paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #280 from Dennis14e/patch-2 

Fix session bug, formatting, update bootstrap/bootswatch
master
André Peters 2017-05-16 20:11:25 +02:00 committed by GitHub
parent a634774bb8 0d3d9b8c15
commit 73920fbbc0
7 changed files with 468 additions and 458 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
data/web/autoconfig.php
View File

@ -1,7 +1,11 @@
<?php
require_once "inc/vars.inc.php";
if (empty($mailcow_hostname)) { exit(); }
header("Content-Type: application/xml");
require_once 'inc/vars.inc.php';
if (empty($mailcow_hostname)) {
exit();
}
header('Content-Type: application/xml');
?>
<?= '<?xml version="1.0"?>'; ?>
<clientConfig version="1.1">

26
data/web/inc/footer.inc.php
View File

@ -1,6 +1,7 @@
<?php
include("inc/tfa_modals.php");
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin"):
include 'inc/tfa_modals.php';
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'admin'):
?>
<div id="RestartSOGo" class="modal fade" role="dialog">
<div class="modal-dialog">
@ -11,9 +12,9 @@ if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admi
</div>
<div class="modal-body">
<p><?= $lang['footer']['restart_sogo_info']; ?></p>
<hr />
<hr>
<button class="btn btn-md btn-primary" id="triggerRestartSogo"><?= $lang['footer']['restart_now']; ?></button>
<br /><br />
<br><br>
<div id="statusTriggerRestartSogo"></div>
</div>
</div>
@ -32,15 +33,16 @@ endif;
<div class="modal-body">
<p><?= $lang['footer']['delete_these_items']; ?></p>
<ul id="ItemsToDelete"></ul>
<hr />
<hr>
<button class="btn btn-sm btn-danger" id="IsConfirmed"><?= $lang['footer']['delete_now']; ?></button>
<button class="btn btn-sm btn-default" id="isCanceled"><?= $lang['footer']['cancel']; ?></button>
</div>
</div>
</div>
</div>
<div style="margin-bottom:100px"></div>
<script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/js/bootstrap.min.js"></script>
<div style="margin-bottom: 100px;"></div>
<script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous"></script>
<script src="/js/bootstrap-switch.min.js"></script>
<script src="/js/bootstrap-slider.min.js"></script>
<script src="/js/bootstrap-select.min.js"></script>
@ -209,7 +211,7 @@ $(document).ready(function() {
},
success: function(data) {
$('#statusTriggerRestartSogo').append(data);
$('#statusTriggerRestartSogo').append('<br />Starting SOGo... ');
$('#statusTriggerRestartSogo').append('<br>Starting SOGo...');
$.ajax({
method: 'get',
url: 'call_sogo_ctrl.php',
@ -225,10 +227,14 @@ $(document).ready(function() {
}
});
});
$("<input type='hidden' value='<?=$_SESSION['CSRF']['TOKEN'];?>' />").attr("id", "csrf_token").attr("name", "csrf_token").appendTo("form");
// CSRF
$('<input type="hidden" value="<?= $_SESSION['CSRF']['TOKEN']; ?>">').attr('id', 'csrf_token').attr('name', 'csrf_token').appendTo('form');
});
</script>
</body>
</html>
<?php $stmt = null; $pdo = null; ?>
<?php
$stmt = null;
$pdo = null;

