Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge pull request #5637 from EA117/ticket/16054 | Marc Alexander | 2019-08-11 | 1 | -6/+4 |
|\ | | | | | | | [ticket/16054] Restore ability to login from any template. | ||||
| * | [ticket/16054] Restore ability to login from any template. | EA117 | 2019-07-28 | 1 | -6/+4 |
| | | | | | | | | | | | | | | | | Moving the login form's add_form_key() work into page_header(), so that the template variables required for presenting a login form are again available to any template that chooses to consume them. PHPBB3-16054 | ||||
* | | Merge pull request #5628 from marc1706/ticket/16101 | Derky | 2019-07-30 | 1 | -1/+2 |
|\ \ | | | | | | | | | | [ticket/16101] Add Referrer-Policy header to phpBB's headers | ||||
| * | | [ticket/16101] Add Referrer-Policy header to phpBB's headers | Marc Alexander | 2019-07-20 | 1 | -1/+2 |
| | | | | | | | | | | | | PHPBB3-16101 | ||||
* | | | Merge pull request #5635 from EA117/ticket/16066 | Marc Alexander | 2019-07-29 | 1 | -1/+1 |
|\ \ \ | | | | | | | | | | | | | [ticket/16066] Fix FORM_INVALID always returned for banned user. | ||||
| * | | | [ticket/16066] Fix FORM_INVALID always returned for banned user. | EA117 | 2019-07-28 | 1 | -1/+1 |
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After the introduction of add_form_key() and check_form_key() calls to login_box() in phpBB 3.2.6 and later, if a banned user attempts to login, they receive a "The submitted form was invalid. Try submitting again." Instead of the message indicating that they are banned, and why. This is happening because check_ban() actually calls into login_box() recursively, but after the $user->session_id has been switched to a new session ID for the logging-on user. Therefore, now that check_form_key() has been introduced to login_box(), it is impossible for check_form_key() to succeed during this recursive call. Fix is to make login_box()'s use of check_form_key() conditional on whether IN_CHECK_BAN is defined, so that the recursive call does not attempt to re-validate the form_key again. Note the form_key has already been successfully verified by the original call into login_box(), prior to calling into check_ban() and attempting to recursively call login_box(). So the protection of why check_form_key() was added is still intact with this change. PHPBB3-16066 | ||||
* | | | Merge pull request #5459 from mrgoldy/ticket/15886 | Marc Alexander | 2019-07-28 | 1 | -2/+2 |
|\ \ \ | |/ / |/| | | | | | [ticket/15886] Group helper functions | ||||
| * | | [ticket/15886] Change phpbb_get_group_avatar variable names | mrgoldy | 2018-12-30 | 1 | -2/+2 |
| | | | | | | | | | | | | PHPBB3-15886 | ||||
* | | | Merge pull request #5610 from espipj/ticket/16070 | Marc Alexander | 2019-07-23 | 1 | -21/+0 |
|\ \ \ | | | | | | | | | | | | | [ticket/16070] Remove support for WebSTAR and Xitami | ||||
| * | | | [ticket/16070] Remove unused code | espipj | 2019-05-27 | 1 | -21/+0 |
| | |/ | |/| | | | | | | | PHPBB3-16070 | ||||
* | | | [ticket/16089] Add core.confirm_box_ajax_before | Jakub Senko | 2019-07-22 | 1 | -4/+24 |
|/ / | | | | | | | PHPBB3-16089 | ||||
* | | [ticket/16042] Adjust positioning and add comment to overwrite | Marc Alexander | 2019-05-02 | 1 | -1/+2 |
| | | | | | | | | PHPBB3-16042 | ||||
