1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-25 21:56:32 +02:00
Commit Graph

65 Commits

Author SHA1 Message Date
rxu
2fd4dbb685 [ticket/16690] Fix htmlspecialchars and htmlspecialchars_decode default flag
PHPBB3-16690
2021-01-20 00:21:24 +07:00
rxu
79e6636092 [ticket/15881] Reset login keys for account reactivation after password update
PHPBB3-15881
2018-11-24 11:31:32 +07:00
Jakub Senko
4b6c2c8cde [ticket/10961] Send HTTP 403 when applicable
PHPBB3-10961
2016-09-01 08:48:37 +02:00
Marc Alexander
73e6e5b77f [ticket/13454] Remove unused variables
This is the first part of the changes. More to come.

PHPBB3-13454
2016-01-06 13:51:19 +01:00
Marc Alexander
c96c6877bf Merge branch '3.1.x'
Conflicts:
	phpBB/includes/ucp/ucp_activate.php
2015-08-22 10:41:46 +02:00
lavigor
1b1fc6ed24 [ticket/14087] Add an event to ucp_activate.php.
PHPBB3-14087
2015-08-09 23:35:06 +03:00
Gaëtan Muller
f6e06da4c6 [ticket/13455] Update calls to request_var()
PHPBB3-13455
2015-02-03 20:50:40 +01:00
Gaëtan Muller
7fc586080b [ticket/13468] Update calls to add_log()
PHPBB3-13468
2015-01-27 18:34:33 +01:00
Gaëtan Muller
b5544b2f47 [ticket/13450] Type-hint return value of $phpbb_container->get()
PHPBB3-13450
2015-01-12 20:19:07 +01:00
Tristan Darricau
fe80967535 [ticket/12990] Use the full services name for the notification's types
PHPBB3-12990
2014-08-16 21:46:03 +02:00
Marc Alexander
4698f6928e [ticket/12352] Remove usages of user_pass_convert column
PHPBB3-12352
2014-06-01 21:31:05 +02:00
Yuriy Rusko
a759704b39 [ticket/12594] Remove @package tags and update file headers
PHPBB3-12594
2014-05-27 20:51:13 +02:00
Cesar G
c5fc8c43cb [ticket/11746] Delete the notification after user is approved & fix language.
PHPBB3-11746
2013-10-26 01:01:08 -07:00
Cesar G
d607f1c927 [ticket/11746] Add "admin activation required" notification.
PHPBB3-11746
2013-10-24 02:37:20 -07:00
Nathan Guse
fcdfe748b8 [ticket/11454] Use set_addresses in other applicable areas
This should fix some other bugs that may not have yet been recognized--some
areas only set to(), but sent according to user_notify_type, which is not
necessarily email.

PHPBB3-11454
2013-04-24 15:34:12 -05:00
Oleg Pudeyev
2df2f27b96 Merge PR #1219 branch 'develop-olympus' into develop
# By Andreas Fischer
# Via Andreas Fischer (1) and Oleg Pudeyev (1)
* develop-olympus:
  [ticket/11343] Remove spare parentheses.
  [ticket/11343] Remove spare space.
  [ticket/11343] Use === when checking stored user_actkey against user input.
2013-01-27 17:46:11 -05:00
Andreas Fischer
5a146df07f [ticket/11343] Remove spare parentheses.
PHPBB3-11343
2013-01-25 19:52:02 +01:00
Andreas Fischer
8421aa0b0e [ticket/11343] Remove spare space.
PHPBB3-11343
2013-01-25 19:51:17 +01:00
Andreas Fischer
305b2b8f48 [ticket/11343] Use === when checking stored user_actkey against user input.
Use strict comparison when checking whether stored user_actkey is equal to user
input.

PHPBB3-11343
2013-01-25 19:49:02 +01:00
Unknown
7a04c9048c [ticket/9916] Updating header license and removing Version $Id$
PHPBB3-9916
2011-12-31 13:32:52 +00:00
Igor Wiedler
d766ee3fe6 Merge branch 'develop-olympus' into develop
* develop-olympus:
  [ticket/10446] Pass $config and $user via parameter to anti_abuse_headers().
  [ticket/10446] Remove leftover $headers parameter from anti_abuse_headers().
  [ticket/10446] RFC2047 encode user/server names in X-AntiAbuse headers.
  [ticket/10446] DRY X-AntiAbuse header addition.

