Commits on Apr 30, 2021
-
* Remove $debug global and $vdebug global makes these variables more accessible and protects from collisions. * the on boot set sends application as the first parameter, just handle that * Relocate other debug related functions * Log debug to stdout * Wrong output * remove stupid constants * Fix lint and style issues
Commits on Sep 21, 2020
-
Apply fixes from StyleCI (#12117)
* Apply fixes from StyleCI * Disable style check
Commits on Aug 5, 2019
-
Remove legacy auth usage of $_SESSION (#10491)
* Remove auth use of $_SESSION Will break plugins that depend on $_SESSION, Weathermap was already fixed. Port them to use Auth::check()/Auth::user()/Auth:id() * revert accidental replacement
Commits on Apr 12, 2019
-
Security fix: unauthorized access (#10091)
* Security fix: unauthorized access Affects nginx users: Moved php files outside of public html directory (Apache was protected by .htaccess) Affects all users: Some files did not check for authentication and could disclose some info. Better checks before including files from user input * git mv html/includes/ includes/html git mv html/pages/ includes/html/
Commits on Sep 11, 2018
-
Use Laravel authentication (#8702)
* Use Laravel for authentication Support legacy auth methods Always create DB entry for users (segregate by auth method) Port api auth to Laravel restrict poller errors to devices the user has access to Run checks on every page load. But set a 5 minute (configurable) timer. Only run some checks if the user is an admin Move toastr down a few pixels so it isn't as annoying. Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user. Add two missing menu entries in the laravel menu Rewrite 2FA code Simplify some and verify code before applying Get http-auth working Handle legacy $_SESSION differently. Allows Auth::once(), etc to work. * Fix tests and mysqli extension check * remove duplicate Toastr messages * Fix new items * Rename 266.sql to 267.sql
Commits on May 3, 2017
-
feature: Added support for populating selects from ajax (#6557)
fixes: #5264 The issue was all the string concatenation... But I decided to try loading the select via ajax. Seems ok. We could just use something like select2. Opinions? Use this approach or load at page load. I was able to reduce the loading of the 4000 select items from 1.6s to 0.6s on my laptop by optimizing the sql. I added 4000 devices to my database to check this :)
Commits on Sep 7, 2016
-
fix: Stop irc bot crashing on .reload #4353
* Removed duplicate include * Move set_debug into functions.php, and restore the (re)loading of includes/defaults * Move debug call until after function has been included