favicon within images folder
2017-12-16 10:36:35 +00:00
David Goodwin
768d29623e
patch from https://github.com/bofh16/postfixadmin/blob/master/bg.lang.patch - thanks!
2017-11-26 20:00:26 +00:00
David Goodwin
7afb26fcc8
variables for docker
2017-11-26 19:59:17 +00:00
David Goodwin
bdade520f4
Merge pull request #85 from julywind/master
...
fix invalid value for token_validity
2017-11-24 09:47:06 +00:00
houmingtao
5f1ac12d72
use current time as default token_validity value
2017-11-24 16:04:39 +08:00
David Goodwin
8bd435039b
Merge pull request #92 from leeclemens/feature-91/mysql-ssl
...
Add support for MySQL connections over SSL
2017-11-19 13:48:50 +00:00
Lee Clemens
ebbd9025e4
Add support for MySQL connections over SSL
2017-11-14 19:53:59 -05:00
David Goodwin
dbbc40b327
add example docker compose settings
2017-11-13 20:07:44 +00:00
David Goodwin
ba47f2df2a
update docker entrypoint - require db connection params; default to sqlite; revert to using upgrade.php as we do not need the setup.php checks
2017-11-13 20:04:51 +00:00
David Goodwin
72f32f0b3d
Merge pull request #90 from pbkwee/patch-1
...
singular correction. Update en.lang
2017-11-12 07:30:49 +00:00
pbkwee
f217524524
Update en.lang
...
"Your email address or password are not correct". Message indicates one thing is wrong. So use is not are.
2017-11-12 12:40:01 +13:00
David Goodwin
5720e73732
+ cd docker
2017-11-11 13:46:32 +00:00
David Goodwin
a77d08a92c
initial Docker readme
2017-11-11 13:44:48 +00:00
David Goodwin
699267a915
fall back to sqlite for docker image
2017-11-11 13:44:37 +00:00
David Goodwin
356ca84144
Merge pull request #64 from J0WI/docker
...
[WIP] add Dockerfile
2017-11-11 13:26:32 +00:00
David Goodwin
0f09b8c176
_db_add_field() calls table_by_key - so avoid calling it twice ...
2017-11-11 12:53:11 +00:00
David Goodwin
17e347de7f
Add id autoincrement field to log table; ought to fix #89
2017-11-11 12:52:15 +00:00
David Goodwin
90d3a0ded7
see #86 - remove unnecessary config user/group
2017-11-02 21:55:28 +00:00
David Goodwin
56e1215994
upgrade.php: output current/target version
2017-10-22 20:15:19 +01:00
root
4670182d79
fix invalid value for token_validity
2017-10-12 14:54:47 +08:00
Christian Boltz
fe5e256b6d
Merge pull request #79 from Ecodev/harden-password-reset
...
Harden password reset process
2017-10-09 22:44:10 +02:00
Sylvain Tissot
ffb84283c2
Harden password reset process
...
The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
2017-10-09 11:45:51 +09:00
David Goodwin
8bb6000072
Merge pull request #60 from Vilican/master
...
Security fixes
2017-10-06 11:19:26 +01:00
David Goodwin
db06ac919c
Merge pull request #82 from evaryont/sqlite-v1837
...
Upgrade SQlite db to v1837
2017-10-06 10:02:08 +01:00
Colin Shea
f568309ef5
Upgrade SQlite db to v1837
...
Includes a TODO for v1836. Not sure if it's needed... Haven't ran into
any issues yet.
2017-10-05 18:46:34 -07:00
jowi
39dca79879
Add SQLite and PDO support
2017-09-21 23:09:38 +02:00
David Goodwin
c5136c408d
improve config file loading when installed from a debian package
2017-09-19 13:24:13 +01:00
jowi
ec2cc0041e
fix postgres dependency
2017-09-18 02:58:12 +02:00
Christian Boltz
ae56c2b700
Fix syntax error in viewlog.php
...
Reported in issue #74
2017-09-13 18:02:56 +02:00
David Goodwin
dd06aa75e0
attempt at fixing various .deb issues - link templates_c to /var/cache/postfixadmin; add postfixadmin-cli to deb and symlink into /usr/bin
2017-09-07 15:00:52 +01:00
David Goodwin
252d42dcc0
fix perms (executable)
2017-09-07 14:54:32 +01:00
David Goodwin
5c2e3d1e00
possible changes for deb package to include postfixadmin-cli in /usr/bin
2017-09-07 14:34:51 +01:00
David Goodwin
6258cc669d
update quilt patches
2017-09-07 14:22:57 +01:00
David Goodwin
2fc36e82ad
see #74 - fix undefined $CONF[page_size]
2017-09-05 21:12:45 +01:00
David Goodwin
4b999b3f6b
improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73
2017-09-05 10:09:36 +01:00
Matyáš Koc
3c95ec4a09
Add CSRF token
2017-09-03 14:55:50 +02:00
Matyáš Koc
9f30aa5ff4
Handle logout in a new way (user login)
2017-09-03 14:52:52 +02:00
Matyáš Koc
74c29f8a10
Handle logout in a new way (admin login)
2017-09-03 14:51:59 +02:00
David Goodwin
82e7bdfda3
fix surname typo
2017-09-01 09:07:34 +01:00
David Goodwin
9dbeb68f9a
add TODO
2017-08-31 12:47:25 +01:00