kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity
2,687 Commits 25 Branches 26 Tags 14 MiB
Commit Graph

807 Commits

Author SHA1 Message Date
thms cb56e77093 m_dom now refuses cname on its apex 2016-11-04 12:00:24 +01:00
Benjamin Sonntag fc068bc938 [fix] invalid token at login time 2016-08-29 16:55:05 +02:00
Benjamin Sonntag 4f3604e717 [FIX] #83 issue with FTP file with wrong rights. 2016-08-26 16:31:19 +02:00
Benjamin Sonntag 1d9e478f2e [FIX] Undefined variable: res at upgrade time 2016-08-26 15:51:01 +02:00
Benjamin Sonntag 5ef516e0ba Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-08-09 16:44:34 +02:00
Benjamin Sonntag 16bd8278a4 [fix] allow HTTPS on any panel (you'd better use letsencrypt then, but that's a valid choice. Fixes #106 2016-08-09 16:44:30 +02:00
Benjamin Sonntag 42eac1173d Merge pull request #107 from AlternC/albancrommer-patch-1 
Update config.php to allow HTTPS on other VHOSTS
 2016-08-09 16:43:37 +02:00
Remi 0c840f9f2e bug fix: remove old references to unknown 'bw_web' quota values linking to not existing stats_show_per_month.php page and menu gadget 
(anyone aiming to display custom menu gadget or size based quota could return in_menu=1 and type=size array values in hook_quota_get() function)
 2016-07-15 18:40:29 +02:00
Alban Crommer 04c36baa77 Update config.php 
See Issue #106

