AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
4b76bc5b32b27e3a6a810be4d535cde53c268671
Kanboard-Prod/app/Controller
History
irdc 4b76bc5b32 Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data 
* Use a HMAC to sign and validate CSRF tokens, instead of generating random
ones and storing them in the session data. Reduces number of writes to
sessions table and fixes kanboard issue #4942.
* Added missing CSRF check for starting/stopping subtask timers.

Co-authored-by: Willemijn Coene <willemijn@irdc.nl>
2022-09-17 17:23:41 -07:00
..
ActionController.php
Avoid people to alter other projects by changing form data
2017-09-23 18:48:45 -07:00
ActionCreationController.php
Fix grammatical errors
2020-02-29 16:34:38 -08:00
ActivityController.php
Fix PHP error in task views (tag colors)
2019-01-19 13:38:50 -08:00
AnalyticController.php
Add new analytic component "Estimated vs actual time per column"
2021-02-21 20:22:45 -08:00
AppController.php
Return HTTP 403 when access is forbidden
2017-04-30 15:23:47 -04:00
AuthController.php
Redirect to original URL after oauth login
2018-03-05 10:43:15 -08:00
AvatarFileController.php
Avoid user enumeration by using avatar image url
2021-06-05 17:07:43 -07:00
BaseController.php
don't look for project_id for files
2021-12-03 17:28:48 -08:00
BoardAjaxController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
BoardPopoverController.php
Remove default swimlane
2017-02-18 09:42:01 -05:00
BoardTooltipController.php
remove un-used namespaces
2020-10-21 18:44:11 -07:00
BoardViewController.php
Offer the possibility to override internal formatter objects from plugins
2016-12-20 20:06:39 -05:00
CaptchaController.php
Store PHP sessions in the database
2017-12-12 15:04:28 -08:00
CategoryController.php
Fix grammatical errors
2020-02-29 16:34:38 -08:00
ColumnController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
ColumnMoveRestrictionController.php
Add assignee restriction for custom project roles (dnd)
2017-04-08 11:18:58 -04:00
ColumnRestrictionController.php
Add column restrictions to custom project roles
2016-09-18 21:19:48 -04:00
CommentController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
CommentListController.php
PHP 8 Compatibility
2022-02-05 11:49:03 -08:00
CommentMailController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
ConfigController.php
Show ISO date format in application settings
2019-11-16 17:10:58 -08:00
CronjobController.php
Run cron jobs via URL
2018-06-04 09:59:55 -07:00
CurrencyController.php
Fix grammatical errors
2020-02-29 16:34:38 -08:00
CustomFilterController.php
Fix grammatical errors
2020-02-29 16:34:38 -08:00
DashboardController.php
Use user variable instead of current session
2017-04-08 18:24:07 -04:00
DocumentationController.php
Move documentation to https://docs.kanboard.org/
2018-04-06 10:54:58 -07:00
ExportController.php
Fix broken daily summary export
2018-03-09 16:13:05 -08:00
ExternalTaskCreationController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
ExternalTaskViewController.php
Add project ID to ExternalTaskProviderInterface::fetch()
2019-07-30 12:58:36 -07:00
FeedController.php
Remove dependency on PicoFeed
2018-02-02 15:39:47 -08:00
FileViewerController.php
Save thumbnails as PNG to allow transparency
2019-07-10 13:12:02 -07:00
GroupAjaxController.php
Offer the possibility to override internal formatter objects from plugins
2016-12-20 20:06:39 -05:00
GroupCreationController.php
Rename all models
2016-05-28 19:48:22 -04:00
GroupListController.php
Add projects search
2017-11-16 14:53:05 -08:00
GroupModificationController.php
Rename all models
2016-05-28 19:48:22 -04:00
ICalendarController.php
Remove useless URL params
2017-11-08 15:36:04 -08:00
LinkController.php
Improve link labels pages navigation
2017-01-08 21:18:54 -05:00
OAuthController.php
Redirect to original URL after oauth login
2018-03-05 10:43:15 -08:00
PasswordResetController.php
Avoid user enumeration using password reset functionality
2021-06-05 15:14:11 -07:00
PluginController.php
Make sure incompatible plugins can be uninstalled from the web ui
2019-11-19 20:23:15 -08:00
PredefinedTaskDescriptionController.php
Add predefined templates for task descriptions
2017-11-02 15:41:58 -07:00
ProjectActionDuplicationController.php
Rename all models
2016-05-28 19:48:22 -04:00
ProjectCreationController.php
Rename "private" projects to "personal"
2020-02-29 18:51:52 -08:00
ProjectEditController.php
Avoid people to alter other projects by changing form data
2017-09-23 18:48:45 -07:00
