From ea560553e994ca74cb435e3ce3c0d8fdd22d32e7 Mon Sep 17 00:00:00 2001
From: Gianluca Giacometti <52405+gianlucagiacometti@users.noreply.github.com>
Date: Sun, 17 Jan 2021 21:26:18 +0100
Subject: [PATCH 01/12] List of addresses needs a Line Feed

Edit field does display a list of aliases in a single line in the edit form field. Adding a Line Feed character fixes this problem.
---
 templates/editform.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/editform.tpl b/templates/editform.tpl
index a5e0fd1a..44adff7c 100644
--- a/templates/editform.tpl
+++ b/templates/editform.tpl
@@ -44,7 +44,7 @@
                                     {elseif $field.type == 'pass' || $field.type == 'b64p'}
                                         <input class="form-control" type="password" name="value[{$key}]"/>
                                     {elseif $field.type == 'txtl'}
-                                        <textarea class="form-control" rows="10" cols="35" name="value[{$key}]">{foreach key=key2 item=field2 from=$value_{$key}}{$field2}{/foreach}</textarea>
+                                        <textarea class="form-control" rows="10" cols="35" name="value[{$key}]">{foreach key=key2 item=field2 from=$value_{$key}}{$field2}&#10;{/foreach}</textarea>
                                     {else}
                                         <input class="form-control" type="text" name="value[{$key}]"
                                                value="{$value_{$key}}"/>

From c6a8117e820a1a2754d22f414fa29d1a3da19895 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Sun, 17 Jan 2021 22:31:53 +0000
Subject: [PATCH 02/12] improve doc comment - see
 https://github.com/postfixadmin/postfixadmin/issues/423

---
 config.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config.inc.php b/config.inc.php
index 834248f9..0eb6dca2 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -227,7 +227,7 @@ if(@file_exists('/usr/bin/doveadm')) { // @ to silence openbase_dir stuff; see h
 $CONF['password_validation'] = array(
 #    '/regular expression/' => '$PALANG key (optional: + parameter)',
     '/.{5}/'                => 'password_too_short 5',      # minimum length 5 characters
-    '/([a-zA-Z].*){3}/'     => 'password_no_characters 3',  # must contain at least 3 characters
+    '/([a-zA-Z].*){3}/'     => 'password_no_characters 3',  # must contain at least 3 consecutive characters
     '/([0-9].*){2}/'        => 'password_no_digits 2',      # must contain at least 2 digits
 
     /*  support a 'callable' value which if it returns a non-empty string will be assumed to have failed. */

From d4ea7200958a31e40c39fa9d58c1a4cf78db4184 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 20:31:29 +0000
Subject: [PATCH 03/12] try php8 via travis

---
 .travis.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.travis.yml b/.travis.yml
index 8810d01c..8f0179d7 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,6 +3,7 @@ php:
   - 7.2
   - 7.3
   - 7.4
+  - 8.0
 
 services:
   - mysql

From 23cec951531b901de4e074d4d869170df6b70c98 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 20:46:11 +0000
Subject: [PATCH 04/12] fix php8 moaning about string vs int

---
 model/MailboxHandler.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/model/MailboxHandler.php b/model/MailboxHandler.php
index f7c89540..4608247a 100644
--- a/model/MailboxHandler.php
+++ b/model/MailboxHandler.php
@@ -493,6 +493,8 @@ class MailboxHandler extends PFAHandler {
             return true; # enforcing quotas is disabled - just allow it
         }
 
+        $quota = (int) $quota;
+
         list(/*NULL*/, $domain) = explode('@', $this->id);
         $limit = get_domain_properties($domain);
 

From 14aea8a38320e8115749a0ed0ee85e8327331229 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 20:46:25 +0000
Subject: [PATCH 05/12] fix php8 moaning about { } on strings

---
 scripts/postfixadmin-cli.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/postfixadmin-cli.php b/scripts/postfixadmin-cli.php
index 782c01a8..7b609442 100644
--- a/scripts/postfixadmin-cli.php
+++ b/scripts/postfixadmin-cli.php
@@ -319,11 +319,11 @@ class PostfixAdmin {
     public function parseParams($params) {
         $count = count($params);
         for ($i = 0; $i < $count; $i++) {
-            if ($params[$i] != '' && $params[$i]{0} === '-' && $params[$i] != '-1') {
+            if ($params[$i] != '' && $params[$i][0] === '-' && $params[$i] != '-1') {
                 $key = substr($params[$i], 1);
                 if (isset($params[$i+1])) {
                     # TODO: ideally we should know if a parameter can / must have a value instead of whitelisting known valid values starting with '-' (probably only bool doesn't need a value)
-                    if ($params[$i+1]{0} === '-' && $params[$i+1] != '-1') {
+                    if ($params[$i+1][0] === '-' && $params[$i+1] != '-1') {
                         $this->params[$key] = true;
                     } else {
                         $this->params[$key] = $params[$i+1];

