Commit Graph

103 Commits

Author SHA1 Message Date
Deon George
5b046a95eb Remove old PLA files that are no longer required. 2023-04-05 10:34:35 +10:00
f90706d140 Merge BRANCH-2.0 with master 2023-03-03 16:32:49 +11:00
Deon George
8ec1d2b1fe Ported the schema browser 2023-02-18 23:46:41 +11:00
Deon George
58e171aea1 PLA now starts at the root of the HTML request, favicon setup 2023-01-31 10:44:35 +11:00
Deon George
181a57586c Remove some old PLA 2021-12-12 14:13:55 +11:00
Deon George
2ccc1d3b83 Framework update and updates from other projects,remove leenooks/laravel
Framework updates, and hack to get CI testing working
2021-12-11 00:24:00 +11:00
Deon George
851010d6d5 Add icons for each DN based on objectClass 2021-12-11 00:24:00 +11:00
Deon George
4ef074fac4 More unit testing, setup for localisation 2021-12-10 23:51:48 +11:00
Deon George
d20a17d3fe Added server info 2021-12-10 23:51:48 +11:00
Deon George
aa5be41b06 Add autocomplete=off - closes #122 2020-08-30 22:09:52 +10:00
JamesCordell
0b65747110
Changes required so the sudoRole objectClass will present a link so members can be modified by default. (#101) 2020-02-20 09:17:37 +11:00
Noone404
4eb3737d31
Added option to use template string for bind DN (#90)
* Language update from launchpad

* Added login option 'bind_dn_template'
2020-02-20 09:11:17 +11:00
Genaro Contreras Gutierrez
cbdc0dacd6
Auth Form wiht Google reCAPTCHA (#87)
* reCaptcha config

* config reCaptcha

* check reCAPTCHA

* add reCAPTCHA to form login

* config attributes for reCAPTCHA

* Function to verify request with reCAPTCHA

* doc reCaptcha
2020-02-20 09:04:20 +11:00
Deon George
1bd14ddf68 Removed reference to missing function - closes #65 2019-07-15 14:49:52 +10:00
Deon George
73b7795bc0 Fixes #21 - Undefined variable: _SESSION 2019-04-18 23:17:24 +10:00
Deon George
6a55d808a2
Merge pull request #69 from RoyChaudhuri/master
Fix for bug #68, long redirect response
2019-04-18 11:56:25 +10:00
Antoine Beaupré
4484129a41
Fix multiple XSS in file htdocs/entry_chooser.php (CVE-2017-11107)
Closes: #50

From: Ismail Belkacim <xd4rker@gmail.com>
2018-10-31 14:04:44 -04:00
Roy Chaudhuri
2e43cf95b9 Fix for bug #68, exit after redirect response when URI parameter is received by index.php 2018-09-17 15:45:42 +01:00
Deon George
733a10a1c5 Merge pull request #40 from PatrickBaus/master
Fixed detection of SSL encryption behind proxy server
2016-10-30 16:53:36 +08:00
Patrick Baus
61af45e872 Enabled HTTP_X_FORWARDED_PROTO header detection. It was disabled for testing. 2016-08-11 02:45:18 +02:00
Patrick Baus
dd6e9583a2 Fixed request smuggling vulnerability. See: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_HTTP_Request/Response_Smuggling
According to https://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader%28%29-method, the header should be ignored anyway if those properties were set.
2016-08-11 01:48:12 +02:00
Patrick Baus
665dbc2690 Fixed detection of SSL encryption, when a reverse proxy is used, that does the encryption.
If the server sets the HTTP_X_FORWARDED_PROTO header to 'https' or the
HTTP_X_FORWARDED_SSL header to 'on' SSL encryption is assumed
2016-08-11 01:32:41 +02:00
gulikoza
726190e5b8 Fix moving entries when confirm['copy'] is set.
If 'Delete after copy (move)' is selected and confirm['copy'] is set (which is default),
the entry will be copyied (created) not moved. This patch will skip confirm when entry
is being moved as there is no reason to confirm the move again.
2016-01-24 12:02:42 +01:00
Sébastien Collin
54191d7ffb Fix some monitor information problems
Fix some monitor information problems as reported by @brendankearney
2015-01-30 13:56:29 +01:00
Marc Laporte
6135f94a51 typo 2014-07-25 20:36:21 -04:00
Deon George
f28d535948 SF Bug #3510648 - Cannot copy between servers 2012-09-05 21:54:42 +10:00
Deon George
74434e5ca3 SF Bug #3497660 - XSS flaws via 'export', 'add_value_form' and 'dn' variables 2012-09-03 07:16:34 +10:00
Deon George
88d41216f9 SF Bug #3426575 - clicking 'logout' does not unset _SESSION['ACTIVITY'] 2012-09-03 06:19:19 +10:00
Paweł Tomulik
09c5e3a8da SF Feature #3555472 - User-friendly items in entry chooser window. 2012-09-01 11:43:14 +10:00
Roland Gruber
6c8b623788 SF Patch #3391371 - Fix for schema link deactivation 2011-10-06 11:57:06 +11:00
Deon George
d5744b055a SF Bug #3370546 - AjaxEnabled create and delete entry fails on IE9 2011-10-06 09:12:54 +11:00
Deon George
64668e882b Remove XSS vulnerabilty in debug code 2011-07-27 07:30:06 +10:00
Deon George
6c93c1fc72 Fix deletion special char DNs, and refresh tree on delete 2011-05-04 00:02:33 +10:00
Marcel van Dorp
880a86f666 SF Feature #3122736 - HTTP authentication realm 2011-04-29 12:46:49 +10:00
Deon George
a35298e7f3 SF Bug #3036033 - Error if CN begins with a % sign 2011-04-29 12:08:38 +10:00
Deon George
2ea1fc6314 SF Bug #3003777 - Multivalue attributes with hundred of values hangs on modify 2011-04-29 00:19:53 +10:00
Deon George
1f9308dc4d Fixes for jpegPhoto attributes during copy operations 2011-04-28 23:20:06 +10:00
Deon George
9e9960bc3d SF Bug #3003779 - Unable to check password for NT and LN samba hashed 2011-04-27 21:53:47 +10:00
Deon George
6e5ec75b55 SF Bug #3077852 - Default template being used after modificaiton of entry 2011-04-27 00:02:05 +10:00
Deon George
97eff7383c SF Bug #3276528 - Problem with + and , signs in dn 2011-04-26 23:21:19 +10:00
Deon George
be623ce3f5 SF Bug #3136564 - Undefined variable: result (E_NOTICE) 2011-04-26 11:40:35 +10:00
Deon George
2cf20fcf44 SF Bug #2981355 - rawurldecode killing complex passwords 2011-04-26 10:10:43 +10:00
Deon George
c5f045756e SF Bug #2980701 - Creation templates get used for modification post creation 2011-04-26 00:10:58 +10:00
Deon George
7980d1c131 SF Patch #2974901 - enable modify member form to use netgroups 2010-11-16 22:05:18 +11:00
Deon George
7d17676fd7 Enabled create_base 2010-03-18 13:25:53 +11:00
Deon George
1c467a6115 New feature: Copy a DN and edit values before creation 2010-03-18 13:24:04 +11:00
Deon George
2e8e9625d6 AJAX work on create/update 2010-03-15 09:37:37 +11:00
Deon George
f713afc8d1 HTML Validation work 2010-03-15 09:37:35 +11:00
Deon George
0f782569e9 SF Bug #2969826 - XSS found in cmd.php 2010-03-14 23:57:16 +11:00
Deon George
676a675c7c SF Bug #2901854 - E_WARNING: implode(): Invalid arguments passed 2010-01-30 15:10:00 +11:00