Commits · 4344721c138e7f6845a8129278c9d3374daee085 · outils / question2answer

30 Jul, 2020 1 commit
- Convert some function calls to DbSelect · d7c19976
  Scott authored 4 years ago
  
  d7c19976 Browse File
20 Jul, 2020 1 commit

Increase security by setting the httpOnly flag to session cookie · da1891b1

According to Mozilla best-practices (see https://observatory.mozilla.org
and https://infosec.mozilla.org/guidelines/web_security#cookies )
session cookies should be created with the HttpOnly flag. This prevents
XSS vulnerabilities.

This PHPSESSID cookie is still sent over ajax calls (it just prevents JS to
access it) so it does not break any usage

authored 4 years ago

da1891b1 Browse File

28 Jan, 2019 1 commit
- PHPDoc update in app/favorites, app/limits, app/options and app/users · 53749f1e
  pupi1985 authored 6 years ago
  
  53749f1e Browse File
11 Dec, 2018 1 commit
- Update schema.org URLs · 51c3be9f
```
Fix #709
```
  Scott authored 6 years ago
  51c3be9f Browse File
05 Dec, 2018 1 commit
- Add @since PHPDoc tag to recent method additions · c35d3af0
  pupi1985 authored 6 years ago
  
  c35d3af0 Browse File
06 Sep, 2018 1 commit
- Remove some unnecessary SQL queries · 869db52f
  pupi1985 authored 6 years ago
  
  869db52f Browse File
10 Mar, 2018 1 commit
- Fix anonymous user images not being displayed · ef28faf9
  pupi1985 authored 7 years ago
  
  ef28faf9 Browse File
10 Feb, 2018 1 commit
- Fix some scenarios where ^userpoints records are not present and generate issues · d4b74099
  pupi1985 authored 7 years ago
  
  d4b74099 Browse File
14 Jan, 2018 1 commit
- Fix qa_get_gravatar_url() function not found when using WordPress · ad1584f7
  pupi1985 authored 7 years ago
  
  ad1584f7 Browse File
23 Dec, 2017 1 commit
- Add microdata for unregistered/anonymous users · 5bab3483
  Scott authored 7 years ago
  
  5bab3483 Browse File
06 Sep, 2017 1 commit
- Remove error suppression on constants · a741dd8c
  Scott authored 7 years ago
  
  a741dd8c Browse File
01 Sep, 2017 1 commit
- Remove approve_user_required option · d225ef24
  Scott authored 7 years ago
  
  d225ef24 Browse File
31 Aug, 2017 1 commit
- Handle deleted users in private messages · c4404e28
```
Fixes #161
```
  Scott authored 7 years ago
  c4404e28 Browse File
05 Aug, 2017 3 commits
- Fix file references in comments · a86b3426
  Scott authored 7 years ago
  
  a86b3426 Browse File
- Fix redirects in direct-access prevention · 5206a7ff
  Scott authored 7 years ago
  
  5206a7ff Browse File
- Remove filename from comment · 16248e8e
  Scott authored 7 years ago
  
  16248e8e Browse File
14 Jan, 2017 1 commit
- Coding style (fix more CodeSniffer errors) · cf6aef69
  Scott authored 8 years ago
  
  cf6aef69 Browse File
13 Jan, 2017 2 commits
- Coding style (misc) · 4fb68aa6
  Scott authored 8 years ago
  
  4fb68aa6 Browse File
- Coding style (app posts/admin) · f24542bb
  Scott authored 8 years ago
  
  f24542bb Browse File
17 Nov, 2016 1 commit
- Improve avatar handling API · 6e8aa0c8
  pupi1985 authored 8 years ago
  
  6e8aa0c8 Browse File
28 Oct, 2016 1 commit
- Do not log security form violations unless in debug mode · 3c892c64
  pupi1985 authored 8 years ago
  
  3c892c64 Browse File
18 Mar, 2016 1 commit

Added local Joomla integration rather than relying on Joomla having the separate… · f660020d

Added local Joomla integration rather than relying on Joomla having the separate plugin installed. (But still support the plugin if it's there, as it gives a lot more flexibility)

authored 8 years ago

f660020d Browse File

10 Mar, 2016 1 commit
- Out-of-the-box Joomla! integration. · d0e06f68
  Simon Champion authored 9 years ago
  
  d0e06f68 Browse File
24 Feb, 2016 1 commit
- use hash_equals to compare hashes · 2e1f5aa3
  Daniel Ruf authored 9 years ago
  
  2e1f5aa3 Browse File
01 Feb, 2016 3 commits
- Coding style (permit error functions) · a2e7ae23
  Scott authored 9 years ago
  
  a2e7ae23 Browse File
- Use user cache in permissions checks · ee52e218
  Scott authored 9 years ago
  
  ee52e218 Browse File
- Add qa_get_logged_in_user_cache function · c9fde553
```
Applies to Q2A ‘internal’ users (already exists for external users).
External user version updated to handle flags.
```
  Scott authored 9 years ago
  c9fde553 Browse File
25 Jan, 2016 1 commit
- set HttpOnly flag to true · 00c03c3e
  Daniel Ruf authored 9 years ago
  
  00c03c3e Browse File
14 Nov, 2015 1 commit
- Optimize qa_session_var_suffix · 448ddb4a
  Scott authored 9 years ago
  
  448ddb4a Browse File
18 Oct, 2015 1 commit
- Coding style (user HTML functions) · 32ca391c
  Scott authored 9 years ago
  
  32ca391c Browse File
17 Oct, 2015 1 commit
- Add schema.org Person microdata · b07c082d
```
Replace old hcard microformat
```
  Scott authored 9 years ago
  b07c082d Browse File
08 May, 2015 1 commit
- Further simplify qa_permit_value_error · 224e2ce7
  Scott authored 9 years ago
  
  224e2ce7 Browse File
07 May, 2015 4 commits
- Fix incorrect level constant · 1d3a0ed9
  Scott authored 9 years ago
  
  1d3a0ed9 Browse File
- Coding style (user permission functions) · 4eb695e8
  Scott authored 9 years ago
  
  4eb695e8 Browse File
- Simplify logic in qa_permit_value_error · d7f60a74
  Scott authored 9 years ago
  
  d7f60a74 Browse File
- Return login error earlier in permissions function · 6186bc44
  Scott authored 9 years ago
  
  6186bc44 Browse File
12 Apr, 2015 3 commits
- Removed @ operator · d98e877b
  pupi1985 authored 9 years ago
  
  d98e877b Browse File
- Formatted code for function qa_permit_value_error · 3ea444d4
  pupi1985 authored 9 years ago
  
  3ea444d4 Browse File
- Slightly rearranged code in qa_permit_value_error · c46c7e3c
  pupi1985 authored 9 years ago
  
  c46c7e3c Browse File
03 Jan, 2015 1 commit

Fix errors with microformats · d3860445

Slightly hacky since answers/comments don’t have titles. Probably need
to switch to schema.org microdata instead.

authored 10 years ago

d3860445 Browse File