|
|
1c0b4f48c9
|
Rename some functions to decrease confusion with the old application name
|
2013-09-14 16:30:54 +04:00 |
|
|
|
e94ba149df
|
Update README file to decrease confusion with the old application name
|
2013-09-14 16:28:50 +04:00 |
|
|
|
5afc23c446
|
Switch to a properly hashed passwords
|
2013-09-14 15:59:38 +04:00 |
|
|
|
003ba6f46b
|
Make session cookie more secure
|
2013-09-14 15:58:57 +04:00 |
|
|
|
13729dac93
|
Improve generation of CAPTCHA images
|
2013-09-13 22:56:01 +04:00 |
|
|
|
8bb1551f7a
|
Switch to a more secure method for generation of the thread token
|
2013-09-13 20:19:12 +04:00 |
|
|
|
d9a8afeb57
|
Fix regular expressions for integer IDs
|
2013-09-13 20:18:06 +04:00 |
|
|
|
d7c18215c5
|
Switch to a more secure method for generation of the CSRF token
|
2013-09-13 19:53:20 +04:00 |
|
|
|
2334a0ed0a
|
Switch to a more secure method for generation of the token for request for a password restore
|
2013-09-13 19:36:56 +04:00 |
|
|
|
e61706955a
|
Switch to a more reliable function for generation of userid
|
2013-09-13 19:36:31 +04:00 |
|
|
|
b77e2a9743
|
Fix bug with userid type in sql requests
|
2013-09-13 19:33:31 +04:00 |
|
|
|
4f43280bd1
|
Set PHPSESSID cookie as secure if HTTPS is used
|
2013-09-13 16:21:10 +04:00 |
|
|
|
e7ae0845d8
|
Set PHPSESSID cookie as HTTP-only
|
2013-09-13 15:56:06 +04:00 |
|
|
|
0cfb7a74f5
|
Fix multiple potential filepath manipulation vulnerabilities
|
2013-09-13 15:26:54 +04:00 |
|
|
|
84467fbb8d
|
Restrict opening of files outside the Mibew installation
|
2013-09-13 14:34:59 +04:00 |
|
|
|
afa06b21e2
|
Bug fix
Properly check file handler before making use of it in common.php
|
2013-09-13 14:34:32 +04:00 |
|
|
|
6747e2f557
|
Improve algorithm of setting and storing locale setting
|
2013-09-13 13:36:04 +04:00 |
|
|
|
2559630e8f
|
Add verification of values of the default and home locales
|
2013-09-11 20:18:26 +04:00 |
|
|
|
097ee2b0d9
|
Fix files' permissions
|
2013-09-11 19:35:17 +04:00 |
|
|
|
50c0b50abf
|
Sanitize database tables prefix
|
2013-09-10 19:10:26 +04:00 |
|
|
|
f26af7f05d
|
Make headers more safe
|
2013-09-10 17:41:54 +04:00 |
|
|
|
b42f5bdd0d
|
Sanitize path to application and remove extra slashes from it
|
2013-09-10 17:28:22 +04:00 |
|
|
|
92847d1a52
|
Fix multiple (potential) SQL Injections
|
2013-09-10 16:21:34 +04:00 |
|
|
|
2532f3bc01
|
Enable default conversion of single quotes during HTML entities conversion
|
2013-09-06 17:08:27 +04:00 |
|
|
|
441e88dfa9
|
Remove redundant whitespaces
|
2013-09-06 15:35:11 +04:00 |
|
|
|
0f86f558ec
|
Fix HTML attributes markup
|
2013-09-06 15:34:42 +04:00 |
|
|
|
621f5951c4
|
Fix paths in login-related forms
|
2013-09-06 14:34:44 +04:00 |
|
|
|
4e6eff55e5
|
Mark necessary comment field in ban form
|
2013-09-06 14:33:11 +04:00 |
|
|
|
03265a1fb0
|
Fix multiple CSRF vulnerabilities
|
2013-09-06 14:32:25 +04:00 |
|
|
|
9aef0fb2d4
|
Fix multiple XSS vulnerabilities (including CVE-2012-0829)
|
2013-09-06 14:31:07 +04:00 |
|
Dmitriy Simushev
|
3ee7fca025
|
Add captcha to pre-chat survey
|
2013-08-28 12:33:25 +04:00 |
|
|
|
845d250b88
|
Fix steps enumeration in README file
|
2013-08-04 13:38:17 +04:00 |
|
|
|
efe6caee71
|
Mibew Tray 1.1.1 release
Update links to an actual mibew domain in Mibew Tray application (thanks to Nemesis0one)
|
2013-07-31 16:38:10 +04:00 |
|
|
|
dcd5ecebfa
|
1.6.5 released
|
2013-07-24 17:23:48 +04:00 |
|
|
|
32b9ba862b
|
Update db and features versions
|
2013-07-24 15:50:00 +04:00 |
|
|
|
eb65ec9329
|
Update translations (da, de, fi, it, pt-br)
|
2013-07-24 15:49:22 +04:00 |
|
|
|
d6c18a5ef7
|
Update javascripts: version changed to 1.6.5
|
2013-07-24 01:47:07 +04:00 |
|
|
|
3ea9c6c893
|
Update copyright notice
|
2013-07-24 01:20:36 +04:00 |
|
|
|
4cd7bab1be
|
Improve packaging script
|
2013-07-24 00:42:43 +04:00 |
|
|
|
95d95daa34
|
Update localization constants
|
2013-07-24 00:42:23 +04:00 |
|
Dmitriy Simushev
|
b5d05f5411
|
Update license info in license.php
|
2013-07-24 00:08:46 +04:00 |
|
Evgeny Gryaznov
|
13ca97f10d
|
update headers
|
2013-03-06 22:56:55 +01:00 |
|
Evgeny Gryaznov
|
4f483abe26
|
Merge branch 'v1.6.x'
|
2013-03-06 22:52:38 +01:00 |
|
Evgeny Gryaznov
|
7bdd14c790
|
remove eclipse files; update version to 1.6.5; fix headers
|
2013-03-06 22:32:31 +01:00 |
|
Evgeny Gryaznov
|
98aad6e490
|
apache 2 license in php headers
|
2013-03-06 22:22:53 +01:00 |
|
Evgeny Gryaznov
|
3741e57eab
|
apache 2 license (started); upgrade version to 1.6.5
|
2013-03-05 00:24:26 +01:00 |
|
Evgeny Gryaznov
|
c50d60730c
|
fix move_uploaded_file errors
|
2013-03-05 00:03:39 +01:00 |
|
Evgeny Gryaznov
|
dd6632ffdf
|
format the code; remove comments in the client code; move csrfchecktoken() right after check_login()
|
2012-06-27 10:11:40 +02:00 |
|
YuFei Zhu
|
2d04bbe4ee
|
add csrf token to translate view
|
2012-05-01 13:21:49 +01:00 |
|
YuFei Zhu
|
22916ce8a0
|
add csrf token to performance and features views
|
2012-05-01 13:20:03 +01:00 |
|
YuFei Zhu
|
7f8b2fca89
|
update token methods to ensure csrf token is always get setted
|
2012-05-01 13:18:42 +01:00 |
|
YuFei Zhu
|
e3b8848f78
|
update comment for avatar csrf, and add csrf token check to permission page
|
2012-05-01 13:02:34 +01:00 |
|
YuFei Zhu
|
e4be5385ca
|
add csrf token check to avatar upload
|
2012-05-01 12:58:05 +01:00 |
|
YuFei Zhu
|
092ebd16ba
|
added auth token for delete offline messages check for csrf
|
2012-04-30 17:14:44 +01:00 |
|
YuFei Zhu
|
8abf075e2f
|
enable act=del url check for auth tokens for csrf attacks
|
2012-04-30 17:09:11 +01:00 |
|
YuFei Zhu
|
b84b439358
|
having token checks on POST forms
|
2012-04-30 16:41:55 +01:00 |
|
Evgeny Gryaznov
|
1ab3efb86f
|
login & reset password pages: default value for login where possible; update ru
|
2012-03-14 22:26:44 +01:00 |
|
Dmitriy Simushev
|
7b35045f06
|
Fixed the bug related with the need to enter passwords when you change the profile of any operator.
|
2012-03-14 22:26:44 +01:00 |
|
|
|
4bb79cb7cb
|
Fix bug in old threads cleansing
|
2012-03-14 22:26:44 +01:00 |
|
Dmitriy Simushev
|
323a7f2fcd
|
Added closing threads by timeout
|
2012-03-14 22:26:39 +01:00 |
|
Dmitriy Simushev
|
36a2d977a0
|
Open mibew.org link in the bottom of operators pages in a new window
|
2012-03-12 22:43:27 +01:00 |
|
Dmitriy Simushev
|
d0bd084d1c
|
Fixed the Blue Screen in Google Chrome 17+
|
2012-03-12 22:30:11 +01:00 |
|
Dmitriy Simushev
|
8c69f5ad09
|
Fixed js bug with submit buttons in restore and reset password forms
|
2012-03-12 22:24:01 +01:00 |
|
Evgeny Gryaznov
|
e198b825ce
|
update java applications (from master branch)
|
2012-03-12 01:23:23 +01:00 |
|
Evgeny Gryaznov
|
035479f7a2
|
Merge branch v1.6.x into master
|
2012-03-12 01:05:44 +01:00 |
|
Evgeny Gryaznov
|
b969bf7717
|
phpstorm 3.0.3 config files
|
2012-03-12 00:20:15 +01:00 |
|
Evgeny Gryaznov
|
463ff10744
|
update Persian (by Amir Khani)
|
2012-03-12 00:19:36 +01:00 |
|
Evgeny Gryaznov
|
2b3b897545
|
update Hungarian (by Istvan Somlai)
|
2012-03-12 00:19:28 +01:00 |
|
Evgeny Gryaznov
|
875bccb9d0
|
update Simplified Chinese (by Xiaoyu)
|
2012-03-12 00:19:20 +01:00 |
|
Evgeny Gryaznov
|
d753a68a9e
|
update Spanish (by Jesus Plaza)
|
2012-03-12 00:19:12 +01:00 |
|
Evgeny Gryaznov
|
ae2d6e95bb
|
update Portuguese European, pt-pt (by Carlos Silva)
|
2012-03-12 00:19:01 +01:00 |
|
Evgeny Gryaznov
|
15c1127cb7
|
update Indonesian (by Adi Nugroho), without images though
|
2012-03-12 00:18:53 +01:00 |
|
Evgeny Gryaznov
|
dbd2a058e2
|
update Italian (Luca Sasdelli)
|
2012-03-12 00:18:45 +01:00 |
|
Evgeny Gryaznov
|
9df971df14
|
update English (by Olimax)
|
2012-03-12 00:18:27 +01:00 |
|
Evgeny Gryaznov
|
34765f7180
|
update Belarusian (by Berasneu)
|
2012-03-12 00:16:21 +01:00 |
|
Evgeny Gryaznov
|
cb373fb7f2
|
update pl (by WebTower), hu, fr
|
2012-03-12 00:16:15 +01:00 |
|
Evgeny Gryaznov
|
701c8e2251
|
fix encoding in operators list
|
2012-03-12 00:16:00 +01:00 |
|
|
|
a749909f90
|
Fix check of existance of tables indexes during database upgrade process
|
2012-03-12 00:15:49 +01:00 |
|
|
|
6a867b4a92
|
Create indexes for database tables during installation process
|
2012-03-12 00:15:39 +01:00 |
|
Evgeny Gryaznov
|
09f4af88bf
|
phpstorm 3.0.3 config files
|
2012-03-11 13:31:25 +01:00 |
|
Evgeny Gryaznov
|
7b790bbfdb
|
update Persian (by Amir Khani)
|
2011-09-18 01:38:54 +02:00 |
|
Evgeny Gryaznov
|
af5414a9eb
|
update Hungarian (by Istvan Somlai)
|
2011-09-18 01:20:24 +02:00 |
|
Evgeny Gryaznov
|
6adf0da114
|
update Simplified Chinese (by Xiaoyu)
|
2011-09-18 01:13:32 +02:00 |
|
Evgeny Gryaznov
|
5b485a0410
|
update Spanish (by Jesus Plaza)
|
2011-09-18 01:03:17 +02:00 |
|
Evgeny Gryaznov
|
a3a12bab3e
|
update Portuguese European, pt-pt (by Carlos Silva)
|
2011-09-18 00:36:55 +02:00 |
|
Evgeny Gryaznov
|
83f61978fe
|
update Indonesian (by Adi Nugroho), without images though
|
2011-09-18 00:28:51 +02:00 |
|
Evgeny Gryaznov
|
40e5242b8b
|
update Italian (Luca Sasdelli)
|
2011-09-18 00:22:47 +02:00 |
|
Evgeny Gryaznov
|
29f27300a2
|
update English (by Olimax)
|
2011-09-18 00:14:28 +02:00 |
|
Evgeny Gryaznov
|
14d42d71b2
|
update Belarusian (by Berasneu)
|
2011-09-18 00:14:09 +02:00 |
|
Evgeny Gryaznov
|
b7661d5957
|
update pl (by WebTower), hu, fr
|
2011-06-12 13:57:10 +02:00 |
|
Evgeny Gryaznov
|
9780210973
|
fix encoding in operators list
|
2011-04-21 00:44:04 +02:00 |
|
|
|
d091447409
|
Fix check of existance of tables indexes during database upgrade process
|
2011-04-15 23:53:43 +02:00 |
|
|
|
b498de216e
|
Create indexes for database tables during installation process
|
2011-04-15 23:53:19 +02:00 |
|
Evgeny Gryaznov
|
65b00240d3
|
redirect to profile page after first login; informational banner when password is blank; do not enforce password change; rename Home -> Dashboard
|
2011-04-15 01:43:03 +02:00 |
|
Haynes
|
68f0e13e09
|
This commit forces the User to set a password for the Administrator before doing anything else after the installation.
|
2011-04-15 01:40:01 +02:00 |
|
Evgeny Gryaznov
|
d02b113f93
|
redirect to profile page after first login; informational banner when password is blank; do not enforce password change; rename Home -> Dashboard
|
2011-04-15 01:38:43 +02:00 |
|
Haynes
|
aee46f9e2a
|
This commit forces the User to set a password for the Administrator before doing anything else after the installation.
|
2011-04-14 23:52:33 +02:00 |
|
Evgeny Gryaznov
|
5bba5ed824
|
extract libs/getcode.php, use google closure compiler
|
2011-04-07 10:09:10 +02:00 |
|
Evgeny Gryaznov
|
c053bfe283
|
removed .iml; modern tabs on group settings pages; beautifying code
|
2011-04-07 00:52:03 +02:00 |
|
Evgeny Gryaznov
|
f4c3c56789
|
update jQuery to 1.4.2; "enabled ban" after statistics
|
2011-04-07 00:35:03 +02:00 |
|
Evgeny Gryaznov
|
79b37c720f
|
fix groupids in visitors update; fix DB error reporting in installer; smaller opaway/oponline image
|
2011-04-07 00:31:22 +02:00 |
|
Evgeny Gryaznov
|
7ff174aa86
|
silver skin by Alekin Pavel (update)
|
2011-04-06 23:44:28 +02:00 |
|
Evgeny Gryaznov
|
ff141e42f2
|
silver skin by Alekin Pavel (initial commit)
|
2011-04-06 23:44:19 +02:00 |
|
Evgeny Gryaznov
|
1700b128b0
|
fix theme preview; fix bottom anchor in chat.js
|
2011-04-06 23:43:50 +02:00 |
|
Evgeny Gryaznov
|
2261c1cfbe
|
fix TYPE -> ENGINE (mysql 5.5 compatibility)
|
2011-04-06 23:42:59 +02:00 |
|
Evgeny Gryaznov
|
a68b9e6e9c
|
1.6.4 released
|
2011-04-06 23:42:28 +02:00 |
|
Evgeny Gryaznov
|
02c43a147d
|
1.6.4 RC2
|
2011-04-06 23:42:08 +02:00 |
|
Evgeny Gryaznov
|
483bc80180
|
1.6.4 RC1
|
2011-04-06 23:41:57 +02:00 |
|
Evgeny Gryaznov
|
71f9b1fa6a
|
update whatsnew
|
2011-04-06 23:41:47 +02:00 |
|
Evgeny Gryaznov
|
81c84f3702
|
better installation messages; ignore \r in checksum
|
2011-04-06 23:41:15 +02:00 |
|
Evgeny Gryaznov
|
ab922fd519
|
fix cr in .htaccess; disable drop tables; do not show change password/delete install folder if admin has password; check file permissions/checksum
|
2011-04-06 23:40:06 +02:00 |
|
Evgeny Gryaznov
|
4257b6f87b
|
fix sound issues in windows
|
2011-04-06 23:36:15 +02:00 |
|
Evgeny Gryaznov
|
049def144e
|
update whatsnew, recompute resources
|
2011-04-06 23:34:34 +02:00 |
|
Evgeny Gryaznov
|
acc86b9221
|
ability to override notification email for group
|
2011-04-06 23:32:29 +02:00 |
|
Evgeny Gryaznov
|
3715d2207e
|
fix: do not cache button image (thanks to Alex Morozov)
|
2011-04-06 23:32:13 +02:00 |
|
Evgeny Gryaznov
|
5595bd0f6e
|
install page: links to check the sound
|
2011-04-06 23:31:39 +02:00 |
|
Evgeny Gryaznov
|
2a5943c058
|
update release script
|
2011-04-06 23:21:57 +02:00 |
|
Evgeny Gryaznov
|
9d9cbf7e81
|
code cleanup
|
2011-04-06 23:21:36 +02:00 |
|
Evgeny Gryaznov
|
66130ec312
|
silver skin by Alekin Pavel (update)
|
2011-03-31 09:59:11 +02:00 |
|
Evgeny Gryaznov
|
2354cf1ef0
|
silver skin by Alekin Pavel (initial commit)
|
2011-03-31 09:56:59 +02:00 |
|
Evgeny Gryaznov
|
4516fabf62
|
