aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/session.php
Commit message (Collapse)AuthorAgeFilesLines
* [ticket/10320] Move phpbb_feed_base::get_passworded_forums() to user class.Andreas Fischer2011-08-251-0/+33
| | | | PHPBB3-10320
* [ticket/10250] The site_logo hash is different depending on imageset & languageNils Adermann2011-07-061-4/+12
| | | | PHPBB3-10250
* [ticket/10250] Overwrite the site_logo width&height when the phpbb logo is usedNils Adermann2011-07-051-1/+28
| | | | | | | | | | The new logo is slightly wider than the old logo. If we changed the size in the imageset.cfg we would cause a conflict for everyone who replaced the logo with their own and modified the size. Instead we overwrite the width and height in the img() function in session.php only if its contents are that of the stock phpbb logo. PHPBB3-10250
* Merge remote-tracking branch 'naderman/ticket/9992' into develop-olympusAndreas Fischer2011-06-111-0/+4
|\ | | | | | | | | | | | | | | | | * naderman/ticket/9992: [ticket/9992] Clarify explanations of ip and account limits on login [ticket/9992] Add a comma to language for IP_LOGIN_LIMIT_MAX_EXPLAIN [ticket/9992] Use sql_fetchfield for single row and single column result [ticket/9992] Adding a limit on login attempts per IP. [ticket/9992] Make sql_create_table and sql_table_exists available in updater
| * [ticket/9992] Adding a limit on login attempts per IP.Nils Adermann2011-06-101-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | A new table was created to save all failed login attempts with corresponding information on username, ip and useragent. By default the limit is 50 login attempts within 6 hours per IP. The limit is relatively high to avoid big problems on sites behind a reverse proxy that don't receive the forwarded-for value as REMOTE_ADDR but see all users as coming from the same IP address. But if these users run into problems a special forwarded-for option is available to limit logins by forwarded-for value instead of ip. PHPBB3-9992
* | [ticket/9908] Send 301 before stripping SID so bots do (hopefully) not revisit.Andreas Fischer2011-06-101-0/+1
|/ | | | PHPBB3-9908
* Merge branch 'ticket/bantu/9802' into develop-olympusNils Adermann2011-06-101-18/+23
|\ | | | | | | | | | | | | | | | | * ticket/bantu/9802: [ticket/9802] Remove unnecessary htmlspecialchars() call on REMOTE_ADDR. [ticket/9802] Only check for IPv4-mapped address when address is IPv6. [ticket/9802] Fix tiny logic bug in loop determining REMOTE_ADDR. [ticket/9802] Remove redundant character class definition from preg_replace. [ticket/9802] Fix redundant str_replace call. No need to replace ' ' with ' '.
| * [ticket/9802] Remove unnecessary htmlspecialchars() call on REMOTE_ADDR.Andreas Fischer2011-04-191-1/+1
| | | | | | | | | | | | | | | | The value in $_SERVER['REMOTE_ADDR'] is either validated to be a valid IP address or is replaced by our default value. Valid IP addresses do not contain HTML special characters, thus the htmlspecialchars() call is unnecessary. PHPBB3-9802
| * [ticket/9802] Only check for IPv4-mapped address when address is IPv6.Andreas Fischer2011-04-191-14/+19
| | | | | | | | PHPBB3-9802
| * [ticket/9802] Fix tiny logic bug in loop determining REMOTE_ADDR.Andreas Fischer2011-04-191-2/+2
| | | | | | | | | | | | When $ip is empty() it was assigned to $this->ip. PHPBB3-9802
| * [ticket/9802] Remove redundant character class definition from preg_replace.Andreas Fischer2011-04-191-2/+2
| | | | | | | | PHPBB3-9802
| * [ticket/9802] Fix redundant str_replace call. No need to replace ' ' with ' '.Andreas Fischer2011-04-191-2/+2
| | | | | | | | PHPBB3-9802
* | [ticket/10195] Return false in session::check_dnsbl() when IPv6 is passed.Andreas Fischer2011-05-261-0/+6
|/ | | | | | There is no support for IPv6 addresses in the blacklists we check right now. PHPBB3-10195
* [ticket/9912] Fix error in logic. Do not strip SID when user is not a bot.Andreas Fischer2011-02-251-6/+7
| | | | | | | | This also moves the code up to the point where we know that the user is a bot. Regression from d07e152ea7e820c5a0e47aeb8004fa0b5621a314 PHPBB3-9912
* [ticket/9949] $user->lang() uses last int-value to get the key not firstJoas Schilling2011-01-291-0/+1
| | | | | | | | The comment in the code says: "We now get the first number passed and will select the key based upon this number". But the loop over the arguments is not left and therefore it uses the last int-value not the first one. PHPBB3-9949
* Merge branch 'ticket/bantu/9091' into develop-olympusIgor Wiedler2010-09-161-0/+11
|\ | | | | | | | | * ticket/bantu/9091: [ticket/9091] Extract IPv4 address from addresses mapped into IPv6.
