Thread: SF.net SVN: postfixadmin:[489] trunk/setup.php
Brought to you by:
christian_boltz,
gingerdog
From: <Gin...@us...> - 2008-11-25 09:51:53
|
Revision: 489 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=489&view=rev Author: GingerDog Date: 2008-11-25 09:51:51 +0000 (Tue, 25 Nov 2008) Log Message: ----------- setup.php: fix table_by_key issue for domain table Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2008-11-24 21:01:27 UTC (rev 488) +++ trunk/setup.php 2008-11-25 09:51:51 UTC (rev 489) @@ -309,9 +309,10 @@ if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); // XXX need to ensure domains table includes an 'ALL' entry. - $r = db_query("SELECT * FROM domain WHERE domain = 'ALL'"); + $table_domain = table_by_key('domain'); + $r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'"); if($r['rows'] == 0) { - db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema. + db_insert($table_domain, array('domain' => 'ALL')); // all other fields should default through the schema. } list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2009-01-15 13:02:15
|
Revision: 523 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=523&view=rev Author: GingerDog Date: 2009-01-15 12:25:41 +0000 (Thu, 15 Jan 2009) Log Message: ----------- try to be more helpful Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-01-15 12:25:19 UTC (rev 522) +++ trunk/setup.php 2009-01-15 12:25:41 UTC (rev 523) @@ -320,7 +320,7 @@ if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); } else { print "<p><b>$tMessage</b></p>"; - echo "<p><b>You can now log in to Postfix Admin.</b></p>"; + echo "<p><b>Delete (or rename) setup.php, and then click <a href='login.php'>here to login</a>.</b></p>"; } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2013-05-01 19:29:42
|
Revision: 1463 http://sourceforge.net/p/postfixadmin/code/1463 Author: christian_boltz Date: 2013-05-01 19:29:39 +0000 (Wed, 01 May 2013) Log Message: ----------- setup.php - replace some strings marked as obsolete Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2013-05-01 19:18:51 UTC (rev 1462) +++ trunk/setup.php 2013-05-01 19:29:39 UTC (rev 1463) @@ -410,17 +410,17 @@ <td><a href="setup.php?lostpw=1">Lost password?</a></td> </tr> <tr> - <td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td> + <td><?php print $PALANG['pAdminEdit_admin_username'] . ":"; ?></td> <td><input class="flat" type="text" name="username" value="<?php print $tUsername; ?>" /></td> <td><?php if (isset($errormsg['username'])) print $errormsg['username']; ?></td> </tr> <tr> - <td><?php print $PALANG['pAdminCreate_admin_password'] . ":"; ?></td> + <td><?php print $PALANG['pAdminEdit_admin_password'] . ":"; ?></td> <td><input class="flat" type="password" name="password" /></td> <td><?php if (isset($errormsg['password'])) print $errormsg['password']; ?></td> </tr> <tr> - <td><?php print $PALANG['pAdminCreate_admin_password2'] . ":"; ?></td> + <td><?php print $PALANG['pAdminEdit_admin_password2'] . ":"; ?></td> <td><input class="flat" type="password" name="password2" /></td> <td><?php if (isset($errormsg['password2'])) print $errormsg['password2']; ?></td> </tr> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2009-03-13 20:49:29
|
Revision: 576 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=576&view=rev Author: GingerDog Date: 2009-03-13 20:49:05 +0000 (Fri, 13 Mar 2009) Log Message: ----------- require php5 Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-03-13 20:48:24 UTC (rev 575) +++ trunk/setup.php 2009-03-13 20:49:05 UTC (rev 576) @@ -63,9 +63,14 @@ // if ($f_phpversion == 1) { - if (phpversion() < 5) $phpversion = 4; - if (phpversion() >= 5) $phpversion = 5; - print "<li>PHP version " . phpversion () . "</li>\n"; + if (phpversion() < 5) { + print "<li><b>Error: Depends on: PHP v5</b><br /></li>\n"; + $error += 1; + } + if (phpversion() >= 5) { + $phpversion = 5; + print "<li>PHP version " . phpversion () . "</li>\n"; + } } else { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2009-04-08 20:22:40
|
