Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | * Adding function get_configured_ip_addresses() which returns all interfaces ↵ | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | | | | | | | | | and their configured IP address * Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks * Add and enforce HTTP_REFERER check if checkbox is not checked. This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall. | ||||
* | Fix text. | Erik Fonnesbeck | 2010-10-10 | 1 | -1/+1 |
| | |||||
* | Wording fix. | Warren Baker | 2010-10-10 | 1 | -2/+2 |
| | |||||
* | No need to use # in color code, it's already set with this | Scott Ullrich | 2010-07-14 | 1 | -1/+1 |
| | |||||
* | Allow overriding the Nifty corners background color | Scott Ullrich | 2010-07-14 | 1 | -3/+7 |
| | |||||
* | Handle VIP DNS-Rebinding detection correctly | Scott Ullrich | 2010-07-14 | 1 | -0/+5 |
| | |||||
* | Fix this function call, it only takes one parameter. | jim-p | 2010-07-13 | 1 | -1/+1 |
| | |||||
* | Print a warning on the login screen if you are accessing the router by a ↵ | jim-p | 2010-07-09 | 1 | -0/+20 |
| | | | | non-local IP address (one not configured on the system) to warn about potential MITM attacks. | ||||
* | Overhaul the user login system to use the Servers tab as its base. | Ermal Luçi | 2010-03-03 | 1 | -28/+3 |
| | | | | Fix quite a few problems down the way. | ||||
* | Recommit #161 changes. It appears a different commit has broken firewall ↵ | sullrich | 2009-12-03 | 1 | -0/+2 |
| | | | | rules edit and firewall nat edit. | ||||
* | Revert "Redirect to / when logging in to avoid posting to forms accidently ↵ | sullrich | 2009-12-03 | 1 | -3/+1 |
| | | | | | | and clearing the form and causing all kinds of chaos. Ticket #161" This reverts commit 6af7c40b296e0f95ec308d41aea55b3306c5e1ee. | ||||
* | Redirect to / when logging in to avoid posting to forms accidently and ↵ | sullrich | 2009-12-03 | 1 | -1/+3 |
| | | | | clearing the form and causing all kinds of chaos. Ticket #161 | ||||
* | Add priv.defs.inc to authgui.inc | sullrich | 2009-12-03 | 1 | -2/+2 |
| | |||||
* | Set 2nd parameter for isAllowedPage. Will be required for #34, 33, 32 | sullrich | 2009-12-02 | 1 | -1/+1 |
| | |||||
* | Rework includes/require. This saves about 4 megabytes. | Scott Ullrich | 2009-11-21 | 1 | -0/+1 |
| | | | | Simplify get_memory(). Tested on mips/i386 | ||||
* | Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions | Scott Ullrich | 2009-09-12 | 1 | -0/+2 |
| | |||||
* | * Move functions that output html to guiconfig.inc | Ermal Luci | 2009-06-18 | 1 | -2/+1 |
| | | | | | | | | | * Remove some recursive dependency on some includes * Remove ^M or \r from files * Remove some entries from functions.inc to avoid including them twice * Remove some unneccessary includes from some files NOTE: There is some more work to be done for pkg-utils.inc to be removed from backend as a dependency. | ||||
* | Set focus to the username field | Bill Marquette | 2009-03-12 | 1 | -0/+2 |
| | |||||
* | Fix the case when users without access to index.php get an error message. | Ermal Luçi | 2008-11-22 | 1 | -33/+17 |
| | | | | | | This redirects the users to the first allowed pagge if they do not have access to index.php and errors out only if no page has been assigned to them. NOTE: It is strange that a user cannot change its password! | ||||
* | Cleanup some of the authentication code. Fix the problem where you must | Matthew Grooms | 2008-09-03 | 1 | -40/+17 |
| | | | | | | | navigate away from the initial page twice to get somewhere. Remove some of the cruft that was no longer used. Don't unconditionally redirect a user to their homepage if another url was specified pre-login. This will allow admins to create bookmarks to specific pfsense webui pages. | ||||
* | Cleanup authentication code. The basic auth method, the passwd, htpasswd | Matthew Grooms | 2008-08-03 | 1 | -3/+2 |
