| #
3f5dc40d |
| 01-Apr-2021 |
Nikita Popov |
Use db_query_safe() in more places
Replace most of the raw mysql_query() calls.
|
| #
c8506579 |
| 31-Mar-2021 |
Nikita Popov |
Remove get_magic_quotes_gpc() checks
master.php.net runs PHP 5.4, where magic quotes no longer exist.
Add a sanity check that they're really disable, and drop code
handling them. The
Remove get_magic_quotes_gpc() checks
master.php.net runs PHP 5.4, where magic quotes no longer exist.
Add a sanity check that they're really disable, and drop code
handling them. There was at least one use of escape() that wouldn't
do the right thing if this code was run with magic quotes.
show more ...
|
| #
0e511803 |
| 10-Dec-2018 |
Peter Kokot |
Refactor long array() syntax to short []
Since app is using PHP 5.4+ already, the longer `array()` syntax can be
refactored to shorter `[]`.
|
| #
b7e19fb2 |
| 26-Nov-2018 |
Peter Kokot |
Fix #64897: different username length
This patch adds a username length validation. According to the SQL file
schema the username field is varchar(16) so this sets its limit to 16
ch
Fix #64897: different username length
This patch adds a username length validation. According to the SQL file
schema the username field is varchar(16) so this sets its limit to 16
characters.
show more ...
|
| #
c7935f23 |
| 10-Jul-2014 |
kovacs.ferenc |
my stupid typo is preventing to save the full name for the account requests
|
| #
efa8fa54 |
| 11-Jun-2014 |
kovacs.ferenc |
escape the $name, $email, $username and $note variables coming from $_REQUEST
magic_quote_gpc makes this not exploitable, but we should move away from that sooner or later
|
| #
e8a33e3e |
| 11-Dec-2013 |
Hannes Magnusson |
Fix path/to/files
|
| #
ada579ee |
| 11-Dec-2013 |
Hannes Magnusson |
Kill md5 and CVS fallbacks..
People that have never logged in since the move to SVN
Are effectively blocked out by this change and they'll have to reset their passwords.
|
| #
f4e4f1ea |
| 11-Dec-2013 |
Hannes Magnusson |
Kill a tiny svn-auth.inc
|
| #
e989df7d |
| 05-Jul-2012 |
Hannes Magnusson |
s/SVN/VCS/ and modify the approval subject to match the request
|
| #
e4c5dd6f |
| 31-Jan-2012 |
Adam Harvey |
Remove trailing parenthesis.
|
| #
4e35dbf4 |
| 27-Jan-2012 |
Rasmus Lerdorf |
Missed one
|
| #
aaea42a2 |
| 22-Jan-2012 |
Rasmus Lerdorf |
Remove transitional master2 name
|
| #
a99a7f01 |
| 21-Jan-2012 |
Rasmus Lerdorf |
Get rid of some time() calls - they bug me
|
| #
c6814496 |
| 21-Jan-2012 |
Rasmus Lerdorf |
Switch to default filtering
|
| #
42888ee6 |
| 20-Jan-2012 |
Rasmus Lerdorf |
switch these to master2
|
| #
1b76641d |
| 24-Jul-2011 |
Ferenc Kovacs |
fix an xss vuln (the previous commit could be enough, but just in case)
|
| #
b0a199d9 |
| 25-Jun-2010 |
Philip Olson |
Added selected group to the initial note
|
| #
dc85876e |
| 19-Dec-2009 |
Philip Olson |
Require usernames to be [a-z0-9_.-], and update the 'bad users' list
|
| #
a3943a41 |
| 26-Aug-2009 |
Philip Olson |
CVS->SVN
# Still some $cvspasswd versus $svnpasswd cleanup is needed
|
| #
81c61cf0 |
| 29-Jul-2009 |
Philip Olson |
Renamed cvs-account.php to svn-account.php as svn-php.php refers to the latter currently.
peclweb will be updated later.
|
