Thread: SF.net SVN: postfixadmin:[1188] trunk/functions.inc.php (Page 3)
Brought to you by:
christian_boltz,
gingerdog
From: <chr...@us...> - 2011-09-24 11:49:20
|
Revision: 1188 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1188&view=rev Author: christian_boltz Date: 2011-09-24 11:49:14 +0000 (Sat, 24 Sep 2011) Log Message: ----------- functions.inc.php - check_email(): - replace $CONF[vacation_domain] only at the end of the mail address Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-09-23 16:08:32 UTC (rev 1187) +++ trunk/functions.inc.php 2011-09-24 11:49:14 UTC (rev 1188) @@ -266,7 +266,7 @@ //and change from blah#fo...@au... to bl...@fo... if ($CONF['vacation'] == 'YES') { $vacation_domain = $CONF['vacation_domain']; - $ce_email = preg_replace("/@$vacation_domain/", '', $ce_email); + $ce_email = preg_replace("/@$vacation_domain\$/", '', $ce_email); $ce_email = preg_replace("/#/", '@', $ce_email); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-09-25 18:54:04
|
Revision: 1193 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1193&view=rev Author: christian_boltz Date: 2011-09-25 18:53:58 +0000 (Sun, 25 Sep 2011) Log Message: ----------- functions.inc.php - create_admin() - check password with validate_password() - cleanup the handling of the success message This fixes 50% of https://sourceforge.net/tracker/?func=detail&aid=1951979&group_id=191583&atid=937964 Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-09-25 18:39:20 UTC (rev 1192) +++ trunk/functions.inc.php 2011-09-25 18:53:58 UTC (rev 1193) @@ -2277,15 +2277,23 @@ $pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error2']; } + $generated_password = 0; if (empty ($fPassword) or empty ($fPassword2) or ($fPassword != $fPassword2)) { if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES" && $no_generate_password == 0) { $fPassword = generate_password (); + $generated_password = 1; } else { $error = 1; $pAdminCreate_admin_password_text_error = $PALANG['pAdminCreate_admin_password_text_error']; } } + $validpass = validate_password($fPassword); + if(count($validpass) > 0 && $generated_password == 0) { # skip this check for generated passwords + $pAdminCreate_admin_password_text_error = $validpass[0]; # TODO: honor all error messages, not only the first one + $error = 1; + } + if ($error != 1) { $password = pacrypt($fPassword); // $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text']; @@ -2309,15 +2317,10 @@ } } $pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_success'] . "<br />($fUsername"; - if ($CONF['generate_password'] == "YES" && $no_generate_password == 0) { - $pAdminCreate_admin_message .= " / $fPassword)</br />"; - } else { - if ($CONF['show_password'] == "YES" && $no_generate_password == 0) { - $pAdminCreate_admin_message .= " / $fPassword)</br />"; - } else { - $pAdminCreate_admin_message .= ")</br />"; - } + if ($CONF['show_password'] == "YES" || $generated_password == 1) { + $pAdminCreate_admin_message .= " / $fPassword"; } + $pAdminCreate_admin_message .= ")</br />"; } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-10-16 22:20:01
|
Revision: 1208 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1208&view=rev Author: christian_boltz Date: 2011-10-16 22:19:55 +0000 (Sun, 16 Oct 2011) Log Message: ----------- functions.inc.php: - new function db_boolean_to_int() to convert boolean values from the database to integer (0 or 1) - db_get_boolean(): error out on unknown $CONF[database_type] Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-16 21:41:27 UTC (rev 1207) +++ trunk/functions.inc.php 2011-10-16 22:19:55 UTC (rev 1208) @@ -1562,9 +1562,36 @@ return 1; } return 0; + } else { + die('Unknown value in $CONF[database_type]'); } } +/** + * Converts a boolean value from the database internal format to integer (0 or 1) + * Currently only PostgreSQL and MySQL are supported. + * @param string $bool (REQUIRED) + * @return int + */ +function db_boolean_to_int($bool) { + global $CONF; + + if($CONF['database_type']=='pgsql') { + // return either true or false (unquoted strings) + if($bool == 't') { + return 1; + } + return 0; + } elseif($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') { + if($bool) { + return 1; + } + return 0; + } else { + die('Unknown value in $CONF[database_type]'); + } +} + // // db_query // Action: Sends a query to the database and returns query result and number of rows This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-10-19 15:25:39
