748a219243
add preRememberedLogin hook and document this and postRememberedLogin in class descripttion. Also fixes documentation of postLogin hook
2014-05-26 13:53:26 +02:00
2c89962919
clean up tryRememberLogin and save the timestamp of users last login
2014-05-21 18:03:37 +02:00
bac8962bbc
Fix Scrutinizer errors
2014-05-13 19:08:14 +01:00
f7fa8662e2
Remove `session_id_regenerate` from here
...
Jenkins somewhat complains that there are already sent headers.
2014-02-21 08:12:45 +01:00
0241ddc759
Merge pull request #6519 from nhirokinet/master
...
Security Update: session fixation
2014-02-20 14:28:26 +01:00
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
9b7c3a5c66
fixing PHPDoc and use cameCase names
2014-01-09 10:27:47 +01:00
068688063e
Security Update: session fixation
...
Previous version is vulnerable to session fixation attack in some situations, guessing non-apache-module-php5 environment. Regeneration of session id should be done here.
2013-12-20 03:38:51 +09:00
91d6a6dd7c
On webdav sesssions, loginname was compared to username which does not need to match necessarily
2013-12-13 16:58:03 +01:00
013444813e
Now removing stray old cookies from 5.0.12
...
Cookies from 5.0.12 seemed to have an extra slash in the path.
Firefox doesn't allow to remove them if the trailing slash isn't
there,
thus making it impossible to logout correctly.
This fix adds extra code to delete such stray cookies.
Ported from stable5 branch 99e5c6f7eb
2013-11-07 18:49:50 +01:00
9c9dc276b7
move the private namespace OC into lib/private - OCP will stay in lib/public
...
Conflicts:
lib/private/vcategories.php
2013-09-30 16:36:59 +02:00
Arthur Schiwon
Robin McCorkell
Lukas Reschke
Jörn Friedrich Dreyer
Thomas Müller
NARUKAWA Hiroki
Vincent Petry