postfixadmin-svn — Postfix Admin SVN commit messages - READ ONLY!

SF.net SVN: postfixadmin:[655] trunk

[<chr...@us...>]

Revision: 655
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=655&view=rev
Author:   christian_boltz
Date:     2009-05-12 22:19:39 +0000 (Tue, 12 May 2009)

Log Message:
-----------
list-domain.php:
- replace get_domain_properties() calls with two SQL queries that fetch
  the domain data and count the number of mailboxes and aliases per domain.
  This change speeds up list-domain extremely on setups with lots of domains,
  mailboxes and aliases. The old code took several minutes on my test data
  (that's about 55000 mailboxes and their aliases), the new code only needs
  some seconds.
- $domain_properties now uses the domain name as index key instead of a
  serial number

templates/admin_list-domain.php:
- replace usage of $list_domains with $domain_properties
- change main loop to use the domain name as $domain_properties array key 
  instead of a serial number

upgrade.php:
- upgrade_655(): add index on domain column in mailbox and alias table.
  This speeds up list-domain from 14s to about 1s on my test data in MySQL
  (the 14s were _after_ the changes in list_domain.php)
- added _add_index() function to hide the database specific details in 
  upgrade functions

This commit should fix the performance problems reported on
http://sourceforge.net/forum/forum.php?thread_id=2343349&forum_id=676076

Modified Paths:
--------------
    trunk/list-domain.php
    trunk/templates/admin_list-domain.php
    trunk/upgrade.php

Modified: trunk/list-domain.php
===================================================================
--- trunk/list-domain.php	2009-05-11 19:39:28 UTC (rev 654)
+++ trunk/list-domain.php	2009-05-12 22:19:39 UTC (rev 655)
@@ -40,25 +40,60 @@
    $fUsername = "";
 }
 
+$list_all_domains = 0;
 if (isset($admin_properties) && $admin_properties['domain_count'] == 'ALL') { # list all domains for superadmins
-   $list_domains = list_domains ();
+   $list_all_domains = 1;
 } elseif (!empty($fUsername)) {
   $list_domains = list_domains_for_admin ($fUsername);
 } elseif ($is_superadmin) {
-   $list_domains = list_domains ();
+   $list_all_domains = 1;
 } else {
    $list_domains = list_domains_for_admin(authentication_get_username());
 }
 
-   if (!empty ($list_domains))
-   {
-      for ($i = 0; $i < sizeof ($list_domains); $i++)
-      {
-         $domain_properties[$i] = get_domain_properties ($list_domains[$i]);
-      }
-   }
-#}
+if ($list_all_domains == 1) {
+   $where = " WHERE domain.domain != 'ALL' "; # TODO: the ALL dummy domain is annoying...
+} else {
+   $list_domains = escape_string($list_domains);
+   $where = " WHERE domain.domain IN ('" . join("','", $list_domains) . "') ";
+}
 
+# fetch domain data and number of mailboxes
+# (PgSQL requires the extensive GROUP BY statement, https://sourceforge.net/forum/message.php?msg_id=7386240)
+$query = "
+   SELECT domain.* , COUNT( DISTINCT mailbox.username ) AS mailbox_count
+   FROM domain
+   LEFT JOIN mailbox ON domain.domain = mailbox.domain
+   $where
+   GROUP BY domain.domain, domain.description, domain.aliases, domain.mailboxes,
+   domain.maxquota, domain.quota, domain.transport, domain.backupmx, domain.created,
+   domain.modified, domain.active
+   ORDER BY domain.domain
+   ";
+$result = db_query($query);
+
+while ($row = db_array ($result['result'])) {
+   $domain_properties[$row['domain']] = $row;
+}
+
+# fetch number of aliases
+# doing this separate is much faster than doing it in one "big" query
+$query = "
+   SELECT domain.domain, COUNT( DISTINCT alias.address ) AS alias_count 
+   FROM domain
+   LEFT JOIN alias ON domain.domain = alias.domain
+   $where
+   GROUP BY domain.domain
+   ORDER BY domain.domain
+   ";
+
+$result = db_query($query);
+
+while ($row = db_array ($result['result'])) {
+   # add number of aliases to $domain_properties array. mailbox aliases do not count.
+   $domain_properties [$row['domain']] ['alias_count'] = $row['alias_count'] - $domain_properties [$row['domain']] ['mailbox_count'];
+}
+
 include ("templates/header.php");
 include ("templates/menu.php");
 

Modified: trunk/templates/admin_list-domain.php
===================================================================
--- trunk/templates/admin_list-domain.php	2009-05-11 19:39:28 UTC (rev 654)
+++ trunk/templates/admin_list-domain.php	2009-05-12 22:19:39 UTC (rev 655)
@@ -27,7 +27,7 @@
 </div>
 
 <?php 
-if (sizeof ($list_domains) > 0)
+if (sizeof ($domain_properties) > 0)
 {
    print "<table id=\"admin_table\">\n";
    print "   <tr class=\"header\">\n";
@@ -43,12 +43,13 @@
    print "      <td colspan=\"2\">&nbsp;</td>\n";
    print "   </tr>\n";
 
-   for ($i = 0; $i < sizeof ($list_domains); $i++)
+#   for ($i = 0; $i < sizeof ($domain_properties); $i++)
+   foreach(array_keys($domain_properties) as $i)
    {
-      if ((is_array ($list_domains) and sizeof ($list_domains) > 0))
+      if ((is_array ($domain_properties) and sizeof ($domain_properties) > 0))
       {
          print "   <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
-         print "<td><a href=\"list-virtual.php?domain=" . $list_domains[$i] . "\">" . $list_domains[$i] . "</a></td>";
+         print "<td><a href=\"list-virtual.php?domain=" . $domain_properties[$i]['domain'] . "\">" . $domain_properties[$i]['domain'] . "</a></td>";
          print "<td>" . $domain_properties[$i]['description'] . "</td>";
          print "<td>" . $domain_properties[$i]['alias_count'] . " / " . $domain_properties[$i]['aliases'] . "</td>";
          print "<td>" . $domain_properties[$i]['mailbox_count'] . " / " . $domain_properties[$i]['mailboxes'] . "</td>";
@@ -74,9 +75,9 @@
          print "<td>$backupmx</td>";
          print "<td>" . $domain_properties[$i]['modified'] . "</td>";
          $active = ($domain_properties[$i]['active'] == 1) ? $PALANG['YES'] : $PALANG['NO'];
-         print "<td><a href=\"edit-active-domain.php?domain=" . $list_domains[$i] . "\">" . $active . "</a></td>";
-         print "<td><a href=\"edit-domain.php?domain=" . $list_domains[$i] . "\">" . $PALANG['edit'] . "</a></td>";
-         print "<td><a href=\"delete.php?table=domain&delete=" . $list_domains[$i] . "\" onclick=\"return confirm ('" . $PALANG['confirm_domain'] . $PALANG['pAdminList_admin_domain'] . ": " . $list_domains[$i] . "')\">" . $PALANG['del'] . "</a></td>";
+         print "<td><a href=\"edit-active-domain.php?domain=" . $domain_properties[$i]['domain'] . "\">" . $active . "</a></td>";
+         print "<td><a href=\"edit-domain.php?domain=" . $domain_properties[$i]['domain'] . "\">" . $PALANG['edit'] . "</a></td>";
+         print "<td><a href=\"delete.php?table=domain&delete=" . $domain_properties[$i]['domain'] . "\" onclick=\"return confirm ('" . $PALANG['confirm_domain'] . $PALANG['pAdminList_admin_domain'] . ": " . $domain_properties[$i]['domain'] . "')\">" . $PALANG['del'] . "</a></td>";
          print "</tr>\n";
 		}
    }

Modified: trunk/upgrade.php
===================================================================
--- trunk/upgrade.php	2009-05-11 19:39:28 UTC (rev 654)
+++ trunk/upgrade.php	2009-05-12 22:19:39 UTC (rev 655)
@@ -222,7 +222,22 @@
     }
 }
 
+function _add_index($table, $indexname, $fieldlist) {
+    global $CONF;
+    $tabe = table_by_key ($table);
 
+    if ($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli' ) {
+        return "ALTER TABLE $table ADD INDEX `$indexname` ( `$fieldlist` )";
+    } elseif($CONF['database_type'] == 'pgsql') {
+        $pgindexname = $table . "_" . $indexname;
+        return "CREATE INDEX $pgindexname ON $table($fieldlist);"; # Index names are unique with a DB for PostgreSQL
+    } else {
+        echo "Sorry, unsupported database type " . $conf['database_type'];
+        exit;
+    }
+
+}
+
 function upgrade_1_mysql() {
     // CREATE MYSQL DATABASE TABLES.
     $admin = table_by_key('admin');
@@ -1063,3 +1078,7 @@
     db_query_parsed("ALTER TABLE `$table_mailbox` CHANGE `local_part` `local_part` VARCHAR( 255 ) {LATIN1} NOT NULL");
 }
 
+function upgrade_655() {
+    db_query_parsed(_add_index('mailbox', 'domain', 'domain'));
+    db_query_parsed(_add_index('alias',   'domain', 'domain'));
+}


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[654] trunk/debian/patches/ 01-20090509_database-credentials

[<no...@us...>]

Revision: 654
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=654&view=rev
Author:   normes
Date:     2009-05-11 19:39:28 +0000 (Mon, 11 May 2009)

Log Message:
-----------
changed 'configured = false' to 'configured = true'. The package should do all necessary things...

Modified Paths:
--------------
    trunk/debian/patches/01-20090509_database-credentials

Modified: trunk/debian/patches/01-20090509_database-credentials
===================================================================
--- trunk/debian/patches/01-20090509_database-credentials	2009-05-09 22:11:32 UTC (rev 653)
+++ trunk/debian/patches/01-20090509_database-credentials	2009-05-11 19:39:28 UTC (rev 654)
@@ -1,7 +1,16 @@
 Index: config.inc.php
 ===================================================================
---- config.inc.php.orig	2009-05-09 21:24:04.000000000 +0200
-+++ config.inc.php	2009-05-09 21:26:40.000000000 +0200
+--- config.inc.php.orig	2009-05-10 00:06:16.000000000 +0200
++++ config.inc.php	2009-05-10 00:59:50.000000000 +0200
+@@ -29,7 +29,7 @@ if (ereg ("config.inc.php", $_SERVER['PH
+  * Doing this implies you have changed this file as required.
+  * i.e. configuring database etc; specifying setup.php password etc.
+  */
+-$CONF['configured'] = false;
++$CONF['configured'] = true;
+ 
+ // In order to setup Postfixadmin, you MUST specify a hashed password here.
+ // To create the hash, visit setup.php in a browser and type a password into the field,
 @@ -52,11 +52,11 @@ $CONF['default_language'] = 'en';
  // mysql = MySQL 3.23 and 4.0, 4.1 or 5
  // mysqli = MySQL 4.1+ 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[653] trunk/debian

[<no...@us...>]

Revision: 653
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=653&view=rev
Author:   normes
Date:     2009-05-09 22:11:32 +0000 (Sat, 09 May 2009)

Log Message:
-----------
Migrated my .deb changes into SVN. Feedback welcome...

Modified Paths:
--------------
    trunk/debian/changelog
    trunk/debian/control
    trunk/debian/copyright
    trunk/debian/rules

Added Paths:
-----------
    trunk/debian/TODO
    trunk/debian/apache.conf
    trunk/debian/lighttpd.conf
    trunk/debian/patches/
    trunk/debian/patches/01-20090509_database-credentials
    trunk/debian/patches/series
    trunk/debian/po/
    trunk/debian/po/POTFILES.in
    trunk/debian/po/templates.pot
    trunk/debian/postfixadmin.config
    trunk/debian/postfixadmin.docs
    trunk/debian/postfixadmin.examples
    trunk/debian/postfixadmin.install
    trunk/debian/postfixadmin.links
    trunk/debian/postfixadmin.postinst
    trunk/debian/postfixadmin.postrm
    trunk/debian/postfixadmin.prerm
    trunk/debian/templates
    trunk/debian/watch

Removed Paths:
-------------
    trunk/debian/apache-conf
    trunk/debian/docs

Added: trunk/debian/TODO
===================================================================
--- trunk/debian/TODO	                        (rev 0)
+++ trunk/debian/TODO	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,4 @@
+ * Do all necessary things automatically (maybe with dbconfig?) (database, setp password...)
+ * DebTags
+ * dbconfig: DOCUMENTS/SECURITY.txt
+ * include postfix configuration templates

Deleted: trunk/debian/apache-conf
===================================================================
--- trunk/debian/apache-conf	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/apache-conf	2009-05-09 22:11:32 UTC (rev 653)
@@ -1,5 +0,0 @@
-# BEGIN FOR POSTFIXADMIN
-
-Alias /postfixadmin /usr/share/postfixadmin
-
-# END FOR POSTFIXADMIN

Copied: trunk/debian/apache.conf (from rev 647, trunk/debian/apache-conf)
===================================================================
--- trunk/debian/apache.conf	                        (rev 0)
+++ trunk/debian/apache.conf	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,5 @@
+# BEGIN FOR POSTFIXADMIN
+
+Alias /postfixadmin /usr/share/postfixadmin
+
+# END FOR POSTFIXADMIN


Property changes on: trunk/debian/apache.conf
___________________________________________________________________
Added: svn:mergeinfo
   + 

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/changelog	2009-05-09 22:11:32 UTC (rev 653)
@@ -1,121 +1,6 @@
-postfixadmin (2.3rc4) unstable; urgency=low
+postfixadmin (2.3rc5) unstable; urgency=low
 
-  * Security fix for setup.php (issue occurs for those upgrading only; where 
-    it's possible for a new admin user to get created by nasty.person)
-  * SVN revision 632
+  * Initial release (Closes: #247225)
 
- -- David Goodwin <dav...@pa...>  Sat, 18 Apr 2009 21:00:00 +0000
+ -- Norman Messtorff <no...@no...>  Sat, 09 May 2009 22:36:26 +0200
 
-postfixadmin (2.3rc3) unstable; urgency=low
-
-  * Attempt at fixing Debian build issues (thanks to me...@so...)
-  * SVN revision 611
-
- -- David Goodwin <dav...@pa...>  Mon, 6 Apr 2009 20:56:00 +0000
-
-postfixadmin (2.3rc2) unstable; urgency=low
-
-  * Subversion revision 593
-  * Add model directory to .deb etc.
-  * Updated ChangeLog
-
- -- David Goodwin <dav...@pa...>  Thu, 19 Mar 2009 19:50:00 +0000
-
-postfixadmin (2.3rc1) unstable; urgency=low
-
-  * Subversion revision 587
-  * New XmlRpc API for integration with 3rd party web mail clients.
-  * Various bug fixes
-  * Translation patches
-  * Addition of dovecotpw support
-
- -- David Goodwin <dav...@pa...>  Wed, 18 Mar 2009 19:52:00 +0000
-
-postfixadmin (2.3beta) unstable; urgency=low
-
-  * Subversion revision 533
-  * Fixes for MySQL upgrade issues
-  * Improved vacation.pl (renotification options, use SMTP headers, better
-    logging, optional external config file)
-  * Improved fetchmail.pl
-  * Domain aliases - new implementation should reduce backscatter etc.
-  * translation updates
-  * Added domain-postcreation script support
-  * Enhanced mailbox table to make it easier for people to customise where mailboxes live
-  * and much more
-
- -- David Goodwin <dav...@pa...>  Sat, 17 Jan 2009 20:06:00 +0000
-
-postfixadmin (2.2.1.1) unstable; urgency=low
-
-  * Subversion revision 412 (from branches/postfixadmin-2.2.1)
-  * THIS IS EFFECTIVELY THE SAME AS 2.2.1 (which should probably be ignored)
-
- -- David Goodwin <dav...@pa...>  Wed, 23 Jul 2008 12:37:00 +0000
-
-postfixadmin (2.2.1) unstable; urgency=low
-
-  * Various bug fixes (MySQL charset issue(s))
-  * Updated translations (pl, bg, ru, nb, tw etc)
-  * added quota parameter to mailbox_postcreation hook
-  * new hook to update the quota after editing a mailbox
-    ($CONF['mailbox_postedit_script'])
-  * fixed subfolder creation order and timing
-  * allow smtp server to be specified in vacation.pl
-  * fixed MySQL charset issues
-  * several small bugfixes
-  * Norwegian (bokmal) translation added
-  * Updated translations (pl, bg, ru, nb, tw etc)
-  * Subversion revision 408
-
- -- David Goodwin <dav...@pa...>  Mon, 21 Jul 2008 22:44:00 +0000
-postfixadmin (2.2.0) unstable; urgency=low
-
-  * 2.2.0 Released. 
-  * Fix fetchmail script to work with PostgreSQL
-  * Fix fetchmail table creation in MySQL and PostgreSQL
-  * Documentation fixups 
-  * Subversion revision 356
-
- -- David Goodwin <dav...@pa...>  Thu, 29 Apr 2008 15:47:00 +0000
-
-postfixadmin (2.2.0-rc5) unstable; urgency=low
-
-  * Fix MySQL installation issues (schema not being created!)
-  * Fix MySQL vacation_notification timestamp issue
-  * SVN revision: 340
-
- -- David Goodwin <dav...@pa...>  Wed, 23 Apr 2008 16:27:00 +0000
-
-postfixadmin (2.2.0-1rc4) unstable; urgency=low
-
-  * Removal of standalone database schema files (see upgrade.php)
-  * Various bug fixes
-  * Better/Move documentation on installation
-  * setup.php/upgrade.php works for PostgreSQL and MySQL
-  * MySQL Unicode problems fixed
-  * I think this is effectively v2.2.0
-  * SVN revision: 336
-
- -- David Goodwin <dav...@pa...>  Sun, 20 Apr 2008 20:19:00 +0000
-
-postfixadmin (2.2.0-1rc3) unstable; urgency=low
-
-  * Various bug fixes
-
- -- David Goodwin <dav...@pa...>  Thu, 28 Feb 2008 12:00:00 +0000
-
-postfixadmin (2.2.0-1rc2) unstable; urgency=low
-
-  * Improved CSS
-  * Improved upgrade procedure (should work for PGSQL) (see upgrade.php)
-  * Various bug fixes
-
- -- David Goodwin <dav...@pa...>  Sat, 29 Dec 2007 21:14:00 +0000
-
-postfixadmin (2.2.0-1rc1) unstable; urgency=low
-
-  * Initial Release (via dpkg)
-
- -- David Goodwin <dav...@pa...>  Sun, 04 Nov 2007 15:36:00 +0000
-

Modified: trunk/debian/control
===================================================================
--- trunk/debian/control	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/control	2009-05-09 22:11:32 UTC (rev 653)
@@ -1,8 +1,8 @@
 Source: postfixadmin
 Section: admin
 Priority: optional
-Maintainer: David Goodwin <dav...@pa...>
-Build-Depends: debhelper (>= 7)
+Maintainer: Norman Messtorff <no...@no...>
+Build-Depends: debhelper (>= 7), po-debconf, quilt (>= 0.46)
 Standards-Version: 3.8.1
 Homepage: http://postfixadmin.sourceforge.net
 XS-Vcs-Svn: https://postfixadmin.svn.sourceforge.net/svnroot/postfixadmin/trunk
@@ -10,19 +10,16 @@
 
 Package: postfixadmin
 Architecture: all
-Depends: apache2 | httpd, libapache2-mod-php5 | libapache-mod-php5 | php5-cgi | php5, ${misc:Depends}
-Recommends: 
-Suggests: postfix, postgresql-server, mysql-server, squirrelmail, squirrelmail-postfixadmin, courier-imap, dovecot-imapd
+Depends: debconf (>= 0.5), dbconfig-common, wwwconfig-common (>= 0.2.0), apache2 | lighttpd, libapache2-mod-php5 | php5-cgi | php5, php5-imap, php5-mysql | php5-pgsql, mysql-client | postgresql-client, ${misc:Depends}
+Recommends: postfix-mysql | postfix-pgsql, mysql-server | postgresql-server
+Suggests: squirrelmail-postfixadmin, dovecot-common | courier-authlib-mysql | courier-authlib-postgresql
 Description: Virtual mail hosting interface for Postfix
  Postfixadmin is a web interface to managing virtual users and domains
- for a Postfix mailserver. The web interface is written in PHP.
- Postfixadmin allows administrators to delegate handling a domain to domain 
- administrators. 
- Postfixadmin allows users to login and change their own settings (e.g. forward,
- vacation, password etc).
- Postfixadmin also includes support for virtual vacation support - 
- this requires Perl and various CPAN modules to be installed. 
- See included vacation.pl for further details.
- . 
- Homepage: http://postfixadmin.sf.net/
-
+ for a Postfix mail transport agent. The web interface is written in PHP.
+ It supports Virtual mailboxes, aliases, forwarders and vacation.
+ .
+ Allows administrators to delegate the handling of domains to the
+ domain administrators. Allows users to login and change their own
+ settings (e.g. forwarders, vacation, passwords etc).
+ .
+ Provides easy integration into dovecot, courier or cyrus.

Modified: trunk/debian/copyright
===================================================================
--- trunk/debian/copyright	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/copyright	2009-05-09 22:11:32 UTC (rev 653)
@@ -3,28 +3,33 @@
 
 It was downloaded from subversion, via http://postfixadmin.sf.net
 
-Upstream Authors: The PostfixAdmin Development Team <pos...@li...>
+Upstream Authors:
 
+   The PostfixAdmin Development Team <pos...@li...>
+
 Copyright:
 
    Copyright (C) 2007 The Postfixadmin Project Team
 
-   This program is free software; you can redistribute it and/or modify
+License:
+
+   This package is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
 
-   This program is distributed in the hope that it will be useful,
+   This package is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
 
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
+   along with this package; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
 
-On Debian GNU/Linux systems, the complete text of the GNU General Public
-License can be found in the `/usr/share/common-licenses' directory.
 
+On Debian GNU/Linux systems, the complete text of the GNU General
+Public License can be found in  `/usr/share/common-licenses/GPL-2'
+
 The Debian packaging of Postfixadmin is licensed under the same terms
 as Postfixadmin itself.

Deleted: trunk/debian/docs
===================================================================
--- trunk/debian/docs	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/docs	2009-05-09 22:11:32 UTC (rev 653)
@@ -1,6 +0,0 @@
-VIRTUAL_VACATION 
-DOCUMENTS 
-ADDITIONS
-LICENSE.TXT
-INSTALL.TXT
-GPL-LICENSE.TXT 

Added: trunk/debian/lighttpd.conf
===================================================================
--- trunk/debian/lighttpd.conf	                        (rev 0)
+++ trunk/debian/lighttpd.conf	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,4 @@
+# Alias for Postfixadmin
+alias.url += ( 
+	"/postfixadmin" => "/usr/share/postfixadmin",
+)

Added: trunk/debian/patches/01-20090509_database-credentials
===================================================================
--- trunk/debian/patches/01-20090509_database-credentials	                        (rev 0)
+++ trunk/debian/patches/01-20090509_database-credentials	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,21 @@
+Index: config.inc.php
+===================================================================
+--- config.inc.php.orig	2009-05-09 21:24:04.000000000 +0200
++++ config.inc.php	2009-05-09 21:26:40.000000000 +0200
+@@ -52,11 +52,11 @@ $CONF['default_language'] = 'en';
+ // mysql = MySQL 3.23 and 4.0, 4.1 or 5
+ // mysqli = MySQL 4.1+ 
+ // pgsql = PostgreSQL
+-$CONF['database_type'] = 'mysql';
+-$CONF['database_host'] = 'localhost';
+-$CONF['database_user'] = 'postfix';
+-$CONF['database_password'] = 'postfixadmin';
+-$CONF['database_name'] = 'postfix';
++$CONF['database_type'] = '_DBC_DBTYPE_';
++$CONF['database_host'] = '_DBC_DBSERVER_';
++$CONF['database_user'] = '_DBC_DBUSER_';
++$CONF['database_password'] = '_DBC_DBPASS_';
++$CONF['database_name'] = '_DBC_DBNAME_';
+ $CONF['database_prefix'] = '';
+ 
+ // Here, if you need, you can customize table names.

Added: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series	                        (rev 0)
+++ trunk/debian/patches/series	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1 @@
+01-20090509_database-credentials -p0

Added: trunk/debian/po/POTFILES.in
===================================================================
--- trunk/debian/po/POTFILES.in	                        (rev 0)
+++ trunk/debian/po/POTFILES.in	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] templates

Added: trunk/debian/po/templates.pot
===================================================================
--- trunk/debian/po/templates.pot	                        (rev 0)
+++ trunk/debian/po/templates.pot	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,31 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: pos...@pa...\n"
+"POT-Creation-Date: 2008-10-27 22:14+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL...@li...>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: multiselect
+#. Description
+#: ../templates:1001
+msgid "Web server to reconfigure automatically:"
+msgstr ""
+
+#. Type: multiselect
+#. Description
+#: ../templates:1001
+msgid ""
+"Please choose the web server that should be automatically configured to run "
+"postfixadmin."
+msgstr ""

Added: trunk/debian/postfixadmin.config
===================================================================
--- trunk/debian/postfixadmin.config	                        (rev 0)
+++ trunk/debian/postfixadmin.config	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -e
+
+. /usr/share/debconf/confmodule
+db_version 2.0
+db_input high postfixadmin/reconfigure-webserver || true
+db_go || true
+
+if [ -f /usr/share/dbconfig-common/dpkg/config ]; then
+	# we support mysql and pgsql
+	dbc_dbtypes="mysql, pgsql"
+
+	. /usr/share/dbconfig-common/dpkg/config
+	dbc_go postfixadmin $@
+fi

Copied: trunk/debian/postfixadmin.docs (from rev 647, trunk/debian/docs)
===================================================================
--- trunk/debian/postfixadmin.docs	                        (rev 0)
+++ trunk/debian/postfixadmin.docs	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,5 @@
+DOCUMENTS 
+CHANGELOG.TXT
+GPL-LICENSE.TXT 
+INSTALL.TXT
+LICENSE.TXT


Property changes on: trunk/debian/postfixadmin.docs
___________________________________________________________________
Added: svn:executable
   + *
Added: svn:mergeinfo
   + 

Added: trunk/debian/postfixadmin.examples
===================================================================
--- trunk/debian/postfixadmin.examples	                        (rev 0)
+++ trunk/debian/postfixadmin.examples	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,2 @@
+ADDITIONS
+VIRTUAL_VACATION

Added: trunk/debian/postfixadmin.install
===================================================================
--- trunk/debian/postfixadmin.install	                        (rev 0)
+++ trunk/debian/postfixadmin.install	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,12 @@
+*.php		usr/share/postfixadmin
+admin		usr/share/postfixadmin
+css		usr/share/postfixadmin
+images		usr/share/postfixadmin
+languages	usr/share/postfixadmin
+model		usr/share/postfixadmin
+motd.txt	usr/share/postfixadmin
+motd-users.txt	usr/share/postfixadmin
+templates	usr/share/postfixadmin
+users		usr/share/postfixadmin
+debian/apache.conf	etc/postfixadmin
+debian/lighttpd.conf	etc/postfixadmin

Added: trunk/debian/postfixadmin.links
===================================================================
--- trunk/debian/postfixadmin.links	                        (rev 0)
+++ trunk/debian/postfixadmin.links	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1 @@
+etc/postfixadmin/config.inc.php usr/share/postfixadmin/config.inc.php