| * [ticket/9091] Extract IPv4 address from addresses mapped into IPv6.Andreas Fischer2010-07-231-0/+11
| | | | | | | | PHPBB3-9091
* | [ticket/9609] Change header() calls setting HTTP status to send_status_line().Andreas Fischer2010-09-111-3/+3
| | | | | | | | PHPBB3-9609
* | [ticket/9782] Board disable radio set on when server load highJoas Schilling2010-08-201-1/+1
|/ | | | PHPBB3-9782
* [ticket/9712] Future dates can be formatted as 'less than one minute ago'Chris Smith2010-07-071-2/+2
| | | | PHPBB3-9712
* [bug/59425] Correctly check for double inclusion in captcha garbage collectionU-H-PC\H2010-03-281-1/+1
| | | | | | The check to avoid the double inclusion of the captcha factory class in the garbage collection code was faulty, checking for "captcha_factory" instead of "phpbb_captcha_factory". TerryE pointed the problem out, thanks!
* [bug/58025] Search robots are now redirected if they send a SID in the requestChris Smith2010-03-131-0/+6
| | | | | | | Previously search robots could stumble upon a board link somewhere on the web containing a SID they'd follow it and end up indexing that page with the SID in the request URI, this fix prevents that by redirecting them to the same URI just without the SID.
* [bug/58755] Fix a redirection bug that can occur after loginDavid Ward2010-03-071-1/+1
| | | | | | | | | | | This issue affects any forum (i.e. https://myforum/phpBB3/) where: - the forum is located in a directory underneath the web root (i.e., NOT https://myforum/) - a user accesses the forum with a URI pointing to a directory rather than a script (i.e., NOT https://myforum/phpBB3/index.php) - the URI used ends in a slash (i.e., NOT https://myforum/phpBB3) If these conditions are met, after successful login the user is redirected to an invalid URI (i.e., https://myforum/phpBB3/phpBB3?sid=). This change fixes extract_current_page() to handle the case correctly where the URI ends in a slash and is not the web root. So after successful login, the redirection back to the main page will work (i.e., https://myforum/phpBB3/?sid=)
* [Fix] Don't send activation email when user tries to change email without ↵Cullen Walsh2010-01-251-5/+8
| | | | | | | | | permission (fix by nrohler). (Bug #56335) Authorised by: naderman git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10443 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix Bug #54125 - Correctly reset login keys if passed value is the current user.Andreas Fischer2009-11-191-3/+3
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10279 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix getting host for situations where the name/IP is not resolvable. Related ↵Meik Sievertsen2009-09-221-1/+1
| | | | | | | | to Bug #41025 Related revisions: r9387 and r10158 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10178 89ea8834-ac86-4346-8a33-228a782c2dd0
* extend r9387 - check for existance of all functions we use...Meik Sievertsen2009-09-171-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10158 89ea8834-ac86-4346-8a33-228a782c2dd0
* - fixed bug #44975Jim Wigginton2009-09-041-0/+14
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10103 89ea8834-ac86-4346-8a33-228a782c2dd0
* Add some very basic checks to the users ip - related to bug #48995Meik Sievertsen2009-08-201-0/+21
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10020 89ea8834-ac86-4346-8a33-228a782c2dd0
* Because we store forwarded_for if the check is activated we need a better checkMeik Sievertsen2009-08-201-5/+5
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10019 89ea8834-ac86-4346-8a33-228a782c2dd0
* Ability to define constant PHPBB_USE_BOARD_URL_PATH to use board url for ↵Meik Sievertsen2009-08-171-1/+4
| | | | | | | | images/avatars/ranks/imageset... This feature does not change anything for those not using the constant and this feature is also quite in-flux. We need to test this with some applications and bridges and there may be other locations able to benefit from it. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10008 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix Bug #49035 - Fix general error while registration, through undefined ↵Joas Schilling2009-08-041-1/+3
| | | | | | | | variable $config in validate_referer (Patch by wjvriend) Authorised by: bantu git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9917 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fallback options for missing language files. (Bug #38575 - Patch by EXreaction)Meik Sievertsen2009-08-011-2/+30
