itflow

Commit Graph

Author	SHA1	Message	Date
johnnyq	e67a75805c	Fix: Authenticated users can craft a POST request to delete any file on the webserver. Thank you @ bhopkins0	2023-05-12 15:24:57 -04:00
johnnyq	48fe49cf77	BREAKING CHANGES - MAKE FULL BACKUP BEFORE PROCEEDING - Requires Manual Intervention on files see Forum Post Make sure you run the Database update directly after update. This Removes Multi-Company Functionality. Fixes issues with Reponsive tables and bunch of other UI and small Fixes	2023-03-11 16:16:46 -05:00
johnnyq	f7552cd25a	Finished up santizeInput Conv and UI updates	2023-02-23 16:09:37 -05:00
Marcus Hill	615f317d2b	General cleanup/formatting	2023-02-09 12:29:12 +00:00
Marcus Hill	2c3ebb3bbb	Tidy codestyle - spaces between parenthesis and curly braces	2023-01-21 17:09:39 +00:00
johnnyq	c0399a2c42	Added Disable and Activate Users, fixes #539	2023-01-13 18:24:50 -05:00
johnnyq	b6e540825f	Format output for the proper code syntax, this should fix many various issues with output formatting and page breakage	2022-12-02 19:58:21 -05:00
Marcus Hill	61777116a9	CSRF Token Upon login, issue the user a CSRF token (in their session). This token should be provided when completing sensitive actions (e.g. deleting companies/clients, changing their password, etc.) Ref: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern	2022-05-01 18:43:53 +01:00
Marcus Hill	51a6ba6084	Allow admins to disable 2FA for users	2022-04-01 19:53:49 +01:00
johnnyq	a96d43a017	Fix Views based off new role Permissions	2022-02-17 23:46:04 -05:00
johnnyq	f2f9f22545	Started using new php function for Currency formatting as this is best preactice, removed Client Access and removed certian user roles	2022-02-17 17:41:30 -05:00
johnnyq	f526737dca	Open link in New Window instead of current windows Client Logins	2022-02-12 15:55:24 -05:00
johnnyq	278b243e7c	Finished File Entity Renaming process	2022-02-05 13:24:57 -05:00

13 Commits