Project

General

Profile

Statistics
| Revision:
  • svn:ignore: JSIncluder.php Module SecFormNt.php

# Date Author Comment
1889 2013-03-19 10:34 Dietmar
  1. bugfix solved sections block update
    ! update sections table change some varchar to int(11)
    + upgradeHelper class for better module upgrade
1887 2013-03-12 21:42 Dietmar
  1. bugfix Notice: Constant messages during new WB installation
    ! update WbDatabase SqlImport parameter,
1885 2013-03-11 15:42 Dietmar
  1. protect magic setter to fix security issue in WbDatabase
    + additional arguments for Charset and TablePrefix in WbDatabase::doConnect
    + WbDatabase now can activate SET NAMES by doConnect argument
    + WbDatabase now provide TablePrefix property also (WbDatabase::TablePrefix)...
1884 2013-03-10 16:53 Dietmar

! from security reasons the new installation has changed
from the old config.php into new setup.ini.php without
using global constants for critical values like username & password and so on.

1882 2013-03-06 10:18 darkviper

protect magic setter to fix security issue in Translate

1879 2013-03-05 09:36 darkviper

protect magic setter to fix security issue in WbAdapter

1878 2013-03-05 08:18 darkviper

fixed PagesDir in WbAdaptor: no more single slash in this entry.

1874 2013-02-28 12:57 darkviper

some little typo fixes in initialize.php
readConfiguration() fixed in initialize.php

1873 2013-02-27 01:15 darkviper

some small fixes in packet Translate
added option to disable cache
added option to keep placeholders if no translation was found

1872 2013-02-25 12:48 Dietmar
  1. bugfix preferences timezone, date_format, time_format settings, backend and frontend
1871 2013-02-23 23:11 Dietmar
  1. bugfix Undefined variable: sName in .../framework/functions.php
  2. bugfix droplet ShowWysiwyg Undefined variable: module
1870 2013-02-21 19:07 Dietmar
  1. solved installation issues
    ! upgrade-script sanitize pages_directory before creating access files
1866 2013-02-19 21:47 Dietmar
  1. typofix in class TranslateTable
    ! framework/functions.php set function create_access_file to deprecated
    ! set ModLanguage.php to deprecated
    ! add methode escapeString to class WbDatabase
    ! update upgrade-script.php
    ! add getter property LastInsertId to class WbDatabase
1865 2013-02-19 17:56 darkviper

update initialize.php for changed Twig-dir and activated cache in Translate
initialize can handle now the new setup.ini format also.

1864 2013-02-19 12:40 darkviper

update classes Translate, TranslateTable, TranslateAdaptorWbOldStyle
added interface TranslateAdaptorInterface
added Klasse_Translate_de.pdf
update class WbAdaptor
update /framework/initialize.php

1861 2013-02-18 00:55 darkviper

added temporary class WbAdaptor (replacement for future registry) needed for some new objects

1860 2013-02-04 10:51 darkviper

added new translation classes (Translate/TranslationTable/TranslateAdaptorWbOldStyle) for easy handling of language files
initialize and activate class Translate in /framework/initialize.php

1859 2013-01-11 23:12 Dietmar
  1. bugfix mkdir(): Invalid argument if create acessfile
1841 2012-12-23 22:37 Dietmar
  1. fixed index depth in access files
1840 2012-12-23 16:35 Dietmar

! settings move website_signature to mailer settings
! fix html validate error in pages sections
! add pages field page_code to class.frontend.php
! optimized jsadmin backend.css

1834 2012-12-10 11:39 Dietmar
  1. fixed redirect checking in class.login.php
1833 2012-12-10 05:05 Dietmar
  1. security fix CRLF injection/HTTP response splitting
1824 2012-11-20 18:41 Dietmar

