summaryrefslogtreecommitdiff
path: root/index.php
AgeCommit message (Collapse)Author
2011-04-20- Improve performance by including files with absolute path (#1487849) alecpl
2011-03-22Revert r4609 and use stateless request tokens; no need to save them in ↵thomascube
session and thus no keep-alive necessary; fixes #1487829
2011-03-15Keep session alive while showing login page (request token is stored in ↵thomascube
session data)
2011-03-08- small code cleanupalecpl
2011-03-08- Performance improvement: Remove redundant DELETE query (for old session ↵alecpl
deletion) on login
2011-02-08Also check referer on logout actionthomascube
2011-02-08Add optional referer check to prevent CSRF in GET requeststhomascube
2011-02-03protect login form submission from CSRF using a request tokenthomascube
2011-01-28Improve session validity check with changing auth cookies; reduce writes to ↵thomascube
DB; better phpdoc
2011-01-19Better fix for login redirect, don't force mail taskthomascube
2011-01-16- Move action files map from index.php to steps' func.inc filesalecpl
2011-01-14Fix login redirect issues (#1487686)thomascube
2011-01-12Bumbed version; Roundcube development is not Switzerland onlythomascube
2011-01-06Make sure an existing session is killed/replaced when submitting login formthomascube
2010-12-03- New Folder Manager UIalecpl
- Fix invalid Request when creating a folder (#1487443) - Add folder size and quota indicator in folder manager (#1485780) - Add possibility to move a subfolder into root folder (#1486791)
2010-11-29- Plugin API: Add 'pass' argument in 'authenticate' hook (#1487134)alecpl
2010-11-09- Handle situation when $IMAP object isn't initialized on log inalecpl
2010-10-14- Improved IMAP errors handlingalecpl
2010-10-01- Fix "Server Error! (Not Found)" when using utils/save-pref action (#1487023)alecpl
2010-09-25- s/RoundCube/Roundcube/alecpl
2010-09-17- Fix list_cols is not updated after column dragging (#1486999)alecpl
- Improved save-pref action and moved to separate file in utils task directory - Improved http_post/http_request to support first argument in form 'task/action'
2010-08-07Fix unit tests + update versionthomascube
2010-06-23- removed PHP closing tagalecpl
2010-06-03Allow plugins to register their own tasksthomascube
2010-04-20- Add HTTP_X_REAL_IP and HTTP_X_FORWARDED_FOR to successful logins log ↵alecpl
(#1486441)
2010-04-01Add server-side plugin hooks to address group functions + better action namesthomascube
2010-03-31Asynchronously expand contact groups + skip count queries in autocompletion ↵thomascube
mode + check for the existance of contactgroups table
2010-03-31Implement group renaming/deleting + use more consistent names for commands ↵thomascube
and actions (#1486587)
2010-03-26Added basic contact groups featurethomascube
2010-03-17Merged devel-threads branch (r3066:3364) back into trunkthomascube
2010-03-01- Improve performance by avoiding unnecessary updates to the session table ↵alecpl
(#1486325)
2010-02-25- Password: Make passwords encoding consistent with core, add ↵alecpl
'password_charset' global option (#1486473)
2010-02-24- don't set task for login_after hookalecpl
2010-02-13- Fix imap_init hook broken in r3258 (#1486493)alecpl
2010-02-06- Fix setting task name according to auth state. So, any action before useralecpl
is authenticated is assigned to 'login' task instead of 'mail'. Now binding plugins to 'login' task is possible and realy usefull. It's also possible to bind to all tasks excluding 'login'.
2010-01-28- add file/line definitions to raise_error() callsalecpl
2010-01-17- Fix 'force_https' to specified port when URL contains a port number (#1486411)alecpl
2009-10-27- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243) + fix port checkalecpl
2009-10-21Revert r3038 and allow to specify the port as value of force_httpsthomascube
2009-10-14- fix last commitalecpl
2009-10-14- Fix login page loading into an iframe when session expires (#1485952)alecpl
2009-10-13- Option 'force_https' replaced by 'force_https' pluginalecpl
- added option 'force_https_port' in 'force_https' plugin (#1486091)
2009-09-05- Fix wrong headers for IE on servers without $_SERVER['HTTPS'] (#1485926)alecpl
- Force IE style headers for attachments in non-HTTPS session, 'use_https' option (#1485655)
2009-08-14Add some arguments to the logout_after hookthomascube
2009-08-14Implemented logout_after plugin hookthomascube
2009-08-07Fix spell check (#1486036)thomascube
2009-08-05Allow a plugin to disable the cookie checkthomascube
2009-07-24Don't check request token on loginthomascube
2009-07-22- Help pluginalecpl
- support 'dummy' task (for plugins)
2009-07-21Use global request tokens and automatically protect all POST requeststhomascube