kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,714 Commits 25 Branches 26 Tags 14 MiB
Commit Graph

817 Commits

Author SHA1 Message Date
Benjamin Sonntag 8cc2007a44 not counting mailman box in quotas, fixes #170 2017-08-12 16:46:00 +02:00
Benjamin Sonntag 53eec68f08 removing defmx/defmx2 when we say 'don't host email here', fixes #175 2017-08-12 16:31:46 +02:00
Benjamin Sonntag c7226c9010 adding a maximum of 20 for the DEPTH of delete in the file browser (may cause havoc in unknown case found in farafina server) 2017-08-08 15:20:46 +02:00
Benjamin Sonntag cd310b355a adding mandatory fields to the account creation form, Fixes #132 2017-06-18 18:45:57 +02:00
Benjamin Sonntag 43bb39105b Merge pull request #153 from fser/fser/uniform-log-entries 
log entries for error and log both log IP address
 2017-06-07 15:14:03 +02:00
Benjamin Sonntag ea4eea6145 adding a variable to ignore IP in sessions, currently broken it seems 2017-06-07 15:13:25 +02:00
Benjamin Sonntag 6d72cc522b adding x-forwarded-proto = https management to detet https too 2017-06-07 14:31:30 +02:00
François (fser) e452219136 log entries for error and log both log IP address 2017-06-03 11:22:35 +02:00
Remi 4a2d1dcbdf bug fix undelete mail 2017-01-24 18:29:13 +01:00
Remi 20dab5677a bug fixes variable $dom_id et non $domain_id 2017-01-24 17:52:29 +01:00
thms cb56e77093 m_dom now refuses cname on its apex 2016-11-04 12:00:24 +01:00
Benjamin Sonntag fc068bc938 [fix] invalid token at login time 2016-08-29 16:55:05 +02:00
Benjamin Sonntag 4f3604e717 [FIX] #83 issue with FTP file with wrong rights. 2016-08-26 16:31:19 +02:00
Benjamin Sonntag 1d9e478f2e [FIX] Undefined variable: res at upgrade time 2016-08-26 15:51:01 +02:00
Benjamin Sonntag 5ef516e0ba Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-08-09 16:44:34 +02:00
Benjamin Sonntag 16bd8278a4 [fix] allow HTTPS on any panel (you'd better use letsencrypt then, but that's a valid choice. Fixes #106 2016-08-09 16:44:30 +02:00
Benjamin Sonntag 42eac1173d Merge pull request #107 from AlternC/albancrommer-patch-1 
Update config.php to allow HTTPS on other VHOSTS
 2016-08-09 16:43:37 +02:00
Remi 0c840f9f2e bug fix: remove old references to unknown 'bw_web' quota values linking to not existing stats_show_per_month.php page and menu gadget 
(anyone aiming to display custom menu gadget or size based quota could return in_menu=1 and type=size array values in hook_quota_get() function)
 2016-07-15 18:40:29 +02:00
Alban Crommer 04c36baa77 Update config.php 
See Issue #106

AlternC should allow HTTPS panel access for different host names
 2016-07-13 12:19:33 +02:00
Benjamin Sonntag ade5c51f0f Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-07-12 15:54:30 +02:00
Benjamin Sonntag 3ffa78aa5f [fix] fixing db issue when creating a DB + post/request for SQLRESTORE 2016-07-12 15:54:21 +02:00
Remi 1b73dff3a5 bug fix: sub admin were proposed to install hosting_tld for new user, but the domain creation silently failed 2016-07-07 12:59:56 +02:00
Benjamin Sonntag e806446945 [wip] fixing most found bug during big test at https://pad.lqdn.fr/p/alternc-tests-secu201605 2016-05-26 18:32:17 +02:00
Benjamin Sonntag 93ce8ffd0f htmlentities in sql_getparams + check if db not found 2016-05-23 16:37:32 +02:00
Benjamin Sonntag aef4f58e8a [wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly 2016-05-23 16:08:23 +02:00
Benjamin Sonntag b205d6bf8a [wip] CSRF check should work better now... 2016-05-23 13:59:16 +02:00
Benjamin Sonntag 23a438de99 [wip] csrf check: moving the check to the right place: before authentication 2016-05-23 08:33:32 +02:00
Benjamin Sonntag a956b38c00 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 20:14:26 +02:00
Benjamin Sonntag de5837750e same random system everywhere : mt_rand() 2016-05-22 17:40:57 +02:00
Benjamin Sonntag 6043e9c3d7 [wip] securing *all* forms through CSRF management (requires a new table) 2016-05-20 14:21:47 +02:00
Benjamin Sonntag d9bdfaf1ac [wip] adding csrf form management, to be added everywhere 2016-05-19 17:04:49 +02:00
Benjamin Sonntag 7b1e5bba94 [wip] m_mail LIMIT shall not be quoted 2016-05-18 18:41:27 +02:00
Benjamin Sonntag 424b2a9ce7 [wip] more PDO fixes 2016-05-18 18:24:40 +02:00
Benjamin Sonntag b1ca1d88ae fixing PDO for MySQL class and spoolsize (adding exec() for direct queries, manage properly query() call without arguments (no prepare, allow show database) 2016-05-18 18:00:04 +02:00
Benjamin Sonntag 8392c1d84f fixing quote + doms + roundcube & squirrelmail's quoting using PDO 2016-05-18 15:39:41 +02:00
Benjamin Sonntag b6eb1e668c fixing get_remote_ip() quoting 2016-05-18 15:12:49 +02:00
Benjamin Sonntag 06076b6fe0 moving https check down to AFTER hook/err initialization 2016-05-18 15:04:19 +02:00
Emmanuel Monbroussou 4e558e5e7c [wip] Passing mysql request params into array arguments for the query method (part 4) 2016-05-18 12:51:03 +02:00
Emmanuel Monbroussou 61b07a257d [wip] Passing mysql request params into array arguments for the query method (part 3) 2016-05-18 11:19:20 +02:00
Emmanuel Monbroussou 3665aabc96 [wip] Passing mysql request params into array arguments for the query method (part 2) 2016-05-17 18:57:01 +02:00
Emmanuel Monbroussou 262336aadb [wip] Passing mysql request params into array arguments for the query method (part 1) 2016-05-17 17:21:08 +02:00
Emmanuel Monbroussou bc5c8f7e34 Merge branch 'pdo_migration' into 20160515-secu 
Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
 2016-05-17 15:10:37 +02:00
Remi 28f09e31e1 More explicit message for sql names length limit 2016-04-28 12:54:53 +02:00
root b28b73e913 issue #75: defines length of sql user and database names depending of the local configuration. 2016-04-27 19:04:49 +02:00
Benjamin Sonntag c8353f3f21 initialize , Fixes #56 2016-03-13 13:23:11 +01:00
Remi 6388489d4f bug fix: Quota use was different when switching language 
use of str_pad inside get_size_unit() was removing decimal part due to localization issues (coma separator instead of dot)
 2016-03-09 10:58:19 +01:00
Remi 06fdadbcd0 bug fix: rediction to https was called inside shell call 2016-03-03 16:20:41 +01:00
Remi d041bcbeca fix test if variables is set 2016-03-03 16:06:38 +01:00
Remi 2bf3f45466 bug fix #40: force_https variable was disabled by commit bbd913e6e6 
now redirects peacefully a client when connecting to non SSL panel.
 2016-03-03 15:08:27 +01:00
Remi c18e3ca9f3 fixes #37 #68 2016-03-03 13:47:08 +01:00