* Corrected filtering of devices under maintenance
* Clarify wording of disable/alert device settings and dependency between the two settings
* Disable "Ignore alerts" checkbox according to initial setting of "Disable polling"
* Correct initial enabling/disabling of 'Ignore alerts'
* Remove not functional js code
* Fix public status location
Implementing __toString() seemed to be the most elegant way to fix it.
Added pre-loading for locations too
* Take advantage of new __toString function
* Remove auth use of $_SESSION
Will break plugins that depend on $_SESSION, Weathermap was already fixed.
Port them to use Auth::check()/Auth::user()/Auth:id()
* revert accidental replacement
* Security fix: unauthorized access
Affects nginx users:
Moved php files outside of public html directory (Apache was protected by .htaccess)
Affects all users:
Some files did not check for authentication and could disclose some info.
Better checks before including files from user input
* git mv html/includes/ includes/html
git mv html/pages/ includes/html/
SourceDoctor
Gilles Depeyrot
Tony Murray