David Goodwin
318ac048d5
psalm fixes
7 years ago
David Goodwin
c44e82cc2d
phpdoc fix
7 years ago
David Goodwin
b6f75c9c2c
try and require Phar extension through setup if we are using php_crypt and PHP version < 7
7 years ago
David Goodwin
1f643a052f
see #185 - try putting the session_ recreation stuff in an else { ... }
7 years ago
David Goodwin
a787c0fc1e
Merge pull request #181 from Sopsy/master
...
Add support for difficulty setting for php_crypt
7 years ago
Aleksi Kinnunen
2df4348f09
Typo fix
7 years ago
Aleksi Kinnunen
48c19a1cbd
Combine encrypt CONF-keys
...
Went through the old PR #25 , updated the encrypt rounds/cost setting to be in the encrypt -configuration key as per suggestion from @cboltz
7 years ago
Aleksi Kinnunen
c1b5e66e27
Add missing global
...
... you should never edit with the GitHub web GUI, lazy me.
7 years ago
Aleksi Kinnunen
b676e8337f
Allow empty $CONF['encrypt_difficulty'] for defaults
7 years ago
Aleksi Kinnunen
7b16e8a1c2
Add info about php_crypt and encrypt_difficulty to sample config
7 years ago
Aleksi Kinnunen
9c2161a549
Added support for password generation cost/rounds
...
$CONF["php_crypt_difficulty"], only for php_crypt:BLOWFISH, php_crypt:SHA256 and php_crypt:SHA512
7 years ago
David Goodwin
6100ca4cf9
try and fix #177 (add missing fields to sqlite db)
7 years ago
David Goodwin
1c4a6080d7
make phar loading optional depending on the extension being present or not
7 years ago
David Goodwin
9c7f60fa76
possible fix for sqlite schema/upgrade issues; see #177 and and #176
7 years ago
David Goodwin
3754381f0e
Merge pull request #175 from racerxdl/master
...
'row' is a reserved word in MySQL 8.0
7 years ago
Lucas Teske
11f9680963
'row' is a reserved word in MySQL 8.0
7 years ago
Christian Boltz
05bf2d2013
if unconfigured, recommend to edit config.local.php
...
... instead of config.inc.php
(idea based on comments on
7c38bdd871
)
7 years ago
Christian Boltz
2eb5a7ed60
simplify function_exists() checks for random_int()
...
It's easier to define a compat function than to have function_exists()
checks all over the code.
7 years ago
David Goodwin
603c5195df
update debian changelog (v3.2)
7 years ago
Christian Boltz
9044bed288
re-order some changelog entries and adjust date
7 years ago
David Goodwin
b4849b8431
bump minimum db version
7 years ago
David Goodwin
4c6bcdbc39
update version
7 years ago
David Goodwin
a510981350
update with notes on php_crypt and smarty
7 years ago
David Goodwin
5b7f4cda48
add phpdoc comments, default php_crypt hash to use SHA512 rather than MD5
7 years ago
David Goodwin
7282928e6d
update generate_password() to allow length to be specified; update test
7 years ago
David Goodwin
7388a7ca62
remove notice about additional plugin - lost with time, does not seem to be used
7 years ago
Christian Boltz
a3feba7c73
change default for php_crypt to SHA512
...
(+ a few whitespace changes)
7 years ago
David Goodwin
bd5ac21398
update debian dirs etc to cope iwth smarty->lib/smarty
7 years ago
David Goodwin
1308c52355
refresh debian patch
7 years ago
David Goodwin
b48f99d4c6
reformat (phpcs)
7 years ago
David Goodwin
e7f9d536d9
change default salt method with php_crypt
7 years ago
David Goodwin
f7ba904800
see #171
7 years ago
David Goodwin
f1a15b2269
phpunit.xml file
7 years ago
David Goodwin
2f2730ffa0
add more tests
7 years ago
David Goodwin
f543c7d403
use random_int() if available
7 years ago
David Goodwin
94f05bf9e4
switch to store $config internally within an array
7 years ago
David Goodwin
7c0cb82be8
use random_int if it is available
7 years ago
David Goodwin
0d211949c9
skip tests unless configuraton updated
7 years ago
David Goodwin
b97decb7c2
add a lib directory; move smarty into it; add random_compat phar (for random_bytes() on PHP < 7)
7 years ago
David Goodwin
a4760ef53c
Merge pull request #170 from snuggeman/php_crypt
...
multiple hash algorithms using crypt (pfa 3.2)
7 years ago
snuggeman
11f0ceb615
added php_crypt scheme
7 years ago
David Goodwin
b25a04a43f
Merge pull request #169 from abonanni/master
...
Update french language
7 years ago
Aurélien BONANNI
3ea4f80e34
Update french language
7 years ago
Christian Boltz
24ad5cc3d8
Set $reset_by_sms even if password reset is disabled
...
... to avoid an "undefined variable" warning
7 years ago
Christian Boltz
7c38bdd871
add a big notice about using config.local.php
7 years ago
Christian Boltz
7f19cae57e
Add a index.php showing a note about the "public" directory
...
This avoids that users get a 403 error (if DirectoryIndex is disabled)
or a directory listing after updating to 3.2.
This is what likely happened in
https://github.com/postfixadmin/postfixadmin/issues/30 (see the comment
from Apr 24, 2018)
7 years ago
David Goodwin
f05f118d4d
bump smarty version (doc)
7 years ago
David Goodwin
2ba2802774
bump Smarty to v3.1.32 (possible security fix, numerous bugs listed at https://github.com/smarty-php/smarty/blob/master/change_log.txt
7 years ago
David Goodwin
9a07772626
remove commented out echo
7 years ago
Christian Boltz
11ded0a4d8
Changelog for 3.2
7 years ago