[panda-admin-commits] SF.net SVN: panda-admin:[54] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 54
          http://panda-admin.svn.sourceforge.net/panda-admin/?rev=54&view=rev
Author:   agrassi
Date:     2008-09-04 10:57:21 +0000 (Thu, 04 Sep 2008)

Log Message:
-----------
Password handling improved
HTTPS detection centralized and moved to $status

Modified Paths:
--------------
    trunk/includes/functions.php
    trunk/index.php
    trunk/modules/email/modify/chpw.php
    trunk/modules/email/modifynwl/chpw.php
    trunk/tpl/header.php

Added Paths:
-----------
    trunk/tpl/password.php

Modified: trunk/includes/functions.php
===================================================================

--- trunk/includes/functions.php	2008-07-03 11:23:18 UTC (rev 53)
+++ trunk/includes/functions.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -36,7 +36,8 @@
 	'data',
 	'scookie',
 	'page',
-	'subuser'
+	'subuser',
+	'https'
 );
 
 // Link creation function
@@ -77,7 +78,7 @@
 	
 	global $status;
 	
-	$link = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "?";
+	$link = "http" . $status->https . "://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "?";
 
 	for ($i = 0; $i < sizeof($fields); $i++) {
 		$field = $fields[$i];

Modified: trunk/index.php
===================================================================
--- trunk/index.php	2008-07-03 11:23:18 UTC (rev 53)
+++ trunk/index.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -32,6 +32,12 @@
 // Fill $status with command line
 $status = decode_status();
 
+if($_SERVER['HTTPS'] == 'on') {
+	$status->https = 's';
+} else {
+	$status->https = '';
+}
+
 if(!is_loggedin()){
 	if($_POST['username'] && $_POST['password']){
 		do_login($_POST['username'],$_POST['password']);

Modified: trunk/modules/email/modify/chpw.php
===================================================================
--- trunk/modules/email/modify/chpw.php	2008-07-03 11:23:18 UTC (rev 53)
+++ trunk/modules/email/modify/chpw.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -24,18 +24,23 @@
 	$status->message = _("Insert the new password for the local mailbox "). $status->user."@".$status->domain;
 	$status->ask = true;
 	$status->cancel_to = make_link(array('mode','domain','user','op'));	
-	$status->body = 'input';
+	$status->body = 'password';
 	return;
 }
 
 // Password has been supplied, scookie is ok
-if (changePassword("$status->user@$status->domain", $status->data)) {
-	$status->title = _("Operation successful.");
-	$status->message = _("The password for the address ") . $status->user."@".$status->domain ." has been updated.";
+if($status->data[1] == $status->data[2]) { 
+	if (changePassword("$status->user@$status->domain", $status->data[1])) {
+		$status->title = _("Operation successful.");
+		$status->message = _("The password for the address ") . $status->user."@".$status->domain ." has been updated.";
+	} else {
+		$status->title = _("Error");
+		$status->message = _("Error while updating the password for the address ") . $status->user."@".$status->domain;
+	
+	}
 } else {
-	$status->title = _("Error");
-	$status->message = _("Error while updating the password for the address ") . $status->user."@".$status->domain;
-
+		$status->title = _("Error");
+		$status->message = _("Supplied passwords don't match");
 }
 $status->body = 'message';
 

Modified: trunk/modules/email/modifynwl/chpw.php
===================================================================
--- trunk/modules/email/modifynwl/chpw.php	2008-07-03 11:23:18 UTC (rev 53)
+++ trunk/modules/email/modifynwl/chpw.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -29,12 +29,17 @@
 }
 
 // Password has been supplied, scookie is ok
-if (changeNWLPassword("$status->user@$status->domain", $status->data)) {
-	$status->title = _("Operation successful.");
-	$status->message = _("The password for the newsletter "). "$status->user@$status->domain" . _(" has been updated.");
+if($status->data[1] == $status->data[2]) { 
+	if (changeNWLPassword("$status->user@$status->domain", $status->data)) {
+		$status->title = _("Operation successful.");
+		$status->message = _("The password for the newsletter "). "$status->user@$status->domain" . _(" has been updated.");
+	} else {
+		$status->title = _("Error");
+		$status->message = _("Error while updating the password for the newsletter") . "$status->user@$status->domain";
+	}
 } else {
-	$status->title = _("Error");
-	$status->message = _("Error while updating the password for the newsletter") . "$status->user@$status->domain";
+		$status->title = _("Error");
+		$status->message = _("Supplied passwords don't match");
 }
 $status->body = 'message';
 

Modified: trunk/tpl/header.php
===================================================================
--- trunk/tpl/header.php	2008-07-03 11:23:18 UTC (rev 53)
+++ trunk/tpl/header.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -19,7 +19,6 @@
 */
 ?>
 <?= '<?xml version="1.0"?>' ?>
-<? if($_SERVER['HTTPS'] == 'on') { $is_https="s"; } else { $is_https=""; } ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml"
@@ -38,7 +37,7 @@
           <a href='<?= make_link(array()).'?mode=email' ?>'>e-mail</a>
           <a href='<?= make_link(array()).'?mode=domain' ?>'><?= _("domains") ?></a>
           <a href='<?= make_link(array()).'?mode=domainalias' ?>'><?= _("alias domains") ?></a>   
-          <a href='<?= "http" . $is_https . "://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']) . "/nwadmin" ?>' target="_blank">newsletter</a>   
+          <a href='<?= "http" . $status->is_https . "://" . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']) . "/nwadmin" ?>' target="_blank">newsletter</a>   
 <? if(is_administrator()) {  ?>
           <br />
           <a href='<?= make_link(array()).'?mode=users' ?>'><?= _("users") ?></a>

Added: trunk/tpl/password.php
===================================================================
--- trunk/tpl/password.php	                        (rev 0)
+++ trunk/tpl/password.php	2008-09-04 10:57:21 UTC (rev 54)
@@ -0,0 +1,34 @@
+<?
+/*
+   Copyright (C) 2007 - Marco Nenciarini <mn...@gr...>
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2, or (at your option)
+   any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software Foundation,
+   Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+*/
+?>
+          <h4><?= $status->title ?></h4>
+          <p><?= $status->message ?></p>
+          <form name='input' method='get' action='#'>
+            <p>
+              <?= make_hidden_fields(array ('mode', 'op', 'domain', 'user', 'subop', 'scookie')) ?>
+              <input type='password' name='data[1].' value='<?= $status->data[1] ?>' /><br />
+              <?= _("Repeat password: ") ?> <br /><input type='password' name='data[2].' value='<?= $status->data[1] ?>' /><br />
+              
+            </p>
+            <p>
+              [<a href='#' onclick='input.submit()'>ok</a>]
+              [<a href='<?= $status->cancel_to ?>'><?= _("cancel") ?></a>]
+            </p>
+          </form>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


