makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-07 20:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity
12307 commits 18 branches 192 tags 206 MiB
Commit graph

5083 commits

Author SHA1 Message Date
Oliver Schramm
2c6369c5d9 [ticket/13833] Prevent flooding if type=submit doesn't exist 
PHPBB3-13833
 2015-06-08 17:01:52 +02:00
Andreas Fischer
2fb7ef2668 Merge branch 'prep-release-3.0.14' into 3.0.x 
* prep-release-3.0.14:
  [ticket/security-180] Add tests for redirecting to main URL
  [ticket/security-180] Always fail when redirecting to an insecure URL
  [ticket/security-180] Make sure that redirect goes to full URL plus slash
  [ticket/security-180] Check if redirect URL contains board URL
 2015-04-28 21:55:15 +02:00
Andreas Fischer
1a3350619f Merge remote-tracking branch 'phpbb-security/ticket/security-180' into prep-release-3.0.14 
* phpbb-security/ticket/security-180:
  [ticket/security-180] Add tests for redirecting to main URL
  [ticket/security-180] Always fail when redirecting to an insecure URL
  [ticket/security-180] Make sure that redirect goes to full URL plus slash
  [ticket/security-180] Check if redirect URL contains board URL
 2015-04-28 21:54:50 +02:00
Andreas Fischer
6d8df7332c [3.0.x] Increment version number to 3.0.15-dev. 2015-04-28 20:40:20 +02:00
Andreas Fischer
ce74a0bd6c [3.0.x] Bump version numbers for 3.0.14-RC1 release. 2015-04-27 23:22:44 +02:00
Joas Schilling
463c62df18 [ticket/13765] Verify SERVER_PROTOCOL has the expected format before using it. 
PHPBB3-13765
 2015-04-25 17:22:10 +02:00
Joas Schilling
ee658bfe7b [ticket/security-180] Always fail when redirecting to an insecure URL 
SECURITY-180
 2015-04-11 17:08:28 +02:00
Marc Alexander
bca1b96b2e [ticket/security-180] Make sure that redirect goes to full URL plus slash 
SECURITY-180
 2015-04-11 16:41:20 +02:00
Marc Alexander
eed355b798 [ticket/security-180] Check if redirect URL contains board URL 
SECURITY-180
 2015-04-10 18:10:32 +02:00
Nicofuma
b9db47e3f5 Merge pull request #3359 from marc1706/ticket/13568 
[ticket/13568] Validate imagick path as readable absolute path

closes #3359
 2015-03-29 19:41:13 +02:00
Nils Adermann
6f3f6282d1 [ticket/13617] Enforce column size limit for session_forum_id 
PHPBB3-13617
 2015-02-25 16:20:50 +01:00
Marc Alexander
a93df0e511 [ticket/13568] Use more descriptive validation names and merge with path block 
PHPBB3-13568
 2015-02-02 18:30:05 +01:00
Marc Alexander
19421fcdef [ticket/13568] Validate imagick path as readable absolute path 
PHPBB3-13568
 2015-02-02 15:59:52 +01:00
Andreas Fischer
6f5524de26 Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME.
 2015-01-29 00:08:23 +01:00
Andreas Fischer
872caf805c Merge pull request #3348 from bantu/ticket/13549 
[ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME...

* bantu/ticket/13549:
  [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME.
 2015-01-29 00:06:00 +01:00
Andreas Fischer
f48cc8bbe9 Merge branch 'prep-release-3.0.13' into develop-olympus 
* prep-release-3.0.13:
  [ticket/12933] Handle case when * is last character of word
 2015-01-29 00:03:16 +01:00
Marc Alexander
7495055907 [ticket/13549] Do not exit when ORIG_PATH_INFO just contains SCRIPT_NAME. 
The ORIG_PATH_INFO on IIS also contains the script name. Only use that
for killing the script after removing the script name from ORIG_PATH_INFO.

PHPBB3-13549
 2015-01-28 22:07:16 +01:00
Dhruv
5eb0d422c8 [ticket/12933] Handle case when * is last character of word 
PHPBB3-12933
 2015-01-28 21:59:58 +01:00
Nils Adermann
5ce89ae82f [prep-release-3.0.13] Bump version numbers for 3.0.13 release 2015-01-26 18:08:31 +01:00
Andreas Fischer
14585fcb4f [develop-olympus] Increment version number to 3.0.14-dev. 2015-01-21 15:15:30 +01:00
Andreas Fischer
9f7f366573 [develop-olympus] Bump version numbers for 3.0.13-RC1 release. 2015-01-21 01:32:18 +01:00
Andreas Fischer
e34b92882a [ticket/13531] Send 404 Not Found. 
PHPBB3-13531
 2015-01-21 01:02:16 +01:00
Marc Alexander
4b9434bf1b [ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO). 
PHPBB3-13531
 2015-01-21 01:02:08 +01:00
Andreas Fischer
d17904884e Merge pull request #3312 from bantu/ticket/13527 
[ticket/13527] Escape information received from version server

* bantu/ticket/13527:
  [ticket/13527] Apply htmlspecialchars() to data from version server.
  [ticket/13527] Remove two unused variables.
 2015-01-20 23:14:38 +01:00
Andreas Fischer
a8027c542f Merge pull request #3311 from bantu/ticket/13526 
[ticket/13526] Correctly validate the ucp_pm_options form key.

