From 93663de951a74a617afd872dc579dde7f79962ad Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Wed, 28 Apr 2010 19:28:36 +0000 Subject: [PATCH] suite des modifications majeures pour 1.0 : glossaire, ergonomie etc. --- .gitattributes | 1 - bureau/admin/adm_doms.php | 12 +-- bureau/admin/dom_add.php | 16 +++- bureau/admin/head.php | 4 +- bureau/admin/js/alternc.js | 49 ++++++++++++ bureau/admin/mail_del.php | 2 +- bureau/admin/mail_edit.php | 23 ++++-- bureau/admin/menu_mail.php | 2 +- bureau/admin/sql_bck.php | 2 +- bureau/class/config.php | 1 - bureau/class/functions.php | 82 ++++++++++++++++++++ bureau/class/functions2.php | 69 ---------------- bureau/class/lang_env.php | 4 + bureau/class/local.php | 2 +- bureau/class/m_mail.php | 12 +++ bureau/head.php | 4 +- bureau/locales/fr_FR/LC_MESSAGES/messages.po | 76 ++++++++++-------- debian/changelog | 4 +- 18 files changed, 241 insertions(+), 124 deletions(-) delete mode 100644 bureau/class/functions2.php diff --git a/.gitattributes b/.gitattributes index 61c3a37c..d0ace518 100644 --- a/.gitattributes +++ b/.gitattributes @@ -272,7 +272,6 @@ bureau/class/config_real.php -text bureau/class/db_mysql.php -text bureau/class/export_account.php -text bureau/class/functions.php -text -bureau/class/functions2.php -text bureau/class/lang_env.php -text bureau/class/local.php -text bureau/class/m_admin.php -text diff --git a/bureau/admin/adm_doms.php b/bureau/admin/adm_doms.php index a97b5eeb..bef9f52b 100644 --- a/bureau/admin/adm_doms.php +++ b/bureau/admin/adm_doms.php @@ -53,14 +53,14 @@ $c=$admin->dom_list(true,$forcecheck);

