summaryrefslogtreecommitdiffstats
path: root/etc/inc/authgui.inc
Commit message (Collapse)AuthorAgeFilesLines
* Rmoeve register_long_arrays from php.ini and from php code the use of ↵Ermal2013-12-201-1/+1
| | | | HTTP_*_VARS as its deprecated and luckily low use in pfSense to win memory and compativility
* Omit IP warning if HTTP_REFERER check is disabled.Matt Smith2013-07-031-1/+1
|
* Treat openvpn tunnel IPs as local IPs and prevent warning on login page when ↵Renato Botelho2013-02-151-0/+13
| | | | acessing it using tun IP address. Fixes #1681
* Fix login form username field focusPhil Davis2013-02-111-1/+1
| | | The Username filed was no longer getting focus - just a missing "/" in a critical place.
* Update HTML in "include" filesColin Fleming2013-02-061-17/+21
| | | | | | | | | | | | | | | Udated the DOCTYPE to make it W3C standard/compliant. Moved "sorttable.js", "ticker.js" and the "antiClickJack style" from "fbegin.inc" and place them in "head.inc" (where they belong), this may also help the Widescreen package to work. Close BR, INPUT and IMG tags properly, update IMG tags with "alt" and update TABLE tags with "summary". Updated the SCRIPT and STYLE with proper CDATA sections. Updated LINK with the correct types.
* Update PHP shorthand tagColin Fleming2013-01-141-2/+2
| | | | Standardise all PHP start tags from "<?" to "<?PHP"
* Always commit the session fast to allow other consumers to proceed to their ↵Ermal2013-01-031-0/+6
| | | | requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions
* No need to do this here - we have a System > Advanced option that already ↵jim-p2012-11-201-1/+1
| | | | | | controls this. Revert "Do not allow autocomplete of the password field to avoid security issues:" This reverts commit 3dc69d374dcfa39094b0332e2516d3ae68467cfa.
* Do not allow autocomplete of the password field to avoid security issues:Ermal2012-11-201-1/+1
|
* Make a function to get the current theme and use it everywhere rather than ↵jim-p2012-11-021-2/+2
| | | | duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
* fix permissions check to xml package files and show only menus user has ↵marcelloc2012-06-121-1/+1
| | | | access to
* making small fixes on jQuery codeVinicius Coque2012-01-211-4/+4
|
* Scriptaculous / prototype replaced by jQueryVinicius Coque2012-01-151-6/+4
|
* Only do cookie check if the form has already been posted. The cookie check ↵jim-p2011-09-021-1/+1
| | | | is not accurate for the first page load after a browser has been opened, has to be at least one refresh/post first.
* If a user's browser does not support cookies, print an error on the login ↵jim-p2011-08-311-1/+11
| | | | | | | | form telling them so. Conflicts: etc/inc/authgui.inc
* Log when a user tries to access an unauthorized page.jim-p2011-08-101-0/+6
|
* Merge remote-tracking branch 'upstream/master'jim-p2011-07-121-7/+7
|\ | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
| * Fix gettextVinicius Coque2011-07-111-2/+2
| |
| * Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-05-231-1/+2
| |\ | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/interfaces.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc
| * \ Merge remote-tracking branch 'mainline/master' into incVinicius Coque2011-03-251-1/+1
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/auth.inc etc/inc/config.lib.inc etc/inc/filter.inc etc/inc/pfsense-utils.inc etc/inc/pkg-utils.inc etc/inc/priv.defs.inc etc/inc/services.inc etc/inc/shaper.inc etc/inc/voucher.inc etc/inc/vpn.inc usr/local/www/fbegin.inc
| * \ \ Merge remote branch 'mainline/master' into incRenato Botelho2010-10-111-1/+1
| |\ \ \ | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/authgui.inc
| * | | | Fix quotes to use %N$X on gettext callsRenato Botelho2010-10-011-1/+1
| | | | |
| * | | | Fix gettext calls with printf to permit change strings orderRenato Botelho2010-08-301-1/+1
| | | | |
| * | | | Implement gettext() calls on authgui.incCarlos Eduardo Ramos2010-08-131-8/+8
| | | | |
* | | | | Merge remote branch 'upstream/master'Seth Mos2011-05-131-1/+2
|\ \ \ \ \ | | |_|_|/ | |/| | | | | | | | | | | | | | | | | | Conflicts: etc/inc/vslb.inc etc/version
| * | | | Make autocomplete on the login form optional.jim-p2011-05-121-1/+2
| | |_|/ | |/| |
* | | | Merge remote branch 'upstream/master'Seth Mos2011-02-101-1/+1
|\ \ \ \ | |/ / /
| * | | Allow autocomplete on login form (Fixes saving password on Firefox and Chrome)jim-p2011-02-101-1/+1
| | | |
| * | | * Adding function get_configured_ip_addresses() which returns all interfaces ↵Scott Ullrich2010-11-101-1/+1
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | and their configured IP address * Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks * Add and enforce HTTP_REFERER check if checkbox is not checked. This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall.
