Commit Graph
7 Commits
Author SHA1 Message Date
Gilles DepeyrotandPipoCanaja 85532b8a58 Clarify wording of disable/alert device settings and dependency between the two settings (#10809)
* Corrected filtering of devices under maintenance

* Clarify wording of disable/alert device settings and dependency between the two settings

* Disable "Ignore alerts" checkbox according to initial setting of "Disable polling"

* Correct initial enabling/disabling of 'Ignore alerts'

* Remove not functional js code
2019-11-14 08:03:23 +01:00
SourceDoctorandPipoCanaja dfb4317d38 Bootstrapped checkboxes (#10749) 2019-11-05 00:02:49 +01:00
Tony MurrayandGitHub d3243bd32e Fix public status location (#10526)
* Fix public status location
Implementing __toString() seemed to be the most elegant way to fix it.
Added pre-loading for locations too

* Take advantage of new __toString function
2019-08-19 22:52:21 -05:00
Tony MurrayandGitHub e99f421511 Remove legacy auth usage of $_SESSION (#10491)
* Remove auth use of $_SESSION

Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()

* revert accidental replacement
2019-08-05 14:16:05 -05:00
Tony MurrayandGitHub 3ead462549 Enable CSRF protection (#10447)
* Enable CSRF protection

* fix style issues
2019-07-17 07:20:26 -05:00
Tony MurrayandGitHub f3ba8947f7 Use Config helper (#10339)
remove usage of global variable
2019-06-23 00:29:12 -05:00
Tony MurrayandGitHub 36431dd296 Security fix: unauthorized access (#10091)
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)

Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input

* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
2019-04-11 23:26:42 -05:00