|
|
86ac3dc434
|
Update list of locales in packaging script
|
2013-11-26 12:44:08 +04:00 |
|
|
|
e10b59ad06
|
Change version in packaging script
|
2013-11-24 23:44:27 +04:00 |
|
|
|
dce9f2e339
|
Update changelog
|
2013-11-24 23:33:23 +04:00 |
|
|
|
56d17d567a
|
Set default and safe web server settings
|
2013-11-14 18:39:21 +04:00 |
|
|
|
2ef473d2c1
|
Add missed .htaccess into silver theme
|
2013-11-14 18:18:36 +04:00 |
|
|
|
22a3690d67
|
Disable autocomplete for password fields
|
2013-11-14 17:36:05 +04:00 |
|
|
|
2ff3e8c4f0
|
Prevent empty messages from being posted (related to Issue #9)
|
2013-11-14 15:09:52 +04:00 |
|
|
|
6eef9e8762
|
Add missed type attribute for embed javascripts
|
2013-11-14 12:48:36 +04:00 |
|
Borja Rubio
|
01eff99db9
|
Added new permission for operators to see Notifications
|
2013-11-08 11:22:55 +01:00 |
|
|
|
9a0c9f42a1
|
Improve validation of incoming params
|
2013-11-07 02:55:14 +04:00 |
|
|
|
9f94e73dd2
|
Change version to 1.6.8
|
2013-10-30 19:59:28 +04:00 |
|
|
|
77ed17082f
|
Update changelog
|
2013-10-30 19:50:10 +04:00 |
|
|
|
39d3d2b7b0
|
Switch to the new logo
|
2013-10-30 19:47:09 +04:00 |
|
|
|
dc006e0a50
|
Add missed CSRF check
|
2013-10-29 02:25:51 +04:00 |
|
|
|
12f4cebe31
|
Fix bug with extra escaping of button code (related to Issue #11)
|
2013-10-21 01:10:21 +04:00 |
|
|
|
d21482ae8a
|
Remove extra colon from the presurvey templates of 'default' and 'silver' themes
|
2013-10-16 18:58:16 +04:00 |
|
|
|
f324249c8c
|
Fix invalid link for takeover of a chat (see Issue #10)
|
2013-10-14 17:19:15 +04:00 |
|
|
|
6130b6f2af
|
Fix locale code for Norsk nynorsk
|
2013-10-10 14:12:25 +04:00 |
|
|
|
849cb79b0f
|
Fix locales' names and codes
|
2013-10-06 01:46:47 +04:00 |
|
|
|
150fdbd3da
|
Fix issue when special chars in messages affected a browser's parser
|
2013-10-03 18:18:53 +04:00 |
|
|
|
0b2bff871f
|
Fix bug with extra escaping of 'session expired' message
|
2013-10-01 01:33:03 +04:00 |
|
|
|
f845cb628e
|
Completely wiped out the old application name
|
2013-09-27 18:57:37 +04:00 |
|
Dmitriy Simushev
|
821de1baec
|
Clean up repository
|
2013-09-27 18:00:51 +04:00 |
|
|
|
f2d9674f02
|
Remove useless links to 'Download' page for absent Mibew Jabber
|
2013-09-26 18:24:09 +04:00 |
|
|
|
8cec341fd0
|
Unify translations: add extra Deutsch localization constant from master branch
|
2013-09-26 17:49:59 +04:00 |
|
|
|
a201761bc3
|
Add Lithuanian translation (thanks to livechat.lt)
|
2013-09-26 17:15:15 +04:00 |
|
|
|
63a2a71245
|
Fixed some localized constants
|
2013-09-26 17:14:54 +04:00 |
|
|
|
5a6b4e5437
|
Remove useless double strings sanitizing
|
2013-09-25 15:29:57 +04:00 |
|
|
|
4f6b2624e2
|
Update packaging script
|
2013-09-25 00:24:00 +04:00 |
|
|
|
dc2e139556
|
Update changelog
|
2013-09-25 00:13:34 +04:00 |
|
|
|
5ea2f8416a
|
Change version to 1.6.7
|
2013-09-25 00:11:20 +04:00 |
|
|
|
36aa4f4b74
|
Add initialization of 'sendmail_from' PHP variable
This is a workaround for some systems that requires this variable to be set explicitly for sending emails (thanks to falcon for the issue)
|
2013-09-24 23:33:06 +04:00 |
|
|
|
7113ab3158
|
Fix missed db connection in escaping values when storing notification
|
2013-09-24 23:25:32 +04:00 |
|
|
|
96e1f4047e
|
Improve passwords hashing and testing
* Fix issue with failed blowfish-based encryption (see second part of Issue #7)
* Switch to binary safe hashes comparison
|
2013-09-24 20:09:45 +04:00 |
|
|
|
239e62d979
|
Prevent user from setting an empty name (see Issue #3)
|
2013-09-24 18:39:54 +04:00 |
|
|
|
338d5a9976
|
Beautify regexp for links highlighting in dialogue
|
2013-09-24 15:58:44 +04:00 |
|
|
|
36f8f68f9f
|
Merge pull request #6 from falcon4fun/patch-1
HTTPS links highlighting
|
2013-09-24 04:56:41 -07:00 |
|
|
|
da1a171fbc
|
Prevent generation of negative tokens (see Issue #5)
|
2013-09-24 14:44:04 +04:00 |
|
falcon4fun
|
8bf1e34fce
|
Update chat.php
|
2013-09-24 10:44:30 +03:00 |
|
falcon4fun
|
ccc9bdfbb0
|
HTTPS links highlighting
Make a https links highlighting too.
