158 Commits

Author	SHA1	Message	Date
Fedor A. Fetisov	2532f3bc01	Enable default conversion of single quotes during HTML entities conversion	2013-09-06 17:08:27 +04:00
Fedor A. Fetisov	441e88dfa9	Remove redundant whitespaces	2013-09-06 15:35:11 +04:00
Fedor A. Fetisov	0f86f558ec	Fix HTML attributes markup	2013-09-06 15:34:42 +04:00
Fedor A. Fetisov	621f5951c4	Fix paths in login-related forms	2013-09-06 14:34:44 +04:00
Fedor A. Fetisov	4e6eff55e5	Mark necessary comment field in ban form	2013-09-06 14:33:11 +04:00
Fedor A. Fetisov	03265a1fb0	Fix multiple CSRF vulnerabilities	2013-09-06 14:32:25 +04:00
Fedor A. Fetisov	9aef0fb2d4	Fix multiple XSS vulnerabilities (including CVE-2012-0829)	2013-09-06 14:31:07 +04:00
Dmitriy Simushev	3ee7fca025	Add captcha to pre-chat survey	2013-08-28 12:33:25 +04:00
Fedor A. Fetisov	3ea9c6c893	Update copyright notice	2013-07-24 01:20:36 +04:00
Dmitriy Simushev	b5d05f5411	Update license info in license.php	2013-07-24 00:08:46 +04:00
Evgeny Gryaznov	13ca97f10d	update headers	2013-03-06 22:56:55 +01:00
Evgeny Gryaznov	4f483abe26	Merge branch 'v1.6.x'	2013-03-06 22:52:38 +01:00
Evgeny Gryaznov	98aad6e490	apache 2 license in php headers	2013-03-06 22:22:53 +01:00
Evgeny Gryaznov	dd6632ffdf	format the code; remove comments in the client code; move csrfchecktoken() right after check_login()	2012-06-27 10:11:40 +02:00
YuFei Zhu	2d04bbe4ee	add csrf token to translate view	2012-05-01 13:21:49 +01:00
YuFei Zhu	22916ce8a0	add csrf token to performance and features views	2012-05-01 13:20:03 +01:00
YuFei Zhu	e3b8848f78	update comment for avatar csrf, and add csrf token check to permission page	2012-05-01 13:02:34 +01:00
YuFei Zhu	e4be5385ca	add csrf token check to avatar upload	2012-05-01 12:58:05 +01:00
YuFei Zhu	092ebd16ba	added auth token for delete offline messages check for csrf	2012-04-30 17:14:44 +01:00
YuFei Zhu	8abf075e2f	enable act=del url check for auth tokens for csrf attacks	2012-04-30 17:09:11 +01:00
YuFei Zhu	b84b439358	having token checks on POST forms	2012-04-30 16:41:55 +01:00
Evgeny Gryaznov	1ab3efb86f	login & reset password pages: default value for login where possible; update ru	2012-03-14 22:26:44 +01:00
Dmitriy Simushev	323a7f2fcd	Added closing threads by timeout	2012-03-14 22:26:39 +01:00
Dmitriy Simushev	36a2d977a0	Open mibew.org link in the bottom of operators pages in a new window	2012-03-12 22:43:27 +01:00
Dmitriy Simushev	8c69f5ad09	Fixed js bug with submit buttons in restore and reset password forms	2012-03-12 22:24:01 +01:00
Evgeny Gryaznov	65b00240d3	redirect to profile page after first login; informational banner when password is blank; do not enforce password change; rename Home -> Dashboard	2011-04-15 01:43:03 +02:00
Evgeny Gryaznov	d02b113f93	redirect to profile page after first login; informational banner when password is blank; do not enforce password change; rename Home -> Dashboard	2011-04-15 01:38:43 +02:00
Evgeny Gryaznov	c053bfe283	removed .iml; modern tabs on group settings pages; beautifying code	2011-04-07 00:52:03 +02:00
Evgeny Gryaznov	f4c3c56789	update jQuery to 1.4.2; "enabled ban" after statistics	2011-04-07 00:35:03 +02:00
Evgeny Gryaznov	acc86b9221	ability to override notification email for group	2011-04-06 23:32:29 +02:00
Evgeny Gryaznov	5595bd0f6e	install page: links to check the sound	2011-04-06 23:31:39 +02:00
Evgeny Gryaznov	dd595fc4f7	ability to override notification email for group	2011-03-01 23:56:27 +01:00
Evgeny Gryaznov	df590adf81	install page: links to check the sound	2011-02-27 01:54:27 +01:00
Evgeny Gryaznov	b9cc8ed5b1	extract tabbar generation code -> inc_tabbar.php	2011-02-26 15:37:48 +01:00
Evgeny Gryaznov	616e8da89e	two columns on code generation page	2011-02-26 15:21:14 +01:00
Evgeny Gryaznov	00e9c651d5	"you are offline" notification box	2011-02-26 13:24:29 +01:00
Evgeny Gryaznov	2dd0839f0d	notify about new features	2011-02-26 13:15:35 +01:00
Evgeny Gryaznov	3ca088f197	fix & remove unused var	2011-02-26 13:09:46 +01:00
Evgeny Gryaznov	7443faf449	disable feature checkboxes for non-admin	2011-02-22 00:22:36 +01:00
Evgeny Gryaznov	d61a9d30f7	disable feature checkboxes for non-admin	2011-02-22 00:16:31 +01:00
Evgeny Gryaznov	7de97c2a68	apply patch by Andrew Armstrong: available operators list (revised); remove odd eval code in common.js; fix obfuscation	2011-02-21 01:02:39 +01:00
Evgeny Gryaznov	e3ead37bd7	2011 copyrights	2011-02-16 01:22:22 +01:00
Evgeny Gryaznov	7418e57075	update copyrights - 2011	2011-02-14 22:48:14 +01:00
Evgeny Gryaznov	a0d3403cb5	generate Text button started ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@803 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-05-02 17:44:38 +00:00
Evgeny Gryaznov	a99a621a66	getcode refactoring started: rename view file, move generate_button method ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@800 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-05-02 12:28:16 +00:00
Evgeny Gryaznov	3903449edc	apply patch by Andrew Armstrong: available operators list (revised); remove odd eval code in common.js ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@767 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-04-25 23:28:05 +00:00
Evgeny Gryaznov	190f7914f4	jquery 1.3.2 -> 1.4.2 ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@746 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-02-27 14:24:41 +00:00
Evgeny Gryaznov	42bb76d504	notifications on home page, warn if operator is offline ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@724 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-01-15 23:47:35 +00:00
Evgeny Gryaznov	b39c9a8d33	show notification details ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@723 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-01-10 23:58:05 +00:00
Evgeny Gryaznov	f9965f4d10	add "Notifications Log" page, record sent mails, fast history search, fix redirection to groups ... git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@720 c66351dc-e62f-0410-b875-e3a5c0b9693f	2010-01-10 13:39:49 +00:00