aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
Commit message (Collapse)AuthorAgeFilesLines
* remove a couple of mysql reserved words from being used as table or row ↵friendica2013-12-221-1/+1
| | | | names. For this round we're getting 'group' and 'desc'. Warning: potentially destabilising as this touches a lot of code.
* init_groups_visitor() was still using old array of id output (not the newer ↵friendica2013-11-221-2/+2
| | | | array of hash which we need for permission queries)
* one more edge case in the public perms - don't match perms = 0 which is ↵friendica2013-09-221-2/+3
| | | | private, this and prior checkin are for issue #114
* fixes for display and search privacy enforcementfriendica2013-09-221-10/+36
|
* get rid of more variables with dashes in the names - use underscore *except* ↵friendica2013-08-151-2/+2
| | | | in CSS. These were probably already here, but if you see any - please keep them out of PHP and MySQL where they sometimes get interpreted as a subtraction operation and are a bugger to find.
* Fix Load mobile themeChristian Vogeley2013-08-161-0/+2
|
* attachment permissions not rightfriendica2013-07-301-38/+44
|
* start formatting for Doxygenfriendica2013-02-251-1/+1
|
* start on channel_remove(), add some generic channel queries to the API layersfriendica2013-02-161-2/+3
|
* mod_display - no fun. Not working at all. But a bit of progress.friendica2013-02-101-8/+32
|
* further baby steps on the photos APIfriendica2013-01-251-0/+2
|
* now we're into the minor nitty fixesfriendica2013-01-211-1/+1
|
* more heavy lifting on API - though need to re-visit events and give them all ↵friendica2013-01-191-1/+34
| | | | message_ids from the origination site.
* begin the hard slog on the apifriendica2013-01-161-5/+3
|
* port "remember me" from Friendicafriendica2013-01-041-2/+2
|
* fixing permissions_sql - may need more tweaksfriendica2012-12-161-85/+46
|
* start to whip the permissions into shape, also got rid of the mce drop ↵friendica2012-12-091-66/+0
| | | | shadow until we can figure out how to do it without the ugly black bars. I tend to prefer "outy" shadows over "inny" shadows anyway, but maybe that's just me.
* a bit of e_all cleanupfriendica2012-12-081-1/+1
|
* start implementing zot-idfriendica2012-11-081-0/+3
|
* "profile url" e.g. the wall/stream is now "channel url". "Profile URL" goes ↵friendica2012-10-291-1/+1
| | | | to the profile details.
* Now have a solid permissions model. Create a few functions to enumerate them ↵friendica2012-10-281-2/+4
| | | | and then we're off to the races.
* upstream fixesfriendica2012-10-211-0/+21
|
* more work on profile changes - the notify activity is still stuffed as we ↵friendica2012-10-191-1/+1
| | | | finalise the json structure for activitystream meta-data
* provide auto admin registration as before, but allow the current admin to ↵friendica2012-10-041-2/+2
| | | | create other admins
* Can't see any posts currently - after the big shakeup, but we can now post ↵friendica2012-10-031-26/+14
| | | | top level activities and store them.
* use hash for channel idfriendica2012-10-011-0/+21
|
* here's where the heavy lifting begins - everything is likely to be broken ↵friendica2012-10-011-1/+11
| | | | for quite some time as we add location and db independence to items and conversations and work through the rest of the permissions and how to federate the buggers.
* moving a lot of structure around. 'entity' is now 'channel'friendica2012-09-251-11/+11
|
* updatesfriendica2012-09-091-1/+15
|
* bring back "this is you" comment photofriendica2012-09-041-2/+11
|
* trim a bit of fatfriendica2012-08-291-5/+3
|
* have to do something about that return_url - but let's just plunge forward ↵friendica2012-08-281-2/+2
| | | | without it.
* solve endless redirectfriendica2012-08-271-3/+5
|
* Now logging in with Red zaccount/zentity instead of Friendica user. Yay. ↵friendica2012-08-271-70/+122
| | | | Most existing Friendica functionality is now stuffed since the Red structures are quite different.
* Merge branch 'master' of git://github.com/friendica/friendicaVasudev Kamath2012-06-041-1/+1
|\
| * rename get_language() to get_browser_language()friendica2012-05-131-1/+1
| |
* | Few more files with unnecessary executable permissionsVasudev Kamath2012-04-211-0/+0
|/
* Some Bugfixes, and variable checksTobias Hößl2012-04-171-0/+1
|
* string fix: typo. slow down scroll to top in dispysSimon L'nu2012-04-141-2/+2
| | | | Signed-off-by: Simon L'nu <simon.lnu@gmail.com>
* Merge branch 'master' of https://github.com/friendica/friendicaAlexander Kampmann2012-04-051-0/+1
|\ | | | | | | | | | | Conflicts: include/config.php update.php
| * use zrl to get home againfriendica2012-03-291-0/+1
|/
* Existing photos could not be used as profile photos anymore - should be ↵Tobias Hößl2012-03-191-8/+12
| | | | fixed now. And some extra logging in the CSRF-Protection to make debugging easier
* CSRF-Protection in the group-related form (creating, renaming and dropping a ↵Tobias Hößl2012-03-181-0/+6
| | | | group, adding/removing members from it)
* Some security against XSRF-attacksTobias Hößl2012-03-121-0/+46
|
* bug in check for private email comment to public conversation prevents ↵friendica2012-03-091-0/+1
| | | | authenticated visitor from seeing comments that should be allowed
* revupfriendica2012-03-071-1/+1
|
* fix photos after permissions_sql changefriendica2012-03-061-4/+76
|
* [privacy] rework latest fixfriendica2012-03-061-1/+3
|
* can_write_wall documentationfriendica2012-03-051-1/+6
|
* logging of manage identitiesfriendica2012-01-271-2/+7
|