Florent Bruneau [Thu, 30 Oct 2008 21:30:17 +0000 (22:30 +0100)]
Activate poison on X.net.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Thu, 30 Oct 2008 21:28:45 +0000 (22:28 +0100)]
Avoid browser cache issues.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Thu, 30 Oct 2008 21:02:06 +0000 (22:02 +0100)]
Add poison emails in the bandeau.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Thu, 30 Oct 2008 20:38:28 +0000 (21:38 +0100)]
Add /pet/ to get emails inside <a href="mailto"> tags without <html>. Fix
links in footer, add links on xnet footer.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 21 Oct 2008 07:46:27 +0000 (09:46 +0200)]
With fixed seed, change the page every month.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 20 Oct 2008 22:03:16 +0000 (00:03 +0200)]
The domain of the email must be included in the poisonous source file.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 20 Oct 2008 21:33:12 +0000 (23:33 +0200)]
Don't get obfuscated.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 20 Oct 2008 21:25:50 +0000 (23:25 +0200)]
Oops, don't activate this one.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 20 Oct 2008 21:24:50 +0000 (23:24 +0200)]
Add poisonous email injector.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Sat, 25 Oct 2008 21:06:36 +0000 (23:06 +0200)]
Adds support of plat/al's aliases in Google Apps.
It will solve the issue of the "Sender:" header being added to outgoing mails on GoogleApps GMail.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sat, 11 Oct 2008 18:58:47 +0000 (20:58 +0200)]
Fixes a security hole that did allow a third party website to reuse a valid
(challenge, response) pair. This pair, obtainable externally from an approved
groupex website, enabled it to discover personal information from Xs with a
permanent/valid cookie on Xorg.
The fix forces return url to match a defined regexp; backward compatibility is
retained, though the hole won't be fixed until all entries in groupex_auth are
added a non-empty return url regexp.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Mon, 6 Oct 2008 15:10:42 +0000 (17:10 +0200)]
Better fix for RSS validation.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 23 Sep 2008 06:57:30 +0000 (08:57 +0200)]
No HTTPS for cyber_return and paypal_return.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Wed, 27 Aug 2008 19:51:50 +0000 (21:51 +0200)]
Displays the list's full name in the confirmation mail.
Florent Bruneau [Wed, 3 Sep 2008 19:09:05 +0000 (21:09 +0200)]
Change the text of the submit button when the password is not valid.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Sun, 10 Aug 2008 22:54:31 +0000 (00:54 +0200)]
Adds a missing xsrf token in lists moderator removal.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Mon, 1 Sep 2008 19:22:00 +0000 (21:22 +0200)]
To avoid support requests, show an explicite message when the event exists but you don't have sufficient permissions to subscribe.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 31 Aug 2008 09:21:17 +0000 (11:21 +0200)]
Fix a bug that breaks edit/emploi on IE.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 1 Aug 2008 14:30:02 +0000 (16:30 +0200)]
Fix escaping in RSS feeds.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 29 Jul 2008 12:56:48 +0000 (14:56 +0200)]
Fix empty date in profile edition notification.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 27 Jul 2008 13:25:13 +0000 (15:25 +0200)]
Off-by-one in trombi view.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 25 Jul 2008 07:44:24 +0000 (09:44 +0200)]
Typo
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 22 Jul 2008 18:50:36 +0000 (20:50 +0200)]
Fix for geoloc again (iterate -> foreach)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Aymeric Augustin [Sun, 20 Jul 2008 20:02:02 +0000 (22:02 +0200)]
Fix bogo automatic feeding: send email to (non)spam@ before removing it from the moderation queue.
Florent Bruneau [Sat, 19 Jul 2008 13:23:19 +0000 (15:23 +0200)]
Should fix geoloc.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 19 Jul 2008 13:11:50 +0000 (15:11 +0200)]
Fix layout issues.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 19 Jul 2008 12:26:18 +0000 (14:26 +0200)]
Release plat/al 0.9.17
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Fri, 18 Jul 2008 20:54:54 +0000 (22:54 +0200)]
Improves trombi display: the pictures are now centered and the name bottom aligned (Closes #857).
Stéphane Jacob [Thu, 17 Jul 2008 21:09:13 +0000 (23:09 +0200)]
Only displays binet and psc options for inpacted promotions on list creation page.
Stéphane Jacob [Thu, 17 Jul 2008 21:07:34 +0000 (23:07 +0200)]
Bottom aligns pictures in trombi view.
Damien Bobillot [Sun, 13 Jul 2008 22:36:51 +0000 (00:36 +0200)]
grammar error
Stéphane Jacob [Sun, 13 Jul 2008 15:44:52 +0000 (17:44 +0200)]
Only uses email instead of mixing email, mail and e-mail.