Added: trunk/debian/postfixadmin.postinst
===================================================================
--- trunk/debian/postfixadmin.postinst	                        (rev 0)
+++ trunk/debian/postfixadmin.postinst	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,25 @@
+#!/bin/bash
+set -e
+
+if [ "$1" = "configure" ]; then
+	. /usr/share/debconf/confmodule
+	db_version 2.0
+	dbc_generate_include='template:/etc/postfixadmin/config.inc.php'
+	dbc_generate_include_owner='root:www-data'
+	dbc_generate_include_perms='640'
+	dbc_generate_include_args="-U -o template_infile=/usr/share/postfixadmin/config.inc.php"
+	. /usr/share/dbconfig-common/dpkg/postinst
+	dbc_go postfixadmin $@
+	db_get postfixadmin/reconfigure-webserver
+	servers="$RET"
+	restart="$servers"
+	linkdestination_apache="../../postfixadmin/apache.conf"
+	linkdestination_lighttpd="../../postfixadmin/lighttpd.conf"
+	linkname="postfixadmin"
+	. /usr/share/wwwconfig-common/confd-link.sh
+	. /usr/share/wwwconfig-common/restart.sh
+fi
+
+#DEBHELPER#
+
+exit 0

Added: trunk/debian/postfixadmin.postrm
===================================================================
--- trunk/debian/postfixadmin.postrm	                        (rev 0)
+++ trunk/debian/postfixadmin.postrm	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,26 @@
+#!/bin/sh
+set -e
+
+if [ "$1" = "remove" ] || [ "$1" = "purge" ]; then
+	if [ -f /usr/share/debconf/confmodule ]; then
+		. /usr/share/debconf/confmodule
+		db_version 2.0
+		
+		# restart the webserver only if we know which one was configured.
+		if db_get postfixadmin/reconfigure-webserver; then
+			servers="$RET"
+			restart=$servers
+			linkname="postfixadmin"
+			. /usr/share/wwwconfig-common/restart.sh
+		fi
+		
+		if [ -f /usr/share/dbconfig-common/dpkg/postrm ]; then
+			. /usr/share/dbconfig-common/dpkg/postrm
+			dbc_go postfixadmin $@
+		fi
+	fi
+fi
+
+#DEBHELPER#
+
+exit 0

Added: trunk/debian/postfixadmin.prerm
===================================================================
--- trunk/debian/postfixadmin.prerm	                        (rev 0)
+++ trunk/debian/postfixadmin.prerm	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+. /usr/share/debconf/confmodule
+
+if [ -f /usr/share/dbconfig-common/dpkg/prerm ]; then
+        . /usr/share/dbconfig-common/dpkg/prerm
+        dbc_go postfixadmin $@
+fi
+
+if [ -f /usr/share/debconf/confmodule ]; then
+	. /usr/share/debconf/confmodule
+	db_version 2.0
+	db_get postfixadmin/reconfigure-webserver
+	servers="$RET"
+	linkname="postfixadmin"
+	. /usr/share/wwwconfig-common/confd-link.sh
+fi
+
+#DEBHELPER#

Modified: trunk/debian/rules
===================================================================
--- trunk/debian/rules	2009-05-07 23:23:21 UTC (rev 652)
+++ trunk/debian/rules	2009-05-09 22:11:32 UTC (rev 653)
@@ -4,16 +4,21 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
+include /usr/share/quilt/quilt.make
+
 build: build-stamp
-build-stamp:
+
+build-stamp: $(QUILT_STAMPFN)
 	dh_testdir
+	#dh_testroot
 	touch build-stamp
 
-clean:
+
+clean: unpatch
 	dh_testdir
 	dh_testroot
-	rm -f build-stamp
 	dh_clean
+	debconf-updatepo
 
 install: build
 	dh_testdir
@@ -21,33 +26,20 @@
 	dh_prep
 	dh_installdirs
 	dh_install
-	cp motd* debian/postfixadmin/usr/share/postfixadmin
-	cp *.php debian/postfixadmin/usr/share/postfixadmin
 	mv debian/postfixadmin/usr/share/postfixadmin/config.inc.php debian/postfixadmin/etc/postfixadmin/config.inc.php
-	ln -s /etc/postfixadmin/config.inc.php debian/postfixadmin/usr/share/postfixadmin/config.inc.php
-	perl -p -i -e "s#$$CONF\['postfix_admin_path'\] = dirname\(__FILE__\)#$$CONF\['postfix_admin_path'\] = '/usr/share/postfixadmin'#" debian/postfixadmin/etc/postfixadmin/config.inc.php
-	cp -a model debian/postfixadmin/usr/share/postfixadmin
-	cp -a admin debian/postfixadmin/usr/share/postfixadmin
-	cp -a images debian/postfixadmin/usr/share/postfixadmin
-	cp -a languages debian/postfixadmin/usr/share/postfixadmin
-	cp -a templates debian/postfixadmin/usr/share/postfixadmin
-	cp -a users debian/postfixadmin/usr/share/postfixadmin
-	cp css/default.css debian/postfixadmin/usr/share/postfixadmin/css
-	cp debian/apache-conf debian/postfixadmin/etc/apache2/conf.d/postfixadmin
 	find debian/postfixadmin -name .svn | xargs -r rm -r
 
 # Build architecture-independent files here.
 binary-indep: build install
 	dh_testdir
 	dh_testroot
-	dh_installdebconf	
+	dh_installchangelogs
+	dh_installdebconf
 	dh_installdocs -X.svn
-	dh_installexamples
-	dh_installman
-	dh_installcron
+	dh_installexamples -X.svn
 	dh_link
 	dh_compress
-	dh_fixperms -X/var
+	dh_fixperms
 	dh_installdeb
 	dh_gencontrol
 	dh_md5sums

Added: trunk/debian/templates
===================================================================
--- trunk/debian/templates	                        (rev 0)
+++ trunk/debian/templates	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,6 @@
+Template: postfixadmin/reconfigure-webserver
+Type: multiselect
+Choices: apache2, apache, apache-ssl, apache-perl, lighttpd
+_Description: Web server to reconfigure automatically:
+ Please choose the web server that should be automatically configured
+ to run postfixadmin.

Added: trunk/debian/watch
===================================================================
--- trunk/debian/watch	                        (rev 0)
+++ trunk/debian/watch	2009-05-09 22:11:32 UTC (rev 653)
@@ -0,0 +1,2 @@
+version=3
+http://sf.net/postfixadmin/postfixadmin-(.*)\.tar\.gz


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[652] trunk

[<chr...@us...>]

Revision: 652
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=652&view=rev
Author:   christian_boltz
Date:     2009-05-07 23:23:21 +0000 (Thu, 07 May 2009)

Log Message:
-----------
reverting most changes from SVN r572 aka
https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966
because 
- it undermines the $CONF[*alias_control*] settings more or less - 
  mailbox aliases with non-default targets are always shown in 
  the "Aliases" section - see comment from 2009-05-04 on 
  https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964
- it introduced some "funny" bugs - a nice example is
  http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964

Files / sections affected by the revert:
- list-virtual.php: all numbers (alias count etc.) correct?
  (the changes in this file are the largest ones)
- functions.inc.php: SQL queries in get_domain_properties()
- delete.php: the only change since r572 affected code that was inserted 
  in r572 (and is now deleted again) - nothing should break here
- create-alias.php: had no changes since r572 - therefore nothing should 
  break here

Exceptions (not reverted):
- edit-alias: this change looks useful (hide mailbox alias target from 
  admins if they don't have permissions to change it). The actual code 
  has changed in the meantime, but the functionality stays.
  Additionally, reverting this would be very hard or throw useful later 
  changes away.
  BUT: shouldn't the page completely forbid to edit a mailbox alias if
  the admin doesn't have permissions for it?
- functions.inc.php: comment for pacrypt() ;-)
- linebreaks in long SQL queries

Please check if everything is still working as expected (especially the domain
list and the virtual list) - I did only some quick tests.

Modified Paths:
--------------
    trunk/create-alias.php
    trunk/delete.php
    trunk/functions.inc.php
    trunk/list-virtual.php

Modified: trunk/create-alias.php
===================================================================
--- trunk/create-alias.php	2009-05-06 20:24:05 UTC (rev 651)
+++ trunk/create-alias.php	2009-05-07 23:23:21 UTC (rev 652)
@@ -117,15 +117,14 @@
         $fAddress = "@" . escape_string ($_POST['fDomain']);
     }
 
-    $append_alias = false;
-
     $result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress'");
     if ($result['rows'] == 1)
     {
-        $append_alias = true;
+        $error = 1;
         $tAddress = escape_string ($_POST['fAddress']);
         $tGoto = $fGoto;
         $tDomain = $fDomain;
+        $pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error2'];
     }
 
     if ($fActive == "on") {
@@ -135,29 +134,13 @@
         $sqlActive = db_get_boolean(False);
     }
 
-    $success = false;
-    /* Alias (or mailbox) already present, let's add the destination to that row */
-    if ($append_alias) {
+    if ($error != 1) {
         if (preg_match('/^\*@(.*)$/', $fGoto, $match)) {
             $fGoto = "@" . $match[1];
         }
 
-        $array = db_array ($result['result']);
-
-        $values ['goto'] = $array['goto'] . ',' . $fGoto;
-        $result = db_update ($table_alias, "address = '$fAddress'", $values, array ('modified'));
-        $success = ($result == 1);
-
-    } elseif ($error != 1) {
-        if (preg_match('/^\*@(.*)$/', $fGoto, $match)) {
-            $fGoto = "@" . $match[1];
-        }
-
         $result = db_query ("INSERT INTO $table_alias (address,goto,domain,created,modified,active) VALUES ('$fAddress','$fGoto','$fDomain',NOW(),NOW(),'$sqlActive')");
-        $success = ($result['rows'] == 1);
-    }
-
-    if (! $success) {
+        if ($result['rows'] != 1) {
             $tDomain = $fDomain;
             $tMessage = $PALANG['pCreate_alias_result_error'] . "<br />($fAddress -> $fGoto)<br />\n";
         }
@@ -167,6 +150,7 @@
             $tDomain = $fDomain;
             $tMessage = $PALANG['pCreate_alias_result_success'] . "<br />($fAddress -> $fGoto)<br />\n";
         }
+    }
 }
 
 include ("templates/header.php");

Modified: trunk/delete.php
===================================================================
--- trunk/delete.php	2009-05-06 20:24:05 UTC (rev 651)
+++ trunk/delete.php	2009-05-07 23:23:21 UTC (rev 652)
@@ -37,64 +37,12 @@
 $SESSID_USERNAME = authentication_get_username();
 $error = 0;
 
-$fTable  = escape_string(safeget('table')); # see the if blocks below for valid values
-$fDelete = escape_string(safeget('delete'));
-$fDomain = escape_string(safeget('domain'));
+$fTable  = escape_string (safeget('table') ); # see the if blocks below for valid values
+$fDelete = escape_string (safeget('delete'));
+$fDomain = escape_string (safeget('domain'));
 
 $error=0;
 
-/**
- * delete_alias
- *  Action: Delete an alias
- * @param String $alias alias to delete.
- * @param String $domain domain of the alias
- * @param boolean $force_delete - deletes the alias from the table if true,
- *                                checks if the alias is real and act accordlying if false.
- *                                Default is false. 
- * @return String username (e.g. fo...@ex...)
- */
-function delete_alias($alias, $domain, $force_delete = false)
-{
-    global $table_alias, $table_mailbox;
-    $SESSID_USERNAME = authentication_get_username();
-    $real_alias = true;
-
-    if (! $force_delete)
-    {
-        $result = db_query ("SELECT 1 FROM $table_mailbox
-            WHERE username='$alias' AND domain='$domain'");
-        if ($result['rows'] != 0)
-        {
-            /* If the alias is a real mailbox as well, remove all its real aliases and keep
-             * only the address */
-            $real_alias = false;
-        }
-    }
-
-    if ($force_delete or $real_alias)
-    {
-        $result = db_query ("DELETE FROM $table_alias WHERE address='$alias' AND domain='$domain'");
-    }
-    else
-    {
-        $result = db_query ("UPDATE $table_alias SET goto='$alias',modified=NOW()
-            WHERE address='$alias' AND domain='$domain'");
-    }
-
-    if ($result['rows'] != 1)
-    {
-        $tMessage = $PALANG['pDelete_delete_error'] . "<b>$alias</b> (alias)!</span>";
-
-        return false;
-    }
-    else
-    {
-        db_log ($SESSID_USERNAME, $domain, 'delete_alias', $alias);
-    }
-
-    return true;
-}
-
 if ($fTable == "admin")
 {
     authentication_require_role('global-admin');
@@ -150,7 +98,7 @@
     }
 } # ($fTable == "alias_domain")
 
-elseif ($fTable == "mailbox")
+elseif ($fTable == "alias" or $fTable == "mailbox")
 {
 
     if (!check_owner ($SESSID_USERNAME, $fDomain))
@@ -166,59 +114,50 @@
     else
     {
         if ($CONF['database_type'] == "pgsql") db_query('BEGIN');
+        /* there may be no aliases to delete */
+        $result = db_query("SELECT * FROM $table_alias WHERE address = '$fDelete' AND domain = '$fDomain'");
+        if($result['rows'] == 1) {
+            $result = db_query ("DELETE FROM $table_alias WHERE address='$fDelete' AND domain='$fDomain'");
+            db_log ($SESSID_USERNAME, $fDomain, 'delete_alias', $fDelete);
+        }
 