AlternC should allow HTTPS panel access for different host names
 2016-07-13 12:19:33 +02:00
Benjamin Sonntag ade5c51f0f Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-07-12 15:54:30 +02:00
Benjamin Sonntag 3ffa78aa5f [fix] fixing db issue when creating a DB + post/request for SQLRESTORE 2016-07-12 15:54:21 +02:00
Remi 1b73dff3a5 bug fix: sub admin were proposed to install hosting_tld for new user, but the domain creation silently failed 2016-07-07 12:59:56 +02:00
Benjamin Sonntag e806446945 [wip] fixing most found bug during big test at https://pad.lqdn.fr/p/alternc-tests-secu201605 2016-05-26 18:32:17 +02:00
Benjamin Sonntag 93ce8ffd0f htmlentities in sql_getparams + check if db not found 2016-05-23 16:37:32 +02:00
Benjamin Sonntag aef4f58e8a [wip] fixing errors brought by the big security changes... update browser preferences fix + some post/get/request messup + zip not working properly 2016-05-23 16:08:23 +02:00
Benjamin Sonntag b205d6bf8a [wip] CSRF check should work better now... 2016-05-23 13:59:16 +02:00
Benjamin Sonntag 23a438de99 [wip] csrf check: moving the check to the right place: before authentication 2016-05-23 08:33:32 +02:00
Benjamin Sonntag a956b38c00 [wip] adding missing ehe() and eue() for htmlentities or urlencode in form fields 2016-05-22 20:14:26 +02:00
Benjamin Sonntag de5837750e same random system everywhere : mt_rand() 2016-05-22 17:40:57 +02:00
Benjamin Sonntag 6043e9c3d7 [wip] securing *all* forms through CSRF management (requires a new table) 2016-05-20 14:21:47 +02:00
Benjamin Sonntag d9bdfaf1ac [wip] adding csrf form management, to be added everywhere 2016-05-19 17:04:49 +02:00
Benjamin Sonntag 7b1e5bba94 [wip] m_mail LIMIT shall not be quoted 2016-05-18 18:41:27 +02:00
Benjamin Sonntag 424b2a9ce7 [wip] more PDO fixes 2016-05-18 18:24:40 +02:00
Benjamin Sonntag b1ca1d88ae fixing PDO for MySQL class and spoolsize (adding exec() for direct queries, manage properly query() call without arguments (no prepare, allow show database) 2016-05-18 18:00:04 +02:00
Benjamin Sonntag 8392c1d84f fixing quote + doms + roundcube & squirrelmail's quoting using PDO 2016-05-18 15:39:41 +02:00
Benjamin Sonntag b6eb1e668c fixing get_remote_ip() quoting 2016-05-18 15:12:49 +02:00
Benjamin Sonntag 06076b6fe0 moving https check down to AFTER hook/err initialization 2016-05-18 15:04:19 +02:00
Emmanuel Monbroussou 4e558e5e7c [wip] Passing mysql request params into array arguments for the query method (part 4) 2016-05-18 12:51:03 +02:00
Emmanuel Monbroussou 61b07a257d [wip] Passing mysql request params into array arguments for the query method (part 3) 2016-05-18 11:19:20 +02:00
Emmanuel Monbroussou 3665aabc96 [wip] Passing mysql request params into array arguments for the query method (part 2) 2016-05-17 18:57:01 +02:00
Emmanuel Monbroussou 262336aadb [wip] Passing mysql request params into array arguments for the query method (part 1) 2016-05-17 17:21:08 +02:00
Emmanuel Monbroussou bc5c8f7e34 Merge branch 'pdo_migration' into 20160515-secu 
Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
 2016-05-17 15:10:37 +02:00
Remi 28f09e31e1 More explicit message for sql names length limit 2016-04-28 12:54:53 +02:00
root b28b73e913 issue #75: defines length of sql user and database names depending of the local configuration. 2016-04-27 19:04:49 +02:00
Benjamin Sonntag c8353f3f21 initialize , Fixes #56 2016-03-13 13:23:11 +01:00
Remi 6388489d4f bug fix: Quota use was different when switching language 
use of str_pad inside get_size_unit() was removing decimal part due to localization issues (coma separator instead of dot)
 2016-03-09 10:58:19 +01:00
Remi 06fdadbcd0 bug fix: rediction to https was called inside shell call 2016-03-03 16:20:41 +01:00
Remi d041bcbeca fix test if variables is set 2016-03-03 16:06:38 +01:00
Remi 2bf3f45466 bug fix #40: force_https variable was disabled by commit bbd913e6e6 
now redirects peacefully a client when connecting to non SSL panel.
 2016-03-03 15:08:27 +01:00
Remi c18e3ca9f3 fixes #37 #68 2016-03-03 13:47:08 +01:00
Remi 9ec0668da5 bug fix: mailman wrappers were not added if mail quota was over 2016-03-03 11:28:26 +01:00
Remi 1fe966f5d8 bug fixes: spf and dmarc record weren't updated for every domain due to loss in mysql result query buffer 2016-03-02 14:17:32 +01:00
Remi a9e057cbd1 bug fix: installed domain list was too slow due to DNS request on self managed records (gesdns=1) 
bug fix: do not allow DNS modification of created domains under hosting_tld
 2016-02-25 16:13:08 +01:00
Remi 7eb64f08a5 Merge branch 'stable-3.1' of github.com:AlternC/AlternC into stable-3.1 2016-02-25 14:17:43 +01:00
Remi 6cb248aec5 Some spanish translations. Replace dutch (nederlands) with spanish in default languages (more translated strings, and larger public) 2016-02-25 14:12:41 +01:00
Benjamin Sonntag b867d5a4dd Merge pull request #24 from GuillaumeFromage/stable-3.1 
Added support for .co, which has the same layout as .cc (need another patch to add it to TLD table)
 2016-02-24 16:12:02 +01:00
Benjamin Sonntag 9f8c2a8e1e Merge pull request #58 from asso-infini/patch-1 
Update m_bro.php to manager bz2
 2016-02-24 16:11:03 +01:00
Remi 1c049f6bc6 bug fix: quota summary was inserted directly on main page without calling the appropriate hook. 2016-02-24 14:49:33 +01:00
Remi 767044fcb5 bug fixes in file editor (bad encoded file names were blank, can_edit was not called on 2 or 3 columns, also fixes a bug in date display) 2016-02-23 13:35:21 +01:00
asso-infini 76895cf5fe Update m_bro.php 
Gestion des archives dont l'extension est .bz, .bz2, .Z, .tgz, tbz ou tbz2 
Si on a réussi à traiter l'archive, on n'essaye pas de la traiter une nouvelle fois.
Dans le cas de l'utilisation de la commande tar, on utilise plutôt les id proprietaire et groupe des fichiers plutot que le nom des proprietaires et groupes des fichiers avec l'option --numeric-owner
 2016-02-15 21:16:22 +01:00