aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/auth
Commit message (Collapse)AuthorAgeFilesLines
* [ticket/10247] Use COUNT(*) instead of COUNT(attempt_id)Nils Adermann2011-07-041-1/+1
| | | | | | attempt_id column was deleted PHPBB3-10247
* [ticket/10220] Limit user agent value length for storage in login attempt tableNils Adermann2011-06-151-1/+1
| | | | PHPBB3-10220
* [ticket/9892] count is a keyword in firebird, so renaming this aliasNils Adermann2011-06-121-2/+2
| | | | PHPBB3-9892
* [ticket/9992] Use sql_fetchfield for single row and single column resultNils Adermann2011-06-101-2/+1
| | | | PHPBB3-9992
* [ticket/9992] Adding a limit on login attempts per IP.Nils Adermann2011-06-101-4/+62
| | | | | | | | | | | | | A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992
* [ticket/8138] Add autocomplete="off" to acp_board and ldap settingsNils Adermann2011-06-031-1/+1
| | | | PHPBB3-8138
* [ticket/7538] Limit user_login_attempts to prevent SQL errors.Andreas Fischer2010-10-151-2/+4
| | | | PHPBB3-7538
* [ticket/8792] Add LDAP_SEARCH_FAILED string for when ldap_search() fails.Andreas Fischer2010-05-161-1/+1
| | | | | | | | No longer use LDAP_NO_SERVER_CONNECTION in case ldap_search() fails. Add and use LDAP_SEARCH_FAILED instead, so users can tell the difference between ldap_connect() failing and ldap_search() failing. PHPBB3-8792
* Make sure captcha factory is there. Make sure language array is there.Andreas Fischer2010-01-201-0/+5
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10431 89ea8834-ac86-4346-8a33-228a782c2dd0
* spacesHenry Sudhof2010-01-171-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10418 89ea8834-ac86-4346-8a33-228a782c2dd0
* spacesHenry Sudhof2010-01-171-4/+4
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10412 89ea8834-ac86-4346-8a33-228a782c2dd0
* Always require a fresh solved captcha, don't accept a stored solution.Henry Sudhof2010-01-171-3/+8
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10411 89ea8834-ac86-4346-8a33-228a782c2dd0
* make userdata availableHenry Sudhof2010-01-141-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10406 89ea8834-ac86-4346-8a33-228a782c2dd0
* #51395 - remove legacy captcha code. authorised by: acyd burnHenry Sudhof2009-09-151-18/+6
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10143 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix #45315Chris Smith2009-07-181-1/+2
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9783 89ea8834-ac86-4346-8a33-228a782c2dd0
* Correct escaping/unescaping in the LDAP authentication plugin. #48175Chris Smith2009-07-171-7/+11
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9769 89ea8834-ac86-4346-8a33-228a782c2dd0
* - [Feature] New "Newly Registered Users" group for assigning ↵Meik Sievertsen2009-06-202-0/+2
| | | | | | | | | | | | permissions to newly registered users. They will be removed from this group once they reach a defineable amount of posts. - [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users. As a coincidence also Bug #46535 got fixed. Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0
* Oh right. PHP4Henry Sudhof2009-06-131-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9581 89ea8834-ac86-4346-8a33-228a782c2dd0
* some corrections, only very minor things.Meik Sievertsen2009-06-071-5/+5
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9554 89ea8834-ac86-4346-8a33-228a782c2dd0
* Okay, a first ci of the new captcha plugins. We'll add dynamic template ↵Henry Sudhof2009-06-021-33/+6
| | | | | | includes later, as well as documentation on how to use this. I'm prepared to get yelled at for bugs (oh, I know that there are plenty); but please blame spammers for broken styles and MODs. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9524 89ea8834-ac86-4346-8a33-228a782c2dd0
* As proposed by marshalrusty: re-hash plain MD5s left in the databaseHenry Sudhof2009-02-061-2/+4
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9312 89ea8834-ac86-4346-8a33-228a782c2dd0
* better fix for bug #41085Meik Sievertsen2009-01-291-13/+8
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9311 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix guest/bot session problems with apache authentication plugin (Bug #41085)Meik Sievertsen2009-01-271-1/+13
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9306 89ea8834-ac86-4346-8a33-228a782c2dd0
* HTTP Authentication supports UTF-8 usernames now [Bug #21135]Nils Adermann2008-06-041-3/+3
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8602 89ea8834-ac86-4346-8a33-228a782c2dd0
* #22525Meik Sievertsen2008-03-143-3/+33
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8432 89ea8834-ac86-4346-8a33-228a782c2dd0
