SF.net SVN: postfixadmin:[778] trunk

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 778
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=778&view=rev
Author:   christian_boltz
Date:     2009-11-30 12:48:25 +0000 (Mon, 30 Nov 2009)

Log Message:
-----------
after an hour of debugging with Han on #postfixadmin...

functions.inc.php:
- added error message if the check_owner query returns more than one result.
  This can happen with old databases (pre-2.3) where the domain_admins table
  contains "ALL" _and_ a domain for a superadmin - which results in the
  superadmin not able to edit mailboxes etc. for this domain.
  (Error message not translatable - this is a corner case.)

list-virtual.php:
- add "invalid parameter" error message before redirecting to list-domain
  if the user doesn't have permissions for a domain

Modified Paths:
--------------
    trunk/functions.inc.php
    trunk/list-virtual.php

Modified: trunk/functions.inc.php
===================================================================

--- trunk/functions.inc.php	2009-11-28 22:12:54 UTC (rev 777)
+++ trunk/functions.inc.php	2009-11-30 12:48:25 UTC (rev 778)
@@ -734,6 +734,10 @@
     $result = db_query ("SELECT 1 FROM $table_domain_admins WHERE username='$username' AND (domain='$domain' OR domain='ALL') AND active='1'");
     if ($result['rows'] != 1)
     {
+        if ($result['rows'] > 1) { # "ALL" + specific domain permissions. 2.3 doesn't create such entries, but they are available as leftover from older versions
+            flash_error("Permission check returned more than one result. Please go to 'edit admin' for your username and press the save "
+             . "button once to fix the database. If this doesn't help, open a bugreport.");
+        } 
         return false;
     }
     else

Modified: trunk/list-virtual.php
===================================================================
--- trunk/list-virtual.php	2009-11-28 22:12:54 UTC (rev 777)
+++ trunk/list-virtual.php	2009-11-30 12:48:25 UTC (rev 778)
@@ -70,6 +70,7 @@
 
 if (count($list_domains) == 0) {
 #   die("no domains");
+   flash_error( $PALANG['invalid_parameter'] );
    header("Location: list-domain.php"); # no domains (for this admin at least) - redirect to domain list
    exit;
 }
@@ -78,6 +79,7 @@
 
 if (!check_owner(authentication_get_username(), $fDomain)) {
 #   die($PALANG['invalid_parameter']);
+   flash_error( $PALANG['invalid_parameter'] );
    header("Location: list-domain.php"); # domain not owned by this admin
    exit(0);
 }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


