Benjamin Sonntag
|
71980d06a8
|
removing IP stability check in the panel: it's unenforceable as of 2017 :/ Fixes #173
|
2017-08-14 10:12:47 +02:00 |
Benjamin Sonntag
|
41ad8b3632
|
fixing a branching issue in mail_doedit, fixes #164
|
2017-08-12 16:56:06 +02:00 |
Benjamin Sonntag
|
46ab94707a
|
adding mandatory fields to the account creation form, Fixes #132
|
2017-06-18 18:51:11 +02:00 |
Benjamin Sonntag
|
cd310b355a
|
adding mandatory fields to the account creation form, Fixes #132
|
2017-06-18 18:45:57 +02:00 |
Benjamin Sonntag
|
957098327c
|
Merge pull request #146 from soul9/fix_pma_sso
latest security update of phpmyadmin (on wheezy) seems to have disabled the index.php, forcing the browser to go there directly
|
2017-06-07 15:15:07 +02:00 |
Remi
|
611e41a31b
|
bug fix: set success class to alert-success insted of alert-error after successful mailbox parameters update
|
2017-02-07 10:20:33 +01:00 |
Remi
|
4a2d1dcbdf
|
bug fix undelete mail
|
2017-01-24 18:29:13 +01:00 |
John Soros
|
bec836f87b
|
latest security update of phpmyadmin seems to have disabled the indexes so we need to explicitely redirect to .../index.php
|
2017-01-20 17:41:52 +01:00 |
Benjamin Sonntag
|
1dc41d5530
|
[fix] missing csrf on mail_manage_catchall.php
|
2016-10-27 16:32:49 +02:00 |
Benjamin Sonntag
|
fc068bc938
|
[fix] invalid token at login time
|
2016-08-29 16:55:05 +02:00 |
Benjamin Sonntag
|
a35288b91e
|
[fix] the file editor allows an invalid token. Tell the user and give a new one to re-submit. Fixes #111
|
2016-08-09 16:40:11 +02:00 |
Remi
|
0c840f9f2e
|
bug fix: remove old references to unknown 'bw_web' quota values linking to not existing stats_show_per_month.php page and menu gadget
(anyone aiming to display custom menu gadget or size based quota could return in_menu=1 and type=size array values in hook_quota_get() function)
|
2016-07-15 18:40:29 +02:00 |
Benjamin Sonntag
|
3ffa78aa5f
|
[fix] fixing db issue when creating a DB + post/request for SQLRESTORE
|
2016-07-12 15:54:21 +02:00 |
Benjamin Sonntag
|
e381692cbd
|
[fix] deleting a domain didn't work (post/request check)
|
2016-05-31 12:13:57 +02:00 |
Benjamin Sonntag
|
e806446945
|
[wip] fixing most found bug during big test at https://pad.lqdn.fr/p/alternc-tests-secu201605
|
2016-05-26 18:32:17 +02:00 |
Benjamin Sonntag
|
93ce8ffd0f
|
htmlentities in sql_getparams + check if db not found
|
2016-05-23 16:37:32 +02:00 |
Benjamin Sonntag
|
aef4f58e8a
|
[wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly
|
2016-05-23 16:08:23 +02:00 |
Benjamin Sonntag
|
d9d73d204c
|
fixing most GET/REQUEST to POST if needed
|
2016-05-23 15:03:13 +02:00 |
Benjamin Sonntag
|
b205d6bf8a
|
[wip] CSRF check should work better now...
|
2016-05-23 13:59:16 +02:00 |
Benjamin Sonntag
|
aaa3d68697
|
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields
|
2016-05-23 08:27:58 +02:00 |
Benjamin Sonntag
|
a956b38c00
|
[wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields
|
2016-05-22 20:14:26 +02:00 |
Benjamin Sonntag
|
6043e9c3d7
|
[wip] securing *all* forms through CSRF management (requires a new table)
|
2016-05-20 14:21:47 +02:00 |
Benjamin Sonntag
|
8392c1d84f
|
fixing quote + doms + roundcube & squirrelmail's quoting using PDO
|
2016-05-18 15:39:41 +02:00 |
Benjamin Sonntag
|
0c505e8b6c
|
[security] using prepared query in the panel
|
2016-05-17 18:47:09 +02:00 |
root
|
b28b73e913
|
issue #75: defines length of sql user and database names depending of the local configuration.
