mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
9,673 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

29 Commits

Author SHA1 Message Date
Michael Gapczynski 394cebc90f Remove echo from lost password page 2013-01-04 11:12:28 -05:00
Randolph Carter d2828bab07 fixes default email sender address 2012-12-19 01:09:14 +01:00
Bart Visscher fecfeac55d Fix introduced style errors 2012-10-27 17:45:15 +02:00
Bart Visscher a8d0f84829 Resetting the password should also invalidate the token login cookies 2012-10-17 17:26:12 +02:00
Bart Visscher 0a614429af Change the lostpassword flow to a controller 2012-10-17 17:24:49 +02:00
Lukas Reschke 99cd922b82 Doublehash the token to prevent timing attacks 2012-10-14 12:13:02 +02:00
Lukas Reschke ef57e9294b Fallback for systems without openssl 2012-09-29 16:44:02 +02:00
Lukas Reschke 36f1c9b083 rand() + uniqid() are not from cryptographic quality 2012-09-29 15:33:10 +02:00
Lukas Reschke f5fe95a131 Removed sectoken 
This token is completly useless since an attacker can easily extract it
from the page.
 2012-09-29 15:15:35 +02:00
Bart Visscher 22d22d19c0 Do urlencoding in linkTo functions 2012-09-28 22:27:52 +02:00
Thomas Müller 9e5807d1f9 fixing syntax error - sorry for that 2012-09-04 13:13:18 +03:00
Thomas Müller 6d358c051f Update core/lostpassword/templates/email.php 
respect coding style
 2012-09-04 13:10:14 +03:00
Thomas Müller 97e4647ad5 Update core/lostpassword/resetpassword.php 2012-09-04 13:09:25 +03:00
Thomas Müller 395ea2a028 Update core/lostpassword/index.php 
respect coding style
 2012-09-04 13:08:55 +03:00
Bart Visscher 5153b8b293 Add url-params to url with new parameter in linkTo function 2012-09-03 21:51:32 +02:00
Bjoern Schiessle 680eed6bac fix for bug #1295, don't escape password reset link 2012-07-27 15:35:36 +02:00
Bjoern Schiessle b9d5f510c3 urlencode link fort password reset (bug #970) 2012-06-13 17:22:28 +02:00
Michael Gapczynski 3c3a2b9b27 Remove old internal mail call for password reset, fixes bug oc-934 2012-06-07 09:25:50 -04:00
Frank Karlitschek d4ea853fcf use our own serverHost call so that ownCloud works with reverse proxy servers 2012-05-31 20:26:09 +02:00
Frank Karlitschek a945fa10a6 update copyright 2012-05-26 19:14:24 +02:00
Frank Karlitschek 6bdefef31e csrf protection 2012-04-26 19:35:33 +02:00
Frank Karlitschek 2fbc92bd4b new OC_Mail class to handle all mail sending. The benefit is that is way mor flexible than the standard mail command. can be configured to use a remote smtp relay for example. also port the lostpassword code 2012-04-20 20:49:35 +02:00
Robin Appelman b1bcc60d83 reuse OC_L10N objects 2012-04-14 16:44:15 +02:00
Tom Needham 85f9869f69 Make the token really random 2012-04-04 13:18:02 +00:00
Tom Needham 95c2ac5d58 Dont typecast variables as integers 2012-04-03 21:14:55 +00:00
Georg Ehrke 03120959e9 add a proper email address for lostpassword service - bugfix for oc-178 2012-03-19 09:09:18 +01:00
Bart Visscher f47444e1f7 Use separate function to make absolute urls 2012-02-17 22:07:14 +01:00
Bart Visscher e1b9b65e41 Use correct appid for lostpassword email preference 2011-12-18 23:10:43 +01:00
Bart Visscher e8c6252a4c Move lostpassword to core dir 2011-10-03 20:44:01 +02:00