diff --git a/data/conf/dovecot/conf.d/fts.conf b/data/conf/dovecot/conf.d/fts.conf index 1ad5201f7..e8a2f73f5 100644 --- a/data/conf/dovecot/conf.d/fts.conf +++ b/data/conf/dovecot/conf.d/fts.conf @@ -21,7 +21,7 @@ plugin { fts_filters = normalizer-icu snowball stopwords fts_filters_en = lowercase snowball english-possessive stopwords - fts_index_timeout = 300 + fts_index_timeout = 300s } ### THIS PART WILL BE CHANGED BY MODIFYING mailcow.conf AUTOMATICALLY DURING RUNTIME! ### diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index 0d9f72ec6..a434582c5 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -3101,6 +3101,7 @@ function clear_session(){ session_write_close(); } function set_user_loggedin_session($user) { + session_regenerate_id(true); $_SESSION['mailcow_cc_username'] = $user; $_SESSION['mailcow_cc_role'] = 'user'; $sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass"); diff --git a/data/web/inc/triggers.inc.php b/data/web/inc/triggers.inc.php index ac477a259..02db519e4 100644 --- a/data/web/inc/triggers.inc.php +++ b/data/web/inc/triggers.inc.php @@ -32,7 +32,7 @@ if (!empty($_GET['sso_token'])) { $username = domain_admin_sso('check', $_GET['sso_token']); if ($username !== false) { - session_regenerate_id(); + session_regenerate_id(true); $_SESSION['mailcow_cc_username'] = $username; $_SESSION['mailcow_cc_role'] = 'domainadmin'; header('Location: /mailbox'); @@ -139,14 +139,14 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) { $as = check_login($login_user, $_POST["pass_user"]); if ($as == "admin") { - session_regenerate_id(); + session_regenerate_id(true); $_SESSION['mailcow_cc_username'] = $login_user; $_SESSION['mailcow_cc_role'] = "admin"; header("Location: /debug"); die(); } elseif ($as == "domainadmin") { - session_regenerate_id(); + session_regenerate_id(true); $_SESSION['mailcow_cc_username'] = $login_user; $_SESSION['mailcow_cc_role'] = "domainadmin"; header("Location: /mailbox"); @@ -154,7 +154,6 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) { } elseif ($as == "user") { set_user_loggedin_session($login_user); - session_regenerate_id(); $http_parameters = explode('&', $_SESSION['index_query_string']); unset($_SESSION['index_query_string']); if (in_array('mobileconfig', $http_parameters)) { @@ -187,7 +186,7 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) { unset($_SESSION['mailcow_cc_username']); unset($_SESSION['mailcow_cc_role']); } else { - session_regenerate_id(); + session_regenerate_id(true); } } diff --git a/update.sh b/update.sh index 268fe7326..4240dad37 100755 --- a/update.sh +++ b/update.sh @@ -682,14 +682,14 @@ migrate_solr_config_options() { read -r -p "Remove $solr_volume? [y/N] " response if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo -e "\e[33mRemoving $solr_volume...\e[0m" - docker volume rm $solr_volume || echo -e "\e[31mFailed to remove. Remove it manually!\e[0m" && exit + docker volume rm $solr_volume || echo -e "\e[31mFailed to remove. Remove it manually!\e[0m" echo -e "\e[32mSuccessfully removed $solr_volume!\e[0m" else echo -e "Not removing $solr_volume. Run \`docker volume rm $solr_volume\` manually if needed." fi else echo -e "\e[33mForce removing $solr_volume...\e[0m" - docker volume rm $solr_volume || echo -e "\e[31mFailed to remove. Remove it manually!\e[0m" && exit + docker volume rm $solr_volume || echo -e "\e[31mFailed to remove. Remove it manually!\e[0m" echo -e "\e[32mSuccessfully removed $solr_volume!\e[0m" fi fi