|
Revision: 1222 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1222&view=rev Author: christian_boltz Date: 2011-10-19 15:25:33 +0000 (Wed, 19 Oct 2011) Log Message: ----------- functions.inc.php: - db_get_boolean(): allow 0 and 1 as parameters, not only boolean true/false Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-18 23:25:14 UTC (rev 1221) +++ trunk/functions.inc.php 2011-10-19 15:25:33 UTC (rev 1222) @@ -1546,7 +1546,7 @@ * @return String or int as appropriate. */ function db_get_boolean($bool) { - if(!is_bool($bool)) { + if(! (is_bool($bool) || $bool == '0' || $bool == '1') ) { die("Invalid usage of 'db_get_boolean($bool)'"); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-10-20 12:13:48
|
Revision: 1227 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1227&view=rev Author: christian_boltz Date: 2011-10-20 12:13:39 +0000 (Thu, 20 Oct 2011) Log Message: ----------- functions.inc.php - smtp_mail(): - error_log() the error message if fsockopen() fails Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-19 21:26:31 UTC (rev 1226) +++ trunk/functions.inc.php 2011-10-20 12:13:39 UTC (rev 1227) @@ -1404,6 +1404,7 @@ $fh = @fsockopen ($smtpd_server, $smtpd_port, $errno, $errstr, $timeout); if (!$fh) { + error_log("fsockopen failed - errno: $errno - errstr: $errstr"); return false; } else { $res = smtp_get_response($fh); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-10-24 22:06:50
|
Revision: 1234 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1234&view=rev Author: christian_boltz Date: 2011-10-24 22:06:44 +0000 (Mon, 24 Oct 2011) Log Message: ----------- functions.inc.php: - pacol(): use Lang::read instead of global $PALANG (which is undefined when called from a *Handler class) Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-24 00:09:31 UTC (rev 1233) +++ trunk/functions.inc.php 2011-10-24 22:06:44 UTC (rev 1234) @@ -406,11 +406,9 @@ * @return array for $struct */ function pacol($allow_editing, $display_in_form, $display_in_list, $type, $PALANG_label, $PALANG_desc, $default = "", $options = array(), $not_in_db=0, $select="", $extrafrom="") { - global $PALANG; + if ($PALANG_label != '') $PALANG_label = Lang::Read($PALANG_label); + if ($PALANG_desc != '') $PALANG_desc = Lang::Read($PALANG_desc ); - if ($PALANG_label != '') $PALANG_label = $PALANG[$PALANG_label]; - if ($PALANG_desc != '') $PALANG_desc = $PALANG[$PALANG_desc ]; - return array( 'editable' => $allow_editing, 'display_in_form' => $display_in_form, This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2011-10-24 23:09:14
|
Revision: 1241 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1241&view=rev Author: GingerDog Date: 2011-10-24 23:09:08 +0000 (Mon, 24 Oct 2011) Log Message: ----------- if we are going to write out an sql error message we might as well include the full query Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-24 23:08:46 UTC (rev 1240) +++ trunk/functions.inc.php 2011-10-24 23:09:08 UTC (rev 1241) @@ -1611,12 +1611,12 @@ if (!is_resource($link)) $link = db_connect (); if ($CONF['database_type'] == "mysql") $result = @mysql_query ($query, $link) - or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query: " . mysql_error($link) . "$DEBUG_TEXT"; + or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query ($query) : " . mysql_error($link) . "$DEBUG_TEXT"; if ($CONF['database_type'] == "mysqli") $result = @mysqli_query ($link, $query) - or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error($link) . "$DEBUG_TEXT"; + or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query ($query) : " . mysqli_error($link) . "$DEBUG_TEXT"; if ($CONF['database_type'] == "pgsql") { $result = @pg_query ($link, $query) - or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query: " . pg_last_error() . "$DEBUG_TEXT"; + or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query ($query): " . pg_last_error() . "$DEBUG_TEXT"; } if ($error_text != "" && $ignore_errors == 0) die($error_text); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-10-29 22:58:14
|
Revision: 1248 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1248&view=rev Author: christian_boltz Date: 2011-10-29 22:58:08 +0000 (Sat, 29 Oct 2011) Log Message: ----------- functions.inc.php: - get_domain_properties(): use DomainHandler (function result mostly unchanged, only difference: instead of quota_sum in bytes it now returns total_quota in MB) - allowed_quota(): adopt to slightly changed return value of get_domain_properties() Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-10-29 22:29:16 UTC (rev 1247) +++ trunk/functions.inc.php 2011-10-29 22:58:08 UTC (rev 1248) @@ -431,52 +431,18 @@ // Call: get_domain_properties (string domain) // function get_domain_properties ($domain) { - global $CONF; - global $table_alias, $table_mailbox, $table_domain; - $list = array (); - $result = db_query ("SELECT COUNT(*) FROM $table_alias WHERE domain='$domain'"); - - $row = db_row ($result['result']); - $list['alias_count'] = $row[0]; - - $result = db_query ("SELECT COUNT(*) FROM $table_mailbox WHERE domain='$domain'"); - $row = db_row ($result['result']); - $list['mailbox_count'] = $row[0]; - - $result = db_query ("SELECT SUM(quota) FROM $table_mailbox WHERE domain='$domain'"); - $row = db_row ($result['result']); - $list['quota_sum'] = $row[0]; - $list['alias_count'] = $list['alias_count'] - $list['mailbox_count']; - - $query="SELECT * FROM $table_domain WHERE domain='$domain'"; - if ('pgsql'==$CONF['database_type']) { - $query=" SELECT *, EXTRACT(epoch FROM created) AS uts_created, EXTRACT(epoch FROM modified) AS uts_modified FROM $table_domain WHERE domain='$domain' "; + $handler = new DomainHandler(); + if (!$handler->init($domain)) { + die("Error: " . join("\n", $handler->errormsg)); } - $result = db_query ($query); - $row = db_array ($result['result']); - $list['description'] = $row['description']; - $list['aliases'] = $row['aliases']; - $list['mailboxes'] = $row['mailboxes']; - $list['maxquota'] = $row['maxquota']; - $list['quota'] = $row['quota']; - $list['transport'] = $row['transport']; - $list['backupmx'] = $row['backupmx']; - $list['created'] = $row['created']; - $list['modified'] = $row['modified']; - $list['active'] = $row['active']; - if ($CONF['database_type'] == "pgsql") { - $list['active']=('t'==$row['active']) ? 1 : 0; - $list['backupmx']=('t'==$row['backupmx']) ? 1 : 0; - $list['created']= gmstrftime('%c %Z',$row['uts_created']); - $list['modified']= gmstrftime('%c %Z',$row['uts_modified']); - } else { - $list['active'] = $row['active']; - $list['backupmx'] = $row['backupmx']; + if (!$handler->view()) { + die("Error: " . join("\n", $handler->errormsg)); } - return $list; + $result = $handler->return; + return $result; } @@ -717,7 +683,7 @@ $tMaxquota = $domain_properties['maxquota']; if (boolconf('domain_quota') && $domain_properties['quota']) { - $dquota = $domain_properties['quota'] - divide_quota($domain_properties['quota_sum'] - $current_user_quota); + $dquota = $domain_properties['quota'] - $domain_properties['total_quota'] + divide_quota($current_user_quota); if ($dquota < $tMaxquota) { $tMaxquota = $dquota; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-11-12 19:48:34
|
