[qmailadmin] /open/ in qmailadmin's url

[Rick Widmer]

Ask me about PHP, or maybe Turbo Pascal/Delphi and I've got quite a bit 
of practice... this is my first big c project, so please be gentle...

I have modified QmailAdmin so that almost all the HTML code is in the 
templates.  Outside of mailinglist.c there are only 8 lines [1] with any 
HTML in them.   I can read and display everything, and it still looks 
the same on the browser.

I have updated show_mailinglist.html and the associated code in 
mailinglist.c, but [add|mod]_mailinglist* gave me a headache, so I 
decided to save then for last.  No promises on me moving the maling list 
 entry fields to the templates.

In searching QmailAdmin for dead code, I've found a few unused template 
tags and functions that never get called.   I'll submit patches once the 
next stable release is out,

I am having trouble figuring out what is happening in qmailadmin.c about 
line 190.  Much of the code in this file is a big three state if.  The 
first, 'if( strcmp(pi, /com/, 5)==0)' looks for the string /com/ in 
the right place of the url which indicates that some command has been 
requested.  It does some setup then calls process_commands() to do 
whatever.  The final else case checks the users' access rights then 
choses one of two menus.

This leaves the middle 'else if( strncmp(pi, /open/, 6)==0)'.  I don't 
see where it does anything but try to setuid() and setgid(), then it 
calls vclose() and exit(0).  Also, I don't see anywhere in the code that 
would compose a URL with /open/ in it.  I think this might be obsoloete 
code that should be removed, but I would like a second opinion.

There are still some bugs, and I need to add several more options to 
##t?.  My worst problem is I have broken the login/session logic.  It 
would be great if someone could give me a high level description of how 
security is supposed to work.  Specificly how and what session data is 
stored, and how is the .qw file used.  I see the IP address in there, 
but what else, and why?

What is the difference in abilities between DOMAIN_ADMIN and USER_ADMIN? 
 I know where they come from, but how are they supposed to affect what 
the user can do?

Is the color table something that is being added, or ignored?  Some 
existing code uses it, but not much.  Should I expand its use or remove it?

Rick

[1] HTML Tags that are left in the source code:

font color=red  3
BR  1
i   2
img 1
a   1
 img and a are in functions that return an image tag and a link 
that displays an image.  (qmail_button, qmail_icon and maybe qmail_link)

Re: [qmailadmin] /open/ in qmailadmin's url

[Philipp Wagner]

Rick Widmer wrote:

Ask me about PHP, or maybe Turbo Pascal/Delphi and I've got quite a bit 
of practice... this is my first big c project, so please be gentle...

I have modified QmailAdmin so that almost all the HTML code is in the 
templates.  Outside of mailinglist.c there are only 8 lines [1] with any 
HTML in them.   I can read and display everything, and it still looks 
the same on the browser.

[...]

Rick

[1] HTML Tags that are left in the source code:

font color=red  3
Are that errormessages? I would say, simply using a div tag like div
class=error and an declaration of how that should look in the
template would be enough.
BR 1
could we replace that with br / for XHTML-conformity?

i 2
I would replace that with a div-tag and css-formatting, too. We are then
XHTML conform for the HTML-tags that are in the c-files, what each
designer does with the templates is then his problem.
img  1
a   1
I would say, these two are no big problem, perhaps we could give them a
additional CSS-class, if someone wants to modify them (a border or whatever)
 img and a are in functions that return an image tag and a link that 
displays an image.  (qmail_button, qmail_icon and maybe qmail_link)
greetings, Philipp