chamilo-lms

Commit Graph

Author	SHA1	Message	Date
Julian Prud'homme	bc806d825f	[svn r12525] Fix a bug with the session mode (bug with combined course) : http://projects.dokeos.com/?do=details&id=1592	19 years ago
Yannick Warnier	d2bebd9e45	[svn r12522] Updated api_display_tool_view_option() to allow for studentView switch even in framed mode (added target="_top") Fixed a missing "&" character from previous commit	19 years ago
Yannick Warnier	684209685d	[svn r12520] Fixed bug preventing natural behaviour of studentView (checking for &studentView but not &studentView - now always using &studentView everywhere)	19 years ago
Yannick Warnier	dd411ecdcf	[svn r12518] Upgrading pclzip to version 2.5. This fixes cyclic bug when creating archive that contains filenames including "../". See http://projects.dokeos.com/?do=details&id=1524 for details	19 years ago
Patrick Cool	b35deb5649	[svn r12502] correct nomenclatura	19 years ago
Yannick Warnier	87be91e298	[svn r12492] Escape gidReq to avoid SQL injection - see http://projects.dokeos.com/?do=details&id=1582	19 years ago
Yannick Warnier	bb5cb81fe1	[svn r12489] Added optional param to api_protect_course_script() to print headers when calling api_not_allowed(). Defaults to false so that current scripts remain the same.	19 years ago
Yannick Warnier	0e9260f0c2	[svn r12488] Removed several SQL injection security threats (see http://projects.dokeos.com/?do=details&id=1582 )	19 years ago
Yannick Warnier	575a6c0aa4	[svn r12476] Introduced config-file settable session cookie lifetime. Defaults to 100 hours. Can be changed in config file (not in DB because used before DB connection). Updated install scripts as well to create variable in config file. Upgrade should work as well as there is a last-resort default value set in the code.	19 years ago
Yannick Warnier	dbaf9dcc8b	[svn r12475] Assign a default value to $_configuration in case it is not installed yet (avoid injection)	19 years ago
Yannick Warnier	f66855b74a	[svn r12465] Developed method remove_XSS()	19 years ago
Yannick Warnier	cf257669cb	[svn r12464] Filter $_GET['img'], fixing part of security flaw number 2 in http://www.frsirt.com/bulletins/10497	19 years ago
Yannick Warnier	5c7a450acd	[svn r12463] Added inclusion of security.lib.php Removed deprecated code Removed useless assignation to $_REQUEST['PHP_SELF'] - this does not work Updated use of library path locally to prevent unnecessary database accesses - added proper warning comments	19 years ago
Patrick Cool	fc51bd3740	[svn r12459] http://projects.dokeos.com/?do=details&id=1281	19 years ago
Yannick Warnier	70786d04f2	[svn r12448] - Added management of SCORM cmi.core.exit value that needs to be kept in-database to allow for better follow-up of the students interruptions - Fixed returned values for LMSSetValue() and LMSGetValue() in SCORM API, changed from JavaScript boolean to JavaScript strings ("true" and "false") as SCORM requires	19 years ago
Yannick Warnier	2b69926068	[svn r12435] Added more indexes after analysis of heavy-load servers	19 years ago
Yannick Warnier	db0cbf0248	[svn r12433] Now creates indexes for lp_* tables as it proves to be a bottleneck on heavy-load servers	19 years ago
Julian Prud'homme	3469b1ce86	[svn r12431] Fix the bug : http://projects.dokeos.com/?do=details&id=1556	19 years ago
Julian Prud'homme	02f82f5395	[svn r12421] Fix a bug with the CSV export	19 years ago
Yannick Warnier	53c4a5f03d	[svn r12381] Added filtering capabilities on zip-file upload (to be extended to other uploads) Added a "security" section to the administration portal settings panel	19 years ago
Julian Prud'homme	6c4c8a109e	[svn r12375] Remove the button "browse server" wich didn't work	19 years ago