! update media in look to the changes in user management

1811 2012-11-09 18:44 Dietmar

! forgot to upload class.wb.php

1808 2012-11-07 12:05 Dietmar

! add ErrorMsgException in /framework/globalExceptionHandler.php
! ErrorMessage "ADMIN_INSUFFICIENT_PRIVELLIGES" now can be styled
by the /admin/skel/themes/htt/ErrorMsgFile.htt template
! add css selectors to wb_theme

1805 2012-11-04 01:53 Dietmar
  1. fixed Undefined variable: nNumRows in \admin\users\index.php
  2. fixed Undefined variable: admin in \admin\admintools\tool.php
    ! show more information in awaiting activation /admin/users
    ! set input passord to autocomplete off /admin/users and /admin/prfeferences...
1804 2012-11-01 23:50 Dietmar
  1. fixed Illegal string offset 'time' in \framework\SecureForm.mtab.php
    ! add delete Outdated Confirmations in backend
    ! show waiting Activations if exists in user management
  2. fixed html validaton errors in user management
    ! security fixes in admin/preferences/...
1801 2012-10-31 18:23 Dietmar

! upgrade-script: update if filesRemove or remove dirs failed
! update methode StripCodeFromText, add remove ,
! security fixes in form modul with StripCodeFromText

1796 2012-10-24 16:12 Dietmar

! supress frontend preferences, if user have no permission for it

1791 2012-10-24 00:55 Dietmar
  1. fixed save search settings
1790 2012-10-14 20:24 Dietmar

! update group permission,

1789 2012-10-14 12:17 Dietmar

! update Group Permission, add module_advanced
! upgrade-script will be updating Adminitrator Group

1786 2012-10-12 17:39 Dietmar
  1. fixed double content
1785 2012-10-12 16:08 Dietmar
  1. fixed language uninstall, change mysql to strict
    ! secure fix for search update in settings, search_footer now can be empty
    ! change ->fetchRow() to ->fetchRow(MYSQL_ASSOC) in frontend.functions.php
1783 2012-10-11 20:12 Dietmar
  1. fixed maintenance frontend
1782 2012-10-11 14:29 Dietmar

+ add maintance modus in backend

1780 2012-10-10 17:09 Dietmar

! change help mouseover to onclick in page settings only on help icon
+ add help to input filename
! /framework/initialize.php now accept _GET and _POST to set user language

1777 2012-10-01 18:16 Dietmar

+ add methode StripCodeFromText in class.wb to clean injection
! rebranding the admin/settings and security fixes
! a few new styling in backend wb_theme
! beginning aa lot of account changes like correction of $_SESSION indexe, security fixes
+ add head.load.min.js and head.min.js to /include/jquery/ to style HTML5 templates

1770 2012-09-24 17:40 Dietmar
  1. fixed issues with database names
    WbDatabase::getTableEngine() changed SQL statement to strikt.
    ! remove empty warning box if you aren't sysadmin
    ! change order errorhandling in installation save.php
  2. typofix in news/upgrade.php $MESSAGE
    ! Framework/frontend.functions.php change file_exists to is_readable
1765 2012-09-22 22:06 Dietmar

! recoded module news,form,wysiwyg upgrade to work with upgrade-script

1763 2012-09-22 21:58 Dietmar
  1. fixed methode index_add in WbDatabase, always faild
1759 2012-09-17 01:47 Dietmar

! during Reformat/rebuild all existing access files in upgrade-script
root_parent will be set to page_id
! change multi-dimensional arrays (variables) to similar arrays in framework/functions.php

1754 2012-09-15 18:00 Dietmar
  1. fixed Duplicate entry for key 'PRIMARY' if adding a new pageX
    search for ->page['root_parent'] == 0 in module and shoe_menu2 calls
    page['root_parent'] has always the page_id from the first adding new page in level
1747 2012-09-09 19:01 Dietmar
  1. fixed issues with older table strucure for earlier WB installations
1746 2012-09-08 18:21 Dietmar
  1. add prefix wb_ to class name for content container
    if module has the same name as a html markup e.g code
1745 2012-09-08 15:06 Dietmar

