phpQLAdmin 2.2 Change Log

phpQLAdmin 2.2.6 Release (Aug 22 2005)
	Bug fixes
	  - Make sure that the Bind9 manager editor remembers what TYPE of record we're changing
	    (as a 'hidden' input).
	  - Fix double branch listing (reported by GG Noris on mailinglist).
	  - Fix spelling error in include/pql_search.inc:pql_get_domains(). Used define
	    PQL_CONF_REFERENCE_USERS_WITH when I should have used PQL_CONF_REFERENCE_DOMAINS_WITH.
	  - Fix URL session initialization. Patch by Aaron Collins.
	  - When deleting a DNS object, the DN to the SOA must start with 'dNSTTL=3600+relativeDomainName=...',
	    not just 'relativeDomainName=...'.
	  - Slight rewrite of the tools/dnszonetemplate.php file. Catch round-robin aliases
	    (destination was previosly labeled as 'Array' :).
	    + De globalize initial base values (domain and defaultdomain).

	GUI layout changes
	  - Support viewing, changing and deleting the AFSDB records.
	  - Replace the 'A' name for the domain address in the DNS view for a domain. Call
	    it just that - 'Domain address'.
	  - Accept empty NS, MX and/or AFSDB records (don't show empty <td></td>) in the
	    DNS view for a domain.
	  - Add a pluralis suffix for MX/NS in the DNS view for a domain if there is
	    more than one value.

	Misc changes
	  - ACI is good - enable it by default in the 'demo/database-main.ldif' file.
	  - Remove hardcoded attributes with the PQL_ATTR_* defines from
	    include/attrib.dnszone.inc:attribute_translate_type().

phpQLAdmin 2.2.5 Release (Jun 18 2005)
	Bug fixes
	  - Include the ./include/pql_session.inc file in ./control.php to avoid PHP errors etc.
	  - Extract only the LDAP URI/URL (instead of using the whole USER_HOST session
	    variable) in the control_add_server.php page.
	  - If we're creating a Kerberos V password, we should NOT create a {KERBEROS}.
	    This is the old, depricated format. Instead, return a {SASL} formated 'password'.
	  - If the login shell value is set, remember it throughout the form via a hidden input
	    in 'tables/user_add-additional.inc'.
	    + Catch this in the user details/data page as well.
	  - Don't call pql_header() with the URI session variable in index.php. This is added
	    inside the function pql_header(). Patch by Sergio Monteiro Basto.
	  - Complete rewrite of include/pql_session.inc. This time it works as I intended!
	    + Extract our location in the file system using the PHP define __FILE__ as base.
	    + Extract our location on the webserver using the server variable DOCUMENT_ROOT
	      _and_ the PHP define __FILE__ as base.
	    + Extract the server name (including protocol, FQDN and port) using the server
	      variable HTTP_REFERER as base.
	    = This will give uniq sessions, even if running multiple phpQLAdmin's on the same
	      (virtual) server (previosly ALL cookies had the path '/').
	  - When calculating the UNIX timestamp from the LDAP server, the value's can be
	    zero (which is perfectly ok). But that makes the if() fail - use 'if(isset(value))'
	    instead.
	  - Don't process ezmlm list if the array is empty.
	  - Correctly create PTR records in the Bind9 manager.
	    Closes: #276
	  - Correctly show PTR records in the Bind9 manager.
	    Closes: #277
	  - Allow for ADDING a round-robbin alias to existing alias(es).
	    Closes: #278
	  - Allow Bind9 MX priority to be '0' (was treated as 'unset' previosly).
	  - Support multiple CNAME and SRV's (faulty variable initialisation in pql_bind9_get_zone()).
	  - Fix changing of record type for a host.

	GUI layout changes
	  - When changing the delivery mode for a user, retreive existing value(s) and fill
	    the selects.
	  - Include the delivery program (if set) in the user details->Delivery mode page.
	  - Add listeners and overlay statistics information to the stats (basic) page.
	  - Prettify the connection status page a little.
	  - Separate the operations information into it's own table (still in the Connections
	    status page though).
	    + Add status information for ALL operations ('Bind', 'Unbind', 'Add', 'Delete',
	     'Modrdn', 'Modify', 'Compare', 'Search', 'Abandon' and 'Extended').
	    + Show initiated _and_ completed in addition to 'average per minute'.
	    + The 'average per minute' should be based on the _completed_ operations, not
	      the initiated.
	  - Slightly better looking output from the DNS zone creation script.
	    + Output any PTR's correctly.
	  - Before showing the 'Forwarders to other accounts', make sure we really HAVE any
	    forwarders to show!
	  - When adding a host in a DNS zone, note that the destination MUST contain a dot
	    if it's not an IP and it's not in the same zone it's being added to.
	  - Show NS and MX records as well in the 'DNS Zone' domain view.