-        $error = delete_alias ($fDelete, $fDomain, $force_delete = true) ? 0 : 1;
-        if (! $error)
+        /* is there a mailbox? if do delete it from orbit; it's the only way to be sure */
+        $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
+        if ($result['rows'] == 1)
         {
-            /* is there a mailbox? if do delete it from orbit; it's the only way to be sure */
-            $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
-            if ($result['rows'] == 1)
+            $result = db_query ("DELETE FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
+            $postdel_res=mailbox_postdeletion($fDelete,$fDomain);
+            if ($result['rows'] != 1 || !$postdel_res)
             {
-                $result = db_query ("DELETE FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
-                $postdel_res=mailbox_postdeletion($fDelete,$fDomain);
-                if ($result['rows'] != 1 || !$postdel_res)
+                $error = 1;
+                $tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (";
+                if ($result['rows']!=1)
                 {
-                    $error = 1;
-                    $tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (";
-                    if ($result['rows']!=1)
-                    {
-                        $tMessage.='mailbox';
-                        if (!$postdel_res) $tMessage.=', ';
-                    }
-                    if (!$postdel_res)
-                    {
-                        $tMessage.='post-deletion';
-                    }
-                    $tMessage.=')</span>';
+                    $tMessage.='mailbox';
+                    if (!$postdel_res) $tMessage.=', ';
                 }
+                if (!$postdel_res)
+                {
+                    $tMessage.='post-deletion';
+                }
+                $tMessage.=')</span>';
             }
-            $result = db_query("SELECT * FROM $table_vacation WHERE email = '$fDelete' AND domain = '$fDomain'");
-            if($result['rows'] == 1) {
-                db_query ("DELETE FROM $table_vacation WHERE email='$fDelete' AND domain='$fDomain'");
-                db_query ("DELETE FROM $table_vacation_notification WHERE on_vacation ='$fDelete' "); /* should be caught by cascade, if PgSQL */
-            }
         }
-
-        if ($error != 1)
-        {
-            if ($CONF['database_type'] == "pgsql") db_query('COMMIT');
-            header ("Location: list-virtual.php?domain=$fDomain");
-            exit;
-        } else {
-            $tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (physical mail)!</span>";
-            if ($CONF['database_type'] == "pgsql") db_query('ROLLBACK');
+        $result = db_query("SELECT * FROM $table_vacation WHERE email = '$fDelete' AND domain = '$fDomain'");
+        if($result['rows'] == 1) {
+            db_query ("DELETE FROM $table_vacation WHERE email='$fDelete' AND domain='$fDomain'");
+            db_query ("DELETE FROM $table_vacation_notification WHERE on_vacation ='$fDelete' "); /* should be caught by cascade, if PgSQL */
         }
-    } # ($fTable == "mailbox")
-}
-elseif ($fTable == "alias") {
-    $error = delete_alias ($fDelete, $fDomain) ? 0 : 1;
+    }
 
     if ($error != 1)
     {
+        if ($CONF['database_type'] == "pgsql") db_query('COMMIT');
         header ("Location: list-virtual.php?domain=$fDomain");
         exit;
     } else {
-        $tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (alias)!</span>";
+        $tMessage .= $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (physical mail)!</span>";
+        if ($CONF['database_type'] == "pgsql") db_query('ROLLBACK');
     }
 }
 else

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2009-05-06 20:24:05 UTC (rev 651)
+++ trunk/functions.inc.php	2009-05-07 23:23:21 UTC (rev 652)
@@ -431,14 +431,7 @@
     global $table_alias, $table_mailbox, $table_domain;
     $list = array ();
 
-    $result = db_query ("SELECT COUNT(*) FROM $table_alias
-        LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
-        WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-        OR
-        ($table_alias.domain='$domain'
-        AND $table_alias.goto LIKE '%,%'
-        AND $table_mailbox.maildir IS NOT NULL)");
-
+    $result = db_query ("SELECT COUNT(*) FROM $table_alias WHERE domain='$domain'");
     $row = db_row ($result['result']);
     $list['alias_count'] = $row[0];
 
@@ -449,7 +442,7 @@
     $result = db_query ("SELECT SUM(quota) FROM $table_mailbox WHERE domain='$domain'");
     $row = db_row ($result['result']);
     $list['quota_sum'] = $row[0];
-    $list['alias_count'] = $list['alias_count'];
+    $list['alias_count'] = $list['alias_count'] - $list['mailbox_count'];
 
     $list['alias_pgindex']=array ();
     $list['mbox_pgindex']=array ();
@@ -471,10 +464,6 @@
                 FROM $table_alias
                 LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
                 WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-                OR
-                ($table_alias.domain='$domain'
-                AND $table_alias.goto LIKE '%,%'
-                AND $table_mailbox.maildir IS NOT NULL)
                 ORDER BY $table_alias.address LIMIT $limitSql";
             $result = db_query ("$query");
             $row = db_array ($result['result']);
@@ -487,10 +476,6 @@
                 FROM $table_alias
                 LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
                 WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-                OR
-                ($table_alias.domain='$domain'
-                AND $table_alias.goto LIKE '%,%'
-                AND $table_mailbox.maildir IS NOT NULL)
                 ORDER BY $table_alias.address LIMIT $limitSql";
             $result = db_query ("$query");
             $row = db_array ($result['result']);

Modified: trunk/list-virtual.php
===================================================================
--- trunk/list-virtual.php	2009-05-06 20:24:05 UTC (rev 651)
+++ trunk/list-virtual.php	2009-05-07 23:23:21 UTC (rev 652)
@@ -123,22 +123,15 @@
     $table_alias.active
     FROM $table_alias LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
     WHERE ($table_alias.domain='$fDomain' AND $table_mailbox.maildir IS NULL)
-    OR
-    ($table_alias.domain='$fDomain'
-    AND $table_alias.goto LIKE '%,%'
-    AND $table_mailbox.maildir IS NOT NULL)
     ORDER BY $table_alias.address LIMIT $fDisplay, $page_size";
-
 if ('pgsql'==$CONF['database_type'])
 {
     $query = "SELECT address,
         goto,
-        modified,
+        extract(epoch from modified) as modified,
         active
-        FROM $table_alias WHERE domain='$fDomain'
-        AND NOT EXISTS(SELECT 1 FROM $table_mailbox
-        WHERE username=$table_alias.address
-        AND $table_alias.goto NOT LIKE '%,%')
+        FROM $table_alias
+        WHERE domain='$fDomain' AND NOT EXISTS(SELECT 1 FROM $table_mailbox WHERE username=$table_alias.address)
         ORDER BY address LIMIT $page_size OFFSET $fDisplay";
 }
 $result = db_query ($query);
@@ -147,20 +140,13 @@
     while ($row = db_array ($result['result']))
     {
         if ('pgsql'==$CONF['database_type'])
-        { 
+        {
             //. at least in my database, $row['modified'] already looks like : 2009-04-11 21:38:10.75586+01, 
             // while gmstrftime expects an integer value. strtotime seems happy though.
             //$row['modified']=gmstrftime('%c %Z',$row['modified']);
             $row['modified'] = date('Y-m-d H:i', strtotime($row['modified']));
             $row['active']=('t'==$row['active']) ? 1 : 0;
         }
-
-        /* Has a real mailbox as well? Remove the address from $row['goto'] in order to edit just the real aliases */
-        if (strstr ($row['goto'], ',') != FALSE)
-        {
-            $row['goto'] = preg_replace ('/\s*,*\s*' . $row['address'] . '\s*,*\s*/', '', $row['goto']);
-        }
-
         $tAlias[] = $row;
     }
 }
@@ -213,7 +199,7 @@
     }
     if (($limit['alias_count'] > $page_size) or ($limit['mailbox_count'] > $page_size)) {
         $tDisplay_up_show = 1;
-    }      
+    }
     if ((($fDisplay + $page_size) < $limit['alias_count']) or 
         (($fDisplay + $page_size) < $limit['mailbox_count'])) 
     {
@@ -242,5 +228,5 @@
 include ("templates/list-virtual.php");
 include ("templates/footer.php");
 
-/* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
 ?>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[651] trunk/templates/list-virtual.php

[<chr...@us...>]

Revision: 651
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=651&view=rev
Author:   christian_boltz
Date:     2009-05-06 20:24:05 +0000 (Wed, 06 May 2009)

Log Message:
-----------
templates/list-virtual.php:
- fixed boolconf() call
  "if (boolconf('used_quotas') == 'YES')" will never match, because 
  boolconf() returns boolean TRUE or FALSE

Modified Paths:
--------------
    trunk/templates/list-virtual.php

Modified: trunk/templates/list-virtual.php
===================================================================
--- trunk/templates/list-virtual.php	2009-05-03 17:23:48 UTC (rev 650)
+++ trunk/templates/list-virtual.php	2009-05-06 20:24:05 UTC (rev 651)
@@ -296,7 +296,7 @@
             }
             else
             {
-               if (boolconf('used_quotas') == 'YES')
+               if (boolconf('used_quotas'))
                   print divide_quota ($tMailbox[$i]['current']).'/';
                print divide_quota ($tMailbox[$i]['quota']);
             }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[650] trunk

[<chr...@us...>]

Revision: 650
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=650&view=rev
Author:   christian_boltz
Date:     2009-05-03 17:23:48 +0000 (Sun, 03 May 2009)

Log Message:
-----------
functions.inc.php:
- gen_show_status(): add support for recipient_delimiter when checking aliases
  This implements part (8) of 
  https://sourceforge.net/tracker/?func=detail&aid=1951926&group_id=191583&atid=937967

config.inc.php:
- add new setting $CONF['recipient_delimiter']

Modified Paths:
--------------
    trunk/config.inc.php
    trunk/functions.inc.php

Modified: trunk/config.inc.php
===================================================================
--- trunk/config.inc.php	2009-05-03 16:14:14 UTC (rev 649)
+++ trunk/config.inc.php	2009-05-03 17:23:48 UTC (rev 650)
@@ -301,6 +301,10 @@
 // - add the corresponding color to show_custom_colors
 $CONF['show_custom_domains']=array("subdomain.domain.ext","domain2.ext");
 $CONF['show_custom_colors']=array("lightgreen","lightblue");
+// If you use a recipient_delimiter in your postfix config, you can also honor it when aliases are checked.
+// Example: $CONF['recipient_delimiter'] = "+";
+// Set to "" to disable this check.
+$CONF['recipient_delimiter'] = "";
 
 
 // Optional:

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2009-05-03 16:14:14 UTC (rev 649)
+++ trunk/functions.inc.php	2009-05-03 17:23:48 UTC (rev 650)
@@ -2140,7 +2140,13 @@
         while ( ($g=array_pop($gotos)) && $stat_ok )
         {
             $stat_catchall = substr($g,strpos($g,"@"));
-            $stat_result = db_query ("SELECT address FROM $table_alias WHERE address = '$g' OR address = '$stat_catchall'");
+            $stat_delimiter = "";
+            if (!empty($CONF['recipient_delimiter'])) {
+                $delimiter = preg_quote($CONF['recipient_delimiter'], "/");
+                $stat_delimiter = preg_replace('/' .$delimiter. '[^' .$delimiter. ']*@/', "@", $g);
+                $stat_delimiter = "OR address = '$stat_delimiter'";
+            }
+            $stat_result = db_query ("SELECT address FROM $table_alias WHERE address = '$g' OR address = '$stat_catchall' $stat_delimiter");
             if ($stat_result['rows'] == 0)
             {
                 $stat_ok = 0;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[649] trunk/ADDITIONS/cleanupdirs.pl

[<chr...@us...>]

Revision: 649
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=649&view=rev
Author:   christian_boltz
Date:     2009-05-03 16:14:14 +0000 (Sun, 03 May 2009)

Log Message:
-----------
cleanupdirs.pl:
- allow usage of external config file (/etc/mail/postfixadmin/cleanupdirs.conf)
- skip everything that is not a directory (instead of bailing out with an error)

Modified Paths:
--------------
    trunk/ADDITIONS/cleanupdirs.pl

Modified: trunk/ADDITIONS/cleanupdirs.pl
===================================================================
--- trunk/ADDITIONS/cleanupdirs.pl	2009-05-02 20:24:58 UTC (rev 648)
+++ trunk/ADDITIONS/cleanupdirs.pl	2009-05-03 16:14:14 UTC (rev 649)
@@ -42,13 +42,21 @@
 use Getopt::Long;
 
 ### change settings as needed, see notes above #################################
-my $root_path = "/home/vmail";
-my $logfile = "/var/log/removed_maildirs.log";
-my $db_hostname = "localhost";
-my $db_port = "3306";
-my $db_database = "postfix";
-my $db_username = "someuser";
-my $db_password = "somepass";
+our $root_path = "/home/vmail";
+our $logfile = "/var/log/removed_maildirs.log";
+our $db_hostname = "localhost";
+our $db_port = "3306"; # this script currently supports MySQL only
+our $db_database = "postfix";
+our $db_username = "someuser";
+our $db_password = "somepass";
+
+# instead of changing this script, you can put your settings to /etc/mail/postfixadmin/cleanupdirs.conf
+# just use perl syntax there to fill the variables listed above (without the "our" keyword). Example:
+# $db_username = 'mail';
+if (-f "/etc/mail/postfixadmin/cleanupdirs.conf") {
+	require "/etc/mail/postfixadmin/cleanupdirs.conf";
+}
+
 ################################################################################
 
 ### begin program ##############################################################
@@ -63,6 +71,7 @@
   or die "Unable to access directory '$root_path' ($!)";
 foreach my $domain_dir (sort readdir DOMAINDIR) {
   next if $domain_dir =~ /^\./; # skip dotted dirs
+  next if (! -d "$root_path/$domain_dir"); # skip everything that is not a directory
   my $full_domain_dir = "$root_path/$domain_dir";
   opendir USERDIR, $full_domain_dir
     or die "Unable to access directory '$full_domain_dir' ($!)";


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[648] trunk

[<chr...@us...>]

