AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,328 Commits 2 Branches 0 Tags
669b5c7e2e6b714c6b4b7bb58e0287c0e9e5c868
Commit Graph

725 Commits

Author SHA1 Message Date
irdc
4b76bc5b32 Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 
* Use a HMAC to sign and validate CSRF tokens, instead of generating random
ones and storing them in the session data. Reduces number of writes to
sessions table and fixes kanboard issue #4942.
* Added missing CSRF check for starting/stopping subtask timers.

Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
 2022-09-17 17:23:41 -07:00
Jack Williams
c53bee4a08 Translate subtask status on demand 
Fixes #4476
 2022-07-11 20:45:06 -07:00
Tomas Dittmann
c4f9c34f75 Reordering of subtask is not saved 2022-03-17 17:25:46 -07:00
Frédéric Guillot
f5bb55bdb8 PHP 8 Compatibility 2022-02-05 11:49:03 -08:00
Tomas Dittmann
61e63ef9e0 Remove project_id from task URLs 2022-02-04 20:59:33 -08:00
Tomas Dittmann
a40da29a0e don't look for project_id for files 
it is only used for late accessibility checking (it was already checked in middleware).

With this, you can create stable file links (as long as the file exists)

I need this change for my [inline image plugin](https://github.com/Chaosmeister/PITM)
 2021-12-03 17:28:48 -08:00
Tomas Dittmann
cc0745542a switch to helper->text 
use the available and overridable markdownparser for previews
 2021-10-22 14:27:09 -07:00
Frédéric Guillot
cc6f1db846 Avoid user enumeration by using avatar image url 2021-06-05 17:07:43 -07:00
Frédéric Guillot
3c85d35485 Avoid user enumeration using password reset functionality 2021-06-05 15:14:11 -07:00
Frédéric Guillot
71123b0f37 Add missing CSRF checks 2021-06-05 14:59:12 -07:00
Manfred Hoffmann
ae39544e10 Catch error when trying to upload empty or invalid avatar 2021-04-19 22:42:58 -07:00
Frédéric Guillot
31ce583743 Write RememberMe cookie only after 2FA has been validated 2021-04-04 17:57:47 -07:00
Patrick Kuijvenhoven
a267aa368b Add new analytic component "Estimated vs actual time per column" 2021-02-21 20:22:45 -08:00
Lakhwinder Singh
2494ff2e3c remove un-used namespaces 2020-10-21 18:44:11 -07:00
Henrik
64a5e7ef56 Added standard notification footer to comment_mail template 2020-06-21 10:36:43 -07:00
Franky Van Liedekerke
0ede384cda Use Ajax request for Markdown preview 
This remove dependency on a Javascript library.
 2020-05-01 20:05:53 -07:00
Timo
027f875ac6 Save task list order in user session 2020-04-22 20:40:39 -07:00
Timo
67a5dd6a89 Add option to enable or disable global tags per projects 2020-04-04 11:39:17 -07:00
Frédéric Guillot
b39f857dc4 Rename "private" projects to "personal" 2020-02-29 18:51:52 -08:00
Frédéric Guillot
c12bbb1613 Fix grammatical errors 
Fixes #4420
 2020-02-29 16:34:38 -08:00
Andre Nathan
c8a617cfcb Add per-project and per-swimlane task limits 
This change allows projects and swimlanes to be configured with task limits that apply to their whole scope (i.e. all active tasks in a project or swimlane, respectively), as opposed to the usual per-column task limits.
 2020-02-25 20:26:31 -08:00
Timo
2c98be3ead Add the possibility to make tags global from project settings 2020-02-10 19:48:51 -08:00
Andre Nathan
e59ab08af3 Allow task limits to be applied per-swimlane 2020-02-04 20:16:35 -08:00
Timo
f0b53863fb Add colors to tag and category list 
Add colors to:

