Vincent Zanotti [Sun, 18 May 2008 14:55:03 +0000 (16:55 +0200)]
Adds XSRF protection to the AXLetter module.
Fixes several bugs in the AXLetter module (admin validation / AX cancellation of letters wasn't properly working; it was not possible to add admins with user ids above 2^15 - 1).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 18 May 2008 14:38:32 +0000 (16:38 +0200)]
Prevents cancelled AX letters from showing up in the list.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 18 May 2008 14:17:40 +0000 (16:17 +0200)]
Replaces all left occurences of 'shortname' in AXLetter, as it uses extract() to get the value 'short_name' from SQL.
Also fixes an issue with deadline insertion in MySQL (input in YYYYMMDD format instead of YYYY-MM-DD).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 18 May 2008 13:41:50 +0000 (15:41 +0200)]
Fixes the AXLetter module (SQL field 'shortname' is now known as 'short_name').
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 18 May 2008 12:00:30 +0000 (14:00 +0200)]
Adds missing "global $globals", used for sending homonyms/payment errors/registration/marketing emails (bugs introduced in r1897).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 18 May 2008 11:30:27 +0000 (13:30 +0200)]
Fixes sending of homonyms emails (previously, emails for "pre-robot" and "robot" warnings were not sent).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Stéphane Jacob [Thu, 15 May 2008 12:56:20 +0000 (14:56 +0200)]
Fixes a ff3 display bug in the quick search page.
Stéphane Jacob [Wed, 14 May 2008 23:56:18 +0000 (01:56 +0200)]
Improves and uniforms text in the advanced research page.
Florent Bruneau [Wed, 7 May 2008 09:53:51 +0000 (11:53 +0200)]
Improvements based on txm's comments.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Wed, 7 May 2008 08:00:51 +0000 (10:00 +0200)]
Really fixes email on user unregistration (cf.
854aef5e).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 6 May 2008 22:29:54 +0000 (00:29 +0200)]
Fixes the username in user deregistration confirmation emails (will prevent admins from having heart attacks ...).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Tue, 6 May 2008 15:26:05 +0000 (17:26 +0200)]
Fix layout issues with smtp password form.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 6 May 2008 15:17:14 +0000 (17:17 +0200)]
Add a link to password documentation.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 6 May 2008 14:29:45 +0000 (16:29 +0200)]
crypte => chiffre
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 21:21:32 +0000 (23:21 +0200)]
Update the count when an admin goes to admin/validate.
Avoid inconsistent states when several copies of the site
use the same DB.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 18:26:19 +0000 (20:26 +0200)]
Update changelog
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 18:14:17 +0000 (20:14 +0200)]
jQuery.Autocomplete should be downloaded by the Makefile.
Playing with Makefile...
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Stéphane Jacob [Mon, 5 May 2008 17:28:13 +0000 (19:28 +0200)]
Adds the precision that the site password has to be shorter than 10 characters
Vincent Zanotti [Mon, 5 May 2008 16:50:49 +0000 (18:50 +0200)]
Updates database layout to allow SHA1 password during registration.
Disables empty passwords in database (consequence of bug fixed in
4f132669b52532c15eebbdee0a17659b5d6ab178).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Mon, 5 May 2008 16:38:39 +0000 (18:38 +0200)]
Fixes the user's password generation on registration (password used to be "" for everyone ...).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Mon, 5 May 2008 16:22:32 +0000 (18:22 +0200)]
Adds an ignore on the new JQuery script.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 10:48:58 +0000 (12:48 +0200)]
Improve public mini-profile.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 10:30:30 +0000 (12:30 +0200)]
Update the skins.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 5 May 2008 10:04:33 +0000 (12:04 +0200)]
Add user photo to the "minifiche".
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 4 May 2008 14:50:00 +0000 (16:50 +0200)]
Be sure we refuse password with less than 6 characters.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 4 May 2008 11:25:07 +0000 (13:25 +0200)]
Password strength test improvements.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 4 May 2008 10:59:26 +0000 (12:59 +0200)]
Measure password strength on user admin page.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 4 May 2008 10:13:27 +0000 (12:13 +0200)]
Animated progression bar, better colors.
WARNING: requires jQuery 1.2, upgrade your jQuery if you're still on a previous version.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Sat, 3 May 2008 22:24:22 +0000 (00:24 +0200)]
Also checks password strength on Google Apps password change.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Thu, 1 May 2008 21:16:50 +0000 (23:16 +0200)]
Ensures requests to the Google Apps API are processed as soon as possible (and before batch requests used to re-synchronize the local user accounts mirror with the main database at Google).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Sat, 3 May 2008 21:57:44 +0000 (23:57 +0200)]
Check password when the user change/set a password.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 3 May 2008 21:51:14 +0000 (23:51 +0200)]
More configuration.
* can change the submit button name
* auto-disable the submit button at startup
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 3 May 2008 21:34:22 +0000 (23:34 +0200)]
Make password checker easily pluggable to any password change prompt.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Damien Bobillot [Fri, 2 May 2008 13:50:47 +0000 (15:50 +0200)]
Version d'alakazam, plus simple.
Vincent Zanotti [Wed, 30 Apr 2008 13:33:29 +0000 (15:33 +0200)]
Adds "Google Calendar for Google Apps" as a calendar handling app for icals.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Wed, 30 Apr 2008 13:31:09 +0000 (15:31 +0200)]
Adds an helper for newsletter's bounces processing -- analyzes email from its standard input, and checks that the email is in the database (otherwise prompting the root to look for the real email address in the bounce's headers).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Wed, 30 Apr 2008 06:30:36 +0000 (08:30 +0200)]
Add newsgator as a possible RSS handler.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 29 Apr 2008 16:47:57 +0000 (18:47 +0200)]
Fix pl_self() on X.net (no more %grp in the URLs).
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 29 Apr 2008 16:47:30 +0000 (18:47 +0200)]
Fix an infinite recursion on authentication failure on x.net (Closes #821)
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 28 Apr 2008 21:42:11 +0000 (23:42 +0200)]
Add Reply-To to the registration notification email.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sat, 26 Apr 2008 09:28:45 +0000 (11:28 +0200)]
Hum, fix digits range.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Fri, 25 Apr 2008 20:49:48 +0000 (22:49 +0200)]
First version of "password strength" tester.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Fri, 25 Apr 2008 17:20:30 +0000 (19:20 +0200)]
Fixes coding style in the last 4 commits (uses S:: instead of Session::).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 25 Apr 2008 17:14:15 +0000 (19:14 +0200)]
Fixes the most critical XSRF vulnerabilities in Xnet/XnetGrp.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 25 Apr 2008 16:20:55 +0000 (18:20 +0200)]
Fixes XSRF token generation for Xnet.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 25 Apr 2008 15:34:51 +0000 (17:34 +0200)]
Fixes XSRF vulnerabilities in password page, admin pages, and GoogleApps pages.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Fri, 25 Apr 2008 09:01:21 +0000 (11:01 +0200)]
Adds basic support for XSRF protection.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Thu, 24 Apr 2008 21:30:29 +0000 (23:30 +0200)]
Separate mails with a X-Org-Mail header from the others in moderation form.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Thu, 24 Apr 2008 20:20:41 +0000 (22:20 +0200)]
Add a "checkAll" switch.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Thu, 24 Apr 2008 19:37:49 +0000 (21:37 +0200)]
Fix false positive in error detection in XMLRPC backtrace.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Thu, 24 Apr 2008 01:34:51 +0000 (03:34 +0200)]
Improves user experience in creating Google Apps accounts (thanks to Olivier Le Floch).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Wed, 23 Apr 2008 20:25:24 +0000 (22:25 +0200)]
Adds support for GoogleApps-only redirections in newsletters.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 22 Apr 2008 18:13:21 +0000 (20:13 +0200)]
In GoogleAppsAccount, accounts for the special meaning of "<column of type VARCHAR> = 0" in MySQL.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 22 Apr 2008 17:56:53 +0000 (19:56 +0200)]
Displays email redirections for registered users when using an user id in the user administration section.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 22 Apr 2008 17:47:58 +0000 (19:47 +0200)]
Removes the GoogleApps account clean-up for dead people who did not had any.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Damien Bobillot [Mon, 21 Apr 2008 22:37:40 +0000 (00:37 +0200)]
Ajout dans la règle de validation des marketing.
Stéphane Jacob [Mon, 21 Apr 2008 20:36:30 +0000 (22:36 +0200)]
typo
Aymeric Augustin [Sun, 20 Apr 2008 14:00:36 +0000 (16:00 +0200)]
Humpf
Aymeric Augustin [Sun, 20 Apr 2008 13:53:32 +0000 (15:53 +0200)]
Increase memory limit to be able to load emails with large attachments
Fix indentation
Aymeric Augustin [Sun, 20 Apr 2008 12:46:46 +0000 (14:46 +0200)]
Feed bogo depending on mailing-list moderation
Signed-off-by: Aymeric Augustin <aymeric.augustin@m4x.org>
Aymeric Augustin [Sun, 20 Apr 2008 09:44:59 +0000 (11:44 +0200)]
Merge branch 'master' of /home/git/platal
Vincent Zanotti [Sat, 19 Apr 2008 21:22:35 +0000 (23:22 +0200)]
Prevents the "remove this redirection" button to appear when the redirection is unique.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sat, 19 Apr 2008 21:22:01 +0000 (23:22 +0200)]
Fixes "googleapps administrator" status determination.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Thu, 17 Apr 2008 15:57:48 +0000 (17:57 +0200)]
It seems that forlife are firstname.name.promo, not name.firstname.promo...
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Pascal Corpet [Fri, 11 Apr 2008 22:05:54 +0000 (00:05 +0200)]
Admins of main site are admins for all sites that use groupex authentication
Stéphane Jacob [Thu, 10 Apr 2008 17:14:36 +0000 (19:14 +0200)]
Improve registration's notification email
Stéphane Jacob [Wed, 9 Apr 2008 17:46:04 +0000 (19:46 +0200)]
Improves the title of the group creation page
Raphaël Marichez [Mon, 7 Apr 2008 11:04:31 +0000 (13:04 +0200)]
remove useless sql JOIN
Signed-off-by: Raphaël Marichez <falco@gentoo.org>
Florent Bruneau [Sun, 6 Apr 2008 21:25:24 +0000 (23:25 +0200)]
Merge branch 'platal-0.9.16'
Florent Bruneau [Sun, 6 Apr 2008 21:24:29 +0000 (23:24 +0200)]
Fix virtual table entry of new mailing list created via x.net
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Vincent Zanotti [Sun, 6 Apr 2008 09:40:23 +0000 (11:40 +0200)]
Prevents user from requesting multiple password synchronization due to GET requests.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sun, 6 Apr 2008 09:40:23 +0000 (11:40 +0200)]
Prevents user from requesting multiple password synchronization due to GET requests.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Stéphane Jacob [Sat, 5 Apr 2008 23:34:19 +0000 (01:34 +0200)]
Text improvement and standardisation, and typo corrections in xnetlist administration
Vincent Zanotti [Sat, 5 Apr 2008 21:58:02 +0000 (23:58 +0200)]
Fixes URLs for marketing on broken users in Xnet's lists.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sat, 5 Apr 2008 20:59:35 +0000 (22:59 +0200)]
Merge branch 'platal-0.9.16'
Vincent Zanotti [Sat, 5 Apr 2008 20:58:56 +0000 (22:58 +0200)]
Fixes the "user_id" column type in table gapps_queue.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sat, 5 Apr 2008 20:40:08 +0000 (22:40 +0200)]
Stops the Google Apps spam on OTRS, and spams validation@ instead.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Sat, 5 Apr 2008 19:12:35 +0000 (21:12 +0200)]
Merge branch 'platal-0.9.16'
Vincent Zanotti [Sat, 5 Apr 2008 19:11:29 +0000 (21:11 +0200)]
Tailors the 'nomdusage' validation email according to the recipient (and not to the admin).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Aymeric Augustin [Fri, 4 Apr 2008 12:44:44 +0000 (14:44 +0200)]
Merge branch 'master' of /home/git/platal
Vincent Zanotti [Fri, 4 Apr 2008 08:47:54 +0000 (10:47 +0200)]
Merge branch 'platal-0.9.16'
Vincent Zanotti [Fri, 4 Apr 2008 08:46:34 +0000 (10:46 +0200)]
Fixes the "no redirection / bad MXs" warnings for administrators.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 1 Apr 2008 13:42:57 +0000 (15:42 +0200)]
Merge branch 'platal-0.9.16'
Vincent Zanotti [Tue, 1 Apr 2008 13:24:08 +0000 (15:24 +0200)]
Adds missing directory for Google Apps stats images.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 1 Apr 2008 13:23:06 +0000 (15:23 +0200)]
Enables deactivation of RSS/iCal popups (to be used in Xorg/Goodies).
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Vincent Zanotti [Tue, 1 Apr 2008 13:22:48 +0000 (15:22 +0200)]
Adds a baseurl_http global var (used for RSS urls which can't be fixed by xorg.js's auto_links).
Was supposed to be part of
769dc7d5, but changes were made to include/googleapps.inc.php.
Signed-off-by: Vincent Zanotti <vincent.zanotti@polytechnique.org>
Florent Bruneau [Tue, 1 Apr 2008 08:56:53 +0000 (10:56 +0200)]
404/403 do not require auth.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Tue, 1 Apr 2008 08:56:53 +0000 (10:56 +0200)]
404/403 do not require auth.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 21:12:15 +0000 (23:12 +0200)]
Merge branch 'platal-0.9.16'
web@polytechnique.org [Mon, 31 Mar 2008 20:50:03 +0000 (22:50 +0200)]
Author: Webmaster Polytechnique.org <falco@melix.net>
trivial fix in syntax -- falco
Florent Bruneau [Mon, 31 Mar 2008 20:34:48 +0000 (22:34 +0200)]
Revert "Fix geoloc."
This reverts commit
13c3df1e76eeeb306dc87c4844f2a2fb014c5b91.
Florent Bruneau [Mon, 31 Mar 2008 19:39:18 +0000 (21:39 +0200)]
Start 0.9.17
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 19:37:43 +0000 (21:37 +0200)]
Release 0.9.16
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 16:46:36 +0000 (18:46 +0200)]
Fix a race condition in active redirection validation.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 15:36:25 +0000 (17:36 +0200)]
Grumpf, typo-syntax
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 15:34:46 +0000 (17:34 +0200)]
Oops, duplicated.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 15:31:27 +0000 (17:31 +0200)]
Can set a netmask for ip watch.
-> the mask does not affect the content of the page admin/ipwatch (SQL limitations)
-> DO NOT use ip2long: this function sucks and can return negative numbers o_O
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 14:08:47 +0000 (16:08 +0200)]
Fix notice on 'ax'-profile.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Mon, 31 Mar 2008 11:59:42 +0000 (13:59 +0200)]
Fake public profile for non registered users.
Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
Florent Bruneau [Sun, 30 Mar 2008 20:42:49 +0000 (22:42 +0200)]
delete obsolete database checks
projects / platal.git / log