From 827cb008377164e8e86b9c9d6dda10743c4e14c8 Mon Sep 17 00:00:00 2001 From: DerLinkman Date: Thu, 8 Dec 2022 16:09:20 +0100 Subject: [PATCH 1/5] [DockerAPI] Tagged as 2.0 (rewrite) --- data/Dockerfiles/dockerapi/Dockerfile | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/dockerapi/Dockerfile b/data/Dockerfiles/dockerapi/Dockerfile index f021b73e..97c3808c 100644 --- a/data/Dockerfiles/dockerapi/Dockerfile +++ b/data/Dockerfiles/dockerapi/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.16 +FROM alpine:3.17 LABEL maintainer "Andre Peters " diff --git a/docker-compose.yml b/docker-compose.yml index eb744f96..4f370796 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -510,7 +510,7 @@ services: - watchdog dockerapi-mailcow: - image: mailcow/dockerapi:1.44 + image: mailcow/dockerapi:2.0 security_opt: - label=disable restart: always From 6704377402138576e25b5daa062f7d5ba203987e Mon Sep 17 00:00:00 2001 From: FreddleSpl0it Date: Fri, 9 Dec 2022 16:10:10 +0100 Subject: [PATCH 2/5] [Web] escape more html data --- data/web/js/build/014-mailcow.js | 2 +- data/web/js/site/mailbox.js | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/data/web/js/build/014-mailcow.js b/data/web/js/build/014-mailcow.js index 13bc2911..66da6076 100644 --- a/data/web/js/build/014-mailcow.js +++ b/data/web/js/build/014-mailcow.js @@ -1,7 +1,7 @@ $(document).ready(function() { // mailcow alert box generator window.mailcow_alert_box = function(message, type) { - msg = $('').text(message).text(); + msg = $('').text(escapeHtml(message)).text(); if (type == 'danger' || type == 'info') { auto_hide = 0; $('#' + localStorage.getItem("add_modal")).modal('show'); diff --git a/data/web/js/site/mailbox.js b/data/web/js/site/mailbox.js index 8c98e922..ac481cea 100644 --- a/data/web/js/site/mailbox.js +++ b/data/web/js/site/mailbox.js @@ -441,6 +441,8 @@ jQuery(function($){ url: "/api/v1/get/domain/all", dataSrc: function(json){ $.each(json, function(i, item) { + item.domain_name = escapeHtml(item.domain_name); + item.aliases = item.aliases_in_domain + " / " + item.max_num_aliases_for_domain; item.mailboxes = item.mboxes_in_domain + " / " + item.max_num_mboxes_for_domain; item.quota = item.quota_used_in_domain + "/" + item.max_quota_for_domain + "/" + item.bytes_total; @@ -625,7 +627,6 @@ jQuery(function($){ type: "GET", url: "/api/v1/get/domain/template/all", dataSrc: function(json){ - console.log(json); $.each(json, function (i, item) { item.chkbox = ''; @@ -1582,7 +1583,6 @@ jQuery(function($){ type: "GET", url: "/api/v1/get/tls-policy-map/all", dataSrc: function(json){ - console.log(json); if (role !== "admin") return null; $.each(json, function (i, item) { @@ -1817,6 +1817,8 @@ jQuery(function($){ url: "/api/v1/get/alias-domain/all", dataSrc: function(json){ $.each(json, function (i, item) { + item.alias_domain = escapeHtml(item.alias_domain); + item.action = '
' + ' ' + lang.edit + '' + ' ' + lang.remove + '' + @@ -1904,7 +1906,7 @@ jQuery(function($){ } else { item.exclude = '' + escapeHtml(item.exclude) + ''; } - item.server_w_port = escapeHtml(item.user1) + '@' + item.host1 + ':' + item.port1; + item.server_w_port = escapeHtml(item.user1) + '@' + escapeHtml(item.host1) + ':' + escapeHtml(item.port1); item.action = '
' + ' ' + lang.edit + '' + ' ' + lang.remove + '' + @@ -2042,6 +2044,7 @@ jQuery(function($){ } else { item.active = '' + lang.inactive + ''; } + item.script_desc = escapeHtml(item.script_desc); item.script_data = '
' + escapeHtml(item.script_data) + '
' item.filter_type = '
' + item.filter_type.charAt(0).toUpperCase() + item.filter_type.slice(1).toLowerCase() + '
' item.action = '