ProjectFileController.php
Add CSRF check for task and project files upload
2018-01-29 15:56:30 -08:00
ProjectListController.php
Add projects search
2017-11-16 14:53:05 -08:00
ProjectOverviewController.php
Prevent people to remove swimlanes that contains tasks
2017-02-18 13:38:51 -05:00
ProjectPermissionController.php
Stop last project manager role from being removed
2019-10-09 20:34:21 -07:00
ProjectPredefinedContentController.php
Add predefined templates for task descriptions
2017-11-02 15:41:58 -07:00
ProjectRoleController.php
Add custom role edition
2016-09-17 15:25:27 -04:00
ProjectRoleRestrictionController.php
Add project restrictions for custom roles
2016-09-11 16:08:03 -04:00
ProjectStatusController.php
Redirect to project list when removing a project
2017-03-12 21:38:03 -04:00
ProjectTagController.php
Add option to enable or disable global tags per projects
2020-04-04 11:39:17 -07:00
ProjectUserOverviewController.php
Add ui to create new custom project roles and column restrictions
2016-09-10 22:37:57 -04:00
ProjectViewController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
SearchController.php
Use same layout as task listing for task search
2017-03-11 18:08:25 -05:00
SubtaskController.php
Reordering of subtask is not saved
2022-03-17 17:25:46 -07:00
SubtaskConverterController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
SubtaskRestrictionController.php
Translate subtask status on demand
2022-07-11 20:45:06 -07:00
SubtaskStatusController.php
Use a HMAC to sign and validate CSRF tokens, instead of generating random ones and storing them in the session data
2022-09-17 17:23:41 -07:00
SwimlaneController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
TagController.php
Add colors to tag and category list
2019-11-21 19:36:19 -08:00
TaskAjaxController.php
PHP 8 Compatibility
2022-02-05 11:49:03 -08:00
TaskBulkChangePropertyController.php
remove un-used namespaces
2020-10-21 18:44:11 -07:00
TaskBulkController.php
Add more fields in bulk task creation form
2018-06-08 11:12:24 -07:00
TaskBulkMoveColumnController.php
Add checkboxes in list view to move tasks to another column at once
2018-06-01 15:58:17 -07:00
TaskCreationController.php
Avoid people to alter other projects by changing form data
2017-09-23 18:48:45 -07:00
TaskDuplicationController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskExternalLinkController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskFileController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskImportController.php
Fix English grammatical errors
2019-07-15 14:42:15 -07:00
TaskInternalLinkController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskListController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00
TaskMailController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskModificationController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskMovePositionController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskPopoverController.php
Remove dropdown menus that are now available with task edit form
2016-06-24 18:09:01 -04:00
TaskRecurrenceController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskReorderController.php
Sort columns by due date
2019-07-02 19:52:22 -07:00
TaskStatusController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TaskSuppressionController.php
Add project restrictions for custom roles
2016-09-11 16:08:03 -04:00
TaskViewController.php
Remove project_id from task URLs
2022-02-04 20:59:33 -08:00
TwoFactorController.php
Write RememberMe cookie only after 2FA has been validated
2021-04-04 17:57:47 -07:00
UserAjaxController.php
Add user backend provider system
2017-11-09 15:09:54 -08:00
UserApiAccessController.php
Avoid PHP notice when regenerating API token for a user
2017-05-12 17:35:22 -04:00
UserCreationController.php
Add user invitations
2017-01-22 22:38:00 -05:00
UserCredentialController.php
Filter variables when updating user profile
2017-08-11 22:18:53 -07:00
UserImportController.php
Fix English grammatical errors
2019-07-15 14:42:15 -07:00
UserInviteController.php
Add user invitations
2017-01-22 22:38:00 -05:00
UserListController.php
Add search in groups
2017-11-16 14:39:18 -08:00
UserModificationController.php
Add default filter per user
2018-04-02 14:07:04 -07:00
UserStatusController.php
Rename all models
2016-05-28 19:48:22 -04:00
UserViewController.php
Make user actions available from contextual menu
2017-03-11 15:24:34 -05:00
WebNotificationController.php
Add missing CSRF checks
2021-06-05 14:59:12 -07:00