secure api-key generation, dns-record as well as ssl-certificate deletion, logo uploading, frame-inclusion and user/email enumeration via 'forgot password'

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2022-12-02 09:22:08 +01:00
parent 0e703a4199
commit 4d454a3903
8 changed files with 257 additions and 210 deletions
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -2140,4 +2140,6 @@ $lng['error']['pathmustberelative'] = 'The user does not have the permission to
 $lng['serversettings']['acmeshpath']['title'] = 'Path to acme.sh';
 $lng['serversettings']['acmeshpath']['description'] = 'Set this to where acme.sh is installed to, including the acme.sh script<br>Default is <b>/root/.acme.sh/acme.sh</b>';

-$lng['question']['api_reallydelete'] = 'Do you really want to delete the api-key #%d?';
+$lng['question']['api_reallydelete'] = 'Do you really want to delete the api-key #%d?';
+$lng['question']['dnsentry_reallydelete'] = 'Do you really want to delete the dns entry #%d?';
+$lng['question']['certificate_reallydelete'] = 'Do you really want to delete the certificate #%d?';