1
0
Fork 0
Commit Graph

154 Commits (ea2fffa872343db1eda9fdc0e11cf228bea207b1)

Author SHA1 Message Date
Anonymous Contributor 1df2182bae Use POST for password changes, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor c97c58e30d Fix HTML format 2023-08-23 18:16:35 +02:00
Anonymous Contributor e2795e99b9 Do not use PHP's error control operator 2023-08-23 18:16:35 +02:00
Anonymous Contributor 9954f31721 Fix typos 2023-08-23 18:16:35 +02:00
Anonymous Contributor 57ff06d418 Generate a random string as invite code 2023-08-23 18:16:35 +02:00
Anonymous Contributor 8c7a31d88a Use POST for user management, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 6ca8988128 Use POST for managing identities, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 9d760f7dc3 Use POST for leaving groups, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor e6d51a0afb Use POST when removing friends, validate input 2023-08-23 18:16:35 +02:00
Anonymous Contributor 87c21a06eb Fix incorrect regex escaping 2023-08-23 18:16:35 +02:00
Anonymous Contributor 0a6b06fb29 Fix property reference 2023-08-23 18:16:35 +02:00
Anonymous Contributor 2e7abe5bd5 Remove unneeded file 2023-08-23 18:16:35 +02:00
Anonymous Contributor d3f3ca5779 Fix include/template paths 2023-08-23 18:16:35 +02:00
Anonymous Contributor 17fe6651c8 Reflect directory structure changes 2023-08-23 18:16:35 +02:00
Anonymous Contributor f9828aa110 Move templates to template directory 2023-08-23 18:16:35 +02:00
Anonymous Contributor 4415adb6e6 Reflect directory structure changes 2023-08-23 18:16:35 +02:00
Anonymous Contributor da225d7213 Do not include unused discord class 2023-08-23 18:16:35 +02:00
Anonymous Contributor 08f29758c0 Only include and construct OpenSim when needed 2023-08-23 18:16:35 +02:00
Anonymous Contributor c9cad23e2c Only include PHPMailer when needed 2023-08-23 18:16:35 +02:00
Anonymous Contributor 59c9e53f1e Rename PHPMailer directory 2023-08-23 18:16:35 +02:00
Anonymous Contributor 45a33c2b9f Remove unused GoogleAuthenticator class 2023-08-23 18:16:35 +02:00
Anonymous Contributor 11c8fa3471 Change dir structure of class files 2023-08-23 18:16:34 +02:00
Anonymous Contributor d5356a81c1 Do not store salt when generating new password 2023-08-23 18:16:34 +02:00
Anonymous Contributor a699bf2dee Small fixes 2023-08-23 18:16:34 +02:00
Anonymous Contributor 1f82e33c54 Check if CSRF token is available before replacing 2023-08-23 18:16:34 +02:00
Anonymous Contributor d81e48fc12 Redirect after logout 2023-08-23 18:16:34 +02:00
Anonymous Contributor c4ce814333 Use Argon2id as password hashing algorithm 2023-08-23 18:16:34 +02:00
Anonymous Contributor 5559355635 Add values for default avatar option(s) 2023-08-23 18:16:34 +02:00
Anonymous Contributor bd3df89454 Fix various small errors 2023-08-23 18:16:34 +02:00
Anonymous Contributor 3134f55393 Fix RUNTIME array being reset after loading config 2023-08-23 18:16:34 +02:00
Anonymous Contributor 06b7e6dc6e Replace %%CSRF%% variable with CSRF token 2023-08-23 18:16:34 +02:00
Anonymous Contributor ed9f4c8eed Unset pre-session on login and registration 2023-08-23 18:16:34 +02:00
Anonymous Contributor 20ae77b90b Add CSRF field variable to all forms 2023-08-23 18:16:34 +02:00
Anonymous Contributor 3e8d0d3778 Add CSRF token validation for forms 2023-08-23 18:16:34 +02:00
Anonymous Contributor a446cfd9c1 Generate CSRF token on session start 2023-08-23 18:16:34 +02:00
Anonymous Contributor c78e7e2007 Set secure attributes for session cookie 2023-08-23 18:16:34 +02:00
Anonymous Contributor 43ea9eefda Add domain config variable 2023-08-23 18:16:34 +02:00
Anonymous Contributor b6eff53f0c Just set status code, do not hardcode HTTP version 2023-08-23 18:16:34 +02:00
Anonymous Contributor 16ee118c98 Always redirect after making changes 2023-08-23 18:16:34 +02:00
Anonymous Contributor b3db0383a1 Fix input validation checks in identities.php 2023-08-23 18:16:34 +02:00
Anonymous Contributor 7b08766668 Always encode user input before including in HTML 2023-08-23 18:16:34 +02:00
Anonymous Contributor 70962b0c63 Only fetch required rows from database 2023-08-23 18:16:34 +02:00
Anonymous Contributor 959dfc8d88 Use PDO and prepared statements in api/economy 2023-08-23 18:16:34 +02:00
Anonymous Contributor 7190b78faf Do not set HSTS header in scripts 2023-08-23 18:16:34 +02:00
Anonymous Contributor 0ff99a3678 Improve routing 2023-08-23 18:16:34 +02:00
Anonymous Contributor 26311c8ffb Improve API endpoint name validation 2023-08-23 18:16:34 +02:00
Anonymous Contributor e5dd07305a Add input validation to Register page 2023-08-23 18:16:34 +02:00
Anonymous Contributor c49a52e116 Fix user name regex 2023-08-23 18:16:34 +02:00
Anonymous Contributor 390aa89d9f Add "equals" parameter to form validator 2023-08-23 18:16:34 +02:00
Anonymous Contributor 6a6e7db2ce Sanitize 'page' GET parameter in login.php 2023-08-23 18:16:34 +02:00