From 6eb7e9f794110705a8add474a34b636f96755d86 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Tue, 20 Dec 2011 16:46:08 +0000
Subject: [PATCH] PFAHandler.php: - encrypt passwords ("pass" fields) with
 pacrypt()

AdminHandler.php:
- update/remove various TODO notes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1302 a1433add-5e2c-0410-b055-b7f2511e0802
---
 model/AdminHandler.php | 11 +++++------
 model/PFAHandler.php   |  4 +++-
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/model/AdminHandler.php b/model/AdminHandler.php
index c00f167b..123f0944 100644
--- a/model/AdminHandler.php
+++ b/model/AdminHandler.php
@@ -28,13 +28,13 @@ class AdminHandler extends PFAHandler {
 
         # values for the "type" column:
         # text  one line of text
-        # pass  password (will be encrypted with pacrypt())  # TODO: not implemented yet
+        # pass  password (will be encrypted with pacrypt())
         # num   number
         # vnum  "virtual" number, coming from JOINs etc.
         # bool  boolean (converted to 0/1, additional column _$field with yes/no)
         # ts    timestamp (created/modified)
         # enum  list of options, must be given in column "options" as array
-#TODO   # list  like enum, but allow multiple selections
+        # list  like enum, but allow multiple selections
 
         # NOTE: There are dependencies between domains and domain_count
         # NOTE: If you disable "display in list" for domain_count, the SQL query for domains might break.
@@ -61,7 +61,6 @@ class AdminHandler extends PFAHandler {
             ),
 
             'domains'         => pacol( 1,          1,      1,      'list', 'pAdminCreate_admin_address'   , ''                                 , array(), list_domains(),
-# TODO: on read: split domains - on write: write to domain_admins table
                /*not_in_db*/ 0,
                /*dont_write_to_db*/ 1,
                /*select*/ 'coalesce(domains,"") as domains'
@@ -196,19 +195,19 @@ class AdminHandler extends PFAHandler {
         $this->errormsg[] = '*** Admin deletion not implemented yet ***';
         return false; # XXX function aborts here until TODO below is implemented! XXX
 
-        # TODO: recursively delete mailboxes, aliases, alias_domains, fetchmail entries etc. before deleting the domain
+        # TODO: delete from domain_admins before deleting the admin
         # TODO: move the needed code from delete.php here
         $result = db_delete($this->db_table, $this->id_field, $this->id);
         if ( $result == 1 ) {
             list(/*NULL*/,$domain) = explode('@', $this->id);
-            db_log ($domain, 'delete_admin', $this->id); # TODO delete_domain is not a valid db_log keyword yet because we don't yet log add/delete domain
+            db_log ($domain, 'delete_admin', $this->id); # TODO delete_admin is not a valid db_log keyword yet
             return true;
         }
     }
 
 
 # TODO: generate password if $new, no password specified and $CONF['generate_password'] is set
-# TODO: except if $this->admin_username == setup.php
+# TODO: except if $this->admin_username == setup.php --- this exception should be handled directly in setup.php ("if $values['password'] == '' error_out")
 
     /**
      * compare password / password2 field
diff --git a/model/PFAHandler.php b/model/PFAHandler.php
index 0f4cb8ae..1afd57aa 100644
--- a/model/PFAHandler.php
+++ b/model/PFAHandler.php
@@ -157,7 +157,9 @@ class PFAHandler {
                 case 'bool':
                     $db_values[$key] = db_get_boolean($db_values[$key]);
                     break;
-                # TODO: passwords -> pacrypt()
+                case 'pass':
+                    $db_values[$key] = pacrypt($db_values[$key]);
+                    break;
             }
             if ($this->struct[$key]['not_in_db'] == 1) unset ($db_values[$key]); # remove 'not in db' columns
             if ($this->struct[$key]['dont_write_to_db'] == 1) unset ($db_values[$key]); # remove 'dont_write_to_db' columns