Commit Graph

  • 07fc2d2022 cleanup of directory Christophe Vandeplas 2012-06-08 17:03:27 +0200
  • 9a30ba883f updated console version from newer cakephp Christophe Vandeplas 2012-06-08 17:00:07 +0200
  • 5eb6a89384 removed reference to useless user_id. fixed bug where Contact reporter doesn't work when user does not exist (contact reporter now sends mails to all the org) Christophe Vandeplas 2012-06-08 16:57:10 +0200
  • 2b63f955a6 I think comment should not be correlated neither but correct me if I'm wrong Andrzej Dereszowski 2012-06-08 12:24:01 +0200
  • 0687d3f6f4 fixed huge SQL injection vulnerability created in bruteforce protection. Shame on me !!! Christophe Vandeplas 2012-06-06 11:12:19 +0200
  • 9cd1b0469d minor change Christophe Vandeplas 2012-06-06 11:03:08 +0200
  • 6e9ab97791 implementation of a anti-brute-force password guessing mechanism. Christophe Vandeplas 2012-06-06 11:00:02 +0200
  • e453ee0e97 Sanitize::html() to h() for views is the way to go Christophe Vandeplas 2012-06-05 10:00:36 +0200
  • 1a0586f14f unique attribute for nids export Christophe Vandeplas 2012-06-04 12:06:46 +0200
  • c95f8904a0 removed description field ( should be replaced by comment ) Christophe Vandeplas 2012-06-03 22:52:46 +0200
  • f455405475 better error outputting Christophe Vandeplas 2012-06-03 22:51:56 +0200
  • 39fb9bca1d Attribute types validation is now a separate function that uses the Attribute->type_definitions variable Christophe Vandeplas 2012-05-31 17:12:26 +0200
  • ba75b24bb4 forgot to add js to previous commits Christophe Vandeplas 2012-05-31 16:11:40 +0200
  • aac2f5926f minor fixes Christophe Vandeplas 2012-05-31 08:55:51 +0200
  • d319860268 fixes security issue (overwrite existing event) Christophe Vandeplas 2012-05-31 08:47:49 +0200
  • 8505396b25 select boxes with filtering now Christophe Vandeplas 2012-05-30 18:11:44 +0200
  • f35c311651 improved documentation Christophe Vandeplas 2012-05-30 17:13:35 +0200
  • 24e7139e45 minor fix in Attribute tooltip more documentation (autogenerated) Christophe Vandeplas 2012-05-30 10:24:57 +0200
  • 7ee4d29fac Fixed merge conflicts with HEAD at belmod Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop Andrzej Dereszowski 2012-05-29 17:19:36 +0200
  • 1a91c2f49b Help messages implementation (forms and list views). Andrzej Dereszowski 2012-05-29 16:53:50 +0200
  • 51dbbcfa13 Explanation messages implemenented for forms and for list views (using "title" html element) Andrzej Dereszowski 2012-05-29 16:50:45 +0200
  • e4feaaa013 Part of the documentation added - docu written by Miguel Soria Machado (CERT-EU) Christophe Vandeplas 2012-05-25 14:56:58 +0200
  • 4d70df3b32 fixed error when type was not set Christophe Vandeplas 2012-05-25 11:03:38 +0200
  • 155f9fe720 fixed logic bug Christophe Vandeplas 2012-05-25 10:01:59 +0200
  • ad69aeb38f only sync event on publish when sync feature is on Christophe Vandeplas 2012-05-25 09:34:54 +0200
  • 747c211723 auto-upload when publish event Christophe Vandeplas 2012-05-25 09:31:14 +0200
  • efa590de23 moved some functions around Christophe Vandeplas 2012-05-25 08:13:40 +0200
  • cd30bb5d30 push / pull seems to work with attachment support. Lots of testing required. Christophe Vandeplas 2012-05-23 16:32:46 +0200
  • aa043a445b limit saveAssociated using fieldList Christophe Vandeplas 2012-05-22 15:52:55 +0200
  • 6d8b0a98b0 attachment support in REST API Christophe Vandeplas 2012-05-22 13:58:37 +0200
  • 00d62ab722 REST XML request also received base64 encoded file content Christophe Vandeplas 2012-05-21 15:20:25 +0200
  • 93c96ff7c3 minor layout improvement Christophe Vandeplas 2012-05-21 13:42:16 +0200
  • c713d6498f fixes previous commit Christophe Vandeplas 2012-05-21 13:41:04 +0200
  • 04ffe374a1 layout improvement in attribute display Christophe Vandeplas 2012-05-21 13:34:53 +0200
