From 7b17e453ad288c27e6854160b7fde370ae6acf28 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 21 Aug 2012 13:42:28 +0000
Subject: [PATCH] Bugfix: SMTP password was visible in html source Bugfix: Show
error message on smtp enabled without administrator mail / name
---
.../web/admin/lib/lang/de_system_config.lng | 1 +
.../web/admin/lib/lang/en_system_config.lng | 1 +
interface/web/admin/system_config_edit.php | 22 ++++++++++++++++++-
.../templates/system_config_mail_edit.htm | 2 +-
4 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng
index 5eaa996fe4..db46bfd386 100644
--- a/interface/web/admin/lib/lang/de_system_config.lng
+++ b/interface/web/admin/lib/lang/de_system_config.lng
@@ -1,5 +1,6 @@
<?php
$wb['system_config_desc_txt'] = '';
+$wb['smtp_missing_admin_mail_txt'] = 'Bitte geben Sie die Administrator E-Mail und den Namen ein, wenn Sie SMTP Versand nutzen wollen.';
$wb['warning'] = 'Bearbeiten Sie diese Werte sorgfältig! Entfernen Sie die Prefixe nicht auf Systemen mit mehr als einem Client.';
$wb['dbname_prefix_txt'] = 'Datenbanknamen Prefix';
$wb['dbuser_prefix_txt'] = 'Datenbankbenutzer Prefix';
diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng
index 4fbaa579b2..1e03f8bc60 100644
--- a/interface/web/admin/lib/lang/en_system_config.lng
+++ b/interface/web/admin/lib/lang/en_system_config.lng
@@ -1,5 +1,6 @@
<?php
$wb['system_config_desc_txt'] = '';
+$wb['smtp_missing_admin_mail_txt'] = 'Please enter the admin name and admin mail address if you want to use smtp mail sending.';
$wb['dashboard_atom_url_admin_txt'] = 'Dashboard atom feed URL (admin)';
$wb['dashboard_atom_url_reseller_txt'] = 'Dashboard atom feed URL (reseller)';
$wb['dashboard_atom_url_client_txt'] = 'Dashboard atom feed URL (client)';
diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index dc615a1f6c..32e4a8e7c0 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -77,6 +77,25 @@ class page_action extends tform_actions {
$app->tpl->setVar($record);
}
+ function onSubmit() {
+ global $app;
+
+ $app->uses('ini_parser,getconf');
+
+ $section = $app->tform->getCurrentTab();
+
+ $server_config_array = $app->getconf->get_global_config();
+ $new_config = $app->tform->encode($this->dataRecord,$section);
+ if($section == 'mail') {
+ if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['smtp_pass'];
+ if($new_config['smtp_enabled'] == 'y' && ($new_config['admin_mail'] == '' || $new_config['admin_name'] == '')) {
+ $app->tform->errorMessage .= $app->tform->lng("smtp_missing_admin_mail_txt");
+ }
+ }
+
+ parent::onSubmit();
+ }
+
function onUpdateSave($sql) {
global $app,$conf;
@@ -85,7 +104,6 @@ class page_action extends tform_actions {
$section = $app->tform->getCurrentTab();
-
$server_config_array = $app->getconf->get_global_config();
$new_config = $app->tform->encode($this->dataRecord,$section);
if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['vhost_subdomains'] == 'y') {
@@ -94,6 +112,8 @@ class page_action extends tform_actions {
if($check['cnt'] > 0) {
$new_config['vhost_subdomains'] = 'y';
}
+ } elseif($section == 'mail') {
+ if($new_config['smtp_pass'] == '') $new_config['smtp_pass'] = $server_config_array['smtp_pass'];
}
$server_config_array[$section] = $new_config;
$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
diff --git a/interface/web/admin/templates/system_config_mail_edit.htm b/interface/web/admin/templates/system_config_mail_edit.htm
index 4170debeba..013c39ae06 100644
--- a/interface/web/admin/templates/system_config_mail_edit.htm
+++ b/interface/web/admin/templates/system_config_mail_edit.htm
@@ -59,7 +59,7 @@
</div>
<div class="ctrlHolder">
<label for="smtp_pass">{tmpl_var name='smtp_pass_txt'}</label>
- <input name="smtp_pass" id="smtp_pass" value="{tmpl_var name='smtp_pass'}" size="30" maxlength="255" type="password" class="textInput" />
+ <input name="smtp_pass" id="smtp_pass" value="" size="30" maxlength="255" type="password" class="textInput" />
</div>
<div class="ctrlHolder">
<p class="label">{tmpl_var name='smtp_crypt_txt'}</p>
--
GitLab