53
data/web/inc/header.inc.php
View File

@ -6,12 +6,12 @@
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>mailcow UI</title>
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js" integrity="sha256-3Jy/GbSLrg0o9y5Z5n1uw0qxZECH7C6OQpVBgNFYa0g=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js" integrity="sha256-g6iAfvZp+nDQ2TdTR/VVKJf3bGro4ub5fvWSWVRi2NE=" crossorigin="anonymous"></script>
<![endif]-->
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.0/jquery.min.js" integrity="sha384-XxcvoeNF5V0ZfksTnV+bejnCsJjOOIzN6UVwF85WBsAnU3zeYh5bloN+L4WLgeNE" crossorigin="anonymous"></script>
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.6/css/bootstrap.min.css">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.6/<?=strtolower(trim($DEFAULT_THEME));?>/bootstrap.min.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js" integrity="sha256-ZosEbRLbNQzLpnKIkEdrPv7lOy9C27hHQ+Xp8a4MxAQ=" crossorigin="anonymous"></script>
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous">
<link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.7/<?= strtolower(trim($DEFAULT_THEME)); ?>/bootstrap.min.css">
<link rel="stylesheet" href="/css/bootstrap-select.min.css">
<link rel="stylesheet" href="/css/bootstrap-slider.min.css">
<link rel="stylesheet" href="/css/bootstrap-switch.min.css">
@ -24,7 +24,7 @@
<link rel="shortcut icon" href="/favicon.png" type="image/png">
<link rel="icon" href="/favicon.png" type="image/png">
</head>
<body style="padding-top:70px">
<body style="padding-top: 70px;">
<nav class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
@ -34,7 +34,7 @@
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/"><img height="32" alt="mailcow-logo" style="margin-top:-5px;" src="/img/cow_mailcow.svg" /></a>
<a class="navbar-brand" href="/"><img height="32" alt="mailcow-logo" style="margin-top: -5px;" src="/img/cow_mailcow.svg"></a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
@ -44,12 +44,13 @@
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><span class="lang-sm lang-lbl" lang="<?= $_SESSION['mailcow_locale']; ?>"></span><span class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li <?=($_SESSION['mailcow_locale'] == 'de') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "de"))) ?>"><span class="lang-xs lang-lbl-full" lang="de"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'en') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "en"))) ?>"><span class="lang-xs lang-lbl-full" lang="en"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'es') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "es"))) ?>"><span class="lang-xs lang-lbl-full" lang="es"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'nl') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "nl"))) ?>"><span class="lang-xs lang-lbl-full" lang="nl"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'pt') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "pt"))) ?>"><span class="lang-xs lang-lbl-full" lang="pt"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'ru') ? 'class="active"' : ''?>> <a href="?<?= http_build_query(array_merge($_GET, array("lang" => "ru"))) ?>"><span class="lang-xs lang-lbl-full" lang="ru"></span></a></li>
<?php
foreach ($AVAILABLE_LANGUAGES as $language) {
?>
<li<?= ($_SESSION['mailcow_locale'] == $language) ? ' class="active"' : ''; ?>><a href="?<?= http_build_query(array_merge($_GET, array('lang' => $language))); ?>"><span class="lang-xs lang-lbl-full" lang="<?= $language; ?>"></span></a></li>
<?php
}
?>
</ul>
</li>
<?php
@ -61,19 +62,19 @@
<ul class="dropdown-menu" role="menu">
<?php
if (isset($_SESSION['mailcow_cc_role'])) {
if ($_SESSION['mailcow_cc_role'] == "admin") {
if ($_SESSION['mailcow_cc_role'] == 'admin') {
?>
<li <?=(preg_match("/admin/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/admin.php"><?=$lang['header']['administration'];?></a></li>
<li<?= (preg_match("/admin/i", $_SERVER['REQUEST_URI'])) ? ' class="active"' : ''; ?>><a href="/admin.php"><?= $lang['header']['administration']; ?></a></li>
<?php
}
if ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin") {
if ($_SESSION['mailcow_cc_role'] == 'admin' || $_SESSION['mailcow_cc_role'] == 'domainadmin') {
?>
<li <?=(preg_match("/mailbox/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/mailbox.php"><?=$lang['header']['mailboxes'];?></a></li>
<li<?= (preg_match("/mailbox/i", $_SERVER['REQUEST_URI'])) ? ' class="active"' : ''; ?>><a href="/mailbox.php"><?= $lang['header']['mailboxes']; ?></a></li>
<?php
}
if ($_SESSION['mailcow_cc_role'] != "admin") {
if ($_SESSION['mailcow_cc_role'] != 'admin') {
?>
<li <?=(preg_match("/user/i", $_SERVER['REQUEST_URI'])) ? 'class="active"' : ''?>><a href="/user.php"><?=$lang['header']['user_settings'];?></a></li>
<li<?= (preg_match("/user/i", $_SERVER['REQUEST_URI'])) ? ' class="active"' : ''; ?>><a href="/user.php"><?= $lang['header']['user_settings']; ?></a></li>
<?php
}
}
@ -81,11 +82,11 @@
</ul>
</li>
<?php
if ($_SESSION['mailcow_cc_role'] == "admin"):
if ($_SESSION['mailcow_cc_role'] == 'admin') {
?>
<li><a href data-toggle="modal" data-target="#RestartSOGo"><span style="font-size:12px" class="glyphicon glyphicon-refresh" aria-hidden="true"></span> <?=$lang['header']['restart_sogo'];?></a></li>
<li><a href data-toggle="modal" data-target="#RestartSOGo"><span style="font-size: 12px;" class="glyphicon glyphicon-refresh" aria-hidden="true"></span> <?= $lang['header']['restart_sogo']; ?></a></li>
<?php
endif;
}
?>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><span class="glyphicon glyphicon-link" aria-hidden="true"></span> Apps <span class="caret"></span></a>
@ -101,13 +102,13 @@
</li>
<?php
}
if (!isset($_SESSION["dual-login"]) && isset($_SESSION['mailcow_cc_username'])):
if (!isset($_SESSION['dual-login']) && isset($_SESSION['mailcow_cc_username'])):
?>
<li><a style="border-left:1px solid #E7E7E7" href="#" onclick="logout.submit()"><?=sprintf($lang['header']['logged_in_as_logout'], $_SESSION['mailcow_cc_username']);?></a></li>
<li><a href="#" style="border-left: 1px solid #E7E7E7;" onclick="logout.submit()"><?= sprintf($lang['header']['logged_in_as_logout'], $_SESSION['mailcow_cc_username']); ?></a></li>
<?php
elseif (isset($_SESSION["dual-login"])):
elseif (isset($_SESSION['dual-login'])):
?>
<li><a style="border-left:1px solid #E7E7E7" href="#" onclick="logout.submit()"><?=sprintf($lang['header']['logged_in_as_logout_dual'], $_SESSION['mailcow_cc_username'], $_SESSION["dual-login"]["username"]);?></a></li>
<li><a href="#" style="border-left: 1px solid #E7E7E7;" onclick="logout.submit()"><?= sprintf($lang['header']['logged_in_as_logout_dual'], $_SESSION['mailcow_cc_username'], $_SESSION['dual-login']['username']); ?></a></li>
<?php
endif;
?>