' + From f4731eecdb029be7393177bc76c6e649e40320b2 Mon Sep 17 00:00:00 2001 From: DerLinkman Date: Mon, 12 Dec 2022 10:49:00 +0100 Subject: [PATCH 3/5] Cleanup + Language Fixes --- data/web/inc/functions.mailbox.inc.php | 27 ++++++++--------- data/web/js/site/mailbox.js | 30 ++++++++++++++----- data/web/lang/lang.de-de.json | 9 ++++++ data/web/lang/lang.en-gb.json | 1 + data/web/templates/mailbox.twig | 3 -- .../mailbox/tab-mailbox-defaults.twig | 13 -------- 6 files changed, 45 insertions(+), 38 deletions(-) delete mode 100644 data/web/templates/mailbox/tab-mailbox-defaults.twig diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php index 55c8d6bc..d67fa3e3 100644 --- a/data/web/inc/functions.mailbox.inc.php +++ b/data/web/inc/functions.mailbox.inc.php @@ -1420,11 +1420,11 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { // check attributes $attr = array(); $attr['tags'] = (isset($_data['tags'])) ? $_data['tags'] : array(); - $attr['max_num_aliases_for_domain'] = (isset($_data['max_num_aliases_for_domain'])) ? intval($_data['max_num_aliases_for_domain']) : 0; - $attr['max_num_mboxes_for_domain'] = (isset($_data['max_num_mboxes_for_domain'])) ? intval($_data['max_num_mboxes_for_domain']) : 0; - $attr['def_quota_for_mbox'] = (isset($_data['def_quota_for_mbox'])) ? intval($_data['def_quota_for_mbox']) * 1048576 : 0; - $attr['max_quota_for_mbox'] = (isset($_data['max_quota_for_mbox'])) ? intval($_data['max_quota_for_mbox']) * 1048576 : 0; - $attr['max_quota_for_domain'] = (isset($_data['max_quota_for_domain'])) ? intval($_data['max_quota_for_domain']) * 1048576 : 0; + $attr['max_num_aliases_for_domain'] = (!empty($_data['max_num_aliases_for_domain'])) ? intval($_data['max_num_aliases_for_domain']) : 400; + $attr['max_num_mboxes_for_domain'] = (!empty($_data['max_num_mboxes_for_domain'])) ? intval($_data['max_num_mboxes_for_domain']) : 10; + $attr['def_quota_for_mbox'] = (!empty($_data['def_quota_for_mbox'])) ? intval($_data['def_quota_for_mbox']) * 1048576 : 3072 * 1048576; + $attr['max_quota_for_mbox'] = (!empty($_data['max_quota_for_mbox'])) ? intval($_data['max_quota_for_mbox']) * 1048576 : 10240 * 1048576; + $attr['max_quota_for_domain'] = (!empty($_data['max_quota_for_domain'])) ? intval($_data['max_quota_for_domain']) * 1048576 : 10240 * 1048576; $attr['rl_frame'] = (!empty($_data['rl_frame'])) ? $_data['rl_frame'] : "s"; $attr['rl_value'] = (!empty($_data['rl_value'])) ? $_data['rl_value'] : ""; $attr['active'] = isset($_data['active']) ? intval($_data['active']) : 1; @@ -1435,7 +1435,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { $attr['dkim_selector'] = (isset($_data['dkim_selector'])) ? $_data['dkim_selector'] : "dkim"; $attr['key_size'] = isset($_data['key_size']) ? intval($_data['key_size']) : 2048; - // save template $stmt = $pdo->prepare("INSERT INTO `templates` (`type`, `template`, `attributes`) VALUES (:type, :template, :attributes)"); @@ -4756,15 +4755,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { ":id" => $id, ":type" => "domain", ":template" => "Default" - )); - } + )); - $_SESSION['return'][] = array( - 'type' => 'success', - 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), - 'msg' => 'template_removed' - ); - return true; + $_SESSION['return'][] = array( + 'type' => 'success', + 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), + 'msg' => array('template_removed', htmlspecialchars($id)) + ); + return true; + } break; case 'alias': if (!is_array($_data['id'])) { diff --git a/data/web/js/site/mailbox.js b/data/web/js/site/mailbox.js index 8c98e922..c36a9e7d 100644 --- a/data/web/js/site/mailbox.js +++ b/data/web/js/site/mailbox.js @@ -645,10 +645,18 @@ jQuery(function($){ } item.attributes.rl_value = escapeHtml(item.attributes.rl_value); - item.action = '
' + + + if (item.template.toLowerCase() == "default"){ + item.action = '
' + + ' ' + lang.edit + '' + + '