Revision: 616 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=616&view=rev Author: GingerDog Date: 2009-04-08 20:16:05 +0000 (Wed, 08 Apr 2009) Log Message: ----------- setup.php: reindent; require setup_password before it will add an admin user Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-04-08 20:15:03 UTC (rev 615) +++ trunk/setup.php 2009-04-08 20:16:05 UTC (rev 616) @@ -26,7 +26,7 @@ define('POSTFIXADMIN', 1); # checked in included files require_once("languages/en.lang"); -require_once("functions.inc.php"); +require_once('common.php'); $CONF['show_header_text'] = 'NO'; $CONF['theme_logo'] = 'images/logo-default.png'; @@ -74,7 +74,7 @@ } else { - print "<li><b>Unable to check for PHP version. (missing function: phpversion())</b></li>\n"; + print "<li><b>Unable to check for PHP version. (missing function: phpversion())</b></li>\n"; } // @@ -82,13 +82,13 @@ // if ($f_apache_get_version == 1) { - print "<li>" . apache_get_version() . "</li>\n"; + print "<li>" . apache_get_version() . "</li>\n"; } else { - # not running on Apache. - # However postfixadmin _is_ running, so obviously we are on a supported webserver ;-)) - # No need to confuse the user with a warning. + # not running on Apache. + # However postfixadmin _is_ running, so obviously we are on a supported webserver ;-)) + # No need to confuse the user with a warning. } print "</ul>"; @@ -100,18 +100,18 @@ // if ($f_get_magic_quotes_gpc == 1) { - if (get_magic_quotes_gpc () == 0) - { - print "<li>Magic Quotes: Disabled - OK</li>\n"; - } - else - { - print "<li><b>Warning: Magic Quotes: ON (internal workaround used)</b></li>\n"; - } + if (get_magic_quotes_gpc () == 0) + { + print "<li>Magic Quotes: Disabled - OK</li>\n"; + } + else + { + print "<li><b>Warning: Magic Quotes: ON (internal workaround used)</b></li>\n"; + } } else { - print "<li><b>Unable to check for Magic Quotes. (missing function: get_magic_quotes_gpc())</b></li>\n"; + print "<li><b>Unable to check for Magic Quotes. (missing function: get_magic_quotes_gpc())</b></li>\n"; } // @@ -120,27 +120,27 @@ $config_loaded = 0; if ($file_config == 1) { - print "<li>Depends on: presence config.inc.php - OK</li>\n"; - require_once('config.inc.php'); - $config_loaded = 1; + print "<li>Depends on: presence config.inc.php - OK</li>\n"; + require_once('config.inc.php'); + $config_loaded = 1; - require('config.inc.php'); - if(isset($CONF['configured'])) { - if($CONF['configured'] == TRUE) { - print "<li>Checking \$CONF['configured'] - OK\n"; - } else { - print "<li><b>Warning: \$CONF['configured'] is 'false'.<br>\n"; - print "You must edit your config.inc.php and change this to true (this indicates you've created the database and user)</b>\n"; - } - } + require('config.inc.php'); + if(isset($CONF['configured'])) { + if($CONF['configured'] == TRUE) { + print "<li>Checking \$CONF['configured'] - OK\n"; + } else { + print "<li><b>Warning: \$CONF['configured'] is 'false'.<br>\n"; + print "You must edit your config.inc.php and change this to true (this indicates you've created the database and user)</b>\n"; + } + } } else { - print "<li><b>Error: Depends on: presence config.inc.php - NOT FOUND</b><br /></li>\n"; - print "Create the file, and edit as appropriate (e.g. select database type etc)<br />"; - print "For example:<br />\n"; - print "<code><pre>cp config.inc.php.sample config.inc.php</pre></code>\n"; - $error =+ 1; + print "<li><b>Error: Depends on: presence config.inc.php - NOT FOUND</b><br /></li>\n"; + print "Create the file, and edit as appropriate (e.g. select database type etc)<br />"; + print "For example:<br />\n"; + print "<code><pre>cp config.inc.php.sample config.inc.php</pre></code>\n"; + $error =+ 1; } // @@ -148,33 +148,33 @@ // if (($f_mysql_connect == 0) and ($f_mysqli_connect == 0) and ($f_pg_connect == 0)) { - print "<li><b>Error: There is no database support in your PHP setup</b><br />\n"; - print "To install MySQL 3.23 or 4.0 support on FreeBSD:<br />\n"; - print "<pre>% cd /usr/ports/databases/php$phpversion-mysql/\n"; - print "% make clean install\n"; - print " - or with portupgrade -\n"; - print "% portinstall php$phpversion-mysql</pre>\n"; - if ($phpversion >= 5) - { - print "To install MySQL 4.1 support on FreeBSD:<br />\n"; - print "<pre>% cd /usr/ports/databases/php5-mysqli/\n"; - print "% make clean install\n"; - print " - or with portupgrade -\n"; - print "% portinstall php5-mysqli</pre>\n"; - } - print "To install PostgreSQL support on FreeBSD:<br />\n"; - print "<pre>% cd /usr/ports/databases/php$phpversion-pgsql/\n"; - print "% make clean install\n"; - print " - or with portupgrade -\n"; - print "% portinstall php$phpversion-pgsql</pre></li>\n"; - $error =+ 1; + print "<li><b>Error: There is no database support in your PHP setup</b><br />\n"; + print "To install MySQL 3.23 or 4.0 support on FreeBSD:<br />\n"; + print "<pre>% cd /usr/ports/databases/php$phpversion-mysql/\n"; + print "% make clean install\n"; + print " - or with portupgrade -\n"; + print "% portinstall php$phpversion-mysql</pre>\n"; + if ($phpversion >= 5) + { + print "To install MySQL 4.1 support on FreeBSD:<br />\n"; + print "<pre>% cd /usr/ports/databases/php5-mysqli/\n"; + print "% make clean install\n"; + print " - or with portupgrade -\n"; + print "% portinstall php5-mysqli</pre>\n"; + } + print "To install PostgreSQL support on FreeBSD:<br />\n"; + print "<pre>% cd /usr/ports/databases/php$phpversion-pgsql/\n"; + print "% make clean install\n"; + print " - or with portupgrade -\n"; + print "% portinstall php$phpversion-pgsql</pre></li>\n"; + $error =+ 1; } // // MySQL 3.23, 4.0 functions // if ($f_mysql_connect == 1) { - print "<li>Depends on: MySQL 3.23, 4.0 - OK</li>\n"; + print "<li>Depends on: MySQL 3.23, 4.0 - OK</li>\n"; } // @@ -182,14 +182,14 @@ // if ($phpversion >= 5) { - if ($f_mysqli_connect == 1) - { - print "<li>Depends on: MySQL 4.1 - OK\n"; - if ( !($config_loaded && $CONF['database_type'] == 'mysqli') ) { - print "(change the database_type to 'mysqli' in config.inc.php!!)\n"; - } - print "</li>"; - } + if ($f_mysqli_connect == 1) + { + print "<li>Depends on: MySQL 4.1 - OK\n"; + if ( !($config_loaded && $CONF['database_type'] == 'mysqli') ) { + print "(change the database_type to 'mysqli' in config.inc.php!!)\n"; + } + print "</li>"; + } } // @@ -197,26 +197,26 @@ // if ($f_pg_connect == 1) { - print "<li>Depends on: PostgreSQL - OK \n"; - if ( !($config_loaded && $CONF['database_type'] == 'pgsql') ) { - print "(change the database_type to 'pgsql' in config.inc.php!!)\n"; - } - print "</li>"; + print "<li>Depends on: PostgreSQL - OK \n"; + if ( !($config_loaded && $CONF['database_type'] == 'pgsql') ) { + print "(change the database_type to 'pgsql' in config.inc.php!!)\n"; + } + print "</li>"; } // // Database connection // if ($config_loaded) { - list ($link, $error_text) = db_connect(TRUE); - if ($error_text == "") { - print "<li>Testing database connection - OK - {$CONF['database_type']}://{$CONF['database_user']}:xxxxx@{$CONF['database_host']}/{$CONF['database_name']}</li>"; - } else { - print "<li><b>Error: Can't connect to database</b><br />\n"; - print "Please edit the \$CONF['database_*'] parameters in config.inc.php.\n"; - print "$error_text</li>\n"; - $error ++; - } + list ($link, $error_text) = db_connect(TRUE); + if ($error_text == "") { + print "<li>Testing database connection - OK - {$CONF['database_type']}://{$CONF['database_user']}:xxxxx@{$CONF['database_host']}/{$CONF['database_name']}</li>"; + } else { + print "<li><b>Error: Can't connect to database</b><br />\n"; + print "Please edit the \$CONF['database_*'] parameters in config.inc.php.\n"; + print "$error_text</li>\n"; + $error ++; + } } // @@ -224,17 +224,17 @@ // if ($f_session_start == 1) { - print "<li>Depends on: session - OK</li>\n"; + print "<li>Depends on: session - OK</li>\n"; } else { - print "<li><b>Error: Depends on: session - NOT FOUND</b><br />\n"; - print "To install session support on FreeBSD:<br />\n"; - print "<pre>% cd /usr/ports/www/php$phpversion-session/\n"; - print "% make clean install\n"; - print " - or with portupgrade -\n"; - print "% portinstall php$phpversion-session</pre></li>\n"; - $error =+ 1; + print "<li><b>Error: Depends on: session - NOT FOUND</b><br />\n"; + print "To install session support on FreeBSD:<br />\n"; + print "<pre>% cd /usr/ports/www/php$phpversion-session/\n"; + print "% make clean install\n"; + print " - or with portupgrade -\n"; + print "% portinstall php$phpversion-session</pre></li>\n"; + $error =+ 1; } // @@ -242,17 +242,17 @@ // if ($f_preg_match == 1) { - print "<li>Depends on: pcre - OK</li>\n"; + print "<li>Depends on: pcre - OK</li>\n"; } else { - print "<li><b>Error: Depends on: pcre - NOT FOUND</b><br />\n"; - print "To install pcre support on FreeBSD:<br />\n"; - print "<pre>% cd /usr/ports/devel/php$phpversion-pcre/\n"; - print "% make clean install\n"; - print " - or with portupgrade -\n"; - print "% portinstall php$phpversion-pcre</pre></li>\n"; - $error =+ 1; + print "<li><b>Error: Depends on: pcre - NOT FOUND</b><br />\n"; + print "To install pcre support on FreeBSD:<br />\n"; + print "<pre>% cd /usr/ports/devel/php$phpversion-pcre/\n"; + print "% make clean install\n"; + print " - or with portupgrade -\n"; + print "% portinstall php$phpversion-pcre</pre></li>\n"; + $error =+ 1; } // @@ -260,13 +260,13 @@ // if ( $f_mb_encode_mimeheader == 1 ) { - print "<li>Depends on: multibyte string - OK</li>\n"; + print "<li>Depends on: multibyte string - OK</li>\n"; } else { - print "<li><b>Error: Depends on: multibyte string - NOT FOUND</b><br />\n"; - print "To install multibyte string support, install php$phpversion-mbstring</li>\n"; - $error =+ 1; + print "<li><b>Error: Depends on: multibyte string - NOT FOUND</b><br />\n"; + print "To install multibyte string support, install php$phpversion-mbstring</li>\n"; + $error =+ 1; } @@ -275,14 +275,14 @@ // if ( $f_imap_open == 1) { - print "<li>Depends on: IMAP functions - OK</li>\n"; + print "<li>Depends on: IMAP functions - OK</li>\n"; } else { - print "<li><b>Warning: Depends on: IMAP functions - NOT FOUND</b><br />\n"; - print "To install IMAP support, install php$phpversion-imap<br />\n"; - print "Without IMAP support, you won't be able to create subfolders when creating mailboxes.</li>\n"; -# $error =+ 1; + print "<li><b>Warning: Depends on: IMAP functions - NOT FOUND</b><br />\n"; + print "To install IMAP support, install php$phpversion-imap<br />\n"; + print "Without IMAP support, you won't be able to create subfolders when creating mailboxes.</li>\n"; + # $error =+ 1; } @@ -294,52 +294,71 @@ if ($error != 0) { - print "<p><b>Please fix the errors listed above.</b></p>"; + print "<p><b>Please fix the errors listed above.</b></p>"; } else { print "<p>Everything seems fine... attempting to create/update database structure</p>\n"; require_once('upgrade.php'); - $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text']; - $pAdminCreate_admin_password_text = ""; - $tUsername = ''; - $tMessage = ''; + $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text']; + $pAdminCreate_admin_password_text = ""; + $tUsername = ''; + $tMessage = ''; - if ($_SERVER['REQUEST_METHOD'] == "POST") - { - if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']); - if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']); - if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); + if ($_SERVER['REQUEST_METHOD'] == "POST") + { + // ensure password is correct. + if(!isset($_POST['setup_password'])) { + $error += 1; + $tMessage = "Setup password must be specified"; + } + if($_POST['setup_password'] != $CONF['setup_password']) { + $error += 1; + $tMessage = "Setup password not specified correctly"; + } - // XXX need to ensure domains table includes an 'ALL' entry. - $table_domain = table_by_key('domain'); - $r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'"); - if($r['rows'] == 0) { - db_insert($table_domain, array('domain' => 'ALL')); // all other fields should default through the schema. - } + if($error == 0) { + if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']); + if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']); + if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); - list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); - if ($error != 0) { - if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); - } else { - print "<p><b>$tMessage</b></p>"; - echo "<p><b>Delete (or rename) setup.php, and then click <a href='login.php'>here to login</a>.</b></p>"; - } - } + // XXX need to ensure domains table includes an 'ALL' entry. + $table_domain = table_by_key('domain'); + $r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'"); + if($r['rows'] == 0) { + db_insert($table_domain, array('domain' => 'ALL')); // all other fields should default through the schema. + } - if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0) - { - ?> + list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); + if ($error != 0) { + if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); + } else { + print "<p><b>$tMessage</b></p>"; + } + } + else { + print "<p><b>$tMessage</b></p>"; + } + } + + if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0) + { +?