! add div container in page_content for each sections,
! update droplets SectionPicker, ShowWysiwyg and ShowRandomWysiwyg
! put sec_anchor in this div, sec_anchor fixed in all found files
sec_anchor default now set to "section_",
sec_anchor can't be empty for future developement

1740 2012-09-05 06:31 Dietmar ! frontend.functions.php remove return $content in page_content(),
incompatible with search logic
! /include/jquery forgot jquery version.txt
  1. /form/view.php fixed wrong compare syntax
1736 2012-08-31 19:52 Dietmar

! replace more invalid char in secureform.mtab to work with settings_page

1735 2012-08-31 17:24 Dietmar
  1. fixed missing $admin-print_header() by security warning
  2. fixed secureform.mtab because settings_page failed
1730 2012-08-31 03:41 Dietmar
1728 2012-08-30 16:21 Dietmar

! change redirect logic for registered pages

1709 2012-08-29 13:37 Dietmar

! update folder framework class.login, admin/login, admin/skel/htt

1705 2012-08-27 18:52 Dietmar

! update headerinfo
! change os_version request if os is not windows

1702 2012-08-27 17:16 Dietmar

! /framework/class.frontend.php
! set $_SESSION['HTTP_REFERER'] to WB_URL if menu url is a registered page
! set some header("Location:.. to new method send_header(

1701 2012-08-27 16:58 Dietmar

! /framework/frontend.functions
! change multi-dimensional arrays (variables) to similar arrays
! method page_content, add parameter $echo true to print $content, false return $content

1700 2012-08-27 16:40 Dietmar

! change multi-dimensional arrays (variables) to similar arrays
+ add variables for backend-menu, header.htt and footer.htt

1699 2012-08-27 16:02 Dietmar

! Fixed IDKEY in Secureform.mtab to solve issues whith Security warnings
! on pages that used a lot of IDKEYS. (fixed by NorHei)

1698 2012-08-27 15:52 Dietmar

! optimize some methods
+ add method send_header, replace header('Location:... with new method
+ if header send failed you get a manuell redirected link, so script don't break

1694 2012-08-18 13:24 Dietmar

+ add var $iPhpDeclaredClasses = sizeof(get_declared_classes() set by PHP in initialize.php

1691 2012-06-10 18:13 darkviper

ModLanguages:: fixed the order of loading languages

1690 2012-05-31 12:56 darkviper

ModLanguage modified for auto fallback to DEFAULT_LANGUAGE
globalExceptionHandler added AppException, SecurityException, SecDirectoryTraversalException
Errormessage for old class.database modified

1689 2012-05-08 13:41 darkviper

fixed Errorhandling for old class.database

1687 2012-05-07 17:00 darkviper

Drop tables in installer fixed
Twig_Autoloader activated

1686 2012-05-07 14:31 darkviper

some modifications concerning the new autoloader
Twig Template engine v.1.7.0
some droplets actualisized
unfinished changes in installer

1685 2012-05-06 16:29 darkviper

last fixes for use of page_icon s.o.

1684 2012-05-05 09:17 Dietmar

! update upgrade-script, now don't overwrite existings values in settings
+ add field tooltip to table pages in installer
! change some module tool_icon.png (Tks to Stefek)
! add date_time string to backup_droplets.zip
- search and comment out founded require_once(WB_PATH."/framework/class.database.php"); ...

1683 2012-05-03 16:43 darkviper

changed class Database into a Singleton-Class
added forgotten 'static' keyword in ModLanguage
removed version control from sm2 - include.php

1682 2012-05-03 01:40 darkviper

some little corrections ModLanguage/Database/initialize.php

1680 2012-05-03 00:17 darkviper

renamed file class.database.php to Database.php
renamed class database into Database
classes SecurityException and SecDirectoryTraversalException added in globalExceptionHandler.php
CoreAutoloader() added in initialize.php
new Constants 'WB_REL' and 'DOCUMENT_ROOT' in initialize.php...