2
data/web/inc/sessions.inc.php
View File

@ -13,7 +13,7 @@ elseif (isset($_SERVER['HTTPS'])) {
else {
$IS_HTTPS = false;
}
session_set_cookie_params($GLOBALS['SESSION_LIFETIME'], '/', $_SERVER['SERVER_NAME'], $IS_HTTPS, true);
session_set_cookie_params($GLOBALS['SESSION_LIFETIME'], '/', '', $IS_HTTPS, true);
session_start();
if (!isset($_SESSION['CSRF']['TOKEN'])) {
$_SESSION['CSRF']['TOKEN'] = bin2hex(random_bytes(32));

18
data/web/inc/vars.inc.php
View File

@ -9,8 +9,8 @@ This file will be reset on upgrades.
*/
// SQL database connection variables
$database_type = "mysql";
$database_host = "mysql";
$database_type = 'mysql';
$database_host = 'mysql';
$database_user = getenv('DBUSER');
$database_pass = getenv('DBPASS');
$database_name = getenv('DBNAME');
@ -21,23 +21,23 @@ $mailcow_hostname = getenv('MAILCOW_HOSTNAME');
// Where to go after adding and editing objects
// Can be "form" or "previous"
// "form" will stay in the current form, "previous" will redirect to previous page
$FORM_ACTION = "previous";
$FORM_ACTION = 'previous';
// File locations should not be changed
$MC_DKIM_TXTS = "/data/dkim/txt";
$MC_DKIM_KEYS = "/data/dkim/keys";
$MC_DKIM_TXTS = '/data/dkim/txt';
$MC_DKIM_KEYS = '/data/dkim/keys';
// Change default language, "de", "en", "es", "nl", "pt", "ru"
$DEFAULT_LANG = "en";
$DEFAULT_LANG = 'en';
// Available languages
$AVAILABLE_LANGUAGES = array("de", "en", "es", "nl", "pt", "ru");
$AVAILABLE_LANGUAGES = array('de', 'en', 'es', 'nl', 'pt', 'ru');
// Change theme (default: lumen)
// Needs to be one of those: cerulean, cosmo, cyborg, darkly, flatly, journal, lumen, paper, readable, sandstone,
// simplex, slate, spacelab, superhero, united, yeti
// See https://bootswatch.com/
$DEFAULT_THEME = "lumen";
$DEFAULT_THEME = 'lumen';
// Password complexity as regular expression
$PASSWD_REGEP = '.{4,}';
@ -59,5 +59,3 @@ $PAGINATION_SIZE = 10;
// Session lifetime in seconds
$SESSION_LIFETIME = 3600;
?>

