Commit Graph

1300 Commits

Author SHA1 Message Date
steinm
1ce0bcc831 - added encryption key 2012-08-31 07:47:07 +00:00
steinm
f14c15ee50 - fixed security hole 2012-08-31 07:44:25 +00:00
steinm
07b7578190 - allow to check forms with GET Request 2012-08-31 07:43:43 +00:00
steinm
2a11ab47bc - new function to create and check formular tokens for POST Requests 2012-08-29 20:49:42 +00:00
steinm
da2e00e96b - new method getId() 2012-08-29 20:42:33 +00:00
steinm
322d4e78d9 - added encryption key 2012-08-29 20:42:13 +00:00
steinm
258315b6be - fixed sql statement to insert a new user 2012-08-29 20:40:56 +00:00
steinm
452221fe2b - lots of fixes to prevent CSRF attacks 2012-08-29 20:37:22 +00:00
steinm
54273250d4 - removed very old installation instrucations 2012-08-28 13:20:39 +00:00
steinm
680579ada7 - removed very old update script 2012-08-28 13:19:10 +00:00
steinm
bc71431d01 - branch for next version 3.4.0 2012-08-28 09:41:53 +00:00
steinm
7878b8ec59 - changed order of table definitions 2012-08-28 09:40:14 +00:00
steinm
c0fe231b4e - set version to 3.4.0 2012-08-28 09:19:50 +00:00
steinm
72cc3a4bf6 - added changes for 3.3.7 and 3.4.0 2012-08-28 09:19:07 +00:00
steinm
decd9f8e14 - simple webservice 2012-08-28 08:48:56 +00:00
steinm
c1462b7e73 - additional database driver based on PDO 2012-08-28 08:47:17 +00:00
steinm
e9380b045b - reordered changelog entries 2012-08-28 08:46:17 +00:00
steinm
1392e9fbf7 - delete entries from table tblUserPasswordRequest and tblUserPasswordHistory
when user is deleted
2012-08-28 07:48:59 +00:00
steinm
e3d13bc6c8 - new version 3.3.7 2012-08-28 07:47:47 +00:00
steinm
bfa1524b62 - added link back to installation 2012-08-28 07:46:56 +00:00
steinm
7eb1173ebe - added new configuration parameters 2012-08-28 07:46:19 +00:00
steinm
c6e0689cff - add _ADOdbPath to include_path
- new version 3.4.0
- output error if dir for configuration file could not be found
2012-08-28 07:45:40 +00:00
steinm
9240c4b2f7 - sync with create_tables-innodb.sql 2012-08-28 07:43:58 +00:00
steinm
ada9d9980e - added ENGINE to table definition 2012-08-28 07:43:36 +00:00
steinm
106a0bfce8 - added new tables tblUserPasswordHistory 2012-08-28 07:40:31 +00:00
steinm
2e93357df0 - added constraint 2012-08-28 07:39:47 +00:00
steinm
9ec3fbc898 - files to update from version 3.3.0 to 3.4.0 2012-08-28 07:33:10 +00:00
steinm
fa5bdbd753 - added new attributes $_pwdExpiration, $_loginFailures, $_isDisabled 2012-08-28 07:31:31 +00:00
steinm
43e7cb9d47 - replace mktime() by time()
- better error checking
2012-08-28 07:30:27 +00:00
steinm
912b7f5d42 - replace mktime() by time()
- better error checking
2012-08-28 07:29:39 +00:00
steinm
6f955f1b83 - added method getDocumentsLockedByUser($user)
- pass new parameters to constructor of LetoDMS_Core_User
2012-08-28 07:28:16 +00:00
steinm
6d759854c6 - added jquery plugin which runs ajax command for calculating password
strength
2012-08-28 07:26:11 +00:00
steinm
f36cb73c53 - update to jquery 1.7.2 2012-08-28 07:25:21 +00:00
steinm
ce2843ef6e - handle new settings for password strength, expiration
- prevent some XSS attacs
2012-08-28 07:24:32 +00:00
steinm
7d4c363e5a - output password expiration 2012-08-28 07:22:25 +00:00
steinm
a9d8f415ae - prevent XSS attac 2012-08-28 07:21:56 +00:00
steinm
f4489d6a73 - some minor code formating
- added copyright notice
2012-08-28 07:21:15 +00:00
steinm
a3a42bb451 - some initial coding for auto completion 2012-08-28 07:20:41 +00:00
steinm
75c2adcfc6 - prevent XSS attacs 2012-08-28 07:18:00 +00:00
steinm
4bb7c9307f - check password strength
- allow password change only if current password is entered
2012-08-28 07:09:23 +00:00
steinm
a68a78ceab - check for password strength
- ask for current password before setting a new one
2012-08-28 07:00:19 +00:00
steinm
8eac512855 - prevent XSS attack in showtree() 2012-08-28 06:39:15 +00:00
steinm
1b29ae6bd8 - Script for which is called when the login process detects a to old password 2012-08-28 06:37:58 +00:00
steinm
59506d46e0 - check if password has expired 2012-08-28 06:36:33 +00:00
steinm
99d6b0b12f - fixed security wholes (mostly possible sql injections) 2012-08-28 06:35:43 +00:00
steinm
36dc571aa5 - added more configuration settings for password handling, stopwords file
and user listing
2012-08-28 06:34:21 +00:00
steinm
d80c68ad51 - count login failures and disable account if a certain number is exceeded
(can be configured in the settings)
2012-08-28 06:31:26 +00:00
steinm
282938c93c - check for password strength and if it was previously used before setting
a new one (can be turned of in th settings)
2012-08-28 06:30:20 +00:00
steinm
8ba211914e - simple class to manage the former passwords of a user 2012-08-28 06:28:42 +00:00
steinm
134b9becb5 - calculate password strength
- take into account new settings for disabling a user
2012-08-28 06:27:22 +00:00