Ask me about PHP, or maybe Turbo Pascal/Delphi and I've got quite a bit
of practice... this is my first big c project, so please be gentle...
I have modified QmailAdmin so that almost all the HTML code is in the
templates. Outside of mailinglist.c there are only 8 lines [1] with any
HTML in them. I can read and display everything, and it still looks
the same on the browser.
I have updated show_mailinglist.html and the associated code in
mailinglist.c, but [add|mod]_mailinglist* gave me a headache, so I
decided to save then for last. No promises on me moving the maling list
entry fields to the templates.
In searching QmailAdmin for dead code, I've found a few unused template
tags and functions that never get called. I'll submit patches once the
next stable release is out,
I am having trouble figuring out what is happening in qmailadmin.c about
line 190. Much of the code in this file is a big three state if. The
first, 'if( strcmp(pi, /com/, 5)==0)' looks for the string /com/ in
the right place of the url which indicates that some command has been
requested. It does some setup then calls process_commands() to do
whatever. The final else case checks the users' access rights then
choses one of two menus.
This leaves the middle 'else if( strncmp(pi, /open/, 6)==0)'. I don't
see where it does anything but try to setuid() and setgid(), then it
calls vclose() and exit(0). Also, I don't see anywhere in the code that
would compose a URL with /open/ in it. I think this might be obsoloete
code that should be removed, but I would like a second opinion.
There are still some bugs, and I need to add several more options to
##t?. My worst problem is I have broken the login/session logic. It
would be great if someone could give me a high level description of how
security is supposed to work. Specificly how and what session data is
stored, and how is the .qw file used. I see the IP address in there,
but what else, and why?
What is the difference in abilities between DOMAIN_ADMIN and USER_ADMIN?
I know where they come from, but how are they supposed to affect what
the user can do?
Is the color table something that is being added, or ignored? Some
existing code uses it, but not much. Should I expand its use or remove it?
Rick
[1] HTML Tags that are left in the source code:
font color=red 3
BR 1
i 2
img 1
a 1
img and a are in functions that return an image tag and a link
that displays an image. (qmail_button, qmail_icon and maybe qmail_link)