  • 9462902d97 workaround for bug where uuid is not set when empty. See bug http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2893 Christophe Vandeplas 2012-05-21 13:14:28 +0200
  • 9e2c2c5753 fix bug when editing attributes Christophe Vandeplas 2012-05-16 11:19:06 +0200
  • 6da1906bf4 fixes typo in alert message Christophe Vandeplas 2012-05-16 10:27:09 +0200
  • c426537c73 fix recommendation of pentest for autocomplete Christophe Vandeplas 2012-05-14 10:48:23 +0200
  • 9e7ee3c85b fixes bug where event is not unpublished when attribute is edited Christophe Vandeplas 2012-05-11 08:33:04 +0200
  • 395f29dd21 fixes bugs in NIDS export with duplicate SIDs Christophe Vandeplas 2012-05-09 15:17:16 +0200
  • fa167bc2c8 . Christophe Vandeplas 2012-05-04 14:47:50 +0200
  • 03ad7d3acd fixes event with no attributes in REST request Christophe Vandeplas 2012-05-04 12:44:27 +0200
  • e1189e576a fixes problem of not being able to import events with single attribute Christophe Vandeplas 2012-05-04 12:37:31 +0200
  • e452460242 added CyDefSIG.name to allow changing the title of the site Christophe Vandeplas 2012-05-04 09:52:45 +0200
  • 4b5999bb5b fixes issue 67 Christophe Vandeplas 2012-05-03 15:05:08 +0200
  • f675d7d6d0 more fixes for the sync Christophe Vandeplas 2012-05-03 14:52:49 +0200
  • 9e9837d59d Basic sync push seems to work Christophe Vandeplas 2012-05-03 14:32:49 +0200
  • 37ee17510e fixes security bug in XML REST request Christophe Vandeplas 2012-05-03 13:53:47 +0200
  • e5c0c5b081 do not show related events if the variable was not set Christophe Vandeplas 2012-04-26 18:50:58 +0200
  • f0b8f89d50 fixes lowercase attribute bug in xml output of Events/view and hide value1 and value2 from the output Christophe Vandeplas 2012-04-26 18:48:05 +0200
  • 7ee4ab7035 fixes issue 64 Christophe Vandeplas 2012-04-26 15:18:33 +0200
  • 60a5b1e1c6 moved alert email functionality to separate function _sendAlertEmail() REST event add requests also send out mails where necessary Christophe Vandeplas 2012-04-26 14:54:04 +0200
  • 8bd7b45248 Fixes issue 66 - https://code.lab.modiss.be/p/cydefsig/issues/66/ Christophe Vandeplas 2012-04-26 11:15:12 +0200
  • 97a5790938 fixes bug in discovered while running migrate02to021 script Christophe Vandeplas 2012-04-25 13:56:25 +0200
  • 6e9f0f0d24 split value to value1 and value2. You need to update the DB schema and run /events/migrate02to021 to migrate the data Christophe Vandeplas 2012-04-25 13:17:44 +0200
  • aea079b8c4 bugfix in Attribute validation Do not search for related attributes for specific types Christophe Vandeplas 2012-04-25 10:30:23 +0200
  • d0b52de85e fixed typo Christophe Vandeplas 2012-04-25 09:50:40 +0200
  • 388f3cc445 Merge commit '280baac98902789ee69186539474a2e82156659e' into develop Christophe Vandeplas 2012-04-25 09:04:07 +0200
  • 280baac989 patched deleting of attributes Andrzej Dereszowski 2012-04-15 19:41:50 +0200
  • 29c5411ece minor cosmetic changes Andrzej Dereszowski 2012-04-13 10:53:53 +0200
  • a2d073b7b9 REST POST of event and signatures works (basics, no error-handling) Christophe Vandeplas 2012-04-10 15:47:42 +0200
  • 87e12448ab Start of documentation concerning REST. Christophe Vandeplas 2012-04-07 09:38:15 +0200
  • c2975a77a4 Allow saving of data using REST API Christophe Vandeplas 2012-04-07 08:31:01 +0200
  • fb958eaacc Logging in for REST using Authorized HTTP header field. Christophe Vandeplas 2012-04-06 16:32:33 +0200
  • a8901cb6cf fix db engine v0.2 Christophe Vandeplas 2012-04-04 20:27:02 +0200
  • e56b7cecb3 db structure for sync functionality Christophe Vandeplas 2012-04-04 20:25:29 +0200
  • a45b70bc8d Add, edit, delete and (basic) Manual Sync server functionality added Christophe Vandeplas 2012-04-04 20:22:22 +0200
  • 7f33beaa4c Micro usability improvement Christophe Vandeplas 2012-04-04 19:03:39 +0200