* | | [ticket/16042] Use S_LOGIN_REDIRECT to output login form token | Marc Alexander | 2019-05-02 | 1 | -1/+13 |
| | | | | | | | | PHPBB3-16042 | ||||
* | | [ticket/16036] Add S_FORM_TOKEN_LOGIN to all login forms | rubencm | 2019-04-29 | 1 | -0/+3 |
| | | | | | | | | PHPBB3-16036 | ||||
* | | Merge pull request #48 from phpbb/ticket/security/228 | Marc Alexander | 2019-04-27 | 1 | -2/+17 |
|\ \ | | | | | | | | | | [ticket/security/228] Add form token to login box | ||||
| * | | [ticket/security/228] Add form token to login box | Derky | 2019-04-26 | 1 | -2/+17 |
| | | | | | | | | | | | | SECURITY-228 | ||||
* | | | Merge pull request #5513 from mrgoldy/ticket/15942 | Marc Alexander | 2019-04-17 | 1 | -11/+31 |
|\ \ \ | |/ / |/| | | | | | [ticket/15942] Allow array in confirm_box title | ||||
| * | | [ticket/15942] Add language to compatibility globals & use in confirm_box | Marc Alexander | 2019-04-17 | 1 | -8/+12 |
| | | | | | | | | | | | | PHPBB3-15942 | ||||
| * | | [ticket/15942] Past tense | mrgoldy | 2019-04-16 | 1 | -1/+1 |
| | | | | | | | | | | | | PHPBB3-15942 | ||||
| * | | [ticket/15942] Update DocBlock | mrgoldy | 2019-04-16 | 1 | -0/+2 |
| | | | | | | | | | | | | PHPBB3-15942 | ||||
| * | | [ticket/15942] Allow array in confirm_box title | mrgoldy | 2019-01-15 | 1 | -7/+21 |
| |/ | | | | | | | PHPBB3-15942 | ||||
* | | [ticket/15972] Let the event be triggered | 3D-I | 2019-02-26 | 1 | -8/+0 |
| | | | | | | | | | | | | Removes old coding which is there just to save a few iterations. PHPBB3-15972 | ||||
* | | [ticket/15972] Add core.markread_after | 3D-I | 2019-02-20 | 1 | -0/+21 |
|/ | | | | PHPBB3-15972 | ||||
* | [ticket/15860] Unique_id() return 16 characters again | Ruben Calvo | 2018-10-31 | 1 | -1/+1 |
| | | | | PHPBB3-15860 | ||||
* | [ticket/15860] Fix format of backup files | Ruben Calvo | 2018-10-30 | 1 | -1/+1 |
| | | | | PHPBB3-15860 | ||||
* | Merge pull request #5381 from senky/ticket/15616 | Marc Alexander | 2018-10-13 | 1 | -1/+3 |
|\ | | | | | | | [ticket/15616] Remove jumpbox from login_forum.html | ||||
| * | [ticket/15616] Add jumpbox to login_forum.html | Jakub Senko | 2018-09-26 | 1 | -1/+3 |
| | | | | | | | | PHPBB3-15616 | ||||
* | | Merge pull request #5374 from senky/ticket/15758 | Marc Alexander | 2018-10-10 | 1 | -5/+5 |
|\ \ | | | | | | | | | | [ticket/15758] Show translated msg for INSECURE_REDIRECT | ||||
| * | | [ticket/15758] Show translated msg for INSECURE_REDIRECT | Jakub Senko | 2018-09-28 | 1 | -5/+5 |
| |/ | | | | | | | PHPBB3-15758 | ||||
* | | Merge pull request #5377 from senky/ticket/15700 | Marc Alexander | 2018-10-09 | 1 | -1/+1 |
|\ \ | | | | | | | | | | [ticket/15700] Use correct T_THEME_LANG_NAME | ||||
| * | | [ticket/15700] Use correct T_THEME_LANG_NAME | Jakub Senko | 2018-09-25 | 1 | -1/+1 |
| |/ | | | | | | | PHPBB3-15700 | ||||
* | | Merge pull request #5370 from senky/ticket/15805 | Marc Alexander | 2018-10-08 | 1 | -1/+3 |
|\ \ | |/ |/| | | | [ticket/15805] Add result to core.login_box_redirect | ||||
| * | [ticket/15805] Add result to core.login_box_redirect | Jakub Senko | 2018-09-24 | 1 | -1/+3 |
| | | | | | | | | PHPBB3-15805 | ||||
* | | [ticket/15723] Rewrite unique_id too | Rubén Calvo | 2018-08-08 | 1 | -1/+1 |
| | | | | | | | | PHPBB3-15723 | ||||
* | | [ticket/15723] Rewrite gen_rand_string() and gen_rand_string_friendly() | Rubén Calvo | 2018-07-14 | 1 | -7/+20 |
