falcon4fun
7d2a91ab9a
Checking if exist $message_to_post
...
I think it's usable, as for me, when I want to disable operator returning message (too many flood, when using mobile device/tablet) in the locales file simply removing the content of variable.
If this checking is not exist, the empty messages with dates will appear in chat.
2013-10-06 12:35:36 +03:00
849cb79b0f
Fix locales' names and codes
2013-10-06 01:46:47 +04:00
150fdbd3da
Fix issue when special chars in messages affected a browser's parser
2013-10-03 18:18:53 +04:00
0b2bff871f
Fix bug with extra escaping of 'session expired' message
2013-10-01 01:33:03 +04:00
f845cb628e
Completely wiped out the old application name
2013-09-27 18:57:37 +04:00
3478bf187d
Update README
2013-09-27 18:44:09 +04:00
Dmitriy Simushev
821de1baec
Clean up repository
2013-09-27 18:00:51 +04:00
f2d9674f02
Remove useless links to 'Download' page for absent Mibew Jabber
2013-09-26 18:24:09 +04:00
8cec341fd0
Unify translations: add extra Deutsch localization constant from master branch
2013-09-26 17:49:59 +04:00
a201761bc3
Add Lithuanian translation (thanks to livechat.lt)
2013-09-26 17:15:15 +04:00
63a2a71245
Fixed some localized constants
2013-09-26 17:14:54 +04:00
5a6b4e5437
Remove useless double strings sanitizing
2013-09-25 15:29:57 +04:00
4f6b2624e2
Update packaging script
2013-09-25 00:24:00 +04:00
dc2e139556
Update changelog
2013-09-25 00:13:34 +04:00
5ea2f8416a
Change version to 1.6.7
2013-09-25 00:11:20 +04:00
36aa4f4b74
Add initialization of 'sendmail_from' PHP variable
...
This is a workaround for some systems that requires this variable to be set explicitly for sending emails (thanks to falcon for the issue)
2013-09-24 23:33:06 +04:00
7113ab3158
Fix missed db connection in escaping values when storing notification
2013-09-24 23:25:32 +04:00
96e1f4047e
Improve passwords hashing and testing
...
* Fix issue with failed blowfish-based encryption (see second part of Issue #7 )
* Switch to binary safe hashes comparison
2013-09-24 20:09:45 +04:00
239e62d979
Prevent user from setting an empty name (see Issue #3 )
2013-09-24 18:39:54 +04:00
338d5a9976
Beautify regexp for links highlighting in dialogue
2013-09-24 15:58:44 +04:00
36f8f68f9f
Merge pull request #6 from falcon4fun/patch-1
...
HTTPS links highlighting
2013-09-24 04:56:41 -07:00
da1a171fbc
Prevent generation of negative tokens (see Issue #5 )
2013-09-24 14:44:04 +04:00
falcon4fun
8bf1e34fce
Update chat.php
2013-09-24 10:44:30 +03:00
falcon4fun
ccc9bdfbb0
HTTPS links highlighting
...
Make a https links highlighting too.
2013-09-24 10:34:53 +03:00
Dmitriy Simushev
5a93a16303
Update Dutch translation (thanks to Erik Kerkhoven)
2013-09-22 13:45:20 +04:00
7cfe7d6a4d
Update packaging script
2013-09-17 19:18:49 +04:00
95c37f1777
Change version to 1.6.6
2013-09-14 22:52:03 +04:00
547a415488
Update changelog
2013-09-14 22:49:42 +04:00
032306866a
Fix bugs with extra escaping of special chars in requests related to operations with threads
2013-09-14 22:31:13 +04:00
2779206a1a
Add new localization constants
2013-09-14 22:15:36 +04:00
6e3f6a4201
Add missed parentheses
2013-09-14 20:52:07 +04:00
5d728ed7fd
Completely wiped out the old application name
2013-09-14 20:32:58 +04:00
16879885c5
Change some translations to decrease confusion with the old application name
2013-09-14 20:18:35 +04:00
fc965fd285
Rename some cookies to decrease confusion with the old application name
2013-09-14 16:36:39 +04:00
1c0b4f48c9
Rename some functions to decrease confusion with the old application name
2013-09-14 16:30:54 +04:00
e94ba149df
Update README file to decrease confusion with the old application name
2013-09-14 16:28:50 +04:00
5afc23c446
Switch to a properly hashed passwords
2013-09-14 15:59:38 +04:00
003ba6f46b
Make session cookie more secure
2013-09-14 15:58:57 +04:00
13729dac93
Improve generation of CAPTCHA images
2013-09-13 22:56:01 +04:00
8bb1551f7a
Switch to a more secure method for generation of the thread token
2013-09-13 20:19:12 +04:00
d9a8afeb57
Fix regular expressions for integer IDs
2013-09-13 20:18:06 +04:00
d7c18215c5
Switch to a more secure method for generation of the CSRF token
2013-09-13 19:53:20 +04:00
2334a0ed0a
Switch to a more secure method for generation of the token for request for a password restore
2013-09-13 19:36:56 +04:00
e61706955a
Switch to a more reliable function for generation of userid
2013-09-13 19:36:31 +04:00
b77e2a9743
Fix bug with userid type in sql requests
2013-09-13 19:33:31 +04:00
4f43280bd1
Set PHPSESSID cookie as secure if HTTPS is used
2013-09-13 16:21:10 +04:00
e7ae0845d8
Set PHPSESSID cookie as HTTP-only
2013-09-13 15:56:06 +04:00
0cfb7a74f5
Fix multiple potential filepath manipulation vulnerabilities
2013-09-13 15:26:54 +04:00
84467fbb8d
Restrict opening of files outside the Mibew installation
2013-09-13 14:34:59 +04:00
afa06b21e2
Bug fix
...
Properly check file handler before making use of it in common.php
2013-09-13 14:34:32 +04:00