Revision: 1264 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1264&view=rev Author: christian_boltz Date: 2011-11-12 19:48:27 +0000 (Sat, 12 Nov 2011) Log Message: ----------- functions.inc.php: - get_admin_properties(): escape_string $username instead of relying on the calling code to pre-escape it Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-11-05 18:20:19 UTC (rev 1263) +++ trunk/functions.inc.php 2011-11-12 19:48:27 UTC (rev 1264) @@ -888,16 +888,18 @@ global $table_admin, $table_domain_admins; $list = array (); - $result = db_query ("SELECT * FROM $table_domain_admins WHERE username='$username' AND domain='ALL'"); + $E_username = escape_string($username); + + $result = db_query ("SELECT * FROM $table_domain_admins WHERE username='$E_username' AND domain='ALL'"); if ($result['rows'] == 1) { $list['domain_count'] = 'ALL'; } else { - $result = db_query ("SELECT COUNT(*) FROM $table_domain_admins WHERE username='$username'"); + $result = db_query ("SELECT COUNT(*) FROM $table_domain_admins WHERE username='$E_username'"); $row = db_row ($result['result']); $list['domain_count'] = $row[0]; } - $query = "SELECT * FROM $table_admin WHERE username='$username'"; + $query = "SELECT * FROM $table_admin WHERE username='$E_username'"; if ('pgsql'==$CONF['database_type']) { $query=" SELECT @@ -905,7 +907,7 @@ EXTRACT(epoch FROM created) AS uts_created, EXTRACT (epoch FROM modified) AS uts_modified FROM $table_admin - WHERE username='$username' + WHERE username='$E_username' "; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-11-12 20:44:41
|
Revision: 1265 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1265&view=rev Author: christian_boltz Date: 2011-11-12 20:44:35 +0000 (Sat, 12 Nov 2011) Log Message: ----------- functions.inc.php - list_domains_for_admin(): - rewrite to work for superadmins also (will list all domains now instead of "ALL"), which means we can drop the admin vs. superadmin check at various places - escape_string $username Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-11-12 19:48:27 UTC (rev 1264) +++ trunk/functions.inc.php 2011-11-12 20:44:35 UTC (rev 1265) @@ -773,17 +773,24 @@ function list_domains_for_admin ($username) { global $CONF; global $table_domain, $table_domain_admins; + + $E_username = escape_string($username); + + $query = "SELECT $table_domain.domain FROM $table_domain "; + $condition[] = "$table_domain.domain != 'ALL'"; + + $result = db_query ("SELECT username FROM $table_domain_admins WHERE username='$E_username' AND domain='ALL'"); + if ($result['rows'] < 1) { # not a superadmin + $query .= " LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain "; + $condition[] = "$table_domain_admins.username='$E_username' "; + $condition[] = "$table_domain.active='" . db_get_boolean(true) . "'"; # TODO: does it really make sense to exclude inactive... + $condition[] = "$table_domain.backupmx='" . db_get_boolean(False) . "'"; # TODO: ... and backupmx domains for non-superadmins? + } + + $query .= " WHERE " . join(' AND ', $condition); + $query .= " ORDER BY $table_domain.domain"; + $list = array (); - // does $username need escaping here? - $active_sql = db_get_boolean(True); - $backupmx_sql = db_get_boolean(False); - $query = "SELECT $table_domain.domain, $table_domain_admins.username FROM $table_domain - LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain - WHERE $table_domain_admins.username='$username' - AND $table_domain.active='$active_sql' - AND $table_domain.backupmx='$backupmx_sql' - ORDER BY $table_domain_admins.domain"; - $result = db_query ($query); if ($result['rows'] > 0) { $i = 0; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2011-11-27 21:24:36
|
