aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
Commit message (Collapse)AuthorAgeFilesLines
* typoszotlabs2019-03-121-8/+8
|
* security updates for multiple xchanszotlabs2019-03-111-59/+189
|
* testing init_groups_visitor changes - also add virtual groups for both zot ↵zotlabs2019-03-101-13/+11
| | | | identities
* init_groups_visitor: include xchans from all zot-like networkszotlabs2019-03-101-3/+21
|
* Update security.phpMax Kostikov2018-09-281-1/+1
|
* Update security.phpMax Kostikov2018-09-271-1/+1
|
* Zot/Finger: ignore deleted hublocszotlabs2018-08-211-1/+1
|
* we must now provide the full path to the profile image for the cavatar ↵Mario Vavti2018-05-151-4/+4
| | | | plugin to work
* Active channels information is a bit imprecise. Provide a higher accuracy ↵zotlabs2018-04-161-0/+9
| | | | method. This will require a transition period
* make most recent cloud_tiles setting for local channels persistent across loginszotlabs2017-11-071-0/+1
|
* don't translate 'guest:' since it is part of a urlzotlabs2017-10-161-1/+1
|
* ensure guests hve a unique (non-existent) url so that network discovery on ↵zotlabs2017-10-161-1/+1
| | | | remote servers doesn't come up mis-attributing the token. Future work should probably provide an actual page at this location describing it as a guest account of 'xyz'.
* stream_perms_xchans wasn't working which has effects in mod_display and ↵zotlabs2017-08-211-1/+2
| | | | there are also issues with the oembed provider for mod_display. This is a first cut for the second but hasn't yet been tested
* provide ability to search webpages (either public or which contain the ↵zotlabs2017-05-301-1/+0
| | | | observer in the acl) in addition to conversations
* ugly postgres fixeszotlabs2017-04-301-22/+34
|
* Create virtual privacy groups for private profile member listszotlabs2017-02-121-1/+15
|
* provide lowlevel xchan storage function to ensure that all non-null rows are ↵zotlabs2017-01-281-13/+10
| | | | initialised
* [TASK] Update Doxyfile and fix Doxygen errors.Klaus Weidenbach2016-10-131-38/+46
| | | | | | Updated Doxyfile to include new folders. Add a list for @hooks tags. Fixed some parsing problems for Doxygen.
* more backquotes - this should take care of most except for the array import ↵zotlabs2016-10-091-1/+1
| | | | queries
* finish the channel_reddress() conversionredmatrix2016-09-211-1/+1
|
* This checkin should make all permission modes work correctly with atokens ↵redmatrix2016-08-011-1/+73
| | | | (they should be able to post content if allowed to). It also removes the strict linkage between permissions and connections so any individual permission can be set for any xchan; even those for which you have no connections.
* make guest access tokens work with PERMS_NETWORK, PERMS_SITE, PERMS_PENDING, ↵redmatrix2016-07-311-0/+28
| | | | and PERMS_CONTACTS; or everything but PERMS_SPECIFIC. PERMS_SITE could be contentious, but we're currently denying them as they are a guest and don't actually have a channel on this site. We can't easily make PERMS_SPECIFIC work without providing an abook entry for the guest since we would need to set specific permissions for the guest login, but unfortunately this could be the most desirable setting to use in many cases. There is also an update of hmessages.po in this commit.
* Merge branch 'dev' into permsredmatrix2016-07-201-14/+15
|\
| * sort out some of the authentication mess - with luck this may fix the DAV ↵redmatrix2016-07-201-14/+15
| | | | | | | | auth issue which I simply could not duplicate or find a reason for.
* | Merge branch 'dev' into permsredmatrix2016-07-171-0/+38
|\|
| * make the xchan_hash for the access token location independentredmatrix2016-07-141-12/+15
| |
| * more ZAT workredmatrix2016-07-141-0/+2
| |
| * first cut at zot access tokensredmatrix2016-07-141-0/+33
| |
* | more work on permsredmatrix2016-07-121-15/+26
|/
* use the get_hostname function rather than parse the urlredmatrix2016-07-111-1/+1
|
* create change_channel hookredmatrix2016-07-111-0/+4
|
* create miniApp to convert existing settings files to the static App classredmatrix2016-03-311-11/+4
|
* static Appredmatrix2016-03-311-16/+16
|
* deprecate $a->get_baseurl()redmatrix2016-03-301-3/+3
|
* some minor cleanupsredmatrix2016-03-101-1/+1
|
* issue #216 - calendar sharingredmatrix2016-02-241-7/+11
|
* add oembed provider for photosredmatrix2016-01-311-1/+1
|
* various issues from the forumsredmatrix2016-01-171-10/+13
|
* some minor cleanup - change the default of the discover tab (public stream ↵redmatrix2015-12-101-10/+8
| | | | access)
* add one more level of parentheses to ensure operator precedence is correctly ↵redmatrix2015-09-281-2/+2
| | | | evaluated
* check public scopes against visitor in item_permissions_sql()redmatrix2015-09-281-2/+38
|
* Merge https://github.com/redmatrix/redmatrix into pending_mergeredmatrix2015-09-071-2/+2
|\ | | | | | | | | Conflicts: util/messages.po
| * PRIVACY: item_private seems to have been removed from permissions_sql ↵redmatrix2015-09-071-2/+2
| | | | | | | | checking with an observer.
* | Merge branch 'master' of https://github.com/redmatrix/redmatrixredmatrix2015-07-141-0/+6
|\|
| * stream_perms_xchans() set to empty quoted string when no results rather than ↵redmatrix2015-07-141-0/+6
| | | | | | | | return an empty string
* | DB changes for some channel flagsredmatrix2015-06-151-14/+10
|/
* PRIVACY: possible privacy leakage under a defined set of circumstancesredmatrix2015-05-201-5/+5
|
* improve performance of the zotfeed queriesfriendica2015-03-231-2/+4
|
* Some cleanups and documentation.Klaus Weidenbach2015-03-041-22/+14
| | | | | | | Fixed some wrong variable names. Initialized some variables before using them. Removed some checks for STATUSNET_PRIVACY_COMPATIBILITY in include/security.php as it does not seem to be defined anywhere.
* remote_user => remote_channelfriendica2015-01-281-2/+2
|