- +

- +

- + + @@ -78,9 +81,6 @@ for($i=0;$i"> - diff --git a/bureau/class/config.php b/bureau/class/config.php index 2956bbc4..fd75876a 100644 --- a/bureau/class/config.php +++ b/bureau/class/config.php @@ -78,7 +78,6 @@ require_once($root."class/local.php"); require_once($root."class/db_mysql.php"); require_once($root."class/functions.php"); -require_once($root."class/functions2.php"); require_once($root."class/variables.php"); // Redirection si appel à https://(!fqdn)/ diff --git a/bureau/class/functions.php b/bureau/class/functions.php index bf7badad..dd41a14f 100644 --- a/bureau/class/functions.php +++ b/bureau/class/functions.php @@ -412,5 +412,87 @@ function eoption($values,$cur,$info="") { } } +/* ECHOes checked="checked" only if the parameter is true + * useful for checkboxes and radio buttons + */ +function checked($bool) { + if ($bool) { + echo " checked=\"checked\""; + } +} + +/* ECHOes selected="selected" only if the parameter is true + * useful for checkboxes and radio buttons + */ +function selected($bool) { + if ($bool) { + echo " selected=\"selected\""; + } +} + +/* Echo the HTMLSpecialChars version of a value. + * Must be called when pre-filling fields values in forms such as : + * + * Use the charset of the current language for transcription + */ +function ehe($str) { + global $charset; + echo htmlspecialchars($str,ENT_COMPAT,$charset); +} + + +/* Get the Fields of the posted form from $_REQUEST or POST or GET + * and check their type + */ +function getFields($fields, $requestOnly = false) { + $vars = array(); + $methodType = array ("get", "post", "request", "files"); + + foreach ($fields AS $name => $options) { + if (in_array($options[0], $methodType) === false) + die ("Illegal method type used for field " . $name . " : " . $options[0]); + + if ($requestOnly === true) + $method = "_REQUEST"; + else + $method = "_" . strtoupper($options[0]); + + switch ($options[1]) { + case "integer": + $vars[$name] = (isset($GLOBALS[$method][$name]) && is_numeric($GLOBALS[$method][$name]) ? intval($GLOBALS[$method][$name]) : $options[2]); + break; + case "float": + $vars[$name] = (isset($GLOBALS[$method][$name]) && is_numeric($GLOBALS[$method][$name]) ? floatval($GLOBALS[$method][$name]) : $options[2]); + break; + case "string": + $vars[$name] = (isset($GLOBALS[$method][$name]) ? trim($GLOBALS[$method][$name]) : $options[2]); + break; + case "array": + $vars[$name] = (isset($GLOBALS[$method][$name]) && is_array($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); + break; + case "boolean": + $vars[$name] = (isset($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); + break; + case "file": + $vars[$name] = (isset($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); + break; + default: + die ("Illegal method type used for field " . $name . " : " . $options[1]); + } + } + + // Insert into $GLOBALS. FIXME : Use stripslashes if the magic_quotes_gpc is ON ! + foreach ($vars AS $var => $value) + $GLOBALS[$var] = $value; + + return $vars; +} + +function printVar($array) { + echo "
\n";
+  print_r($array);
+  echo "
\n"; +} + ?> diff --git a/bureau/class/functions2.php b/bureau/class/functions2.php deleted file mode 100644 index 0913786c..00000000 --- a/bureau/class/functions2.php +++ /dev/null @@ -1,69 +0,0 @@ - $options) - { - if (in_array($options[0], $methodType) === false) - die ("Illegal method type used for field " . $name . " : " . $options[0]); - - if ($requestOnly === true) - $method = "_REQUEST"; - else - $method = "_" . strtoupper($options[0]); - - switch ($options[1]) - { - case "integer": - - $vars[$name] = (isset($GLOBALS[$method][$name]) && is_numeric($GLOBALS[$method][$name]) ? intval($GLOBALS[$method][$name]) : $options[2]); - break; - - case "float": - - $vars[$name] = (isset($GLOBALS[$method][$name]) && is_numeric($GLOBALS[$method][$name]) ? floatval($GLOBALS[$method][$name]) : $options[2]); - break; - - case "string": - - $vars[$name] = (isset($GLOBALS[$method][$name]) ? trim($GLOBALS[$method][$name]) : $options[2]); - break; - - case "array": - - $vars[$name] = (isset($GLOBALS[$method][$name]) && is_array($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); - break; - - case "boolean": - - $vars[$name] = (isset($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); - break; - - case "file": - - $vars[$name] = (isset($GLOBALS[$method][$name]) ? $GLOBALS[$method][$name] : $options[2]); - break; - - default: - die ("Illegal method type used for field " . $name . " : " . $options[1]); - } - } - - // Insert into $GLOBALS - foreach ($vars AS $var => $value) - $GLOBALS[$var] = $value; - - return $vars; -} - -function printVar($array) -{ - echo "
\n";
-	print_r($array);
-	echo "
\n"; -} - -?> \ No newline at end of file diff --git a/bureau/class/lang_env.php b/bureau/class/lang_env.php index 46c22813..27bb7cd8 100644 --- a/bureau/class/lang_env.php +++ b/bureau/class/lang_env.php @@ -59,4 +59,8 @@ putenv("LANGUAGE=".$lang); setlocale(LC_ALL,$lang); textdomain("alternc"); +if (_("") && preg_match("#charset=([A-Za-z0-9\.-]*)#",_(""),$mat)) { + $charset=$mat[1]; + } + ?> diff --git a/bureau/class/local.php b/bureau/class/local.php index 3d565eed..d746ddbe 100644 --- a/bureau/class/local.php +++ b/bureau/class/local.php @@ -1,7 +1,7 @@ 'MX', diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php index ed72cc57..c0297f8f 100644 --- a/bureau/class/m_mail.php +++ b/bureau/class/m_mail.php @@ -271,6 +271,12 @@ class m_mail { $err->raise("mail",15); return false; } + // Check this password against the password policy using common API : + if (is_callable(array($admin,"checkPolicy"))) { + if (!$admin->checkPolicy("pop",$email."@".$dom,$pass)) { + return false; // The error has been raised by checkPolicy() + } + } if (!$this->_updatepop($email,$dom,$pass)) { return false; } @@ -357,6 +363,12 @@ class m_mail { } } if ($pop=="1" && $oldpop==1 && $pass!="") { /* POP Account Edition */ + // Check this password against the password policy using common API : + if (is_callable(array($admin,"checkPolicy"))) { + if (!$admin->checkPolicy("pop",$email."@".$dom,$pass)) { + return false; // The error has been raised by checkPolicy() + } + } if (!$this->_updatepop($email,$dom,$pass)) { return false; } diff --git a/bureau/head.php b/bureau/head.php index 0eb51e70..81f902a8 100644 --- a/bureau/head.php +++ b/bureau/head.php @@ -27,6 +27,8 @@ Purpose of file: ---------------------------------------------------------------------- */ +if (!$charset) $charset="iso-8859-1"; +@header("Content-Type: text/html; charset=$charset"); ?> @@ -41,4 +43,4 @@ sur serveurs mutualis - + diff --git a/bureau/locales/fr_FR/LC_MESSAGES/messages.po b/bureau/locales/fr_FR/LC_MESSAGES/messages.po index d3758426..6696bdda 100644 --- a/bureau/locales/fr_FR/LC_MESSAGES/messages.po +++ b/bureau/locales/fr_FR/LC_MESSAGES/messages.po @@ -424,7 +424,7 @@ msgstr "Compte verrouill #: ../admin/adm_list.php:103 ../admin/adm_list.php:135 msgid "Connect as" -msgstr "Connecter" +msgstr "Connection" #: ../admin/adm_list.php:153 ../admin/adm_list.php:174 #: ../admin/adm_list.php:199 ../admin/adm_list.php:185 @@ -1356,12 +1356,12 @@ msgstr "Ajout d'un mail sur le domaine %s" #: ../admin/mail_add.php:49 ../admin/mail_edit.php:58 ../admin/mail_add.php:52 #: ../admin/mail_edit.php:65 msgid "Is it a POP/IMAP account?" -msgstr "Est-ce un compte POP/IMAP ?" +msgstr "Est-ce un compte POP/IMAP ?" #: ../admin/mail_add.php:50 ../admin/mail_edit.php:59 ../admin/mail_add.php:53 #: ../admin/mail_edit.php:66 -msgid "POP password" -msgstr "Mot de passe POP" +msgid "POP/IMAP password" +msgstr "Mot de passe POP/IMAP" #: ../admin/mail_add.php:52 ../admin/mail_edit.php:61 ../admin/mail_add.php:55 #: ../admin/mail_edit.php:68 @@ -1370,7 +1370,7 @@ msgstr "Autres destinataires" #: ../admin/mail_add.php:52 ../admin/mail_edit.php:61 ../admin/mail_add.php:55 #: ../admin/mail_edit.php:68 -msgid "One email per line" +msgid "one email per line" msgstr "un email par ligne" #: ../admin/mail_add.php:53 ../admin/mail_add.php:56 @@ -1438,17 +1438,17 @@ msgstr "Le mail %s a #: ../admin/mail_edit.php:41 ../admin/mail_edit.php:48 #, php-format -msgid "Edit a mailbox of the domain %s" -msgstr "Modification d'un email du domaine %s" +msgid "Edit an email address of the domain %s" +msgstr "Modification d'une adresse email du domaine %s" #: ../admin/mail_edit.php:57 ../admin/mail_edit.php:64 #, php-format -msgid "Edit the mailbox %s" -msgstr "Modification du mail %s" +msgid "Edit the email address %s" +msgstr "Modification de l'adresse email %s" #: ../admin/mail_edit.php:62 ../admin/mail_edit.php:69 -msgid "Change this mailbox" -msgstr "Modifier cet email" +msgid "Change this email address" +msgstr "Modifier cette adresse email" #: ../admin/mail_edit.php:66 ../admin/mail_edit.php:73 msgid "help_mail_edit" @@ -1470,8 +1470,8 @@ msgstr "" #: ../admin/mail_list.php:42 ../admin/mail_list.php:60 #: ../admin/mail_list.php:49 ../admin/mail_list.php:62 #, php-format -msgid "Mailbox list of the domain %s" -msgstr "Liste des emails du domaine %s" +msgid "Email addresses of the domain %s" +msgstr "Liste des adresses emails du domaine %s" #: ../admin/mail_list.php:47 ../admin/mail_list.php:66 #: ../admin/mail_list.php:54 ../admin/mail_list.php:68 @@ -1706,8 +1706,8 @@ msgstr "Comptes FTP" #: ../admin/menu_mail.php:37 ../admin/menu_mail.php:36 #: ../admin/menu_mail.php:40 -msgid "Mailboxes" -msgstr "Comptes Mails" +msgid "Email Addresses" +msgstr "Adresses email" #: ../admin/menu_mem.php:32 ../admin/menu_mem.php:31 msgid "Settings" @@ -2505,8 +2505,8 @@ msgstr "" "now." #: ../admin/mail_edit.php:58 ../admin/mail_edit.php:65 -msgid "WARNING: turning POP off will DELETE the mailbox and its content" -msgstr "" +msgid "WARNING: turning POP/IMAP off will DELETE the stored messages in this email address. This email address will become a simple redirection." +msgstr "ATTENTION : Choisir 'Non' ici supprimera les messages stockés dans cette adresse email. L'adresse email sera transformée en simple redirection." #: ../admin/main.php:62 ../admin/main.php:61 msgid "Latest news" @@ -2609,11 +2609,11 @@ msgstr "Adresse Email" #: ../admin/mail_del.php:83 msgid "" -"Warning: Deleting a mailbox will destroy all the emails it contains! You " +"Warning: Deleting an email address will destroy all the messages it contains! You " "will NOT be able to get it back!" msgstr "" -"Attention: L'effacement d'une boite aux lettres détruit tout son contenu ! " -"Vous ne pourrez PLUS retrouver les mails ainsi effacés !" +"Attention: L'effacement d'une adresse email détruit tous ses messages ! " +"Vous ne pourrez PLUS retrouver les messages ainsi effacés !" #: ../admin/menu.php:36 msgid "Home / Information" @@ -2652,19 +2652,19 @@ msgid "Complexity" msgstr "Complexité" msgid "Allow Password=Login?" -msgstr "Autorise Mot de passe=Login ?" +msgstr "Autorise Mot de passe=Login ?" msgid "Please choose which policy you want to apply to this password kind:" -msgstr "Merci de choisir la politique à appliquer à ce type de mot de passe : " +msgstr "Merci de choisir la politique à appliquer à ce type de mot de passe :" msgid "Minimum Password Size:" -msgstr "Taille minimale du mot de passe :" +msgstr "Taille minimale du mot de passe :" msgid "Maximum Password Size:" -msgstr "Taille maximale du mot de passe :" +msgstr "Taille maximale du mot de passe :" msgid "In how many classes of characters must be the password (at least):" -msgstr "Dans combien de classes de caractères doit être ce mot de passe (au minimum) :" +msgstr "Dans combien de classes de caractères doit être ce mot de passe (au minimum) :" msgid "Do we allow the password to be like the login?" msgstr "Autorise-t-on le mot de passe à ressembler au nom d'utilisateur ?" @@ -2724,13 +2724,13 @@ msgid "Change this user's password" msgstr "Changer le mot de passe de cet utilisateur" msgid "Do you want to point this domain to another domain already installed in your account?" -msgstr "Voulez-vous pointer ce domaine sur un autre déjà installé sur votre compte ?" +msgstr "Voulez-vous pointer ce domaine sur un autre déjà installé sur votre compte ?" msgid "No: This domain will have its own folder." msgstr "Non : ce domaine aura son propre dossier." msgid "Yes, redirect this new domain to this one:" -msgstr "Oui, redirigez ce nouveau domaine vers ce domaine existant :" +msgstr "Oui, redirigez ce nouveau domaine vers ce domaine existant :" msgid "-- Choose a domain --" msgstr "-- Choisir un nom de domaine --" @@ -2748,10 +2748,10 @@ msgid "Choose a folder..." msgstr "Choisir un répertoire ..." msgid "Send one file:" -msgstr "Envoyer un fichier:" +msgstr "Envoyer un fichier :" msgid "New file or folder:" -msgstr "Créer un fichier ou un dossier:" +msgstr "Créer un fichier ou un répertoire :" msgid "Send this file" msgstr "Envoyer ce fichier" @@ -2794,7 +2794,21 @@ msgid "Delete %s from this server" msgstr "Effacer le domaine %s de ce serveur" msgid "Folder where we will put the log file:" -msgstr "Dossier qui accueillera vos logs :" +msgstr "Répertoire qui accueillera vos logs :" msgid "Domain name:" -msgstr "Nom de domaine :" \ No newline at end of file +msgstr "Nom de domaine :" + +msgid "The domain OK column are green when the domain exists in the worldwide registry and has a proper NS,MX and IP depending on its configuration. It is red if we have serious doubts about its NS, MX or IP configuration. Contact the user of this domain or a system administrator." +msgstr "La colonne OK? est verte quand le domaine existe dans le registre DNS mondial et que sa configuration IP, NS et MX est correcte. Il est rouge lorsque le serveur a de sérieux doutes sur sa configuration NS, MX ou IP. Vérifiez auprès du propriétaire de ce domaine, et si besoin contactez un administrateur système." + +msgid "If you want to force the check of NS, MX, IP on domains, click the link" +msgstr "Si vous voulez forcer la vérification des NS, MX et IP des domaines, cliquez le lien" + +msgid "Show domain list with refreshed checked NS, MX, IP information" +msgstr "Afficher la liste des domaines avec des informations NS, MX et IP à jour." + + +msgid "Redirections
Other recipients:" +msgstr "Redirections/Autres destinataires :" + diff --git a/debian/changelog b/debian/changelog index c5bc84ff..8582ee86 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,7 @@ alternc (1.0~rc1) stable; urgency=low + * security: now using htmlspecialchars on every form default values ... yes it's 2010 ;) + * i18n: charset is now variable depending on the current language * new features: * removed the dependency on postgrey, added dnsutils (for domain checks) * added domain check (exists, ns, mx, ip) when listing domains in admin panel. @@ -30,7 +32,7 @@ alternc (1.0~rc1) stable; urgency=low * Major patch * Blue desktop using only css, no frameset etc * Sanitizing of get/request/post parameters - + -- Benjamin Sonntag Sat, 12 May 2009 17:55:30 +0200 alternc (0.9.9) stable; urgency=low
"; + } ?> "; - } ?> array ("request", "string", ""), + "yndns" => array ("request", "integer", 0), + "newisslave" => array ("request", "integer", 0), + "slavedom" => array ("request", "string", ""), +); +getFields($fields); + if (!isset($dns)) $dns="1"; ?> @@ -46,10 +54,10 @@ if ($error) echo "

$error

"; ?>

- www. + www.

- />  + /> 

getquota("dom"); @@ -58,9 +66,9 @@ if ($q["u"]>0) {


- + />
- /> - - +%s"),$email); ?> + + + +
-%s"),$email); ?>
/>
+

+ onclick="hide('ispoptbl');"> + onclick="show('ispoptbl');"> +

+
+ + - +
()
+
+ "; __("WARNING: turning POP/IMAP off will DELETE the stored messages in this email address. This email address will become a simple redirection."); }?> + +
()

" /> diff --git a/bureau/admin/menu_mail.php b/bureau/admin/menu_mail.php index be740fcb..38434c9d 100644 --- a/bureau/admin/menu_mail.php +++ b/bureau/admin/menu_mail.php @@ -37,7 +37,7 @@ if ($q["t"] > 0 && $r["u"] > 0) { ?>

-<?php __(" />  (/)
+<?php __(" />  (/)
    " />