| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Do not assume that Composer autoload is case insensitive | nashe | 2018-01-04 | 1 | -1/+1 |
| | | |||||
| * | Merge pull request #98 from moonmoon/anti-csrf | thomas | 2018-01-02 | 6 | -4/+22 |
| |\ | | | | | Implement a mitigation against CSRF attacks | ||||
| | * | Add CSRF token checks | nashe | 2017-12-23 | 4 | -1/+11 |
| | | | |||||
| | * | Give a session to the users | nashe | 2017-12-23 | 2 | -3/+11 |
| | | | |||||
| * | | Remove unnecessary calls to Spyc | nashe | 2018-01-02 | 1 | -4/+2 |
| |/ | |||||
| * | Add an option to disable feed certificate check | nashe | 2017-07-13 | 1 | -0/+6 |
| | | |||||
| * | Do not encode feed title twice | nashe | 2017-07-13 | 1 | -1/+1 |
| | | | | | cf. #95 | ||||
| * | Fix typo | Leszek Manicki | 2016-03-02 | 1 | -1/+1 |
| | | |||||
| * | Remove config files that are created on install. Refs #69. | Sam Wilson | 2015-10-04 | 1 | -1/+0 |
| | | |||||
| * | Clean code | nashe | 2015-08-11 | 6 | -21/+21 |
| | | | | | Replace dirname(__FILE__) by __DIR__. | ||||
| * | Fix class autoloading | nashe | 2015-08-11 | 5 | -8/+15 |
| | | | | | | | | Made some mistakes with my last PR: I tested that everything were working, but on the wrong branch. This commit fixes all the autoloading error that were left. | ||||
| * | Make authentication timing-safe | nashe | 2015-08-04 | 1 | -1/+2 |
| | | | | | | | | Improve the authentication to make it timing-safe against bruteforce attacks. See code comments for more details on the implementation. | ||||
| * | Improve coding style | nashe | 2015-08-03 | 1 | -7/+5 |
| | | |||||
| * | Avoid type juggling vulnerability. | nashe | 2015-08-03 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | Password comparison should not be done with the `==` operator, but `===`, due to type juggling. References: * http://phpsadness.com/sad/47 * turbochaos.blogspot.fr/2013/08/exploiting-exotic-bugs-php-type-juggling. html ### Test case * Create an administrator with the password "240610708". * Try to login to the dashboard with the password "QNKCDZO" :-) | ||||
| * | Control width blacklisting feed are down, cron.php manage the status of this ↵ | Fernando García | 2014-03-04 | 2 | -0/+4 |
| | | | | | feeds | ||||
| * | display moonmoon version in title bar of the administration panel, make the ↵ | Pascal Chevrel | 2012-05-03 | 1 | -1/+7 |
| | | | | | version number a variable | ||||
| * | forgot to migrate the login page to incoude the l10n class (didn't notice ↵ | Pascal Chevrel | 2012-03-13 | 1 | -3/+4 |
| | | | | | because of the cookie) | ||||
| * | l10n support for moonmoon | Pascal Chevrel | 2012-03-12 | 3 | -27/+27 |
| | | |||||
| * | fix css in admin pages that were reverted to pre html5 version in a merge | Pascal Chevrel | 2012-03-11 | 1 | -22/+22 |
| | | |||||
| * | Merge branch 'html5' of https://github.com/pascalchevrel/moonmoon into ↵ | Maurice Svay | 2012-03-10 | 1 | -1/+1 |
| |\ | | | | | | | | | | | | | pascalchevrel-html5 Conflicts: admin/index.php | ||||
| | * | html5: admin page, make the http:// mention in the add feed field be a ↵ | Pascal Chevrel | 2012-03-09 | 1 | -1/+1 |
| | | | | | | | | | placeholder hinding at the type of URL, not real text. When you copy/paste a feed, you already have the http:// part | ||||
| * | | Merge branch 'cleanup' of https://github.com/pascalchevrel/moonmoon into ↵ | Maurice Svay | 2012-03-10 | 3 | -372/+370 |
| |\ \ | |/ |/| | | | | | | | | | | | pascalchevrel-cleanup Conflicts: admin/default.css app/classes/Planet.class.php | ||||
| | * | convert all files saved in Windows(CRLF) to Unix (LF) | Pascal Chevrel | 2012-03-09 | 3 | -348/+348 |
| | | | |||||
| * | | Merge pull request #18 from pascalchevrel/admin_template | Maurice Svay | 2012-03-08 | 2 | -59/+64 |
| |\ \ | |/ |/| | change the template in the admin panel to use HTML5 syntax | ||||
| | * | change the template in the admin panel to use HTML5 syntax (and use <header> ↵ | Pascal Chevrel | 2012-03-08 | 2 | -59/+64 |
| | | | | | | | | | and <nav> elements), adjust css accordingly, add IE6/7/8 support by loading http://html5shiv.googlecode.com/svn/trunk/html5.js with IE conditionnal comments | ||||
| * | | fix install process and admin section which are currently broken because of ↵ | Pascal Chevrel | 2012-03-08 | 2 | -7/+3 |
| |/ | | | | the separation of classes in separate files. Now the files calling those classes are including app/app.php, also, I changed the variable name in the installation wizard to so as to avoid confusion with already used in the admin section | ||||
| * | Use a centralized template for the admin section to avoid repeating html | Pascal Chevrel | 2012-03-06 | 5 | -153/+148 |
| | | |||||
| * | update spyc library from 0.2.3 to 0.5 | Pascal Chevrel | 2012-03-06 | 1 | -4/+4 |
| | | |||||
| * | Update wording in admin | Maurice Svay | 2010-08-10 | 1 | -4/+4 |
| | | |||||
| * | Fixes bug when adding no feed deletes all feeds | Maurice Svay | 2010-08-10 | 1 | -1/+1 |
| | | |||||
| * | Initial commit | Maurice Svay | 2010-02-16 | 19 | -0/+608 |
 |
index : planet | |
| The planet.mageia.org Website | Damien Lallement [dams] |
| summaryrefslogtreecommitdiffstats |