Conflicts:
	phpBB/includes/ucp/ucp_register.php
2011-11-20 18:45:56 +01:00
Andreas Fischer
37c7668193 [ticket/10446] Pass $config and $user via parameter to anti_abuse_headers().
PHPBB3-10446
2011-11-20 16:35:31 +01:00
Oleg Pudeyev
64d62038cd [ticket/10446] DRY X-AntiAbuse header addition.
PHPBB3-10446
2011-11-20 04:15:44 -05:00
Oleg Pudeyev
a4a9e38007 Merge branch 'develop-olympus' into develop
* develop-olympus:
  [ticket/9961] Create log entries when users are activated.
2011-04-30 20:44:42 -04:00
Erik Frèrejean
1d2201902f [ticket/9961] Create log entries when users are activated.
* Create log entries when a user activates own account without
   also changing their password.

 * Additionally create admin log entries when an administrator activates
   user accounts.

PHPBB3-9961
2011-04-19 13:11:20 +02:00
Chris Smith
a7f57d0aa1 Fix a regression in r9498, activation could really do with an overhaul :(
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9520 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-05-29 19:55:42 +00:00
Chris Smith
de617ed0df Minor security problem, discovered internally. Requires the user to know the activation key which is not normally possible when admin activation is turned on. #41625
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9498 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-04-29 18:30:26 +00:00
Chris Smith
bd316f9c48 Log password changes via password reset function. #41365
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9340 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-02-23 18:00:04 +00:00
Henry Sudhof
bbfe3b0b7b 37375
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9067 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-11-21 13:21:53 +00:00
Meik Sievertsen
c246231f05 Reset login attempts on new password activation. Prevents "first failed login attempt" on converted boards. Bug #19965
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8881 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-09-18 14:50:11 +00:00
Meik Sievertsen
bc0898f55e fixing some annoying bugs
git-svn-id: file:///svn/phpbb/trunk@8204 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-19 13:10:13 +00:00
Meik Sievertsen
7de5bb3498 dumdidum... sorry. ;)
git-svn-id: file:///svn/phpbb/trunk@8147 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-10-05 14:36:34 +00:00
Meik Sievertsen
9f82dec04b some changes/bugfixes
git-svn-id: file:///svn/phpbb/trunk@7241 89ea8834-ac86-4346-8a33-228a782c2dd0
2007-03-30 10:49:06 +00:00
Igor Wiedler
af5b9a9640 [ticket/9556] Drop php closing tags, add trailing newline
Closing tags converted using Oleg's script.
remove-php-end-tags.py -a .

Trailing newlines added using the following where $ext is file extension.
find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s;

Extensions: php, css, html, js, xml.

PHPBB3-9556
2010-11-11 19:10:55 +01:00
Meik Sievertsen
2e17e448de Copy 3.0.x branch to trunk
git-svn-id: file:///svn/phpbb/trunk@10211 89ea8834-ac86-4346-8a33-228a782c2dd0
2009-10-04 18:14:59 +00:00
Meik Sievertsen
68aa6bd29a put acp, mcp and ucp into modules/ directory
git-svn-id: file:///svn/phpbb/trunk@9223 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-12-24 14:08:15 +00:00
Henry Sudhof
c8e3035a4b Merge R 9067
git-svn-id: file:///svn/phpbb/trunk@9068 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-11-21 13:46:39 +00:00
Meik Sievertsen
158a15ba9c Reset login attempts on new password activation. Prevents "first failed login attempt" on converted boards. Bug #19965
git-svn-id: file:///svn/phpbb/trunk@8882 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-09-18 14:50:50 +00:00
Meik Sievertsen
2f4a618900 ok... i hope i haven't messed too much with the code and everything is still working.
Changes:
- Ascraeus now uses constants for the phpbb root path and the php extension. This ensures more security for external applications and modifications (no more overwriting of root path and extension possible through insecure mods and register globals enabled) as well as no more globalizing needed.
- A second change implemented here is an additional short-hand-notation for append_sid(). It is allowed to omit the root path and extension now (for example calling append_sid('memberlist')) - in this case the root path and extension get added automatically. The hook is called after these are added.

