Grav-Admin-Plugin

mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-02 11:26:04 +01:00

Author	SHA1	Message	Date
Matias Griese	9fca08ab43	Regression: Fixed broken 2FA form [#2109 ]	2021-04-07 14:14:04 +03:00
Matias Griese	58e2c6cc55	Change nonce expiration message	2021-03-31 11:48:15 +03:00
Matias Griese	f36b244198	Include query param `task` into task checks	2021-03-26 18:15:42 +02:00
Matias Griese	aa4f80eec1	Greatly improve login related actions for Admin * Better isolate admin to prevent session related vulnerabilities * Removed support for custom login redirects for improved security * Shorten forgot password link lifetime from 7 days to 1 hour * Fixed login related pages being accessible from admin when user has logged in * Fixed admin user creation and password reset allowing unsafe passwords * Fixed missing validation when registering the first admin user * Fixed reset password email not to have session specific token in it	2021-03-26 14:39:37 +02:00
Matias Griese	b3d66b3d3a	Rename internal save methods	2021-03-19 18:06:24 +02:00
Matias Griese	b7271bc424	Regression: Fixed enabling/disabling plugin or theme corrupting configuration	2021-02-19 22:04:04 +02:00
Matias Griese	7832d6992e	Fixed ACL for users with mixed case usernames [#2073 ]	2021-02-18 16:22:55 +02:00
Matias Griese	64e41b034e	Fixed fatal error in admin if POST request has `data` in it [#2074 ]	2021-02-18 15:33:38 +02:00
Matias Griese	a8983a003d	Fixed ACL for Configuration tabs [#771 ]	2021-02-10 15:26:02 +02:00
Matias Griese	417d82769b	Fixed `onAdminAfterAddMedia` event always pointing to the home page [#1905 ]	2021-02-10 13:08:34 +02:00
Matias Griese	725ed07ad9	Fixed `onAdminAfterDelMedia` event always pointing to home page [#1905 ]	2021-02-10 12:57:43 +02:00
Matias Griese	6328489170	Provide media object and filename in `onAdminAfterDelMedia` event [#1905 ]	2021-02-10 12:40:25 +02:00
Matias Griese	2223b2eb73	Fixed deleting list field options completely, didn't save changes [#2056 ]	2021-02-08 21:30:37 +02:00
Matias Griese	ad5d3a3829	Improve flash file error detection	2021-02-08 17:25:32 +02:00
Matias Griese	905a2a299f	Fixed case-sensitive `accept` in `filepicker` field	2021-02-04 17:08:05 +02:00
Matias Griese	01568544b5	Fixed admin style compilation failing to save CSS if assets folder does not exist	2021-01-21 14:44:41 +02:00
Matias Griese	5ed810a2ab	Fixed fatal error when moving a page using the old implementation [#2019 ]	2021-01-18 12:40:13 +02:00
Matias Griese	de3a557b80	Display controller exceptions in debugger	2021-01-18 12:05:24 +02:00
Matias Griese	1d669c5fb9	Minor code improvements	2021-01-08 18:57:41 +02:00
Djamil Legato	72116dcbca	Fixed notifications that would not be remembered as hidden + various improvements	2020-12-21 15:29:42 -08:00
Djamil Legato	06719a23dd	Properly exit the nested foreach when a matching dependency is found	2020-12-21 10:55:56 -08:00
Matias Griese	d9c73e2edb	Post merge conflicts	2020-12-01 09:51:43 +02:00
Matias Griese	432ef4bb1a	Composer update after merge	2020-12-01 09:37:58 +02:00
Matias Griese	be6428922d	Merge branch 'develop' of github.com:getgrav/grav-plugin-admin into 1.10 Conflicts: admin.php classes/plugin/AdminController.php composer.lock vendor/composer/autoload_classmap.php vendor/composer/autoload_psr4.php vendor/composer/autoload_real.php vendor/composer/autoload_static.php vendor/composer/installed.json	2020-12-01 09:24:05 +02:00
Matias Griese	9483b98be8	Check that backup file ends with .zip in case if there are other files in the backup folder	2020-12-01 09:01:41 +02:00
Andy Miller	24e7d154f1	fixes GHSA-85r3-mf4x-qp8f	2020-11-30 16:36:30 -07:00
Andy Miller	c32fa412b7	fixes for GHSA-85r3-mf4x-qp8f	2020-11-30 16:22:39 -07:00
Andy Miller	5eb2e6375f	Merge branch 'advisory-fix-1' into develop # Conflicts: # CHANGELOG.md	2020-11-30 16:00:52 -07:00
Matias Griese	018940c1bc	Reworked getMedia() field	2020-11-30 17:25:53 +02:00
Matias Griese	c604c05491	Remove comments	2020-11-26 15:55:02 +02:00
Matias Griese	ddc85f3b89	Merge branch 'develop' of github.com:getgrav/grav-plugin-admin into 1.10	2020-11-25 23:15:08 +02:00
Matias Griese	f5a051377e	Remove comments	2020-11-25 23:14:44 +02:00
Matias Griese	a6f0f4945f	Tightened checks when removing a media file, cleanup	2020-11-06 15:05:33 +02:00
Djamil Legato	b9ac46fd13	Forward a `sid` to GPM when downloading a premium package	2020-10-29 15:29:28 -07:00
Djamil Legato	a8bd391b78	Forward a `sid` to GPM when downloading a premium package	2020-10-29 15:25:40 -07:00
Djamil Legato	06c66794cc	Minor wording change for unauthorized downloads	2020-10-28 11:12:51 -07:00
Djamil Legato	4e45a22837	Minor wording change for unauthorized downloads	2020-10-28 11:11:09 -07:00
Andy Miller	d569de14b8	backported taskGetLevelListing() from 1.7	2020-10-06 16:07:07 -06:00
Andy Miller	ba609fa45a	compatibility for nextgen editor	2020-10-05 18:46:39 -06:00
Andy Miller	4f9aca8f3c	Cleaner error messages	2020-09-03 22:31:19 -06:00
Andy Miller	d063ac669b	Cleaner error messages	2020-09-03 22:28:47 -06:00
Andy Miller	4802b84b05	filename not needed	2020-09-03 18:15:44 -06:00
Andy Miller	c7fe6be9de	remove filename, not used	2020-09-03 18:14:36 -06:00
Matias Griese	04b17d6019	More multi-site routing fixes	2020-09-02 12:43:36 +03:00
Matias Griese	8a6f98b7bf	Fixed bad redirection after successful admin login in subdirectory multisite [#1487 ]	2020-08-31 22:59:22 +03:00
Matias Griese	6bcc5f7636	Fixed a glitch which allows user to delete entire pages directory, Admin 1.10 edition [#1941 ]	2020-08-28 13:38:58 +03:00
Matias Griese	e1a487bd88	Fixed a glitch which allows user to delete entire pages directory [#1941 ]	2020-08-28 13:34:40 +03:00
Matias Griese	44dca2df75	Made all the `onAdmin` CRUD events to pass `object` (and backwards compatible `page`) to make them easier to use	2020-08-28 12:32:45 +03:00
Matias Griese	ae6d972d26	Fixed bad 'use ...\UserObject;' statement in Admin	2020-07-03 11:44:05 +03:00
Andy Miller	02a355751c	Fix for deleting files from plugin configurations Signed-off-by: Andy Miller <rhuk@mac.com>	2020-06-07 19:43:16 -06:00

1 2 3 4 5 ...

897 Commits