| | | | | | | | | | | | | | and pam backing functions have been removed. The basic auth method was legacy code and the backing functions were redundant with no added value that I could see. A simplified replacement backing function named local_backed has been added that authenticates to the local configuration info which should be identical to system pwdb credentials. Since the htpassword file is no longer required, sync_webgui_passwords and its wrapper function system_password_configure have been removed. The local account management functions were renamed for consistency. A few minor bugs related to setting local passwords have also been corrected. | ||||
* | Rewrite portions of the user manager to ensure data is properly synced to | Matthew Grooms | 2008-07-25 | 1 | -197/+208 |
| | | | | | | | | | | | the system password and group databases. This is to provide better support for centralized user management when local account administration is preferred. I also took this opportunity to do some housekeeping. A lot of funtions that were only being used in one place or not at all were removed. The user page privelege checks were also simplified in preperation for future work in this area. | ||||
* | fix IE login | Chris Buechler | 2008-07-13 | 1 | -1/+1 |
| | | | | Ticket #1707 | ||||
* | Make loginpage more themeable. Only theme that uses this so far is ↵ | Holger Bauer | 2008-04-05 | 1 | -318/+282 |
| | | | | the_wall. Other themes look ugly now (only loginpage) but are usable. Will be fixed within the next day(s). | ||||
* | * Remove blank trailing line | Scott Ullrich | 2008-02-16 | 1 | -1/+2 |
| | | | | * Allow custom urls that include pkg.php to be saved | ||||
* | Latest LDAP changes from Mark Batchelor | Scott Ullrich | 2008-02-03 | 1 | -9/+2 |
| | |||||
* | * Remove trailing blank line | Scott Ullrich | 2008-02-03 | 1 | -1/+1 |
| | | | | * Make sure $search has data before operating on it | ||||
* | Latest eDir / Active Directory tweaks from Mark Batchelor. | Scott Ullrich | 2008-01-31 | 1 | -309/+325 |
| | | | | Thanks again for him helping us with this project! | ||||
* | * Missing = | Scott Ullrich | 2008-01-01 | 1 | -3/+3 |
| | | | | * Allow user manager to adhere to admins group | ||||
* | Allow multiple groups to be assigned per user. | Scott Ullrich | 2007-12-28 | 1 | -5/+7 |
| | | | | Work sponsored-by: Centipede Networks | ||||
* | Adding LDAP backend glue. | Scott Ullrich | 2007-12-27 | 1 | -7/+14 |
| | | | | Work sponsored-by: Centipede Networks <http://centipedenetworks.com/> | ||||
* | Store global privs list in $g['privs'] | Scott Ullrich | 2007-12-03 | 1 | -0/+1 |
| | |||||
* | Nuke code that does nothing. | Scott Ullrich | 2007-11-19 | 1 | -23/+4 |
| | |||||
* | Make the error message clickable so that the admin can easily return to the GUI. | Scott Ullrich | 2007-11-19 | 1 | -0/+1 |
| | |||||
* | Do not logout session if the user does not have access to a page. We should ↵ | Scott Ullrich | 2007-11-19 | 1 | -6/+1 |
| | | | | also hide menu items that user does not have access to. | ||||
* | Correctly check for page names by including .php. Strip off / if found so ↵ | Scott Ullrich | 2007-11-19 | 1 | -2/+2 |
| | | | | that we can get an exact page match against the URL. My test diagnostics user now works. | ||||
* | Instead of throwing a very vague 401 error actually tell the user which page ↵ | Scott Ullrich | 2007-11-18 | 1 | -1/+1 |
| | | | | they do not have access to. This will also help admins troubleshoot group manager page privs. | ||||
* | Correctly show 401 errors. | Scott Ullrich | 2007-11-18 | 1 | -1/+8 |
| | |||||
* | Fix field display on login screen | Bill Marquette | 2007-08-06 | 1 | -4/+4 |
| | |||||
* | Users that have specific page access can now login | Bill Marquette | 2007-08-01 | 1 | -5/+10 |
| | |||||
* | * fix: background on login screen | Daniel Stefan Haischt | 2007-06-03 | 1 | -1/+5 |
| | |||||
* | Remove trailing space / cr | Scott Ullrich | 2007-05-27 | 1 | -1/+1 |
| | |||||
* | Correct style sheet class. | Seth Mos | 2007-05-11 | 1 | -2/+2 |
| | |||||
* | Backport usermanager code from HEAD so I can get it in the snaps and | Bill Marquette | 2007-04-13 | 1 | -0/+306 |
start testing it properly There's still some CSS/HTML fixes needed but the code seems to work |