	Misc changes
	  - Instead of using the template _name_ in 'tables/user_add-additional.inc', use the
	    template _array_ (which is retreived in ./user_add.php). This will save us a whole
	    lot of time and LDAP requests. Especially considering it's done twenty times,
	    only in 'tables/user_add-additional.inc'!
	  - Create the mailMessageStore/{cur,new,tmp} directories if it's a mail account.
	  - Don't show the 'QmailLDAP/Controls Options' in the domain details if the user
	    isn't allowed to administrate controls (or is super admin).
	  - Don't show the 'Access Control Information' button if user isn't super-admin.
	    This is a _very_ dangerous operation and shouldn't be allowed to be changed
	    by just anyone.

phpQLAdmin 2.2.4 Release (May 14 2005)
	Bug fixes
	  - Figure out if user is ezmlm administrator in any branch. If yes (and ezmlm is
	    in use), then show ezmlm list frame.
	  - Load defaults.inc for _EACH_ dn configure (within the foreach(branches) loop).
	  - Fix toggle of 'user_details/access:Administrate QmailLDAP/Controls'.
	  - After changing a global configuration option, add the user DN correctly to the
	    redirect link - controlsAdministrator uses 'delval' as information on which
	    user we're changing for example.
	  - The old java function refreshFrames() don't seem to work any more (!?!?). Instead
	    manually reload all frames using 'parent.frames.<FRAME>.location.reload()'.
	  - Information about the minimum[UG]IDNumber is in the base object, so
	    pql_get_next_ugidnumber() needs to be called with the rootdn as third
	    option.
	  - The value retreived by pql_get_define() for the minimum[UG]IDNumber is
	    NOT an array, so if it's defined, but not an array -> make it an array.
	    This so that pql_get_next_ugidnumber() will work correctly.
	  - When finding the first availible [ug]id number, the [ug]idNumber is NOT
	    an array, so take the WHOLE value, not the [0] (which will be the first
	    character in the value).
	  - Improve the scripts/create_user.pl script.
	    + Try to create Kerberos V prinicipal if userPassword contain either
	      '{KERBEROS}' (old, depricated format) _or_ '{SASL}' (new format).
	    + Don't try to create Kerberos V principal if it already exists.
	    + Error checking.
	  - If we're adding a Kerberos V principal, then we need to save the autogenerated
	    (if availible) password. This is later used in the 'kadmin' command to set
	    the password for the principal.
	  - Add the posixGroup object if the user is created with the posixAccount
	    object class. Previosly, it was only created if it was a 'system' account
	    (which is not done any more, with the template stuff and all).

	GUI layout changes
	  - If we're debugging, we state what tables/user_add* file we're including
	    from user_add.php.
	  - Don't show an empty/non-existant email address in the user details->Registered
	    addresses table.
	    + Don't offer to 'Create new alias' either...
	  - If we're using the Kerberos V password scheme, then we shouldn't show the
	    'Autogenerate password' and 'Password is already encrypted'.
	    + However, we should show the autogenerated password (if any) below the
	      'original' password promt (which contains the principal).

	Misc changes
	  - If we allow the 'clearTextPassword' attribute, put it in the object (if it's
	    defined).
	  - Rename the internal group account to 'internal_group' to allow user/admins
	    to create their own 'group' account.

