1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-10 00:23:01 +00:00
Commit graph

49 commits

Author SHA1 Message Date
4853c1f604
fix login when hosting Pepperminty Wiki in a subdirectory 2021-09-30 21:26:30 +01:00
7cf545a3ca
Fix more intelligent returnto redirect 2021-09-30 21:06:07 +01:00
fa407ce99d
login: regenerate sessiono token on login; make returnto sanitisation more intelligent 2021-09-27 21:32:39 +01:00
4f3a1c3757
Display returnto URL above the login form if present to further mitigate CSRF issues 2021-09-27 20:51:12 +01:00
f59e68127c
Ensured that the returnto GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome) 2021-09-21 13:40:12 +01:00
c0c2bd7f6a
page-login: minor htmlentities for breakfast, lunch, and tea 2021-09-03 01:37:11 +01:00
880c9e3796
Send x-robots-tag: noindex,nofollow with the login page
SemrushBot, you better obey this one
2020-10-26 18:59:53 +00:00
cfd087d919
Add MPL 2.0 short header to core code files 2020-09-23 23:22:39 +01:00
93bff09422
Update hide_email implementation
It now requires Javascript to decode the email address. If this is a 
problem for whatever reason, please get in touch by opening an issue. I 
take accessibility very seriously.
2020-08-09 23:53:29 +01:00
1ec1705a62
Standardise error_log prefixes to aid clarity in multi-wiki environments 2020-07-28 19:42:41 +01:00
beb4e2e968
noindex, nofollow login pages to try and stop bots from getting into infinite loops 2020-06-11 20:52:25 +01:00
ad8d05a3eb
fix whitespace 2020-04-18 13:00:50 +01:00
Sean Feeney
171f9f4874
patching PHP 7.3.11 issue and double dot in file uploads 2020-04-18 13:00:50 +01:00
6213a6e715
Refactor login code a bit to reduce nesting 2019-10-07 18:19:48 +01:00
0e8a27e7f7
Improve comments 2019-05-11 12:13:06 +01:00
50efd4bb49
Bump versions 2019-05-06 23:48:34 +01:00
4e801c4692
Bugfix: Consolidate user->email & user->emailAddress.
Also add an auto-migrator on login.

Fixes #167
2019-05-06 23:44:38 +01:00
f69c74fcd0
It's time for v0.17! 😺 🎆 2018-10-20 17:25:12 +01:00
197d065266
Restrict new hidden hash-cost-test action to moderators or better 2018-09-30 14:50:35 +01:00
57ec8b82b5
Bugfix: Fix inadvertent cost-climbing when recalculating the password hashing cost 2018-09-30 14:47:54 +01:00
707d1c6853
Add moar docblock comments 2018-05-25 12:07:51 +01:00
5961d11e76
Make sure the user actually exists before checking their password 2018-05-13 17:13:25 +01:00
62dff18b4d
Comment verify_password 2018-05-11 11:36:29 +01:00
c64aaa72db
Bugfix the login system changes. It works!
The issue was actually in that I hadn't created a password_verify
wrapper
2018-05-11 11:34:57 +01:00
d5b37e3ec0
Bugfix sessionprefix and password hashing, but it's still not working right. 2018-05-11 00:18:21 +01:00
ae8412ddaf
Bugfix automatic password hash recalculation 2018-05-10 23:59:41 +01:00
41ea63281c
Skip the password hashing cost recheck if it's been disabled 2018-05-10 23:30:00 +01:00
1cc92ba260
Automate password cost checking 2018-05-10 23:28:08 +01:00
8010770fd4
It's time to get serious with password hashing.
I've left this far to long. Now for the testing.....
2018-05-10 23:03:26 +01:00
25a6050768
Fix checklogin api docs 2018-03-30 16:40:29 +01:00
b1de0c3663
Add x-login-success header to login responses 2018-03-30 13:17:06 +01:00
307d1bc889 Document *all* teh things.
Well, _almost_ all teh things :P I'm experimenting with phpDocumentor,
so expect some better module api docs to appear sometime soon :D
2017-09-15 23:06:10 +01:00
7ba0d62cc8 Update users object to support storing arbitrary data. 2016-12-12 18:38:26 +00:00
3ddd63909e Redirect the user if they have already logged in. Fixes #102. 2016-08-24 19:12:37 +01:00
60856e4046 Fix login issues under new settings system, and tweak login bar a bit too 2016-06-22 13:04:04 +01:00
ad6a12da5b Finish initial settings rewrite 2016-06-22 09:13:32 +01:00
60505dfb0a Finish documentation. 2016-06-15 19:20:03 +01:00
618fa54423 Fixed #77 (Logins don't redirect...) 2016-06-04 20:27:14 +01:00
6e21a2aba6 Make username box autofocus 2016-04-09 11:02:25 +01:00
be86dac917 Continue writing help section for various modules. 2015-12-21 14:03:21 +00:00
5ef0b1b7c9 Bump version of page-login 2015-11-14 15:55:57 +00:00
1cca9a9f73 Redirect to the last page viewed. Fixes #38. 2015-11-14 15:41:28 +00:00
3711f10e5c Add option to require login before viewing pages. Currently halfway through #38. 2015-11-14 15:22:35 +00:00
293f9e94f0 Add use_sha3 option to settings in light of recent developments with sha256 2015-10-10 13:00:46 +01:00
4cabf42666 Convert all existing modules over to new $env 2015-09-22 14:34:18 +01:00
e465a05083 Erm what's happening here...? 2015-09-19 10:19:56 +01:00
4d7dd3a0a8 Style inputs and textareas 2015-07-27 15:06:41 +01:00
81dfe2267b updated modules & fixed bugs in initial implementation 2015-05-24 21:00:30 +01:00
58456834c6 begun modularisation process. Everything is broken! (no new build though.) 2015-04-11 18:30:01 +01:00