beenull/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
288 commits 2 branches 0 tags 878 KiB
Commit graph

40 commits

Author SHA1 Message Date
Miraty
0340c24a81 Use kdig() everywhere appropriate 2023-08-13 18:52:34 +02:00
Miraty
40e67b0c0c declare(strict_types=1); 2023-07-17 21:15:18 +02:00
Miraty
858d6e8d02 Add ns/sync and jobs/ns-syncs 2023-06-24 16:54:36 +02:00
Miraty
973a129079 Add type in functions signatures 2023-06-20 00:36:58 +02:00
Miraty
7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape 
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
 2023-06-19 02:15:43 +02:00
Miraty
e4ae765486 init.php + jobs + job to delete old testing accounts 2023-06-08 17:36:44 +02:00
Miraty
ed05d4aab9 reg/register: add "Check availability" feature 2023-03-19 22:22:34 +01:00
Miraty
ad98060f9e Fix deprecation notices 2023-02-07 22:25:16 +01:00
Miraty
b2bfbb7bf8 Niver > ServNest 2023-01-29 21:09:00 +01:00
Miraty
3b97b3cc2f Describe config.ini in DOCS/configuration.md 2023-01-26 16:22:03 +01:00
Miraty
335b826559 Gettext internationalization and english translation 2023-01-21 01:27:52 +01:00
Miraty
4f84025baf Encrypt display username, with key in cookie 2023-01-07 23:11:44 +01:00
Miraty
57dfb02a40 Store secret key in DB + autorotate it 2022-12-21 00:14:55 +01:00
Miraty
73c137aaba Split pages/ between pg-act/ and pg-view/ 2022-12-20 21:17:03 +01:00
Miraty
ffd7e283a1 Simplify PDO use 2022-12-13 17:38:54 +01:00
Miraty
7a018e5a88 Trusted > approved, add approval.php, DB_PATH > DB 2022-12-10 18:19:37 +01:00
Miraty
9173336714 Check that account still exists when doing something 2022-11-30 23:38:02 +01:00
Miraty
f15681999b Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00
Miraty
567034b8fe Fix regDeleteDomain security flaw + D regex modifier 
regDeleteDomain() in fn/reg.php used too loose pattern matching for data deletion, that also deleted other domains that included the deleted domain
 2022-11-20 18:17:03 +01:00
Miraty
18d976217b Use single quotes instead of double quotes 2022-11-20 15:11:54 +01:00
Miraty
e3f358a62c Direct zone file edition through <textarea> 2022-11-20 01:05:03 +01:00
Miraty
f372bbbce7 Log Certbot error messages 2022-10-07 13:29:47 +02:00
Miraty
ba18c13747 Use a token to link account to external resource 2022-10-06 13:12:04 +02:00
Miraty
c65dedf9de Merge TITLES and DESCRIPTIONS into PAGES 2022-09-15 21:23:49 +02:00
Miraty
763762f08b fn success/userError/serverError > output($code) 2022-09-15 19:18:48 +02:00
Miraty
5885f7a416 Factorize "INSERT INTO" SQL queries with insert() 2022-09-14 17:19:17 +02:00
Miraty
5561393403 Use more PAGE_URL 2022-09-13 01:09:40 +02:00
Miraty
3f46159f1e Display page even if errors, recursive executePage() 2022-09-07 18:44:49 +02:00
Miraty
ea0ffab14a Use kdig for zone-add dns check + add equalArrays() 2022-09-03 18:12:49 +02:00
Miraty
e3af4c946d router.php + process form before display 
The webservers now need to send every request to router.php, which will call appropriate files.

Forms will be treated before being displayed.
 2022-09-01 04:21:17 +02:00
Miraty
7d1537e3eb Use <nav> for indexes 2022-08-11 16:39:31 +02:00
Miraty
a63cf55c72 Add linkToDocs() 2022-07-20 20:03:45 +02:00
Miraty
bd5497fe2f Use <output> 2022-06-29 00:30:14 +02:00
Miraty
9fa902f768 Store Tor config and keys in $username/$dir 2022-06-22 00:37:06 +02:00
Miraty
4cafad3310 redir() 2022-06-17 15:45:52 +02:00
Miraty
40cb0729ad redirUrl() and warning when not logged in on a form 2022-06-15 12:42:30 +02:00
Miraty
90d8e2fce7 More emojis, displayIndex, descriptions in pages.php 2022-06-14 18:21:09 +02:00
Miraty
6c7cc99abd Add options to disable each service 2022-06-12 00:04:18 +02:00
Miraty
d9440231ac del-http-onion.php + query() 2022-06-11 23:42:48 +02:00
Miraty
fac61531dd Create fn/ directory 2022-05-31 19:12:14 +02:00