1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-26 05:06:12 +01:00
Commit Graph

43 Commits

Author SHA1 Message Date
Richard Foote
70d88965c7 [ticket/10708] Check converted passwords for multi-byte characters
Check for multi-byte characters in converted passwords.

PHPBB3-10708
2012-03-19 23:19:21 -04:00
Nils Adermann
768932a3f2 [ticket/10212] Return a CAPTCHA on incorrect username for ip limited users too
PHPBB3-10212
2011-10-14 03:41:52 +02:00
Nils Adermann
0d602e1722 [ticket/10247] Use COUNT(*) instead of COUNT(attempt_id)
attempt_id column was deleted

PHPBB3-10247
2011-07-04 19:57:54 -04:00
Nils Adermann
74785a8bda [ticket/10220] Limit user agent value length for storage in login attempt table
PHPBB3-10220
2011-06-15 18:20:16 +02:00
Nils Adermann
ef977abe59 [ticket/9892] count is a keyword in firebird, so renaming this alias
PHPBB3-9892
2011-06-12 11:33:55 +02:00
Nils Adermann
c8828473a8 [ticket/9992] Use sql_fetchfield for single row and single column result
PHPBB3-9992
2011-06-10 18:37:29 +02:00
Nils Adermann
2dee57fd43 [ticket/9992] Adding a limit on login attempts per IP.
A new table was created to save all failed login attempts with
corresponding information on username, ip and useragent. By default
the limit is 50 login attempts within 6 hours per IP. The limit is
relatively high to avoid big problems on sites behind a reverse
proxy that don't receive the forwarded-for value as REMOTE_ADDR but
see all users as coming from the same IP address. But if these
users run into problems a special forwarded-for option is available
to limit logins by forwarded-for value instead of ip.

PHPBB3-9992
2011-06-10 12:18:19 +02:00
Andreas Fischer
0452da2bf1 [ticket/7538] Limit user_login_attempts to prevent SQL errors.
PHPBB3-7538
2010-10-15 19:00:14 +02:00
Andreas Fischer
f98ca7ce48 Make sure captcha factory is there. Make sure language array is there.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10431 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-20 00:20:46 +00:00
Henry Sudhof
0480a4e91e spaces
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10418 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-17 17:16:08 +00:00
Henry Sudhof
b4d8a0e538 spaces
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10412 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-17 16:48:46 +00:00
Henry Sudhof
ef2cd7b6c9 Always require a fresh solved captcha, don't accept a stored solution.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10411 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-17 16:46:41 +00:00
Henry Sudhof
0139246ccb make userdata available
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10406 89ea8834-ac86-4346-8a33-228a782c2dd0
2010-01-14 22:55:38 +00:00
Henry Sudhof
bf2133d380 #51395 - remove legacy captcha code. authorised by: acyd burn
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10143 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-09-15 09:08:37 +00:00
Henry Sudhof
11dc410633 Oh right. PHP4
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9581 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-06-13 14:09:51 +00:00
Meik Sievertsen
a539fca62b some corrections, only very minor things.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9554 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-06-07 11:34:01 +00:00
Henry Sudhof
b776d02682 Okay, a first ci of the new captcha plugins. We'll add dynamic template includes later, as well as documentation on how to use this. I'm prepared to get yelled at for bugs (oh, I know that there are plenty); but please blame spammers for broken styles and MODs.
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9524 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-06-02 14:12:23 +00:00
Henry Sudhof
e5f0824e4b As proposed by marshalrusty: re-hash plain MD5s left in the database
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9312 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-02-06 14:51:26 +00:00
Meik Sievertsen
217dc8e6d5 #22525
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8432 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-03-14 12:28:08 +00:00
Meik Sievertsen
56b6195563 *** empty log message ***
git-svn-id: file:///svn/phpbb/trunk@8142 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-05 12:42:06 +00:00
Meik Sievertsen
760fe6bc66 #i42
new password hashing mechanism for storing passwords


git-svn-id: file:///svn/phpbb/trunk@8139 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-04 18:50:25 +00:00
Meik Sievertsen
1d004b925f necessary changes...
git-svn-id: file:///svn/phpbb/trunk@8072 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-08-30 21:21:16 +00:00
Nils Adermann
85881358cb - always use convert error message for unconverted incorrect passwords [Bug #10893]
git-svn-id: file:///svn/phpbb/trunk@7576 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-05-14 20:08:11 +00:00
Meik Sievertsen
2c7ef5f5c0 timezone box + shortening pm options variable as well as max login attempts fix.
git-svn-id: file:///svn/phpbb/trunk@7419 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-04-28 14:11:18 +00:00
Nils Adermann
a43416dbb2 - acp popup, shouldn't require 700 px width
- throw an error if an image that's edited into an imageset doesn't exist
- convert the password not its hash ;-)
- only update user_login_attempts if necessary
- make password requirements even clearer


git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-31 16:44:18 +00:00
Nils Adermann
b66e0fcd34 - fix htmlspecialchars handling in search (search backends get specialchared input, and should return specialchared output), current backends strip entities anyway [includes Bug #8156]
- allow cancelling search index creation/removal
- custom CSS class name input too short [Bug #8328]
- give an error message if a password wasn't convertable (special characters in non-standard encoding)
- moved still_on_time to functions.php, used by acp_search and converter, might be useful for MODs (or complex cron scripts)
- do not allow empty passwords on login
- add sids to local URLs in posts (this was a really terrible bug to fix ;-)) [Bug #7892]
- ignore invalid HTTP_X_FORWARDED_FOR headers (just use REMOTE_ADDR if invalid) [Bug #8314]
- changed forum listing code on search page and acp_attachments [Bug #6658]
- search indexing uses still_on_time(), smaller batch size (1000) and meta_refresh() instead of redirect(), this should solve a few problems [Bugs #8034, #8270]
- made password requirement language strings clearer
- ALPHA is not meant to be alphanumric [Bug #7764]
- display bug in firefox on linux making the pagination wrap on search results page (caused by  )


