Commit Graph

190 Commits (528113069db7734cc6a85557291cc9f3c8d8bb91)

Author SHA1 Message Date
Aleksander Machniak b807084a6b - Fix (disable) request validation for spell and spell_html actions
Consider action whitelist also for ajax requests
12 years ago
Aleksander Machniak 2bbc3da52a - Check request tokens also in devel_mode 12 years ago
Aleksander Machniak 1c0ce1fe52 Plugin API: Add 'unauthenticated' hook (#1488138) 13 years ago
Aleksander Machniak 7c8fd80310 Show explicit error message when provided hostname is invalid (#1488550) 13 years ago
Aleksander Machniak 041c93ce0b Removed $Id$ 13 years ago
Brian Ronald b546b0dcfd Also, the license comments 13 years ago
alecpl d2191c619f - Fix redirect to mail/compose on re-login (1488226) 13 years ago
alecpl 1aceb9cec8 - Framework refactoring (I hope it's the last one):
rcube,rcmail,rcube_ui -> rcube,rcmail,rcube_utils
  renamed main.inc into rcube_bc.inc
13 years ago
alecpl 0c259682f6 - Merge devel-framework branch, resolved conflicts 13 years ago
thomascube 7fe3811c65 Changed license to GNU GPLv3+ with exceptions for skins and plugins 13 years ago
thomascube c321a955a7 Merged devel-framework branch (r5746:5779) back into trunk 13 years ago
alecpl fdff34093d - Move some checks into login() method 13 years ago
alecpl b6da0b76af - Remove deprecated global $IMAP variable usage (#1488148) 13 years ago
alecpl 80216d0b79 - Change version number to 0.8-svn 13 years ago
thomascube abdf31486a Allow cross-task ajax requests 13 years ago
alecpl 3703021713 - Plugin API: added 'ready' hook (#1488073) 13 years ago
thomascube 502436dad0 We're on the road towards 0.7 now 13 years ago
alecpl 9e54e6fd45 - Make the whole PHP output non-cacheable (#1487797) 13 years ago
thomascube 6354da5b8c Fix r5117: don't show error on default login page 13 years ago
thomascube 886aafe167 Don't rely on rcmail->task for session error check; use _REQUEST data instead 13 years ago
thomascube 94c0743cba Don't show session error message on logout 13 years ago
thomascube fcc7f861b1 Log session validation errors; keep error message when redirecting to login after session error 13 years ago
thomascube 28ac5cada2 Let plugins hook into keep-alive requests 14 years ago
thomascube 87e58c7a92 Default action for plugin tasks is 'index' 14 years ago
alecpl 4351f7cd66 - Improve performance by including files with absolute path (#1487849) 14 years ago
thomascube ec045b0a24 Revert r4609 and use stateless request tokens; no need to save them in session and thus no keep-alive necessary; fixes #1487829 14 years ago
thomascube 32b11d325e Keep session alive while showing login page (request token is stored in session data) 14 years ago
alecpl 4cfe66f42f - small code cleanup 14 years ago
alecpl c294eaa3f2 - Performance improvement: Remove redundant DELETE query (for old session deletion) on login 14 years ago
thomascube de62f02eed Also check referer on logout action 14 years ago
thomascube a77cf2292b Add optional referer check to prevent CSRF in GET requests 14 years ago
thomascube 784a425e07 protect login form submission from CSRF using a request token 14 years ago
thomascube cf2da2f9aa Improve session validity check with changing auth cookies; reduce writes to DB; better phpdoc 14 years ago
thomascube 32234d71d3 Better fix for login redirect, don't force mail task 14 years ago
alecpl 68d2d54100 - Move action files map from index.php to steps' func.inc files 14 years ago
thomascube 88007cf060 Fix login redirect issues (#1487686) 14 years ago
thomascube f5e7b35307 Bumbed version; Roundcube development is not Switzerland only 14 years ago
thomascube c3be8ed64c Make sure an existing session is killed/replaced when submitting login form 14 years ago
alecpl af3c045ecf - New Folder Manager UI
- Fix invalid Request when creating a folder (#1487443)
- Add folder size and quota indicator in folder manager (#1485780)
- Add possibility to move a subfolder into root folder (#1486791)
14 years ago
alecpl 5f560ee7a0 - Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134) 14 years ago
alecpl 6d99f99576 - Handle situation when $IMAP object isn't initialized on log in 14 years ago
alecpl 8fcc3e1ad6 - Improved IMAP errors handling 14 years ago
alecpl 249db18585 - Fix "Server Error! (Not Found)" when using utils/save-pref action (#1487023) 14 years ago
alecpl e019f2d0f2 - s/RoundCube/Roundcube/ 14 years ago
alecpl 614c642a4b - Fix list_cols is not updated after column dragging (#1486999)
- Improved save-pref action and moved to separate file in utils task directory
- Improved http_post/http_request to support first argument in form 'task/action'
14 years ago
thomascube 4859fedb92 Fix unit tests + update version 14 years ago
alecpl b25dfd0913 - removed PHP closing tag 15 years ago
thomascube 05a631a43c Allow plugins to register their own tasks 15 years ago
alecpl 3544558f2d - Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins log (#1486441) 15 years ago
thomascube aa12df20e4 Add server-side plugin hooks to address group functions + better action names 15 years ago