|/ | | | | PHPBB3-15723 | ||||
* | Merge pull request #5253 from senky/ticket/15618 | Tristan Darricau | 2018-07-08 | 1 | -1/+1 |
|\ | | | | | | | | | | | | | [ticket/15618] Display The team link only to users with permission * github.com:/phpbb/phpbb: [ticket/15618] Display The team link only to users with permission | ||||
| * | [ticket/15618] Display The team link only to users with permission | Jakub Senko | 2018-06-18 | 1 | -1/+1 |
| | | | | | | | | PHPBB3-15618 | ||||
* | | Merge branch 'prep-release-3.2.3' into 3.2.x | Tristan Darricau | 2018-07-08 | 1 | -2/+26 |
|\ \ | | | | | | | | | | | | | | | | | | | | | | * prep-release-3.2.3: [ticket/15676] Use paragraphs and classes as suggested by hanakin [ticket/15676] Use twig syntax [ticket/15676] Simplify link text and use privacy link in cookie notice [ticket/15676] Display privacy notice in footer & allow overriding U_PRIVACY | ||||
| * | | [ticket/15676] Simplify link text and use privacy link in cookie notice | Marc Alexander | 2018-05-31 | 1 | -0/+2 |
| | | | | | | | | | | | | PHPBB3-15676 | ||||
| * | | [ticket/15676] Display privacy notice in footer & allow overriding U_PRIVACY | Marc Alexander | 2018-05-31 | 1 | -2/+24 |
| | | | | | | | | | | | | PHPBB3-15676 | ||||
* | | | [ticket/15695] Fix gen_rand_string returning less characters than expected | Rubén Calvo | 2018-06-18 | 1 | -4/+6 |
| |/ |/| | | | | | PHPBB3-15695 | ||||
* | | [ticket/15693] Update tests to reflect changes to gen_rand_string() | Marc Alexander | 2018-06-17 | 1 | -0/+4 |
| | | | | | | | | PHPBB3-15693 | ||||
* | | [ticket/15693] Fix get_rand_string() | Rubén Calvo | 2018-06-15 | 1 | -2/+2 |
|/ | | | | PHPBB3-15693 | ||||
* | Merge pull request #5074 from marc1706/ticket/15498 | Marc Alexander | 2018-01-07 | 1 | -1/+1 |
|\ | | | | | | | [ticket/15498] Do not pass whether URL uses router to is_route | ||||
| * | [ticket/15498] Do not pass whether URL uses router to is_route | Marc Alexander | 2018-01-06 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | is_route expects a flag of whether this is a route that was generated with the router as opposed to is_router_used() which returns whether the router will be used via app.php. PHPBB3-15498 | ||||
* | | Merge remote-tracking branch 'upstream/3.2.x' into prep-release-3.2.2 | Marc Alexander | 2018-01-07 | 1 | -15/+15 |
|\ \ | |||||
| * | | [ticket/14972] Fix sizeof calls | rxu | 2018-01-01 | 1 | -15/+15 |
| |/ | | | | | | | | | | | | | | | | | | | As of PHP 7.2, only arrays and objects implementing the Countable interface should be passed as a count() or sizeof() parameter. See https://github.com/php/php-src/blob/php-7.2.0alpha2/UPGRADING#L197-L198 Also, sizeof() seems to be sheduled for deprecation, see https://wiki.php.net/rfc/deprecations_php_7_2#suggested_deprecations PHPBB3-14972 | ||||
* | | Merge branch 'ticket/security/211' into ticket/security/211-rhea | Marc Alexander | 2018-01-01 | 1 | -2/+7 |
|\ \ | |/ |/| | |||||
| * | [ticket/security/211] Do not match javascript URIs with URL regexes | Marc Alexander | 2017-07-26 | 1 | -2/+2 |
| | | | | | | | | SECURITY-211 | ||||
| * | [ticket/security/211] Make sure website URL only uses http & https schemes | Marc Alexander | 2017-07-22 | 1 | -0/+5 |
| | | | | | | | | SECURITY-211 |