summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2013-09-22Fix modal not showing upFlorian Pritz1-68/+72
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Make lexer errors full with againFlorian Pritz1-3/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Fix jumpy buttons on highlight page caused by tooltipFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Fix navigation and footer css; css cleanupFlorian Pritz1-19/+21
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Fix mess in header.php breaking error pagesFlorian Pritz1-39/+39
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22almost migrated to bootstrap3Markus Cisler25-1009/+442
2013-09-22Add debugging support for emailFlorian Pritz1-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22duser_db: Remove case sensitive username checkFlorian Pritz1-5/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22duser_fluxbb: Replace like with equalsFlorian Pritz1-2/+2
We don't use wildcards so we don't need like. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Merge tag '2.1.4'Florian Pritz5-11/+10
Signed-off-by: Florian Pritz <bluewind@xinu.at> Conflicts: application/config/migration.php user_guide/changelog.html
2013-09-22Use InnoDB for the files tablePierre Schmitz2-1/+17
The files table was MyISAM even though all other tables were InnoDB. We should avoid mixing types here (backups, transactions and performance). Signed-off-by: Pierre Schmitz <pierre@archlinux.de> Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-22Add FluxBB authentication driverPierre Schmitz3-1/+59
To enable set: $config['authentication_driver'] = 'fluxbb'; $config['auth_fluxbb'] = array('database' => 'fluxbb'); Signed-off-by: Pierre Schmitz <pierre@archlinux.de> Add example array to config.php Remove $optional_functions from Duser_fluxbb to follow bb9f9274e8c2d661a1adffd87c87c3d81ec47b4d. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-16Remove executable bitsFlorian Pritz150-0/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-16Duser: Rework optional functionsFlorian Pritz3-12/+5
Not implemented functions return null and code using these no longer has to check if they are implemented, but it has to handle null properly. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-16Duser: Add some commentsFlorian Pritz2-0/+14
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-16Duser_Driver/username_exists: return null if not implementedFlorian Pritz1-1/+1
false means we know it doesn't exist, null means we don't know. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-15Add default get_email to Duser_DriverFlorian Pritz2-6/+4
This fixes a possible endless loop when the function is not implemented in the driver, but the array says it is. It also allows us to simply call it without checking if it's implemented. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-10Add file/get_max_size to csrf whitelistFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-08user/create_apikey: Add JSON supportFlorian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-05Disable CSRF for cli clients on user/create_apikeyFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-05Update jquery to 2.0.3Florian Pritz5-7/+8837
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Fix off-by-one error in random_alphanum()Florian Pritz1-1/+1
This could result in too short strings Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove left over var_dump()Florian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove unneeded "as" in sql queryFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Add support for enabling the profilerFlorian Pritz2-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Replace is_cli_client() with stateful_client where applicableFlorian Pritz3-7/+5
Stateless clients (cli client and clients using api keys) can't reclaim IDs (no cookie) so they should be required to log in asap and they will always get an error if they didn't log in. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Only store session information for stateful clientsFlorian Pritz2-0/+53
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Generalize request_type() to static_storage()Florian Pritz5-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Set login session data in one goFlorian Pritz2-8/+12
This reduces the amount of db queries and cookies we create since each update triggers an db update and (which is a bug) sets a new cookie. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Only renew uri flashdata when needed.Florian Pritz1-1/+1
This saves us 2 to 4 (useless) db queries per page. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-03Merge branch 'working'Florian Pritz19-821/+190
2013-09-02Autofocus username text box on upload_formTillmann Karras1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Disable CSRF checks for CLI requestsFlorian Pritz1-1/+1
Otherwise we get an error in the Security class trying to access $_SERVER["REQUEST_METHOD"]. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Add GET parameter for json outputFlorian Pritz1-0/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02mfile/delete_id: Remove require_access callFlorian Pritz1-1/+0
We expect the controller to take care of that, no need to double check. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02claim_id: Fix error when called directly without last_upload dataFlorian Pritz1-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Replace echo with show_error; misc cleanupFlorian Pritz1-9/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Add CSRF protectionFlorian Pritz4-5/+51
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Provide json output for api functionsFlorian Pritz10-51/+84
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02muser: always verify api credentials; improve error messagesFlorian Pritz1-17/+18
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Allow to override config_item() options; add modification commentsFlorian Pritz2-1/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02user_logged_in(): always load muserFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02remove left over security libraryFlorian Pritz1-737/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Display domain of email address when resetting passwordFlorian Pritz2-2/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-26add readmeFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Remove empty line after ansi2htmlFlorian Pritz1-4/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Deduplicate initialisation code in controllersFlorian Pritz3-34/+40
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Only determine latest client version when neededFlorian Pritz1-6/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Add comment about ID blacklistFlorian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Validate IDs when generating thumbnail historyFlorian Pritz1-0/+5
The thumbnail function generates an invalid image (HTML error message) if the ID is invalid resulting in empty images. Catch those when creating the page to prevent that. Signed-off-by: Florian Pritz <bluewind@xinu.at>