Stéphane Jacob [Sun, 13 Jul 2008 16:11:24 +0000 (18:11 +0200)]
Uses 'liste de diffusion' instead of 'mailing list' for the site is in French.
Stéphane Jacob [Sun, 13 Jul 2008 13:46:25 +0000 (15:46 +0200)]
Shortens the contacts\' page header.
Stéphane Jacob [Sun, 13 Jul 2008 10:40:27 +0000 (12:40 +0200)]
Displays page's bound better (in case of plview multipage)
Stéphane Jacob [Sat, 12 Jul 2008 22:40:40 +0000 (00:40 +0200)]
Minifiches and Mini-Fiches are in a boat, one of them fall in the water, who is still in the boat? Mini-fiches.
Stéphane Jacob [Sat, 12 Jul 2008 22:07:12 +0000 (00:07 +0200)]
Adds anchors in multipage contacts/results so links to other pages of contacts/results point to the top of list and not to the top of the page.
Florent Bruneau [Sat, 12 Jul 2008 16:54:42 +0000 (18:54 +0200)]
Useless commit.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Sat, 12 Jul 2008 16:22:56 +0000 (18:22 +0200)]
plset is not meant to know what it's dealing with, eg nom, promo...
Stéphane Jacob [Fri, 11 Jul 2008 22:14:04 +0000 (00:14 +0200)]
Indicates the bounds of the page's display if possible (Closes #854)
Florent Bruneau [Thu, 10 Jul 2008 20:27:47 +0000 (22:27 +0200)]
Data field of the logger is a 'text' field.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Wed, 9 Jul 2008 20:33:12 +0000 (22:33 +0200)]
Admin actions are between [ ]
Some CSS tweaks.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 8 Jul 2008 21:19:11 +0000 (23:19 +0200)]
More sex.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 8 Jul 2008 21:11:50 +0000 (23:11 +0200)]
Adapt the message depending on the sexe of the user.
Not sure of this one.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 8 Jul 2008 21:08:32 +0000 (23:08 +0200)]
More consistent: show the marketing link and the broken marketing link using
the same layout.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Tue, 8 Jul 2008 20:52:37 +0000 (22:52 +0200)]
Improves display on the contact page and in the mini profiles.
Florent Bruneau [Mon, 7 Jul 2008 20:20:50 +0000 (22:20 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Olivier Le Floch [Sun, 6 Jul 2008 22:04:21 +0000 (00:04 +0200)]
Restore ChangeLog that was inadvertently corrupted by a vicious remote filesystem failure in
b206cca9a18c3c44ba19b5317ec601cadc3cec69
Olivier Le Floch [Sun, 6 Jul 2008 21:55:56 +0000 (23:55 +0200)]
Fix #832: Always include the url in bug reports
Florent Bruneau [Sun, 6 Jul 2008 12:45:17 +0000 (14:45 +0200)]
Improve skin.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 6 Jul 2008 12:45:04 +0000 (14:45 +0200)]
Cleaner.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 6 Jul 2008 11:52:54 +0000 (13:52 +0200)]
Wrap the xsrf token field in a div for html validation.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 6 Jul 2008 11:45:31 +0000 (13:45 +0200)]
Avoid blank page when moderating large emails.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 5 Jul 2008 16:01:58 +0000 (18:01 +0200)]
Join binets with ', ' instead of just ','
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 5 Jul 2008 15:54:45 +0000 (17:54 +0200)]
Convert miniwiki of the freetext to text in the vcards.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 5 Jul 2008 15:27:35 +0000 (17:27 +0200)]
Use orange as default unread color.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 5 Jul 2008 11:13:03 +0000 (13:13 +0200)]
Can choose the color of banana tree branches.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Thu, 3 Jul 2008 21:08:26 +0000 (23:08 +0200)]
Adds XSRF protection to the XnetLists module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 4 Jul 2008 12:35:17 +0000 (14:35 +0200)]
Adds XSRF protection to the XnetEvents module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 4 Jul 2008 11:54:20 +0000 (13:54 +0200)]
Adds XSRF protection to the Marketing module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Thu, 3 Jul 2008 22:51:23 +0000 (00:51 +0200)]
Adds XSRF protection to the Events module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Thu, 3 Jul 2008 21:31:11 +0000 (23:31 +0200)]
Fixes a (potentially not exploitable) SQL injection in ajax/tips.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Thu, 3 Jul 2008 21:08:26 +0000 (23:08 +0200)]
Adds XSRF protection to the Lists module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Damien Bobillot [Wed, 2 Jul 2008 20:11:34 +0000 (22:11 +0200)]
Modification du commentaire de validation des télépaiements : tout le monde peut valider un telepaiement standard
Vincent Zanotti [Wed, 2 Jul 2008 19:53:00 +0000 (21:53 +0200)]
Prunes older entries in table search_autocomplete (will speed up the autocompletion cache).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Wed, 2 Jul 2008 19:45:17 +0000 (21:45 +0200)]
Fixes a PHP warning due to usage of mktime(); fixes capitalization in bin/cron/clean.php.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Wed, 2 Jul 2008 19:08:33 +0000 (21:08 +0200)]
Makes the 'last_version' field in auth_user_quick table version-independant.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Stéphane Jacob [Wed, 2 Jul 2008 12:55:56 +0000 (14:55 +0200)]
Renames the link to the event's global view in Polytechnique.net.
Stéphane Jacob [Wed, 2 Jul 2008 10:03:02 +0000 (12:03 +0200)]
Adds a link to the SMTP server documentation page from the Envoyer un mail page.
Vincent Zanotti [Mon, 30 Jun 2008 20:37:06 +0000 (22:37 +0200)]
Update ChangeLog.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Mon, 30 Jun 2008 20:36:13 +0000 (22:36 +0200)]
Adds a link to the Google Apps emails directly in the "Service" menu (Closes #851).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Mon, 30 Jun 2008 20:22:58 +0000 (22:22 +0200)]
Merge branch 'platal-0.9.16' into platal-0.9.17
Florent Bruneau [Mon, 30 Jun 2008 20:14:43 +0000 (22:14 +0200)]
Stop spamming geoloc@
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Mon, 30 Jun 2008 00:29:30 +0000 (02:29 +0200)]
Adds XSRF protection to the Profile module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 29 Jun 2008 23:43:24 +0000 (01:43 +0200)]
Adds XSRF protection to the XnetGrp module.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Sun, 29 Jun 2008 19:03:12 +0000 (21:03 +0200)]
Fix clear cache on X.net
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 29 Jun 2008 18:50:30 +0000 (20:50 +0200)]
Fix a layout issue in 'moment' display.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 20:46:01 +0000 (22:46 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 20:44:06 +0000 (22:44 +0200)]
Store the subscription requests (Closes #823)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 17:49:06 +0000 (19:49 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 17:47:38 +0000 (19:47 +0200)]
Some fixes in user management functions (Closes #849)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 16:13:01 +0000 (18:13 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 16:11:04 +0000 (18:11 +0200)]
* Can use a file to bootstrap the list of members of a list (via list/create)
* Allow 'non-X' addresses to be used at list creation time.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 15:59:37 +0000 (17:59 +0200)]
Can add member to a list using a file (one line per email, one email per line) (Closes #756)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 12:21:26 +0000 (14:21 +0200)]
Fix title of the member edition page if no name is defined.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 12:14:56 +0000 (14:14 +0200)]
Fix entry in list/members when the user has no name in X.net directory.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 28 Jun 2008 12:06:56 +0000 (14:06 +0200)]
Fix alignment issues
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 27 Jun 2008 22:06:32 +0000 (00:06 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 27 Jun 2008 22:03:59 +0000 (00:03 +0200)]
Fix vcard generation: only users with a valid forlife are added (Closes #846)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 27 Jun 2008 21:41:13 +0000 (23:41 +0200)]
Update ChangeLog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 27 Jun 2008 21:41:24 +0000 (23:41 +0200)]
Can export X.net directory as a .csv file (Close #847)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 27 Jun 2008 20:53:36 +0000 (22:53 +0200)]
Add a free text field in x.net profile (Closes #848)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 23 Jun 2008 16:12:02 +0000 (18:12 +0200)]
Merge branch 'platal-0.9.16' into platal-0.9.17
Florent Bruneau [Mon, 23 Jun 2008 16:11:13 +0000 (18:11 +0200)]
Typo and better test.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Olivier Le Floch [Sat, 21 Jun 2008 12:43:54 +0000 (14:43 +0200)]
Correctly unset the hidden input field for autocompletable-and-select-menu-settable fields. This ensures that if the user enters a value in the 'text' field, the 'integer id' field is ignored. Fixes FS#850.
Florent Bruneau [Sat, 21 Jun 2008 12:58:58 +0000 (14:58 +0200)]
Coding rules.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Thu, 19 Jun 2008 13:14:24 +0000 (15:14 +0200)]
Improves 59887c: uses global domain instead of polytechnique.org, improves javascript and some other small things
Stéphane Jacob [Wed, 18 Jun 2008 18:21:39 +0000 (20:21 +0200)]
Automation of the management of associations' mailing lists (Closes #817), Updates Changelog
Vincent Zanotti [Wed, 18 Jun 2008 19:28:07 +0000 (21:28 +0200)]
Updates ChangeLog.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 17 Jun 2008 20:16:38 +0000 (22:16 +0200)]
Use normal int everywhere in the table to store user ids (Closes #844).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
projects / platal.git / log