  • 5b49318164 moved security to see profile to isAuthorized to keep consistency Christophe Vandeplas 2012-04-04 18:32:44 +0200
  • 6cee17bfcd XML format for attributes index Christophe Vandeplas 2012-04-04 18:08:57 +0200
  • 49aaced78a Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop Fixed conflicts in: app/View/Events/view.ctp Christophe Vandeplas 2012-04-04 17:53:51 +0200
  • 9e04311622 minor changes: - when admin adds a user, auth key is automatically suggested - auth refresh is performed after user edition Andrzej Dereszowski 2012-04-02 23:00:41 +0200
  • 69fef3f6fa Fix for the routing problem on admin-privileged users. All links that need to be routed to admin-prefixed method have to have 'admin' => true in the parameters Andrzej Dereszowski 2012-04-02 22:26:36 +0200
  • faffe87ea6 - some bugfixes in validation corrected - new attribute type - link to external site Andrzej Dereszowski 2012-04-02 19:24:50 +0200
  • 0374c1c9b6 Bug fixes in the admin view - password changing for other users - corrected admin_view Andrzej Dereszowski 2012-04-02 17:21:17 +0200
  • 6c5a5aa427 - small bug with "No GPG key" message marked in the code - path to homedir for GPG added in User.php Andrzej Dereszowski 2012-04-02 12:14:27 +0200
  • 216b77f854 - Attributes index view fixed (attachments) Andrzej Dereszowski 2012-04-02 11:59:51 +0200
  • 62ceed286c - signatures are displayed by category always in the same order defined in model Andrzej Dereszowski 2012-04-02 11:53:44 +0200
  • 17950b965e minor correction: - login page does not display "invalid user" when first time presented to the user - "Log Off" button removed from the print view Andrzej Dereszowski 2012-04-02 11:37:32 +0200
  • ed298aa0dd logo position corrected Andrzej Dereszowski 2012-04-02 11:22:19 +0200
  • 41d03e69f3 Merge commit 'dee8a866e691fde2eedbd9a2418a6027f88d07cf' into develop Christophe Vandeplas 2012-04-01 20:08:07 +0200
  • dee8a866e6 Fixed bug where GPG homedir was not set in a few places Christophe Vandeplas 2012-04-01 19:23:46 +0200
  • 2142585710 Implemented basics for private, nonsyncable, Events or Attributes. Christophe Vandeplas 2012-04-01 18:41:47 +0200
  • bf8ae66e9c First version or REST API to export data Christophe Vandeplas 2012-04-01 17:30:00 +0200
  • 67d3a9f9d2 minor changes Christophe Vandeplas 2012-04-01 15:49:01 +0200
  • e6a6328d00 forgot updated default layout for info bloxes Christophe Vandeplas 2012-04-01 14:49:28 +0200
  • 0915ce48d3 Added some infoboxes when adding Attributes. Christophe Vandeplas 2012-03-31 23:29:56 +0200
  • 19eaa12050 Allow publishing of events without sending email. Christophe Vandeplas 2012-03-31 22:07:35 +0200
  • 0fff291c67 fixed minor CSRF vulnerability + added google link on vulnerability type Christophe Vandeplas 2012-03-31 21:55:09 +0200
  • aa8ba55dac First experimental test of importing events from a remote server. Only new events are imported. Christophe Vandeplas 2012-03-31 19:06:43 +0200
  • 95455f51a6 Fixed minor bugs Christophe Vandeplas 2012-03-27 18:58:11 +0200
  • 20cddd07db changed alerted -> published other minor fixes Christophe Vandeplas 2012-03-27 14:49:31 +0200
  • da99625a6c minor change in getRelatedAttributes function Christophe Vandeplas 2012-03-27 14:02:49 +0200
  • 1518b1ebcc filename|sha1 data validation Christophe Vandeplas 2012-03-27 11:03:57 +0200
  • 67907864a1 filename|sha1 Christophe Vandeplas 2012-03-27 11:01:33 +0200
  • 98402c0faa Fix admin routing Christophe Vandeplas 2012-03-27 09:31:41 +0200
  • 5657a9dd10 Added a migrate() function to generate uuid for events and attributes that didn't have an uuid Christophe Vandeplas 2012-03-26 20:25:45 +0200
  • 7c4394682d Renamed Signature to Attribute Christophe Vandeplas 2012-03-26 19:56:44 +0200
  • 28cf7d44e9 XML export ... woohoo !!! Christophe Vandeplas 2012-03-26 15:06:01 +0200
  • df7efb9d88 number of entries in the index lists Christophe Vandeplas 2012-03-26 13:11:06 +0200