paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Fix some major errors in app passwds but disable app passwds due to a show stopper... todo: fix asap

master
andryyy 2019-12-02 20:29:01 +01:00
parent ced6867a4e
commit 851e9c8736
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
4 changed files with 34 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
data/web/edit.php
View File

@ -1324,9 +1324,9 @@ if (isset($_SESSION['mailcow_cc_role'])) {
<form class="form-horizontal" data-id="editapp" role="form" method="post">
<input type="hidden" value="0" name="active">
<div class="form-group">
<label class="control-label col-sm-2" for="name">App</label>
<label class="control-label col-sm-2" for="app_name">App</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="name" id="name" value="<?=htmlspecialchars($result['name'], ENT_QUOTES, 'UTF-8');?>" required maxlength="255">
<input type="text" class="form-control" name="app_name" id="app_name" value="<?=htmlspecialchars($result['name'], ENT_QUOTES, 'UTF-8');?>" required maxlength="255">
</div>
</div>
<div class="form-group">

28
data/web/inc/functions.app_passwd.inc.php
View File

@ -21,9 +21,9 @@ function app_passwd($_action, $_data = null) {
}
switch ($_action) {
case 'add':
$name = trim($_data['name']);
$password = $_data['password'];
$password2 = $_data['password2'];
$app_name = trim($_data['app_name']);
$password = $_data['app_passwd'];
$password2 = $_data['app_passwd2'];
$active = intval($_data['active']);
$domain = mailbox('get', 'mailbox_details', $username)['domain'];
if (empty($domain)) {
@ -34,7 +34,6 @@ function app_passwd($_action, $_data = null) {
);
return false;
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
$_SESSION['return'][] = array(
'type' => 'danger',
@ -52,8 +51,7 @@ function app_passwd($_action, $_data = null) {
return false;
}
$password_hashed = hash_password($password);
}
if (empty($name)) {
if (empty($app_name)) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
@ -63,12 +61,12 @@ function app_passwd($_action, $_data = null) {
}
try {
$stmt = $pdo->prepare("INSERT INTO `app_passwd` (`name`, `mailbox`, `domain`, `password`, `active`)
VALUES (:name, :mailbox, :domain, :password, :active)");
VALUES (:app_name, :mailbox, :domain, :password, :active)");
$stmt->execute(array(
':name' => $name,
':mailbox' => $mailbox,
':app_name' => $app_name,
':mailbox' => $username,
':domain' => $domain,
':password' => $password,
':password' => $password_hashed,
':active' => $active
));
}
@ -91,7 +89,7 @@ function app_passwd($_action, $_data = null) {
foreach ($ids as $id) {
$is_now = app_passwd('details', $id);
if (!empty($is_now)) {
$name = (!empty($_data['name'])) ? $_data['name'] : $is_now['name'];
$app_name = (!empty($_data['app_name'])) ? $_data['app_name'] : $is_now['name'];
$password = (!empty($_data['password'])) ? $_data['password'] : null;
$password2 = (!empty($_data['password2'])) ? $_data['password2'] : null;
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active_int'];
@ -100,11 +98,11 @@ function app_passwd($_action, $_data = null) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('settings_map_invalid', $id)
'msg' => array('app_passwd_id_invalid', $id)
);
continue;
}
$name = trim($name);
$app_name = trim($app_name);
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
$_SESSION['return'][] = array(
@ -134,12 +132,12 @@ function app_passwd($_action, $_data = null) {
}
try {
$stmt = $pdo->prepare("UPDATE `app_passwd` SET
`name` = :name,
`name` = :app_name,
`mailbox` = :username,
`active` = :active
WHERE `id` = :id");
$stmt->execute(array(
':name' => $name,
':app_name' => $app_name,
':username' => $username,
':active' => $active,
':id' => $id

4
data/web/modals/user.php
View File

@ -171,7 +171,7 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
<h3 class="modal-title"><?=$lang['add']['app_password'];?></h3>
</div>
<div class="modal-body">
<form class="form-horizontal" data-cached-form="true" role="form" data-id="add_syncjob">
<form class="form-horizontal" data-cached-form="true" role="form" data-id="add_apppasswd">
<div class="form-group">
<label class="control-label col-sm-2" for="app_name"><?=$lang['add']['app_name'];?></label>
<div class="col-sm-10">
@ -200,7 +200,7 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button class="btn btn-default" data-action="add_item" data-id="add_syncjob" data-api-url='add/syncjob' data-api-attr='{}' href="#"><?=$lang['admin']['add'];?></button>
<button class="btn btn-default" data-action="add_item" data-id="add_apppasswd" data-api-url='add/app-passwd' data-api-attr='{}' href="#"><?=$lang['admin']['add'];?></button>
</div>
</div>
</form>

2
data/web/user.php
View File

@ -100,7 +100,7 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<li role="presentation"><a href="#SpamAliases" aria-controls="SpamAliases" role="tab" data-toggle="tab"><?=$lang['user']['spam_aliases'];?></a></li>
<li role="presentation"><a href="#Spamfilter" aria-controls="Spamfilter" role="tab" data-toggle="tab"><?=$lang['user']['spamfilter'];?></a></li>
<li role="presentation"><a href="#Syncjobs" aria-controls="Syncjobs" role="tab" data-toggle="tab"><?=$lang['user']['sync_jobs'];?></a></li>
<li role="presentation"><a href="#AppPasswds" aria-controls="AppPasswds" role="tab" data-toggle="tab"><?=$lang['user']['app_passwds'];?></a></li>
<!-- <li role="presentation"><a href="#AppPasswds" aria-controls="AppPasswds" role="tab" data-toggle="tab"><?=$lang['user']['app_passwds'];?></a></li> -->
</ul>
<hr>