 pdontthink
|
7d285b51a0
Fix HTTPS detection under Windows IIS (#2318118)
|
16 年之前 |
|
pdontthink
|
d01c63496a
The random number seed generator was creating float values that, when fed to mt_srand(), which expects an integer, were seen as zero on some systems because it was such a large number. This fix takes a sub-string of the seed's MD5 before converting it to an integer in order to fix that problem.
|
16 年之前 |
|
pdontthink
|
bf4627edd2
Add a functions file for file utility functions (say that 10 times fast) along with some new file functions
|
16 年之前 |
|
pdontthink
|
f211155993
Add global variable indicating server OS
|
16 年之前 |
|
pdontthink
|
9682ef20f6
Add native output buffering capability.
|
17 年之前 |
|
pdontthink
|
5ab583832d
Fix session autostart code - session_name() return value does not indicate session has started; Remove dead code (cookie cleanup)
|
17 年之前 |
|
pdontthink
|
2b7b60067b
Removing irrelevant comments
|
17 年之前 |
|
pdontthink
|
68e7ef6f2e
RPC requests should use their own template sets with different content-type.
|
17 年之前 |
|
pdontthink
|
fa7436a9de
Allow template sets to define what the content-type of their output is.
|
17 年之前 |
|
Thijs Kinkhorst
|
833746dca6
rework seed generation: this is something that really belongs in init.php
|
17 年之前 |
|
pdontthink
|
46b21f8d48
Fix prefs_backend hook and remove config_override hook - plugin authors take note
|
17 年之前 |
|
Thijs Kinkhorst
|
8f8a7ea706
get_magic_quotes_* functions deprecated in PHP 5.3.x. Check for
|
17 年之前 |
|
pdontthink
|
642f901396
A few output elements are used often, so just retrieve them once and make them globally available
|
17 年之前 |
|
pdontthink
|
a5ae8eddb5
Comment and linguistic fixes
|
17 年之前 |
|
pdontthink
|
55de62d7d3
Adding debug mode to core. Please run the configuration utility once after retrieving this update. Note that this update includes a change that makes it possible to use SquirrelMail constants in the configuration file(s).
|
17 年之前 |
|
pdontthink
|
23efc6b619
Fixed mailto: again. Should work with all the cc, bcc, subject parameters as well. Sample Windows registry entry for HKEY_CLASSES_ROOT\mailto\shell\open\command is "C:\Program Files\Mozilla Firefox\firefox.exe" "http://example.org/webmail/src/mailto.php?emailaddress=%1" or "C:\Program Files\Internet Explorer\IEXPLORE.EXE" "http://example.org/webmail/src/mailto.php?emailaddress=%1"
|
17 年之前 |
|
pdontthink
|
990a2741a3
Allow custom session handlers to work correctly (and be defined at the application level with SquirrelMail) -- TODO: Cannot forget to add info about this to the docs!
|
18 年之前 |
|
pdontthink
|
68a5991e02
Add note that config_override should probably be removed pending previous noted fix
|
18 年之前 |
|
pdontthink
|
e932e013ab
Add note about erroneous hook placement - PLEASE read the comment and reply if you have any input
|
18 年之前 |
|
pdontthink
|
b0dbc77d53
Minor wording and spacing fixes
|
18 年之前 |
|
pdontthink
|
b80d382d2a
Make sure to use correct template set after login
|
18 年之前 |
|
pdontthink
|
13d8258aec
Make session restore work in compose_in_new. Cannot do login session reset until after correct session has been started once.
|
18 年之前 |
|
pdontthink
|
a8acce202c
Finally fix up session restore functionality. Move session handling from login.php into init.php and fix the mess in redirect.php. There are some important notes that need to be reviewed in redirect.php, which I am including here to get your attention: FIXME! IMPORTANT! SOMEONE PLEASE EXPLAIN THE SECURITY CONCERN HERE; THIS session_destroy() BORKS ANY SESSION INFORMATION ADDED ON THE LOGIN PAGE (SPECIFICALLY THE SESSION RESTORE DATA, BUT ALSO ANYTHING ADDED BY PLUGINS, ETC)... I HAVE DISABLED THIS (AND NOTE THAT THE LOGIN PAGE ALREADY EXECUTES A session_destroy() (see includes/init.php)), SO PLEASE, WHOEVER ADDED THIS, PLEASE ANALYSE THIS SITUATION AND COMMENT ON IF IT IS OK LIKE THISsvn diff include/init.php src/login.php src/redirect.php src/compose.php WHAT HIJACKING ISSUES ARE WE SUPPOSED TO BE PREVENTING HERE?
|
18 年之前 |
|
pdontthink
|
af9ab09c24
Fix mixup of session restore location
|
18 年之前 |
|
pdontthink
|
35bd284200
No longer store all message composition sessions in the PHP session, since it was not made use of and in rare cases, made sessions too big. Composition restoration functionality now correctly restores attachments.
|
18 年之前 |
|
pdontthink
|
d743d173d6
Move inclusion of strings.php much higher in init process; beside making sense, it is required for the prefs.php fix a couple day ago
|
18 年之前 |
|
pdontthink
|
fce1d4d3ac
Move prefs init above plugin stuff, make life easier for plugins hooked on config_override
|
18 年之前 |
|
pdontthink
|
f8e864200a
Load prefs for all page loads, no matter if user is logged in. This fixes some login page issues and seems fine when user isn't logged in, but please report problems I may not have seen in my limited testing.
|
18 年之前 |
|
pdontthink
|
4233e4f0b1
Avoid calling javascript check fxn if user is not logged in
|
18 年之前 |
|
Thijs Kinkhorst
|
c9ff9f9e14
use PAGE_NAME to switch on which page we are, rather than
|
18 年之前 |