|
2016-04-27 19:04:49 +02:00 |
Remi
|
911250a73f
|
fixes #7: show alert-info instead of alert-error when successfully changins sql users rights
|
2016-03-03 14:35:57 +01:00 |
Remi
|
c18e3ca9f3
|
fixes #37 #68
|
2016-03-03 13:47:08 +01:00 |
Remi
|
5ab6a47862
|
fixes some PHP warnings
|
2016-03-03 12:07:38 +01:00 |
Remi
|
291572224f
|
cosmetic fix: removed inline CSS and gives nice display for smaller screen
will give better rendering for mainstream modern browsers
|
2016-02-26 10:17:05 +01:00 |
Remi
|
a9e057cbd1
|
bug fix: installed domain list was too slow due to DNS request on self managed records (gesdns=1)
bug fix: do not allow DNS modification of created domains under hosting_tld
|
2016-02-25 16:13:08 +01:00 |
Remi
|
6cb248aec5
|
Some spanish translations. Replace dutch (nederlands) with spanish in default languages (more translated strings, and larger public)
|
2016-02-25 14:12:41 +01:00 |
Remi
|
1c049f6bc6
|
bug fix: quota summary was inserted directly on main page without calling the appropriate hook.
|
2016-02-24 14:49:33 +01:00 |
Remi
|
3fa2b9c625
|
bug fix: call to bad function name (m_admin::mail_all_members() instead of m_admin::mailallmembers())
|
2016-02-23 22:29:03 +01:00 |
Remi
|
983524b14b
|
bug fix: sort in file browser to respect size and date order
|
2016-02-23 15:46:27 +01:00 |
Remi
|
767044fcb5
|
bug fixes in file editor (bad encoded file names were blank, can_edit was not called on 2 or 3 columns, also fixes a bug in date display)
|
2016-02-23 13:35:21 +01:00 |
Remi
|
f5737e0ee6
|
bug fixes in adm_list: filter implementation and screen display
|
2016-02-23 12:02:58 +01:00 |
Remi
|
604592eedd
|
bug fixes in ACL, wildcard on vhost, and some sql bug
|
2016-02-22 15:52:55 +01:00 |
Benjamin Sonntag
|
9a6cba4ebb
|
Fix cname error not sent to user interface. Fixes #25
|
2016-01-14 18:15:25 +01:00 |
Benjamin Sonntag
|
6d24bd9739
|
fixing the Choosing of a (dns hosted only) domain name to be a master when installing a slave. Fixes #28
|
2016-01-14 18:07:34 +01:00 |
Benjamin Sonntag
|
48e71faa88
|
[fix] autocomplete honeypot field to trick firefox: prevent auto-filing of non-needed form passwords.
|
2016-01-14 16:24:00 +01:00 |
Benjamin Sonntag
|
6398702f74
|
fixing <? without php for Jessie
|
2015-12-22 16:56:03 +01:00 |
Benjamin Sonntag
|
3e3a9d4e83
|
fixing <? without php for Jessie
|
2015-12-22 16:53:45 +01:00 |
Benjamin Sonntag
|
3b6d527349
|
removing unbreakable space in php source code
|
2015-12-07 11:20:05 +01:00 |
Benjamin Sonntag
|
1d4a541243
|
fixing phpmyadmin sso
|
2015-11-17 10:45:20 +01:00 |
Benjamin Sonntag
|
fa5ca54555
|
We know SHOW the 'protected' files in the browser, so that you understand why you can't edit them
|
2015-11-11 09:43:57 +01:00 |
Benjamin Sonntag
|
d4c43a9717
|
adding information for noerase domains, Fixes #10
|
2015-09-25 18:02:23 +02:00 |
Benjamin Sonntag
|
d3ab589e56
|
REFACTORING: code formatting of the panel + braces on if/while/for + fixe some missing or too many Globals in functions
|
2015-09-25 17:42:00 +02:00 |
Benjamin Sonntag
|
a0575e0481
|
adding sort in quotas_users + update changelog
|
2015-07-31 15:47:51 +02:00 |
Benjamin Sonntag
|
985b23339d
|
fixing error message '1' for locked domains
|
2015-07-31 15:47:11 +02:00 |
Benjamin Sonntag
|
2eadec4ae0
|
separating in a second table the advanced dns entries
|
2015-06-17 16:33:09 +02:00 |