Commit Graph

69 Commits

Author SHA1 Message Date
dew-git 3940e804e3 Remove uneeded variable. 2019-10-10 20:48:13 -08:00
dew-git 811cdcdfcb Fix security vulnerbilities.
Fix possible length extension attack, predicable generators, timing attacks on hash comparision and improved formatting.
2019-10-10 15:21:41 -08:00
Hypolite Petovan f4d06ebd47 Remove useless theme session variable deletions in modules 2019-10-06 12:08:15 -04:00
Hypolite Petovan e16c410b59 Hide registration button on login page when registration are closed 2019-07-15 09:11:21 -04:00
Hypolite Petovan 01e71254d9 Replace defaults() calls on $_SESSION by Core\Session calls
- Replace direct calls to $_SESSION by Core\Session calls in Module\Login
2019-05-26 21:26:59 -04:00
Hypolite Petovan 6071fe81b4 Move Authentication::setAuthenticatedSessionForUser to Session::setAuthenticatedForUser 2019-05-13 01:51:59 -04:00
Hypolite Petovan cef6757c92 Replace REGISTER_* constants by Module\Register::* ones 2019-01-22 22:24:15 -05:00
Philipp Holzer c38782731f changing failed auth to warning 2019-01-21 10:54:41 -05:00
Philipp Holzer b5afd2a21d change regex for fail2ban 2019-01-21 10:54:40 -05:00
Philipp Holzer aa15c0e094 Bugfixing Monolog
- Default Loglevel for logs set to 'info'
- Default config level is set to 'notice'
- using 'notice' for auth-failures
- Bugfixing wrong usage of legacy 'log()'
2019-01-21 10:54:39 -05:00
Hypolite Petovan 3282ce5389 Fix PHPDoc comments project-wide 2019-01-21 10:35:51 -05:00
Hypolite Petovan 55e54bb950 Replace deprecated Addon::callHooks with Hook::callAll
- Update documentation
2019-01-21 09:50:56 -05:00
Michael c1dec50248 Avoiding some notices 2019-01-13 18:03:13 +00:00
Hypolite Petovan acaee626f5 Remove include/ requires that are now done directly from Composer 2018-12-24 09:56:25 -05:00
Hypolite Petovan 458981f75c Replace x() by isset(), !empty() or defaults()
- Remove extraneous parentheses around empty() calls
- Remove duplicate calls to intval(), count() or strlen() after empty()
- Replace ternary operators outputting binary value with empty() return value
- Rewrite defaults() without x()
2018-11-30 09:06:22 -05:00
Michael e1875cf206 Fixes notice "PHP Notice: Undefined index: return_path" 2018-11-13 18:10:37 +00:00
Adam Magness 218f0734be Rename removeTags to escapeTags
rename function and update calls.
2018-11-09 13:29:42 -05:00
Adam Magness a0f65ca7a1 notags calls
implement removeTags function
2018-11-08 10:14:37 -05:00
Adam Magness 35abc4bb64 get markup template
implement getMarkupTemplate function
2018-10-31 10:44:06 -04:00
Adam Magness 91facd2d0a replace macros
implement new replaceMacros function
2018-10-31 10:35:50 -04:00
Adam Magness 14fde5dc9b Log function
implement log() function.
2018-10-30 09:57:14 -04:00
Philipp Holzer 3edad1591e
replaced $return_url to $return_path to make it more clear that it is a relative path to the Friendica baseurl 2018-10-22 22:13:37 +02:00
Philipp Holzer d00ddc01af
Split goaway to System::externalRedirectTo() and App->internalRedirect() 2018-10-22 22:13:35 +02:00
Philipp Holzer 2ef81108b3
Renamed System::redirect() to $a->redirect() 2018-10-22 22:13:22 +02:00
Jonny Tischbein f3fc1f36ca Renaming functions + moving functions from security to Model/Item and BaseModule + fix multiline comments 2018-10-17 21:30:41 +02:00
Jonny Tischbein ce2b1f5715 Rename function Authentication::authenticate_success to Authentication::success 2018-10-17 18:45:32 +02:00
Jonny Tischbein 05be2db725 Move include/security tp /src/Core/Authentication and /src/Util/Security 2018-10-17 14:19:58 +02:00
Philipp Holzer 5a02e39a65
Rename App Methods
- renamed a lot of App methods to CamelCase
- replaced direct public variables with get-/set-Methods
2018-10-10 00:16:06 +02:00
Jonny Tischbein 2db2b79bfa Give Login Form previous URL to return to. SESSION var is empty if invalid page. empty args is catched by function 2018-10-09 21:38:17 +02:00
Jonny Tischbein 28456de249 Save return_url before login. Add login mask to many sites if not logged in. 2018-10-07 16:34:08 +02:00
Jonny Tischbein ee32459358 goaway with argument 2018-10-03 18:28:04 +02:00
Jonny Tischbein 3c9b33176f Static reason for login failure to prevent bruteforce 2018-10-03 14:32:16 +02:00
Jonny Tischbein 3ecabe0291 Fix goaway url when login failed + using info to display message 2018-10-03 13:10:49 +02:00
Hypolite Petovan 9d0a6f90b6 Update "mrpetovan" email address
- Fix Tobias' email address
- Fix copypasted doc block in Console/PostUpdate
2018-09-15 19:28:38 -04:00
Michael Vogel 7f3fb34c24 Some easy to replace "q" calls have been replaced by "DBA" calls (#5632)
* Some easy to replace "q" calls have been replaced by "DBA" calls