Revision: 1285 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1285&view=rev Author: christian_boltz Date: 2011-11-27 21:24:29 +0000 (Sun, 27 Nov 2011) Log Message: ----------- functions.inc.php: - db_delete(): allow to specify additional conditions for the WHERE clause Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2011-11-27 21:23:36 UTC (rev 1284) +++ trunk/functions.inc.php 2011-11-27 21:24:29 UTC (rev 1285) @@ -1624,9 +1624,9 @@ // Action: Deletes a row from a specified table // Call: db_delete (string table, string where, string delete) // -function db_delete ($table,$where,$delete) { +function db_delete ($table,$where,$delete,$additionalwhere='') { $table = table_by_key($table); - $query = "DELETE FROM $table WHERE " . escape_string($where) . "='" . escape_string($delete) . "'"; + $query = "DELETE FROM $table WHERE " . escape_string($where) . "='" . escape_string($delete) . "' " . $additionalwhere; $result = db_query ($query); if ($result['rows'] >= 1) { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <Gin...@us...> - 2012-01-10 23:03:44
|
Revision: 1327 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1327&view=rev Author: GingerDog Date: 2012-01-10 23:03:38 +0000 (Tue, 10 Jan 2012) Log Message: ----------- fix sql injection in pacrypt() when mysql_crypt is in use; see previous commits etc esp in the 2.3 branch Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-01-10 22:55:09 UTC (rev 1326) +++ trunk/functions.inc.php 2012-01-10 23:03:38 UTC (rev 1327) @@ -1099,6 +1099,7 @@ // See https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583 // this is apparently useful for pam_mysql etc. elseif ($CONF['encrypt'] == 'mysql_encrypt') { + $pw = escape_string($pw); if ($pw_db!="") { $salt=substr($pw_db,0,2); $res=db_query("SELECT ENCRYPT('".$pw."','".$salt."');"); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-01-11 18:41:09
|
Revision: 1328 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1328&view=rev Author: christian_boltz Date: 2012-01-11 18:40:58 +0000 (Wed, 11 Jan 2012) Log Message: ----------- functions.inc.php: - PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin therefore we have to wrap our function (which fortunately gives the same results) with function_exists(). Reported by MadOtis on #postfixadmin Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-01-10 23:03:38 UTC (rev 1327) +++ trunk/functions.inc.php 2012-01-11 18:40:58 UTC (rev 1328) @@ -1252,6 +1252,7 @@ return $salt; } +/**/ if (!function_exists('hex2bin')) { # PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin function hex2bin ($str) { $len = strlen ($str); $nstr = ""; @@ -1261,6 +1262,7 @@ } return $nstr; } +/**/ } function to64 ($v, $n) { $ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-01-15 11:22:07
|
Revision: 1332 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1332&view=rev Author: christian_boltz Date: 2012-01-15 11:22:01 +0000 (Sun, 15 Jan 2012) Log Message: ----------- functions.inc.php: - pacrypt(): escape_string() $salt for mysql_encrypt to be on the safe side Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-01-11 21:46:41 UTC (rev 1331) +++ trunk/functions.inc.php 2012-01-15 11:22:01 UTC (rev 1332) @@ -1101,7 +1101,7 @@ elseif ($CONF['encrypt'] == 'mysql_encrypt') { $pw = escape_string($pw); if ($pw_db!="") { - $salt=substr($pw_db,0,2); + $salt=escape_string(substr($pw_db,0,2)); $res=db_query("SELECT ENCRYPT('".$pw."','".$salt."');"); } else { $res=db_query("SELECT ENCRYPT('".$pw."');"); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-02-03 23:43:52
|
Revision: 1343 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1343&view=rev Author: christian_boltz Date: 2012-02-03 23:43:45 +0000 (Fri, 03 Feb 2012) Log Message: ----------- functions.inc.php - new function remove_from_array() Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-02-02 19:49:30 UTC (rev 1342) +++ trunk/functions.inc.php 2012-02-03 23:43:45 UTC (rev 1343) @@ -1262,6 +1262,23 @@ } return $nstr; } + +/* + * remove item $item from array $array + */ +function remove_from_array($array, $item) { + # array_diff might be faster, but doesn't provide an easy way to know if the value was found or not + # return array_diff($array, array($item)); + $ret = array_search($item, $array); + if ($ret === false) { + $found = 0; + } else { + $found = 1; + unset ($array[$ret]); + } + return array($found, $array); +} + /**/ } function to64 ($v, $n) { This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-04-15 18:58:24
|
Revision: 1368 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1368&view=rev Author: christian_boltz Date: 2012-04-15 18:58:18 +0000 (Sun, 15 Apr 2012) Log Message: ----------- functions.inc.php: - delete leftover comment from (long time deleted) function create_admin() Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-04-09 22:43:30 UTC (rev 1367) +++ trunk/functions.inc.php 2012-04-15 18:58:18 UTC (rev 1368) @@ -2215,18 +2215,6 @@ return $stat_string; } -/* - Called by create-admin.php and setup.php - - Returns: - array( - 'error' => 0, # 0 on success, otherwise > 0 - 'pAdminCreate_admin_message' => '', # success / failure message - 'pAdminCreate_admin_username_text' => '', # help text / error message for username - 'pAdminCreate_admin_password_text' => '' # error message for username - ) - */ - function getRemoteAddr() { $REMOTE_ADDR = 'localhost'; if (isset($_SERVER['REMOTE_ADDR'])) This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-04-15 20:46:35
|
Revision: 1369 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1369&view=rev Author: christian_boltz Date: 2012-04-15 20:46:29 +0000 (Sun, 15 Apr 2012) Log Message: ----------- functions.inc.php: - remove_from_array() was accidently wrapped by if (!function_exists('hex2bin')) Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-04-15 18:58:18 UTC (rev 1368) +++ trunk/functions.inc.php 2012-04-15 20:46:29 UTC (rev 1369) @@ -1262,6 +1262,7 @@ } return $nstr; } +/**/ } /* * remove item $item from array $array @@ -1279,8 +1280,6 @@ return array($found, $array); } -/**/ } - function to64 ($v, $n) { $ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; $ret = ""; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-04-29 13:35:05
|
Revision: 1377 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1377&view=rev Author: christian_boltz Date: 2012-04-29 13:34:59 +0000 (Sun, 29 Apr 2012) Log Message: ----------- functions.inc.php: - delete unused function db_boolean_to_int() Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-04-26 19:57:20 UTC (rev 1376) +++ trunk/functions.inc.php 2012-04-29 13:34:59 UTC (rev 1377) @@ -1497,31 +1497,6 @@ } } -/** - * Converts a boolean value from the database internal format to integer (0 or 1) - * Currently only PostgreSQL and MySQL are supported. - * @param string $bool (REQUIRED) - * @return int - */ -function db_boolean_to_int($bool) { - global $CONF; - - if($CONF['database_type']=='pgsql') { - // return either true or false (unquoted strings) - if($bool == 't') { - return 1; - } - return 0; - } elseif($CONF['database_type'] == 'mysql' || $CONF['database_type'] == 'mysqli') { - if($bool) { - return 1; - } - return 0; - } else { - die('Unknown value in $CONF[database_type]'); - } -} - // // db_query // Action: Sends a query to the database and returns query result and number of rows This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-04-29 14:39:48
|
Revision: 1378 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1378&view=rev Author: christian_boltz Date: 2012-04-29 14:39:41 +0000 (Sun, 29 Apr 2012) Log Message: ----------- functions.inc.php: - _flash_string(): also accept an array of messages, not only a string - comment updates for _flash_info() and flash_error() to reflect this change Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-04-29 13:34:59 UTC (rev 1377) +++ trunk/functions.inc.php 2012-04-29 14:39:41 UTC (rev 1378) @@ -113,7 +113,7 @@ /** * Add an error message for display on the next page that is rendered. - * @param String message to show. + * @param String/Array message(s) to show. * * Stores string in session. Flushed through header template. * @see _flash_string() @@ -124,8 +124,8 @@ /** * Used to display an info message on successful update. - * @param String $string - * Stores data in sessio. + * @param String/Array message(s) to show. + * Stores data in session. * @see _flash_string() */ function flash_info($string) { @@ -135,6 +135,13 @@ * 'Private' method used for flash_info() and flash_error(). */ function _flash_string($type, $string) { + if (is_array($string)) { + foreach ($string as $singlestring) { + _flash_string($type, $singlestring); + return; + } + } + if(!isset($_SESSION['flash'])) { $_SESSION['flash'] = array(); } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-05-11 23:12:09