phpQLAdmin 2.2.3 Release (Apr 25 2005)
	Bug fixes
	  - The updating of the session (password for the logged in user) was to late.
	    The function pql_modify_attribute() does some reading from the DB _after_
	    the password have been modified which lead to failures (wrong credentials
	    returned from the LDAP server).
	    Closes: #256
	  - Move the 'path fixing' from user_add.php to pql.inc:pql_fix_path() and add
	    a replace for dots.
	    Closes: #249
	  - Spelling error in 'include/attrib.control.badrcptto.inc':
	    s/$_REQUEST["host"]/$_REQUEST["mxhost"]/;
	    Closes: #252
	  - Spelling error in 'include/attrib.control.smtproutes.inc':
	    s/pql_set_define/pql_get_define/;
	    Closes: #253
	  - Document (via the FAQ) that the ldap.conf:BASE option should be removed.
	    Closes: #254
	  - When a branch only had ONE additional domain name, they where not included
	    in a manual RCPTHosts (probably not for a 'locals' either) replication.
	    Fix this and make sure that any domain names found isn't duplicated.
	    Closes: #257 (part 1)
	  - Document the replacement of 'illegal' characters in (mail) paths to
	    doc/README.directories.
	    Closes: #249
	  - ONLY (!) change 'gecos', 'sn' and/or 'givenName IF the attribute already
	    exists in the object!
	    Closes: #255
	  - Spelling error(s) in include/attrib.control.locals.inc:
	    s/RCPTHOSTS/LOCALS/g;
	    Closes: #257 (part 1b)
	  - After deleting a user, the browser got redirected to domain details,
	    view=basic (which don't exists). This lead to an empty domain details page
	    being shown.
	  - Attribute forwarding function in user_edit_attribute.php used an (old,
	    non-up to date) version of the '$url' array. It get's changed in 
	    'include/attrib.modrdn.inc'. Re-generate the array with 'fresh' values.
	  - Don't Base64/UTF8 decode the old value before showing it to the browser -
	    it's already done.
	  - The new RDN have the same attribute reference as the old, so show this
	    to the user/admin so we don't end up with input such as 'uid=xxx' which
	    would lead to a faulty DN: 'uid=uid=xxx'...
	  - Use the 'xxx' value (see point two above), NOT 'uid=xxx' for calculating
	    how big input field the new RDN should have.
	  - When we've successfully (and non-successfully to for that matter) renamed
	    the RDN we must update the 'global' user reference variable to be able to
	    get the correct user view.
	  - Somewhere between 2.0 and 2.1, the internationalization was removed (not
	    intentionally that I know of!). Make sure all DN's are Base64/UTF8 encoded
	    before calling PHP ldap* function(s).
	    Closes: #259
	  - Single badMailFrom values in the database wasn't shown on the page - not
	    an array. Solution was to convert it to an array if it wasn't already.
	    + Spelling error in PHP (missing equal as '<?=') in the URL to 'Add additional
	      address'.
	    Closes: #260
	  - When an object class violation occured when adding an attribute to a object,
	    the combination of the old and the new object classes failed. Fix...
	    Closes: #263
	  - Correctly merge two arrays togheter using new pql_add2array() function.
	  - When retreiving domains and user reference for the specific root DN isn't
	    set/known, use a 'resonable default' (uid).
	  - If the root DN is a 'dc' object and domain/branch reference is 'ou',
	    we MUST use 'organizationalUnit' in the object class filter, otherwise
	    the domain/branch isn't "remembered".
	  - After retreiving all resonable domains/branches, sort the array correctly
	    by only using the actual domain/branch _name_, not it's DN.
	  - Only the _first_ root DN was only added to the BASE_DN session array.
	    Add the DN only if: It isn't already there, the array isn't set/known or
	    it's already an array.
	  - Show users in domain/branch if the show_users value is either empty (which
	    means: 'use default' => 'Yes') or specifically set to 'Yes'.
	  - If organization name is a domain name (bayour.com for example), then we
	    must IDNA decode the value, othervise just URL decode it...
	  - Don't IDNA decode the domain/branch DN's in 'Put user in subbranch' selector.
	    The're already decoded.
	  - If the fifth (new value) option to pql_modify_attribute() is an array, the
	    functions third (attribute) option should be unset...
	    Closes: #264
	  - Some of the PopBeforeSmtp stuff is multivalued, but pql_get_attribute() isn't
	    returning array for single values any more. Convert an existing value to array.
	    Closes: #261