Revision: 648
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=648&view=rev
Author:   christian_boltz
Date:     2009-05-02 20:24:58 +0000 (Sat, 02 May 2009)

Log Message:
-----------
setup.php:
- added form to create setup password hash. It will be displayed if
  a) no setup password is defined yet
  b) the "lost password" link was clicked
- moved checks for empty and too short passwort into check_setup_password()
- added an optional $lostpw_mode parameter to check_setup_password() which
  causes slightly different behaviour (enforces generation of new hash, even
  if the password would match)
- changed check_password_setup() return value to array($error, $message)
- moved displaying $tMessage above the form - it is more useful there.
- removed "see config.inc.php" notice from password field in "create superadmin" 
  form - this hint doesn't help much with the hashed password ;-)
- TODO: The if statements to decide which form to display is quite difficult
  (and will become unreadable in case we need another form ;-)
  We should think about a better way to select the form to display...
  (maybe flash_error / flash_info + redirect?)

upgrade.php:
- added missing <p> tag

Modified Paths:
--------------
    trunk/setup.php
    trunk/upgrade.php

Modified: trunk/setup.php
===================================================================
--- trunk/setup.php	2009-04-30 12:00:26 UTC (rev 647)
+++ trunk/setup.php	2009-05-02 20:24:58 UTC (rev 648)
@@ -302,24 +302,28 @@
     $pAdminCreate_admin_password_text = "";
     $tUsername = '';
     $tMessage = '';
+    $lostpw_error = 0;
 
+    $setuppw = "";
+    if (isset($CONF['setup_password'])) $setuppw = $CONF['setup_password'];
 
-    if ($_SERVER['REQUEST_METHOD'] == "POST")
-    {
-        # ensure setup password is correct
-        if (safepost('setup_password') == "" ) {
-            $error += 1;
-            $tMessage = "Setup password must be specified<br />If you didn't set up a setup password yet, enter the password you want to use.";
-        } elseif (strlen(safepost('setup_password')) < $CONF['min_password_length']) {
-            $error += 1;
-            $tMessage = "The setup password you entered is too short. Please choose a better one.";
+    if (safepost("form") == "setuppw") {
+        # "setup password" form submitted
+        if (safepost('setup_password') != safepost('setup_password2')) {
+            $tMessage = "The two passwords differ!";
+            $lostpw_error = 1;
         } else {
-            $pw_check_result = check_setup_password(safepost('setup_password'));
-            if ($pw_check_result != 'pass_OK') {
-                $error += 1;
-                $tMessage = $pw_check_result;
-            }
+            list ($lostpw_error, $lostpw_result) = check_setup_password(safepost('setup_password'), 1);
+            $tMessage = $lostpw_result;
+            $setuppw = "changed";
         }
+    } elseif (safepost("form") == "createadmin") {
+        # "create admin" form submitted
+        list ($pw_check_error, $pw_check_result) = check_setup_password(safepost('setup_password'));
+        if ($pw_check_result != 'pass_OK') {
+            $error += 1;
+            $tMessage = $pw_check_result;
+        }
 
         if($error == 0 && $pw_check_result == 'pass_OK') {
             if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']);
@@ -338,21 +342,52 @@
                 if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']);
             }
         }
-    }
+    } 
 
-    if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0)
-    {
-?>
+    if ( ($setuppw == "" || $setuppw == "changeme" || safeget("lostpw") == 1 || $lostpw_error != 0) /* && $_SERVER['REQUEST_METHOD'] != "POST" */ ) {
+# show "create setup password" form
+    ?>
 
+<div class="standout"><?php print $tMessage; ?></div>
 <div id="edit_form">
+<form name="setuppw" method="post" action="setup.php">
+<input type="hidden" name="form" value="setuppw" />
+<table>
+      <td colspan="3"><h3>Change setup password</h3></td>
+   </tr>
+   <tr>
+      <td>Setup password</td>
+      <td><input class="flat" type="password" name="setup_password" value="" /></td>
+      <td></td>
+   </tr>
+   <tr>
+      <td>Setup password (again)</td>
+      <td><input class="flat" type="password" name="setup_password2" value="" /></td>
+      <td></td>
+   </tr>
+   <tr>
+      <td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="Generate password hash" /></td>
+   </tr>
+</table>
+</form>
+</div>
+
+<?php
+
+    } elseif ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0 || $lostpw_error == 0) {
+        ?>
+
+<div class="standout"><?php print $tMessage; ?></div>
+<div id="edit_form">
 <form name="create_admin" method="post">
+<input type="hidden" name="form" value="createadmin" />
 <table>
       <td colspan="3"><h3>Create superadmin account</h3></td>
    </tr>
    <tr>
-      <td>Setup password (see config.inc.php)</td>
+      <td>Setup password</td>
       <td><input class="flat" type="password" name="setup_password" value="" /></td>
-      <td></td>
+      <td><a href="setup.php?lostpw=1">Lost password?</a></td>
    </tr>
    <tr>
       <td><?php print $PALANG['pAdminCreate_admin_username'] . ":"; ?></td>
@@ -372,9 +407,6 @@
    <tr>
       <td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php print $PALANG['pAdminCreate_admin_button']; ?>" /></td>
    </tr>
-   <tr>
-      <td colspan="3" class="standout"><?php print $tMessage; ?></td>
-   </tr>
 </table>
 </form>
 </div>
@@ -401,22 +433,42 @@
     return $salt . ':' . sha1($salt . ':' . $password);
 }
 
-function check_setup_password($password) {
+
+/*
+    returns: array(
+        'error' => 0 (or 1),
+        'message => text
+    )
+*/
+function check_setup_password($password, $lostpw_mode = 0) {
     global $CONF;
+    $error = 1; # be pessimistic
+
     $setuppw = "";
     if (isset($CONF['setup_password'])) $setuppw = $CONF['setup_password'];
 
     list($confsalt, $confpass, $trash) = explode(':', $setuppw . '::');
     $pass = encrypt_setup_password($password, $confsalt);
-    if ($pass == $setuppw) { # correct passsword
+
+    if ($password == "" ) { # no password specified?
+        $result = "Setup password must be specified<br />If you didn't set up a setup password yet, enter the password you want to use.";
+    } elseif (strlen($password) < $CONF['min_password_length']) { # password too short?
+        $result = "The setup password you entered is too short. Please choose a better one.";
+    } elseif ($pass == $setuppw && $lostpw_mode == 0) { # correct passsword (and not asking for a new password)
         $result = "pass_OK";
+        $error = 0;
     } else {
         $pass = encrypt_setup_password($password, generate_setup_password_salt());
-        $result = '<p><b>Setup password not specified correctly</b></p>';
+        $result = "";
+        if ($lostpw_mode == 1) {
+            $error = 0; # non-matching password is expected when the user asks for a new password
+        } else {
+            $result = '<p><b>Setup password not specified correctly</b></p>';
+        }
         $result .= '<p>If you want to use the password you entered as setup password, edit config.inc.php and set</p>';
         $result .= "<pre>\$CONF['setup_password'] = '$pass';</pre>";
     }
-    return $result;
+    return array ($error, $result);
 }
 
 /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

Modified: trunk/upgrade.php
===================================================================
--- trunk/upgrade.php	2009-04-30 12:00:26 UTC (rev 647)
+++ trunk/upgrade.php	2009-05-02 20:24:58 UTC (rev 648)
@@ -109,8 +109,8 @@
     $target_version = preg_replace('/[^0-9]/', '', '$Revision$');
 
     if ($current_version >= $target_version) {
-# already up to date
-        echo "Database is up to date";
+        # already up to date
+        echo "<p>Database is up to date</p>";
         return true;
     }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[647] trunk/templates/search.php

[<chr...@us...>]

Revision: 647
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=647&view=rev
Author:   christian_boltz
Date:     2009-04-30 12:00:26 +0000 (Thu, 30 Apr 2009)

Log Message:
-----------
templates/search.php:
- fix several "stristr(): Empty delimiter" warnings when empty search field is submitted

Modified Paths:
--------------
    trunk/templates/search.php

Modified: trunk/templates/search.php
===================================================================
--- trunk/templates/search.php	2009-04-25 17:58:56 UTC (rev 646)
+++ trunk/templates/search.php	2009-04-30 12:00:26 UTC (rev 647)
@@ -63,14 +63,14 @@
          print "   <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
          //highlight search string
          $tAlias[$i]['display_address'] = $tAlias[$i]['address'];
-         if (stristr($tAlias[$i]['display_address'],$fSearch))
+         if ($fSearch != "" && stristr($tAlias[$i]['display_address'],$fSearch))
          {
            $new_address = str_ireplace($fSearch, "<span style='background-color: lightgreen'>" .
                $fSearch . "</span>", $tAlias[$i]['display_address']);
            $tAlias[$i]['display_address'] = $new_address;
          }
          print "      <td>" . $tAlias[$i]['display_address'] . "</td>\n";
-         if (stristr($tAlias[$i]['goto'],$fSearch))
+         if ($fSearch != "" && stristr($tAlias[$i]['goto'],$fSearch))
          {
            $new_goto = str_ireplace($fSearch, "<span style='background-color: lightgreen'>" .
                $fSearch . "</span>", $tAlias[$i]['goto']);
@@ -137,14 +137,14 @@
       {
          print "   <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
          $tMailbox[$i]['display_username'] = $tMailbox[$i]['username'];
-         if (stristr($tMailbox[$i]['display_username'],$fSearch))
+         if ($fSearch != "" && stristr($tMailbox[$i]['display_username'],$fSearch))
          {
            $new_name = str_ireplace($fSearch, "<span style='background-color: lightgreen'>" .
                $fSearch . "</span>", $tMailbox[$i]['display_username']);
            $tMailbox[$i]['display_username'] = $new_name;
          }
          print "      <td>" . $tMailbox[$i]['display_username'] . "</td>\n";
-         if (stristr($tMailbox[$i]['name'],$fSearch))
+         if ($fSearch != "" && stristr($tMailbox[$i]['name'],$fSearch))
          {
            $new_name = str_ireplace($fSearch, "<span style='background-color: lightgreen'>" .
                $fSearch . "</span>", $tMailbox[$i]['name']);


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[646] trunk/users/vacation.php

[<chr...@us...>]

Revision: 646
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=646&view=rev
Author:   christian_boltz
Date:     2009-04-25 17:58:56 +0000 (Sat, 25 Apr 2009)

Log Message:
-----------
users/vacation.php:
- do not escape_string() $_POST[fSubject] and $_POST[fBody] - they are already
  escaped in VacationHandler.php. This fixes the problem that the vacation
  message contains "\r\n" instead of linebreaks. Reported in
  https://sourceforge.net/forum/forum.php?thread_id=3179404&forum_id=676076

Modified Paths:
--------------
    trunk/users/vacation.php

Modified: trunk/users/vacation.php
===================================================================
--- trunk/users/vacation.php	2009-04-25 13:11:16 UTC (rev 645)
+++ trunk/users/vacation.php	2009-04-25 17:58:56 UTC (rev 646)
@@ -69,8 +69,8 @@
         exit(0);
     }
 
-    if (isset ($_POST['fSubject'])) $fSubject = escape_string ($_POST['fSubject']);
-    if (isset ($_POST['fBody'])) $fBody = escape_string ($_POST['fBody']);
+    if (isset ($_POST['fSubject'])) $fSubject = $_POST['fSubject'];
+    if (isset ($_POST['fBody']))    $fBody    = $_POST['fBody'];
     if (isset ($_POST['fAway'])) $fAway = escape_string ($_POST['fAway']);
     if (isset ($_POST['fBack'])) $fBack = escape_string ($_POST['fBack']);
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[645] trunk

[<Gin...@us...>]

Revision: 645
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=645&view=rev
Author:   GingerDog
Date:     2009-04-25 13:11:16 +0000 (Sat, 25 Apr 2009)

Log Message:
-----------
alias editing - ensure template uses correct list of aliases

Modified Paths:
--------------
    trunk/edit-alias.php
    trunk/templates/edit-alias.php

Modified: trunk/edit-alias.php
===================================================================
--- trunk/edit-alias.php	2009-04-25 11:46:37 UTC (rev 644)
+++ trunk/edit-alias.php	2009-04-25 13:11:16 UTC (rev 645)
@@ -123,6 +123,7 @@
     {
         $new_aliases = explode(',', $goto);
     }
+    $new_aliases = array_unique($new_aliases);
 
     foreach($new_aliases as $address) {
         if (in_array($address, $CONF['default_aliases'])) continue;
@@ -161,7 +162,6 @@
         else
         {
             db_log ($SESSID_USERNAME, $fDomain, 'edit_alias', "$fAddress -> $goto");
-
             header ("Location: list-virtual.php?domain=$fDomain");
             exit;
         }

Modified: trunk/templates/edit-alias.php
===================================================================
--- trunk/templates/edit-alias.php	2009-04-25 11:46:37 UTC (rev 644)
+++ trunk/templates/edit-alias.php	2009-04-25 13:11:16 UTC (rev 645)
@@ -1,4 +1,5 @@
 <?php if( !defined('POSTFIXADMIN') ) die( "This file cannot be used standalone." ); ?>
+
 <div id="edit_form">
 <form name="alias" method="post">
 <table>
@@ -15,11 +16,9 @@
       <td>
 <textarea class="flat" rows="10" cols="60" name="fGoto">
 <?php
-$array = preg_split ('/,/', $tGoto);
-for ($i = 0 ; $i < sizeof ($array) ; $i++)
-{
-   if (empty ($array[$i])) continue;
-   print "$array[$i]\n";
+
+foreach($alias_list as $alias) {
+   print "$alias\n";
 }
 ?>
 </textarea>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[644] trunk/edit-alias.php

[<Gin...@us...>]

Revision: 644
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=644&view=rev
Author:   GingerDog
Date:     2009-04-25 11:46:37 +0000 (Sat, 25 Apr 2009)

Log Message:
-----------
edit-alias.php: I think this fixes ticket 2745147 ... 

