kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,655 Commits 25 Branches 26 Tags 14 MiB
Commit Graph

1427 Commits

Author SHA1 Message Date
Benjamin Sonntag aef4f58e8a [wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly 2016-05-23 16:08:23 +02:00
Benjamin Sonntag d9d73d204c fixing most GET/REQUEST to POST if needed 2016-05-23 15:03:13 +02:00
Benjamin Sonntag b205d6bf8a [wip] CSRF check should work better now... 2016-05-23 13:59:16 +02:00
Benjamin Sonntag 23a438de99 [wip] csrf check: moving the check to the right place: before authentication 2016-05-23 08:33:32 +02:00
Benjamin Sonntag aaa3d68697 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-23 08:27:58 +02:00
Benjamin Sonntag a956b38c00 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 20:14:26 +02:00
Benjamin Sonntag de5837750e same random system everywhere : mt_rand() 2016-05-22 17:40:57 +02:00
Benjamin Sonntag 6043e9c3d7 [wip] securing *all* forms through CSRF management (requires a new table) 2016-05-20 14:21:47 +02:00
Benjamin Sonntag d9bdfaf1ac [wip] adding csrf form management, to be added everywhere 2016-05-19 17:04:49 +02:00
Benjamin Sonntag 7b1e5bba94 [wip] m_mail LIMIT shall not be quoted 2016-05-18 18:41:27 +02:00
Benjamin Sonntag 424b2a9ce7 [wip] more PDO fixes 2016-05-18 18:24:40 +02:00
Benjamin Sonntag b1ca1d88ae fixing PDO for MySQL class and spoolsize (adding exec() for direct queries, manage properly query() call without arguments (no prepare, allow show database) 2016-05-18 18:00:04 +02:00
Benjamin Sonntag 8392c1d84f fixing quote + doms + roundcube & squirrelmail's quoting using PDO 2016-05-18 15:39:41 +02:00
Benjamin Sonntag b6eb1e668c fixing get_remote_ip() quoting 2016-05-18 15:12:49 +02:00
Benjamin Sonntag 06076b6fe0 moving https check down to AFTER hook/err initialization 2016-05-18 15:04:19 +02:00
Emmanuel Monbroussou 4e558e5e7c [wip] Passing mysql request params into array arguments for the query method (part 4) 2016-05-18 12:51:03 +02:00
Emmanuel Monbroussou 61b07a257d [wip] Passing mysql request params into array arguments for the query method (part 3) 2016-05-18 11:19:20 +02:00
Emmanuel Monbroussou 86e7bfb6b8 Merge branch '20160515-secu' of github.com:AlternC/AlternC into 20160515-secu 2016-05-17 18:58:25 +02:00
Emmanuel Monbroussou 3665aabc96 [wip] Passing mysql request params into array arguments for the query method (part 2) 2016-05-17 18:57:01 +02:00
Benjamin Sonntag 0c505e8b6c [security] using prepared query in the panel 2016-05-17 18:47:09 +02:00
Emmanuel Monbroussou 262336aadb [wip] Passing mysql request params into array arguments for the query method (part 1) 2016-05-17 17:21:08 +02:00
Emmanuel Monbroussou bc5c8f7e34 Merge branch 'pdo_migration' into 20160515-secu 
Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
 2016-05-17 15:10:37 +02:00
Remi 28f09e31e1 More explicit message for sql names length limit 2016-04-28 12:54:53 +02:00
root b28b73e913 issue #75: defines length of sql user and database names depending of the local configuration. 2016-04-27 19:04:49 +02:00
Benjamin Sonntag c8353f3f21 initialize , Fixes #56 2016-03-13 13:23:11 +01:00
Remi 6388489d4f bug fix: Quota use was different when switching language 
use of str_pad inside get_size_unit() was removing decimal part due to localization issues (coma separator instead of dot)
 2016-03-09 10:58:19 +01:00
Remi 06fdadbcd0 bug fix: rediction to https was called inside shell call 2016-03-03 16:20:41 +01:00
Remi d041bcbeca fix test if variables is set 2016-03-03 16:06:38 +01:00
Remi 2bf3f45466 bug fix #40: force_https variable was disabled by commit bbd913e6e6 
now redirects peacefully a client when connecting to non SSL panel.