'; + } + else{ + item.action = ''; + } if (Array.isArray(item.attributes.tags)){ var tags = ''; @@ -688,7 +696,7 @@ jQuery(function($){ defaultContent: '' }, { - title: "Template", + title: lang.template, data: 'template', responsivePriority: 3, defaultContent: '' @@ -1115,11 +1123,17 @@ jQuery(function($){ } - - item.action = ''; + if (item.template.toLowerCase() == "default"){ + item.action = '
' + + ' ' + lang.edit + '' + + '
'; + } + else { + item.action = ''; + } if (Array.isArray(item.attributes.tags)){ var tags = ''; @@ -1159,7 +1173,7 @@ jQuery(function($){ defaultContent: '' }, { - title: "Template", + title: lang.template, data: 'template', responsivePriority: 3, defaultContent: '' diff --git a/data/web/lang/lang.de-de.json b/data/web/lang/lang.de-de.json index 46e31c90..0a37321f 100644 --- a/data/web/lang/lang.de-de.json +++ b/data/web/lang/lang.de-de.json @@ -714,6 +714,7 @@ "add_filter": "Filter erstellen", "add_mailbox": "Mailbox hinzufügen", "add_recipient_map_entry": "Empfängerumschreibung hinzufügen", + "add_template": "Vorlage hinzufügen", "add_resource": "Ressource hinzufügen", "add_tls_policy_map": "TLS-Richtlinieneintrag hinzufügen", "address_rewriting": "Adressumschreibung", @@ -755,6 +756,7 @@ "domain": "Domain", "domain_admins": "Domain-Administratoren", "domain_aliases": "Domain-Aliasse", + "domain_templates": "Domainweite Vorlagen", "domain_quota": "Gesamtspeicher", "domain_quota_total": "Domain-Speicherplatz gesamt", "domains": "Domains", @@ -781,6 +783,7 @@ "mailbox_defaults": "Standardeinstellungen", "mailbox_defaults_info": "Steuert die Standardeinstellungen für neue Mailboxen.", "mailbox_defquota": "Standard-Quota", + "mailbox_templates": "Mailboxweite Vorlagen", "mailbox_quota": "Max. Größe einer Mailbox", "mailboxes": "Mailboxen", "max_aliases": "Max. mögliche Aliasse", @@ -810,6 +813,7 @@ "recipient_map_old_info": "Der originale Empfänger muss eine E-Mail-Adresse oder ein Domainname sein.", "recipient_maps": "Empfängerumschreibungen", "relay_all": "Alle Empfänger-Adressen relayen", + "relay_unknown": "Unbekannte Mailboxen relayen", "remove": "Entfernen", "resources": "Ressourcen", "running": "In Ausführung", @@ -836,6 +840,8 @@ "table_size_show_n": "Zeige %s Einträge", "target_address": "Ziel-Adresse", "target_domain": "Ziel-Domain", + "templates": "Vorlagen", + "template": "Vorlage", "tls_enforce_in": "TLS eingehend erzwingen", "tls_enforce_out": "TLS ausgehend erzwingen", "tls_map_dest": "Ziel", @@ -1018,6 +1024,9 @@ "saved_settings": "Regel wurde gespeichert", "settings_map_added": "Regel wurde gespeichert", "settings_map_removed": "Regeln wurden entfernt: %s", + "template_added": "Template %s hinzugefügt", + "template_modified": "Änderungen am Template %s wurden gespeichert", + "template_removed": "Template ID %s wurde gelöscht", "sogo_profile_reset": "ActiveSync-Gerät des Benutzers %s wurde zurückgesetzt", "tls_policy_map_entry_deleted": "TLS-Richtlinie mit der ID %s wurde gelöscht", "tls_policy_map_entry_saved": "TLS-Richtlinieneintrag \"%s\" wurde gespeichert", diff --git a/data/web/lang/lang.en-gb.json b/data/web/lang/lang.en-gb.json index edc696d8..90b208fc 100644 --- a/data/web/lang/lang.en-gb.json +++ b/data/web/lang/lang.en-gb.json @@ -1038,6 +1038,7 @@ "sogo_profile_reset": "SOGo profile for user %s was reset", "template_added": "Added template %s", "template_modified": "Changes to template %s have been saved", + "template_removed": "Template ID %s has been deleted", "tls_policy_map_entry_deleted": "TLS policy map ID %s has been deleted", "tls_policy_map_entry_saved": "TLS policy map entry \"%s\" has been saved", "ui_texts": "Saved changes to UI texts", diff --git a/data/web/templates/mailbox.twig b/data/web/templates/mailbox.twig index fa89b001..cdb6a428 100644 --- a/data/web/templates/mailbox.twig +++ b/data/web/templates/mailbox.twig @@ -10,8 +10,6 @@
  • - {# #} - {# #}