Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@

This file documents all notable changes made to ITFlow.

## [26.07.1]

### Bug fixes
- Fixed broken M365 and Google Workspaces OAUTH2 in Mail Settings.


## [26.07]

### Major Changes
Expand Down
96 changes: 47 additions & 49 deletions admin/post/settings_mail.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,28 +10,26 @@

validateCSRFToken($_POST['csrf_token']);

// Save current IMAP/OAuth form values first so auth flow always uses latest inputs.
$config_imap_provider = sanitizeInput($_POST['config_imap_provider'] ?? '');
$config_imap_username = sanitizeInput($_POST['config_imap_username'] ?? '');
$config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id'] ?? '');
// Save the OAuth credential fields from this form so the auth flow uses the latest inputs
$config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id'] ?? '');
$config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret'] ?? '');
$config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id'] ?? '');
$config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id'] ?? $config_mail_oauth_tenant_id);
$config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token'] ?? '');
$config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token'] ?? '');
$config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token'] ?? '');

mysqli_query($mysqli, "UPDATE settings SET
config_imap_provider = '$config_imap_provider',
config_imap_username = '$config_imap_username',
config_mail_oauth_client_id = '$config_mail_oauth_client_id',
config_mail_oauth_client_id = '$config_mail_oauth_client_id',
config_mail_oauth_client_secret = '$config_mail_oauth_client_secret',
config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
config_mail_oauth_refresh_token = '$config_mail_oauth_refresh_token',
config_mail_oauth_access_token = '$config_mail_oauth_access_token'
config_mail_oauth_access_token = '$config_mail_oauth_access_token'
WHERE company_id = 1
");

if ($config_imap_provider !== 'microsoft_oauth') {
flash_alert("Please set IMAP Provider to Microsoft 365 (OAuth) before connecting.", 'error');
// Check the SAVED providers (loaded from config at bootstrap), not $_POST —
// the provider dropdowns live in different forms and are never posted here
if ($config_imap_provider !== 'microsoft_oauth' && $config_smtp_provider !== 'microsoft_oauth') {
flash_alert("Please set the SMTP or IMAP Provider to Microsoft 365 (OAuth) and save it before connecting.", 'error');
redirect();
}

Expand Down Expand Up @@ -80,18 +78,11 @@
validateCSRFToken($_POST['csrf_token']);

$config_smtp_provider = sanitizeInput($_POST['config_smtp_provider']);
$config_smtp_host = sanitizeInput($_POST['config_smtp_host']);
$config_smtp_port = intval($_POST['config_smtp_port'] ?? 0);
$config_smtp_encryption = sanitizeInput($_POST['config_smtp_encryption']);
$config_smtp_username = sanitizeInput($_POST['config_smtp_username']);
$config_smtp_password = sanitizeInput($_POST['config_smtp_password']);

// Shared OAuth fields
$config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id']);
$config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
$config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
$config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
$config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token']);
$config_smtp_host = sanitizeInput($_POST['config_smtp_host'] ?? $config_smtp_host);
$config_smtp_port = intval($_POST['config_smtp_port'] ?? $config_smtp_port);
$config_smtp_encryption = sanitizeInput($_POST['config_smtp_encryption'] ?? $config_smtp_encryption);
$config_smtp_username = sanitizeInput($_POST['config_smtp_username'] ?? $config_smtp_username);
$config_smtp_password = sanitizeInput($_POST['config_smtp_password'] ?? $config_smtp_password);

mysqli_query($mysqli, "
UPDATE settings SET
Expand All @@ -100,12 +91,7 @@
config_smtp_port = $config_smtp_port,
config_smtp_encryption = '$config_smtp_encryption',
config_smtp_username = '$config_smtp_username',
config_smtp_password = '$config_smtp_password',
config_mail_oauth_client_id = '$config_mail_oauth_client_id',
config_mail_oauth_client_secret = '$config_mail_oauth_client_secret',
config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
config_mail_oauth_refresh_token = '$config_mail_oauth_refresh_token',
config_mail_oauth_access_token = '$config_mail_oauth_access_token'
config_smtp_password = '$config_smtp_password'
WHERE company_id = 1
");