1678 2012-04-27 23:32 Dietmar
  1. validation fix in print_footer, class.database
    ! replace settings and default header
1676 2012-04-24 11:16 Dietmar
  1. fixed backup_droplets working with php as Apache Module (Tks to Ruebenwurzel)
    ! update function rm_full_dir in /framework/functions.php
    ! To disable Run-time notices and receive warnings
1675 2012-04-24 07:43 Dietmar
  1. fixed /framework/functions.php missing global $MESSAGE in function rebuildFolderProtectFile
    1
1674 2012-04-20 20:50 Dietmar
  1. fixed add-ons upload error (tks to DBS)
    + add tool_icon.png to core module
    ! update outpu_filter success an error messages
    ! small redesign wb_themes
  2. fixed old.format.inc.php fileformat to unix
1670 2012-04-17 15:19 darkviper

added new global exceptionhandler (class AppException)

1668 2012-04-17 14:53 Dietmar

! settigs.php add fields dev_infos and page_icon_dir
+ add developer info to footer
! update class.admin.php, footer.htt

1662 2012-04-17 03:00 darkviper

added new getter 'getQueryCount' in class database

1655 2012-04-01 01:41 Dietmar

add replyto to form module (see DEVINFOS)

1653 2012-03-28 03:53 darkviper

fixed change_mode() against a very old problem with invalid calling arguments

1651 2012-03-26 16:18 darkviper

fixed a little problem with chmod()

1650 2012-03-24 17:05 darkviper

add argument 'replyTo' into class.wb::mail()

1647 2012-03-23 19:29 darkviper

add additional exeptionhandling in globalExceptionHandler

1641 2012-03-22 04:28 Dietmar

+ move admin/themes/templates/ to admin/skel/themes/htt/
! and update class.wb.php, upgrade-script.php

1639 2012-03-22 04:10 Dietmar

+ Installer add const DEBUG to config.php
! move const DEBUG and var $starttime from index.php to initialize.php

1638 2012-03-14 00:01 darkviper

config.php added define to set admin-directory

1637 2012-03-13 18:32 darkviper

made handling of config.php a little bit more easy

1625 2012-02-29 01:50 Dietmar

! update correct_theme_source and fixed the call in all files

1617 2012-02-22 12:24 darkviper

fixed function SanitizeHttpReferer() in consideration of subdirectories

1613 2012-02-16 13:12 darkviper

little fixes in classs database and add new readonly property DbName

1601 2012-02-07 23:48 Dietmar

little designfix in forgot_form.php
fix media if uploading zip files with folder, than create FolderProtectFiles

1598 2012-02-06 16:32 Dietmar

fixed undefined fragment index in initialize.php
add $_SESSION['HTTP_REFERER'] storing active pagelink if page_id != 0

1596 2012-02-04 01:50 Dietmar

highly critical security-fix
announced on http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt

1592 2012-01-31 17:09 darkviper

little Typo-fix in database::SqlImport()

1591 2012-01-31 16:55 darkviper

little Regex-fix in database::SqlImport()

1586 2012-01-25 00:04 darkviper

added new method SqlImport() to class database

1566 2012-01-07 03:21 Dietmar

fix class.login, when name and pass are both empty, no longer call increase_attemps
some redirect updates in frontend account files

1563 2012-01-06 02:22 Dietmar

add linebreak in backend message for 'delete install folder...'

1561 2012-01-05 12:56 Dietmar

secureForm Fix for hosting with load balancing

1556 2012-01-02 09:05 Dietmar

typofix in function make_dir

1555 2012-01-02 07:50 Dietmar

! wb_quickSkin_28.php create _skin folders with folder protect file
! add a 3th parameter to function make_dir to allows the creation of nested directories specified in the pathname. Defaults to TRUE

1551 2011-12-27 15:40 Dietmar

+ add languages vars in languages files
+ add upload error mesages moduleinstall
+ add index.php if not exists in function createFolderProtectFile
! corrected changed coding between login_form and forgot_form