> + <div id="edit_form"> <form name="create_admin" method="post"> <table> - <tr> <td colspan="3"><h3>Create superadmin account</h3></td> </tr> <tr> + <td>Setup password (see config.inc.php)</td> + <td><input class="flat" type="password" name="setup_password" value="" /></td> + <td></td> + </tr> + <tr> <td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td> <td><input class="flat" type="text" name="fUsername" value="<?php print $tUsername; ?>" /></td> <td><?php print $pAdminCreate_admin_username_text; ?></td> @@ -364,11 +383,11 @@ </form> </div> - <?php - } +<?php + } - print "<b>Make sure you delete this setup.php file!</b><br />\n"; - print "Also check the config.inc.php file for any settings that you might need to change!<br />\n"; + print "<b>Since version 2.3 there is no requirement to delete setup.php!</b><br />\n"; + print "<b>Check the config.inc.php file for any other settings that you might need to change!<br />\n"; } ?> </div> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2009-04-10 15:27:50
|
Revision: 623 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=623&view=rev Author: christian_boltz Date: 2009-04-10 15:27:44 +0000 (Fri, 10 Apr 2009) Log Message: ----------- setup.php: - remove "define('POSTFIXADMIN', 1)" and inclusion of en.lang - this is already done by common.php (used since r616). This fixes a "already defined" warning. Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-04-10 14:20:46 UTC (rev 622) +++ trunk/setup.php 2009-04-10 15:27:44 UTC (rev 623) @@ -23,9 +23,6 @@ * Form POST \ GET Variables: -none- */ -define('POSTFIXADMIN', 1); # checked in included files - -require_once("languages/en.lang"); require_once('common.php'); $CONF['show_header_text'] = 'NO'; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2009-04-15 23:32:49
|
Revision: 629 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=629&view=rev Author: christian_boltz Date: 2009-04-15 23:32:45 +0000 (Wed, 15 Apr 2009) Log Message: ----------- setup.php: - setup_password is now checked against a hashed value instead of plain text - setup.php will display the hash value of the entered password if it doesn't match - copy&paste ready to include in config.inc.php. No need to compute the password hash yourself ;-) - see generate_setup_password_salt(), encrypt_setup_password() and check_setup_password() for details how the password hashing works. Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-04-15 21:54:18 UTC (rev 628) +++ trunk/setup.php 2009-04-15 23:32:45 UTC (rev 629) @@ -306,17 +306,22 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { - // ensure password is correct. - if(!isset($_POST['setup_password'])) { + # ensure setup password is correct + if (safepost('setup_password') == "" ) { $error += 1; - $tMessage = "Setup password must be specified"; - } - if($_POST['setup_password'] != $CONF['setup_password']) { + $tMessage = "Setup password must be specified<br />If you didn't set up a setup password yet, enter the password you want to use."; + } elseif (strlen(safepost('setup_password')) < $CONF['min_password_length']) { $error += 1; - $tMessage = "Setup password not specified correctly"; + $tMessage = "The setup password you entered is too short. Please choose a better one."; + } else { + $pw_check_result = check_setup_password(safepost('setup_password')); + if ($pw_check_result != 'pass_OK') { + $error += 1; + $tMessage = $pw_check_result; + } } - if($error == 0) { + if($error == 0 && $pw_check_result == 'pass_OK') { if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']); if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']); if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']); @@ -391,5 +396,34 @@ </body> </html> <?php -/* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */ + +function generate_setup_password_salt() { + $salt = time() . '*' . $_SERVER['REMOTE_ADDR'] . '*' . mt_rand(0,60000); + $salt = md5($salt); + return $salt; +} + +function encrypt_setup_password($password, $salt) { + return $salt . ':' . sha1($salt . ':' . $password); +} + +function check_setup_password($password) { + global $CONF; + $setuppw = ""; + if (isset($CONF['setup_password'])) $setuppw = $CONF['setup_password']; + + list($confsalt, $confpass, $trash) = explode(':', $setuppw . '::'); + $pass = encrypt_setup_password($password, $confsalt); + if ($pass == $setuppw) { # correct passsword + $result = "pass_OK"; + } else { + $pass = encrypt_setup_password($password, generate_setup_password_salt()); + $result = '<p><b>Setup password not specified correctly</b></p>'; + $result .= '<p>If you want to use the password you entered as setup password, edit config.inc.php and set</p>'; + $result .= "<pre>\$CONF['setup_password'] = '$pass';</pre>"; + } + return $result; +} + +/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ ?> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2009-04-18 19:56:36
