summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-06-17Merge branch 'bug-773' into testserver-stableBenny Baumann
2014-06-17bug 773: Whitespace at EOL and indentationbug-773Benny Baumann
2014-06-17bug 773: correct email sending for domaincertsFelix Dörre
2014-06-17bug 773: fix sending email on revocation.Felix Dörre
Use the email (and language) of domain owner to send mail.
2014-06-16Merge branch 'bug-1183' into testserver-stableBenny Baumann
2014-06-15Merge branch 'bug-1223' into testserver-stableBenny Baumann
2014-06-15Merge branch 'release' into bug-1223Benny Baumann
Conflicts: pages/account/43.php
2014-06-15Merge branch 'bug-657' into testserver-stableBenny Baumann
2014-06-15bug 657: Whitespace formattingbug-657Benny Baumann
2014-06-15bug 657: Properly escape existing valuesBenny Baumann
2014-06-15Merge branch 'bug-657' into testserver-stableBenny Baumann
Conflicts: includes/notary.inc.php
2014-06-15Merge branch 'bug-597' into testserver-stableBenny Baumann
2014-06-15Merge branch 'bug-807' into testserver-stableBenny Baumann
2014-06-15bug 807: escaping value from the database.bug-807Felix Dörre
2014-06-15Merge branch 'bug-1273' into testserver-stableBenny Baumann
2014-06-15bug 1273: Move the one "escapeshellarg" in a new row.Felix Dörre
2014-06-15bug 1273: use runCommand where former "echo"-syntax was usedFelix Dörre
2014-06-15bug 1273: replace backtick operators with shell_execFelix Dörre
+ fix 1 missing escapeshellarg Commands used to locate: 1. find includes -type f -name '*.php' -exec cat {} \; \ | tr '\n' '?' | sed 's/\(\$query .\?= \|\ mysql_query(\|query_init (\)"\([^"]\|".\(\(intval\|mysql_real_escape_string\)\ (\$[^\$)]\+)\|\$_SESSION\(\['_config'\]\['user'\]\['Q[1-5]'\]\ \|['_config']['disablelogin']\)\)[ ?]*."\)*"/mysql-substitute/g'\ | tr '?' '\n' | grep --color=always "\`"|less -r and reviewing the queries by hand. This command replaces out strings obviously looking like sql_queries and then outputting al remaining backticks: starting with "$query = ,mysql_query, ..." and are only interrupted by "safe" calls: - mysql_real_escape_string - intval - pre_escaped session variables (This command may also be used for locating bad escaped sql_queries) 2. grep -r "\`\(grep\|/\|echo\|dig\|openssl\|gpg\|rm\|../\)" www includes pages \ | grep -v '\(from\|update\|into\) `gpg'
2014-06-15Merge branch 'bug-612' into testserver-stableBenny Baumann
2014-06-15bug 612: Using consistent date/time format, putting params in a new lineFelix Dörre
2014-06-15bug 612: add IP-Address and Time to "viewed secret questions"-message.Felix Dörre
2014-06-13Merge branch 'bug-807' into testserver-stableBenny Baumann
Conflicts: includes/lib/account.php
2014-06-13Merge branch 'bug-807' into releaseBenny Baumann
2014-06-13Merge branch 'release' into bug-807Benny Baumann
Conflicts: includes/account.php includes/lib/account.php pages/account/16.php
2014-06-13bug 807: copy md setting to new certificate when renewingFelix Dörre
When the user renews a certificate, copy the digest algorithm to the new certificate.
2014-06-11Merge branch 'bug-1280' into testserver-stableBenny Baumann
2014-06-11bug-1280: Variable naming, formatting, php-syntax-errorFelix Dörre
2014-06-11bug-1280: Handle more different types of "languages":Felix Dörre
- zh_CN => zh-cn (in various cases: ZH_cn, zh_cn, ...) - de => de (what the current GUI produces) - de_DE => de, en_AU => en, EN_AU => en (what may be left in the database) ... and more creative upper/lower-cases
2014-06-11bug-1280: Parse the language code from the locale.Felix Dörre
Splitting the string at "_" and lowering the characters.
2014-06-10Merge branch 'bug-1283' into testserver-stableBenny Baumann
2014-06-10bug 1283: remove double encodingbug-1283Felix Dörre
The locales are already encoded in the Database.
2014-06-09Merge branch 'bug-1282' into testserver-stableBenny Baumann
2014-06-09bug 1282: added a better check for id for the searchINOPIAE
2014-06-08Merge branch 'bug-1281' into testserver-stableBenny Baumann
2014-06-08bug 1281: Fix syntax error in SQL statementbug-1281Benny Baumann
2014-06-08bug 1281: Convert to Unix Line EndingsBenny Baumann
2014-06-08Merge branch 'release' into bug-657INOPIAE
2014-06-07Merge branch 'bug-929' into releaseBenny Baumann
2014-06-06Merge branch 'bug-1172' into releaseBenny Baumann
2014-06-06Merge branch 'bug-1138' into releaseBenny Baumann
2014-06-06Merge branch 'bug-1275' into releaseBenny Baumann
2014-06-06Merge branch 'bug-372' into releaseBenny Baumann
2014-06-06Merge branch 'bug-1138' into testserver-stableBenny Baumann
2014-06-06Merge branch 'bug-413' into bug-1138bug-1138Benny Baumann
Conflicts: pages/account/12.php pages/account/5.php
2014-05-27Merge branch 'bug-413' into testserver-stableBenny Baumann
Conflicts: pages/account/12.php
2014-05-27bug 413: Port same change as for 5.php over to 12.phpbug-413Benny Baumann
2014-05-27Merge branch 'bug-413' into testserver-stableBenny Baumann
Conflicts: pages/account/5.php
2014-05-27bug 413: Backport changes from 7aced740 by Michael Tänzer to avoid ↵Benny Baumann
conflicts when integrating both together
2014-05-27Merge branch 'bug-1138' into testserver-stableMichael Tänzer
2014-05-27bug 1138: that "if" should contain a blockMichael Tänzer
goto fail; Signed-off-by: Michael Tänzer <neo@nhng.de>