From 0ca0efa7b8cd4ad465977f64b12c15cdf6b11438 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 20:46:37 +0000
Subject: [PATCH 06/12] fix test if quota is turned on

---
 tests/MailboxHandlerTest.php | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/tests/MailboxHandlerTest.php b/tests/MailboxHandlerTest.php
index f9eff085..f095e029 100644
--- a/tests/MailboxHandlerTest.php
+++ b/tests/MailboxHandlerTest.php
@@ -10,6 +10,13 @@ class MailboxHandlerTest extends \PHPUnit\Framework\TestCase {
         parent::tearDown();
     }
 
+    public function setUp() : void {
+        global $CONF;
+        parent::setUp();
+
+        $CONF['quota'] = 'YES';
+    }
+
     public function testBasic() {
         $x = new MailboxHandler();
 
@@ -43,6 +50,8 @@ class MailboxHandlerTest extends \PHPUnit\Framework\TestCase {
                 'aliases' => 11,
                 'mailboxes' => 12,
                 'active' => 1,
+                'quota' => 99999911111,
+                'maxquota' => 99999999999,
                 'backupmx' => 0,
                 'default_aliases' => 1
             ]
@@ -89,7 +98,7 @@ class MailboxHandlerTest extends \PHPUnit\Framework\TestCase {
             'password' => 'test1234',
             'password2' => 'test1234',
             'name' => 'test person',
-            'quota' => '',
+            'quota' => 1,
             'welcome_mail' => 0,
             'email_other' => '',
             'username' => 'david.test@example.com',
@@ -108,7 +117,8 @@ class MailboxHandlerTest extends \PHPUnit\Framework\TestCase {
         $x->getList('');
 
         $list = $x->result();
-        $this->assertEquals(1, count($list));
+
+        $this->assertEquals(1, count($list), json_encode($x->errormsg));
 
         $found = false;
 
@@ -140,7 +150,7 @@ class MailboxHandlerTest extends \PHPUnit\Framework\TestCase {
             'username' => 'david.test@example.com'
         ]);
 
-        $this->assertEmpty($h->errormsg);
+        $this->assertEmpty($h->errormsg, json_Encode($h->errormsg));
         $this->assertEmpty($h->infomsg);
         $this->assertTrue($r);
         $this->assertTrue($h->save());

From dd86dcad30e79d4ebdf316bbf6701da31c8fe923 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Tue, 19 Jan 2021 09:19:30 +0000
Subject: [PATCH 07/12] fix forget-password (+ themeing), see #427

---
 public/users/password-recover.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/public/users/password-recover.php b/public/users/password-recover.php
index c4d33983..5a4d170b 100644
--- a/public/users/password-recover.php
+++ b/public/users/password-recover.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * Postfix Admin
  *
@@ -25,7 +26,6 @@
  */
 
 
-$smarty = PFASmarty::getInstance();
 
 /* if in .../users, we need to load a different common.php; not this file is symlinked with public/ */
 if (preg_match('/\/users\//', $_SERVER['REQUEST_URI'])) {
@@ -35,8 +35,11 @@ if (preg_match('/\/users\//', $_SERVER['REQUEST_URI'])) {
     $rel_path = './';
     $context = 'admin';
 }
+
 require_once($rel_path . 'common.php');
 
+$smarty = PFASmarty::getInstance();
+$smarty->configureTheme($rel_path);
 
 
 if ($context === 'admin' && !Config::read('forgotten_admin_password_reset') || $context === 'users' && !Config::read('forgotten_user_password_reset')) {

From 481c465712edc57c77534d499d4b5573acb7a4dc Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Tue, 19 Jan 2021 16:50:56 +0000
Subject: [PATCH 08/12] merge e7e1ce9c283b88cc17bafb9785cd6e30d903785e to fix
 PostgreSQL tests

