summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-08-29clean up username entered at loginEvan Prodromou
darcs-hash:20080829225258-84dde-6fee5f0beea62f023c13436b8d7044241bc0d01a.gz
2008-08-29CSRF protection in remotesubscribeZach Copley
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29CSRF protection in emailsettingsZach Copley
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29CSRF protection in user registrationEvan Prodromou
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29CSRF protection in recoverpasswordZach Copley
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29session token in userauthorization formEvan Prodromou
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29csrf protection in userauthorizationEvan Prodromou
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29better client error on CSRF problem with subscribe/unsubscribeEvan Prodromou
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29CSRF protection for subscription/unsubscriptionEvan Prodromou
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-28CSRF protection in imsettings.phpZach Copley
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28CSRF protection in smssettings.phpZach Copley
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-29add csrf protection to profile settingsEvan Prodromou
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29CSRF protection in openidsettingsEvan Prodromou
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29swap around some stuff to show the form correctly on a CSRF error in openidloginEvan Prodromou
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-28CSRF protection for OpenID formEvan Prodromou
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28add a token for CSRF avoidanceEvan Prodromou
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28show error in delete noticeEvan Prodromou
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28CSRF protection in deletenoticeEvan Prodromou
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28add CSRF protection to avatarEvan Prodromou
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28return after failed tokenEvan Prodromou
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28fix random function nameEvan Prodromou
darcs-hash:20080829021854-84dde-818492a31c07dd0921c2a693095ca7ac901b6d35.gz
2008-08-28code for session tokenEvan Prodromou
darcs-hash:20080829015304-84dde-1c93203bdfbd4c1696cdd3c07212ff16a9f727dd.gz
2008-08-28add session token check to password changeEvan Prodromou
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-27get language before setting it.Evan Prodromou
darcs-hash:20080828005323-84dde-8f69e1e6115faa544c22436539148dac53ed6f65.gz
2008-08-27don't do too many broadcasts or confirms before checking the message queueEvan Prodromou
darcs-hash:20080827142336-84dde-2bec2149d86900fd0291f8c00f85aa756842bbe1.gz
2008-08-27add back in a session start handlerEvan Prodromou
darcs-hash:20080827135422-84dde-857d6e980e18803186d080a60eea60f1362bb348.gz
2008-08-27restoring upstream XMLStream.php after pulling ciarang's patchEvan Prodromou
darcs-hash:20080827133048-84dde-cb99ac89c65008a8832395684386518718247887.gz
2008-08-26XMPP daemon that doesn't eat messages - note change to XMPPHP as well ↵CiaranG
(Ticket #551) darcs-hash:20080826200057-f6e2c-fb9a88251d034824218d20b3fefcde96ddaef827.gz
2008-08-27don't show unknown (debug) errorsEvan Prodromou
darcs-hash:20080827132346-84dde-c5499ac960fbb28bced28ff9355846f7183fcb5c.gz
2008-08-27fixup whitespaceEvan Prodromou
darcs-hash:20080827131603-84dde-7be64f28840a29c5833bc625aaf6cb8f07b891e5.gz
2008-08-27import upstream XMPPHP with @ciarang's fixEvan Prodromou
darcs-hash:20080827124430-84dde-654751781702f5518153a01aa3dae4a8580b7f35.gz
2008-08-26fix error storing uris of remote noticesEvan Prodromou
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26use notice URI if it's not local and it's an HTTP URLEvan Prodromou
darcs-hash:20080826210314-84dde-34d4eb71c7d74b65c0c4b486f345ed7d9301af15.gz
2008-08-26only send local messages to public XMPP streamEvan Prodromou
darcs-hash:20080826205341-84dde-04c1641f4b9c5aa5318b76512664ee9df170d779.gz
2008-08-26optionally turn encryption on or off in the XMPP connectionEvan Prodromou
For identi.ca, we had some problems with the XMPP daemon getting "stuck" in I/O through the encrypted (by default) XMPP socket. Turning off encryption helped. So, now it's an option. darcs-hash:20080826131814-84dde-2c4a809c6fb666dfb4b96d0d61205fe418f4e4b4.gz
2008-08-25never allow blank passwordsEvan Prodromou
darcs-hash:20080825185245-84dde-f2ad86c1aedc2a42f7b468775234be53a7e84d5b.gz
2008-08-25use better SQL date, fix security problem with OpenID loginsEvan Prodromou
darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
2008-08-25change DataObject_Cast to use sql_nowEvan Prodromou
darcs-hash:20080825183005-84dde-c1d24a057d9545cc6d1f0dc21c5af4ea7316d8e9.gz
2008-08-25use common_sql_now() instead of DB_DataObject_CastEvan Prodromou
darcs-hash:20080825182338-84dde-ec0edef9469b294b7e23945f1bc7d810da988ed7.gz
2008-08-25use mb_strlen instead of strlen in xmpp daemonEvan Prodromou
darcs-hash:20080825173105-84dde-ea607521c78694fe558514b423f1c6dc0e70241e.gz
2008-08-24notify user of remote subscriptionsEvan Prodromou
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24big scarygram warning in config.php.sample about using DB_DataObject's debug ↵Evan Prodromou
mode darcs-hash:20080824171202-84dde-fd3ed2b9645f2c2ec5439824dbc6f6a765c0a622.gz
2008-08-24move README to main dirEvan Prodromou
darcs-hash:20080824113719-84dde-fce2da5de5de7cd76c001ac2c48b99edbedb80a8.gz
2008-08-23be a little more liberal for sites that accidentally put whitespace before ↵Evan Prodromou
the xml decl darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23request token is not readonlyEvan Prodromou
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23Prevent jabber.php error by checking key existsCiaranG
darcs-hash:20080823053548-f6e2c-dfc8a0acd9fb8589ed37e54c7d0d3d38afff34f5.gz
2008-08-23Escape profile url in xmpp in case fancy urls off (Ticket #521)CiaranG
darcs-hash:20080823052534-f6e2c-aa452a8c2c6ee33399f4079d0bf2224847e1450a.gz
2008-08-22Fixed attempt to read nonexistent match in JID regexCiaranG
darcs-hash:20080822191751-f6e2c-578869b8524e3238c461872981a5dd8c285937e3.gz
2008-08-22XMPP sub/unsub and help commandsCiaranG
darcs-hash:20080822191032-f6e2c-a3a7efbbaad1ec7c48ef132a8ba34fc8b8651969.gz
2008-08-22Define xmpp daemon claim timeout timeCiaranG
darcs-hash:20080822185955-f6e2c-569bc9d304e904fd26e3cc976e8246e3eb7f93bd.gz