* *** empty log message ***Meik Sievertsen2007-10-053-8/+32
| | | | git-svn-id: file:///svn/phpbb/trunk@8142 89ea8834-ac86-4346-8a33-228a782c2dd0
* #i42Meik Sievertsen2007-10-043-5/+22
| | | | | | | new password hashing mechanism for storing passwords git-svn-id: file:///svn/phpbb/trunk@8139 89ea8834-ac86-4346-8a33-228a782c2dd0
* necessary changes...Meik Sievertsen2007-08-303-0/+27
| | | | git-svn-id: file:///svn/phpbb/trunk@8072 89ea8834-ac86-4346-8a33-228a782c2dd0
* - added an option to specify a port for the LDAP serverNils Adermann2007-08-231-3/+27
| | | | | | | - restricted access to "Recent searches" to admins who are allowed to configure search [Bug #14085] git-svn-id: file:///svn/phpbb/trunk@8064 89ea8834-ac86-4346-8a33-228a782c2dd0
* - allow multibyte search configurationNils Adermann2007-08-181-11/+34
| | | | | | | | | - added ldap_user_filter to add additional restrictions on the user objects used for authentication [Bug #12627] - improved ldap explanations a bit - display searchable subforums of invisible parents in advanced search forum selection [Bug #11395] git-svn-id: file:///svn/phpbb/trunk@8047 89ea8834-ac86-4346-8a33-228a782c2dd0
* - always use convert error message for unconverted incorrect passwords [Bug ↵Nils Adermann2007-05-141-1/+1
| | | | | | #10893] git-svn-id: file:///svn/phpbb/trunk@7576 89ea8834-ac86-4346-8a33-228a782c2dd0
* timezone box + shortening pm options variable as well as max login attempts fix.Meik Sievertsen2007-04-281-1/+1
| | | | git-svn-id: file:///svn/phpbb/trunk@7419 89ea8834-ac86-4346-8a33-228a782c2dd0
* - acp popup, shouldn't require 700 px widthNils Adermann2007-03-311-6/+9
| | | | | | | | | | - throw an error if an image that's edited into an imageset doesn't exist - convert the password not its hash ;-) - only update user_login_attempts if necessary - make password requirements even clearer git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
* - fix htmlspecialchars handling in search (search backends get specialchared ↵Nils Adermann2007-02-251-11/+36
| | | | | | | | | | | | | | | | | | | | input, and should return specialchared output), current backends strip entities anyway [includes Bug #8156] - allow cancelling search index creation/removal - custom CSS class name input too short [Bug #8328] - give an error message if a password wasn't convertable (special characters in non-standard encoding) - moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts) - do not allow empty passwords on login - add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892] - ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314] - changed forum listing code on search page and acp_attachments [Bug #6658] - search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270] - made password requirement language strings clearer - ALPHA is not meant to be alphanumric [Bug #7764] - display bug in firefox on linux making the pagination wrap on search results page (caused by  ) git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
* - Pruning doesn't lower user post counts anymore [Bug #7676]Nils Adermann2007-02-081-2/+2
| | | | | | | | | | | | | - Better resync explanations in ACP - relative link to board shouldn't result in an empty link [Bug #7762] - allow spaces to define multiple classes [Bug #7700] - forgot addslashes for password conversion [Bug #7530] - adjusted get_post_data call in mcp_post to retrieve read tracking info [Bug #7538] - fixed sorting in reports/queue by properly generating the pagination links [Bug #7666] - send UTF-8 charset header in database_update.php [Bug #7564] git-svn-id: file:///svn/phpbb/trunk@6974 89ea8834-ac86-4346-8a33-228a782c2dd0
* - display search type as page title for premade searches [Bug #6508]Nils Adermann2006-12-271-1/+1
| | | | | | | | | | | | | | | - flash enabled on user side by default, so that admins can actually change anything by activating it (still disabled by default) - properly implemented password complexity check [Bug #6584] - do not ldap_escape paramaters for the bind function [Bug #6208] - deleted words in edited post subjects weren't getting there search cache refreshed [Bug #6288] - made common word threshold configurable [Bug #6168] - recreated word match table entries after installation, side effect of bug #6060 - option to only allow ASCII usernames - adjusted search page pagination [Bug #6424] - correctly calculate unformatted search result extract length git-svn-id: file:///svn/phpbb/trunk@6814 89ea8834-ac86-4346-8a33-228a782c2dd0
* - finally correctly calculate current time for birthday calculation [Bug #6030]Nils Adermann2006-12-101-1/+25
