Commit Graph

99 Commits

Author SHA1 Message Date
Igor Scheller a02f5e61be Edit user: Prevent overwriting first and last name if temporary disabled 2019-08-24 12:53:26 +02:00
Igor Scheller 100602437f User admin: Allow setting new groups if user has none assigned 2019-08-24 11:58:57 +02:00
msquare 3ce3129b6e feature: disable lastname+prename in config 2019-08-24 10:56:59 +02:00
Igor Scheller 69b3a2440c Admin user: Show force active status in log 2019-08-22 23:26:00 +02:00
msquare d376c0d038 fix edit user error 2019-08-04 17:55:07 +02:00
Igor Scheller bcce2625a8 Implemented AuthController for login
* Moved /login functionality to AuthController
* Refactored password handling logic to use the Authenticator
2019-07-08 01:57:59 +02:00
Igor Scheller 4e709d0d23 Log messages without inline HTML 2019-06-03 20:33:09 +02:00
msquare 4f1cef546e better nick validation, fixes #429 2019-04-28 14:39:49 +02:00
Igor Scheller 79c92da8c1 Formatting
```bash
php-cs-fixer fix --allow-risky=yes --rules=@PSR2,psr4,mb_str_functions.php_unit_construct,php_unit_ordered_covers,trailing_comma_in_multiline_array --rules='{"array_syntax": {"syntax":"short"}}' [tests/|src/]
```
2019-04-25 18:17:19 +02:00
Janne Heß 665e444e88 Support disabling the DECT field
It's a really chaos-event-specific feature and is confusing for many
people on non-chaos events.
2019-04-23 12:43:45 +02:00
msquare db26412e6c fixes #549: fill missing arrival dates and prevent setting arrival by admin-user instead of admin-arrive 2018-12-27 19:08:35 +01:00
Igor Scheller 31d9efb2b8 Bugfix: Edit user: Show groups list if angel has no rights 2018-12-25 14:46:14 +01:00
Igor Scheller b1d8fede46 user: allow up to 40 characters for dect numbers
closes #309 (EPVPN number in DECT field is shortened)
closes #529 (For dect numbers are only 5 digits allowed)
2018-12-22 12:03:24 +01:00
Igor Scheller c33940f64a Moved permission checks to Authenticator class 2018-12-02 12:53:31 +01:00
Igor Scheller 23c0fae36f Added csrf middleware 2018-11-21 19:24:36 +01:00
Igor Scheller 15751f9c7a Fix error when accessing undefined date
Closes #491 (Edit User fails when User never logged in before)
2018-11-02 18:03:40 +01:00
Igor Scheller 88f3bafa5e Replaced `Auth()` with `auth()` 2018-10-31 13:43:23 +01:00
Igor Scheller a2aaba9cab User: Bugfixes & code cleanup 2018-10-31 13:43:23 +01:00
Igor Scheller d7aea575ff Replaced more sql queries and old data 2018-10-31 13:43:23 +01:00
Igor Scheller 89e62c95a7 Changed more functions 🎉 2018-10-31 13:43:23 +01:00
Igor Scheller b069a938c6 Changed user_link and some other user functions to use the user id 2018-10-31 13:43:23 +01:00
Igor Scheller 2dcb7cc2de Replaced some global `$user` variables 2018-10-31 13:43:23 +01:00
Nos- b2303c0723 Tried to fix inputfields for date, email, tel 2018-09-23 11:48:09 +02:00
Bot e8f8fc7f5f Replaced gettext translation `_()` with `__()` that uses the Translator class 2018-08-29 23:46:32 +02:00
Igor Scheller acfe72cb91 Removed translation from config file 2018-08-29 23:46:32 +02:00
Igor Scheller fe58e4f422 database: updated checks for selectOne 2018-01-14 17:47:26 +01:00
Bot 952c7892f3 Formatting & Docstrings 2017-12-25 23:51:15 +01:00
Igor Scheller 96f1d9fd54 Bugfixes 2017-08-30 15:35:12 +02:00
Igor Scheller d0074cf006 Merge remote-tracking branch 'engelsystem/feature-igel-rewrite'
# Conflicts:
#	includes/controller/angeltypes_controller.php
#	includes/pages/admin_groups.php
#	includes/pages/user_settings.php
#	includes/sys_page.php
#	src/Exceptions/Handler.php
#	src/Http/Request.php
2017-08-29 23:16:41 +02:00
Igor Scheller 3002ed9e93 Security: Only allow angels with admin_news_html privilege to use HTML 2017-08-29 22:22:53 +02:00
Igor Scheller cc01c906ba #336: Integration of symfony/http-foundation request 2017-08-29 21:52:07 +02:00
Igor Scheller 73175e2b64 #337: Added routing 2017-08-28 17:34:00 +02:00
msquare f82e5456d2 dried code by introducing selectOne for select queries with only one result line expected 2017-07-28 20:11:09 +02:00
Igor Scheller 3a1e460249 Changed $_GET, $_POST and $_REQUEST to use the Request object 2017-07-19 11:44:16 +02:00
Igor Scheller 781f830678 Fixes and improvements 2017-01-22 01:16:00 +01:00
Bot 3de0cc840f Removed spaces 2017-01-22 01:12:57 +01:00
Igor Scheller 8506d6d27e Refactoring: Config cleanup / moved to class 2017-01-21 23:07:20 +01:00
Igor Scheller 9a3ad88834 Changed from mysqli to PDO, some refactorings, faster sql queries 2017-01-21 13:58:53 +01:00
Igor Scheller 8254a79c58 Bugfixes & improvements 2017-01-03 15:59:33 +01:00
Bot 55141154c0 Replaced " with ' 2017-01-03 15:32:59 +01:00
Bot 356b2582f3 PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00
Bot d71e7bbfad Formatting 2017-01-02 15:49:53 +01:00
Bot 7313e15ce8 PSR-2 formatting 2017-01-02 03:57:23 +01:00
msquare 9975e42d3c fix edit user bug deleting emails 2016-12-27 13:10:18 +01:00
msquare 2f2d08c574 fix edit user bug deleting emails 2016-12-27 13:05:30 +01:00
msquare f5a5f234e4 fixes #266: add checkbox allowing the users email to be used by humans like event-team 2016-11-11 15:24:51 +01:00
msquare eec10ebfc5 reduce complexity of user angeltypes controller 2016-10-04 16:50:06 +02:00
msquare 07ddbb0f4c make short variable names longer 2016-09-29 12:45:06 +02:00
msquare 91dafb19ec prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00
Philip Häusler ef60b95555 add a more secure way to delete users containing a password request 2015-12-30 15:48:41 +01:00