git-svn-id: file:///svn/phpbb/trunk@8572 89ea8834-ac86-4346-8a33-228a782c2dd0
2008-05-29 12:25:56 +00:00
Meik Sievertsen
46f3bd40a8 - telling the admin for what the board contact and board email addresses are used for and also making sure this explanation is correct ;)
- fixes for bugs #6694, #6664 and #6662


git-svn-id: file:///svn/phpbb/trunk@6826 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-12-31 16:56:15 +00:00
Meik Sievertsen
7ab232a455 ok, i am an idiot...
git-svn-id: file:///svn/phpbb/trunk@6548 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-03 21:05:25 +00:00
Meik Sievertsen
1634814e16 - make sure the sql layer for mysql always states mysql4 and get to mysql if using mysql < 4
- assign some default vars to email templates (we always need some basic ones)


git-svn-id: file:///svn/phpbb/trunk@6546 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-03 17:50:39 +00:00
Meik Sievertsen
daa3288a36 - implemented the suggested html_entity_decode function made by david
- fixed string length checking by also decoding entities for the sake of checking
- used the new html_entity_decode function


git-svn-id: file:///svn/phpbb/trunk@6545 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-11-03 11:26:14 +00:00
Meik Sievertsen
5284f32178 - extend config checking to include check for writeable path
- removed not utilized user_allow_email column from schema
- removed inactive groups (they had no use at all, since inactive users are not able to login)
	The only benefit those brought are distinguish users - but this is no longer needed too due to the inactive code present. This also allows us to retain group memberships as well as default settings for users being set inactive due to profile changes.
- rewrote user_active_flip to support multiple users and a mode, as well as coping with the aforementioned changes
- implemented updated jabber class to support SRV server records and for better jabberd2 support.
- jabber errors now logged to the error log with a full transaction
- fixed user_delete calls to include usernames where possible and also update last post information correctly
- implemented additioal checks to user management to cope with common mistakes
- On installation, guess the required mysql schema as best as possible. Users now only need to decide if they want to use the mysqli extension or not (mysqli selected by default) and no longer need to know their mysql version.
- founders do not need to re-activate their account on profile changes
- remove older session if re-authentication was successful (re-authentication always assigns a new session id)
- set the cookie directly instead of using php's function
- added inactive_remind to see which users got deactivated because of reminders (or re-activation) sent out

hopefully not introduced too many bugs - those testing with CVS releases, please concentrate on user registration, activation, profile changes (email/password)...


git-svn-id: file:///svn/phpbb/trunk@6436 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-10-03 18:35:59 +00:00
Graham Eames
cbece78f7b A reworking of how we handle inactive users
git-svn-id: file:///svn/phpbb/trunk@6394 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-09-23 12:27:51 +00:00
Meik Sievertsen
1aac08acc0 make sure custom profile fields are created correctly on registration (#2225)
git-svn-id: file:///svn/phpbb/trunk@6058 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-13 21:06:29 +00:00
Meik Sievertsen
01b4145381 - fixed a few bugs
- added user_add() function
- check posted images ([img]) for same domain/scipt and php files
- auth_api.html updated to the coding guidelines look&feel
- introduced ability to force non page-updates (cron is using it)
- correctly resend coppa email


git-svn-id: file:///svn/phpbb/trunk@6048 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-11 18:13:52 +00:00
Meik Sievertsen
ef08df5675 - bugfix roll
- fixed sql_query_limit on mssql/mssql_odbc


git-svn-id: file:///svn/phpbb/trunk@6024 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-08 20:26:03 +00:00
Meik Sievertsen
4306d4d083 - fix some smaller bugs
- removed custom profiles preview field from acp


git-svn-id: file:///svn/phpbb/trunk@6022 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-08 10:59:36 +00:00
Meik Sievertsen
dd9ad539fd ok, this one is rather large... the most important change:
re-introduce append_sid: old style continues to work, not a performance hog as it was in 2.0.x -> structure is different

apart from this, code cleanage, bug fixing, etc.


git-svn-id: file:///svn/phpbb/trunk@6015 89ea8834-ac86-4346-8a33-228a782c2dd0
2006-06-06 20:53:46 +00:00