makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-07 20:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity
12307 commits 18 branches 192 tags 206 MiB
Commit graph

11160 commits

Author SHA1 Message Date
Oliver Schramm
2c6369c5d9 [ticket/13833] Prevent flooding if type=submit doesn't exist 
PHPBB3-13833
 2015-06-08 17:01:52 +02:00
Andreas Fischer
52aafb4dea Merge branch 'prep-release-3.0.14' into 3.0.x 
* prep-release-3.0.14:
  [prep-release-3.0.14] Add security relevant changes to CHANGELOG.html.
  [prep-release-3.0.14] Bump version numbers for 3.0.14 release.

Conflicts:
	build/build.xml
	phpBB/includes/constants.php
	phpBB/install/database_update.php
	phpBB/install/schemas/schema_data.sql
 2015-05-03 16:41:58 +02:00
Andreas Fischer
11242dd07d [prep-release-3.0.14] Add security relevant changes to CHANGELOG.html. 2015-05-03 16:22:28 +02:00
Andreas Fischer
5382552fc8 [prep-release-3.0.14] Bump version numbers for 3.0.14 release. 2015-05-03 14:40:50 +02:00
Andreas Fischer
2fb7ef2668 Merge branch 'prep-release-3.0.14' into 3.0.x 
* prep-release-3.0.14:
  [ticket/security-180] Add tests for redirecting to main URL
  [ticket/security-180] Always fail when redirecting to an insecure URL
  [ticket/security-180] Make sure that redirect goes to full URL plus slash
  [ticket/security-180] Check if redirect URL contains board URL
 2015-04-28 21:55:15 +02:00
Andreas Fischer
1a3350619f Merge remote-tracking branch 'phpbb-security/ticket/security-180' into prep-release-3.0.14 
* phpbb-security/ticket/security-180:
  [ticket/security-180] Add tests for redirecting to main URL
  [ticket/security-180] Always fail when redirecting to an insecure URL
  [ticket/security-180] Make sure that redirect goes to full URL plus slash
  [ticket/security-180] Check if redirect URL contains board URL
 2015-04-28 21:54:50 +02:00
Andreas Fischer
6d8df7332c [3.0.x] Increment version number to 3.0.15-dev. 2015-04-28 20:40:20 +02:00
Andreas Fischer
d833f29069 [3.0.x] Add changelog for 3.0.14 release. 2015-04-28 18:57:03 +02:00
Andreas Fischer
ce74a0bd6c [3.0.x] Bump version numbers for 3.0.14-RC1 release. 2015-04-27 23:22:44 +02:00
Andreas Fischer
cd6c0427fb [3.0.x] Bumping version numbers to final for 3.0.14 releases. 2015-04-27 23:13:56 +02:00
Joas Schilling
463c62df18 [ticket/13765] Verify SERVER_PROTOCOL has the expected format before using it. 
PHPBB3-13765
 2015-04-25 17:22:10 +02:00
Joas Schilling
ee658bfe7b [ticket/security-180] Always fail when redirecting to an insecure URL 
SECURITY-180
 2015-04-11 17:08:28 +02:00
Marc Alexander
bca1b96b2e [ticket/security-180] Make sure that redirect goes to full URL plus slash 
SECURITY-180
 2015-04-11 16:41:20 +02:00
Marc Alexander
eed355b798 [ticket/security-180] Check if redirect URL contains board URL 
SECURITY-180
 2015-04-10 18:10:32 +02:00
Nicofuma
b9db47e3f5 Merge pull request #3359 from marc1706/ticket/13568 
[ticket/13568] Validate imagick path as readable absolute path

closes #3359
 2015-03-29 19:41:13 +02:00
Andreas Fischer
1efbb5b3bb Merge pull request #3493 from prototech/ticket/13555 
[ticket/13555] Render poll options separately when previewing.

* prototech/ticket/13555:
  [ticket/13555] Render poll options separately when previewing.
 2015-03-26 11:15:36 +01:00
Nicofuma
44540b6112 [ticket/13723] Add Elsensee to authors list 
PHPBB3-13723
 2015-03-25 21:31:50 +01:00
JoshyPHP
1df97c205d [ticket/13555] Render poll options separately when previewing. 
This prevents an option from being split into two when a line break is present
inside of it.

PHPBB3-13555
 2015-03-19 15:32:31 -07:00
Nils Adermann
6f3f6282d1 [ticket/13617] Enforce column size limit for session_forum_id 
PHPBB3-13617
 2015-02-25 16:20:50 +01:00
Marc Alexander
7c5d872344 [ticket/13568] Also check if absolute_path_writable is writable 
PHPBB3-13568
 2015-02-06 10:15:36 +01:00
Marc Alexander
4e06ab16f0 [ticket/13348] Remove unnecessary global $cache 
$cache is not used in the method get_item().

