sbrl-github/Pepperminty-Wiki
sbrl-github
/
Pepperminty-Wiki
mirror of https://github.com/sbrl/Pepperminty-Wiki.git
1
0
Fork 0
Code
1,863 Commits 5 Branches 62 Tags 9.2 MiB
Commit Graph

49 Commits

Author SHA1 Message Date
Starbeamrainbowlabs 4853c1f604
fix login when hosting Pepperminty Wiki in a subdirectory 2021-09-30 21:26:30 +01:00
Starbeamrainbowlabs 7cf545a3ca
Fix more intelligent returnto redirect 2021-09-30 21:06:07 +01:00
Starbeamrainbowlabs fa407ce99d
login: regenerate sessiono token on login; make returnto sanitisation more intelligent 2021-09-27 21:32:39 +01:00
Starbeamrainbowlabs 4f3a1c3757
Display returnto URL above the login form if present to further mitigate CSRF issues 2021-09-27 20:51:12 +01:00
Starbeamrainbowlabs f59e68127c
Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome) 2021-09-21 13:40:12 +01:00
Starbeamrainbowlabs c0c2bd7f6a
page-login: minor htmlentities for breakfast, lunch, and tea 2021-09-03 01:37:11 +01:00
Starbeamrainbowlabs 880c9e3796
Send `x-robots-tag: noindex,nofollow` with the login page 
SemrushBot, you better obey this one
 2020-10-26 18:59:53 +00:00
Starbeamrainbowlabs cfd087d919
Add MPL 2.0 short header to core code files 2020-09-23 23:22:39 +01:00
Starbeamrainbowlabs 93bff09422
Update hide_email implementation 
It now requires Javascript to decode the email address. If this is a 
problem for whatever reason, please get in touch by opening an issue. I 
take accessibility very seriously.
 2020-08-09 23:53:29 +01:00
Starbeamrainbowlabs 1ec1705a62
Standardise error_log prefixes to aid clarity in multi-wiki environments 2020-07-28 19:42:41 +01:00
Starbeamrainbowlabs beb4e2e968
noindex, nofollow login pages to try and stop bots from getting into infinite loops 2020-06-11 20:52:25 +01:00
Starbeamrainbowlabs ad8d05a3eb
fix whitespace 2020-04-18 13:00:50 +01:00
Sean Feeney 171f9f4874
patching PHP 7.3.11 issue and double dot in file uploads 2020-04-18 13:00:50 +01:00
Starbeamrainbowlabs 6213a6e715
Refactor login code a bit to reduce nesting 2019-10-07 18:19:48 +01:00
Starbeamrainbowlabs 0e8a27e7f7
Improve comments 2019-05-11 12:13:06 +01:00
Starbeamrainbowlabs 50efd4bb49
Bump versions 2019-05-06 23:48:34 +01:00
Starbeamrainbowlabs 4e801c4692
Bugfix: Consolidate user->email & user->emailAddress. 
Also add an auto-migrator on login.

Fixes #167
 2019-05-06 23:44:38 +01:00
Starbeamrainbowlabs f69c74fcd0
It's time for v0.17! 😺 🎆 2018-10-20 17:25:12 +01:00
Starbeamrainbowlabs 197d065266
Restrict new hidden hash-cost-test action to moderators or better 2018-09-30 14:50:35 +01:00
Starbeamrainbowlabs 57ec8b82b5
Bugfix: Fix inadvertent cost-climbing when recalculating the password hashing cost 2018-09-30 14:47:54 +01:00
Starbeamrainbowlabs 707d1c6853
Add moar docblock comments 2018-05-25 12:07:51 +01:00
Starbeamrainbowlabs 5961d11e76
Make sure the user actually exists before checking their password 2018-05-13 17:13:25 +01:00
Starbeamrainbowlabs 62dff18b4d
Comment verify_password 2018-05-11 11:36:29 +01:00
Starbeamrainbowlabs c64aaa72db
Bugfix the login system changes. It works! 
The issue was actually in that I hadn't created a password_verify
wrapper
 2018-05-11 11:34:57 +01:00
Starbeamrainbowlabs d5b37e3ec0
Bugfix sessionprefix and password hashing, but it's still not working right. 2018-05-11 00:18:21 +01:00
Starbeamrainbowlabs ae8412ddaf
Bugfix automatic password hash recalculation 2018-05-10 23:59:41 +01:00
Starbeamrainbowlabs 41ea63281c
Skip the password hashing cost recheck if it's been disabled 2018-05-10 23:30:00 +01:00
Starbeamrainbowlabs 1cc92ba260
Automate password cost checking 2018-05-10 23:28:08 +01:00
Starbeamrainbowlabs 8010770fd4
It's time to get serious with password hashing. 
I've left this far to long. Now for the testing.....
 2018-05-10 23:03:26 +01:00
Starbeamrainbowlabs 25a6050768
Fix checklogin api docs 2018-03-30 16:40:29 +01:00
Starbeamrainbowlabs b1de0c3663
Add x-login-success header to login responses 2018-03-30 13:17:06 +01:00
Starbeamrainbowlabs 307d1bc889 Document *all* teh things. 
Well, _almost_ all teh things :P I'm experimenting with phpDocumentor,
so expect some better module api docs to appear sometime soon :D
 2017-09-15 23:06:10 +01:00
Starbeamrainbowlabs 7ba0d62cc8 Update users object to support storing arbitrary data. 2016-12-12 18:38:26 +00:00
Starbeamrainbowlabs 3ddd63909e Redirect the user if they have already logged in. Fixes #102. 2016-08-24 19:12:37 +01:00
Starbeamrainbowlabs 60856e4046 Fix login issues under new settings system, and tweak login bar a bit too 2016-06-22 13:04:04 +01:00
Starbeamrainbowlabs ad6a12da5b Finish initial settings rewrite 2016-06-22 09:13:32 +01:00
Starbeamrainbowlabs 60505dfb0a Finish documentation. 2016-06-15 19:20:03 +01:00
Starbeamrainbowlabs 618fa54423 Fixed #77 (Logins don't redirect...) 2016-06-04 20:27:14 +01:00
Starbeamrainbowlabs 6e21a2aba6 Make username box autofocus 2016-04-09 11:02:25 +01:00
Starbeamrainbowlabs be86dac917 Continue writing help section for various modules. 2015-12-21 14:03:21 +00:00
Starbeamrainbowlabs 5ef0b1b7c9 Bump version of page-login 2015-11-14 15:55:57 +00:00
Starbeamrainbowlabs 1cca9a9f73 Redirect to the last page viewed. Fixes #38. 2015-11-14 15:41:28 +00:00
Starbeamrainbowlabs 3711f10e5c Add option to require login before viewing pages. Currently halfway through #38. 2015-11-14 15:22:35 +00:00
Starbeamrainbowlabs 293f9e94f0 Add use_sha3 option to settings in light of recent developments with sha256 2015-10-10 13:00:46 +01:00
Starbeamrainbowlabs 4cabf42666 Convert all existing modules over to new $env 2015-09-22 14:34:18 +01:00
Starbeamrainbowlabs e465a05083 Erm what's happening here...? 2015-09-19 10:19:56 +01:00
Starbeamrainbowlabs 4d7dd3a0a8 Style inputs and textareas 2015-07-27 15:06:41 +01:00
Starbeamrainbowlabs 81dfe2267b updated modules & fixed bugs in initial implementation 2015-05-24 21:00:30 +01:00
Starbeamrainbowlabs 58456834c6 begun modularisation process. Everything is broken! (no new build though.) 2015-04-11 18:30:01 +01:00