63 Commits

Author	SHA1	Message	Date
Roland Gruber	5b14134108	spell checking	2020-03-03 20:34:06 +01:00
Roland Gruber	b7ab251f6c	spell checking	2020-03-02 15:20:18 +01:00
Roland Gruber	1acf7c95e4	added feature policy	2019-08-16 22:09:31 +02:00
Roland Gruber	bf777b2e99	Duo support	2019-08-13 17:03:30 +02:00
Roland Gruber	e0a82bc70d	removed decrypt_login()	2019-08-05 21:56:06 +02:00
Roland Gruber	6d392e51ee	refactoring	2019-07-31 21:19:42 +02:00
Roland Gruber	5a6506cf6d	fixed logging	2019-03-01 18:28:14 +01:00
Roland Gruber	575b700604	implemented logging	2019-02-23 20:29:45 +01:00
Roland Gruber	ffe2316003	added configuration for remote logging	2019-02-23 19:44:10 +01:00
Roland Gruber	1bd598b0c3	set security headers	2019-02-01 19:38:03 +01:00
Roland Gruber	cf25c31a37	refactoring	2018-12-29 09:51:51 +01:00
Roland Gruber	fa67431df3	external password check	2018-04-10 21:32:26 +02:00
Roland Gruber	993751c7ff	changed CSRF token handling from GET to POST	2018-03-14 20:06:09 +01:00
Roland Gruber	eb99b37ddb	set secure flag for session cookie	2018-03-10 18:48:11 +01:00
Roland Gruber	fa9f2490ec	responsive	2018-01-13 19:58:55 +01:00
Roland Gruber	57c169e700	added isDebugLoggingEnabled()	2017-10-29 11:33:07 +01:00
Roland Gruber	1a1d28a8af	allow to set token if not yet done	2017-10-07 09:58:05 +02:00
Roland Gruber	e99f8dae36	replaced MCrypt with OpenSSL	2017-04-02 19:37:06 +02:00
Roland Gruber	9a5ea26777	changed logout to be more fault tolerant	2017-02-27 19:25:47 +01:00
Roland Gruber	61f75e1dfa	added more 2-factor options	2017-01-31 20:50:51 +01:00
Roland Gruber	7b2cef9981	fixed log message	2016-12-18 13:08:55 +01:00
Roland Gruber	5f725d3253	moved encryption functions to security.inc	2016-08-07 10:40:36 +02:00
Roland Gruber	c02f80d996	prevent clickjacking	2015-12-19 09:31:21 +00:00
Roland Gruber	36f054b84e	mark cookies HTTP only	2015-12-19 09:12:47 +00:00
Roland Gruber	8e125eb168	fixed IP check	2015-10-30 19:09:55 +00:00
Roland Gruber	d9824cda40	better timezone handling	2015-08-23 08:18:30 +00:00
Roland Gruber	77a6a0d0c9	check if client IP is empty	2015-06-26 18:06:22 +00:00
Roland Gruber	c34b040766	added CSRF protection	2015-05-14 09:18:45 +00:00
Roland Gruber	a85d7174e5	#120 Use HTTP_X_REAL_IP to log ip addresses	2015-02-17 18:31:52 +00:00
Roland Gruber	092ca3ff57	added isLoggedIn()	2014-10-25 19:17:53 +00:00
Roland Gruber	180d2a8800	allow to display all PHP errors	2014-04-21 10:52:46 +00:00
Roland Gruber	b1097df77b	extended password policy	2014-04-05 18:42:46 +00:00
Roland Gruber	a7d3773493	allow to set single account types read-only	2014-01-15 20:48:52 +00:00
Roland Gruber	56f4626626	added separate IP list for self service	2014-01-12 19:58:15 +00:00
Roland Gruber	f1f74c5f9e	set PHP error reporting to E_ALL & ~E_NOTICE by default	2013-10-18 17:43:09 +00:00
Roland Gruber	90e01cbcaa	allow to specify SSL CA certificates in LAM main configuration	2013-08-10 12:43:01 +00:00
Roland Gruber	2940462f96	fix problems if password reset is continued in different browser	2013-07-28 17:49:20 +00:00
Roland Gruber	4f25877520	allow to hide buttons to create/delete accounts	2013-05-01 12:36:17 +00:00
Roland Gruber	6fc5c2ec8a	fix session timeout	2013-03-01 18:22:40 +00:00
Roland Gruber	14724b889f	better session timeout support for AJAX requests	2013-02-28 19:04:27 +00:00
Roland Gruber	43199cd804	better session timeout support for self service	2013-02-28 17:42:09 +00:00
Roland Gruber	79fcf4ca0e	better tool protection	2012-07-22 10:37:01 +00:00
Roland Gruber	e61324a599	additional checks	2012-03-13 21:02:37 +00:00
Roland Gruber	91036c6281	log IPs	2011-07-26 19:17:14 +00:00
Roland Gruber	9c84da725b	added fix for garbage collection on Debian based systems	2010-05-28 08:01:54 +00:00
Roland Gruber	90daf93e14	secured session handling	2010-02-06 11:50:26 +00:00
Roland Gruber	0a885bd081	added new log level LOG_DEBUG	2010-01-25 16:38:36 +00:00
Roland Gruber	50b0f5e731	new homepage	2009-10-27 18:47:12 +00:00
Roland Gruber	d4886bb03f	PHP 5.3 compatibility	2009-08-13 18:57:26 +00:00
Roland Gruber	13b165fd88	support memcache	2009-07-08 18:03:28 +00:00