Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 16th July 2008, 14:03
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 213
Thanked 648 Times in 294 Posts
Arrow ISPConfig 2.2.24 | mailuser app bug?

I've installed ISPConfig 2.2.24 on Debian Etch and i've noticed that not all mailusers can change their password within the mailuser application at http://www.example.com:81/mailuser (Of course i enabled "Mailuser login" for the site).

The Administrator mailuser of the website can change the password indeed, but other mailusers which belong to the site can't change their password, while no error message appears!

I've checked this behaviour on two servers with ISPConfig 2.2.24.
Is this a bug? I mean it's really a must that every single mailuser can change their own password, not only the administrator user of the particular site.

If it's not a bug, at least an error message should appear, which informs the user that there is no permission to change the password.
__________________
Hans

MrHostman | Master in managed hosting
Reply With Quote
Sponsored Links
  #2  
Old 16th July 2008, 18:25
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,381
Thanks: 833
Thanked 5,482 Times in 4,316 Posts
Default

I guess it must be a bug. There is no reason why non admin users shall not be able to change their password there. I added it to the bugtracker.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 16th July 2008, 19:26
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 213
Thanked 648 Times in 294 Posts
Default

Thanks Till for your reply. I do hope it will be fixed soon.
__________________
Hans

MrHostman | Master in managed hosting
Reply With Quote
  #4  
Old 30th July 2008, 20:59
sonoracomm sonoracomm is offline
Member
 
Join Date: Aug 2006
Posts: 32
Thanks: 6
Thanked 4 Times in 2 Posts
Default

Sorry to be a pest, but I just wanted to find out the status of this issue.

I have (apparently) the same problem with ISPC 2.2.24 on a Centos 5.2 server (yum updated).

I couldn't find the bugtracker...maybe I wasn't supposed to...

Thanks again for this great system!

G
Reply With Quote
  #5  
Old 30th July 2008, 22:51
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 213
Thanked 648 Times in 294 Posts
Default bugtracker link

The bugtracker is here. And i do hope that this problem will be fixed indeed soon.
__________________
Hans

MrHostman | Master in managed hosting
Reply With Quote
  #6  
Old 31st July 2008, 16:10
bolero bolero is offline
Senior Member
 
Join Date: Apr 2008
Posts: 114
Thanks: 2
Thanked 8 Times in 8 Posts
Default

A client just informed me about this problem and I found this thread. This seems indeed to be a bug in 2.2.24 and doesn't depend on using Debian (we use CentOS). This is a really important functionality.
I hope this is really getting fixed soon and a patch made available (it can only be a small coding problem, I really do not want to apply a whole new ISPConfig via upgrade to my slightly customized installations just because of that tiny snippet).
If falko or till could point me to the files that are involved I would look myself and check if I can fix it. Thanks!

Btw, changing the users comment ("name") doesn't work either. It's saved to the db, but not to /etc/passwd. So, it seems that action is either skipped or fails. Should it appear in ispconfig.log if it is attempted?

Last edited by bolero; 31st July 2008 at 16:33.
Reply With Quote
  #7  
Old 31st July 2008, 19:56
bolero bolero is offline
Senior Member
 
Join Date: Apr 2008
Posts: 114
Thanks: 2
Thanked 8 Times in 8 Posts
Default Fix for 2.2.24 mailuser bug

Ok, here's the fix. It's a stupid confusion about a variable name. The bug is in mailuser/mail/table/user.table.php. "user_name" is actually *not* the "username" (that would be user_username), but the user's name/comment field. Thus it allows many more characters than this check:
"/^[0-9a-zA-Z_\-\.]{0,255}$/"
This check will fail with any normal name as a full name is guaranteed to contain a space. Quick fix:
Code:
$table['user_name'] = array(         'datatype'                 => "VARCHAR",
                                                                          'formtype'                 => "TEXT",
                                                                          'regex'                        => "/^[0-9a-zA-Z_\-\.\s]{0,255}$/",
                                                                          'errmsg'                => "Name contains invalid charcters.",
                                                                          'value'                 => "");
The \s was added by me. This will allow spaces and thus fix this issue for 99%of the situations. The check should be even more loose, though. Could somebody submit the check from version 2.2.23, please? user.table.php should be reverted to that version.
Reply With Quote
The Following User Says Thank You to bolero For This Useful Post:
till (1st August 2008)
  #8  
Old 31st July 2008, 20:45
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 213
Thanked 648 Times in 294 Posts
Default

Hereby you receive the user.table.php file from ISPConfig 2.2.23 (mailuser module).
Attached Files
File Type: zip user.table.zip (2.1 KB, 259 views)
__________________
Hans

MrHostman | Master in managed hosting
Reply With Quote
  #9  
Old 31st July 2008, 20:57
bolero bolero is offline
Senior Member
 
Join Date: Apr 2008
Posts: 114
Thanks: 2
Thanked 8 Times in 8 Posts
Default

Thanks. The only difference between the two files is what I explained. I suggest not going back to the 2.2.23 version as it doesn't contain any sanity check. Use this check instead:

"/^[^:\r\n\t]{0,255}$/"

This allows almost any character except for colons, line-feeds etc. It should be safe to use that as I think any kind of character except for these should be allowed in /etc/passwd. If you want to be more strict use the check I posted first.
Reply With Quote
  #10  
Old 1st August 2008, 11:38
Hans Hans is offline
Moderator
 
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,256
Thanks: 213
Thanked 648 Times in 294 Posts
 
Default

@Bolero,

Thanks for your work so far, but my opinion is that there must be an official bugfix soon, which comes with a patch or ISPConfig 2.2.25.
This bug is really not nice as it is a problem for clients and it is the reason that i've reported this.

In the mean time, problems according the mailuser module are added to the bugtracker:

http://bugtracker.ispconfig.org/inde...ls&task_id=147
http://bugtracker.ispconfig.org/inde...ls&task_id=146
__________________
Hans

MrHostman | Master in managed hosting
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 2.2.18 to ISPConfig 2.2.19 bug ? sygram General 2 11th January 2008 11:35
ISPConfig 2.2.13 released till General 35 23rd July 2007 16:28
ISPConfig 2.3.2-dev released till General 9 4th June 2007 10:46
Can`t I access to mailUser ISPConfig leeeonardo Server Operation 1 19th April 2007 03:58
Bug in ispconfig 2.1.1 Bruce General 4 19th November 2005 15:00


All times are GMT +2. The time now is 02:33.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.