Modified Paths:
--------------
    trunk/edit-alias.php

Modified: trunk/edit-alias.php
===================================================================
--- trunk/edit-alias.php	2009-04-22 14:56:28 UTC (rev 643)
+++ trunk/edit-alias.php	2009-04-25 11:46:37 UTC (rev 644)
@@ -38,55 +38,69 @@
     die("Check config.inc.php - domain administrators do not have the ability to edit user's aliases (alias_control_admin)");
 }
 
-if ($_SERVER['REQUEST_METHOD'] == "GET")
+/* retrieve existing alias record for the user first... may be via GET or POST */
+
+if(isset($_GET['address']) && isset($_GET['domain'])) {
+    $fAddress = escape_string($_GET['address']);
+    $fDomain = escape_string($_GET['domain']);
+}
+elseif(isset($_POST['address']) && isset($_POST['domain'])) {
+    $fAddress = escape_string($_POST['address']);
+    $fDomain = escape_string($_POST['domain']);
+}
+else {
+    die("Required parameters not present");
+}
+
+/* Check the user is able to edit the domain's aliases */
+if(!check_owner($SESSID_USERNAME, $fDomain) && !authentication_has_role('global-admin'))
 {
-    if (isset ($_GET['address'])) $fAddress = escape_string ($_GET['address']);
-    if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
+    die("You lack permission to do this. yes.");
+}
 
-    if (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin'))
-    {
-        $result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress' AND domain='$fDomain'");
+$table_alias = table_by_key('alias');
+$alias_list = array();
+$orig_alias_list = array();
+$result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress' AND domain='$fDomain'");
+if ($result['rows'] == 1)
+{
+    $row = db_array ($result['result']);
+    $tGoto = $row['goto'];
+
+    $orig_alias_list = explode(',', $tGoto);
+    $alias_list = $orig_alias_list;
+    //. if we are not a global admin, and special_alias_control is NO, hide the alias that's the mailbox name.
+    if($CONF['special_alias_control'] == 'NO' && !authentication_has_role('global-admin')) {
+        /* Has a mailbox as well? Remove the address from $tGoto in order to edit just the real aliases */
+        $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fAddress' AND domain='$fDomain'");
         if ($result['rows'] == 1)
         {
-            $row = db_array ($result['result']);
-            $tGoto = $row['goto'];
-
-            //. if we are not a global admin, and special_alias_control is NO, hide the alias that's the mailbox name.
-            if($CONF['special_alias_control'] == 'NO' && !authentication_has_role('global-admin')) {
-                /* Has a mailbox as well? Remove the address from $tGoto in order to edit just the real aliases */
-                $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fAddress' AND domain='$fDomain'");
-                if ($result['rows'] == 1)
-                {
-                    $tGoto = preg_replace ('/\s*,*\s*' . $fAddress . '\s*,*\s*/', '', $tGoto);
+            $alias_list = array(); // empty it, repopulated again below
+            foreach($orig_alias_list as $alias) {
+                if(strtolower($alias) == strtolower($fAddress)) {
+                    // mailbox address is dropped if they don't have special_alias_control enabled, and/or not a global-admin 
                 }
+                else {
+                    $alias_list[] = $alias;
+                }
             }
         }
     }
-    else
-    {
-        $tMessage = $PALANG['pEdit_alias_address_error'];
-    }
 }
+else {
+    die("Invalid alias / domain combination");
+}
 
 if ($_SERVER['REQUEST_METHOD'] == "POST")
 {
     $pEdit_alias_goto = $PALANG['pEdit_alias_goto'];
 
-    if (isset ($_GET['address'])) $fAddress = escape_string ($_GET['address']);
-    $fAddress = strtolower ($fAddress);
-    if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
     if (isset ($_POST['fGoto'])) $fGoto = escape_string ($_POST['fGoto']);
     $fGoto = strtolower ($fGoto);
 
-    if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin')) )
+    if (!check_alias_owner ($SESSID_USERNAME, $fAddress))
     {
         $error = 1;
-        $tGoto = $_POST['fGoto'];
-        $tMessage = $PALANG['pEdit_alias_domain_error'] . "$fDomain</span>";
-    }
-    elseif (!check_alias_owner ($SESSID_USERNAME, $fAddress))
-    {
-        $error = 1;
         $tGoto = $fGoto;
         $tMessage = $PALANG['pEdit_alias_result_error'];
     }
@@ -104,39 +118,37 @@
         $tMessage = $PALANG['pEdit_alias_goto_text_error1'];
     }
 
+    $new_aliases = array();
     if ($error != 1)
     {
-        $array = preg_split ('/,/', $goto);
+        $new_aliases = explode(',', $goto);
     }
-    else
-    {
-        $array = array();
-    }
 
-    for ($i = 0; $i < sizeof ($array); $i++) {
-        if (in_array ("$array[$i]", $CONF['default_aliases'])) continue;
-        if (empty ($array[$i])) continue; # TODO: should never happen - remove after 2.2 release
-        if (!check_email ($array[$i]))
+    foreach($new_aliases as $address) {
+        if (in_array($address, $CONF['default_aliases'])) continue;
+        if (empty($address)) continue; # TODO: should never happen - remove after 2.2 release
+        if (!check_email($address))
         {
             $error = 1;
             $tGoto = $goto;
-            $tMessage = $PALANG['pEdit_alias_goto_text_error2'] . "$array[$i]</span>";
+            $tMessage = $PALANG['pEdit_alias_goto_text_error2'] . "$address</span>";
         }
     }
 
     $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fAddress' AND domain='$fDomain'");
-    /* The alias has a real mailbox as well, prepend $goto with it */
     if ($result['rows'] == 1)
     {
-        // ensure mailbox alias exists... if they're a domain admin, and they're not allowed to...
         if($CONF['alias_control_admin'] == 'NO' && !authentication_has_role('global-admin')) {
-            $array[] = $fAddress;
+            // if original record had a mailbox alias, so ensure the updated one does too.
+            if(in_array($orig_alias_list, $fAddress)) {
+                $new_aliases[] = $fAddress;
+            }
         }
     }
     // duplicates suck, mmkay..
-    $array = array_unique($array);
+    $new_aliases = array_unique($new_aliases);
 
-    $goto = implode(',', $array);
+    $goto = implode(',', $new_aliases);
 
     if ($error != 1)
     {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[643] trunk/broadcast-message.php

[<Gin...@us...>]

Revision: 643
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=643&view=rev
Author:   GingerDog
Date:     2009-04-22 14:56:28 +0000 (Wed, 22 Apr 2009)

Log Message:
-----------
broadcast-message.php: fix hard coded table names

Modified Paths:
--------------
    trunk/broadcast-message.php

Modified: trunk/broadcast-message.php
===================================================================
--- trunk/broadcast-message.php	2009-04-22 14:53:35 UTC (rev 642)
+++ trunk/broadcast-message.php	2009-04-22 14:56:28 UTC (rev 643)
@@ -45,10 +45,12 @@
     }
     else
     {
-        $q = 'select username from mailbox union '.
-            'select goto from alias '.
-            'where goto not in (select username from mailbox)';
+        $table_mailbox = table_by_key('mailbox');
+        $table_alias = table_by_key('alias');
 
+        $q = "select username from $table_mailbox union select goto from $table_alias " .
+                    "where goto not in (select username from $table_mailbox)";
+
         $result = db_query ($q);
         if ($result['rows'] > 0)
         {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[642] trunk/broadcast-message.php

[<Gin...@us...>]

Revision: 642
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=642&view=rev
Author:   GingerDog
Date:     2009-04-22 14:53:35 +0000 (Wed, 22 Apr 2009)

Log Message:
-----------
reindent

Modified Paths:
--------------
    trunk/broadcast-message.php

Modified: trunk/broadcast-message.php
===================================================================
--- trunk/broadcast-message.php	2009-04-22 14:49:52 UTC (rev 641)
+++ trunk/broadcast-message.php	2009-04-22 14:53:35 UTC (rev 642)
@@ -31,67 +31,67 @@
 authentication_require_role('global-admin');
 
 if ($CONF['sendmail'] != 'YES') {
-   header("Location: " . $CONF['postfix_admin_url'] . "/main.php");
-   exit;
+    header("Location: " . $CONF['postfix_admin_url'] . "/main.php");
+    exit;
 }
 
 $SESSID_USERNAME = authentication_get_username();
 
 if ($_SERVER['REQUEST_METHOD'] == "POST")
 {
-   if (empty($_POST['subject']) || empty($_POST['message']) || empty($_POST['name']))
-   {
-      $error = 1;
-   }
-   else
-   {
-      $q = 'select username from mailbox union '.
-         'select goto from alias '.
-         'where goto not in (select username from mailbox)';
+    if (empty($_POST['subject']) || empty($_POST['message']) || empty($_POST['name']))
+    {
+        $error = 1;
+    }
+    else
+    {
+        $q = 'select username from mailbox union '.
+            'select goto from alias '.
+            'where goto not in (select username from mailbox)';
 
-      $result = db_query ($q);
-      if ($result['rows'] > 0)
-      {
-         mb_internal_encoding("UTF-8");
-         $b_name = mb_encode_mimeheader( $_POST['name'], 'UTF-8', 'Q');
-         $b_subject = mb_encode_mimeheader( $_POST['subject'], 'UTF-8', 'Q');
-         $b_message = base64_encode($_POST['message']);
+        $result = db_query ($q);
+        if ($result['rows'] > 0)
+        {
+            mb_internal_encoding("UTF-8");
+            $b_name = mb_encode_mimeheader( $_POST['name'], 'UTF-8', 'Q');
+            $b_subject = mb_encode_mimeheader( $_POST['subject'], 'UTF-8', 'Q');
+            $b_message = base64_encode($_POST['message']);
 
-         $i = 0;
-         while ($row = db_array ($result['result'])) {
-            $fTo = $row[0];
-            $fHeaders  = 'To: ' . $fTo . "\n";
-            $fHeaders .= 'From: ' . $b_name . ' <' . $CONF['admin_email'] . ">\n";
-            $fHeaders .= 'Subject: ' . $b_subject . "\n";
-            $fHeaders .= 'MIME-Version: 1.0' . "\n";
-            $fHeaders .= 'Content-Type: text/plain; charset=UTF-8' . "\n";
-            $fHeaders .= 'Content-Transfer-Encoding: base64' . "\n";
+            $i = 0;
+            while ($row = db_array ($result['result'])) {
+                $fTo = $row[0];
+                $fHeaders  = 'To: ' . $fTo . "\n";
+                $fHeaders .= 'From: ' . $b_name . ' <' . $CONF['admin_email'] . ">\n";
+                $fHeaders .= 'Subject: ' . $b_subject . "\n";
+                $fHeaders .= 'MIME-Version: 1.0' . "\n";
+                $fHeaders .= 'Content-Type: text/plain; charset=UTF-8' . "\n";
+                $fHeaders .= 'Content-Transfer-Encoding: base64' . "\n";
 
-            $fHeaders .= $b_message;
+                $fHeaders .= $b_message;
 
-            if (!smtp_mail ($fTo, $CONF['admin_email'], $fHeaders))
-            {
-               $tMessage .= "<br />" . $PALANG['pSendmail_result_error'] . "<br />";
+                if (!smtp_mail ($fTo, $CONF['admin_email'], $fHeaders))
+                {
+                    $tMessage .= "<br />" . $PALANG['pSendmail_result_error'] . "<br />";
+                }
+                else
+                {
+                    $tMessage .= "<br />" . $PALANG['pSendmail_result_success'] . "<br />";
+                }
             }
-            else
-            {
-               $tMessage .= "<br />" . $PALANG['pSendmail_result_success'] . "<br />";
-            }
-         }
-      }
-      include ("templates/header.php");
-      include ("templates/menu.php");
-      echo '<p>'.$PALANG['pBroadcast_success'].'</p>';
-      include ("templates/footer.php");
-   }
+        }
+        include ("templates/header.php");
+        include ("templates/menu.php");
+        echo '<p>'.$PALANG['pBroadcast_success'].'</p>';
+        include ("templates/footer.php");
+    }
 }
 
 if ($_SERVER['REQUEST_METHOD'] == "GET" || $error == 1)
 {
-   include ("templates/header.php");
-   include ("templates/menu.php");
-   include ("templates/broadcast-message.php");
-   include ("templates/footer.php");
+    include ("templates/header.php");
+    include ("templates/menu.php");
+    include ("templates/broadcast-message.php");
+    include ("templates/footer.php");
 }
 
 /* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[641] trunk/functions.inc.php

[<Gin...@us...>]

Revision: 641
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=641&view=rev
Author:   GingerDog
Date:     2009-04-22 14:49:52 +0000 (Wed, 22 Apr 2009)

Log Message:
-----------
functions.inc.php: reindent

Modified Paths:
--------------
    trunk/functions.inc.php

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2009-04-22 11:31:53 UTC (rev 640)
+++ trunk/functions.inc.php	2009-04-22 14:49:52 UTC (rev 641)
@@ -256,7 +256,7 @@
             flash_error("emailcheck_resolve_domain is enabled, but function (checkdnsrr) missing!");
         }
     }
-    
+
     return true;
 }
 
@@ -431,25 +431,25 @@
     global $table_alias, $table_mailbox, $table_domain;
     $list = array ();
 
-   $result = db_query ("SELECT COUNT(*) FROM $table_alias
-                        LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
-                        WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-                              OR
-                              ($table_alias.domain='$domain'
-                               AND $table_alias.goto LIKE '%,%'
-                               AND $table_mailbox.maildir IS NOT NULL)");
+    $result = db_query ("SELECT COUNT(*) FROM $table_alias
+        LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
+        WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
+        OR
+        ($table_alias.domain='$domain'
+        AND $table_alias.goto LIKE '%,%'
+        AND $table_mailbox.maildir IS NOT NULL)");
 
