Commit Graph

47 Commits

Author SHA1 Message Date
Roland Gruber 1a1d28a8af allow to set token if not yet done 2017-10-07 09:58:05 +02:00
Roland Gruber e99f8dae36 replaced MCrypt with OpenSSL 2017-04-02 19:37:06 +02:00
Roland Gruber 9a5ea26777 changed logout to be more fault tolerant 2017-02-27 19:25:47 +01:00
Roland Gruber 61f75e1dfa added more 2-factor options 2017-01-31 20:50:51 +01:00
Roland Gruber 7b2cef9981 fixed log message 2016-12-18 13:08:55 +01:00
Roland Gruber 5f725d3253 moved encryption functions to security.inc 2016-08-07 10:40:36 +02:00
Roland Gruber c02f80d996 prevent clickjacking 2015-12-19 09:31:21 +00:00
Roland Gruber 36f054b84e mark cookies HTTP only 2015-12-19 09:12:47 +00:00
Roland Gruber 8e125eb168 fixed IP check 2015-10-30 19:09:55 +00:00
Roland Gruber d9824cda40 better timezone handling 2015-08-23 08:18:30 +00:00
Roland Gruber 77a6a0d0c9 check if client IP is empty 2015-06-26 18:06:22 +00:00
Roland Gruber c34b040766 added CSRF protection 2015-05-14 09:18:45 +00:00
Roland Gruber a85d7174e5 #120 Use HTTP_X_REAL_IP to log ip addresses 2015-02-17 18:31:52 +00:00
Roland Gruber 092ca3ff57 added isLoggedIn() 2014-10-25 19:17:53 +00:00
Roland Gruber 180d2a8800 allow to display all PHP errors 2014-04-21 10:52:46 +00:00
Roland Gruber b1097df77b extended password policy 2014-04-05 18:42:46 +00:00
Roland Gruber a7d3773493 allow to set single account types read-only 2014-01-15 20:48:52 +00:00
Roland Gruber 56f4626626 added separate IP list for self service 2014-01-12 19:58:15 +00:00
Roland Gruber f1f74c5f9e set PHP error reporting to E_ALL & ~E_NOTICE by default 2013-10-18 17:43:09 +00:00
Roland Gruber 90e01cbcaa allow to specify SSL CA certificates in LAM main configuration 2013-08-10 12:43:01 +00:00
Roland Gruber 2940462f96 fix problems if password reset is continued in different browser 2013-07-28 17:49:20 +00:00
Roland Gruber 4f25877520 allow to hide buttons to create/delete accounts 2013-05-01 12:36:17 +00:00
Roland Gruber 6fc5c2ec8a fix session timeout 2013-03-01 18:22:40 +00:00
Roland Gruber 14724b889f better session timeout support for AJAX requests 2013-02-28 19:04:27 +00:00
Roland Gruber 43199cd804 better session timeout support for self service 2013-02-28 17:42:09 +00:00
Roland Gruber 79fcf4ca0e better tool protection 2012-07-22 10:37:01 +00:00
Roland Gruber e61324a599 additional checks 2012-03-13 21:02:37 +00:00
Roland Gruber 91036c6281 log IPs 2011-07-26 19:17:14 +00:00
Roland Gruber 9c84da725b added fix for garbage collection on Debian based systems 2010-05-28 08:01:54 +00:00
Roland Gruber 90daf93e14 secured session handling 2010-02-06 11:50:26 +00:00
Roland Gruber 0a885bd081 added new log level LOG_DEBUG 2010-01-25 16:38:36 +00:00
Roland Gruber 50b0f5e731 new homepage 2009-10-27 18:47:12 +00:00
Roland Gruber d4886bb03f PHP 5.3 compatibility 2009-08-13 18:57:26 +00:00
Roland Gruber 13b165fd88 support memcache 2009-07-08 18:03:28 +00:00
Roland Gruber 13472acf8d added time stamp to log file 2009-05-21 16:19:12 +00:00
Roland Gruber 66e40c7222 log denied clients 2008-08-06 19:01:03 +00:00
Roland Gruber 99123b0d18 do not print errors of touch command 2008-05-16 17:32:02 +00:00
Roland Gruber e7e3b581f2 added password policies 2008-02-14 17:37:02 +00:00
Roland Gruber 4808d138fd added new security model 2007-12-30 12:32:48 +00:00
Roland Gruber cf6979e3b4 added session id to log messages 2007-12-28 10:36:07 +00:00
Roland Gruber cd09a86d64 performance enhancements 2007-07-08 19:23:07 +00:00
Roland Gruber bbd7272c0c renamed config classes 2006-09-24 14:19:50 +00:00
Roland Gruber 8176cdccac added message for expired sessions 2006-05-01 08:56:40 +00:00
Roland Gruber 185d3fd2ce added host restriction 2006-04-25 11:25:07 +00:00
Roland Gruber 0fec1ae9c1 added logging 2006-04-23 16:33:25 +00:00
Roland Gruber ef8365d787 implemented session timeout 2006-04-18 10:57:16 +00:00
Roland Gruber d1d23d9a06 Security functions 2006-03-26 11:36:43 +00:00