David Goodwin
7d04685d40
version 3.3.8 changelog / version number
5 years ago
David Goodwin
1a9d9847f5
bump version
5 years ago
David Goodwin
5aee2ca4f8
update CHANGELOG and version
5 years ago
David Goodwin
96a022747c
release 3.3.5 perhaps
5 years ago
David Goodwin
97ae019e10
remove duplication; comment out the length_check password_verify rule as we already have /.{5}/
5 years ago
David Goodwin
e15d9abe06
improve comment, fix return value in callable for password_verify.
5 years ago
David Goodwin
dd6616bbb2
bump version number
5 years ago
David Goodwin
a1025b4760
and trim string before length check
5 years ago
David Goodwin
2acdcdbd75
see : https://github.com/postfixadmin/postfixadmin/issues/423 - change password length check behaviour
5 years ago
David Goodwin
6d101b79e6
bump version numbers/changelog for 3.3.4
5 years ago
David Goodwin
c6a8117e82
improve doc comment - see https://github.com/postfixadmin/postfixadmin/issues/423
5 years ago
David Goodwin
41531b8bf2
3.3.3 release
5 years ago
David Goodwin
728fc45d38
bump version number
5 years ago
David Goodwin
7090b5af75
changes to pacrypt to support a prefix like {SHA265-CRYPT} on a hash - @see https://github.com/postfixadmin/postfixadmin/issues/344
6 years ago
David Goodwin
cc23eba9dd
bump version number
5 years ago
David Goodwin
2bf8e4af08
bump version number
5 years ago
David Goodwin
d833f6bec8
bump version number
5 years ago
David Goodwin
750838d7f7
psalm fixes; make safepost()/safeget() return strings
5 years ago
David Goodwin
b8fa60bb8a
more type hints / psalm fixes
5 years ago
David Goodwin
8abde0dc0b
move $version into $CONF / Config from functions.inc.php
5 years ago
David Goodwin
6ad44679a7
change default theme to the bootstrap one
5 years ago
David Goodwin
3b9d8f867e
merge sha512.b64 encrypt support - see https://github.com/postfixadmin/postfixadmin/issues/58
6 years ago
David Goodwin
a4afebbe77
verify ssl certs when connecting to the db by default (we also do if this setting is not present)
6 years ago
David Goodwin
212415db56
document better
6 years ago
Christian Boltz
3d0add075a
Add empty $CONF['database_socket'] to avoid warnings
... about reading an undefined config option
6 years ago
David Goodwin
52e0d3e4b0
work around nano highlighting - see https://github.com/postfixadmin/postfixadmin/issues/320
6 years ago
David Goodwin
87824ef970
psalm fixes/workarounds; require PHP 5.6+
6 years ago
gotty
13549cea0f
Favicon config and ru_lang:
1. Favicon configuration of the project:
a. Fixed incorrect link to favicon from the subfolder /users/
b. Added ability to set favicon via config
2. Completed translation of all string constants into Russian language.
6 years ago
David Goodwin
758ccb9a19
add note in config for mailbox subdir creation requiring imap extension
7 years ago
Felix Ableitner
a46245eecc
Add config option for TLS
7 years ago
Felix Ableitner
600248e955
Add option to use smtp password when sending admin emails ( fixes #272 )
7 years ago
Sven Strickroth
56395709f3
Make quota levels configurable
Signed-off-by: Sven Strickroth <email@cs-ware.de>
7 years ago
David Goodwin
cdacb5697f
improve formatting of error message; remove use of db_array (to be removed).
7 years ago
David Goodwin
20b1eb842e
fix sqlite display of password expired check for mailboxes
7 years ago
David Goodwin
766c947190
fix case of $conf; improve comments
7 years ago
David Goodwin
74002bbf57
psalm fixes
7 years ago
Damien Martins
12ce418f79
No need to have password expiration value in config file
8 years ago
Damien Martins
84533224ba
Adds colored indicators for password expired, account disabled and vacation enabled accounts
8 years ago
Damien Martins
d809e0fbf7
Adds colored indicators for password expired, account disabled and vacation enabled accounts
8 years ago
Damien Martins
72dddbc93b
Adds colored indicators for password expired, account disabled and vacation enabled accounts
8 years ago
Damien Martins
e786609aa9
Adding support for password expiration. Please read README.password_expiration for more details
8 years ago
Aleksi Kinnunen
48c19a1cbd
Combine encrypt CONF-keys
Went through the old PR #25 , updated the encrypt rounds/cost setting to be in the encrypt -configuration key as per suggestion from @cboltz
8 years ago
Aleksi Kinnunen
7b16e8a1c2
Add info about php_crypt and encrypt_difficulty to sample config
8 years ago
root
fb3e968cfc
Bootstrap template integration
8 years ago
David Goodwin
f7ba904800
see #171
8 years ago
Christian Boltz
7c38bdd871
add a big notice about using config.local.php
8 years ago
Christian Boltz
3f1866d041
display phone number field only if $CONF[sms_send_function] is set
Without a way to send a SMS, asking users for their mobile number is
pointless.
8 years ago
Lee Clemens
ebbd9025e4
Add support for MySQL connections over SSL
8 years ago
Sylvain Tissot
ffb84283c2
Harden password reset process
The improvements are:
- Die with an explicit message when a user is trying to reset his lost password and the option is disabled in config
- Redirect user to main page after password change using relative URL
- Don't leak info whether user exists or has recovery info defined
- Throttle password reset requests to prevent brute force attacks
- Show phone/alt email fields in mailbox/admin edit form only when the password reset option is enabled
- Make database upgrade code compatible with other databases types
- Use the existing password generator to generate OTP. It is now stored in database, unique to each user, valid only for 1 hour and can only by used once.
9 years ago
David Goodwin
4b999b3f6b
improve mysqli connection settings - see https://github.com/postfixadmin/postfixadmin/issues/73
9 years ago