	Misc changes

phpQLAdmin 2.2.2 Release (Apr  8 2005)
	Bug fixes
	  - If the additional domain name value in the branch object is defined, but
	    not an array -> make it an array.
	  - When ticked 'Add to all hosts', we must first GET all hosts, then change
	    value(s) in each one in turn.
	    Closes: 234
	  - Copy the save function from 'include/attrib.control.rcpthosts.inc' and
	    put it in 'include/attrib.control.locals.inc'. It does exactly what it's
	    supposed to - change value(s) on (all) host(s).
	  - If we're changing a toggle, include 'submit=1' in the change URL.
	    Closes: 235, 236, 237, 238
	  - Do not de-array the username value in 'user_add_attribute.php'.
	    Closes: 240
	  - Globalize the listno value ($_REQUEST["listno"]) in ezmlm_detail.php.
	    This so that we don't need to complicate the list information retreival
	    in 'tables/ezmlm_details-{detail,lists}.inc'.
	  - Missing { and/or } in change password form lead to pql_password_hash()
	    generating a default scheme encrypted password.
	    + REPLACE password, not ADD to object.
	    Closes: 241
	  - Before we modify the 'mobile', 'vatNumber' or 'info' for a branch object,
	    we must first verify that it contains the object class 'phpQLAdminInfo'.
	    This because all these attributes exists in other object classes which
	    takes precedence when phpQLAdmin tries to figure out which missing object
	    class to add when the modify failed because of a object class violation.
	    Closes: 242
	  - If there was a MX for a domain, but no QLC object(s), the 'User host'
	    value (user creation) was empty. Rewrite so that we first create an
	    array with the MX value and QLC object(s) (avoiding duplicates) THEN
	    output this array in the form.
	    Closes: 243
	  - Adding a value (a mail alias for example) for a user and the user have
	    multiple 'cn' values the informational text was 'Array'. Take the first
	    value we have.
	    Closes: 244
	  - When modifying a user which have a missing object class in an object
	    which only have _one_ object class, we (phpQLAdmin) ended up with a PHP
	    error ('[] operator not supported for strings'). Solution is to make sure
	    values retreived is converted to array if it isn't already.
	    Closes: 245
	  - In OpenLDAP <2.1 duplicates (same attribute, same value multiple times)
	    was allowed. It isn't any more, so when replication locals/rcpthosts
	    we (phpQLAdmin) must remove any duplicates to avoid a LDAP modify error.
	    Closes: 246

	Misc changes
	  - Remove 'tables/.htaccess' and 'include/.htaccess'. These are left overs
	    from phpQLAdmin <1.1 (when there was no login system other than htpasswd).
	  - Don't start with the second branch ('el1Child') unfolded.
	  - Replace all references to 'bayour.com' with 'phpqladmin.com' which is the
	    new site.

phpQLAdmin 2.2.1 Release (Mar 17 2005)
	Bug fixes
	  - If we can't find the givenName, surName, commonName nor the gecos
	    in the user object we have one last chance - the 'user reference'
	    attribute. It might not be pretty, but we see the user...
	  - Include the displayed 'cn' value (in 'tables/user_details-basic.inc')
	    in the call to 'user_edit_attribute.php'. This so that we change a
	    _specific_ value, not the whole attribute list.
	    + Make sure we only replace that value and not the whole thing in
	      'include/attrib.cn.inc'.
	  - Check if inclusion of home directory should be done outside the check
	    if mail host is allowed. Two separate things...
	  - Hardcode the group account template into include/pql_templates.inc:pql_get_templates()
	    This because the user add part needs object classes etc to be able to
	    work.
	  - Neither of the QmailLDAP schema's are STRUCTURAL (the're AUXILIARY) so
	    we must use 'person' and either 'uidObject' (if referencing users with
	    'uid') or 'qmailUser' as well as 'qmailGroup' when creating QmailLDAP
	    group objects. This because OpenLDAP >2.1 _require_ one STRUCTURAL object
	    class.
	  - If multi-valued QmailLDAP group values in tables/user_details-group.inc
	    _isn't_ multi-valued (i.e. not an array), then _make it_ an array. This
	    so that include/pql_formating.inc:pql_format_table_single() works correctly.
	  - The ACI generation function include/config.inc.CHANGE_ME:user_generate_aci()
	    didn't correctly generate access for all the necessary attributes that
	    QmailLDAP needs. Take MY working function part...

	GUI layout changes
	  - User addition errors is 'tabbed' to the right (aligned with the input
	    fields etc).
	  - If 'MAY' attributes in a user template is empty/unset, we specify
	    'None' instead of an empty line.

	Misc changes
	  - More folding tags added 
	  - Rewrite/Simplify the password encrypt scheme thing. Retreive the
	    values ONES (in 'user_add.php') instead of every time we need to know
	    if a specific value is there (in 'tables/user_add-details.inc').
	  - After using header() one MUST (!) use 'exit' so that the following code
	    isn't executed! Had no idea, just saw it in the manuall.
	    Replace all calls to header() with my own wrapper that does just that -
	    Calls header() (including the URI session value) and then 'exit'...

phpQLAdmin 2.2.0 Release (Mar  2 2005)
	This new stable version is more or less a complete rewrite since 2.0.
	2.2.0 is the same as 2.1.5 (exept the change logs etc).

[all changelog for <2.2 branch have been removed for space reasons]
