Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-06-12 | Revert "Alternative proposal by egal in ↵HEADrelease | Bernhard Fröhlich | |
https://bugs.cacert.org/view.php?id=1526#c6009" As discussed in mails, the initial naming scheme should be used This reverts commit eb9d3c06791154cc71a97d7d845ef54435c87b6f. | |||
2021-06-09 | Alternative proposal by egal in https://bugs.cacert.org/view.php?id=1526#c6009 | Bernhard Fröhlich | |
2021-06-09 | Changes as proposed by alkas in https://bugs.cacert.org/view.php?id=1526#c6008 | Bernhard Fröhlich | |
2019-03-31 | Removed extraneous heading message and added comment explaining things. | bdmc | |
2019-03-29 | Corrected SHA-1 and SHA-256 fingerprints on all forms and pages. | bdmc | |
2019-03-19 | Added SHA-1 fingerprints to page 3. | bdmc | |
2018-11-28 | Bug 1305; new certs; deleted entry for windows installer .msi-file | Karl-Heinz Gödderz (GuKKDevel) | |
2018-11-16 | Bug 1305; new cerificates; rename certificates to corresponding version; | Karl-Heinz Gödderz (GuKKDevel) | |
changing pages/index/3 to access the new certs | |||
2018-10-31 | Bug-1305; Second part introducing the new cerificates | Karl-Heinz Gödderz (GuKKDevel) | |
2014-12-16 | Merge branch 'release' into bug-1131bug-1131 | Benny Baumann | |
Conflicts: pages/wot/6.php www/policy/CAcertCommunityAgreement.php The conflict in the CCA document page was introduced due to the rename of the file. This instance can be safely ignored, as bug 1131 introduces a new version superseeding the old document. The instance in pages/wot/6.php is a bit more complicated, but basically results from a change of bug 1137 and the modified paths to the policy documents. | |||
2014-12-05 | Merge remote-tracking branch 'origin/bug-790' into release | Michael Tänzer | |
2014-11-23 | Merge branch 'bug-1273' into release | Benny Baumann | |
2014-11-23 | Merge branch 'bug-1192' into release | Benny Baumann | |
2014-11-18 | Merge branch 'bug-1339' into release | Benny Baumann | |
2014-11-15 | bug-1339: remove all traces of OTPbug-1339 | Felix Dörre | |
2014-10-14 | bug-1192: changed text on index/52.phpbug-1192 | INOPIAE | |
2014-10-07 | bug-790: update the text for orgClientCertbug-790 | Felix Dörre | |
According to common decision in SAP meeting. | |||
2014-10-07 | bug-790: Add a descriptive text for orgClient ... | Felix Dörre | |
... to help people to see where the CSR should go. | |||
2014-09-30 | bug-1192: added explanation text | INOPIAE | |
2014-09-23 | bug-709: change spkac-text, wrap crt with <pre>s | Felix Dörre | |
2014-09-23 | bug-790: do translation, fix cert download | Felix Dörre | |
2014-09-23 | bug-790: implement that thing. | Felix Dörre | |
2014-07-27 | bug 1291: Another XSS | Benny Baumann | |
2014-07-15 | Merge branch 'bug-1226' into release | Benny Baumann | |
2014-07-15 | Merge branch 'bug-1283' into release | Benny Baumann | |
2014-07-15 | Merge branch 'bug-1281' into release | Benny Baumann | |
2014-07-15 | Merge branch 'bug-1280' into release | Benny Baumann | |
2014-06-22 | bug 1226: Only consider values above 1900 as the year when returning a ↵bug-1226 | Benny Baumann | |
pre-filled form | |||
2014-06-21 | bug 1226: Treat the date values as integer | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-06-21 | bug 1280: Implement normalisation in of language codes in the L10n classbug-1280 | Michael Tänzer | |
