Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-06-06 | Merge branch 'bug-413' into bug-1138bug-1138 | Benny Baumann | |
Conflicts: pages/account/12.php pages/account/5.php | |||
2014-05-27 | bug 413: Port same change as for 5.php over to 12.phpbug-413 | Benny Baumann | |
2014-05-27 | bug 413: Backport changes from 7aced740 by Michael Tänzer to avoid ↵ | Benny Baumann | |
conflicts when integrating both together | |||
2014-05-27 | bug 1138: that "if" should contain a block | Michael Tänzer | |
goto fail; Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-20 | bug 1138: fix double-escaping in wot/10 | Benny Baumann | |
2014-05-01 | bug 1138: $verified is a string that is directly filled with data from the | Michael Tänzer | |
translation system => do not intval() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: This is an int, no need to mysql_real_escape() | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping of $_SESSION['_config']['OU'] and fix XSS | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping. | Michael Tänzer | |
These session variables should be local variables as they aren't needed anywhere else Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping in `description` which was stored into the | Michael Tänzer | |
session mysql_real_escaped Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping | Michael Tänzer | |
Yes it's ugly but should be fixed in a separate bug Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | Merge branch 'release' into bug-1138 | Benny Baumann | |
2014-04-30 | bug 1138: additional brackets for better readability | Benny Baumann | |
2014-04-30 | bug 1138: Reorder fields to better show which variables belong together | Benny Baumann | |
2014-04-30 | bug 1138: Whitespace changes and code formatting | Benny Baumann | |
2014-04-30 | bug 1138: And yet another bunch of escaping | Benny Baumann | |
2014-04-30 | bug 1138: Some escaping for the GnuPG code | Benny Baumann | |
2014-04-30 | bug 1138: And yet another bunch of missing escapes | Benny Baumann | |
2014-04-30 | bug 1138: And yet some more sanitizing of database query arguments | Benny Baumann | |
2014-04-30 | bug 1138: Add some more mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add some more mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add some mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add quite some instances of mising escaping | Benny Baumann | |
2014-04-30 | bug 1138: Be more paranoid regarding database query parameters | Benny Baumann | |
2014-04-30 | bug 1138: Properly bail out to remark on missing ticket number | Benny Baumann | |
2014-04-29 | bug 1138: Implement log parameter for output_assurances*() and use it for | Michael Tänzer | |
data summary Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Move rendering of the email addresses and such for each assurance | Michael Tänzer | |
into output_assurances_row() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Store the calculated awarded points in the row array to avoid | Michael Tänzer | |
parameters to the output_assurances_row() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Reduce number of parameters for output_assurances_row() | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Only revoke assurance if we actually found one | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | Merge branch 'bug-1221' into bug-1138 | Michael Tänzer | |
Conflicts: includes/account.php includes/general.php includes/loggedin.php includes/notary.inc.php pages/account/43.php pages/account/55.php pages/wot/10.php www/index.php www/wot.php Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Adjust the interface of calc_assurances() to be consistent andbug-1221 | Michael Tänzer | |
use the `deleted` column for the Thawte revocation Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Reduce number of parameters for calc_experience() and document it | Michael Tänzer | |
also respect revoked assurances and use calc_awarded() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Add comments and restrict TTP assurances | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Put the assurance method independent logic in one place | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Rename function to better reflect its use | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-21 | bug 1221: Move calc_points() up to the other point calculation functions | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-21 | Merge branch 'tarballs' into release | Michael Tänzer | |
2014-04-21 | Source code taken from cacert-20140419.tar.bz2 | Michael Tänzer | |
2014-04-19 | bug 1272: Fix for a typobug-1272 | Benny Baumann | |
2014-04-19 | bug 1272: Properly escape the filename passed to OpenSSL | Benny Baumann | |
2014-04-15 | Merge branch 'bug-1184' into release | Benny Baumann | |
2014-04-15 | Merge branch 'bug-1266' into release | Benny Baumann | |
2014-04-15 | bug 1221: remove redundant line | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-15 | bug 1221: properly name the other part of the assurance | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-14 | bug 1138: Require number suffix for valid ticket numbers | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-11 | bug 1138: Set $oldid | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-11 | bug 1138: Always provide a back link | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-11 | bug 1138: correct colspan for cert tables | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-11 | bug 1138: Only use support engineer mode if not viewing own history | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> |