Mirrors
/
postfixadmin
mirror of https://github.com/postfixadmin/postfixadmin.git
3
0
Fork 0
Code Releases Activity
PostfixAdmin - web based virtual user administration interface for Postfix mail servers https://postfixadmin.github.io/postfixadmin/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3331 Commits
12 Branches
66 Tags
21 MiB
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
postfixadmin/common.php

110 lines
3.5 KiB
Raw Permalink Normal View History

final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
move to use the composer autoloader
5 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
change project reference
8 months ago
Reformat everything with PHP-Cs-Fixer
8 years ago
update license headers git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@107 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
common.php - define('POSTFIXADMIN', 1) templates/*.php - check if POSTFIXADMIN is defined to prevent direct access to the template files git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@256 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago
put some sort of warning if a turkish locale is set - see #541
4 years ago
Automatic code style fixes
4 years ago
put some sort of warning if a turkish locale is set - see #541
4 years ago
try relaxing composer dependencies to allow php8.2 dev support, reformat so composer format passes
2 years ago
Automatic code style fixes
4 years ago
put some sort of warning if a turkish locale is set - see #541
4 years ago
be more consistent with how we load common.php, improve comments
5 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
be more consistent with how we load common.php, improve comments
5 years ago
merge patch from https://sourceforge.net/p/postfixadmin/bugs/347/ (thank you Eugene Grosbein) - explictly set session_cache_limiter to nocache git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1792 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
tighten up the cookie used by postfixadmin for PHP sessions - add samesite, httponly and perhaps secure flags, see #903, thanks @gitblacker
11 months ago
formatting
11 months ago
tighten up the cookie used by postfixadmin for PHP sessions - add samesite, httponly and perhaps secure flags, see #903, thanks @gitblacker
11 months ago
rename session cookie With the default PHPSESSID cookie name, there are some rare (and hard to debug) cases that break logging in if a different application on the domain also uses a PHPSESSID cookie. See https://sourceforge.net/p/postfixadmin/bugs/314/ for details. Using 'postfixadmin_session' as cookie name should fix this. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1846 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
login.php, common.php: - when login.php is requested, logout the current admin/user https://sourceforge.net/p/postfixadmin/bugs/284/ git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1568 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
avoid a clickjacking attack reported on huntr.dev by @ranjit-git
5 years ago
add a lax content-security-policy http header - see #905
11 months ago
allow the TOTP qr code to render (relax Content Security Policy to allow img-src: self data)
7 months ago
see changeset:952 ... move php code out of template into here git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@953 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
common.php: ensure we only start a session once git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@325 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago
common.php - define('POSTFIXADMIN', 1) templates/*.php - check if POSTFIXADMIN is defined to prevent direct access to the template files git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@256 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
common.php: - move postfixadmin_autoload() and spl_autoload_register upwards (it's needed earlier after using the Config class in more functions) - call Config::write earlier (as soon as $CONF is complete) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1454 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
common.php: remove requirement to delete setup.php; require $CONF["setup_password"] is changed etc git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@618 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
only require language if non-empty
7 years ago
- read config.inc.php earlier to make the check for $CONF['configured'] == FALSE work git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@136 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
common.php: remove requirement to delete setup.php; require $CONF["setup_password"] is changed etc git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@618 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
only require language if non-empty
7 years ago
skip this check if unit test
7 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
improve error message
7 years ago
common.php: remove requirement to delete setup.php; require $CONF["setup_password"] is changed etc git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@618 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
common.php: ensure $CONF["configured"] is not false git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@130 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
common.php: remove requirement to delete setup.php; require $CONF["setup_password"] is changed etc git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@618 a1433add-5e2c-0410-b055-b7f2511e0802
17 years ago
more type hints / psalm fixes