|
Revision: 1387 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1387&view=rev Author: christian_boltz Date: 2012-05-11 23:12:03 +0000 (Fri, 11 May 2012) Log Message: ----------- functions.inc.php: - create_page_browser(): include MOD(idx.row, $page_size) in outer SELECT. This is needed on some MySQL setups which otherwise return an empty set. Thanks to f-dens_ on IRC for helping to debug it. Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-07 22:53:04 UTC (rev 1386) +++ trunk/functions.inc.php 2012-05-11 23:12:03 UTC (rev 1387) @@ -500,7 +500,7 @@ # get labels for relevant rows (first and last of each page) $page_size_zerobase = $page_size - 1; $query = " - SELECT * FROM ( + SELECT *, MOD(idx.row, $page_size) FROM ( SELECT $idxfield AS label, @row := @row + 1 AS row $querypart ) idx WHERE MOD(idx.row, $page_size) IN (0,$page_size_zerobase) OR idx.row = $count_results "; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-05-13 21:09:09
|
Revision: 1388 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1388&view=rev Author: christian_boltz Date: 2012-05-13 21:09:03 +0000 (Sun, 13 May 2012) Log Message: ----------- functions.inc.php - create_page_browser(): revert r1387 and... - db_query(): ...replace it with the correct fix ;-) (avoid mysqli reconnects) The problem was that db_query() used is_resource() to check if we already have a database connection, but a mysqli connection is an object, not a resource. This resulted in a new database connection for each query. Therefore mysqli "forgot" the value of SET @row before executing the following SELECT query (which used a new mysqli connection). The fix is to also check with is_object() to avoid mysqli reconnects. Revision Links: -------------- http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1387&view=rev Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-11 23:12:03 UTC (rev 1387) +++ trunk/functions.inc.php 2012-05-13 21:09:03 UTC (rev 1388) @@ -500,10 +500,11 @@ # get labels for relevant rows (first and last of each page) $page_size_zerobase = $page_size - 1; $query = " - SELECT *, MOD(idx.row, $page_size) FROM ( + SELECT * FROM ( SELECT $idxfield AS label, @row := @row + 1 AS row $querypart ) idx WHERE MOD(idx.row, $page_size) IN (0,$page_size_zerobase) OR idx.row = $count_results "; + if ('pgsql'==$CONF['database_type']) { $query = " SELECT * FROM ( @@ -1517,7 +1518,8 @@ $error_text = ""; if ($ignore_errors) $DEBUG_TEXT = ""; - if (!is_resource($link)) $link = db_connect (); + # mysql and pgsql $link are resources, mysqli $link is an object + if (! (is_resource($link) || is_object($link) ) ) $link = db_connect (); if ($CONF['database_type'] == "mysql") $result = @mysql_query ($query, $link) or $error_text = "<p />DEBUG INFORMATION:<br />Invalid query ($query) : " . mysql_error($link) . "$DEBUG_TEXT"; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-05-27 19:06:43
|
Revision: 1390 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1390&view=rev Author: christian_boltz Date: 2012-05-27 19:06:37 +0000 (Sun, 27 May 2012) Log Message: ----------- functions.inc.php: - check_email(): don't trim() mail address to avoid that aliases starting with a space are allowed. This fixes https://sourceforge.net/tracker/?func=detail&aid=3066059&group_id=191583&atid=937964 Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-24 11:14:58 UTC (rev 1389) +++ trunk/functions.inc.php 2012-05-27 19:06:37 UTC (rev 1390) @@ -283,7 +283,7 @@ } // Perform non-domain-part sanity checks - if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', trim ($ce_email))) { + if (!preg_match ('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '[^@]+$/i', $ce_email)) { flash_error($PALANG['pInvalidMailRegex']); return false; } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-05-28 17:27:24