and use it (in set_translation() and the Assurer contact form) Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-06-21 | Revert "bug-1280: Parse the language code from the locale." | Michael Tänzer | |
This reverts commit f3885b3bc9ff61da78fb541151f16b0ecfdf62eb. | |||
2014-06-21 | Revert "bug-1280: Handle more different types of "languages":" | Michael Tänzer | |
This reverts commit 0730c9df3eb440205d7963e3c0762765d9b47031. | |||
2014-06-21 | Revert "bug-1280: Variable naming, formatting, php-syntax-error" | Michael Tänzer | |
This reverts commit 6b1cd2a57b0aaa88374b1098df40cc6f73cdff5d. | |||
2014-06-15 | bug 1273: replace backtick operators with shell_exec | Felix Dörre | |
+ fix 1 missing escapeshellarg Commands used to locate: 1. find includes -type f -name '*.php' -exec cat {} \; \ | tr '\n' '?' | sed 's/\(\$query .\?= \|\ mysql_query(\|query_init (\)"\([^"]\|".\(\(intval\|mysql_real_escape_string\)\ (\$[^\$)]\+)\|\$_SESSION\(\['_config'\]\['user'\]\['Q[1-5]'\]\ \|['_config']['disablelogin']\)\)[ ?]*."\)*"/mysql-substitute/g'\ | tr '?' '\n' | grep --color=always "\`"|less -r and reviewing the queries by hand. This command replaces out strings obviously looking like sql_queries and then outputting al remaining backticks: starting with "$query = ,mysql_query, ..." and are only interrupted by "safe" calls: - mysql_real_escape_string - intval - pre_escaped session variables (This command may also be used for locating bad escaped sql_queries) 2. grep -r "\`\(grep\|/\|echo\|dig\|openssl\|gpg\|rm\|../\)" www includes pages \ | grep -v '\(from\|update\|into\) `gpg' | |||
2014-06-13 | Merge branch 'release' into bug-807 | Benny Baumann | |
Conflicts: includes/account.php includes/lib/account.php pages/account/16.php | |||
2014-06-11 | bug-1280: Variable naming, formatting, php-syntax-error | Felix Dörre | |
2014-06-11 | bug-1280: Handle more different types of "languages": | Felix Dörre | |
- zh_CN => zh-cn (in various cases: ZH_cn, zh_cn, ...) - de => de (what the current GUI produces) - de_DE => de, en_AU => en, EN_AU => en (what may be left in the database) ... and more creative upper/lower-cases | |||
2014-06-11 | bug-1280: Parse the language code from the locale. | Felix Dörre | |
Splitting the string at "_" and lowering the characters. | |||
2014-06-10 | bug 1283: remove double encodingbug-1283 | Felix Dörre | |
The locales are already encoded in the Database. | |||
2014-06-08 | bug 1281: Fix syntax error in SQL statementbug-1281 | Benny Baumann | |
2014-06-08 | bug 1281: Convert to Unix Line Endings | Benny Baumann | |
2014-06-06 | Merge branch 'bug-413' into bug-1138bug-1138 | Benny Baumann | |
Conflicts: pages/account/12.php pages/account/5.php | |||
2014-05-27 | bug 413: Port same change as for 5.php over to 12.phpbug-413 | Benny Baumann | |
2014-05-27 | bug 413: Backport changes from 7aced740 by Michael Tänzer to avoid ↵ | Benny Baumann | |
conflicts when integrating both together | |||
2014-05-20 | bug 1138: fix double-escaping in wot/10 | Benny Baumann | |
2014-05-01 | bug 1138: $verified is a string that is directly filled with data from the | Michael Tänzer | |
translation system => do not intval() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: This is an int, no need to mysql_real_escape() | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping of $_SESSION['_config']['OU'] and fix XSS | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-30 | bug 1138: Whitespace changes and code formatting | Benny Baumann | |
2014-04-30 | bug 1138: And yet another bunch of escaping | Benny Baumann | |