1
0
Fork 0
Commit Graph

76 Commits (b400f0c4e577a0071d4d60065cbf6fab71af503a)

Author SHA1 Message Date
Anonymous Contributor b400f0c4e5 Fix erroneous SQL queries (ignored pre-PHP 8) 2023-08-23 18:16:36 +02:00
Anonymous Contributor 463ab4abe0 Prevent invite codes being reusable in some cases 2023-08-23 18:16:36 +02:00
Anonymous Contributor 0140cf1a57 Revert password hashing for OpenSim compatibility 2023-08-23 18:16:36 +02:00
Anonymous Contributor 954794870e Enforce POSt for region removal, validate input 2023-08-23 18:16:36 +02:00
Anonymous Contributor 16affffa66 Display correct title on friends page 2023-08-23 18:16:36 +02:00
Anonymous Contributor 2670cf604e Change validation regexes to be more strict 2023-08-23 18:16:36 +02:00
Anonymous Contributor 879b1d8e3f Fix profile form validation 2023-08-23 18:16:36 +02:00
Anonymous Contributor 0ecd9aed75 Optimize user group query 2023-08-23 18:16:36 +02:00
Anonymous Contributor bf07367b0c Fix friend entries having GET removal links in some cases 2023-08-23 18:16:36 +02:00
Anonymous Contributor 5d6b6565cd Add minimum password length requirement 2023-08-23 18:16:36 +02:00
Anonymous Contributor 4dfb3d81c3 Enforce POST when sending register form 2023-08-23 18:16:35 +02:00
Anonymous Contributor d46835e8eb Check if new name is already taken 2023-08-23 18:16:35 +02:00
Anonymous Contributor 03f5cd489d Remove useless double check of input lengths 2023-08-23 18:16:35 +02:00
Anonymous Contributor 7b0539b96f Save IAR message state across requests 2023-08-23 18:16:35 +02:00
Anonymous Contributor 497dcb85a8 Remove unused allUsers variable and query 2023-08-23 18:16:35 +02:00
Anonymous Contributor c3106f4787 Actually merge profile and password change pages 2023-08-23 18:16:35 +02:00
Anonymous Contributor 6b88527f05 Properly check request method in login form 2023-08-23 18:16:35 +02:00
Anonymous Contributor 5d0a79f20f Fix password form regexes 2023-08-23 18:16:35 +02:00
Anonymous Contributor 3d0c156cb3 Fix OpenSim API being included too late in users 2023-08-23 18:16:35 +02:00
Anonymous Contributor 841f1707eb Enforce POST and validate input for profile forms 2023-08-23 18:16:35 +02:00
Anonymous Contributor f073fb621d Add validation regex for new identity's name 2023-08-23 18:16:35 +02:00
Anonymous Contributor e192d3fd04 Fix POST request handling in dashboard forms 2023-08-23 18:16:35 +02:00
Anonymous Contributor 1df2182bae Use POST for password changes, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor e2795e99b9 Do not use PHP's error control operator 2023-08-23 18:16:35 +02:00
Anonymous Contributor 57ff06d418 Generate a random string as invite code 2023-08-23 18:16:35 +02:00
Anonymous Contributor 8c7a31d88a Use POST for user management, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 6ca8988128 Use POST for managing identities, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 9d760f7dc3 Use POST for leaving groups, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor e6d51a0afb Use POST when removing friends, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 87c21a06eb Fix incorrect regex escaping 2023-08-23 18:16:35 +02:00
Anonymous Contributor d3f3ca5779 Fix include/template paths 2023-08-23 18:16:35 +02:00
Anonymous Contributor 17fe6651c8 Reflect directory structure changes 2023-08-23 18:16:35 +02:00
Anonymous Contributor f9828aa110 Move templates to template directory 2023-08-23 18:16:35 +02:00
Anonymous Contributor 4415adb6e6 Reflect directory structure changes 2023-08-23 18:16:35 +02:00
Anonymous Contributor 08f29758c0 Only include and construct OpenSim when needed 2023-08-23 18:16:35 +02:00
Anonymous Contributor d5356a81c1 Do not store salt when generating new password 2023-08-23 18:16:34 +02:00
Anonymous Contributor a699bf2dee Small fixes 2023-08-23 18:16:34 +02:00
Anonymous Contributor c4ce814333 Use Argon2id as password hashing algorithm 2023-08-23 18:16:34 +02:00
Anonymous Contributor bd3df89454 Fix various small errors 2023-08-23 18:16:34 +02:00
Anonymous Contributor ed9f4c8eed Unset pre-session on login and registration 2023-08-23 18:16:34 +02:00
Anonymous Contributor 20ae77b90b Add CSRF field variable to all forms 2023-08-23 18:16:34 +02:00
Anonymous Contributor b6eff53f0c Just set status code, do not hardcode HTTP version 2023-08-23 18:16:34 +02:00
Anonymous Contributor 16ee118c98 Always redirect after making changes 2023-08-23 18:16:34 +02:00
Anonymous Contributor b3db0383a1 Fix input validation checks in identities.php 2023-08-23 18:16:34 +02:00
Anonymous Contributor 7b08766668 Always encode user input before including in HTML 2023-08-23 18:16:34 +02:00
Anonymous Contributor 70962b0c63 Only fetch required rows from database 2023-08-23 18:16:34 +02:00
Anonymous Contributor e5dd07305a Add input validation to Register page 2023-08-23 18:16:34 +02:00
Anonymous Contributor c49a52e116 Fix user name regex 2023-08-23 18:16:34 +02:00
Anonymous Contributor 6a6e7db2ce Sanitize 'page' GET parameter in login.php 2023-08-23 18:16:34 +02:00
Anonymous Contributor 588beb3c05 Validate user input in login form 2023-08-23 18:16:34 +02:00