myron
|
7aa33defa2
|
Fix SQLite backtick translation, add service-switch SSE streaming, Fail2Ban management page
- DB.php: fix backtick-quoted column names in ON DUPLICATE KEY UPDATE VALUES() regex
- DB.php: add global backtick→double-quote identifier strip
- system.php: add service-switch SSE streaming endpoint for web/mail/ftp/dns server changes
- system.php: simplify save-option to DB save only (no inline shell)
- firewall.php: add f2b-config-get, f2b-config-save, f2b-log, f2b-jail, f2b-ban, f2b-unban, f2b-ignoreip-* actions
- admin.js: Fail2Ban dedicated management page with jail table, global settings, whitelist, log viewer
- admin.js: soSave() now uses streaming terminal overlay instead of blocking spinner
- admin/index.php: split Firewall (UFW) and Fail2Ban into separate sidebar entries
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-06-09 16:18:28 +00:00 |
|
myron
|
6fdccc6dbd
|
feat: items #9-13 — password change, webmail SSO, DKIM live, file manager security, cache busting
#9 auth.php: add self-service change-password action (current+new+confirm)
accounts.php: fix admin change-password — accept account_id, fetch username
for chpasswd (was using int ID), add Auth::require('admin') guard
user.js: add Change Password page + navItem + submitChangePassword()
#10 EmailManager: store AES-256-CBC enc_password alongside SHA512-CRYPT hash
webmail.php: rewrite login-url to use webmail_sso_tokens table
novacpx-sso.php: Roundcube SSO bridge (validate token, decrypt, autosubmit)
Migration 005: add enc_password column + webmail_sso_tokens table
#11 opendkim: installed, configured (/etc/opendkim.conf, signing.table,
key.table, trusted.hosts), socket at /var/spool/postfix/opendkim/,
Postfix milter wired, service enabled+running, key generation verified
#12 files.php: fix safe_path() for non-existent paths (write/mkdir),
add safe_path_new() helper using parent-dir realpath check,
fix delete guard (block deleting account root dirs),
fix rename destination, clamp chmod to 0777
#13 nova.js: api() handles network errors, 429 rate-limit with retry-after,
non-JSON responses (PHP fatal pages) — graceful error instead of throw
admin/user/reseller index.php: filemtime-based cache-busting on all assets
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-06-08 01:19:33 +00:00 |
|