|
2013-09-24 10:34:53 +03:00 |
|
Dmitriy Simushev
|
5a93a16303
|
Update Dutch translation (thanks to Erik Kerkhoven)
|
2013-09-22 13:45:20 +04:00 |
|
|
|
7cfe7d6a4d
|
Update packaging script
|
2013-09-17 19:18:49 +04:00 |
|
|
|
95c37f1777
|
Change version to 1.6.6
|
2013-09-14 22:52:03 +04:00 |
|
|
|
547a415488
|
Update changelog
|
2013-09-14 22:49:42 +04:00 |
|
|
|
032306866a
|
Fix bugs with extra escaping of special chars in requests related to operations with threads
|
2013-09-14 22:31:13 +04:00 |
|
|
|
2779206a1a
|
Add new localization constants
|
2013-09-14 22:15:36 +04:00 |
|
|
|
6e3f6a4201
|
Add missed parentheses
|
2013-09-14 20:52:07 +04:00 |
|
|
|
5d728ed7fd
|
Completely wiped out the old application name
|
2013-09-14 20:32:58 +04:00 |
|
|
|
16879885c5
|
Change some translations to decrease confusion with the old application name
|
2013-09-14 20:18:35 +04:00 |
|
|
|
fc965fd285
|
Rename some cookies to decrease confusion with the old application name
|
2013-09-14 16:36:39 +04:00 |
|
|
|
1c0b4f48c9
|
Rename some functions to decrease confusion with the old application name
|
2013-09-14 16:30:54 +04:00 |
|
|
|
e94ba149df
|
Update README file to decrease confusion with the old application name
|
2013-09-14 16:28:50 +04:00 |
|
|
|
5afc23c446
|
Switch to a properly hashed passwords
|
2013-09-14 15:59:38 +04:00 |
|
|
|
003ba6f46b
|
Make session cookie more secure
|
2013-09-14 15:58:57 +04:00 |
|
|
|
13729dac93
|
Improve generation of CAPTCHA images
|
2013-09-13 22:56:01 +04:00 |
|
|
|
8bb1551f7a
|
Switch to a more secure method for generation of the thread token
|
2013-09-13 20:19:12 +04:00 |
|
|
|
d9a8afeb57
|
Fix regular expressions for integer IDs
|
2013-09-13 20:18:06 +04:00 |
|
|
|
d7c18215c5
|
Switch to a more secure method for generation of the CSRF token
|
2013-09-13 19:53:20 +04:00 |
|
|
|
2334a0ed0a
|
Switch to a more secure method for generation of the token for request for a password restore
|
2013-09-13 19:36:56 +04:00 |
|
|
|
e61706955a
|
Switch to a more reliable function for generation of userid
|
2013-09-13 19:36:31 +04:00 |
|
|
|
b77e2a9743
|
Fix bug with userid type in sql requests
|
2013-09-13 19:33:31 +04:00 |
|
|
|
4f43280bd1
|
Set PHPSESSID cookie as secure if HTTPS is used
|
2013-09-13 16:21:10 +04:00 |
|
|
|
e7ae0845d8
|
Set PHPSESSID cookie as HTTP-only
|
2013-09-13 15:56:06 +04:00 |
|
|
|
0cfb7a74f5
|
Fix multiple potential filepath manipulation vulnerabilities
|
2013-09-13 15:26:54 +04:00 |
|
|
|
84467fbb8d
|
Restrict opening of files outside the Mibew installation
|
2013-09-13 14:34:59 +04:00 |
|
|
|
afa06b21e2
|
Bug fix
Properly check file handler before making use of it in common.php
|
2013-09-13 14:34:32 +04:00 |
|
|
|
6747e2f557
|
Improve algorithm of setting and storing locale setting
|
2013-09-13 13:36:04 +04:00 |
|
|
|
2559630e8f
|
Add verification of values of the default and home locales
|
2013-09-11 20:18:26 +04:00 |
|
|
|
097ee2b0d9
|
Fix files' permissions
|
2013-09-11 19:35:17 +04:00 |
