iglocska
a81894f14c
chg: [CS] Changed to PSR-2
...
- to make contributions easier, adopted PSR-2
- used php-cs-fixer to rework the style
- *sniff sniff* Goodbye tab indentation
2018-07-19 11:48:22 +02:00
iglocska
68b8266584
new: New flash message system, fixes #3252
...
- 3 types of flash messages (success, error, warning)
- uses bootstrap's own classes/structure
2018-05-16 19:32:38 +02:00
iglocska
952fff6252
fix: Fixes to several cases of reflected XSS, fixes #2381
...
- as reported by @import-au
- Additionally enforce content-type on all async APIs called by the UI using CakeResponse
2017-08-08 21:37:03 +02:00
iglocska
8f4f1d2b46
fix: Fixed several issues with the template file uploads, fixes #1743
...
- Bug with uploading attachments as described in the issue
- move from pass by reference for a loop was still lacking the correct selector to update the array element instead of the loop's copy
- attachment uploader tried to base64 the file-name instead of the file-data and store it as the attachment
- Fix to an unrelated bug that didn't encrypt malicious files when going through the template uploader
2016-12-11 22:00:05 +01:00
Iglocska
7212011a80
fix: Fixes an issue where the wrong set of tags were applied when populating an event from a template, fixes #1636
2016-11-09 17:52:32 +01:00
Andreas Ziegler
25e52a6786
chg: remove some references to variables
2016-09-15 17:08:58 +02:00
iglocska
80ed1cf65d
fix: Removed filename check from the AppController
...
- rerouted all calls to the method to the Model equivalent
2016-09-01 09:18:54 +02:00
iglocska
873b201eb0
Merge branch '2.4' of https://github.com/MISP/MISP into 2.4
2016-08-25 11:38:59 +02:00
iglocska
822b0bf8fa
chg: Cleanup of the controllers and models
...
- removed incorrect, useless boiler plate comments
- kept useful comments intact
- added some missing line breaks to make the codebase a bit more uniform
- removed some obviously obsolete TODO comments
2016-08-25 11:38:37 +02:00
Andreas Ziegler
e8599fb16c
chg: new filename regex & separate functions
2016-08-24 15:31:17 +02:00
Andras Iklody
48fa353df9
Merge pull request #1470 from rotanid/cleanup-tplctr
...
cleanup TemplatesController.php
2016-08-24 09:43:32 +02:00
Andreas Ziegler
b70695b666
chg: cleanup TemplatesController.php
2016-08-24 02:42:49 +02:00
Andreas Ziegler
eb66a80c76
chg: filename regex changes
2016-08-24 02:35:04 +02:00
Andreas Ziegler
ff7a7de938
chg: use 1/0 not true/false for conditions & other boolean sqlquery elements
2016-07-11 21:26:16 +02:00
Andreas Ziegler
985451642e
add space after keywords if/for/foreach/while/switch/catch
2016-06-04 15:45:39 +02:00
Andreas Ziegler
0fe692c56a
remove whitespace at end of line
2016-06-04 01:10:45 +02:00
Andreas Ziegler
898ea1d97c
remove whitespace (space/tab) from empty lines
2016-06-04 01:08:16 +02:00
Iglocska
e16371e255
chg: Some cleanup of old unused stuff
2016-05-20 09:07:51 +02:00
Iglocska
6353de1e58
Template population menu fixes
2016-02-03 10:16:03 +01:00
Iglocska
07a03abdc7
Fixed adding / removing tags to a template, fixes #898
2016-02-03 09:59:03 +01:00
Iglocska
c4cf4eca9c
Copy pasta fail on the populate from template action
...
- the lookup for valid event access was comparing the user's org name to the event's org id which always failed
2016-01-22 09:28:33 +01:00
Fafner [_KeyZee_]
01756dd261
Update TemplatesController.php
2015-12-28 15:40:09 +01:00
iglocska
728425aedd
Invalid orgc lookup in the template choice menu, fixes #795
2015-12-28 15:03:06 +01:00
iglocska
7e2a935226
Fix to the templating being broken, fixes #787
2015-12-25 00:25:59 +01:00
Iglocska
1b291904d4
Fixed some more invalid org checks
2015-10-15 14:31:07 +02:00
Iglocska
e706562cd5
Fixes to the RPZ export based on the testing of elhoim
...
- some errors in the format (wrong comment character used, rpz-ip not appended to IP addresses, missing semi-colon)
- removed hostnames that are on domains blocked by the rules based on domain attributes
2015-07-07 14:42:28 +02:00
Iglocska
27cc167c33
Fix to an incorrect validation of temporary filenames
2015-07-01 11:06:11 +02:00
Iglocska
415d85102d
Security fix: Fix to a possible PHP Object injection
...
- unserialized user input replaced with json_decode
2015-07-01 08:38:40 +02:00
iglocska
f14a26444b
Fix to some event altering actions not updating the timestamp
2014-12-10 14:08:08 +01:00
iglocska
35ba6321dc
Various improvements with the way events are unpublished after changes
...
- UI improvements, events appear unpublished after ajax queries that alter attributes
- Events get unpublished by the attribute replace tool and template population as they should
2014-08-14 14:08:55 +02:00
iglocska
029ef252a2
Some fixes to the templating
...
- resolved bugs with permissions
- fixed the broken mass delete tool
- Fixed an issue with the type not being chosen correctly for file type attributes when created through the templating tool
2014-07-08 11:31:23 +02:00
iglocska
45d826a252
First version of the templating feature complete
...
- still needs some refinement, but it's feature-complete
2014-07-02 16:20:19 +02:00
iglocska
9bede8e1b4
Further work on the templates
2014-06-25 09:56:33 +02:00
iglocska
a4a987e027
More work on the templates
...
- Templates can now be created and populated
- Users can populate an event using a template (still needs work)
- File type elements are not yet implemented
2014-06-19 08:44:35 +02:00
iglocska
f4e5c22865
Work on the templating system
...
- create a basic template
- add text elements to the template
- rearrange elements
2014-06-10 15:18:49 +02:00