PHPBB3-13348
 2015-02-03 18:24:16 +01:00
Marc Alexander
1f2cb69c8a [ticket/13348] Use close method to free query result handle 
PHPBB3-13348
 2015-02-03 18:23:13 +01:00
Marc Alexander
d50cec998c [ticket/13568] Correctly check rpath and rwpath validation options 
PHPBB3-13568
 2015-02-02 18:44:48 +01:00
Marc Alexander
a93df0e511 [ticket/13568] Use more descriptive validation names and merge with path block 
PHPBB3-13568
 2015-02-02 18:30:05 +01:00
Marc Alexander
19421fcdef [ticket/13568] Validate imagick path as readable absolute path 
PHPBB3-13568
 2015-02-02 15:59:52 +01:00
Andreas Fischer
7273591560 Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [prep-release-3.0.13] Correct changelog link to 3.0.13 changes.
  [prep-release-3.0.13] Also update version in references to files.
  [prep-release-3.0.13] Add changelog for 3.0.13-PL1 release.
  [prep-release-3.0.13] Get rid of roman numbers in CHANGELOG.html.
  [prep-release-3.0.13] Bump version numbers for 3.0.13-PL1 release.

Conflicts:
	build/build.xml
	phpBB/includes/constants.php
	phpBB/install/database_update.php
	phpBB/install/schemas/schema_data.sql
 2015-01-30 13:40:44 +01:00
Andreas Fischer
5f237a0426 [prep-release-3.0.13] Correct changelog link to 3.0.13 changes. 2015-01-30 01:32:34 +01:00
Andreas Fischer
1e94b0ae71 [prep-release-3.0.13] Also update version in references to files. 2015-01-29 23:32:05 +01:00
Andreas Fischer
5fea945b5b [prep-release-3.0.13] Add changelog for 3.0.13-PL1 release. 2015-01-29 23:27:12 +01:00
Andreas Fischer
208923563e [prep-release-3.0.13] Get rid of roman numbers in CHANGELOG.html. 2015-01-29 23:16:34 +01:00
Andreas Fischer
40e676ad03 [prep-release-3.0.13] Bump version numbers for 3.0.13-PL1 release. 2015-01-29 18:17:29 +01:00
Dhruv
cc210b1842 Merge remote-tracking branch 'upstream/prep-release-3.0.13' into develop-olympus 2015-01-29 11:51:33 +05:30
Dhruv Goel
36f8fb2b37 Merge pull request #3347 from bantu/ticket/13554 
[ticket/13554] Show feature release upgrades in blue rather than red.
 2015-01-29 11:47:37 +05:30
Andreas Fischer
6f5524de26 Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME.
 2015-01-29 00:08:23 +01:00
Andreas Fischer
872caf805c Merge pull request #3348 from bantu/ticket/13549 
[ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME...

* bantu/ticket/13549:
  [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME.
 2015-01-29 00:06:00 +01:00
Andreas Fischer
f48cc8bbe9 Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [ticket/12933] Handle case when * is last character of word
 2015-01-29 00:03:16 +01:00
Marc Alexander
7495055907 [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME. 
The ORIG_PATH_INFO on IIS also contains the script name. Only use that
for killing the script after removing the script name from ORIG_PATH_INFO.

PHPBB3-13549
 2015-01-28 22:07:16 +01:00
Dhruv
5eb0d422c8 [ticket/12933] Handle case when * is last character of word 
PHPBB3-12933
 2015-01-28 21:59:58 +01:00
Andreas Fischer
dff1ea6b85 [ticket/13554] Show feature release upgrades in blue rather than red. 
PHPBB3-13554
 2015-01-28 21:59:03 +01:00
Marc Alexander
a9fa20bb91 [ticket/13414] Set Content-Length header only if status is not 304 
PHPBB3-13414
 2015-01-28 15:50:48 +01:00
Nils Adermann
ebd5aace3f Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [prep-release-3.0.13] Bump version numbers for 3.0.13 release
  [prep-release-3.0.13] Highlight security relevant changes

Conflicts:
	build/build.xml
	phpBB/includes/constants.php
	phpBB/install/database_update.php
	phpBB/install/schemas/schema_data.sql
 2015-01-26 18:57:06 +01:00
Nils Adermann
5ce89ae82f [prep-release-3.0.13] Bump version numbers for 3.0.13 release 2015-01-26 18:08:31 +01:00
Nils Adermann
4b42589cfa [prep-release-3.0.13] Highlight security relevant changes 2015-01-26 17:53:43 +01:00
Andreas Fischer
14585fcb4f [develop-olympus] Increment version number to 3.0.14-dev. 2015-01-21 15:15:30 +01:00
Andreas Fischer
2c9e178a42 [develop-olympus] Add changelog for 3.0.13 release. 2015-01-21 01:45:23 +01:00
Andreas Fischer
9f7f366573 [develop-olympus] Bump version numbers for 3.0.13-RC1 release. 2015-01-21 01:32:18 +01:00
Andreas Fischer
c09023d1db [develop-olympus] Bumping version numbers to final for 3.0.13 releases. 2015-01-21 01:25:50 +01:00
Andreas Fischer
e34b92882a [ticket/13531] Send 404 Not Found. 
PHPBB3-13531
 2015-01-21 01:02:16 +01:00
Marc Alexander
4b9434bf1b [ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO). 
PHPBB3-13531
 2015-01-21 01:02:08 +01:00
Andreas Fischer
d17904884e Merge pull request #3312 from bantu/ticket/13527 
[ticket/13527] Escape information received from version server

* bantu/ticket/13527:
  [ticket/13527] Apply htmlspecialchars() to data from version server.
  [ticket/13527] Remove two unused variables.
 2015-01-20 23:14:38 +01:00