- Global tag list
- Project tag list
- Project category list
 2019-11-21 19:36:19 -08:00
Slade
89c8add4f4 Make sure incompatible plugins can be uninstalled from the web ui 2019-11-19 20:23:15 -08:00
Slade
cac62d24b4 Show ISO date format in application settings 2019-11-16 17:10:58 -08:00
Michael Vickers
3855617743 Stop last project manager role from being removed 
If the user will no longer be a project manager and there no other 
managers then stop the role from being changed
 2019-10-09 20:34:21 -07:00
Frédéric Guillot
216f2dee12 Add project ID to ExternalTaskProviderInterface::fetch() 2019-07-30 12:58:36 -07:00
Frédéric Guillot
e60686cd10 Fix English grammatical errors 2019-07-15 14:42:15 -07:00
KN4CK3R
1a39c46620 Save thumbnails as PNG to allow transparency 2019-07-10 13:12:02 -07:00
Florian
91d703eb8d Make sure the Project Identifier is saved when creating a project from anther one 2019-07-05 21:50:54 -07:00
Craig Crosby
48acf99fd1 Sort columns by due date 2019-07-02 19:52:22 -07:00
Florian Völker
efed94b23d Add "identifier" beside "name" while creating a new project 2019-06-27 19:39:02 -07:00
Frédéric Guillot
0295388461 Add new actions to reorder tasks by column 2019-02-08 13:53:13 -08:00
Frédéric Guillot
fa08493348 Limit avatar image size 
fixes #4041
 2019-02-01 12:12:36 -08:00
Frédéric Guillot
061ba4abe1 Avoid CSRF in users CSV import 2019-01-31 20:06:49 -08:00
Frédéric Guillot
a1c437bce8 Do not show projects dropdown when prompting the 2FA code 2019-01-30 21:17:30 -08:00
Frédéric Guillot
322383b084 Always returns a 404 otherwise people might guess which user exist 2019-01-30 21:07:56 -08:00
Frédéric Guillot
19ea9ed620 Add missing CSRF check in TwoFactorController::deactivate() 2019-01-30 20:21:12 -08:00
Cyboulette
cc34318bc7 Fix PHP error in task views (tag colors) 2019-01-19 13:38:50 -08:00
Rafael de Camargo
f79a2ee5e7 Fix permission check before "Assign to me" 
Users who should not be able to change assignee cannot "assign to me"

Fixes #4121
 2019-01-10 01:17:03 -02:00
Michael Vickers
2deb6cc917 Redirect to board view of the current task after duplication 2018-10-15 18:07:50 -07:00
Julian Maurice
318b5414d2 Allow 'No assignee' for external task on single user public boards 
'No assignee' option is already available in modification but not in
creation.
This patch fixes that by allowing the 'No assignee' option on external
task creation.
 2018-08-12 10:28:59 -07:00
Julian Maurice
9d4cd31e1a Allow to associate tags to colors 
The color is then used as background in the board, list and task details
views
 2018-08-11 10:15:13 +02:00
Julian Maurice
ae3ade0908 Allow to associate project categories to colors 
The color is then used as background in the board and list views
 2018-08-09 19:45:51 +02:00
W1lkins
efd64d842d Change 'entered' to 'enter' 2018-07-29 20:29:07 -07:00
Frédéric Guillot
0f8d994e43 Add more fields in bulk task creation form 2018-06-08 11:12:24 -07:00
Frédéric Guillot
9d4be201aa Add quick link assign me in different views 2018-06-07 15:02:10 -07:00
Frédéric Guillot
2a299d33d1 Add bulk task modification in list view 2018-06-06 11:07:12 -07:00
Miodrag Tokić
5dae1e2e83 Run cron jobs via URL 
Kanboard supports running cron jobs via CLI. There are hosting services
that don't offer CLI access, but they do offer calling a URL
periodically. This feature is often used as a CLI cron job replacement.

This commit adds a CronjobController called by "/cronjob" URL that will
execute cron jobs as they were executed via CLI. The URL has public
access, but is protected using the webhook token. The "/cronjob" URL
should be called via HTTPS.
 2018-06-04 09:59:55 -07:00