Eric Marguin	1fc2fd489a	[svn r12350] escape " in the strings exported	19 years ago
Patrick Cool	c7dc6e1b91	[svn r12336] setting 1.8 to stable (although this is not used)	19 years ago
Yannick Warnier	4de8fec758	[svn r12292] Removed useless size-modifier	19 years ago
Julian Prud'homme	3a792ff496	[svn r12290] Add a missing field in dropbox_file	19 years ago
Julian Prud'homme	ce5028b8fa	[svn r12276] Change the path to the new Dokeos Manual (PDF file)	19 years ago
Julian Prud'homme	a3de6f0333	[svn r12273] 7th step in removing all $_SERVER['PHP_SELF']	19 years ago
Julian Prud'homme	1f5d1270b4	[svn r12272] 6th step in removing all $_SERVER['PHP_SELF']	19 years ago
Yannick Warnier	5ddc7c095d	[svn r12270] Check parameter is array before issuing foreach()	19 years ago
Julian Prud'homme	e0881e59b0	[svn r12269] 5th step in removing all $_SERVER['PHP_SELF']	19 years ago
Julian Prud'homme	940ce9b538	[svn r12266] third step in removing all $_SERVER['PHP_SELF']	19 years ago
Julian Prud'homme	0d8e51a58e	[svn r12265] second step in removing all $_SERVER['PHP_SELF']	19 years ago
Julian Prud'homme	97778d4ca4	[svn r12263] First step ni removing all $_SERVER['PHP_SELF']	19 years ago
Julian Prud'homme	810ad5a9cc	[svn r12258] Change the type of the field option_id from int to text in the course table	19 years ago
Julian Prud'homme	ddb43212b7	[svn r12257] Change the version number	19 years ago
Julian Prud'homme	441178f40b	[svn r12256] As requested by thomas, sort the user's course by alphabetic order	19 years ago
Yannick Warnier	13e7d9fc51	[svn r12249] Check if the array is not empty before doing so many operations on it.	19 years ago
Yannick Warnier	778a74e803	[svn r12246] Ensure user_id and group_id are defined before issuing DB query	19 years ago
Yannick Warnier	f35574d042	[svn r12243] Comment unused lines that were generating useless error messages. We never use SQL queries directly from QuickForm to generate select dropdowns	19 years ago
Yannick Warnier	4f66a8fb43	[svn r12223] Make sure $platformLanguage is defined (was empty, most of the time)	19 years ago
Yannick Warnier	8c8374b529	[svn r12216] Improved checks before HTTP redirection to user_portal (in api_not_allowed())	19 years ago
Yannick Warnier	2299eee5c4	[svn r12215] Added param to api_not_allowed(). Default is as before (doesn't print headers). If param set to true, headers are considered already sent (redirect is impossible)	19 years ago
Yannick Warnier	4b86251d49	[svn r12213] api_not_allowed() now deals itself with the header (this means it has to be called before any output in other tools) api_not_allowed() now deals with missing cidReq (normally showing "not allowed" message) by sending the user to the user_portal.php script (no login necessary)	19 years ago
Yannick Warnier	ce20dec32d	[svn r12210] Moved filtering of PHP_SELF to avoid injection in GLOBALS	19 years ago
Yannick Warnier	d5cc5bc908	[svn r12202] Added constants for DROPBOX tables	19 years ago
Yannick Warnier	74383edbf9	[svn r12201] Fixed typo preventing creation of dropbox_post table	19 years ago
Yannick Warnier	b1fb4c7829	[svn r12200] Added clear_token() method to allow for recognition of double-submit	19 years ago
Patrick Cool	389f375c75	[svn r12159] bugfix: create new course => sort was always 1 and user could not sort his courses	19 years ago
Julian Prud'homme	a143382aeb	[svn r12156] replace french words by a language var	19 years ago
Julian Prud'homme	8ea12ad9c4	[svn r12144] Fix a bug when we don't choose a places number limit : http://projects.dokeos.com/?do=details&id=1445	19 years ago

... 4 5 6 7 8 ...

634 Commits (77bb192aedf71e83a65472b9126d2f4cadcfedbd)