5 years ago
common.php: - call Config::write() earlier, because check_language() uses it - later add $PALANG with Config::write(__LANG) Thanks to <controlcde> for reporting the results of this bug on IRC (even if I had to hunt it down to find the reason ;-) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1548 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
fix undefined variables (psalm)
6 years ago
more type hints / psalm fixes
5 years ago
Summary: Added language selector to login form functions.inc.php: - function check_language - new optional parameter $use_post (needed by login.php) - check for language cookie - check for $_POST['lang'] - removed substr() call because it made pt-br translation unuseable - new function language_selector - returns a HTML dropdown language selector - new function safecookie - similar to safeget, but for cookies templates/login.php, templates/users_login.php: - display language selector dropdown login.php, users/login.php: - check for selected language - set cookie if user selected non-default language languages/language.php: (NEW FILE) - list of supported languages - language names taken from phpMyAdmin login form common.php: - include languages/language.php git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@280 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
run php-cs-fixer (code reforamt)
7 years ago
only require language if non-empty
7 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
config.inc.php: - new config option $CONF['language_hook'] Hook function to override or add translations to $PALANG. Example hook function included (commented out). common.php: - honor $CONF['language_hook'] scripts/postfixadmin-cli.php: - honor $CONF['language_hook'] - add TODO - language shouldn't be hardcoded to english This implements my feature request at http://sourceforge.net/tracker/?func=detail&aid=3292408&group_id=191583&atid=937967 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1176 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Reformat everything with PHP-Cs-Fixer
8 years ago
config.inc.php: - new config option $CONF['language_hook'] Hook function to override or add translations to $PALANG. Example hook function included (commented out). common.php: - honor $CONF['language_hook'] scripts/postfixadmin-cli.php: - honor $CONF['language_hook'] - add TODO - language shouldn't be hardcoded to english This implements my feature request at http://sourceforge.net/tracker/?func=detail&aid=3292408&group_id=191583&atid=937967 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1176 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
common.php: - call Config::write() earlier, because check_language() uses it - later add $PALANG with Config::write(__LANG) Thanks to <controlcde> for reporting the results of this bug on IRC (even if I had to hunt it down to find the reason ;-) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1548 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
After hunting an "undefined index transport" error in list-domain, I found out that the 'Config' class is too static - it shares its static data with the 'Lang' child class. This caused a conflict because we have $CONF[transport] and $PALANG[transport], and Config::read('transport') returned the $PALANG text. To fix this, all texts are now stored as $CONF[__LANG]. I also dropped the 'Lang' class. model/Config.php: - mark the 'Config' class as final to ensure we don't trap into the "too static" problem again. - bool(): display and log an error message if a $CONF option does not contain YES or NO (that would have uncovered this bug much earlier) - add lang() and lang_f() wrapper functions to get $PALANG texts - remove unused $__cache and $__objects model/Lang.php: - deleted common.php: - store $PALANG as $CONF[__LANG] lots of files: - replace Lang::read() and Lang::read_f() calls with Config::lang() and Config::lang_f() git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
psalm improvements
5 years ago
more type hints / psalm fixes
5 years ago
common.php: - merge with scripts/common.php - don't start/use session in CLI mode - don't load smarty.inc.php in CLI mode - hardcode language to 'en' in CLI mode (was done in postfixadmin-cli.php before) scripts/postfixadmin-cli.php - __bootstrap(): - use common.php instead of scripts/common.php - don't load languages/language.php and languages/en.lang (already done via common.php) - don't call language_hook (already done via common.php) scripts/common.php: - deleted - dropped helper functions low(), up(), r() and pr() which were just shortnames for existing PHP functions git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1214 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
more type hints / psalm fixes
5 years ago
- accidentially deleted header.php. Needed for setup - add some error checks. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@759 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
move public facing stuff into public/, this allows us to stop exposing templates_c/ etc to the world
8 years ago
common.php: - check if setup.php exists before blindly redirecting to it. Display error message if the user has already deleted it. (old behaviour caused some user confusion) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@288 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago
  1. <?php
  3. require_once(dirname(__FILE__) . '/vendor/autoload.php');
  5. /**
  6. * Postfix Admin
  7. *
  8. * LICENSE
  9. * This source file is subject to the GPL license that is bundled with
  10. * this package in the file LICENSE.TXT.