-   $row = db_row ($result['result']);
-   $list['alias_count'] = $row[0];
+    $row = db_row ($result['result']);
+    $list['alias_count'] = $row[0];
 
     $result = db_query ("SELECT COUNT(*) FROM $table_mailbox WHERE domain='$domain'");
     $row = db_row ($result['result']);
     $list['mailbox_count'] = $row[0];
 
-   $result = db_query ("SELECT SUM(quota) FROM $table_mailbox WHERE domain='$domain'");
-   $row = db_row ($result['result']);
-   $list['quota_sum'] = $row[0];
-   $list['alias_count'] = $list['alias_count'];
+    $result = db_query ("SELECT SUM(quota) FROM $table_mailbox WHERE domain='$domain'");
+    $row = db_row ($result['result']);
+    $list['quota_sum'] = $row[0];
+    $list['alias_count'] = $list['alias_count'];
 
     $list['alias_pgindex']=array ();
     $list['mbox_pgindex']=array ();
@@ -462,40 +462,40 @@
     $idxlabel="";
     $list['alias_pgindex_count'] = 0;
 
-   if ( $list['alias_count'] > $page_size )
-   {
-      while ( $current < $list['alias_count'] )
-      { 
-         $limitSql=('pgsql'==$CONF['database_type']) ? "1 OFFSET $current" : "$current, 1";
-         $query = "SELECT $table_alias.address
-                   FROM $table_alias
-                   LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
-                   WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-                        OR
-                         ($table_alias.domain='$domain'
-                          AND $table_alias.goto LIKE '%,%'
-                          AND $table_mailbox.maildir IS NOT NULL)
-                   ORDER BY $table_alias.address LIMIT $limitSql";
-         $result = db_query ("$query");
-         $row = db_array ($result['result']);
-         $tmpstr = $row['address'];
-         //get first 2 chars
-         $idxlabel = $tmpstr[0] . $tmpstr[1] . "-";
-         ($current + $page_size - 1 <= $list['alias_count']) ? $current = $current + $page_size - 1 : $current = $list['alias_count'] - 1;
-         $limitSql=('pgsql'==$CONF['database_type']) ? "1 OFFSET $current" : "$current, 1";
-         $query = "SELECT $table_alias.address
-                   FROM $table_alias
-                   LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
-                   WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
-                        OR
-                         ($table_alias.domain='$domain'
-                          AND $table_alias.goto LIKE '%,%'
-                          AND $table_mailbox.maildir IS NOT NULL)
-                   ORDER BY $table_alias.address LIMIT $limitSql";
-         $result = db_query ("$query");
-         $row = db_array ($result['result']);
-         $tmpstr = $row['address'];
-         $idxlabel = $idxlabel . $tmpstr[0] . $tmpstr[1];
+    if ( $list['alias_count'] > $page_size )
+    {
+        while ( $current < $list['alias_count'] )
+        { 
+            $limitSql=('pgsql'==$CONF['database_type']) ? "1 OFFSET $current" : "$current, 1";
+            $query = "SELECT $table_alias.address
+                FROM $table_alias
+                LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
+                WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
+                OR
+                ($table_alias.domain='$domain'
+                AND $table_alias.goto LIKE '%,%'
+                AND $table_mailbox.maildir IS NOT NULL)
+                ORDER BY $table_alias.address LIMIT $limitSql";
+            $result = db_query ("$query");
+            $row = db_array ($result['result']);
+            $tmpstr = $row['address'];
+            //get first 2 chars
+            $idxlabel = $tmpstr[0] . $tmpstr[1] . "-";
+            ($current + $page_size - 1 <= $list['alias_count']) ? $current = $current + $page_size - 1 : $current = $list['alias_count'] - 1;
+            $limitSql=('pgsql'==$CONF['database_type']) ? "1 OFFSET $current" : "$current, 1";
+            $query = "SELECT $table_alias.address
+                FROM $table_alias
+                LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
+                WHERE ($table_alias.domain='$domain' AND $table_mailbox.maildir IS NULL)
+                OR
+                ($table_alias.domain='$domain'
+                AND $table_alias.goto LIKE '%,%'
+                AND $table_mailbox.maildir IS NOT NULL)
+                ORDER BY $table_alias.address LIMIT $limitSql";
+            $result = db_query ("$query");
+            $row = db_array ($result['result']);
+            $tmpstr = $row['address'];
+            $idxlabel = $idxlabel . $tmpstr[0] . $tmpstr[1];
 
             $current = $current + 1;
 
@@ -1188,7 +1188,7 @@
         $l = db_row($res["result"]);
         $password = $l[0];
     }
-    
+
     elseif ($CONF['encrypt'] == 'authlib') {
         $flavor = $CONF['authlib_default_flavor'];
         $salt = substr(create_salt(), 0, 2); # courier-authlib supports only two-character salts
@@ -1198,7 +1198,7 @@
             $flavor = $result[1];  
             $salt = substr($result[2], 0, 2);
         }
- 
+
         if(stripos($flavor, 'md5raw') === 0) {
             $password = '{' . $flavor . '}' . md5($pw);
         } elseif(stripos($flavor, 'md5') === 0) {
@@ -1209,7 +1209,7 @@
             die("authlib_default_flavor '" . $flavor . "' unknown. Valid flavors are 'md5raw', 'md5' and 'crypt'");
         }
     }
-    
+
     elseif (preg_match("/^dovecot:/", $CONF['encrypt'])) {
         $split_method = preg_split ('/:/', $CONF['encrypt']);
         $method       = strtoupper($split_method[1]);


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[640] trunk

[<chr...@us...>]

Revision: 640
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=640&view=rev
Author:   christian_boltz
Date:     2009-04-22 11:31:53 +0000 (Wed, 22 Apr 2009)

Log Message:
-----------
login.php, index.php:
- removed the $CONF['configured'] = 'I_know_the_risk_of_not_deleting_setup.php' 
  developer hack (no longer needed since setup.php requires a password)
- this also makes index.php redirecting to login.php again (the old check tested
  for file_exists(setup.php)...)

common.php:
- removed a superfluous check for $CONF[setup_password] (see mailinglist for details)

config.inc.php:
- removed a small outdated comment

Modified Paths:
--------------
    trunk/common.php
    trunk/config.inc.php
    trunk/index.php
    trunk/login.php

Modified: trunk/common.php
===================================================================
--- trunk/common.php	2009-04-20 18:41:23 UTC (rev 639)
+++ trunk/common.php	2009-04-22 11:31:53 UTC (rev 640)
@@ -40,9 +40,6 @@
     if($CONF['configured'] == FALSE) {
         die("Please edit config.inc.php - change \$CONF['configured'] to true after setting your database settings");
     }
-    if(!isset($CONF['setup_password'])) {
-        die("You must have a \$CONF['setup_password'] defined - this allows authenticated access to setup.php");
-    }
 }
 
 

Modified: trunk/config.inc.php
===================================================================
--- trunk/config.inc.php	2009-04-20 18:41:23 UTC (rev 639)
+++ trunk/config.inc.php	2009-04-22 11:31:53 UTC (rev 640)
@@ -382,7 +382,7 @@
 // that future updates work without problems, you can use a separate config 
 // file (config.local.php) instead of editing this file and override some
 // settings there.
-if (file_exists(dirname(__FILE__) . '/config.local.php')) { # for /
+if (file_exists(dirname(__FILE__) . '/config.local.php')) {
     include(dirname(__FILE__) . '/config.local.php');
 }
 

Modified: trunk/index.php
===================================================================
--- trunk/index.php	2009-04-20 18:41:23 UTC (rev 639)
+++ trunk/index.php	2009-04-22 11:31:53 UTC (rev 640)
@@ -23,7 +23,7 @@
 
 $CONF['configured'] = FALSE;
 @include_once('config.inc.php'); # hide error message because only $CONF['configured'] is checked here
-if (!file_exists (realpath ("./setup.php")) || $CONF['configured'] == 'I_know_the_risk_of_not_deleting_setup.php')
+if ( $CONF['configured'] === TRUE )
 {
     header ("Location: login.php");
     exit;

Modified: trunk/login.php
===================================================================
--- trunk/login.php	2009-04-20 18:41:23 UTC (rev 639)
+++ trunk/login.php	2009-04-22 11:31:53 UTC (rev 640)
@@ -30,15 +30,10 @@
 
 require_once('common.php');
 
-if (isset($CONF['configured']) && $CONF['configured'] == 'I_know_the_risk_of_not_deleting_setup.php') {
+if($CONF['configured'] !== true) {
+  print "Installation not yet configured; please edit config.inc.php";
+  exit;
 }
-else
-{
-    if($CONF['configured'] !== true) {
-      print "Installation not yet configured; please edit config.inc.php";
-      exit;
-    }
-}
 
 if ($_SERVER['REQUEST_METHOD'] == "GET")
 {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[639] trunk/delete.php

[<Gin...@us...>]

Revision: 639
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=639&view=rev
Author:   GingerDog
Date:     2009-04-20 18:41:23 +0000 (Mon, 20 Apr 2009)

Log Message:
-----------
delete.php: fix undefined variables

Modified Paths:
--------------
    trunk/delete.php

Modified: trunk/delete.php
===================================================================
--- trunk/delete.php	2009-04-20 18:40:18 UTC (rev 638)
+++ trunk/delete.php	2009-04-20 18:41:23 UTC (rev 639)
@@ -37,25 +37,26 @@
 $SESSID_USERNAME = authentication_get_username();
 $error = 0;
 
-$fTable  = escape_string (safeget('table') ); # see the if blocks below for valid values
-$fDelete = escape_string (safeget('delete'));
-$fDomain = escape_string (safeget('domain'));
+$fTable  = escape_string(safeget('table')); # see the if blocks below for valid values
+$fDelete = escape_string(safeget('delete'));
+$fDomain = escape_string(safeget('domain'));
 
 $error=0;
 
 /**
  * delete_alias
  *  Action: Delete an alias
- * @param String $alias- alias to delete.
- * @param String $domain - domain of the alias
+ * @param String $alias alias to delete.
+ * @param String $domain domain of the alias
  * @param boolean $force_delete - deletes the alias from the table if true,
  *                                checks if the alias is real and act accordlying if false.
  *                                Default is false. 
  * @return String username (e.g. fo...@ex...)
  */
-function delete_alias ($alias, $domain, $force_delete = false)
+function delete_alias($alias, $domain, $force_delete = false)
 {
     global $table_alias, $table_mailbox;
+    $SESSID_USERNAME = authentication_get_username();
     $real_alias = true;
 
     if (! $force_delete)
@@ -88,7 +89,7 @@
     }
     else
     {
-        db_log ($SESSID_USERNAME, $fDomain, 'delete_alias', $fDelete);
+        db_log ($SESSID_USERNAME, $domain, 'delete_alias', $alias);
     }
 
     return true;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[638] trunk/edit-active.php

[<Gin...@us...>]

Revision: 638
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=638&view=rev
Author:   GingerDog
Date:     2009-04-20 18:40:18 +0000 (Mon, 20 Apr 2009)

Log Message:
-----------
fix undefined variables

Modified Paths:
--------------
    trunk/edit-active.php

Modified: trunk/edit-active.php
===================================================================
--- trunk/edit-active.php	2009-04-19 18:48:35 UTC (rev 637)
+++ trunk/edit-active.php	2009-04-20 18:40:18 UTC (rev 638)
@@ -32,6 +32,12 @@
 authentication_require_role('admin');
 $SESSID_USERNAME = authentication_get_username();
 
+$fAliasDomain = '';
+$fUsername    = '';
+$fAlias       = '';
+$fDomain      = '';
+$fReturn      = '';
+
 if ($_SERVER['REQUEST_METHOD'] == "GET")
 {
    if (isset ($_GET['alias_domain'])) $fAliasDomain = escape_string ($_GET['alias_domain']);


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[637] trunk/common.php

[<Gin...@us...>]

Revision: 637
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=637&view=rev
Author:   GingerDog
Date:     2009-04-19 18:48:35 +0000 (Sun, 19 Apr 2009)

Log Message:
-----------
common.php: remove redundant check

Modified Paths:
--------------
    trunk/common.php

Modified: trunk/common.php
===================================================================
--- trunk/common.php	2009-04-19 11:43:49 UTC (rev 636)
+++ trunk/common.php	2009-04-19 18:48:35 UTC (rev 637)
@@ -43,9 +43,6 @@
     if(!isset($CONF['setup_password'])) {
         die("You must have a \$CONF['setup_password'] defined - this allows authenticated access to setup.php");
     }
-    if($CONF['setup_password'] == 'changeme') {
-        die("You must specify a password in config.inc.php (\$CONF['setup_password']) in order to access setup.php");
-    }
 }
 
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[636] trunk/languages/nb.lang

[<chr...@us...>]

Revision: 636
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=636&view=rev
Author:   christian_boltz
Date:     2009-04-19 11:43:49 +0000 (Sun, 19 Apr 2009)

Log Message:
-----------
nb.lang
- language update from Odd Henriksen (oddhenriksen@SF)
  https://sourceforge.net/tracker/?func=detail&atid=937966&aid=2773238&group_id=191583

Modified Paths:
--------------
    trunk/languages/nb.lang

Modified: trunk/languages/nb.lang
===================================================================
--- trunk/languages/nb.lang	2009-04-18 20:21:52 UTC (rev 635)
+++ trunk/languages/nb.lang	2009-04-19 11:43:49 UTC (rev 636)
@@ -4,7 +4,7 @@
 // Language file Norwegian (bokmål)
 // by Odd Henriksen
 //
-// Last updated: 2009-01-24 / Odd Henriksen
+// Last updated: 2009-04-19 / Odd Henriksen
 //
 