39
data/web/index.php
View File

@ -1,19 +1,20 @@
<?php
require_once("inc/prerequisites.inc.php");
require_once 'inc/prerequisites.inc.php';
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'admin') {
header('Location: /admin.php');
exit();
}
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "domainadmin") {
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'domainadmin') {
header('Location: /mailbox.php');
exit();
}
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "user") {
elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == 'user') {
header('Location: /user.php');
exit();
}
require_once("inc/header.inc.php");
require_once 'inc/header.inc.php';
$_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
?>
<div class="container">
@ -22,7 +23,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
<div class="panel panel-default">
<div class="panel-heading"><span class="glyphicon glyphicon-user" aria-hidden="true"></span> <?= $lang['login']['login']; ?></div>
<div class="panel-body">
<center><img style="max-width:250px" src="/img/cow_mailcow.svg" alt="mailcow"></center>
<div class="text-center"><img style="max-width: 250px;" src="/img/cow_mailcow.svg" alt="mailcow"></div>
<legend>mailcow UI</legend>
<form method="post" autofill="off">
<div class="form-group">
@ -46,18 +47,19 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
<span class="lang-sm lang-lbl" lang="<?= $_SESSION['mailcow_locale']; ?>"></span> <span class="caret"></span>
</button>
<ul class="dropdown-menu">
<li <?=($_SESSION['mailcow_locale'] == 'de') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "de"))) ?>"><span class="lang-xs lang-lbl-full" lang="de"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'en') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "en"))) ?>"><span class="lang-xs lang-lbl-full" lang="en"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'es') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "es"))) ?>"><span class="lang-xs lang-lbl-full" lang="es"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'nl') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "nl"))) ?>"><span class="lang-xs lang-lbl-full" lang="nl"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'pt') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "pt"))) ?>"><span class="lang-xs lang-lbl-full" lang="pt"></span></a></li>
<li <?=($_SESSION['mailcow_locale'] == 'ru') ? 'class="active"' : ''?>><a href="?<?= http_build_query(array_merge($_GET, array("lang" => "ru"))) ?>"><span class="lang-xs lang-lbl-full" lang="ru"></span></a></li>
<?php
foreach ($AVAILABLE_LANGUAGES as $language):
?>
<li<?= ($_SESSION['mailcow_locale'] == $language) ? ' class="active"' : ''; ?>><a href="?<?= http_build_query(array_merge($_GET, array('lang' => $language))) ?>"><span class="lang-xs lang-lbl-full" lang="<?= $language; ?>"></span></a></li>
<?php
endforeach;
?>
</ul>
</div>
</div>
</form>
<?php
if (isset($_SESSION['ldelay']) && $_SESSION['ldelay'] != "0"):
if (isset($_SESSION['ldelay']) && $_SESSION['ldelay'] != '0'):
?>
<p><div class="alert alert-info"><?= sprintf($lang['login']['delayed'], $_SESSION['ldelay']); ?></b></div></p>
<?php
@ -75,23 +77,22 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
</div>
</div>
<div class="col-md-offset-3 col-md-6">
<div class="panel panel-default" style="">
<div class="panel panel-default">
<div class="panel-heading">
<a data-toggle="collapse" href="#collapse1"><span class="glyphicon glyphicon-question-sign" aria-hidden="true"></span> <?= $lang['start']['help']; ?></a>
</div>
<div id="collapse1" class="panel-collapse collapse">
<div class="panel-body">
<p><span style="border-bottom: 1px dotted #999">mailcow UI</span></p>
<p><span style="border-bottom: 1px dotted #999;">mailcow UI</span></p>
<p><?= $lang['start']['mailcow_panel_detail']; ?></p>
<p><span style="border-bottom: 1px dotted #999">mailcow Apps</span></p>
<p><span style="border-bottom: 1px dotted #999;">mailcow Apps</span></p>
<p><?= $lang['start']['mailcow_apps_detail']; ?></p>
</div>
</div>
</div>
</div>
</div>
</div> <!-- /container -->
</div><!-- /.container -->
<script src="js/index.js"></script>
<?php
require_once("inc/footer.inc.php");
?>
require_once 'inc/footer.inc.php';