Skip to content

Commits on Aug 30, 2022

  1. Misc webui code cleanups (#14242)

    * Misc webui cleanups
    
    * Style
    
    * More
    
    * graphing fixes
    
    * More graph cleanups
    
    * more fixes, graphs and device pages
    
    * style
    murrant committed Aug 30, 2022

Commits on Apr 30, 2021

  1. Remove debug globals (#12811)

    * Remove $debug global
    and $vdebug global
    makes these variables more accessible and protects from collisions.
    
    * the on boot set sends application as the first parameter, just handle that
    
    * Relocate other debug related functions
    
    * Log debug to stdout
    
    * Wrong output
    
    * remove stupid constants
    
    * Fix lint and style issues
    murrant committed Apr 30, 2021

Commits on Sep 21, 2020

  1. Apply fixes from StyleCI (#12117)

    * Apply fixes from StyleCI
    
    * Disable style check
    Jellyfrog committed Sep 21, 2020

Commits on Jul 10, 2020

  1. Fix SQL injections in ajax_table.php (#11920)

    * Fix SQL injections via searchPhrase parameter
    
    * Fix SQL injections via address parameter
    
    * Fix sort injection
    
    Co-authored-by: Tony Murray <murraytony@gmail.com>
    Jellyfrog and murrant committed Jul 10, 2020

Commits on Aug 5, 2019

  1. Remove legacy auth usage of $_SESSION (#10491)

    * Remove auth use of $_SESSION
    
    Will break plugins that depend on $_SESSION, Weathermap was already fixed.
    Port them to use Auth::check()/Auth::user()/Auth:id()
    
    * revert accidental replacement
    murrant committed Aug 5, 2019

Commits on Apr 12, 2019

  1. Security fix: unauthorized access (#10091)

    * Security fix: unauthorized access
    Affects nginx users:
    Moved php files outside of public html directory (Apache was protected by .htaccess)
    
    Affects all users:
    Some files did not check for authentication and could disclose some info.
    Better checks before including files from user input
    
    * git mv html/includes/ includes/html
    git mv html/pages/ includes/html/
    murrant committed Apr 12, 2019

Commits on Sep 11, 2018

  1. Use Laravel authentication (#8702)

    * Use Laravel for authentication
    Support legacy auth methods
    Always create DB entry for users (segregate by auth method)
    
    Port api auth to Laravel
    
    restrict poller errors to devices the user has access to
    
    Run checks on every page load.  But set a 5 minute (configurable) timer.
    Only run some checks if the user is an admin
    
    Move toastr down a few pixels so it isn't as annoying.
    
    Fix menu not loaded on laravel pages when twofactor is enabled for the system, but disabled for the user.
    Add two missing menu entries in the laravel menu
    
    Rewrite 2FA code
    Simplify some and verify code before applying
    
    Get http-auth working
    Handle legacy $_SESSION differently.  Allows Auth::once(), etc to work.
    
    * Fix tests and mysqli extension check
    
    * remove duplicate Toastr messages
    
    * Fix new items
    
    * Rename 266.sql to 267.sql
    murrant committed Sep 11, 2018

Commits on Apr 7, 2018

  1. refactor: Don't access $_SESSION directly for Auth (#8513)

    * Don't access $_SESSION directly for Auth
    
    * fix style
    
    * add property annotations
    murrant authored and laf committed Apr 7, 2018

Commits on May 3, 2017

  1. feature: Added support for populating selects from ajax (#6557)

    fixes: #5264
    
    The issue was all the string concatenation...
    
    But I decided to try loading the select via ajax. Seems ok.  We could just use something like select2.  Opinions? Use this approach or load at page load.
    I was able to reduce the loading of the 4000 select items from 1.6s to 0.6s on my laptop by optimizing the sql.
    
    I added 4000 devices to my database to check this :)
    murrant authored and laf committed May 3, 2017

Commits on Nov 21, 2016

Commits on Sep 7, 2016

  1. fix: Stop irc bot crashing on .reload #4353

    * Removed duplicate include
    
    * Move set_debug into functions.php, and restore the (re)loading of includes/defaults
    
    * Move debug call until after function has been included
    geordish authored and laf committed Sep 7, 2016

Commits on Feb 5, 2016

  1. Update ajax_table.php

    pblasquez committed Feb 5, 2016

Commits on Jul 23, 2015

  1. Fixed some scrut issues

    laf committed Jul 23, 2015

Commits on Jul 15, 2015

  1. Fix coding style part 2

    job committed Jul 15, 2015

Commits on Apr 12, 2015

Commits on Mar 27, 2015