* bantu/ticket/13526:
  [ticket/13526] Correctly validate the ucp_pm_options form key.
 2015-01-20 23:12:00 +01:00
Andreas Fischer
3134b6b70e Merge pull request #3306 from marc1706/ticket/13519 
[ticket/13519] Correctly validate imagick path as path and not string

* marc1706/ticket/13519:
  [ticket/13519] Correctly validate imagick path as path and not string
 2015-01-20 23:10:19 +01:00
Andreas Fischer
92b5222295 [ticket/13527] Apply htmlspecialchars() to data from version server. 
PHPBB3-13527
 2015-01-20 22:40:39 +01:00
Andreas Fischer
251868dd7e [ticket/13527] Remove two unused variables. 
PHPBB3-13527
 2015-01-20 22:34:14 +01:00
Joas Schilling
23069a13e2 [ticket/13526] Correctly validate the ucp_pm_options form key. 
PHPBB3-13526
 2015-01-20 22:16:24 +01:00
Nils Adermann
ebbe6a7791 Merge pull request #2990 from Senky/ticket/10985 
[ticket/10985] Error bbcode.html not found when updating with custom style inheriting from prosilver
 2015-01-19 22:27:14 +01:00
Marc Alexander
6564446b0f [ticket/13519] Correctly validate imagick path as path and not string 
PHPBB3-13519
 2015-01-19 20:47:47 +01:00
Jakub Senko
b67b67f2df [ticket/11613] Allow cookies to work on netbios domains 
PHPBB3-11613
 2014-11-26 14:58:33 +01:00
Nils Adermann
965042d015 [ticket/13376] Revert unnecessary change for cookies called GLOBALS 92f554e3 
Also introduce a clear cookie message hardcoded just in case.

PHPBB3-13376
 2014-11-25 15:57:12 +01:00
Joas Schilling
d2cd24e875 Merge pull request #3090 from Nicofuma/ticket/13234 
Ticket/13234
 2014-10-28 12:56:15 +01:00
Tristan Darricau
fcc320e385 [ticket/13234] Fix conditions and CS 
PHPBB3-13234
 2014-10-28 12:19:53 +01:00
Nils Adermann
64d97d0787 [ticket/13234] Never allow autologin/remember me to modify the userid 
This prevents admin relogin with forced user id from overwriting
remember me cookies

PHPBB3-13234
 2014-10-27 19:55:56 -07:00
Andreas Fischer
b71cf56bda Merge pull request #3047 from Elsensee/ticket/13168 
[ticket/13168] Fix mbstring warnings in ACP for PHP 5.6 compatibility

* Elsensee/ticket/13168:
  [ticket/13168] Fix mbstring warnings in ACP for PHP 5.6 compatibility
 2014-10-20 23:20:42 +02:00
Oliver Schramm
53f166274a [ticket/13168] Fix mbstring warnings in ACP for PHP 5.6 compatibility 
PHPBB3-13168
 2014-10-20 16:47:52 +02:00
Joas Schilling
e7e016637b [ticket/13138] Do not use cookie data and autologin while forcing a user_id 
PHPBB3-13138
 2014-10-16 12:32:48 +02:00
Joas Schilling
a12a7d0b90 Merge pull request #2460 from Nicofuma/ticket/11224 
[ticket/11224] SQL cache destroy does not destroy queries to tables joined
 2014-10-06 23:20:50 +02:00
Jakub Senko
ca7f4fb531 [ticket/10985] Add fix to properly inherit style during update process 
PHPBB3-10985
 2014-09-23 23:03:07 +02:00
Jakub Senko
ba464ec93a [ticket/13096] Add phpbb_ prefix to ldap_escape() 
PHPBB3-13096
 2014-09-23 22:43:52 +02:00
Marc Alexander
8bd1853b56 Merge pull request #2981 from nickvergessen/ticket/10729 
Ticket/10729 Update editor information when user being deleted
 2014-09-23 11:08:56 +02:00
Joas Schilling
d48e4b680e [ticket/10729] Fix doc block for user_delete 
PHPBB3-10729
 2014-09-22 00:55:08 +02:00
Joas Schilling
122898d221 Merge pull request #2350 from Nicofuma/ticket/11480 
[ticket/11480] PM : "Unknown folder" returned when inbox folder is full

* Nicofuma/ticket/11480:
  [ticket/11480] Move the test into get_folder()
  [ticket/11480] Fix the double spaces in phpbb_functional_test_case
  [ticket/11480] Fix typos
  [ticket/11480] Add functionnal test
  [ticket/11480] PM : "Unknown folder" returned when inbox folder is full
 2014-08-01 22:17:17 +02:00
Tristan Darricau
8bdfda723c [ticket/11480] Move the test into get_folder() 
PHPBB3-11480
 2014-07-30 15:28:02 +02:00
Joas Schilling
9a3af2a052 Merge pull request #2425 from Zoddo/ticket/12492 
[ticket/12492] Add support of special chars

* Zoddo/ticket/12492:
  [ticket/12492] Add support of special chars
 2014-07-30 15:00:32 +02:00
Oliver Schramm
da6b378e64 [ticket/10729] Update message_edit_user when user being deleted 
PHPBB3-10729
 2014-07-18 00:11:51 +02:00
Oliver Schramm
53f597b6d0 [ticket/10729] Update post_edit_user when user being deleted 
PHPBB3-10729
 2014-07-17 16:28:32 +02:00
Marc Alexander
83f4bd9ee7 [ticket/12695] Add viewtopic language file for parse_attachments in mcp_post 
PHPBB3-12695
 2014-07-10 14:39:53 +02:00