git-svn-id: file:///svn/phpbb/trunk@7076 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-25 22:09:53 +00:00
Nils Adermann
56a93bdfdd - Pruning doesn't lower user post counts anymore [Bug #7676]
- Better resync explanations in ACP
- relative link to board shouldn't result in an empty link [Bug #7762]
- allow spaces to define multiple classes [Bug #7700]
- forgot addslashes for password conversion [Bug #7530]
- adjusted get_post_data call in mcp_post to retrieve read tracking info [Bug #7538]
- fixed sorting in reports/queue by properly generating the pagination links [Bug #7666]
- send UTF-8 charset header in database_update.php [Bug #7564]


git-svn-id: file:///svn/phpbb/trunk@6974 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-02-08 22:11:14 +00:00
Nils Adermann
870a3a1d8a message
git-svn-id: file:///svn/phpbb/trunk@6655 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-25 20:00:56 +00:00
Nils Adermann
c65048bd91 - introducing clean usernames, needs to be tested more, I'm not sure I didn't miss anything
- homograph list should probably be extended


git-svn-id: file:///svn/phpbb/trunk@6494 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-13 22:10:18 +00:00
Nils Adermann
a5c23243c7 - display age in user profile and make it available on viewtopic
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015]
- strip first, then change newlines [Bug #2403]
- added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant
- moved newest user updating from ucp_register to user_add function
- renamed the admin_ auth module function to acp_
- added initialisation code to auth_apache which checks whether it will work
- added user_add support to both auth_ldap and auth_apache
- some auth_ldap tweaks, should work with users deeper in the organisation structure too now
- adjusted global topics in mcp_report to work like mcp_queue


git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-07-07 12:36:44 +00:00
Meik Sievertsen
b0c3e39582 - removed db cache (might re-appear, but for now we do not see the need for it)
- all changes to styles/subsilver/template are purely cosmetic (no functional changes)
- cosmetics
- bugfixes
- add index to modules table
- use modules ordering code for forums too


git-svn-id: file:///svn/phpbb/trunk@6073 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-16 16:54:51 +00:00
David M
917eeebc1a a few changes ;-)
git-svn-id: file:///svn/phpbb/trunk@5934 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-19 22:50:25 +00:00
David M
2499d92c83 - captcha stuff
- unique_id


git-svn-id: file:///svn/phpbb/trunk@5911 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-05-13 17:48:21 +00:00
Meik Sievertsen
9988679d56 - streamlined reports to consist of the feature set we decided upon (Nils, your turn now)
- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there


git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-03-12 23:19:55 +00:00
Meik Sievertsen
bd30d226a5 - ability to change anonymous user settings more easily
- fix serious bugs in permissions (always allowing if permissions explicitly set and getting wrong permission options from bitfield)
- added option for returning an array to make_forum_select
- again fixing bugs in module system (one for a very query consuming part and one for correctly filling the cache)


git-svn-id: file:///svn/phpbb/trunk@5517 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-02-03 20:59:39 +00:00
Meik Sievertsen
fc32df0358 - Documentation related changes
- added resend activation email dialog
- fixed issue in session code
- log failed/successful admin re-authentication/login
- fixed simple forum dropdown box (used in mcp and posting)


git-svn-id: file:///svn/phpbb/trunk@5114 89ea8834-ac86-4346-8a33-228a782c2dd0
2005-04-09 12:26:45 +00:00
Paul S. Owen
a47fa4d6ca Remove need for session_ids for "allowed" bots, dump user_founder/user_active in favour of user_type, new user_type, USER_IGNORE
git-svn-id: file:///svn/phpbb/trunk@4603 89ea8834-ac86-4346-8a33-228a782c2dd0
2003-10-15 17:43:07 +00:00
Paul S. Owen
9da094fec2 Updated the various "users of emailer", fixed issue(!) of jabber using the email address as the uid, blah fixes, blah, blah di blah yakety smackety
git-svn-id: file:///svn/phpbb/trunk@4583 89ea8834-ac86-4346-8a33-228a782c2dd0
2003-10-12 15:29:18 +00:00
Paul S. Owen
d1494cfd8c Add Id tags
git-svn-id: file:///svn/phpbb/trunk@3707 89ea8834-ac86-4346-8a33-228a782c2dd0
2003-03-24 18:15:26 +00:00
Paul S. Owen
cd9b3af2b5 Some changes to the returned data format + cleanups
git-svn-id: file:///svn/phpbb/trunk@3622 89ea8834-ac86-4346-8a33-228a782c2dd0
2003-03-09 16:09:37 +00:00
Meik Sievertsen
d95588823a only minor changes, some notes, played around with the code... nothing special.
git-svn-id: file:///svn/phpbb/trunk@3543 89ea8834-ac86-4346-8a33-228a782c2dd0
2003-02-26 13:17:45 +00:00
Paul S. Owen
0e9f0ac4ec Mostly changes to turn userdata into user->data, lang into user->lang + bitstring 2nd format + inheritance for permission admin and various other updates/fixes/changes ... note that user->lang & user->theme isn't final
git-svn-id: file:///svn/phpbb/trunk@2958 89ea8834-ac86-4346-8a33-228a782c2dd0
2002-10-20 19:19:07 +00:00
Paul S. Owen
f8ea2a46a8 Auth plug-in, say thanks to Sergey Kanareykin
git-svn-id: file:///svn/phpbb/trunk@2828 89ea8834-ac86-4346-8a33-228a782c2dd0
2002-08-06 16:56:14 +00:00