|
Revision: 633 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=633&view=rev Author: GingerDog Date: 2009-04-18 19:56:24 +0000 (Sat, 18 Apr 2009) Log Message: ----------- setup.php: remove duplication of error message ... Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-04-18 19:47:53 UTC (rev 632) +++ trunk/setup.php 2009-04-18 19:56:24 UTC (rev 633) @@ -336,14 +336,8 @@ list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); if ($error != 0) { if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); - } else { - print "<p><b>$tMessage</b></p>"; } } - else { - print "<p><b>$tMessage</b></p>"; - } - } if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Seb...@us...> - 2009-11-07 19:22:04
|
Revision: 763 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=763&view=rev Author: Sebastian2009 Date: 2009-11-07 19:21:57 +0000 (Sat, 07 Nov 2009) Log Message: ----------- - improved error message of setup.php - Use $incpath in setup.php to make sure nobody is doing evil things Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2009-11-07 18:41:59 UTC (rev 762) +++ trunk/setup.php 2009-11-07 19:21:57 UTC (rev 763) @@ -25,12 +25,12 @@ define('POSTFIXADMIN', 1); # by defining it here, common.php will not start a session. -require_once('common.php'); +require_once(dirname(__FILE__).'/common.php'); # make sure correct common.php is used. $CONF['show_header_text'] = 'NO'; $CONF['theme_logo'] = 'images/logo-default.png'; $CONF['theme_css'] = 'css/default.css'; -require('templates/header.php'); +require($incpath.'/templates/header.php'); ?> <div class='setup'> @@ -120,10 +120,10 @@ if ($file_config == 1) { print "<li>Depends on: presence config.inc.php - OK</li>\n"; - require_once('config.inc.php'); + require_once($incpath.'/config.inc.php'); $config_loaded = 1; - require('config.inc.php'); + require($incpath.'/config.inc.php'); if(isset($CONF['configured'])) { if($CONF['configured'] == TRUE) { print "<li>Checking \$CONF['configured'] - OK\n"; @@ -148,9 +148,11 @@ if (!is_writeable($incpath.'/templates_c')) { - print "<li><b>Error: The subdirectory templates_c is not writable.</b><br />\n"; - print "Please make it writable.<br />\n"; + print "<li><b>Error: Smarty template compile directory templates_c is not writable.</b><br />\n"; + print "<b>Please make it writable.</b><br />\n"; $error =+ 1; +} else { + print "<li>Smarty template compile directory is writable - OK<br />\n"; } // @@ -309,7 +311,7 @@ else { print "<p>Everything seems fine... attempting to create/update database structure</p>\n"; - require_once('upgrade.php'); + require_once($incpath.'/upgrade.php'); $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text']; $pAdminCreate_admin_password_text = ""; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2010-03-24 12:30:43
|
Revision: 813 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=813&view=rev Author: GingerDog Date: 2010-03-24 12:30:36 +0000 (Wed, 24 Mar 2010) Log Message: ----------- setup.php: patch from https://sourceforge.net/tracker/?func=detail&atid=937964&aid=2975822&group_id=191583 - thank you Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2010-03-24 12:21:36 UTC (rev 812) +++ trunk/setup.php 2010-03-24 12:30:36 UTC (rev 813) @@ -349,7 +349,7 @@ $table_domain = table_by_key('domain'); $r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'"); if($r['rows'] == 0) { - db_insert($table_domain, array('domain' => 'ALL')); // all other fields should default through the schema. + db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema. } list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-02-27 23:40:55
|
