summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2008-08-29CSRF protection in remotesubscribeZach Copley
2008-08-29CSRF protection in emailsettingsZach Copley
2008-08-29CSRF protection in user registrationEvan Prodromou
2008-08-29CSRF protection in recoverpasswordZach Copley
2008-08-29session token in userauthorization formEvan Prodromou
2008-08-29csrf protection in userauthorizationEvan Prodromou
2008-08-29better client error on CSRF problem with subscribe/unsubscribeEvan Prodromou
2008-08-29CSRF protection for subscription/unsubscriptionEvan Prodromou
2008-08-28CSRF protection in imsettings.phpZach Copley
2008-08-28CSRF protection in smssettings.phpZach Copley
2008-08-29add csrf protection to profile settingsEvan Prodromou
2008-08-29CSRF protection in openidsettingsEvan Prodromou
2008-08-29swap around some stuff to show the form correctly on a CSRF error in openidloginEvan Prodromou
2008-08-28CSRF protection for OpenID formEvan Prodromou
2008-08-28add a token for CSRF avoidanceEvan Prodromou
2008-08-28show error in delete noticeEvan Prodromou
2008-08-28CSRF protection in deletenoticeEvan Prodromou
2008-08-28add CSRF protection to avatarEvan Prodromou
2008-08-28return after failed tokenEvan Prodromou
2008-08-28fix random function nameEvan Prodromou
2008-08-28code for session tokenEvan Prodromou
2008-08-28add session token check to password changeEvan Prodromou
2008-08-27get language before setting it.Evan Prodromou
2008-08-27don't do too many broadcasts or confirms before checking the message queueEvan Prodromou
2008-08-27add back in a session start handlerEvan Prodromou
2008-08-27restoring upstream XMLStream.php after pulling ciarang's patchEvan Prodromou
2008-08-26XMPP daemon that doesn't eat messages - note change to XMPPHP as well (Ticket...CiaranG
2008-08-27don't show unknown (debug) errorsEvan Prodromou
2008-08-27fixup whitespaceEvan Prodromou
2008-08-27import upstream XMPPHP with @ciarang's fixEvan Prodromou
2008-08-26fix error storing uris of remote noticesEvan Prodromou
2008-08-26use notice URI if it's not local and it's an HTTP URLEvan Prodromou
2008-08-26only send local messages to public XMPP streamEvan Prodromou
2008-08-26optionally turn encryption on or off in the XMPP connectionEvan Prodromou
2008-08-25never allow blank passwordsEvan Prodromou
2008-08-25use better SQL date, fix security problem with OpenID loginsEvan Prodromou
2008-08-25change DataObject_Cast to use sql_nowEvan Prodromou
2008-08-25use common_sql_now() instead of DB_DataObject_CastEvan Prodromou
2008-08-25use mb_strlen instead of strlen in xmpp daemonEvan Prodromou
2008-08-24notify user of remote subscriptionsEvan Prodromou
2008-08-24big scarygram warning in config.php.sample about using DB_DataObject's debug ...Evan Prodromou
2008-08-24move README to main dirEvan Prodromou
2008-08-23be a little more liberal for sites that accidentally put whitespace before th...Evan Prodromou
2008-08-23request token is not readonlyEvan Prodromou
2008-08-23Prevent jabber.php error by checking key existsCiaranG
2008-08-23Escape profile url in xmpp in case fancy urls off (Ticket #521)CiaranG
2008-08-22Fixed attempt to read nonexistent match in JID regexCiaranG
2008-08-22XMPP sub/unsub and help commandsCiaranG
2008-08-22Define xmpp daemon claim timeout timeCiaranG
2008-08-19Fix bug in xmpp on/off (ticket #528)CiaranG