Thomas Bruederli
b461a2d72e
Send last fetch time with 'refresh' requests and allow plugins to alter query parameters of http requests
11 years ago
Aleksander Machniak
060467df9d
Log also failed logins to userlogins log
11 years ago
Thomas Bruederli
deb2b8d080
Allow to load config files for different environments ( #1487311 ); keep (non-default) filename in URLs throughout the webmail app
11 years ago
Aleksander Machniak
a544971fe8
Fix error when using check_referer=true
12 years ago
Aleksander Machniak
bb080af14d
Bump version number up to 1.0-git
12 years ago
Thomas Bruederli
18e23ab763
Welcome to 2013
12 years ago
Aleksander Machniak
a95687cfe8
Plugin API: Add 'refresh' hook
12 years ago
Aleksander Machniak
77de23fa93
Added cross-task 'refresh' request for system state updates
12 years ago
Aleksander Machniak
b807084a6b
- Fix (disable) request validation for spell and spell_html actions
...
Consider action whitelist also for ajax requests
12 years ago
Aleksander Machniak
2bbc3da52a
- Check request tokens also in devel_mode
12 years ago
Aleksander Machniak
1c0ce1fe52
Plugin API: Add 'unauthenticated' hook ( #1488138 )
13 years ago
Aleksander Machniak
7c8fd80310
Show explicit error message when provided hostname is invalid ( #1488550 )
13 years ago
Aleksander Machniak
041c93ce0b
Removed $Id$
13 years ago
Brian Ronald
b546b0dcfd
Also, the license comments
13 years ago
alecpl
d2191c619f
- Fix redirect to mail/compose on re-login (1488226)
13 years ago
alecpl
1aceb9cec8
- Framework refactoring (I hope it's the last one):
...
rcube,rcmail,rcube_ui -> rcube,rcmail,rcube_utils
renamed main.inc into rcube_bc.inc
13 years ago
alecpl
0c259682f6
- Merge devel-framework branch, resolved conflicts
13 years ago
thomascube
7fe3811c65
Changed license to GNU GPLv3+ with exceptions for skins and plugins
13 years ago
thomascube
c321a955a7
Merged devel-framework branch (r5746:5779) back into trunk
13 years ago
alecpl
fdff34093d
- Move some checks into login() method
13 years ago
alecpl
b6da0b76af
- Remove deprecated global $IMAP variable usage ( #1488148 )
13 years ago
alecpl
80216d0b79
- Change version number to 0.8-svn
13 years ago
thomascube
abdf31486a
Allow cross-task ajax requests
13 years ago
alecpl
3703021713
- Plugin API: added 'ready' hook ( #1488073 )
13 years ago
thomascube
502436dad0
We're on the road towards 0.7 now
13 years ago
alecpl
9e54e6fd45
- Make the whole PHP output non-cacheable ( #1487797 )
13 years ago
thomascube
6354da5b8c
Fix r5117: don't show error on default login page
13 years ago
thomascube
886aafe167
Don't rely on rcmail->task for session error check; use _REQUEST data instead
13 years ago
thomascube
94c0743cba
Don't show session error message on logout
13 years ago
thomascube
fcc7f861b1
Log session validation errors; keep error message when redirecting to login after session error
13 years ago
thomascube
28ac5cada2
Let plugins hook into keep-alive requests
14 years ago
thomascube
87e58c7a92
Default action for plugin tasks is 'index'
14 years ago
alecpl
4351f7cd66
- Improve performance by including files with absolute path ( #1487849 )
14 years ago
thomascube
ec045b0a24
Revert r4609 and use stateless request tokens; no need to save them in session and thus no keep-alive necessary; fixes #1487829
14 years ago
thomascube
32b11d325e
Keep session alive while showing login page (request token is stored in session data)
14 years ago
alecpl
4cfe66f42f
- small code cleanup
14 years ago
alecpl
c294eaa3f2
- Performance improvement: Remove redundant DELETE query (for old session deletion) on login
14 years ago
thomascube
de62f02eed
Also check referer on logout action
14 years ago
thomascube
a77cf2292b
Add optional referer check to prevent CSRF in GET requests
14 years ago
thomascube
784a425e07
protect login form submission from CSRF using a request token
14 years ago
thomascube
cf2da2f9aa
Improve session validity check with changing auth cookies; reduce writes to DB; better phpdoc
14 years ago
thomascube
32234d71d3
Better fix for login redirect, don't force mail task
14 years ago
alecpl
68d2d54100
- Move action files map from index.php to steps' func.inc files
14 years ago
thomascube
88007cf060
Fix login redirect issues ( #1487686 )
14 years ago
thomascube
f5e7b35307
Bumbed version; Roundcube development is not Switzerland only
14 years ago
thomascube
c3be8ed64c
Make sure an existing session is killed/replaced when submitting login form
14 years ago
alecpl
af3c045ecf
- New Folder Manager UI
...
- Fix invalid Request when creating a folder (#1487443 )
- Add folder size and quota indicator in folder manager (#1485780 )
- Add possibility to move a subfolder into root folder (#1486791 )
14 years ago
alecpl
5f560ee7a0
- Plugin API: Add 'pass' argument in 'authenticate' hook ( #1487134 )
14 years ago
alecpl
6d99f99576
- Handle situation when $IMAP object isn't initialized on log in
14 years ago
alecpl
8fcc3e1ad6
- Improved IMAP errors handling
14 years ago