---
 model/Login.php     |  1 +
 public/upgrade.php  |  6 +++++-
 tests/LoginTest.php | 10 +++++++---
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/model/Login.php b/model/Login.php
index b30b556f..e27272b6 100644
--- a/model/Login.php
+++ b/model/Login.php
@@ -26,6 +26,7 @@ class Login {
         $values = array('username' => $username, 'active' => $active);
 
         $result = db_query_all($query, $values);
+
         if (sizeof($result) == 1 && strlen($password) > 0) {
             $row = $result[0];
 
diff --git a/public/upgrade.php b/public/upgrade.php
index 819e649c..7d32adae 100644
--- a/public/upgrade.php
+++ b/public/upgrade.php
@@ -1386,7 +1386,11 @@ function upgrade_730_pgsql() {
     $table_quota = table_by_key('quota');
     $table_quota2 = table_by_key('quota2');
 
-    db_query_parsed('CREATE LANGUAGE plpgsql', 1); /* will error if plpgsql is already installed */
+    try {
+        db_query_parsed('CREATE LANGUAGE plpgsql', 1); /* will error if plpgsql is already installed */
+    } catch (\Exception $e) {
+        error_log("ignoring exception that's probably : plpgsql is probably already installed; " . $e);
+    }
 
     # trigger for dovecot v1.0 & 1.1 quota table
     # taken from http://wiki.dovecot.org/Quota/Dict
diff --git a/tests/LoginTest.php b/tests/LoginTest.php
index 68f950d9..de07a551 100644
--- a/tests/LoginTest.php
+++ b/tests/LoginTest.php
@@ -8,11 +8,10 @@ class LoginTest extends \PHPUnit\Framework\TestCase {
 
         $CONF['pacrypt'] = 'md5'; // crap
 
-        db_execute("INSERT INTO domain(`domain`, description, transport) values ('example.com', 'test', 'foo')", [], true);
+        db_execute("INSERT INTO domain(domain, description, transport) values ('example.com', 'test', 'foo')", [], true);
 
         db_execute(
-            "INSERT INTO mailbox(username, password, `name`, maildir, local_part, `domain`) 
-VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
+            "INSERT INTO mailbox(username, password, name, maildir, local_part, domain) VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
             [
                 'username' => 'test@example.com',
                 'password' => pacrypt('foobar'),
@@ -21,6 +20,8 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
                 'local_part' => 'test',
                 'domain' => 'example.com',
             ]);
+
+
         parent::setUp();
     }
 
@@ -31,7 +32,10 @@ VALUES(:username, :password, :name, :maildir, :local_part, :domain)",
     }
 
     private function cleanUp() {
+        db_query('DELETE FROM alias');
+        db_query('DELETE FROM alias_domain');
         db_query('DELETE FROM mailbox');
+        db_query('DELETE FROM domain_admins');
         db_query('DELETE FROM domain');
     }
 

From 6c3ff420369162eb1b17232742d3a1e62f9f5d5e Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 22:15:27 +0000
Subject: [PATCH 09/12] make sure we do not double quote mysql table names
 somehow

---
 functions.inc.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/functions.inc.php b/functions.inc.php
index f4a810ba..b7bd9d36 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -2085,6 +2085,8 @@ function table_by_key($table_key) {
     $table = $CONF['database_prefix'] . $table;
 
     if (db_mysql()) {
+        // try and ensure we don't get ``table`` ?
+        $table = preg_replace('/`/', '', $table);
         return "`" . $table . "`";
     }
 

From 6d101b79e62507cfd3091e5a68f040f384a0978f Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Tue, 19 Jan 2021 20:04:31 +0000
Subject: [PATCH 10/12] bump version numbers/changelog for 3.3.4

---
 CHANGELOG.TXT  | 8 ++++++++
 config.inc.php | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT
index e811364a..558a4916 100644
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@@ -6,6 +6,14 @@
 #
 # Further details on the project are available at https://github.com/postfixadmin/postfixadmin
 
