sshambar
0fe1758572
Add SASL PLAIN authentication support ( #92 )
...
Adds a new sasl mech 'plain' which converts all simple authentication
methods to SASL PLAIN. NOTE: doesn't use auth_type 'sasl' as
credentials may come from login form, stored in cookies etc...
2020-02-20 09:12:39 +11:00
Noone404
4eb3737d31
Added option to use template string for bind DN ( #90 )
...
* Language update from launchpad
* Added login option 'bind_dn_template'
2020-02-20 09:11:17 +11:00
Genaro Contreras Gutierrez
cbdc0dacd6
Auth Form wiht Google reCAPTCHA ( #87 )
...
* reCaptcha config
* config reCaptcha
* check reCAPTCHA
* add reCAPTCHA to form login
* config attributes for reCAPTCHA
* Function to verify request with reCAPTCHA
* doc reCaptcha
2020-02-20 09:04:20 +11:00
Genaro Contreras Gutierrez
c87571f6b7
Fix error and set by default to preventXSS
2019-07-31 08:21:14 -07:00
Genaro Contreras Gutierrez
0b10c30c79
other usage of function preventXSS
...
Other example of usage:
preventXSS(get_request('cmd','REQUEST'))
Additionally, the $ preventXSS parameter of the get_request function can set the default to true and in the specific fields set the parameter to false
2019-07-30 08:49:41 -07:00
Genaro Contreras Gutierrez
c22c98c463
update get_request when an error occurs
...
Example to use to prevent XSS attack from get_request
get_request('cmd','REQUEST',false,null,true)
2019-07-30 08:44:10 -07:00
Genaro Contreras Gutierrez
25cbb26e1d
update function get_request to preventXSS
...
The XSS prevent function was created and used
2019-07-30 08:38:14 -07:00
Genaro Contreras Gutierrez
08c21fe7ca
Prevent XSS attack since function get_request
...
The $preventXSS parameter was added to the get_request function to avoid XSS attacks.
It was not set by default as $preventXSS=true, because it can affect fields such as passwords.
Using "htmlspecialchars" and "addslashes" functions of PHP.
2019-07-30 08:29:17 -07:00
Deon George
7b1f6b5132
Fix for PHP 7.3 - deprecated continue in switch
2019-05-14 15:00:28 +10:00
Deon George
3c0ca27477
Remove SF branding
2019-04-21 23:37:10 +10:00
Deon George
511ead3ec6
Revert #63 - Add attribute not rendering correctly
2019-04-20 15:39:48 +10:00
Deon George
e37b498de1
PHP 7.2 compatibility fixes - closes #64
2019-04-19 22:48:22 +10:00
Deon George
29d7d4b2f7
Fixes #31 - Glue entries are not browsable through phpldapadmin
2019-04-19 21:01:02 +10:00
Deon George
c494078550
Closes pull request #22 and fixes #18 - preg_replace_callback changes
2019-04-19 20:08:53 +10:00
Deon George
c1af05f403
Merge pull request #63 from dago/renderfix
...
Fixes for translation of "Add new attribute"
2019-04-18 12:34:00 +10:00
Deon George
49ef60f26b
Merge pull request #62 from spagu/patch-1
...
Fix php7.2 errors for function __autoload and create_function as they were deprecated.
2019-04-18 12:31:49 +10:00
Deon George
aa11e318ec
Merge pull request #60 from NHellFire/php7.1
...
Use OpenSSL for blowfish when available (fixes #58 )
2019-04-18 12:16:08 +10:00
Michael
7569423f11
Update functions.php
...
Since openLDAP >=2.1.2,ldap_explode_dn turns unprintable chars (in the ASCII sense, UTF8 encoded) into \<hexcode>.
2018-07-17 19:59:11 +08:00
Dagobert Michelsen
6c85d61525
Fix invocation of layout in TemplateRenderer
2018-04-20 12:33:58 +02:00
spagu
884cce1475
Update functions.php
2018-04-19 11:10:12 +01:00
NHellFire
53e005c1f4
Use OpenSSL for blowfish when available ( fixes #58 )
2018-02-11 07:22:36 +00:00
Deon George
708bc5ed83
Merge pull request #37 from mr-GreyWolf/patch-1
...
Update functions.php
2016-10-30 16:53:05 +08:00
Deon George
e46579b34e
Merge pull request #34 from gulikoza/master
...
Fix moving ldap entries and login error with 'fallback_dn'
2016-10-30 16:52:22 +08:00
Paweł Tomulik
ee9034f24c
add support for SHA-256 and SHA-512 via crypt(3)
2016-10-08 21:24:33 +02:00
mr-GreyWolf
599d55700d
Update functions.php
2016-03-30 23:07:02 +04:00
gulikoza
0b8375fd2a
Add additional check that full dn has been entered on login.
...
Fixes 'invalid dn syntax (34) for user' error when fallback_dn set and username was not found while trying to use it as dn.
2016-01-24 11:52:21 +01:00
jsdevel
0491916d90
Changing the sourceforge logo to be protocol relative.
...
* This allows the browser to resolve the URL against the protocol the user used, not what a reverse proxy used.
2015-12-05 23:02:11 -07:00
Devon Hubner
19114385fc
Changed password_hash to pla_password_hash in a few places where it was still password_hash.
2014-10-07 14:25:32 -04:00
robgloess
d4c2fb52ab
Update TemplateRender.php
...
Fixed typo on 1682 - parse issue, non escaped " ' " causing error to be thrown
2014-09-30 22:28:09 +01:00
Marc Laporte
ba90f86e7b
typos
2014-07-25 23:04:40 -04:00
Ivo van der Meer
c736ecd8c2
Bugfix: fixed call to renamed function pla_password_hash.
2014-06-04 10:48:06 +02:00
Ben Chavet
5a7edc892f
Use preg_replace_callback instead of /e in preg_replace to fix E_DEPRECATED warnings
2014-05-29 18:57:44 +00:00
Mohamad Elrashidin Bin Sajeli
b082cf1742
Changed preg_replace to preg_replace callback
2014-05-08 20:40:57 +08:00
Mohamad Elrashidin Bin Sajeli
e673df3ba8
Changed password_hash to pla_password_hash
2014-05-08 20:22:30 +08:00
Deon George
bbedf18b7e
SF Bug #3531956 - Search / Show Attributes must be lowercase
2012-09-05 22:44:46 +10:00
Deon George
f1ed59a35e
SF Bug #3518548 - Missing attributes on some custom forms
2012-09-05 22:18:31 +10:00
Deon George
55fa21af26
SF Bug #3513210 - Export to VCARD only exports the last entry in the list
2012-09-05 21:57:17 +10:00
Deon George
2f70eb41b3
SF Bug #3510114 - Unable to check passwords when samba hashes are in lowercase
2012-09-05 21:25:50 +10:00
Deon George
6b9834a054
SF Bug #3452416 - templates <order> non-functional
2012-09-05 20:23:17 +10:00
Deon George
caf24e3662
SF Bug #3427748 - value id is ignored in select attribute
2012-09-05 20:02:14 +10:00
Roland Gruber
c4b6695beb
SF Bug #3448530 - Treat krbExtraData and krbPrincipalKey as binary
2012-09-04 15:09:24 +10:00
Deon George
74434e5ca3
SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables
2012-09-03 07:16:34 +10:00
Jean-Philippe Ghibaudo
21959715c3
SF Feature #3509651 - Add support for SHA512 with OpenLDAP
2012-09-01 11:31:38 +10:00
Roland Gruber
3690ad16f0
SF Patch #3469148 - Display mass edit actions as buttons
2012-08-29 22:01:43 +10:00
Deon George
7dc8d57d69
SF Bug #3477910 - XSS vulnerability in query
2012-01-24 12:38:47 +11:00
Deon George
696c266eee
Additional fix for SF Feature #3387473
2011-10-27 12:55:24 +11:00
Caleb Callaway
2d018aad7b
SF Feature #3387473 - Support for schema discovery using OpenLDAP's cn=config DN
2011-10-13 08:18:10 +11:00
Deon George
cddf783c27
Add an alert when RFC3866 tags are being used
2011-10-06 16:16:27 +11:00
Deon George
1e1fcabb3d
SF Bug #3398344 - Import LDIF overwrites entries
2011-10-06 14:29:35 +11:00
Roland Gruber
d8ab7fc2f0
SF Patch #3391547 - Option for minmal mode
2011-10-06 12:31:12 +11:00