maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
3,539 Commits 6 Branches 188 Tags
a468fe50df22fe82abd34a620a301d856ea4eac6
Commit Graph

66 Commits

Author SHA1 Message Date
Michael Kaufmann (d00p)
b56414ed0e add sql-query of last statement to sql-debug for debugging purposes; fix default-ssl-ip setting and allow 'none' value 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-02-21 12:16:50 +01:00
Michael Kaufmann (d00p)
5524ff7cae fixes in Customers::update() 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-02-19 11:36:01 +01:00
Michael Kaufmann (d00p)
dd371c72a2 start api implementation 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-02-15 07:47:35 +01:00
Michael Kaufmann (d00p)
f3733ca249 set apache-2.4 as default ON also in froxlor.sql; fix wrong DbManagerMySQL::disableUser, fixes #505 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-18 19:50:28 +01:00
Michael Kaufmann (d00p)
1e03946df7 set sql_mode to disable STRICT_MODE usage for froxlor, thx to albech for the hint 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-11-08 07:49:40 +01:00
Oliver Hader
2e7133d619 [SECURITY] Information disclosure on database failures 
In case the database is not responding, e.g. due to "too many connections"
cut-off database credentials might be shown and system path be revealed.
In terms of security this is considered as information disclosure.
 2016-06-04 20:41:03 +02:00
Michael Kaufmann (d00p)
4ec376b296 log db errors to syslog and remove tmp-error-logs for reporting in cronrun 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-07-29 13:19:32 +02:00
Michael Kaufmann (d00p)
8558533a91 replace passwords even before logging, not just for display 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-07-29 13:11:38 +02:00
Michael Kaufmann (d00p)
94f3b99ad0 do not show error-trace / sensitive data when db-server is down or login credentials are wrong 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-06-11 21:00:45 +02:00
xWuZaa
bd5647351e Add custom port to userdata.inc.php 2015-05-07 19:58:48 +02:00
Michael Kaufmann (d00p)
c482db8c89 prepare database-class to have a separate socket-option, not as replacement for 'host' 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-02-10 16:13:14 +01:00
Michael Kaufmann (d00p)
909c6a8bdf allow private-network ip-addresses for database-connection, fixes #1489 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-02-08 17:35:31 +01:00
Michael Kaufmann (d00p)
c1ff010283 allow 'localhost' or any local-hostname for db-connection 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-01-08 14:39:52 +01:00
Michael Kaufmann (d00p)
c0f2745d30 of course, still allow localhost/127.0.0.1 as valid-ip xD 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-01-07 16:34:58 +01:00
Michael Kaufmann (d00p)
82fdb84e61 give possibility to specify a socket-file as 'host' in userdata.inc.php to connect via mysql-socket instead of hostname; not a setting because this might break some other stuff (mysql-access-hosts -> problems when adding mysql-users/databases, etc.) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-01-07 15:13:32 +01:00
Michael Kaufmann (d00p)
5d5062c262 make ownership-hint a bit larger like the db-error-page; add theme-fallback to database-error-function to avoid this stupid 'we are sorry, but a MySQL - error occurred'-message 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-12-29 21:42:28 +01:00
Michael Kaufmann (d00p)
19f5f2a7a4 remove static copyright-year in templates; fix possible undefined theme-variable in phpErrHandler by specifying a fallback-default 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-12-19 09:49:33 +01:00
Michael Kaufmann (d00p)
25fa9a8121 various tiny improvements 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-07-09 09:39:26 +02:00
Michael Kaufmann (d00p)
3c8bf348d1 fight stupidity - teach your customers not to use password == username 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-05-18 11:16:35 +02:00
Michael Kaufmann (d00p)
69ec85ef19 fix setting of passwords in case mysql-access-hosts list gets changed, fixes #1407 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-04-14 14:35:12 +02:00
Florian Aders (EleRas)
b661547817 Correcting PDO - Constant, fixes #1382 
Signed-off-by: Florian Aders (EleRas) <eleras@froxlor.org>
 2014-02-20 08:29:26 +01:00
Roman Schmerold (BNoiZe)
5b7fe8cf88 Fixed encoding with new database class, fixes #1343 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2013-12-29 15:11:18 +01:00
Michael Kaufmann (d00p)
9fca6a7953 don't rely on Database-functions for getting sql/sql_root data in error-reporting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-24 09:48:57 +01:00
Michael Kaufmann (d00p)
d831d06da9 don't show 'nice' error if no is specified and disguise passwords of sql-accounts, fixes #1336 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-22 18:14:55 +01:00
Michael Kaufmann (d00p)
558108008a more implementing of new Settings class, refs #1325 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-15 12:40:24 +01:00