|
Revision: 1392 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1392&view=rev Author: christian_boltz Date: 2012-05-28 17:27:17 +0000 (Mon, 28 May 2012) Log Message: ----------- Some things are easier than you might think... functions.inc.php: - create_page_browser(): Fix count() query for pgsql. Fixes https://sourceforge.net/tracker/?func=detail&aid=3292648&group_id=191583&atid=937964 - surprise: the query to actually generate the pagebrowser already works with pgsql :-) Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-28 15:50:25 UTC (rev 1391) +++ trunk/functions.inc.php 2012-05-28 17:27:17 UTC (rev 1392) @@ -478,7 +478,7 @@ } # get number of rows - $query = "SELECT count(*) as counter $querypart"; + $query = "SELECT count(*) as counter FROM (SELECT $idxfield $querypart) AS tmp"; $result = db_query ($query); if ($result['rows'] > 0) { $row = db_array ($result['result']); This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-05-28 17:43:45
|
Revision: 1394 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1394&view=rev Author: christian_boltz Date: 2012-05-28 17:43:39 +0000 (Mon, 28 May 2012) Log Message: ----------- functions.inc.php: - authentication_require_role(): no longer use $CONF['postfix_admin_url'] https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964 Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-28 17:32:49 UTC (rev 1393) +++ trunk/functions.inc.php 2012-05-28 17:43:39 UTC (rev 1394) @@ -89,11 +89,8 @@ if(authentication_has_role($role)) { return True; } - if($role === 'user') { - header("Location: " . $CONF['postfix_admin_url'] . '/users/login.php'); - } else { - header("Location: " . $CONF['postfix_admin_url'] . "/login.php"); - } + + header("Location: ./login.php"); exit(0); } /** This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |
From: <chr...@us...> - 2012-06-02 22:13:33
|
Revision: 1399 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1399&view=rev Author: christian_boltz Date: 2012-06-02 22:13:27 +0000 (Sat, 02 Jun 2012) Log Message: ----------- functions.inc.php: - check_owner(): with AdminHandler, we can get 2 results (ALL + a domain). Relax the check to accept this case. Modified Paths: -------------- trunk/functions.inc.php Modified: trunk/functions.inc.php =================================================================== --- trunk/functions.inc.php 2012-05-28 20:26:43 UTC (rev 1398) +++ trunk/functions.inc.php 2012-06-02 22:13:27 UTC (rev 1399) @@ -720,15 +720,16 @@ $E_username = escape_string($username); $E_domain = escape_string($domain); $result = db_query ("SELECT 1 FROM $table_domain_admins WHERE username='$E_username' AND (domain='$E_domain' OR domain='ALL') AND active='1'"); - if ($result['rows'] != 1) { - if ($result['rows'] > 1) { # "ALL" + specific domain permissions. 2.3 doesn't create such entries, but they are available as leftover from older versions - flash_error("Permission check returned more than one result. Please go to 'edit admin' for your username and press the save " + + if ($result['rows'] == 1 || $result['rows'] == 2) { # "ALL" + specific domain permissions is possible + # TODO: if superadmin, check if given domain exists in the database + return true; + } else { + if ($result['rows'] > 2) { # more than 2 results means something really strange happened... + flash_error("Permission check returned multiple results. Please go to 'edit admin' for your username and press the save " . "button once to fix the database. If this doesn't help, open a bugreport."); - } + } return false; - } else { - return true; - # TODO: if superadmin, check if given domain exists in the database } } This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |