aboutsummaryrefslogtreecommitdiff
path: root/engine
AgeCommit message (Collapse)Author
2008-09-01Additional per-session random token, additional randomness protection ↵marcus
against CSRF. Report problems. git-svn-id: https://code.elgg.org/elgg/trunk@2048 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Some session fingerprinting code. Requires user agent to be consistent ↵marcus
across requests. git-svn-id: https://code.elgg.org/elgg/trunk@2047 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Regenerates session ID on user login. This helps prevent some hijacking attacks.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2046 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-31Minor tweak, logout now calls session_destroy()marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2045 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-28Closes #313, Fixes #274: Resolved strange OSX language file browsing, ↵marcus
including speculative windows fix. Thanks for the patch! git-svn-id: https://code.elgg.org/elgg/trunk@2044 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-26Minor tweak to basic stats to clarify number of users in the system.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2041 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-25Closes #254: If mb_string is installed then internationalised usernames are ↵marcus
supported in file system. Because of this I have raised mbstring from recommended to a (non-fatal) core requirement. Because of the lack of a unicode ctype_alnum function the validation occurs at username input. Because of this I have improved the user registration code: This code now validates for special chars etc in the username. I have also introduced the following new plugin hooks (which are run after primary validation) which provide plugins with the ability to add other requirements (extra security etc). 'registeruser:validate:password' 'registeruser:validate:username' 'registeruser:validate:email' Marcus Povey 25/8/08 git-svn-id: https://code.elgg.org/elgg/trunk@2040 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-22Committing kses fixben
git-svn-id: https://code.elgg.org/elgg/trunk@2039 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-21Fixed input for people with magic quotes on.ben
git-svn-id: https://code.elgg.org/elgg/trunk@2037 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-21Added plugin hook to elgg_view.ben
git-svn-id: https://code.elgg.org/elgg/trunk@2034 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-21Fixes #280marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2032 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-21Blanking session code on initialisation failmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@2031 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-20Refs #273: Extra sanity checking on installmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@2025 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-20Refs #272: Speculative fix. Added PORT support to current_page_url(). Please ↵marcus
test to see if this solves your problem... git-svn-id: https://code.elgg.org/elgg/trunk@2022 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-19Refs #266: Error given if no database has been set up.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2017 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-19Refs #256: Basic installation parameters checked.marcus
Fixes #266: If the install flag isn't set then elgg_view will no longer attempt to load data from the database. git-svn-id: https://code.elgg.org/elgg/trunk@2016 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-19Refs #265: If $CONFIG->view not blank then it overrides the session even if ↵marcus
the session is set. git-svn-id: https://code.elgg.org/elgg/trunk@2015 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-19Fixes #260: Done. Nice spot.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@2014 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-18Small access fixben
git-svn-id: https://code.elgg.org/elgg/trunk@2010 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-18Corrected minor friend collection issueben
git-svn-id: https://code.elgg.org/elgg/trunk@2005 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-18More submenu correctionsben
git-svn-id: https://code.elgg.org/elgg/trunk@1999 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-18Removing a user disables their entitiesben
git-svn-id: https://code.elgg.org/elgg/trunk@1997 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-17Fixed the submenuben
git-svn-id: https://code.elgg.org/elgg/trunk@1995 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-17Submenu items are now sorted.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1992 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-17Wired in latest activity, so new users aren't as lonely as they otherwise ↵ben
might be. git-svn-id: https://code.elgg.org/elgg/trunk@1983 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-16Removing gallery on search user list functionben
git-svn-id: https://code.elgg.org/elgg/trunk@1972 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-16Code also uselessmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@1960 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-16Salt free dietmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@1959 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15Correction for the search list users by name function.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1956 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15Added proper search for users by nameben
git-svn-id: https://code.elgg.org/elgg/trunk@1953 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15Improved the kses whitelistben
git-svn-id: https://code.elgg.org/elgg/trunk@1941 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15Added the ability to hide the gallery view on list_entities_from_relationshipsben
git-svn-id: https://code.elgg.org/elgg/trunk@1937 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15Refs #249marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1930 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-15The front page now only shows content and groups.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1929 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-14Fixed an issue with the submenu.ben
git-svn-id: https://code.elgg.org/elgg/trunk@1923 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-14Fixes #245: Tags now stripped from email messages. marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1922 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-14Redefined the default submenu item group to 'a', so most usually it will ↵ben
appear on top git-svn-id: https://code.elgg.org/elgg/trunk@1917 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-14Added the facility to group submenusben
git-svn-id: https://code.elgg.org/elgg/trunk@1915 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Closes #227 and #243: Hopefully this has the fscking thing nailed to the wall. marcus
Please report any problems, especially is they relate to access permissions (granted when you shouldn't or denied when you should) git-svn-id: https://code.elgg.org/elgg/trunk@1912 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Fixing some session blanking problems.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1910 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Reverted changes so users can now register again.marcus
There are critical issues with enable/disable. Primarily: 1) A number of functions do not use the access controls, these throw an exception when accessing a disabled entity. 2) #243 does not seem possible. git-svn-id: https://code.elgg.org/elgg/trunk@1909 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Correct menus being usedmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@1907 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Refs #237: Added option, now just needs a search listing banned users.marcus
Depends #243 git-svn-id: https://code.elgg.org/elgg/trunk@1904 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Closes #227. Depends on #243 to work.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1903 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Refs #237, #46 and #227: Added override code.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1902 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Actually closes #46marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1901 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Added a reason for disabled objects.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1891 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Closes #46: Method for activating an entity. No hookup yet.marcus
git-svn-id: https://code.elgg.org/elgg/trunk@1890 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Refs #237, #46 and #227: Added active only override to get_access_sql_suffixmarcus
git-svn-id: https://code.elgg.org/elgg/trunk@1889 36083f99-b078-4883-b0ff-0f9b5a30f544
2008-08-13Fixes #241: Changed order, delete user using object's delete method rather ↵marcus
than the low level function git-svn-id: https://code.elgg.org/elgg/trunk@1887 36083f99-b078-4883-b0ff-0f9b5a30f544
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 21:21:31 +0000