* Simplified the GUID creation

* And one in the API ...

* And OStatus has got some DBA calls more

* Just some more replaced database calls

* The event query is now simplified

* Events are now shown again

* subthread is now using the DBA calls as well

* Some more replaced database calls

* And some more replaced database calls and prevented notices

* Better use gravity

* Some more replaced database stuff

* Some more replaced database calls in DFRN.php

* The gcontact class now has got the new DBA functions as well

* The Contact class is now changed to new database functions as well

* Small correction

* We can now delete without cascade

* One more functionality is safe for future changes
2018-08-19 12:46:10 +00:00
Hypolite Petovan ecea7425f8 Rename DBA::is_result to DBA::isResult 2018-07-23 11:04:14 -04:00
Hypolite Petovan 0ec44f3e8a Rename DBM method calls to DBA method calls 2018-07-23 11:02:24 -04:00
Hypolite Petovan af6dbc654f Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 08:19:26 -04:00
Hypolite Petovan daa1177e3a Update use statement lists with new Friendica\Database\dba class
- Remove unused use statement
- Remove superfluous use statements (classes in the same namespace)
- Add missing use statements
2018-07-19 22:15:21 -04:00
Hypolite Petovan 67dc08d120 Enforce systen.register_policy value type 2018-07-16 19:38:19 -04:00
Hypolite Petovan 762a786611 Replace direct accesses to App->config by Config::get/set calls 2018-07-16 19:38:16 -04:00
Michael Vogel 0360f7197a Several more warnings ... (#5340)
* Some more warnings removed

* Even more warnings ...

* Will it ever end? ;-)

* Avoid warning in dbstructure

* Origin and OStatus ...

* There are more warnings solved ... yeah!

* And again ...

* We are not done yet

* And more ...

* And some new places ...

* And more in the feeds

* Avoid some more

* And some backend stuff

* Notifications cleared

* Some more stuff

* and again ...

* It's getting fewer ...

* Some warnings had been hidden in the notifications

* Fix the fix

* And another missing one ...

* We need the owner here, not the user

* Forgotten user

* And more ...

* And some more warnings disappeared ...

* Some more frontend warnings

* Some backend warnings removed

* Fixed sidebar for "vier"

* And more ...

* Some more ...

* And something for "remote self"

* Am I stuck in an endless loop?

* Fix: Clear tag and file field on update

* Preset page content
2018-07-10 08:27:56 -04:00
Roland Häder 6129eb1623
OpenId possibly fixed:
- The LightOpenId class' constructor now requires the hostname from where the
  requested started, added it now
- sometimes need to invoke get_app() as $a was not around

Signed-off-by: Roland Häder <roland@mxchange.org>
2018-05-17 00:24:25 +02:00
Hypolite Petovan 8a9917857e Handle authentication exceptions in Login module
- Break down large methods into smaller ones
- Add more authentication exception
- Add a legacy User::authenticate method
2018-02-09 00:08:01 -05:00
Hypolite Petovan f020292408 Remove references to include/datetime 2018-02-03 20:47:37 -05:00
Hypolite Petovan 5e7285b9ba Move Temporal::convert() to DateTimeFormat::convert() 2018-02-03 08:56:55 -05:00
Hypolite Petovan 35d06bd9eb Add Temporal::utc() shorthand to Temporal::convert() 2018-02-03 08:56:53 -05:00
Hypolite Petovan 8aff8a76eb Add Temporal::utcNow() 2018-02-03 08:56:52 -05:00
Hypolite Petovan dc366bf1f7 Refactor datetime_convert into Temporal::convert
- Changed parameter order to save space
- Refactor select_timezone into Temporal::getTimezoneSelect
- Refactor field_timezone into Temporal::getTimezoneField
2018-02-03 08:56:51 -05:00
Hypolite Petovan 236616995b Remove references to library/openid 2018-01-27 18:28:04 -05:00