kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,678 Commits 25 Branches 26 Tags 14 MiB
Commit Graph

1442 Commits

Author SHA1 Message Date
Benjamin Sonntag 4f3604e717 [FIX] #83 issue with FTP file with wrong rights. 2016-08-26 16:31:19 +02:00
Benjamin Sonntag 1d9e478f2e [FIX] Undefined variable: res at upgrade time 2016-08-26 15:51:01 +02:00
Benjamin Sonntag 5ef516e0ba Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-08-09 16:44:34 +02:00
Benjamin Sonntag 16bd8278a4 [fix] allow HTTPS on any panel (you'd better use letsencrypt then, but that's a valid choice. Fixes #106 2016-08-09 16:44:30 +02:00
Benjamin Sonntag 42eac1173d Merge pull request #107 from AlternC/albancrommer-patch-1 
Update config.php to allow HTTPS on other VHOSTS
 2016-08-09 16:43:37 +02:00
Benjamin Sonntag a35288b91e [fix] the file editor allows an invalid token. Tell the user and give a new one to re-submit. Fixes #111 2016-08-09 16:40:11 +02:00
Remi 0c840f9f2e bug fix: remove old references to unknown 'bw_web' quota values linking to not existing stats_show_per_month.php page and menu gadget 
(anyone aiming to display custom menu gadget or size based quota could return in_menu=1 and type=size array values in hook_quota_get() function)
 2016-07-15 18:40:29 +02:00
Alban Crommer 04c36baa77 Update config.php 
See Issue #106

AlternC should allow HTTPS panel access for different host names
 2016-07-13 12:19:33 +02:00
Benjamin Sonntag ade5c51f0f Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-07-12 15:54:30 +02:00
Benjamin Sonntag 3ffa78aa5f [fix] fixing db issue when creating a DB + post/request for SQLRESTORE 2016-07-12 15:54:21 +02:00
Remi 1b73dff3a5 bug fix: sub admin were proposed to install hosting_tld for new user, but the domain creation silently failed 2016-07-07 12:59:56 +02:00
Benjamin Sonntag e381692cbd [fix] deleting a domain didn't work (post/request check) 2016-05-31 12:13:57 +02:00
Benjamin Sonntag 9057254059 [i18n] updating translations 2016-05-26 18:38:16 +02:00
Benjamin Sonntag e806446945 [wip] fixing most found bug during big test at https://pad.lqdn.fr/p/alternc-tests-secu201605 2016-05-26 18:32:17 +02:00
Benjamin Sonntag 93ce8ffd0f htmlentities in sql_getparams + check if db not found 2016-05-23 16:37:32 +02:00
Benjamin Sonntag aef4f58e8a [wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly 2016-05-23 16:08:23 +02:00
Benjamin Sonntag d9d73d204c fixing most GET/REQUEST to POST if needed 2016-05-23 15:03:13 +02:00
Benjamin Sonntag b205d6bf8a [wip] CSRF check should work better now... 2016-05-23 13:59:16 +02:00
Benjamin Sonntag 23a438de99 [wip] csrf check: moving the check to the right place: before authentication 2016-05-23 08:33:32 +02:00
Benjamin Sonntag aaa3d68697 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-23 08:27:58 +02:00
Benjamin Sonntag a956b38c00 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 20:14:26 +02:00
Benjamin Sonntag de5837750e same random system everywhere : mt_rand() 2016-05-22 17:40:57 +02:00
Benjamin Sonntag 6043e9c3d7 [wip] securing *all* forms through CSRF management (requires a new table) 2016-05-20 14:21:47 +02:00
Benjamin Sonntag d9bdfaf1ac [wip] adding csrf form management, to be added everywhere 2016-05-19 17:04:49 +02:00
Benjamin Sonntag 7b1e5bba94 [wip] m_mail LIMIT shall not be quoted 2016-05-18 18:41:27 +02:00
Benjamin Sonntag 424b2a9ce7 [wip] more PDO fixes 2016-05-18 18:24:40 +02:00
Benjamin Sonntag b1ca1d88ae fixing PDO for MySQL class and spoolsize (adding exec() for direct queries, manage properly query() call without arguments (no prepare, allow show database) 2016-05-18 18:00:04 +02:00
Benjamin Sonntag 8392c1d84f fixing quote + doms + roundcube & squirrelmail's quoting using PDO 2016-05-18 15:39:41 +02:00
Benjamin Sonntag b6eb1e668c fixing get_remote_ip() quoting 2016-05-18 15:12:49 +02:00
Benjamin Sonntag 06076b6fe0 moving https check down to AFTER hook/err initialization 2016-05-18 15:04:19 +02:00
Emmanuel Monbroussou 4e558e5e7c [wip] Passing mysql request params into array arguments for the query method (part 4) 2016-05-18 12:51:03 +02:00
Emmanuel Monbroussou 61b07a257d [wip] Passing mysql request params into array arguments for the query method (part 3) 2016-05-18 11:19:20 +02:00
Emmanuel Monbroussou 86e7bfb6b8 Merge branch '20160515-secu' of github.com:AlternC/AlternC into 20160515-secu 2016-05-17 18:58:25 +02:00
Emmanuel Monbroussou 3665aabc96 [wip] Passing mysql request params into array arguments for the query method (part 2) 2016-05-17 18:57:01 +02:00
Benjamin Sonntag 0c505e8b6c [security] using prepared query in the panel 2016-05-17 18:47:09 +02:00
Emmanuel Monbroussou 262336aadb [wip] Passing mysql request params into array arguments for the query method (part 1) 2016-05-17 17:21:08 +02:00
Emmanuel Monbroussou bc5c8f7e34 Merge branch 'pdo_migration' into 20160515-secu 
Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
 2016-05-17 15:10:37 +02:00
Remi 28f09e31e1 More explicit message for sql names length limit 2016-04-28 12:54:53 +02:00
root b28b73e913 issue #75: defines length of sql user and database names depending of the local configuration. 2016-04-27 19:04:49 +02:00
Benjamin Sonntag c8353f3f21 initialize , Fixes #56 2016-03-13 13:23:11 +01:00
Remi 6388489d4f bug fix: Quota use was different when switching language 
use of str_pad inside get_size_unit() was removing decimal part due to localization issues (coma separator instead of dot)
 2016-03-09 10:58:19 +01:00
Remi 06fdadbcd0 bug fix: rediction to https was called inside shell call 2016-03-03 16:20:41 +01:00
Remi d041bcbeca fix test if variables is set 2016-03-03 16:06:38 +01:00
Remi 2bf3f45466 bug fix #40: force_https variable was disabled by commit bbd913e6e6 
now redirects peacefully a client when connecting to non SSL panel.
 2016-03-03 15:08:27 +01:00
Remi 911250a73f fixes #7: show alert-info instead of alert-error when successfully changins sql users rights 2016-03-03 14:35:57 +01:00
Remi c18e3ca9f3 fixes #37 #68 2016-03-03 13:47:08 +01:00
Remi 5ab6a47862 fixes some PHP warnings 2016-03-03 12:07:38 +01:00
Remi 9ec0668da5 bug fix: mailman wrappers were not added if mail quota was over 2016-03-03 11:28:26 +01:00
Remi 1fe966f5d8 bug fixes: spf and dmarc record weren't updated for every domain due to loss in mysql result query buffer 2016-03-02 14:17:32 +01:00
Remi 925674cf1e translation fix: el tuteo es mas corriente en los sitios web de nuevas tecnologías 2016-02-26 10:39:07 +01:00