Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Develop update from head fork #3

Merged
merged 58 commits into from
Dec 14, 2015
Merged

Develop update from head fork #3

merged 58 commits into from
Dec 14, 2015

Conversation

slaveek
Copy link
Owner

@slaveek slaveek commented Dec 14, 2015

No description provided.

cybernet and others added 30 commits November 6, 2015 14:36
@cybernet
Dev packages are installed by default now.
ecc0c25
Create UserController
ec0756c
Create RegisterController
33865fd
Move register and verify view files to view/register
60149a2
Remove register and verify view files from view/login directory
41f82c2
Move register and user action methods to their new controllers
35d1e12
Rename view/register/register.php to index.php
68e7b00
Changed View->render and Redirect::to()
8d6c6b3
Move view user action files to view/user directory
3991e31
Fixed logout if CSRF not valid
3683f0a 
Logout action should be do in other way. Repeat this 3 lines every time
we need valid CSRF, will be confusing.
Rename showProfile.php to index.php
314e245
Fixed showCaptcha
17cca66
Changed form actions in user views
c084b99
Change form action in register views
94f8473
Fixed links in right menu
fa2cc4c
Fixed typo
8904ac2
Move Auth::checkAuthentication() to constructor
1c3faf9 
All pages (user actions) in UserController are visible for logged-in
users
Fixed register link
90d6f2b
@geozak
simplifying Session::get($key)
2485385 
This is a change to the get method to make it simpler.
Inside the Filter::XSSFilter method the input is already checked for is_string and it return the value whether or not it attempts to filter.
@geozak
Update Session.php to also account for issue 746
0150884 
The change is to make the simplification done also fix issue 746
#746
@kuldipem
added vendor dir to .gitignore
95775a5
Fixed major and minor changes missed
cdde4ef 
Bugs found by @geozak see:
#747 (comment)
Improved logout
851d594 
As pointed in the very first comment in
https://github.com/panique/huge/blob/develop/application/core/Csrf.php
Revert "Improved logout"
9141b70 
This reverts commit 851d594.
@panique
logo is now centered (to fit GitHub's new and wider UI)
260ceeb
@panique
reverted: logo is now centered (to fit GitHub's new and wider UI)
bd14d23
@OmarElgabry
Add encodeHTML() method
b6955bc
@OmarElgabry
Avoid XSS attacks of redirect
dbda3f9
@panique
Merge pull request #753 from OmarElGabry/master
c310928 
Encode HTML characters to avoid XSS
@panique
Merge pull request #751 from kuldipem/patch-1
f036559 
added vendor dir to .gitignore
panique and others added 28 commits November 29, 2015 04:52
@panique
Merge branch 'master' into develop
72395d2
@panique
gitignore additions
da2c9ac
@panique
Merge pull request #745 from cybernet/patch-1
a388211 
Dev packages are installed by default now.
@panique
Merge branch 'master' into develop
ab8f273
@panique
removed ""--dev" from composer install line as composer installs dev …
3e302f2 
…dependencies now by default
@panique
Merge pull request #748 from geozak/patch-1
221cb7c 
simplifying Session::get($key)
@panique
Merge branch 'master' into develop
199ba6a
@panique
Merge pull request #747 from slaveek/login-cotroller
d2c076e 
LoginController only for login flow
@panique
Merge remote-tracking branch 'origin/develop' into develop
40d8939
@panique
TODO for config encryption stuff
33a8988
@panique
better info on cookie domains
c432766
@panique
better info on cookie encryption, code reformattings
a5411d4
@panique
announcing soft EOL for the project
4eda9e7
@panique
removed weird comment
ee76f16
@panique
added links to session duration to readme
8293084
@panique
removed TODO
336b43e
@panique
added "logged in from multiple devices" info to readme, code comment …
3858e8f 
…fixes
@panique
added "logged in from multiple devices" info to readme
4ddd4a6
@panique
Ticket #723 - Confirm email address in registration (to prevent typos…
7ce1ade 
… by user)
@panique
Ticket #750 - Auto logout user after acount deleted or suspended
7b00ea0
@panique
Ticket #538 - throttle password-reset-requests with captcha (to block…
90b72cf 
… brute-force attacks)
@panique
Ticket #721 - feedback notice for: Some mail providers (Yahoo) might …
5612ae9 
…"click" the confirmation links via their auto-spam-scanners
@panique
badge - codacy
7bdcad6
@panique
Ticket #661 - more security in .htaccess
84e5377
@panique
explanation on how to use the CSRF feature
22878ca
@panique
explanation on how to use the CSRF feature
953a985
fixed broken static call to non-static method
f914279
fixed broken static call to non-static method in documentation
fdbbb19
slaveek added a commit that referenced this pull request Dec 14, 2015
@slaveek
Merge pull request #3 from panique/develop
b278759 
Develop update from head fork
@slaveek slaveek merged commit b278759 into slaveek:develop Dec 14, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@slaveek @panique @cybernet @geozak @kuldipem @OmarElgabry