|
|
|
50c0b50abf
|
Sanitize database tables prefix
|
2013-09-10 19:10:26 +04:00 |
|
|
|
f26af7f05d
|
Make headers more safe
|
2013-09-10 17:41:54 +04:00 |
|
|
|
b42f5bdd0d
|
Sanitize path to application and remove extra slashes from it
|
2013-09-10 17:28:22 +04:00 |
|
|
|
92847d1a52
|
Fix multiple (potential) SQL Injections
|
2013-09-10 16:21:34 +04:00 |
|
|
|
2532f3bc01
|
Enable default conversion of single quotes during HTML entities conversion
|
2013-09-06 17:08:27 +04:00 |
|
|
|
441e88dfa9
|
Remove redundant whitespaces
|
2013-09-06 15:35:11 +04:00 |
|
|
|
0f86f558ec
|
Fix HTML attributes markup
|
2013-09-06 15:34:42 +04:00 |
|
|
|
621f5951c4
|
Fix paths in login-related forms
|
2013-09-06 14:34:44 +04:00 |
|
|
|
4e6eff55e5
|
Mark necessary comment field in ban form
|
2013-09-06 14:33:11 +04:00 |
|
|
|
03265a1fb0
|
Fix multiple CSRF vulnerabilities
|
2013-09-06 14:32:25 +04:00 |
|
|
|
9aef0fb2d4
|
Fix multiple XSS vulnerabilities (including CVE-2012-0829)
|
2013-09-06 14:31:07 +04:00 |
|
Dmitriy Simushev
|
3ee7fca025
|
Add captcha to pre-chat survey
|
2013-08-28 12:33:25 +04:00 |
|
|
|
845d250b88
|
Fix steps enumeration in README file
|
2013-08-04 13:38:17 +04:00 |
|
|
|
efe6caee71
|
Mibew Tray 1.1.1 release
Update links to an actual mibew domain in Mibew Tray application (thanks to Nemesis0one)
|
2013-07-31 16:38:10 +04:00 |
|
|
|
dcd5ecebfa
|
1.6.5 released
|
2013-07-24 17:23:48 +04:00 |
|
|
|
32b9ba862b
|
Update db and features versions
|
2013-07-24 15:50:00 +04:00 |
|
|
|
eb65ec9329
|
Update translations (da, de, fi, it, pt-br)
|
2013-07-24 15:49:22 +04:00 |
|
|
|
d6c18a5ef7
|
Update javascripts: version changed to 1.6.5
|
2013-07-24 01:47:07 +04:00 |
|
|
|
3ea9c6c893
|
Update copyright notice
|
2013-07-24 01:20:36 +04:00 |
|
|
|
4cd7bab1be
|
Improve packaging script
|
2013-07-24 00:42:43 +04:00 |
|
|
|
95d95daa34
|
Update localization constants
|
2013-07-24 00:42:23 +04:00 |
|
Dmitriy Simushev
|
b5d05f5411
|
Update license info in license.php
|
2013-07-24 00:08:46 +04:00 |
|
Evgeny Gryaznov
|
13ca97f10d
|
update headers
|
2013-03-06 22:56:55 +01:00 |
|
Evgeny Gryaznov
|
4f483abe26
|
Merge branch 'v1.6.x'
|
2013-03-06 22:52:38 +01:00 |
|
Evgeny Gryaznov
|
7bdd14c790
|
remove eclipse files; update version to 1.6.5; fix headers
|
2013-03-06 22:32:31 +01:00 |
|
Evgeny Gryaznov
|
98aad6e490
|
apache 2 license in php headers
|
2013-03-06 22:22:53 +01:00 |
|
Evgeny Gryaznov
|
3741e57eab
|
apache 2 license (started); upgrade version to 1.6.5
|
2013-03-05 00:24:26 +01:00 |
|
Evgeny Gryaznov
|
c50d60730c
|
fix move_uploaded_file errors
|
2013-03-05 00:03:39 +01:00 |
|
Evgeny Gryaznov
|
dd6632ffdf
|
format the code; remove comments in the client code; move csrfchecktoken() right after check_login()
|
2012-06-27 10:11:40 +02:00 |
|
YuFei Zhu
|
2d04bbe4ee
|
add csrf token to translate view
|
2012-05-01 13:21:49 +01:00 |
|
YuFei Zhu
|
22916ce8a0
|
add csrf token to performance and features views
|
2012-05-01 13:20:03 +01:00 |
|