 $PALANG['YES'] = 'JA';
@@ -24,7 +24,7 @@
 $PALANG['pLogin_username'] = 'Brukernavn (e-postadresse)';
 $PALANG['pLogin_password'] = 'Passord';
 $PALANG['pLogin_button'] = 'Logg inn';
-$PALANG['pLogin_failed'] = 'Your email address or password are not correct.'; # XXX
+$PALANG['pLogin_failed'] = 'E-postadressen eller passordet er ikke korrekt.';
 $PALANG['pLogin_login_users'] = 'Vanlige brukere kan klikke her for å gå til brukerseksjonen.';
 
 $PALANG['pMenu_main'] = 'Hoved';
@@ -339,10 +339,10 @@
 $PALANG['pUsersVacation_welcome_text'] = 'Du har allerede et autosvar aktivert!';
 $PALANG['pUsersVacation_subject'] = 'Emne';
 $PALANG['pUsersVacation_subject_text'] = 'Fraværsmelding';
-$PALANG['pUsersVacation_body'] = 'Meldingstekst'; # XXX text changed to 'Message'
+$PALANG['pUsersVacation_body'] = 'Meldingstekst';
 $PALANG['pUsersVacation_body_text'] = <<<EOM
-Jeg er utilgjengelig fra <date> til <date>.
-Dersom det gjelder noe viktig kan du kontakte <contact person>.
+Jeg er utilgjengelig fra (dato) til (dato).
+Dersom det gjelder noe viktig kan du kontakte (kontaktperson).
 EOM;
 $PALANG['pUsersVacation_button_away'] = 'Merk meg som fraværende';
 $PALANG['pUsersVacation_button_back'] = 'Merk meg som tilstede';


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[635] branches/postfixadmin-2.3rc4/

[<Gin...@us...>]

Revision: 635
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=635&view=rev
Author:   GingerDog
Date:     2009-04-18 20:21:52 +0000 (Sat, 18 Apr 2009)

Log Message:
-----------
branch to 2.3rc4... - trunk revision 634

Revision Links:
--------------
    http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=634&view=rev

Added Paths:
-----------
    branches/postfixadmin-2.3rc4/


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[634] trunk

[<Gin...@us...>]

Revision: 634
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=634&view=rev
Author:   GingerDog
Date:     2009-04-18 20:19:16 +0000 (Sat, 18 Apr 2009)

Log Message:
-----------
update documentation; get ready for a 2.3rc4 release

Modified Paths:
--------------
    trunk/CHANGELOG.TXT
    trunk/DOCUMENTS/UPGRADE.txt
    trunk/INSTALL.TXT
    trunk/config.inc.php
    trunk/debian/changelog
    trunk/functions.inc.php

Modified: trunk/CHANGELOG.TXT
===================================================================
--- trunk/CHANGELOG.TXT	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/CHANGELOG.TXT	2009-04-18 20:19:16 UTC (rev 634)
@@ -11,6 +11,16 @@
 # $Id$
 
 
+Version 2.3rc4 - 2009/04/18 - SVN r632
+--------------------------------------
+
+  - *Security fix* - on upgrade setup.php is restored; allowing a malicious
+    user to create their own superadmin account. We've removed the requirement to delete
+    setup.php, and instead a new config parameter (setup_password) is used to protect access
+    to this page. Password is encrypted, and setup.php can be used to generate the initial value.
+  - Fix undefined variables problem(s)
+  - Fix PostgreSQL date timestamp issues...
+ 
 Version 2.3rc3 - 2009/04/06 - SVN r611
 --------------------------------------
 

Modified: trunk/DOCUMENTS/UPGRADE.txt
===================================================================
--- trunk/DOCUMENTS/UPGRADE.txt	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/DOCUMENTS/UPGRADE.txt	2009-04-18 20:19:16 UTC (rev 634)
@@ -43,7 +43,7 @@
 Make sure that you are in your WWW directory and then unarchive the
 Postfix Admin archive (whatever the filename is):
 
-  $ tar -zxvf postfixadmin-2.2.tgz
+  $ tar -zxvf postfixadmin-X.X.tgz
 
 
 3. Change permissions
@@ -66,28 +66,32 @@
 Comparing config.inc.php with your previous using "diff" might save you some
 time.
 
+You can use a config.local.php file to contain your local settings - these will override any 
+defined in config.inc.php
 
-5. Perform appropriate database upgrades
+5. Run setup.php
 ----------------------------------------
 
+Access setup.php through a web browser.
+
+It will attempt to upgrade your database, and also allow you to create a superadmin user.
+
+From version 2.3, you need to specify a setup_password in config.inc.php - 
+setup.php should guide you through this process. If you do not have a setup_password, type one
+into the form, and setup.php will echo out the hashed value (which needs to go into config.inc.php).
+The setup_password removes the requirement for you to delete setup.php, and also closes a security hole.
+
 Since version 2.2 of Postfixadmin, setup.php can perform the needed database 
 updates automatically .
 
-Open setup.php in your browser to update your database scheme.
-
 If you update from 2.1 or older, also create a superadmin account using setup.php.
 
 Note that admin/ has been merged into the main directory. Login with the
 superadmin account to setup domains and domain admins.
 
 
-6. Delete setup.php
--------------------
-Delete setup.php - it allown non-authorized users to create a superadmin
-account!
 
-
-7. Done
+6. Done
 -------
 This is all that is needed. Fire up your browser and go to the site that you
 specified to host Postfix Admin.

Modified: trunk/INSTALL.TXT
===================================================================
--- trunk/INSTALL.TXT	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/INSTALL.TXT	2009-04-18 20:19:16 UTC (rev 634)
@@ -104,14 +104,13 @@
 The setup.php script will attempt to create the database structure 
 (or upgrade it if you're coming from a previous version). 
 
-Assuming everything is OK you can create the admin user using the form displayed.
+Assuming everything is OK you can specify a password (which you'll 
+need to use setup.php again in the future); when you submit the form, 
+the hashed value (which you need to enter into config.inc.php is echoed 
+out - with appropriate instructions on what to do with it).
 
-Once you submit the form, all that's left to do is to delete "setup.php"
+create the admin user using the form displayed.
 
-e.g.
-
-mv setup.php setup.php.disabled
-
 5. Use PostfixAdmin
 -------------------
 
@@ -122,4 +121,7 @@
 -------------------
 As of March 2007, PostfixAdmin moved to SourceForge.  For the
 forum posts and source updates, see:
+
 https://sourceforge.net/projects/postfixadmin
+
+There is also #postfixadmin on irc.freenode.net.

Modified: trunk/config.inc.php
===================================================================
--- trunk/config.inc.php	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/config.inc.php	2009-04-18 20:19:16 UTC (rev 634)
@@ -31,7 +31,9 @@
  */
 $CONF['configured'] = false;
 
-// In order to setup Postfixadmin, you MUST change the password below.
+// In order to setup Postfixadmin, you MUST specify a hashed password here.
+// To create the hash, visit setup.php in a browser and type a password into the field,
+// on submission it will be echoed out to you as a hashed value.
 $CONF['setup_password'] = 'changeme';
 
 // Postfix Admin Path

Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/debian/changelog	2009-04-18 20:19:16 UTC (rev 634)
@@ -1,3 +1,11 @@
+postfixadmin (2.3rc4) unstable; urgency=low
+
+  * Security fix for setup.php (issue occurs for those upgrading only; where 
+    it's possible for a new admin user to get created by nasty.person)
+  * SVN revision 632
+
+ -- David Goodwin <dav...@pa...>  Sat, 18 Apr 2009 21:00:00 +0000
+
 postfixadmin (2.3rc3) unstable; urgency=low
 
   * Attempt at fixing Debian build issues (thanks to me...@so...)

Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php	2009-04-18 19:56:24 UTC (rev 633)
+++ trunk/functions.inc.php	2009-04-18 20:19:16 UTC (rev 634)
@@ -22,7 +22,7 @@
     exit;
 }
 
-$version = '2.3 rc3';
+$version = '2.3 rc4';
 
 /**
  * check_session


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[633] trunk/setup.php

[<Gin...@us...>]

Revision: 633
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=633&view=rev
Author:   GingerDog
Date:     2009-04-18 19:56:24 +0000 (Sat, 18 Apr 2009)

Log Message:
-----------
setup.php: remove duplication of error message ... 

Modified Paths:
--------------
    trunk/setup.php

Modified: trunk/setup.php
===================================================================
--- trunk/setup.php	2009-04-18 19:47:53 UTC (rev 632)
+++ trunk/setup.php	2009-04-18 19:56:24 UTC (rev 633)
@@ -336,14 +336,8 @@
             list ($error, $tMessage, $pAdminCreate_admin_username_text, $pAdminCreate_admin_password_text) = create_admin($fUsername, $fPassword, $fPassword2, array('ALL'), TRUE);
             if ($error != 0) {
                 if (isset ($_POST['fUsername'])) $tUsername = escape_string ($_POST['fUsername']);
-            } else {
-                print "<p><b>$tMessage</b></p>";
             }
         }
-        else {
-            print "<p><b>$tMessage</b></p>";
-        }
-
     }
 
     if ($_SERVER['REQUEST_METHOD'] == "GET" || $error != 0)


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[632] website

[<gin...@us...>]

Revision: 632
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=632&view=rev
Author:   gingerdog
Date:     2009-04-18 19:47:53 +0000 (Sat, 18 Apr 2009)

Log Message:
-----------
updates

Modified Paths:
--------------
    website/index.php
    website/update-check.php

Modified: website/index.php
===================================================================
--- website/index.php	2009-04-18 19:40:50 UTC (rev 631)
+++ website/index.php	2009-04-18 19:47:53 UTC (rev 632)
@@ -17,7 +17,6 @@
 
 <ul>
 	<li><a href="http://sourceforge.net/forum/forum.php?forum_id=676076">Postfixadmin Discussion Forum</a></li>
-	<li><a href="http://sourceforge.net/mail/?group_id=191583">Mailing lists</a></li>
 	<li>IRC - #postfixadmin on irc.freenode.net </li>
 </ul>
 
@@ -29,6 +28,12 @@
 	<li>And presumably a compatible IMAP/POP3 server (dovecot and courier seem to be the most popular)</li>
 </ul>
 
+<h3>Plans...</h3>
+<ul>
+<li>Release 2.3 - May 2009 - Aliased domains, bug fixes, better Debian installer. See changelog/announcement when it arrives :)</li>
+<li>Release 3.0 - ???????????? - Smarty / Doctrine refactoring, better vacation functionality, user controllable fetchmail</li>
+</ul>
+
 <h3>Download - version 2.2.1.1</h3>
 
 <p>v2.2.1.1 was released in July 2008. It's the latest stable version and is basically all bug fixes from 'trunk' since 2.2.0 was released, without the new features (i.e. domain-domain aliasing). It is the latest version and we'd recommend users of previous versions upgrade.</p>
@@ -41,10 +46,8 @@
 
 <p>'trunk' currently contains a working domain-domain aliasing implementation, but to use it, you'll need to alter some Postfix settings first. Once this is finished, it will probably form 2.3.0, which may be released within the next month or so.</p>
 
-<p>In the near future, we plan to refactor the codebase to allow for XMLRPC/SOAP integration, allowing e.g. Squirrelmail and RoundCube to integrate with Postfixadmin without having to talk to e.g. a database. This should eventually allow PostfixAdmin to work with e.g. LDAP or a.n.other backend data store without having to change the front end code. This will almost certainly mean the minimum requirements will by PHP5 and probably a dependence on the Zend Framework.</p>
+<p>The 2.3 code base will allow for XMLRPC access - this will allow third party software to integrate (allowing users to change their password, set their vacation message etc)</p>
 
-<p>If you wish to get involved, or try out 'trunk' try :</p>
-
 <code>svn co https://postfixadmin.svn.sourceforge.net/svnroot/postfixadmin/trunk postfixadmin</code>
 
 <h3>Upgrading Postfixadmin</h3>

Modified: website/update-check.php
===================================================================
--- website/update-check.php	2009-04-18 19:40:50 UTC (rev 631)
+++ website/update-check.php	2009-04-18 19:47:53 UTC (rev 632)
@@ -1,7 +1,7 @@
 <?php
 require_once('header.php');
 
-$latest = "2.2.1.1";
+$latest = "2.3 rc2";
 
 if(!isset($_GET['version'])) {
 	echo "Invalid usage";	
@@ -10,7 +10,7 @@
 	$version = $_GET['version'];
 }
 if(strcmp($version,$latest) >= 0) {
-	echo "Congratulations - you're running the latest stable version of PostfixAdmin";
+	echo "Congratulations - you're running the latest version of PostfixAdmin";
 }
 else {
 	echo "Upgrade available - the latest version is $latest"; 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

SF.net SVN: postfixadmin:[631] trunk/create-alias-domain.php

[<Gin...@us...>]

Revision: 631
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=631&view=rev
Author:   GingerDog
Date:     2009-04-18 19:40:50 +0000 (Sat, 18 Apr 2009)

Log Message:
-----------
create-alias-domain.php: fix undefined variables

Modified Paths:
--------------
    trunk/create-alias-domain.php

Modified: trunk/create-alias-domain.php
===================================================================
--- trunk/create-alias-domain.php	2009-04-18 19:38:20 UTC (rev 630)
+++ trunk/create-alias-domain.php	2009-04-18 19:40:50 UTC (rev 631)
@@ -38,6 +38,8 @@
    exit;
 }
 
+$fAliasDomain = '';
+$fTargetDomain= '';
 $username = authentication_get_username();
 $SESSID_USERNAME = $username;
 if(authentication_has_role('global-admin')) {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.