maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
4,747 Commits 6 Branches 188 Tags
0.10.35.1
Commit Graph

81 Commits

Author SHA1 Message Date
Michael Kaufmann
c97f5f1e29 updated README; sanitize script parameter in index.php; sanitize description fields of entities (thx to zerody for pointing these out) 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2022-01-18 09:29:13 +01:00
Michael Kaufmann
7feddf0aec generate unpredictable unique session ids 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-10-02 12:38:17 +02:00
Michael Kaufmann
319eec6124 fix session for 2fa enabled logins 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-08-27 13:17:05 +02:00
Michael Kaufmann
4b22470872 set php session security related settings (correctly in every case) 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-08-25 16:21:33 +02:00
Michael Kaufmann
5a6343b47c php8 compatibility, fixes #916 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-02-16 12:38:01 +01:00
Michael Kaufmann
26e43077c2 make customer firstname,name,company and customer-no available for all templates; fixes #808 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2020-02-29 08:16:55 +01:00
Michael Kaufmann
8294985588 require set password complexity for admins too when resetting password; display correct error message if password complexity is not satisfied 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2020-02-08 10:03:41 +01:00
Michael Kaufmann
e64e8cafa6 define logger constants in logger class 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-26 15:51:26 +01:00
Michael Kaufmann
7416a41a42 get rid of most of the checkstyle warnings 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-24 13:50:45 +01:00
Michael Kaufmann
4cd005051b fixed last remaining function calls which are class-methods now 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-23 19:34:32 +01:00
Michael Kaufmann
0401e6971a Revert "refactor global array" 
This reverts commit c5a58e3f36.
 2018-12-22 08:15:31 +01:00
Michael Kaufmann
7e39a7bc60 Revert "refactor global array" 
This reverts commit 370ccbdb74.
 2018-12-22 08:15:31 +01:00
Michael Kaufmann
370ccbdb74 refactor global array 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 20:51:44 +01:00
Michael Kaufmann
c5a58e3f36 refactor global array 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 20:31:17 +01:00
Michael Kaufmann
7c68fa7bd0 fixed a few functions I've missed 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 19:16:49 +01:00
Michael Kaufmann
7563907df5 convert html-related functions 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 18:31:06 +01:00
Michael Kaufmann
1b090377ee even more function to class conversion 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 17:41:22 +01:00
Michael Kaufmann
a819d81ef2 more function reducing and fixing 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 16:53:04 +01:00
Michael Kaufmann
0a28ef2af6 minor changes for unit-tests 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 16:32:44 +01:00
Michael Kaufmann
c0e89bbd05 refactor UI functions 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 11:22:03 +01:00
Michael Kaufmann
5888927239 get rid of more functions 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-20 12:38:18 +01:00
Michael Kaufmann
f263175802 more function reduction 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-20 09:57:00 +01:00
Michael Kaufmann
bed069f269 more function moving 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-20 08:33:32 +01:00
Michael Kaufmann
8c896d60d6 get rid of some more functions 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-20 07:43:40 +01:00
Michael Kaufmann
adc627ca4e minor fixes to template engine for now 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-19 20:38:29 +01:00
Michael Kaufmann
26510f0745 removing more ticket-stuff; update all unit-tests 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-19 19:42:50 +01:00
Michael Kaufmann
8e84a4ff44 correct use of Database use 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-19 16:57:03 +01:00
Michael Kaufmann
6329042d40 use namespaces in modules 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-18 13:45:05 +01:00
Michael Kaufmann
db36d57683 fix an issue where the isemaildomain flag for a main-domain can be set to false when edited by customer 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-08 12:46:17 +01:00
Michael Kaufmann
69495b94af add 2FA mechanism, fixes #547 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-11-30 13:45:17 +01:00
Michael Kaufmann (d00p)
421c29c491 remove each() keyword as it is deprecated as of php-7.2, fixes #479 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-10-31 13:03:06 +01:00
Jiří Zapletal
970a119f23 fix non-persistent XSS due inproper content escaping 2016-06-03 16:20:34 +02:00
Michael Kaufmann (d00p)
7c8dbd370f forgot to check for dbupdates in index.php 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-07 13:55:14 +01:00
Bernhard Sirlinger
6ddbb10b5a Fix #1585 
Redirect to admin_customers.php
 2016-02-23 16:28:58 +01:00
Michael Kaufmann (d00p)
da4ec3e1b5 avoid rand() if possible as it is not generating cryptographically secure values, thx to Hanno for putting some effort into this 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-01-28 08:27:15 +01:00
Stefan Weil
fe5ab0d8da Fix typos found by codespell 
Fix also a grammar issue.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
 2015-11-13 07:56:12 +01:00
Michael Kaufmann (d00p)
be387ccf35 show whether a customer is deavtivated after successful login rather then nothing at all 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-02-08 16:07:24 +01:00
Michael Kaufmann (d00p)
99bed23b95 another md5() leftover 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-02-01 13:12:24 +01:00
Michael Kaufmann (d00p)
36c7527b2a add function to validate different password-hashes and update them to the currently set hash if login successfull and hash differs, set default hash to SHA256, fixes #1289 - add custom-notes field to admin/customer, fixes #1471 - set version to 0.9.33-rc2 for upcoming second release-candidate 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-01-28 13:24:36 +01:00
Michael Kaufmann (d00p)
bfa9478649 password-reset fix 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-12-19 14:11:17 +01:00
Marco Vogt (vogti)
6bfa95f8a8 Import default subject/body for e-mails templates; fixes #496 
Signed-off-by: Marco Vogt (vogti) <mail@mdvogt.de>
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-12-12 19:26:06 +01:00
Michael Kaufmann (d00p)
f5f7bc449a use recent Content-Security-Policy values and header for all browser, secure script/query-string to redirect to after login if given 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-11-04 13:01:42 +01:00
Michael Kaufmann (d00p)
a7a971f444 secure password-reset form against possible header-modification, thx to Hendrik 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-06-29 11:25:31 +02:00
Michael Kaufmann (d00p)
d6fdf887ce don't add session-id to external redirects, thx to Sephi 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2014-02-19 11:08:43 +01:00
Roman Schmerold (BNoiZe)
7fc3ac587a Redirect to last URL after relogin when session timed out, fixes #443 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2014-01-05 22:35:26 +01:00
Roman Schmerold (BNoiZe)
34b4aaa828 Fixed https not used in passwort reset links, fixes #1344 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2013-12-29 15:24:42 +01:00
Roman Schmerold (BNoiZe)
eb33493c79 implemented new Setting-class, refs #1325 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2013-12-15 12:24:32 +01:00
Roman Schmerold (BNoiZe)
36b6b6b857 Added logging of faulty login attempts, fixes #1321 
Signed-off-by: Roman Schmerold (BNoiZe) <bnoize@froxlor.org>
 2013-12-14 10:28:33 +01:00
BNoiZe
f74ed8ed93 Added preconfig hint for 0.9.31-dev4 2013-12-01 11:06:33 +01:00
BNoiZe
e5e0ae7527 Fixed some bugs, made activationcode more secure, added update script, merged missing commit 2013-12-01 10:34:31 +01:00