From 3f7a756d8161f1a154c1f3b3dd7b77b44365661f Mon Sep 17 00:00:00 2001 From: pdontthink Date: Sat, 20 Jun 2015 12:52:36 +0000 Subject: [PATCH] Add ability for administrator to control whether or not users can edit their reply-to address git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14509 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- config/conf.pl | 33 +++++++++++++++++++++++++++++-- config/config_default.php | 9 ++++++--- doc/ChangeLog | 2 ++ include/options/personal.php | 29 +++++++++++++++++++-------- plugins/administrator/defines.php | 1 + 5 files changed, 61 insertions(+), 13 deletions(-) diff --git a/config/conf.pl b/config/conf.pl index c9e3d907..315c6f41 100755 --- a/config/conf.pl +++ b/config/conf.pl @@ -426,6 +426,8 @@ $hide_sm_attributions = 'false' if ( !$hide_sm_attributions ); # since 1.2.5 $edit_identity = 'true' if ( !$edit_identity ); $edit_name = 'true' if ( !$edit_name ); +# since 1.4.23/1.5.2 +$edit_reply_to = 'true' if ( !$edit_reply_to ); # since 1.4.0 $use_smtp_tls= 'false' if ( !$use_smtp_tls); @@ -732,6 +734,7 @@ while ( ( $command ne "q" ) && ( $command ne "Q" ) && ( $command ne ":q" ) ) { print "8. Allow use of receipts : $WHT$default_use_mdn$NRM\n"; print "9. Allow editing of identity : $WHT$edit_identity$NRM\n"; print " Allow editing of name : $WHT$edit_name$NRM\n"; + print " Allow editing of reply-to : $WHT$edit_reply_to$NRM\n"; print " Remove username from header : $WHT$hide_auth_header$NRM\n"; print "10. Disable server thread sort : $WHT$disable_thread_sort$NRM\n"; print "11. Disable server-side sorting : $WHT$disable_server_sort$NRM\n"; @@ -2577,11 +2580,13 @@ sub command310 { if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { $edit_identity = 'true'; $edit_name = 'true'; - $hide_auth_header = command311b(); + $edit_reply_to = 'true'; + $hide_auth_header = command311c(); } else { $edit_identity = 'false'; $edit_name = command311(); - $hide_auth_header = command311b(); + $edit_reply_to = command311b(); + $hide_auth_header = command311c(); } return $edit_identity; } @@ -2609,6 +2614,28 @@ sub command311 { } sub command311b { + print "$NRM"; + print "\n Given that users are not allowed to modify their + email address, can they edit their reply-to address? + + "; + + if ( lc($edit_reply_to) eq 'true' ) { + $default_value = "y"; + } else { + $default_value = "n"; + } + print "Allow the user to edit their reply-to address? (y/n) [$WHT$default_value$NRM]: $WHT"; + $new_edit = ; + if ( ( $new_edit =~ /^y\n/i ) || ( ( $new_edit =~ /^\n/ ) && ( $default_value eq "y" ) ) ) { + $edit_reply_to = 'true'; + } else { + $edit_reply_to = 'false'; + } + return $edit_reply_to; +} + +sub command311c { print "$NRM"; print "\n SquirrelMail adds username information to every outgoing email in order to prevent possible sender forging by users that are allowed @@ -5009,6 +5036,8 @@ sub save_data { # boolean print CF "\$edit_name = $edit_name;\n"; # boolean + print CF "\$edit_reply_to = $edit_reply_to;\n"; + # boolean print CF "\$hide_auth_header = $hide_auth_header;\n"; # boolean print CF "\$disable_thread_sort = $disable_thread_sort;\n"; diff --git a/config/config_default.php b/config/config_default.php index 75126e76..9f1513e7 100644 --- a/config/config_default.php +++ b/config/config_default.php @@ -601,15 +601,18 @@ $default_use_mdn = true; * Identity Controls * * If you don't want to allow users to change their email address - * then you can set $edit_identity to false, if you want them to + * then you can set $edit_identity to false; if you want them to * not be able to change their full name too then set $edit_name - * to false as well. $edit_name has no effect unless $edit_identity - * is false; + * to false as well. $edit_reply_to likewise controls users' ability + * to change their reply-to address. $edit_name and $edit_reply_to + * have no effect unless $edit_identity is false; * @global bool $edit_identity * @global bool $edit_name + * @global bool $edit_reply_to */ $edit_identity = true; $edit_name = true; +$edit_reply_to = true; /** * SquirrelMail adds username information to every sent email. diff --git a/doc/ChangeLog b/doc/ChangeLog index 03236eba..27153e78 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -396,6 +396,8 @@ Version 1.5.2 - SVN - Prevent session lock-up caused by filters plugin trying to move messages in an account that is over quota. - Added MD5 alternative to directory hash calculation + - Added ability for administrator to control whether or not users + can edit their reply-to address ($edit_reply_to in config.php) Version 1.5.1 (branched on 2006-02-12) -------------------------------------- diff --git a/include/options/personal.php b/include/options/personal.php index c619e68b..a4efc9ca 100644 --- a/include/options/personal.php +++ b/include/options/personal.php @@ -34,7 +34,7 @@ define('SMOPT_GRP_TZ', 3); * @return array all option information */ function load_optpage_data_personal() { - global $data_dir, $username, $edit_identity, $edit_name, + global $data_dir, $username, $edit_identity, $edit_name, $edit_reply_to, $full_name, $reply_to, $email_address, $signature, $tzChangeAllowed, $timeZone, $domain; @@ -108,13 +108,26 @@ function load_optpage_data_personal() { ); } - $optvals[SMOPT_GRP_CONTACT][] = array( - 'name' => 'reply_to', - 'caption' => _("Reply To"), - 'type' => SMOPT_TYPE_STRING, - 'refresh' => SMOPT_REFRESH_NONE, - 'size' => SMOPT_SIZE_HUGE - ); + if ($edit_identity || $edit_reply_to) { + $optvals[SMOPT_GRP_CONTACT][] = array( + 'name' => 'reply_to', + 'caption' => _("Reply To"), + 'type' => SMOPT_TYPE_STRING, + 'refresh' => SMOPT_REFRESH_NONE, + 'size' => SMOPT_SIZE_HUGE + ); + } else { +//TODO: For many users, this is redundant to the email address above, especially if not editable -- so here instead of a comment, we could just hide it... in fact, that's what we'll do, but keep this code for posterity in case someone decides we shouldn't do this +/* + $optvals[SMOPT_GRP_CONTACT][] = array( + 'name' => 'reply_to', + 'caption' => _("Reply To"), + 'type' => SMOPT_TYPE_COMMENT, + 'refresh' => SMOPT_REFRESH_NONE, + 'comment' => sm_encode_html_special_chars($reply_to), + ); +*/ + } $optvals[SMOPT_GRP_CONTACT][] = array( 'name' => 'signature', diff --git a/plugins/administrator/defines.php b/plugins/administrator/defines.php index 3ca54a85..2f3cfbf3 100644 --- a/plugins/administrator/defines.php +++ b/plugins/administrator/defines.php @@ -261,6 +261,7 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"), '$edit_identity' => array( 'name' => _("Allow editing of identities"), 'type' => SMOPT_TYPE_BOOLEAN ), '$edit_name' => array( 'name' => _("Allow editing of full name"), + '$edit_reply_to' => array( 'name' => _("Allow editing of reply-to address"), 'type' => SMOPT_TYPE_BOOLEAN ), '$hide_auth_header' => array( 'name' => _("Remove username from headers"), 'comment' => _("Used only when identities can't be modified"), -- 2.25.1