Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update master #6

Merged
merged 77 commits into from
Jan 8, 2016
Merged

update master #6

merged 77 commits into from
Jan 8, 2016

Conversation

geozak
Copy link
Owner

@geozak geozak commented Jan 8, 2016

No description provided.

slaveek and others added 30 commits October 25, 2015 11:32
@slaveek
Merge pull request #1 from panique/master
9376223 
Update
@slaveek
Merge pull request #2 from panique/develop
9ef38da 
Develop update from head fork
@cybernet
Dev packages are installed by default now.
ecc0c25
Create UserController
ec0756c
Create RegisterController
33865fd
Move register and verify view files to view/register
60149a2
Remove register and verify view files from view/login directory
41f82c2
Move register and user action methods to their new controllers
35d1e12
Rename view/register/register.php to index.php
68e7b00
Changed View->render and Redirect::to()
8d6c6b3
Move view user action files to view/user directory
3991e31
Fixed logout if CSRF not valid
3683f0a 
Logout action should be do in other way. Repeat this 3 lines every time
we need valid CSRF, will be confusing.
Rename showProfile.php to index.php
314e245
Fixed showCaptcha
17cca66
Changed form actions in user views
c084b99
Change form action in register views
94f8473
Fixed links in right menu
fa2cc4c
Fixed typo
8904ac2
Move Auth::checkAuthentication() to constructor
1c3faf9 
All pages (user actions) in UserController are visible for logged-in
users
Fixed register link
90d6f2b
@geozak
simplifying Session::get($key)
2485385 
This is a change to the get method to make it simpler.
Inside the Filter::XSSFilter method the input is already checked for is_string and it return the value whether or not it attempts to filter.
@geozak
Update Session.php to also account for issue 746
0150884 
The change is to make the simplification done also fix issue 746
#746
@kuldipem
added vendor dir to .gitignore
95775a5
Fixed major and minor changes missed
cdde4ef 
Bugs found by @geozak see:
#747 (comment)
Improved logout
851d594 
As pointed in the very first comment in
https://github.com/panique/huge/blob/develop/application/core/Csrf.php
Revert "Improved logout"
9141b70 
This reverts commit 851d594.
@panique
logo is now centered (to fit GitHub's new and wider UI)
260ceeb
@panique
reverted: logo is now centered (to fit GitHub's new and wider UI)
bd14d23
@OmarElgabry
Add encodeHTML() method
b6955bc
@OmarElgabry
Avoid XSS attacks of redirect
dbda3f9
panique and others added 28 commits November 29, 2015 17:56
@panique
added "logged in from multiple devices" info to readme
4ddd4a6
@panique
Ticket #723 - Confirm email address in registration (to prevent typos…
7ce1ade 
… by user)
@panique
Ticket #750 - Auto logout user after acount deleted or suspended
7b00ea0
@panique
Ticket #538 - throttle password-reset-requests with captcha (to block…
90b72cf 
… brute-force attacks)
@panique
Merge pull request #755 from panique/develop
4c749c0 
Develop
@panique
Ticket #721 - feedback notice for: Some mail providers (Yahoo) might …
5612ae9 
…"click" the confirmation links via their auto-spam-scanners
@panique
badge - codacy
7bdcad6
@panique
Merge pull request #756 from panique/develop
7d5483f 
Develop
@panique
Ticket #661 - more security in .htaccess
84e5377
@panique
explanation on how to use the CSRF feature
22878ca
@panique
explanation on how to use the CSRF feature
953a985
fixed broken static call to non-static method
f914279
fixed broken static call to non-static method in documentation
fdbbb19
@slaveek
Merge pull request #3 from panique/develop
b278759 
Develop update from head fork
@slaveek
Merge pull request #4 from panique/master
92443e1 
Uptade from head fork
Merge remote-tracking branch 'refs/remotes/panique/master'
787e598
Merge branch 'master' of https://github.com/slaveek/huge
4ab9dfb
@abmmhasan
Update Text.php
fbef380
Put database connection in try/catch block
a635e0f 
Check DB connection in try/catch block. Also when PDO is not constructed
properly, prevent to exposing database host, username and password in
plain text as:
PDO->__construct('mysql:host=127....', 'root', '12345678', Array)
by throwing custom error message
Clean up
f99d364 
Convert indentation to spaces.
@panique
Merge pull request #763 from slaveek/develop
7b4ca9c 
FIX: DB User & Password shown in clear text in error message
@panique
Merge pull request #764 from panique/develop
ed4acc3 
Develop
@panique
Merge pull request #761 from abmmhasan/master
9a6f735 
Better Text feed back!
@panique
Merge pull request #765 from panique/develop
4c99ce1 
Develop
@slaveek
Merge pull request #5 from panique/master
124be87 
Uptade from head fork
Prevent to suspend or delete own account.
ebb7252 
If admin suspend or delete own account will not be able to do any
action.
@panique
Merge pull request #766 from slaveek/develop
d5f639c 
Prevent to suspend or delete own account
@panique
Merge pull request #767 from panique/develop
0516886 
Develop
geozak added a commit that referenced this pull request Jan 8, 2016
@geozak
Merge pull request #6 from panique/master
60a9eed 
update master
@geozak geozak merged commit 60a9eed into geozak:master Jan 8, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
7 participants
@geozak @slaveek @cybernet @kuldipem @panique @OmarElgabry @abmmhasan