Expand All @@ -122,18 +108,11 @@
validateCSRFToken($_POST['csrf_token']);

$config_imap_provider = sanitizeInput($_POST['config_imap_provider']);
$config_imap_host = sanitizeInput($_POST['config_imap_host']);
$config_imap_port = intval($_POST['config_imap_port'] ?? 0);
$config_imap_encryption = sanitizeInput($_POST['config_imap_encryption']);
$config_imap_username = sanitizeInput($_POST['config_imap_username']);
$config_imap_password = sanitizeInput($_POST['config_imap_password']);

// Shared OAuth fields
$config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id']);
$config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret']);
$config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id']);
$config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token']);
$config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token']);
$config_imap_host = sanitizeInput($_POST['config_imap_host'] ?? $config_imap_host);
$config_imap_port = intval($_POST['config_imap_port'] ?? $config_imap_port);
$config_imap_encryption = sanitizeInput($_POST['config_imap_encryption'] ?? $config_imap_encryption);
$config_imap_username = sanitizeInput($_POST['config_imap_username'] ?? $config_imap_username);
$config_imap_password = sanitizeInput($_POST['config_imap_password'] ?? $config_imap_password);

mysqli_query($mysqli, "
UPDATE settings SET
Expand All @@ -142,12 +121,7 @@
config_imap_port = $config_imap_port,
config_imap_encryption = '$config_imap_encryption',
config_imap_username = '$config_imap_username',
config_imap_password = '$config_imap_password',
config_mail_oauth_client_id = '$config_mail_oauth_client_id',
config_mail_oauth_client_secret = '$config_mail_oauth_client_secret',
config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
config_mail_oauth_refresh_token = '$config_mail_oauth_refresh_token',
config_mail_oauth_access_token = '$config_mail_oauth_access_token'
config_imap_password = '$config_imap_password'
WHERE company_id = 1
");

Expand All @@ -159,6 +133,30 @@

}

if (isset($_POST['edit_mail_oauth_settings'])) {

validateCSRFToken($_POST['csrf_token']);

$config_mail_oauth_client_id = sanitizeInput($_POST['config_mail_oauth_client_id'] ?? '');
$config_mail_oauth_client_secret = sanitizeInput($_POST['config_mail_oauth_client_secret'] ?? '');
$config_mail_oauth_tenant_id = sanitizeInput($_POST['config_mail_oauth_tenant_id'] ?? $config_mail_oauth_tenant_id);
$config_mail_oauth_refresh_token = sanitizeInput($_POST['config_mail_oauth_refresh_token'] ?? '');
$config_mail_oauth_access_token = sanitizeInput($_POST['config_mail_oauth_access_token'] ?? '');

mysqli_query($mysqli, "UPDATE settings SET
config_mail_oauth_client_id = '$config_mail_oauth_client_id',
config_mail_oauth_client_secret = '$config_mail_oauth_client_secret',
config_mail_oauth_tenant_id = '$config_mail_oauth_tenant_id',
config_mail_oauth_refresh_token = '$config_mail_oauth_refresh_token',
config_mail_oauth_access_token = '$config_mail_oauth_access_token'
WHERE company_id = 1
");

logAction("Settings", "Edit", "$session_name edited mail OAuth settings");
flash_alert("Mail OAuth Settings updated");
redirect();
}

if (isset($_POST['edit_mail_from_settings'])) {

validateCSRFToken($_POST['csrf_token']);
Expand Down
2 changes: 2 additions & 0 deletions agent/ajax.php
Original file line number Diff line number Diff line change
Expand Up @@ -182,6 +182,8 @@
$item_expires_friendly = "1 month";
}

enforceClientAccess($client_id);

$item_key = randomString(32);

if ($item_type == "Document") {
Expand Down
2 changes: 1 addition & 1 deletion includes/app_version.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@
* Update this file each time we merge develop into master. Format is YY.MM (add a .v if there is more than one release a month.
*/

DEFINE("APP_VERSION", "26.07");
DEFINE("APP_VERSION", "26.07.1");
Loading