Revision: 976 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=976&view=rev Author: christian_boltz Date: 2011-02-27 23:40:49 +0000 (Sun, 27 Feb 2011) Log Message: ----------- setup.php: - make check for $CONF['configured'] more strict (=== instead of ==) Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2011-02-27 23:21:54 UTC (rev 975) +++ trunk/setup.php 2011-02-27 23:40:49 UTC (rev 976) @@ -125,7 +125,7 @@ require($incpath.'/config.inc.php'); if(isset($CONF['configured'])) { - if($CONF['configured'] == TRUE) { + if($CONF['configured'] === TRUE) { print "<li>Checking \$CONF['configured'] - OK\n"; } else { print "<li><b>Warning: \$CONF['configured'] is 'false'.<br>\n"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-07-18 22:00:01
|
Revision: 1078 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1078&view=rev Author: christian_boltz Date: 2011-07-18 21:59:55 +0000 (Mon, 18 Jul 2011) Log Message: ----------- setup.php: - renamed $tMessage to $setupMessage This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF), https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583 Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2011-07-18 21:56:08 UTC (rev 1077) +++ trunk/setup.php 2011-07-18 21:59:55 UTC (rev 1078) @@ -316,7 +316,7 @@ $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text']; $pAdminCreate_admin_password_text = ""; $tUsername = ''; - $tMessage = ''; + $setupMessage = ''; $lostpw_error = 0; $setuppw = ""; @@ -325,11 +325,11 @@ if (safepost("form") == "setuppw") { # "setup password" form submitted if (safepost('setup_password') != safepost('setup_password2')) { - $tMessage = "The two passwords differ!"; + $setupMessage = "The two passwords differ!"; $lostpw_error = 1; } else { list ($lostpw_error, $lostpw_result) = check_setup_password(safepost('setup_password'), 1); - $tMessage = $lostpw_result; + $setupMessage = $lostpw_result; $setuppw = "changed"; } } elseif (safepost("form") == "createadmin") { @@ -337,7 +337,7 @@ list ($pw_check_error, $pw_check_result) = check_setup_password(safepost('setup_password')); if ($pw_check_result != 'pass_OK') { $error += 1; - $tMessage = $pw_check_result; + $setupMessage = $pw_check_result; } if($error == 0 && $pw_check_result == 'pass_OK') { @@ -352,7 +352,7 @@ db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema. } - list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); + list ($error, $setupMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE); if ($error != 0) { if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']); } @@ -363,7 +363,7 @@ # show "create setup password" form ?> -<div class="standout"><?php print $tMessage; ?></div> +<div class="standout"><?php print $setupMessage; ?></div> <div id="edit_form"> <form name="setuppw" method="post" action="setup.php"> <input type="hidden" name="form" value="setuppw" /> @@ -392,7 +392,7 @@ } elseif ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0 || $lostpw_error == 0) { ?> -<div class="standout"><?php print $tMessage; ?></div> +<div class="standout"><?php print $setupMessage; ?></div> <div id="edit_form"> <form name="create_admin" method="post"> <input type="hidden" name="form" value="createadmin" /> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2013-07-10 11:55:26
|
Revision: 1497 http://sourceforge.net/p/postfixadmin/code/1497 Author: christian_boltz Date: 2013-07-10 11:55:23 +0000 (Wed, 10 Jul 2013) Log Message: ----------- setup.php: - explicitely specify (empty) values for description and transport when creating the "ALL" domain to fix problems with strict SQL mode in MariaDB https://sourceforge.net/p/postfixadmin/bugs/288/ Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2013-06-24 20:56:34 UTC (rev 1496) +++ trunk/setup.php 2013-07-10 11:55:23 UTC (rev 1497) @@ -344,7 +344,7 @@ $table_domain = table_by_key('domain'); $r = db_query("SELECT * FROM $table_domain WHERE domain = 'ALL'"); if($r['rows'] == 0) { - db_insert('domain', array('domain' => 'ALL')); // all other fields should default through the schema. + db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => '') ); // all other fields should default through the schema. } $values = array( This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2013-07-24 11:56:55
|