 2016-03-03 15:08:27 +01:00
Remi 911250a73f fixes #7: show alert-info instead of alert-error when successfully changins sql users rights 2016-03-03 14:35:57 +01:00
Remi c18e3ca9f3 fixes #37 #68 2016-03-03 13:47:08 +01:00
Remi 5ab6a47862 fixes some PHP warnings 2016-03-03 12:07:38 +01:00
Remi 9ec0668da5 bug fix: mailman wrappers were not added if mail quota was over 2016-03-03 11:28:26 +01:00
Remi 1fe966f5d8 bug fixes: spf and dmarc record weren't updated for every domain due to loss in mysql result query buffer 2016-03-02 14:17:32 +01:00
Remi 925674cf1e translation fix: el tuteo es mas corriente en los sitios web de nuevas tecnologías 2016-02-26 10:39:07 +01:00
Remi 291572224f cosmetic fix: removed inline CSS and gives nice display for smaller screen 
will give better rendering for mainstream modern browsers
 2016-02-26 10:17:05 +01:00
Remi a9e057cbd1 bug fix: installed domain list was too slow due to DNS request on self managed records (gesdns=1) 
bug fix: do not allow DNS modification of created domains under hosting_tld
 2016-02-25 16:13:08 +01:00
Remi 7eb64f08a5 Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-02-25 14:17:43 +01:00
Remi 6cb248aec5 Some spanish translations. Replace dutch (nederlands) with spanish in default languages (more translated strings, and larger public) 2016-02-25 14:12:41 +01:00
Benjamin Sonntag b867d5a4dd Merge pull request #24 from GuillaumeFromage/stable-3.1 
Added support for .co, which has the same layout as .cc (need another patch to add it to TLD table)
 2016-02-24 16:12:02 +01:00
Benjamin Sonntag 9f8c2a8e1e Merge pull request #58 from asso-infini/patch-1 
Update m_bro.php to manager bz2
 2016-02-24 16:11:03 +01:00
Remi 1c049f6bc6 bug fix: quota summary was inserted directly on main page without calling the appropriate hook. 2016-02-24 14:49:33 +01:00
Remi 79097f48da bug fix: correct typo in the last commit 2016-02-24 11:15:55 +01:00
Remi 6e3a496f25 bug fixes: some fixes in english translation. didn't modify the original source file as it would have repercussion on other languages 
(also modified the translation for España, was using the norwegian "spania" term)
 2016-02-24 11:11:15 +01:00
Remi 3fa2b9c625 bug fix: call to bad function name (m_admin::mail_all_members() instead of m_admin::mailallmembers()) 2016-02-23 22:29:03 +01:00
Remi 983524b14b bug fix: sort in file browser to respect size and date order 2016-02-23 15:46:27 +01:00
Remi 767044fcb5 bug fixes in file editor (bad encoded file names were blank, can_edit was not called on 2 or 3 columns, also fixes a bug in date display) 2016-02-23 13:35:21 +01:00
Remi f5737e0ee6 bug fixes in adm_list: filter implementation and screen display 2016-02-23 12:02:58 +01:00
Remi 604592eedd bug fixes in ACL, wildcard on vhost, and some sql bug 2016-02-22 15:52:55 +01:00
asso-infini 76895cf5fe Update m_bro.php 
Gestion des archives dont l'extension est .bz, .bz2, .Z, .tgz, tbz ou tbz2 
Si on a réussi à traiter l'archive, on n'essaye pas de la traiter une nouvelle fois.
Dans le cas de l'utilisation de la commande tar, on utilise plutôt les id proprietaire et groupe des fichiers plutot que le nom des proprietaires et groupes des fichiers avec l'option --numeric-owner
 2016-02-15 21:16:22 +01:00