Commit Graph

58 Commits

Author SHA1 Message Date
Igor Scheller 944c29b964 Require POST for sending forms
* Ensure that the form is submitted with a post request
* Replaced several links with forms

Closes #494 (Security Vulnerability)
2018-11-21 19:24:36 +01:00
Igor Scheller 88f3bafa5e Replaced `Auth()` with `auth()` 2018-10-31 13:43:23 +01:00
Igor Scheller 89e62c95a7 Changed more functions 🎉 2018-10-31 13:43:23 +01:00
Igor Scheller 2dcb7cc2de Replaced some global `$user` variables 2018-10-31 13:43:23 +01:00
Bot e8f8fc7f5f Replaced gettext translation `_()` with `__()` that uses the Translator class 2018-08-29 23:46:32 +02:00
Bot 952c7892f3 Formatting & Docstrings 2017-12-25 23:51:15 +01:00
msquare 81b4e9d2bc solve problem with autobreaks in news text when building html tables 2017-12-20 23:46:04 +01:00
msquare 34da670b6f solve problem with autobreaks in news text when building html tables 2017-12-20 23:42:37 +01:00
msquare 2b52d24c59 solve problem with autobreaks in news text when building html tables 2017-12-20 23:40:46 +01:00
msquare 9969208be2 solve problem with autobreaks in news text when building html tables 2017-12-20 23:35:06 +01:00
msquare a0f70d9819 solve problem with autobreaks in news text when building html tables 2017-12-20 23:21:03 +01:00
Igor Scheller d0074cf006 Merge remote-tracking branch 'engelsystem/feature-igel-rewrite'
# Conflicts:
#	includes/controller/angeltypes_controller.php
#	includes/pages/admin_groups.php
#	includes/pages/user_settings.php
#	includes/sys_page.php
#	src/Exceptions/Handler.php
#	src/Http/Request.php
2017-08-29 23:16:41 +02:00
Igor Scheller 3002ed9e93 Security: Only allow angels with admin_news_html privilege to use HTML 2017-08-29 22:22:53 +02:00
Igor Scheller cc01c906ba #336: Integration of symfony/http-foundation request 2017-08-29 21:52:07 +02:00
Igor Scheller 73175e2b64 #337: Added routing 2017-08-28 17:34:00 +02:00
msquare f82e5456d2 dried code by introducing selectOne for select queries with only one result line expected 2017-07-28 20:11:09 +02:00
Igor Scheller 3a1e460249 Changed $_GET, $_POST and $_REQUEST to use the Request object 2017-07-19 11:44:16 +02:00
Igor Scheller 8506d6d27e Refactoring: Config cleanup / moved to class 2017-01-21 23:07:20 +01:00
Bot 740026a9de Replaced [0-9] with \d 2017-01-21 20:12:48 +01:00
Bot 915ce28fee Replaced " with ' 2017-01-21 20:12:35 +01:00
Igor Scheller 9a3ad88834 Changed from mysqli to PDO, some refactorings, faster sql queries 2017-01-21 13:58:53 +01:00
Bot 55141154c0 Replaced " with ' 2017-01-03 15:32:59 +01:00
Bot 356b2582f3 PPHDoc, formatting, fixes, cleanup 2017-01-03 03:22:48 +01:00
Bot d71e7bbfad Formatting 2017-01-02 15:49:53 +01:00
Bot 7313e15ce8 PSR-2 formatting 2017-01-02 03:57:23 +01:00
msquare eec10ebfc5 reduce complexity of user angeltypes controller 2016-10-04 16:50:06 +02:00
msquare 9ad9088260 make short variable names longer 2016-09-29 19:31:26 +02:00
msquare 91dafb19ec prohibit inline control structures on pages 2016-09-29 10:53:17 +02:00
msquare de917bc543 remove unused code 2016-08-21 23:11:23 +02:00
msquare 53ad1b5110 fix codacy unused code 2016-08-21 18:00:39 +02:00
Philip Häusler 6bede2fd22 harden the sql queries 2014-12-28 13:44:56 +01:00
Philip Häusler dc412ba826 sort meetings by date 2014-12-26 19:22:03 +01:00
Philip Häusler 9007bb6790 sort news by date 2014-12-26 18:39:16 +01:00
Felix Favre 8bcce0e003 change button size in user_news 2014-12-07 00:10:47 +01:00
Felix Favre 524acb15ba use the new very cool glyph button 2014-12-06 17:42:29 +01:00
Philip Häusler 46575d90c2 pulled complete menu to the top (go for mobile...) 2014-09-08 14:45:41 +02:00
Philip Häusler f5a094fd8b add user view, better bootstrap 2014-08-23 01:55:18 +02:00
Philip Häusler 74647e16d3 add basic bootstrap theme 2014-08-22 22:34:13 +02:00
Philip Häusler e107dff1ce button style and redirect fixes 2014-05-13 14:44:04 +02:00
Philip Häusler 71feeee3f2 innodb and foreign keys 2014-01-05 20:04:09 +01:00
Philip Häusler e60b0df2ec gettext some german translation 2013-11-28 23:21:25 +01:00
Philip Häusler 1e05da6c81 gettext for user sites 2013-11-28 22:40:48 +01:00
Philip Häusler 85d9bf4f9c angel views in english complete 2013-11-25 21:56:56 +01:00
Philip Häusler aad54bfe88 basic gettext integration 2013-11-25 21:04:58 +01:00
Philip Häusler bfb0cacd54 mysql to mysqli and a lot of cleanup and mvc 2013-09-18 01:38:36 +02:00
Philip Häusler b60603d76c news reload duplication bug fixed 2012-12-29 14:35:53 +01:00
Philip Häusler 7c42769ab8 #28 finnished logging 2012-12-27 01:35:05 +01:00
Philip Häusler 079279a1d0 code maintenance 2012-12-10 09:49:23 +01:00
Philip Häusler 046c9e9caf fix some php warnings 2012-04-17 14:11:40 +02:00
Philip Häusler ce7f071c38 #44 angeltypes recreated 2011-12-21 23:18:57 +01:00