| | | | | | | | | | | | | | | | - allow searching forums with unsearchable subforums [Bug #6056] - addition of an optional HTTP_X_FORWARDED_FOR check in sessions, including bans - do not index forums which have indexing disabled on index recreation [Bug #6060] - properly handle html entities in the theme editor [Bug #6048] - anonymous access is no longer required for the LDAP auth plugin [Bug #6046] - corrected mcp_front queue link to point to approve_details [Bug #6134] - added direct (dis)approval to mcp_front queue items [Bug #6134] - proper mysql version test for fulltext-compatibility [Bug #6054] - added note to style/language "used by" column so it's clear that bots are included - correctly update bot last visit time [Bug #6108] git-svn-id: file:///svn/phpbb/trunk@6740 89ea8834-ac86-4346-8a33-228a782c2dd0
* messageNils Adermann2006-11-251-3/+27
| | | | git-svn-id: file:///svn/phpbb/trunk@6655 89ea8834-ac86-4346-8a33-228a782c2dd0
* some style related changes/fixesMeik Sievertsen2006-11-191-2/+2
| | | | git-svn-id: file:///svn/phpbb/trunk@6604 89ea8834-ac86-4346-8a33-228a782c2dd0
* ok, i am an idiot...Meik Sievertsen2006-11-031-3/+3
| | | | git-svn-id: file:///svn/phpbb/trunk@6548 89ea8834-ac86-4346-8a33-228a782c2dd0
* - implemented the suggested html_entity_decode function made by davidMeik Sievertsen2006-11-031-2/+2
| | | | | | | | - fixed string length checking by also decoding entities for the sake of checking - used the new html_entity_decode function git-svn-id: file:///svn/phpbb/trunk@6545 89ea8834-ac86-4346-8a33-228a782c2dd0
* two tiny bugfixesMeik Sievertsen2006-10-271-0/+7
| | | | git-svn-id: file:///svn/phpbb/trunk@6532 89ea8834-ac86-4346-8a33-228a782c2dd0
* - introducing clean usernames, needs to be tested more, I'm not sure I ↵Nils Adermann2006-10-133-5/+5
| | | | | | | | | didn't miss anything - homograph list should probably be extended git-svn-id: file:///svn/phpbb/trunk@6494 89ea8834-ac86-4346-8a33-228a782c2dd0
* - auto sync attachment topic flag [Bug #2949]Nils Adermann2006-08-122-9/+29
| | | | | | | | | - corrected paths for templates stored in the db and filenames displayed in the template editor [Bug #3662] - removed some useless language strings [Bug #3648] - corrected escaping of usernames and passwords in auth modules [Bug #3696], added ldap_escape git-svn-id: file:///svn/phpbb/trunk@6266 89ea8834-ac86-4346-8a33-228a782c2dd0
* - display age in user profile and make it available on viewtopicNils Adermann2006-07-073-49/+164
| | | | | | | | | | | | | | | - various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015] - strip first, then change newlines [Bug #2403] - added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant - moved newest user updating from ucp_register to user_add function - renamed the admin_ auth module function to acp_ - added initialisation code to auth_apache which checks whether it will work - added user_add support to both auth_ldap and auth_apache - some auth_ldap tweaks, should work with users deeper in the organisation structure too now - adjusted global topics in mcp_report to work like mcp_queue git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
* - removed db cache (might re-appear, but for now we do not see the need for it)Meik Sievertsen2006-06-163-16/+22
| | | | | | | | | | | - all changes to styles/subsilver/template are purely cosmetic (no functional changes) - cosmetics - bugfixes - add index to modules table - use modules ordering code for forums too git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
* a few changes ;-)David M2006-05-191-9/+9
| | | | git-svn-id: file:///svn/phpbb/trunk@5934 89ea8834-ac86-4346-8a33-228a782c2dd0
* - captcha stuffDavid M2006-05-131-1/+1
| | | | | | | - unique_id git-svn-id: file:///svn/phpbb/trunk@5911 89ea8834-ac86-4346-8a33-228a782c2dd0
* - added login error constant for various external auth failuresNils Adermann2006-04-212-10/+117
| | | | | | | | | - completed auth plugin interface (init_method, login_method, autologin_method, validate_session_method, logout_method) - updated ldap and apache auth plugins to return an info array - added apache autologin git-svn-id: file:///svn/phpbb/trunk@5815 89ea8834-ac86-4346-8a33-228a782c2dd0
* - Added init_{$auth_plugin} function which can be used to test a connection ↵Nils Adermann2006-03-181-0/+42
| | | | | | to the authentication system before actually saving the new configuration. This will hopefully stop people from locking themselves out by using an authentication system that they cannot connect to. git-svn-id: file:///svn/phpbb/trunk@5653 89ea8834-ac86-4346-8a33-228a782c2dd0
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-19 02:30:32 +0000