+Version 3.3.4 - 2021/01/19
+-------------------------------------------------
+   - Fix forgot-password (theme + trying to use class before autoload registered) (see //github.com/postfixadmin/postfixadmin/issues/427)
+   - Fix PHP 8.0 issues (string{} offset in CLI, psalm warning about string + int in MailboxHandler)
+   - Add PHP 8.0 to travis build + hopefully fix build
+   - Fix editform to add linefeeds on for e.g. alias editing (see https://github.com/postfixadmin/postfixadmin/pull/424)
+   - Fix mysql_crypt password hash - not all MySQL variants have RANDOM_BYTES function, so use our PHP based salt instead. (see https://github.com/postfixadmin/postfixadmin/issues/422)
+
 Version 3.3.3 - 2021/01/14
 -------------------------------------------------
    - Improve error handling around login (require non-empty password; cope with pacrypt() throwing an exception; see https://github.com/postfixadmin/postfixadmin/issues/420)
diff --git a/config.inc.php b/config.inc.php
index 0eb6dca2..098ffaf3 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -702,7 +702,7 @@ $CONF['xmlrpc_enabled'] = false;
 //More details in README.password_expiration
 $CONF['password_expiration'] = 'YES';
 
-$CONF['version'] = '3.3.3';
+$CONF['version'] = '3.3.4';
 
 // If you want to keep most settings at default values and/or want to ensure
 // that future updates work without problems, you can use a separate config 

From 378ee417b0bb8c513115f4b63c96b4757a0a51dd Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Mon, 18 Jan 2021 22:15:56 +0000
Subject: [PATCH 11/12] improve tests

---
 tests/PacryptTest.php | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/tests/PacryptTest.php b/tests/PacryptTest.php
index ccf89579..973f9197 100644
--- a/tests/PacryptTest.php
+++ b/tests/PacryptTest.php
@@ -25,11 +25,9 @@ class PaCryptTest extends \PHPUnit\Framework\TestCase {
             $this->markTestSkipped('Not using MySQL');
         }
 
-        $hash = _pacrypt_mysql_encrypt('test');
+        $hash = _pacrypt_mysql_encrypt('test1');
 
-        sleep(1);
-
-        $hash2 = _pacrypt_mysql_encrypt('test');
+        $hash2 = _pacrypt_mysql_encrypt('test2');
 
         $this->assertNotEquals($hash, $hash2);
 
@@ -37,11 +35,7 @@ class PaCryptTest extends \PHPUnit\Framework\TestCase {
         $this->assertNotEquals('test', $hash);
         $this->assertNotEquals('test', $hash2);
 
-        $this->assertEquals(
-            $hash,
-            _pacrypt_mysql_encrypt('test', $hash),
-            "test should encrypt to : $hash ..."
-        );
+        $this->assertTrue( hash_equals($hash, _pacrypt_mysql_encrypt('test1', $hash) ), "hashes should equal....");
     }
 
     public function testAuthlib() {

From ecf6e4afe9d7fa4c51ba90c56a98d4c5aa070e9f Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Thu, 21 Jan 2021 11:11:52 +0000
Subject: [PATCH 12/12] be more explict (or update) PHP version requirement -
 see https://github.com/postfixadmin/postfixadmin/issues/429

---
 CHANGELOG.TXT | 1 +
 INSTALL.TXT   | 2 +-
 README.md     | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT
index 558a4916..d6cee51f 100644
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@@ -34,6 +34,7 @@ Version 3.3.1 - 2021/01/11
 
 Version 3.3 - 2021/01/09
 -------------------------------------------------
+   - PostfixAdmin requires PHP 7.0 or greater.
    - Change setup.php to use PHP's password_hash() for the config setup_password . (breaking change, existing setup passwords will fail to work and need regenerating) 
    - Change setup.php to not reveal system paths etc until a setup_password is configured and provided (see: https://github.com/postfixadmin/postfixadmin/issues/402 )
    - Move to bootstrap theme ( see https://github.com/postfixadmin/postfixadmin/pull/172 )
diff --git a/INSTALL.TXT b/INSTALL.TXT
index e969ef34..ca10092d 100644
--- a/INSTALL.TXT
+++ b/INSTALL.TXT
@@ -9,7 +9,7 @@ REQUIREMENTS
 ------------
 - Postfix
 - Apache / Lighttpd 
-- PHP (for web server)
+- PHP 7.0 or greater (for web server)
 - one of the following databases:
   - MariaDB/MySQL
   - PostgreSQL
diff --git a/README.md b/README.md
index 3657f5f6..bafaee05 100644
--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ Integrates with :
  - Users have the ability to login, change their password or vacation (out of office) status.
  - Integration with Squirrelmail / Roundcube (via plugins)
  - Optional XMLRPC based API 
- - Supports PHP5.6+
+ - Supports PHP7.0+
 
 ## Useful Links