Michael Kaufmann (d00p)
276d6b30d1 first few implementations of new Setting-class, refs #1325 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-15 11:47:23 +01:00
Michael Kaufmann (d00p)
682defcbcf fix tiny sql-query error when using APS and correct DbManager-replacers 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-13 08:07:52 +01:00
Michael Kaufmann (d00p)
49b2cf68e9 return the generated user-/databasename after adding the database because it's needed 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-05 14:56:36 +01:00
Michael Kaufmann (d00p)
c3336b7d0f fix correctMysqlUsers() function for new pdo-class, also created new wrapper for dbms-specific queries to possibly give the freedom to use anything else but MySQL (no promises so far) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-05 13:55:01 +01:00
Michael Kaufmann (d00p)
83a77acc02 fix usage of sql-server description and info in customer-mysql, thx Sephi 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-03 22:58:56 +01:00
Michael Kaufmann (d00p)
84f973ce26 fix html-tag in preconfig, fix missing global in database-class, change description of password-reset-setting accordingly to new activation-link-procedure 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-02 20:39:15 +01:00
Michael Kaufmann (d00p)
30f7d0a070 make send-report an option for admin and customer (section: security) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-12-02 20:26:39 +01:00
Michael Kaufmann (d00p)
1e87c21956 removed deprecated db-class (mysql-extension) as it is not needed anymore 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-30 15:32:57 +01:00
Michael Kaufmann (d00p)
88ec1a15f1 make linker available in Database class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-29 12:55:10 +01:00
Michael Kaufmann (d00p)
defdaeee2e first implementation of error-reporting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-29 11:09:16 +01:00
Michael Kaufmann (d00p)
81c0771f3b corrected Database::needSqlData() and Database::getSqlData(), refs #1287 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-26 09:08:27 +01:00
Michael Kaufmann (d00p)
a2dbf56d2e migrated correctMysqlUsers() function to new PDO database class, refs #1287 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-26 08:13:05 +01:00
Michael Kaufmann (d00p)
7a45a534fc added functions to get sql-data to Database-class, migrated backup-cron to new PDO database class, refs #1287 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-20 10:01:34 +01:00
Michael Kaufmann (d00p)
fa5f1900f0 add trace to database error-log-message (it just helps a lot finding the error); fixed queries in fpm und fcgid class; minor cosmetic changes 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-08 08:54:44 +01:00
Michael Kaufmann (d00p)
f2643103b3 completed migration of ticket-class to PDO database class and bugfixing admin-tickets, refs #1287 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-06 15:24:39 +01:00
Michael Kaufmann (d00p)
94a5edc1eb implement pexecute_first to PDO database class to return a result right away 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-06 10:51:50 +01:00
Michael Kaufmann (d00p)
af2c068970 migrated update script to PDO database class, refs #1287 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-11-04 11:34:57 +01:00
Michael Kaufmann (d00p)
256a714d55 enhanced pdo database class; migrated admin_logger and admin_traffic 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-31 15:46:38 +01:00
Michael Kaufmann (d00p)
b618dd4e00 ehance new PDO database class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-30 14:38:04 +01:00
Michael Kaufmann (d00p)
8172cb8fc0 add possibility to use root-mysql-connection to new database class 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-29 14:24:50 +01:00
Michael Kaufmann (d00p)
5d8906f1d8 enhance new PDO Database class; converted admin_cronjobs 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-29 09:02:49 +01:00
Michael Kaufmann (d00p)
a14f04c25b Added new database-class based on PHP-PDO to use prepared-statements; implemented new Database-class in admin_index (more to follow, old DB class still in use everywhere else); secure standard_error back-link output 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-29 08:22:17 +01:00
Michael Kaufmann (d00p)
92243991bc finally output a nice error-message on mysql-errors 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-13 12:59:43 +02:00
Michael Kaufmann (d00p)
b480a0be57 a few fixes here and there, imporved autoloader, updated database-class (ugly old php4 style), removed two functions which will be included in the following updated installer 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-13 10:39:11 +02:00
Michael Kaufmann (d00p)
b779a67e60 create sql-error.log file for database errors so support/debugging will be easier 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-09 15:58:05 +02:00