Revision: 1499 http://sourceforge.net/p/postfixadmin/code/1499 Author: christian_boltz Date: 2013-07-24 11:56:53 +0000 (Wed, 24 Jul 2013) Log Message: ----------- setup.php: - add TODO note to check for PHP >= 5.2.3 because smarty uses htmlentities with 4 parameters (4th param added in PHP 5.2.3) Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2013-07-10 11:59:30 UTC (rev 1498) +++ trunk/setup.php 2013-07-24 11:56:53 UTC (rev 1499) @@ -70,6 +70,7 @@ $phpversion = 5; print "<li>PHP version " . phpversion () . "</li>\n"; } +# TODO: check for PHP >= 5.2.3 - smarty uses htmlentities with 4 parameters. The forth parameter was added in PHP 5.2.3, older versions will give a warning } else { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2013-11-01 19:08:35
|
Revision: 1553 http://sourceforge.net/p/postfixadmin/code/1553 Author: christian_boltz Date: 2013-11-01 19:08:32 +0000 (Fri, 01 Nov 2013) Log Message: ----------- setup.php: - fix displaying the success message for creating a new admin Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2013-11-01 13:35:09 UTC (rev 1552) +++ trunk/setup.php 2013-11-01 19:08:32 UTC (rev 1553) @@ -515,7 +515,7 @@ return array( 0, - Config::lang_f($formconf['successmessage'], $values['username']), + $handler->infomsg['success'], array(), ); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2013-12-26 13:48:13
|
Revision: 1611 http://sourceforge.net/p/postfixadmin/code/1611 Author: christian_boltz Date: 2013-12-26 13:48:10 +0000 (Thu, 26 Dec 2013) Log Message: ----------- setup.php: - add hint about SELinux and AppArmor if templates_c is not writeable https://sourceforge.net/p/postfixadmin/feature-requests/112/ Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2013-12-22 16:50:55 UTC (rev 1610) +++ trunk/setup.php 2013-12-26 13:48:10 UTC (rev 1611) @@ -149,6 +149,7 @@ { print "<li><b>Error: Smarty template compile directory templates_c is not writable.</b><br />\n"; print "<b>Please make it writable.</b><br />\n"; + print "<b>If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.</b><br />\n"; $error =+ 1; } else { print "<li>Smarty template compile directory is writable - OK<br />\n"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2015-05-18 20:18:11
|
Revision: 1788 http://sourceforge.net/p/postfixadmin/code/1788 Author: christian_boltz Date: 2015-05-18 20:18:09 +0000 (Mon, 18 May 2015) Log Message: ----------- setup.php: - after creating a superadmin, display a note that the setup is done and it's possible to login now (idea by t-ask on IRC) Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2015-05-06 21:47:28 UTC (rev 1787) +++ trunk/setup.php 2015-05-18 20:18:09 UTC (rev 1788) @@ -363,7 +363,11 @@ if ($error != 0) { $tUsername = htmlentities($values['username']); + } else { + $setupMessage .= "<p>You are done with your basic setup. "; + $setupMessage .= "<p><b>You can now <a href='login.php'>login to PostfixAdmin</a> using the account you just created.</b>"; } + } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <gin...@us...> - 2016-08-08 05:00:41
|
Revision: 1855 http://sourceforge.net/p/postfixadmin/code/1855 Author: gingerdog Date: 2016-08-08 05:00:39 +0000 (Mon, 08 Aug 2016) Log Message: ----------- change error message depending on whether templates_c is present or not Modified Paths: -------------- trunk/setup.php Modified: trunk/setup.php =================================================================== --- trunk/setup.php 2016-05-23 04:49:00 UTC (rev 1854) +++ trunk/setup.php 2016-08-08 05:00:39 UTC (rev 1855) @@ -152,10 +152,17 @@ if (!is_writeable($incpath.'/templates_c')) { - print "<li><b>Error: Smarty template compile directory templates_c is not writable.</b><br />\n"; - print "<b>Please make it writable.</b><br />\n"; - print "<b>If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.</b><br />\n"; - $error =+ 1; + if(!is_dir($incpath . '/templates_c')) { + print "<li><b>Error: Smarty template compile directory templates_c not found.</b><br />\n"; + echo "<b>Please <code>mkdir -p $incpath/templates_c</code> and make it writeable by the web server</b>\n"; + $error =+ 1; + } + else { + print "<li><b>Error: Smarty template compile directory templates_c is not writable.</b><br />\n"; + print "<b>Please make it writable.</b><br />\n"; + print "<b>If you are using SELinux or AppArmor, you might need to adjust their setup to allow write access.</b><br />\n"; + $error =+ 1; + } } else { print "<li>Smarty template compile directory is writable - OK<br />\n"; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |