• last updated 6 hours ago
Constraints: committers
Constraints: files
Constraints: dates
Deprecate template::util::is_true, implemented as a simple string command oneliner since 2015 and inline occurrences

  1. … 33 more files in changeset.
150px is not enough. In general, these setting should be performed via style files.

Use the new 'email' input type widget

  1. … 1 more file in changeset.
Add a new instance parameter 'LoginPasswordAutocomplete' with the value of the 'autocomplete' attribute of the password field of the login form, to let each subsite decide.

  1. … 1 more file in changeset.
Modernize logic for protecting against cached passwords from forms,

when users log out and other users use the back button (for Nora).

- switch to more modern caching prevention

- add CSRF protection to login form against forgery requests

- none of the cache-preventing mechanisms helps when the user

stores the password in the browser (no change to the past).

- For admins of existing sites: alter kernel parameter

"LoginPageExpirationTime" to 0 make use of this feature

  1. … 2 more files in changeset.
whitespace changes

obtain default authority_id via "auth::authority::get"

  1. … 3 more files in changeset.
Replace ad_decode idioms

  1. … 2 more files in changeset.
new parameter PersistentLoginDefault: let admin decide, whether default value in login box should be true of false

  1. … 1 more file in changeset.
add autocomplete hint as suggested by chrome

improve comment and provide warning, when kernel parameter is overruled

fix typo

make sure to call ad_script_abort after ad_returnredirect

  1. … 2 more files in changeset.
Bug fix: avoid confusion between command argument and option, when argument starts with "-"

  1. … 81 more files in changeset.
merged changes from the oacs-5-9 branch and resolved conflicts

  1. … 7834 more files in changeset.
make field host_node_id optional to improve backward compatibility

Make sure message exists when dealing with a banned user

Provide more infrastructure support for host-node-maps for more flexible domain handling

- add optional -cookie_domain parameter to the following functions




auth::issue_login (wrapper for ad_user_login)

if not specified, the functions are full backward compatible

- add optional parameter -host_node_id to auth::authenticate

which refers to the node_id in the host-node-map

- pass host_node_id from from/to register pages


1) probably, sec_generate_session_id_cookie picks up the wrong

session_id via [ad_conn session_id]

2) check interaction with CookieDomain (probably, we need

must not pass host_node_id wheren CookieDomain is non-empty)

  1. … 7 more files in changeset.
- add optional parameter host_node_id (for future use)

- Reflow overlong lines

Modernize code (use ad_include_contract instead of manual checks)

- strenthen token checking of login form

- add editor hints to keep spaces/tabs in the furture more consistent

  1. … 754 more files in changeset.
- fix quoting and typo

  1. … 1 more file in changeset.
- improve readability and indentation

- harden page contracts

  1. … 6 more files in changeset.
Merging back to HEAD branch oacs-5-8 (using tag vg-merge-oacs-5-8-from-20141027).

  1. … 2547 more files in changeset.
- flatten nested list structures

  1. … 4 more files in changeset.
- fix incorrect variable name "package_id" used instead of "subsite_id"

- make variable check explicit

Fix passing HTML in url variable and use util_user_message instead

  1. … 3 more files in changeset.