diff --git a/actions/admin/settings/210.security.php b/actions/admin/settings/210.security.php index 8a08a457..7bba9999 100644 --- a/actions/admin/settings/210.security.php +++ b/actions/admin/settings/210.security.php @@ -35,7 +35,7 @@ return array( 'settinggroup' => 'system', 'varname' => 'mailpwcleartext', 'type' => 'bool', - 'default' => true, + 'default' => false, 'save_method' => 'storeSettingField', ), 'system_passwordcryptfunc' => array( diff --git a/install/froxlor.sql b/install/froxlor.sql index 058d9a10..b7f30869 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -543,7 +543,7 @@ opcache.interned_strings_buffer'), ('system', 'defaultsslip', ''), ('system', 'phpappendopenbasedir', '/tmp/'), ('system', 'deactivateddocroot', ''), - ('system', 'mailpwcleartext', '1'), + ('system', 'mailpwcleartext', '0'), ('system', 'last_tasks_run', '000000'), ('system', 'nameservers', ''), ('system', 'mxservers', ''), diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index 8775effd..9f20c957 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -292,6 +292,12 @@ return array( 'label' => $lng['admin']['autoupdate'], 'required_resources' => 'change_serversettings', 'show_element' => extension_loaded('zip') + ), + array( + 'url' => 'admin_settings.php?page=wipecleartextmailpws', + 'label' => $lng['admin']['wipecleartextmailpwd'], + 'required_resources' => 'change_serversettings', + 'show_element' => (Settings::Get('system.mailpwcleartext') == true) ) ) ), diff --git a/lng/english.lng.php b/lng/english.lng.php index a409f5da..285037db 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -518,8 +518,8 @@ $lng['changepassword']['also_change_webalizer'] = ' also change password for the $lng['serversettings']['mailpwcleartext']['title'] = 'Also save passwords of mail accounts unencrypted in database'; $lng['serversettings']['mailpwcleartext']['description'] = 'If this is set to yes, all passwords will also be saved unencrypted (clear text, plain readable for everyone with database access) in the mail_users-table. Only activate this if you intend to use SASL!'; -$lng['serversettings']['mailpwcleartext']['removelink'] = 'Click here to wipe all unencrypted passwords from the table.'; -$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Do you really want to wipe all unencrypted mail account passwords from the table mail_users? This cannot be reverted!'; +$lng['admin']['wipecleartextmailpwd'] = 'Clear plaintext passwords'; +$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Do you really want to wipe all unencrypted mail account passwords from the table mail_users? This cannot be reverted! The setting to store email passwords unencrypted will also be set to OFF'; $lng['admin']['configfiles']['overview'] = 'Overview'; $lng['admin']['configfiles']['wizard'] = 'Wizard'; $lng['admin']['configfiles']['distribution'] = 'Distribution'; diff --git a/lng/german.lng.php b/lng/german.lng.php index e45d5c0b..b4e6939b 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -513,8 +513,8 @@ $lng['changepassword']['also_change_webalizer'] = ' Auch Passwort der Statistiks $lng['serversettings']['mailpwcleartext']['title'] = 'Passwörter der Mail-Konten auch im Klartext in der Datenbank speichern'; $lng['serversettings']['mailpwcleartext']['description'] = 'Wenn diese Einstellung auf Ja gesetzt wird, werden alle Passwörter auch unverschlüsselt (also im Klartext, für jeden mit Zugriff auf die Froxlor-Datenbank sofort lesbar) in der mail_users-Tabelle gespeichert. Aktivieren Sie diese Option nur dann, wenn Sie SASL nutzen!'; -$lng['serversettings']['mailpwcleartext']['removelink'] = 'Klicken Sie hier, um alle unverschlüsselten Passwörter aus der Tabelle zu entfernen.'; -$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Wollen Sie wirklich alle unverschlüsselten Passwörter aus der Tabelle mail_users entfernen? Dieser Schritt kann nicht rückgängig gemacht werden!'; +$lng['admin']['wipecleartextmailpwd'] = 'Klartext-Passwörter leeren'; +$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Wollen Sie wirklich alle unverschlüsselten Passwörter aus der Tabelle mail_users entfernen? Dieser Schritt kann nicht rückgängig gemacht werden! Die Einstellung für das Speichern der E-Mail Konten Passwörter in Klartext wird hierbei ebenfalls deaktiviert.'; $lng['admin']['configfiles']['overview'] = 'Übersicht'; $lng['admin']['configfiles']['wizard'] = 'Assistent'; $lng['admin']['configfiles']['distribution'] = 'Distribution';