kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,850 Commits 25 Branches 26 Tags 14 MiB
Commit Graph

2850 Commits

Author SHA1 Message Date
Benjamin Sonntag aaa3d68697 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-23 08:27:58 +02:00
Benjamin Sonntag a956b38c00 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 20:14:26 +02:00
Benjamin Sonntag de5837750e same random system everywhere : mt_rand() 2016-05-22 17:40:57 +02:00
Benjamin Sonntag 396f8c2598 [wip] securing more forms through CSRF management 2016-05-20 14:25:46 +02:00
Benjamin Sonntag 6043e9c3d7 [wip] securing *all* forms through CSRF management (requires a new table) 2016-05-20 14:21:47 +02:00
Benjamin Sonntag d9bdfaf1ac [wip] adding csrf form management, to be added everywhere 2016-05-19 17:04:49 +02:00
Benjamin Sonntag 7b1e5bba94 [wip] m_mail LIMIT shall not be quoted 2016-05-18 18:41:27 +02:00
Benjamin Sonntag 424b2a9ce7 [wip] more PDO fixes 2016-05-18 18:24:40 +02:00
Benjamin Sonntag b1ca1d88ae fixing PDO for MySQL class and spoolsize (adding exec() for direct queries, manage properly query() call without arguments (no prepare, allow show database) 2016-05-18 18:00:04 +02:00
Benjamin Sonntag 8392c1d84f fixing quote + doms + roundcube & squirrelmail's quoting using PDO 2016-05-18 15:39:41 +02:00
Benjamin Sonntag b6eb1e668c fixing get_remote_ip() quoting 2016-05-18 15:12:49 +02:00
Benjamin Sonntag 06076b6fe0 moving https check down to AFTER hook/err initialization 2016-05-18 15:04:19 +02:00
Benjamin Sonntag bb7d78a48b fixing rules + removing chown to alterncpanel 2016-05-18 14:56:35 +02:00
Emmanuel Monbroussou 4e558e5e7c [wip] Passing mysql request params into array arguments for the query method (part 4) 2016-05-18 12:51:03 +02:00
Emmanuel Monbroussou 61b07a257d [wip] Passing mysql request params into array arguments for the query method (part 3) 2016-05-18 11:19:20 +02:00
Emmanuel Monbroussou 86e7bfb6b8 Merge branch '20160515-secu' of github.com:AlternC/AlternC into 20160515-secu 2016-05-17 18:58:25 +02:00
Emmanuel Monbroussou 3665aabc96 [wip] Passing mysql request params into array arguments for the query method (part 2) 2016-05-17 18:57:01 +02:00
Benjamin Sonntag 9315fbdbac API too is using PDO, including DB_System 2016-05-17 18:49:34 +02:00
Benjamin Sonntag 0c505e8b6c [security] using prepared query in the panel 2016-05-17 18:47:09 +02:00
Benjamin Sonntag 369ab3bf34 [security] using prepared query for scripts too 2016-05-17 18:44:21 +02:00
Benjamin Sonntag 10e006bdbe [security] fixing DO_ACTIONS.PHP for REALPATH. 2016-05-17 18:12:57 +02:00
Emmanuel Monbroussou 13ee5ce1dc Merge branch '20160515-secu' of github.com:AlternC/AlternC into 20160515-secu 2016-05-17 17:22:25 +02:00
Emmanuel Monbroussou 262336aadb [wip] Passing mysql request params into array arguments for the query method (part 1) 2016-05-17 17:21:08 +02:00
Benjamin Sonntag d79f83502b [security] fix of most ownership/accessmode issues, fixes possible root escalation 2016-05-17 15:51:33 +02:00
Benjamin Sonntag 82e81b255b removing all reference to .svn / svn in makefile 2016-05-17 15:28:18 +02:00
Benjamin Sonntag 6e12c8902a removing all reference to .svn / svn in makefile 2016-05-17 15:26:52 +02:00
Benjamin Sonntag a817f30f38 removing all reference to .svn / svn in makefile 2016-05-17 15:25:59 +02:00
Emmanuel Monbroussou bc5c8f7e34 Merge branch 'pdo_migration' into 20160515-secu 
Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
 2016-05-17 15:10:37 +02:00
Remi 28f09e31e1 More explicit message for sql names length limit 2016-04-28 12:54:53 +02:00
root b28b73e913 issue #75: defines length of sql user and database names depending of the local configuration. 2016-04-27 19:04:49 +02:00
Remi 170114cdf8 forgotten file to fix #48 (fixperms_mail.sh) 2016-04-27 17:58:27 +02:00
Remi d897037ad3 add fixperms_mail.sh to correct mail permissions (fixes #48) 2016-04-27 17:55:46 +02:00
Benjamin Sonntag c8353f3f21 initialize , Fixes #56 2016-03-13 13:23:11 +01:00
Benjamin Sonntag 0509d2915d telling in 96_ssl.conf that this file is overwriten by alternc.install. Fixes #33 2016-03-13 13:16:25 +01:00
Remi 27af9078a8 fixes in postfix configuration to prevent some high load issues 2016-03-12 10:06:54 +01:00
Remi 28318a002c bug fix: use of deprecated smtp_use_tls to replace by smtp_tls_security_level 2016-03-12 09:39:07 +01:00
Remi 6388489d4f bug fix: Quota use was different when switching language 
use of str_pad inside get_size_unit() was removing decimal part due to localization issues (coma separator instead of dot)
 2016-03-09 10:58:19 +01:00
fufroma cb381b6d63 Travis and database: try again 2016-03-07 14:58:53 +01:00
fufroma b4641b8216 Travis: create database 2016-03-07 14:47:38 +01:00
fufroma 9e393139de Attemp to fix travis <=> phpunit 2016-03-07 14:41:49 +01:00
Remi 06fdadbcd0 bug fix: rediction to https was called inside shell call 2016-03-03 16:20:41 +01:00
Remi d041bcbeca fix test if variables is set 2016-03-03 16:06:38 +01:00
Remi 2bf3f45466 bug fix #40: force_https variable was disabled by commit bbd913e6e6 
now redirects peacefully a client when connecting to non SSL panel.
 2016-03-03 15:08:27 +01:00
Remi 911250a73f fixes #7: show alert-info instead of alert-error when successfully changins sql users rights 2016-03-03 14:35:57 +01:00
Remi ad3f3b7d15 fixes #23: AlternC *depends* on the quota package 2016-03-03 14:30:45 +01:00
Remi 48ef2c0ad0 fixes #64: spoolsize.php too talkative, does not mail output in cron 2016-03-03 13:57:13 +01:00
Remi c18e3ca9f3 fixes #37 #68 2016-03-03 13:47:08 +01:00
Remi 5ab6a47862 fixes some PHP warnings 2016-03-03 12:07:38 +01:00
Remi 9ec0668da5 bug fix: mailman wrappers were not added if mail quota was over 2016-03-03 11:28:26 +01:00
Remi 06a3e2537e specify nxdomain ttl in the comment of the zone template accordingly to RFC 2308 
see section 4 "SOA minimum Field" https://www.ietf.org/rfc/rfc2308.txt
By default we use the default TTL
 2016-03-02 16:55:36 +01:00