fix theme preview; fix bottom anchor in chat.js
|
2011-03-30 00:01:04 +02:00 |
|
Evgeny Gryaznov
|
2479f2e684
|
fix TYPE -> ENGINE (mysql 5.5 compatibility)
|
2011-03-06 23:36:34 +01:00 |
|
Evgeny Gryaznov
|
8a1cc74803
|
1.6.4 released
|
2011-03-05 23:06:30 +01:00 |
|
Evgeny Gryaznov
|
53b54d09d4
|
1.6.4 RC2
|
2011-03-05 00:17:04 +01:00 |
|
Evgeny Gryaznov
|
724b63422d
|
1.6.4 RC1
|
2011-03-04 23:42:35 +01:00 |
|
Evgeny Gryaznov
|
cc6d385c8a
|
update whatsnew
|
2011-03-04 23:35:35 +01:00 |
|
Evgeny Gryaznov
|
4ef160897b
|
better installation messages; ignore \r in checksum
|
2011-03-04 23:34:00 +01:00 |
|
Evgeny Gryaznov
|
c6c614b3c2
|
fix cr in .htaccess; disable drop tables; do not show change password/delete install folder if admin has password; check file permissions/checksum
|
2011-03-04 23:01:24 +01:00 |
|
Evgeny Gryaznov
|
f832e38e75
|
fix sound issues in windows
|
2011-03-02 02:21:54 +01:00 |
|
Evgeny Gryaznov
|
00362f7457
|
update whatsnew, recompute resources
|
2011-03-02 00:20:42 +01:00 |
|
Evgeny Gryaznov
|
dd595fc4f7
|
ability to override notification email for group
|
2011-03-01 23:56:27 +01:00 |
|
Evgeny Gryaznov
|
10e676e05f
|
fix: do not cache button image (thanks to Alex Morozov)
|
2011-02-28 22:12:07 +01:00 |
|
Evgeny Gryaznov
|
df590adf81
|
install page: links to check the sound
|
2011-02-27 01:54:27 +01:00 |
|
Evgeny Gryaznov
|
40655b8a47
|
update release script
|
2011-02-27 00:15:36 +01:00 |
|
Evgeny Gryaznov
|
3d368c6783
|
fix session using for installations with prefix
|
2011-02-27 00:11:08 +01:00 |
|
Evgeny Gryaznov
|
9cc2833364
|
fix tr/fr locale
|
2011-02-27 00:04:59 +01:00 |
|
Evgeny Gryaznov
|
20bcf3c1f5
|
code cleanup
|
2011-02-27 00:02:29 +01:00 |
|
Evgeny Gryaznov
|
f4e99a3d52
|
fix minor issues (link param, formatting)
|
2011-02-26 23:54:58 +01:00 |
|
Evgeny Gryaznov
|
03dec2afb2
|
format code
|
2011-02-26 23:48:41 +01:00 |
|
Evgeny Gryaznov
|
b9cc8ed5b1
|
extract tabbar generation code -> inc_tabbar.php
|
2011-02-26 15:37:48 +01:00 |
|
Evgeny Gryaznov
|
616e8da89e
|
two columns on code generation page
|
2011-02-26 15:21:14 +01:00 |
|
Evgeny Gryaznov
|
6a41b86de4
|
whats new updated
|
2011-02-26 15:09:39 +01:00 |
|
Evgeny Gryaznov
|
0c58691731
|
format code in operator/
|
2011-02-26 15:06:19 +01:00 |
|
Evgeny Gryaznov
|
a90594235a
|
format code in libs/
|
2011-02-26 15:04:12 +01:00 |
|
Evgeny Gryaznov
|
693ece85fe
|
format code, fix minor issues (link param, etc.)
|
2011-02-26 14:57:23 +01:00 |
|
Evgeny Gryaznov
|
e160af13ef
|
use mysqlprefix in names of session vars
|
2011-02-26 14:43:30 +01:00 |
|
Evgeny Gryaznov
|
2bcffd5f4a
|
replace " . $mysqlprefix . " -> ${mysqlprefix}
|
2011-02-26 14:29:11 +01:00 |
|
Evgeny Gryaznov
|
b18085de38
|
$mysqlprefix variable added
|
2011-02-26 14:13:16 +01:00 |
|
Evgeny Gryaznov
|
00e9c651d5
|
"you are offline" notification box
|
2011-02-26 13:24:29 +01:00 |
|
Evgeny Gryaznov
|
2dd0839f0d
|
notify about new features
|
2011-02-26 13:15:35 +01:00 |
|
