Commit Graph

59 Commits

Author SHA1 Message Date
Roland Gruber e0a82bc70d removed decrypt_login() 2019-08-05 21:56:06 +02:00
Roland Gruber 6d392e51ee refactoring 2019-07-31 21:19:42 +02:00
Roland Gruber 5a6506cf6d fixed logging 2019-03-01 18:28:14 +01:00
Roland Gruber 575b700604 implemented logging 2019-02-23 20:29:45 +01:00
Roland Gruber ffe2316003 added configuration for remote logging 2019-02-23 19:44:10 +01:00
Roland Gruber 1bd598b0c3 set security headers 2019-02-01 19:38:03 +01:00
Roland Gruber cf25c31a37 refactoring 2018-12-29 09:51:51 +01:00
Roland Gruber fa67431df3 external password check 2018-04-10 21:32:26 +02:00
Roland Gruber 993751c7ff changed CSRF token handling from GET to POST 2018-03-14 20:06:09 +01:00
Roland Gruber eb99b37ddb set secure flag for session cookie 2018-03-10 18:48:11 +01:00
Roland Gruber fa9f2490ec responsive 2018-01-13 19:58:55 +01:00
Roland Gruber 57c169e700 added isDebugLoggingEnabled() 2017-10-29 11:33:07 +01:00
Roland Gruber 1a1d28a8af allow to set token if not yet done 2017-10-07 09:58:05 +02:00
Roland Gruber e99f8dae36 replaced MCrypt with OpenSSL 2017-04-02 19:37:06 +02:00
Roland Gruber 9a5ea26777 changed logout to be more fault tolerant 2017-02-27 19:25:47 +01:00
Roland Gruber 61f75e1dfa added more 2-factor options 2017-01-31 20:50:51 +01:00
Roland Gruber 7b2cef9981 fixed log message 2016-12-18 13:08:55 +01:00
Roland Gruber 5f725d3253 moved encryption functions to security.inc 2016-08-07 10:40:36 +02:00
Roland Gruber c02f80d996 prevent clickjacking 2015-12-19 09:31:21 +00:00
Roland Gruber 36f054b84e mark cookies HTTP only 2015-12-19 09:12:47 +00:00
Roland Gruber 8e125eb168 fixed IP check 2015-10-30 19:09:55 +00:00
Roland Gruber d9824cda40 better timezone handling 2015-08-23 08:18:30 +00:00
Roland Gruber 77a6a0d0c9 check if client IP is empty 2015-06-26 18:06:22 +00:00
Roland Gruber c34b040766 added CSRF protection 2015-05-14 09:18:45 +00:00
Roland Gruber a85d7174e5 #120 Use HTTP_X_REAL_IP to log ip addresses 2015-02-17 18:31:52 +00:00
Roland Gruber 092ca3ff57 added isLoggedIn() 2014-10-25 19:17:53 +00:00
Roland Gruber 180d2a8800 allow to display all PHP errors 2014-04-21 10:52:46 +00:00
Roland Gruber b1097df77b extended password policy 2014-04-05 18:42:46 +00:00
Roland Gruber a7d3773493 allow to set single account types read-only 2014-01-15 20:48:52 +00:00
Roland Gruber 56f4626626 added separate IP list for self service 2014-01-12 19:58:15 +00:00
Roland Gruber f1f74c5f9e set PHP error reporting to E_ALL & ~E_NOTICE by default 2013-10-18 17:43:09 +00:00
Roland Gruber 90e01cbcaa allow to specify SSL CA certificates in LAM main configuration 2013-08-10 12:43:01 +00:00
Roland Gruber 2940462f96 fix problems if password reset is continued in different browser 2013-07-28 17:49:20 +00:00
Roland Gruber 4f25877520 allow to hide buttons to create/delete accounts 2013-05-01 12:36:17 +00:00
Roland Gruber 6fc5c2ec8a fix session timeout 2013-03-01 18:22:40 +00:00
Roland Gruber 14724b889f better session timeout support for AJAX requests 2013-02-28 19:04:27 +00:00
Roland Gruber 43199cd804 better session timeout support for self service 2013-02-28 17:42:09 +00:00
Roland Gruber 79fcf4ca0e better tool protection 2012-07-22 10:37:01 +00:00
Roland Gruber e61324a599 additional checks 2012-03-13 21:02:37 +00:00
Roland Gruber 91036c6281 log IPs 2011-07-26 19:17:14 +00:00
Roland Gruber 9c84da725b added fix for garbage collection on Debian based systems 2010-05-28 08:01:54 +00:00
Roland Gruber 90daf93e14 secured session handling 2010-02-06 11:50:26 +00:00
Roland Gruber 0a885bd081 added new log level LOG_DEBUG 2010-01-25 16:38:36 +00:00
Roland Gruber 50b0f5e731 new homepage 2009-10-27 18:47:12 +00:00
Roland Gruber d4886bb03f PHP 5.3 compatibility 2009-08-13 18:57:26 +00:00
Roland Gruber 13b165fd88 support memcache 2009-07-08 18:03:28 +00:00
Roland Gruber 13472acf8d added time stamp to log file 2009-05-21 16:19:12 +00:00
Roland Gruber 66e40c7222 log denied clients 2008-08-06 19:01:03 +00:00
Roland Gruber 99123b0d18 do not print errors of touch command 2008-05-16 17:32:02 +00:00
Roland Gruber e7e3b581f2 added password policies 2008-02-14 17:37:02 +00:00