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9901 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix bug #18005 - Do not add style-parameter to URL again, after admin ↵Joas Schilling2009-07-241-1/+1
| | | | | | | | | re-authentification - Patch by leviatan21 Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9841 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fixed Bug #45115 - Signature parsing flags are not stored in DBRuslan Uzdenov2009-06-271-2/+2
| | | | | | Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9696 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fixed Bug #47145 - [Fix] Correctly check banned users when force password changeGabriel Vazquez2009-06-241-1/+1
| | | | | | Authorised by: AcydBurn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9665 89ea8834-ac86-4346-8a33-228a782c2dd0
* Fix bug #46965 - File named install in php directoryRuslan Uzdenov2009-06-221-1/+1
| | | | | | Authorised by: acydburn git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9654 89ea8834-ac86-4346-8a33-228a782c2dd0
* add quicktool to remove users from the newly registered special group.Henry Sudhof2009-06-211-36/+5
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9646 89ea8834-ac86-4346-8a33-228a782c2dd0
* add check to newly registered function to not execute this more than onceMeik Sievertsen2009-06-211-0/+5
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9644 89ea8834-ac86-4346-8a33-228a782c2dd0
* - [Feature] New "Newly Registered Users" group for assigning ↵Meik Sievertsen2009-06-201-0/+61
| | | | | | | | | | | | permissions to newly registered users. They will be removed from this group once they reach a defineable amount of posts. - [Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users. As a coincidence also Bug #46535 got fixed. Additionally the error message displayed with trigger_error() if accessing the private message tab in the ucp is now displayed inline in addition to a slightly different message for newly registered users to let them know that access permissions may be lifted over time. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9636 89ea8834-ac86-4346-8a33-228a782c2dd0
* should fix garbage collectionHenry Sudhof2009-06-191-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9627 89ea8834-ac86-4346-8a33-228a782c2dd0
* some corrections, only very minor things.Meik Sievertsen2009-06-071-2/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9554 89ea8834-ac86-4346-8a33-228a782c2dd0
* Okay, a first ci of the new captcha plugins. We'll add dynamic template ↵Henry Sudhof2009-06-021-32/+8
| | | | | | includes later, as well as documentation on how to use this. I'm prepared to get yelled at for bugs (oh, I know that there are plenty); but please blame spammers for broken styles and MODs. git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9524 89ea8834-ac86-4346-8a33-228a782c2dd0
* #44485 - we only send a 503 header if it is a search engine.Meik Sievertsen2009-04-281-2/+8
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9490 89ea8834-ac86-4346-8a33-228a782c2dd0
* do not use spamhaus XBL list - it has too much false positives due to the ↵Meik Sievertsen2009-04-251-1/+1
| | | | | | dynamic IPs git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9484 89ea8834-ac86-4346-8a33-228a782c2dd0
* #41575Henry Sudhof2009-04-221-1/+1
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9480 89ea8834-ac86-4346-8a33-228a782c2dd0
* rollbackHenry Sudhof2009-04-221-45/+2
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9479 89ea8834-ac86-4346-8a33-228a782c2dd0
* #41575Henry Sudhof2009-04-221-2/+45
| | | | git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9477 89ea8834-ac86-4346-8a33-228a782c2dd0
* encode imageset path in user->img (may not fix any other issues regarding ↵Meik Sievertsen2009-04-171-1/+1
| | | | | | style names with spaces) - #28885 git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9465 89ea8834-ac86-4346-8a33-228a782c2dd0
* - Add indicator to be used in code if session was created (user visits the ↵Meik Sievertsen2009-03-281-0/+9
| | | | | | | | | site for the first time) - Correctly count topic views for guests visiting the website the first time by entering the topic directly (Bug #43445) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9411 89ea8834-ac86-4346-8a33-228a782c2dd0
generated by cgit v1.2.1 (git 2.21.0) at 2025-04-12 10:50:35 +0000