| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Remove config files that are created on install. Refs #69. | Sam Wilson | 2015-10-04 | 1 | -1/+0 |
| | | |||||
| * | Fix class autoloading | nashe | 2015-08-11 | 1 | -1/+4 |
| | | | | | | | | Made some mistakes with my last PR: I tested that everything were working, but on the wrong branch. This commit fixes all the autoloading error that were left. | ||||
| * | Make authentication timing-safe | nashe | 2015-08-04 | 1 | -1/+2 |
| | | | | | | | | Improve the authentication to make it timing-safe against bruteforce attacks. See code comments for more details on the implementation. | ||||
| * | Improve coding style | nashe | 2015-08-03 | 1 | -7/+5 |
| | | |||||
| * | Avoid type juggling vulnerability. | nashe | 2015-08-03 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | Password comparison should not be done with the `==` operator, but `===`, due to type juggling. References: * http://phpsadness.com/sad/47 * turbochaos.blogspot.fr/2013/08/exploiting-exotic-bugs-php-type-juggling. html ### Test case * Create an administrator with the password "240610708". * Try to login to the dashboard with the password "QNKCDZO" :-) | ||||
| * | convert all files saved in Windows(CRLF) to Unix (LF) | Pascal Chevrel | 2012-03-09 | 1 | -2/+2 |
| | | |||||
| * | Use a centralized template for the admin section to avoid repeating html | Pascal Chevrel | 2012-03-06 | 1 | -5/+0 |
| | | |||||
| * | Initial commit | Maurice Svay | 2010-02-16 | 3 | -0/+17 |
 |
index : planet | |
| The planet.mageia.org Website | Damien Lallement [dams] |
| summaryrefslogtreecommitdiffstats |