github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-07-06 21:11:51 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
6323 commits 2 branches 41 tags 24 MiB
Commit graph

1582 commits

Author SHA1 Message Date
Umut Korkmaz
44cf0b5306
Fixed #142 2022-08-02 17:24:55 +03:00
myvesta
bc67f1028a
Fix for an boring PHP Notice in vesta-php 2022-07-12 21:08:30 +02:00
myvesta
d625c9722a
Fix for an boring PHP Notice in vesta-php 2022-07-12 21:00:33 +02:00
myvesta
b2d7c5a1fd
Fix for PHP Notice in vesta-php 2022-07-12 20:40:20 +02:00
myvesta
fa3d9aff36
Merge pull request #141 from divinity76/patch-4 
avoid out-of-memory serving large logfiles
 2022-07-12 20:24:54 +02:00
divinity76
15c5bdac51
turns out VESTA_CMD is 2 commands 2022-07-12 20:07:55 +02:00
divinity76
5aebfde6cf
avoid double-quoting v_domain 2022-07-12 19:17:01 +02:00
divinity76
1a081dfdbe
workaround for passthru() being disabled 2022-07-12 19:14:55 +02:00
myvesta
e65af22a54
hash_equals() in /reset/mail/ 
Thanks to @divinity76
 2022-07-12 18:10:31 +02:00
divinity76
b09d244af7
code-breaking-typo 
from copypasta
 2022-07-09 11:18:30 +02:00
divinity76
b13b82112a
avoid out-of-memory serving large logfiles 
large logfiles previously resulted in out-of-memory errors, see https://github.com/hestiacp/hestiacp/issues/2736

hestacp PR: https://github.com/hestiacp/hestiacp/pull/2741

and no, removing the php end tag was not an accident, it was intentional. end tags, ideally, should only be used when they're absolutely required, because they can easily introduce bugs like printing a newline after the end tag.
 2022-07-09 11:16:02 +02:00
myvesta
93f2a62ee8
Fixing insane HTML form bug in Lisr backup details page 
Without this fix, selecting first item and skiping next item and selecting any other item below, resulted with selected only first item in HTML form array
 2022-05-27 23:28:25 +02:00
myvesta
475b7eac6b
Generating 16 chars password for users 2022-04-25 21:23:02 +02:00
myvesta
547d5f0c5b
Preventing brute-force reseting password 2022-04-25 21:13:46 +02:00
myvesta
a0ad0c6101
Update sr.php 2021-12-17 19:16:50 +01:00
myvesta
a08a17cca8
Merge pull request #134 from anton-reutov/patch-26 
Small improvmemts for login form
 2021-11-20 22:15:48 +01:00
Anton Reutov
47f2ca1d37
Small improvmemts for login form 2021-11-19 21:29:42 +03:00
Anton Reutov
d36f1a355b
Small improvmemts for login form 2021-11-19 21:28:19 +03:00
myvesta
302e351252 Many fixes for v-list-sys-services 2021-11-14 19:47:54 +01:00
myvesta
ee3665ecb7
Update index.php 2021-09-04 19:00:20 +02:00
myvesta
93de22a0b3 Fix for CSRF in FileManager and UploadHandler 2021-09-04 15:31:34 +02:00
myvesta
63861e4ffd Fix fox CSRF in /dowload/web-log/ 2021-09-04 12:55:40 +02:00
myvesta
329c37a13c
Update index.php 2021-09-04 12:32:16 +02:00
myvesta
9a746ea484 Adding token for /logout/ 2021-09-04 01:23:24 +02:00
myvesta
ab9c10b05c
Update secure_login.php 2021-09-01 00:24:43 +02:00
myvesta
475fe47984 Checking token on adding and deleting favorites 2021-08-29 16:05:33 +02:00
myvesta
5262b3f447
Update secure_login.php 2021-08-29 14:13:03 +02:00
myvesta
7c9da855e8
Update secure_login.php 2021-08-29 14:05:15 +02:00
myvesta
8a5469abcd
Update secure_login.php 2021-08-29 12:39:48 +02:00
myvesta
834f939fbe
Exception for function prevent_get_csrf 2021-08-29 11:50:22 +02:00
myvesta
eae5c3418a
Preventing GET CSRFs 2021-08-29 11:14:11 +02:00
myvesta
49905063f6
Update secure_login.php 2021-08-29 11:09:24 +02:00
myvesta
085a25d165
Update secure_login.php 2021-08-29 01:59:49 +02:00
myvesta
59edb05f49
Proper way to fix CSRF in /edit/file/ 2021-08-29 01:20:12 +02:00
myvesta
11f1cfcf4e Proper way to fix CSRF in /schedule/backup/ 2021-08-29 00:54:57 +02:00
myvesta
0336e8b8d0
Preventing CSRF in /file_manager/fm_api.php 2021-08-29 00:14:15 +02:00
myvesta
9277b37800
Preventing CSRF in /schedule/backup 2021-08-29 00:12:09 +02:00
myvesta
92297f2fc2
Preventing CSRF in UploadHandler.php 2021-08-29 00:10:42 +02:00
myvesta
c2a30bcd31
Preventing CSRF in /edit/file/ 2021-08-29 00:07:41 +02:00
myvesta
c7bd10ab3b
Smarter preventing all POST CSRF 2021-08-29 00:04:27 +02:00
myvesta
0686c6d5f6
More logical check expression in secure_login.php 2021-08-28 23:35:10 +02:00
myvesta
43da9e2aa7
Preventing CSRF in file_manager/fm_api.php 2021-08-15 15:14:16 +02:00
myvesta
55c591535c
Preventing all CSRF 2021-08-15 14:53:16 +02:00
myvesta
1d73ff488b
Preventing CSRF in schedule / backup 2021-08-15 14:41:04 +02:00
myvesta
518e627b46
Update index.php 2021-08-15 14:37:53 +02:00
myvesta
9f55ef33cf
Update index.php 2021-08-15 14:36:45 +02:00
myvesta
d66afcbaaa
Preventing CSRF in schedule / backup 2021-08-15 14:20:13 +02:00
myvesta
d559763427
Preventing CSRF in edit/file 2021-08-15 14:15:48 +02:00
myvesta
914b53ea1c
Getting hostname from $_SERVER['HTTP_HOST'] for UploadHandler 2021-08-15 14:11:14 +02:00
myvesta
88596a8cd9
Fix for possible file inclusion vulnerability in i18n.php 
Fix for https://github.com/serghey-rodin/vesta/issues/2052
 2021-08-15 12:35:28 +02:00