|  | 5a6b4e5437 | Remove useless double strings sanitizing | 2013-09-25 15:29:57 +04:00 |  | 
			
				
					|  | 4f6b2624e2 | Update packaging script | 2013-09-25 00:24:00 +04:00 |  | 
			
				
					|  | dc2e139556 | Update changelog | 2013-09-25 00:13:34 +04:00 |  | 
			
				
					|  | 5ea2f8416a | Change version to 1.6.7 | 2013-09-25 00:11:20 +04:00 |  | 
			
				
					|  | 36aa4f4b74 | Add initialization of 'sendmail_from' PHP variable This is a workaround for some systems that requires this variable to be set explicitly for sending emails (thanks to falcon for the issue) | 2013-09-24 23:33:06 +04:00 |  | 
			
				
					|  | 7113ab3158 | Fix missed db connection in escaping values when storing notification | 2013-09-24 23:25:32 +04:00 |  | 
			
				
					|  | 96e1f4047e | Improve passwords hashing and testing * Fix issue with failed blowfish-based encryption (see second part of Issue #7)
* Switch to binary safe hashes comparison | 2013-09-24 20:09:45 +04:00 |  | 
			
				
					|  | 239e62d979 | Prevent user from setting an empty name (see Issue #3) | 2013-09-24 18:39:54 +04:00 |  | 
			
				
					|  | 338d5a9976 | Beautify regexp for links highlighting in dialogue | 2013-09-24 15:58:44 +04:00 |  | 
			
				
					|  | 36f8f68f9f | Merge pull request #6 from falcon4fun/patch-1 HTTPS links highlighting | 2013-09-24 04:56:41 -07:00 |  | 
			
				
					|  | da1a171fbc | Prevent generation of negative tokens (see Issue #5) | 2013-09-24 14:44:04 +04:00 |  | 
			
				
					| 
							
							
								 falcon4fun | 8bf1e34fce | Update chat.php | 2013-09-24 10:44:30 +03:00 |  | 
			
				
					| 
							
							
								 falcon4fun | ccc9bdfbb0 | HTTPS links highlighting Make a https links highlighting too. | 2013-09-24 10:34:53 +03:00 |  | 
			
				
					| 
							
							
								 Dmitriy Simushev | 5a93a16303 | Update Dutch translation (thanks to Erik Kerkhoven) | 2013-09-22 13:45:20 +04:00 |  | 
			
				
					|  | 7cfe7d6a4d | Update packaging script | 2013-09-17 19:18:49 +04:00 |  | 
			
				
					|  | 95c37f1777 | Change version to 1.6.6 | 2013-09-14 22:52:03 +04:00 |  | 
			
				
					|  | 547a415488 | Update changelog | 2013-09-14 22:49:42 +04:00 |  | 
			
				
					|  | 032306866a | Fix bugs with extra escaping of special chars in requests related to operations with threads | 2013-09-14 22:31:13 +04:00 |  | 
			
				
					|  | 2779206a1a | Add new localization constants | 2013-09-14 22:15:36 +04:00 |  | 
			
				
					|  | 6e3f6a4201 | Add missed parentheses | 2013-09-14 20:52:07 +04:00 |  | 
			
				
					|  | 5d728ed7fd | Completely wiped out the old application name | 2013-09-14 20:32:58 +04:00 |  | 
			
				
					|  | 16879885c5 | Change some translations to decrease confusion with the old application name | 2013-09-14 20:18:35 +04:00 |  | 
			
				
					|  | fc965fd285 | Rename some cookies to decrease confusion with the old application name | 2013-09-14 16:36:39 +04:00 |  | 
			
				
					|  | 1c0b4f48c9 | Rename some functions to decrease confusion with the old application name | 2013-09-14 16:30:54 +04:00 |  | 
			
				
					|  | e94ba149df | Update README file to decrease confusion with the old application name | 2013-09-14 16:28:50 +04:00 |  | 
			
				
					|  | 5afc23c446 | Switch to a properly hashed passwords | 2013-09-14 15:59:38 +04:00 |  | 
			
				
					|  | 003ba6f46b | Make session cookie more secure | 2013-09-14 15:58:57 +04:00 |  | 
			
				
					|  | 13729dac93 | Improve generation of CAPTCHA images | 2013-09-13 22:56:01 +04:00 |  | 
			
				
					|  | 8bb1551f7a | Switch to a more secure method for generation of the thread token | 2013-09-13 20:19:12 +04:00 |  | 
			
				
					|  | d9a8afeb57 | Fix regular expressions for integer IDs | 2013-09-13 20:18:06 +04:00 |  | 
			
				
					|  | d7c18215c5 | Switch to a more secure method for generation of the CSRF token | 2013-09-13 19:53:20 +04:00 |  | 
			
				
					|  | 2334a0ed0a | Switch to a more secure method for generation of the token for request for a password restore | 2013-09-13 19:36:56 +04:00 |  | 
			
				
					|  | e61706955a | Switch to a more reliable function for generation of userid | 2013-09-13 19:36:31 +04:00 |  | 
			
				
					|  | b77e2a9743 | Fix bug with userid type in sql requests | 2013-09-13 19:33:31 +04:00 |  | 
			
				
					|  | 4f43280bd1 | Set PHPSESSID cookie as secure if HTTPS is used | 2013-09-13 16:21:10 +04:00 |  | 
			
				
					|  | e7ae0845d8 | Set PHPSESSID cookie as HTTP-only | 2013-09-13 15:56:06 +04:00 |  | 
			
				
					|  | 0cfb7a74f5 | Fix multiple potential filepath manipulation vulnerabilities | 2013-09-13 15:26:54 +04:00 |  | 
			
				
					|  | 84467fbb8d | Restrict opening of files outside the Mibew installation | 2013-09-13 14:34:59 +04:00 |  | 
			
				
					|  | afa06b21e2 | Bug fix Properly check file handler before making use of it in common.php | 2013-09-13 14:34:32 +04:00 |  | 
			
				
					|  | 6747e2f557 | Improve algorithm of setting and storing locale setting | 2013-09-13 13:36:04 +04:00 |  | 
			
				
					|  | 2559630e8f | Add verification of values of the default and home locales | 2013-09-11 20:18:26 +04:00 |  | 
			
				
					|  | 097ee2b0d9 | Fix files' permissions | 2013-09-11 19:35:17 +04:00 |  | 
			
				
					|  | 50c0b50abf | Sanitize database tables prefix | 2013-09-10 19:10:26 +04:00 |  | 
			
				
					|  | f26af7f05d | Make headers more safe | 2013-09-10 17:41:54 +04:00 |  | 
			
				
					|  | b42f5bdd0d | Sanitize path to application and remove extra slashes from it | 2013-09-10 17:28:22 +04:00 |  | 
			
				
					|  | 92847d1a52 | Fix multiple (potential) SQL Injections | 2013-09-10 16:21:34 +04:00 |  | 
			
				
					|  | 2532f3bc01 | Enable default conversion of single quotes during HTML entities conversion | 2013-09-06 17:08:27 +04:00 |  | 
			
				
					|  | 441e88dfa9 | Remove redundant whitespaces | 2013-09-06 15:35:11 +04:00 |  | 
			
				
					|  | 0f86f558ec | Fix HTML attributes markup | 2013-09-06 15:34:42 +04:00 |  | 
			
				
					|  | 621f5951c4 | Fix paths in login-related forms | 2013-09-06 14:34:44 +04:00 |  |