  11. *
  12. * Further details on the project are available at https://github.com/postfixadmin/postfixadmin
  13. *
  14. * @license GNU GPL v2 or later.
  15. *
  16. * File: common.php
  17. * All pages should include this file - which itself sets up the necessary
  18. * environment and ensures other functions are loaded.
  19. */
  21. // See: https://github.com/postfixadmin/postfixadmin/pull/541 - try and check if the user has a turkish locale and warn?
  22. $old = setlocale(LC_ALL, 'C');
  23. if (preg_match('/_TR/i', $old)) {
  24. error_log("WARNING: You may have a Turkish locale set; this breaks the loading of some libraries (Smarty) we depend upon.");
  25. // don't revert back to $old?
  26. } else {
  27. setlocale(LC_ALL, $old); // revert back.
  28. }
  30. if (!defined('POSTFIXADMIN')) {
  31. define('POSTFIXADMIN', 1);
  33. if (!defined('POSTFIXADMIN_CLI')) { // postfixadmin-cli
  34. // this is the default; see also https://sourceforge.net/p/postfixadmin/bugs/347/
  35. session_cache_limiter('nocache');
  37. /**
  38. * @see https://github.com/postfixadmin/postfixadmin/issues/903
  39. */
  40. $cookie_params = session_get_cookie_params();
  41. $cookie_params['samesite'] = 'Strict';
  42. $cookie_params['httponly'] = true;
  43. // Is this worthwhile? a non https request will get a non 'secure' cookie.
  44. if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
  45. $cookie_params['secure'] = true;
  46. }
  47. session_set_cookie_params($cookie_params);
  48. session_name('postfixadmin_session');
  49. session_start();
  51. if (empty($_SESSION['flash'])) {
  52. $_SESSION['flash'] = array();
  53. }
  55. // avoid clickjacking attacks?
  56. header('X-Frame-Options: DENY');
  57. // see https://github.com/postfixadmin/postfixadmin/issues/905
  58. header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:");
  59. }
  60. }
  62. $incpath = dirname(__FILE__);
  64. if (!is_file("$incpath/config.inc.php")) {
  65. die("config.inc.php is missing!");
  66. }
  68. global $CONF;
  70. require_once("$incpath/config.inc.php");
  73. if (isset($CONF['configured']) && !defined('PHPUNIT_TEST')) {
  74. if ($CONF['configured'] == false) {
  75. die("Please edit config.local.php - change \$CONF['configured'] to true after specifying appropriate local settings (database_type etc)");
  76. }
  77. }
  79. Config::getInstance()->setAll($CONF);
  81. $PALANG = [];
  83. require_once("$incpath/languages/language.php");
  84. require_once("$incpath/functions.inc.php");
  86. if (defined('POSTFIXADMIN_CLI')) {
  87. $language = 'en'; # TODO: make configurable or autodetect from locale settings
  88. } else {
  89. $language = check_language(); # TODO: storing the language only at login instead of calling check_language() on every page would save some processor cycles ;-)
  90. $_SESSION['lang'] = $language;
  91. }
  92. if (!empty($language)) {
  93. require_once("$incpath/languages/" . $language . ".lang");
  94. }
  96. if (!empty($CONF['language_hook']) && function_exists($CONF['language_hook'])) {
  97. $hook_func = $CONF['language_hook'];
  98. $PALANG = $hook_func($PALANG, $language);
  99. }
  101. Config::write('__LANG', $PALANG);
  103. if (!defined('POSTFIXADMIN_CLI')) {
  104. if (!isset($PALANG)) {
  105. die("environment not setup correctly");
  106. }
  107. Smarty_Autoloader::register();
  108. }
  110. /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */