0ct0pu5/squirrelmail
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15027 commits 3 branches 0 tags 27 MiB
Commit graph

150 commits

Author SHA1 Message Date
Andy
4f2129a616
Merge branch 'trunk' 2025-04-01 23:14:53 -07:00
pdontthink
598a599ba3
Happy New Year 2025-01-03 11:47:03 -08:00
Andy
d79aab6762
Merge branch 'trunk' 2024-01-02 14:58:59 -08:00
pdontthink
39cfdaadfd
Happy New Year 2024-01-02 14:58:16 -08:00
Andy
ec52fd089c
Merge branch 'trunk' 2023-01-02 22:06:59 -08:00
pdontthink
380afc7213
Happy New Year 2023-01-02 22:04:25 -08:00
Andy
e77a63b675
Merge branch 'trunk' 2022-01-26 01:07:44 -08:00
pdontthink
bcdfe6e9f1
Happy New Year 2022-01-26 01:06:50 -08:00
Andy
30513c2396
Merge branch 'trunk' into master 2021-05-07 20:29:19 -07:00
pdontthink
57be9908a6
Browser seems to respond better when deleting the cookie if you void its value also; helps actually get the cookie to be removed even though this feels more like a browser problem... maybe it does not like a date in 1970? 2021-05-07 20:27:24 -07:00
Andy
9690279beb
Merge branch 'trunk' into master 2021-05-07 03:32:00 -07:00
pdontthink
f732572ecb
Add cookie SameSite attribute; uses default if "Strict" but can be overridden by $same_site_cookies in config_local.php 2021-05-07 03:31:11 -07:00
Andy
c32baf6f95
Merge branch 'trunk' into master 2021-02-05 11:57:03 -08:00
pdontthink
c4ef1a0eea
Happy New Year 2021-02-05 11:55:37 -08:00
Andy
e2a20add5b
Merge branch 'trunk' 2020-03-24 19:00:58 -07:00
pdontthink
d07d4c1fc3
Cache $PHP_SELF value, add ability to make custom changes to $PHP_SELF by putting $php_self_pattern and $php_self_replacement in config/config_local.php 2020-03-24 18:57:29 -07:00
Andy
a3e51f1ee6
Merge branch 'trunk' 2020-01-07 00:13:04 -08:00
pdontthink
fc283980d0
Happy New Year 2020-01-07 00:12:38 -08:00
Andy
f7fe4708b2
Merge branch 'trunk' 2019-01-07 21:55:40 -08:00
pdontthink
fbcb1ca1f5
Happy New Year 2019-01-07 21:55:08 -08:00
Andy
e3c3ef538e
Cryptographically secure random integer generation 2018-07-28 10:56:20 -07:00
pdontthink
23cd61b628 Happy New Year 2018-01-16 23:44:07 +00:00
pdontthink
6cd24c0552 Happy 2017 2017-01-27 20:34:08 +00:00
pdontthink
35657ece1a Per comments in the commit - setting the session cookie over and over can be troublesome, but doing the obvious and defaulting to *replace* cookies causes logins to fail due to something I don't care to debug - session cookie is complex through all the pages involved in a login request - instead we use a simple static cache to prevent useless duplicate cookie headers 2016-04-06 05:33:06 +00:00
pdontthink
2934017d92 Happy New Year 2016-01-01 20:59:53 +00:00
pdontthink
3b465a0d0f Happy 2015 2015-01-03 04:09:49 +00:00
pdontthink
581dc23061 Happy 2014 2014-01-01 20:33:20 +00:00
Fredrik Jervfors
c076a1f1ae Update copyright 2013-07-26 17:31:02 +00:00
Thijs Kinkhorst
efd75f4867 Replace calls to htmlspecialchars() with sm_encode_html_special_chars(). 
New function sm_encode_html_special_chars() encodes HTML special
characters by calling htmlspecialchars(). It sets the character set
to ISO-8859-1, to fix compatibility with PHP >= 5.4.

Patch by Paul Lesniewski.

See #3491925
 2012-12-09 12:06:30 +00:00
pdontthink
acc409fb2a Updating copyrights. Happy New Year. 2012-01-02 02:09:17 +00:00
pdontthink
fc57bf2b59 Happy New Year! 2011-01-06 03:16:21 +00:00
pdontthink
7aa0e60863 Update copyrights to 2010 2010-01-25 03:23:30 +00:00
pdontthink
d4ceecd391 Slight rewrite of php_self() 2010-01-24 23:26:33 +00:00
pdontthink
cb5a6093d9 Make php_self() more robust. Seems to fix certain lighttpd issues, such as probably #1741469 2010-01-21 14:40:52 +00:00
pdontthink
a5644b2e2d NULL not accepted as a replacement for empty arrays as of PHP 5.3 2009-11-01 08:02:25 +00:00
Fredrik Jervfors
1e590d028b Adding and improving comments. 2009-09-29 12:37:05 +00:00
Fredrik Jervfors
134d462c94 The copyright symbol isn't really needed since the word "copyright" is there. Also it doesn't display right in the documentation. 2009-09-29 12:15:33 +00:00
pdontthink
683f761cc1 Add FIXME 2009-05-20 17:22:31 +00:00
pdontthink
10804e03a1 Always generate $base_uri for every page request as opposed to doing it only on some pages. Always regenerate session ID at login to prevent session fixation by an attacker who has set a malicious cookie on the client browser. Try to clean up extraneous cookies, such as ones some browsers might actually obey from the src/ directory. Thanks to Tomas Hoger. (CVE-2009-1580) 2009-05-11 22:50:16 +00:00
pdontthink
7443fe3229 Stop using session_unregister() 2009-05-08 17:53:37 +00:00
Fredrik Jervfors
0a6245814a There are too many modified files being committed without the copyright year being updated, so here's a copyright year update the old-fashioned style. 2009-04-15 22:00:49 +00:00
pdontthink
3bdb47ac83 Add typecast type for bigint 2009-01-23 20:42:43 +00:00
pdontthink
03b26f2c81 Sync with 1.4.x wherein REQUEST_URI isn't always trustable under some PHP versions for use as our PHP_SELF variable value 2008-12-05 08:41:09 +00:00
pdontthink
7f8dd6cd77 Put info about the user/group of the web server in the configtest. Grabbing that info is implemented as a core function so plugins (such as ones that need to check SUID script permissions) can also make use of it. 2008-12-04 09:35:41 +00:00
pdontthink
7d285b51a0 Fix HTTPS detection under Windows IIS (#2318118) 2008-11-26 02:56:42 +00:00
pdontthink
bf4627edd2 Add a functions file for file utility functions (say that 10 times fast) along with some new file functions 2008-11-20 21:46:12 +00:00
pdontthink
d7f614d31b Forgot @since info for sqsetcookie 2008-11-20 20:08:16 +00:00
pdontthink
36a6401ac7 Remove obsolete comments 2008-09-26 19:09:30 +00:00
pdontthink
cb1d5f52ff Make more readable; expose header replace parameter when setting cookies 2008-09-26 19:08:20 +00:00
pdontthink
cfcffdbead Use sqsetcookie(), not setcookie() 2008-09-24 19:58:23 +00:00