* | | Add ipv6 local addresses to the IP address list for the rebinding checkSeth Mos2010-11-121-4/+10
|/ /
* | Fix text.Erik Fonnesbeck2010-10-101-1/+1
| |
* | Wording fix.Warren Baker2010-10-101-2/+2
|/
* No need to use # in color code, it's already set with thisScott Ullrich2010-07-141-1/+1
|
* Allow overriding the Nifty corners background colorScott Ullrich2010-07-141-3/+7
|
* Handle VIP DNS-Rebinding detection correctlyScott Ullrich2010-07-141-0/+5
|
* Fix this function call, it only takes one parameter.jim-p2010-07-131-1/+1
|
* Print a warning on the login screen if you are accessing the router by a ↵jim-p2010-07-091-0/+20
| | | | non-local IP address (one not configured on the system) to warn about potential MITM attacks.
* Overhaul the user login system to use the Servers tab as its base.Ermal Luçi2010-03-031-28/+3
| | | | Fix quite a few problems down the way.
* Recommit #161 changes. It appears a different commit has broken firewall ↵sullrich2009-12-031-0/+2
| | | | rules edit and firewall nat edit.
* Revert "Redirect to / when logging in to avoid posting to forms accidently ↵sullrich2009-12-031-3/+1
| | | | | | and clearing the form and causing all kinds of chaos. Ticket #161" This reverts commit 6af7c40b296e0f95ec308d41aea55b3306c5e1ee.
* Redirect to / when logging in to avoid posting to forms accidently and ↵sullrich2009-12-031-1/+3
| | | | clearing the form and causing all kinds of chaos. Ticket #161
* Add priv.defs.inc to authgui.incsullrich2009-12-031-2/+2
|
* Set 2nd parameter for isAllowedPage. Will be required for #34, 33, 32sullrich2009-12-021-1/+1
|
* Rework includes/require. This saves about 4 megabytes.Scott Ullrich2009-11-211-0/+1
| | | | Simplify get_memory(). Tested on mips/i386
* Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additionsScott Ullrich2009-09-121-0/+2
|
* * Move functions that output html to guiconfig.incErmal Luci2009-06-181-2/+1
| | | | | | | | | * Remove some recursive dependency on some includes * Remove ^M or \r from files * Remove some entries from functions.inc to avoid including them twice * Remove some unneccessary includes from some files NOTE: There is some more work to be done for pkg-utils.inc to be removed from backend as a dependency.
* Set focus to the username fieldBill Marquette2009-03-121-0/+2
|
* Fix the case when users without access to index.php get an error message.Ermal Luçi2008-11-221-33/+17
| | | | | | This redirects the users to the first allowed pagge if they do not have access to index.php and errors out only if no page has been assigned to them. NOTE: It is strange that a user cannot change its password!
* Cleanup some of the authentication code. Fix the problem where you mustMatthew Grooms2008-09-031-40/+17
| | | | | | | navigate away from the initial page twice to get somewhere. Remove some of the cruft that was no longer used. Don't unconditionally redirect a user to their homepage if another url was specified pre-login. This will allow admins to create bookmarks to specific pfsense webui pages.
* Cleanup authentication code. The basic auth method, the passwd, htpasswdMatthew Grooms2008-08-031-3/+2
| | | | | | | | | | | | | and pam backing functions have been removed. The basic auth method was legacy code and the backing functions were redundant with no added value that I could see. A simplified replacement backing function named local_backed has been added that authenticates to the local configuration info which should be identical to system pwdb credentials. Since the htpassword file is no longer required, sync_webgui_passwords and its wrapper function system_password_configure have been removed. The local account management functions were renamed for consistency. A few minor bugs related to setting local passwords have also been corrected.
OpenPOWER on IntegriCloud