Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2016-03-05 | Add verify_ip security assertion | Malf Furious | 1 | -0/+15 | |
This assertion will be used app-wide. This asserts that the IP address a client uses to conenct to the app is constant throughout the the session's lifetime. This is to detect any session hijacking. If a session suddenly appears to be comming from a different IP address, the session will be killed. | |||||
2016-03-01 | Add garbage collection logic to Object::delObj() | Malf Furious | 1 | -0/+8 | |
Now, on deletion of objects, all refs to it are purged from the xref tables, obj_member and msg_read | |||||
2016-02-07 | Add in-app administrative setting: settSSL | Malf Furious | 1 | -0/+18 | |
This is the in-app version of $_SCROTT['settSSL'] system-level setting. Setting::settSSL() overrides $_SCROTT['settSSL'] only if the latter is set to 'neither'. If both are set to 'neither', the app will run on either HTTP or HTTPS depending on how the page was requested. | |||||
2016-02-07 | Add fields to Issue object | Malf Furious | 1 | -1/+3 | |
This adds attributes to an issue: due date (optional datetime) tags (space separated string of words to help categorize issues (again, optional)) | |||||
2016-02-02 | Add admin setting 'allowPublicSignup' | Malf Furious | 1 | -0/+13 | |
This setting will be used to decide if the app should allow unauthenticated users to create their own user accounts or if an admin must create them. | |||||
2016-02-02 | Add helper function to Setting class | Malf Furious | 1 | -0/+17 | |
Added a static helper function to replacing (or inserting) an option value in the database, longhand. | |||||
2016-02-01 | Implement authentication helper functions in User class | Malf Furious | 1 | -0/+24 | |
Added function to initialize a User object by username wrather than GUID. Added function to validate a user-supplied plain-text password for a given user | |||||
2016-01-31 | Implement PHP session semantics in Framework class | Malf Furious | 1 | -0/+41 | |
Added PHP session handling to core framework. Functions now exist to set the current user, get the current user, and get the IP address used to login (to compare with furure requests on the same session to combat session hijacking). | |||||
2016-01-30 | Add functionality to create new User objects | Malf Furious | 1 | -0/+54 | |
User class now has a new function which will take a $username and a $password and use it to initialize itself as well as write new object data to the database. This commit introduces a helper function getKey() (from class User) for creating user object keys by hashing the contatenation of its password and salt. This commit introduces a helper function usernameInUse() (from class User) for ensuring the uniqueness of names amongst user-type objects | |||||
2016-01-30 | Update app source of entropy for creating random blobs | Malf Furious | 1 | -2/+9 | |
Removed use of PHP's rand() functon in favor of openssl extension's openssl_random_pseudo_bytes() to create blobs with better entropy. Created function getBlob (from class Object) to get a sha256 hash created from randomness for use as object GUIDs, password salts, application tokens, etc. | |||||
2016-01-30 | Handle object timestamps automatically in Object::saveObj() | Malf Furious | 1 | -0/+14 | |
The saveObj() function now initializes and update the timeCreated and timeUpdated fields of objects on its own. A new function, getCurrentTimestamp() (from class Object) is introduced to aid simpler fetching of the date and time | |||||
2016-01-28 | Add admin field to user table | Malf Furious | 1 | -0/+1 | |
User accounts now have a field to denote whether they are site administrators. The first account created during app initial configuration is an admin automatically. | |||||
2016-01-26 | + Added function to User class to fetch all users from DB | Malf Furious | 1 | -0/+16 | |
* Altered Auth MVC deflt action to return false if no users are found. This way, the Auth controller can automatically present user a page to create an admin account | |||||
2016-01-01 | + Added class file for setting table | Malf Furious | 2 | -1/+29 | |
2016-01-01 | + Added class file for message table | Malf Furious | 1 | -0/+26 | |
2016-01-01 | + Added class file for issue table | Malf Furious | 1 | -0/+28 | |
2015-12-31 | + Added class file for stage table | Malf Furious | 1 | -0/+25 | |
2015-12-31 | + Added class file for Pad table | Malf Furious | 1 | -0/+26 | |
2015-12-30 | + Added class file for group table | Malf Furious | 1 | -0/+20 | |
2015-12-30 | + Created class file for extern-user table | Malf Furious | 1 | -0/+26 | |
2015-12-30 | + Created db table child class for User table | Malf Furious | 1 | -0/+30 | |
2015-12-18 | + Added DBObject class -- A non-abstract version of Object class | Malf Furious | 1 | -0/+15 | |
2015-12-18 | * now using rand() instead of random_bytes for numbers | Malf Furious | 1 | -1/+1 | |
2015-12-18 | + Implemented Object::getNewGUID function for Object class | Malf Furious | 1 | -0/+15 | |
2015-12-18 | + Added function "isGUID" to object class for checking whether GUIDs exist | Malf Furious | 1 | -0/+17 | |
2015-12-18 | * Defined some default values for function parameters for object class -- ↵ | Malf Furious | 1 | -2/+2 | |
planning to make a class "RawObject" so that objects may be created in a polymorphic way | |||||
2015-12-18 | + Added delObj function to object class | Malf Furious | 1 | -0/+17 | |
2015-12-18 | + Added saveObj function to Object class | Malf Furious | 1 | -1/+93 | |
2015-12-17 | + Added abstract base class for Scrott database objects (implemented ↵ | Malf Furious | 1 | -0/+71 | |
constructor and loadObj functions) | |||||
2015-12-17 | * Bug fix in Mysql support class -- misuse of Mysql result object and its ↵ | Malf Furious | 1 | -2/+2 | |
member function fetch_assoc | |||||
2015-12-17 | + Added function to framework class for getting (or creating) the app's ↵ | Malf Furious | 1 | -0/+32 | |
singleton db connection object. If no connection is established, logic uses system-level configuration to decide how to connect before returning | |||||
2015-12-17 | + Added generic database interface to use throughout the app since I'm ↵ | Malf Furious | 2 | -0/+76 | |
planning on supporting multiple database engines + Defined interface for Mysql DBMS for Scrott | |||||
2015-12-08 | + Added controller security assertions: require_https and forbid_https | M | 1 | -0/+20 | |
2015-12-08 | + Added bool field type to Form class | M | 1 | -0/+8 | |
2015-12-06 | * Bug fix in framework class - redirectTo function -- http_redirect function ↵ | M | 1 | -1/+1 | |
I was using is part of an extension for PHP and therefore, non-standard | |||||
2015-12-06 | + Added function to model class to log all error messages from a Form ↵ | M | 1 | -0/+8 | |
objects populate call | |||||
2015-12-06 | * Bug fix in Form class - populate function -- If a field was set in $input, ↵ | M | 1 | -3/+3 | |
but equal to "", the isset check would not behave as expected | |||||
2015-12-05 | + Added framework function for getting current app path | M | 1 | -0/+8 | |
* Changed sysconf view to use new function ($mod->ar()/sysconf -> $mod->ap) | |||||
2015-12-05 | * Form class fields now have the ability to set a default value. Default ↵ | M | 1 | -13/+25 | |
value is applied if the supplied $input array has no key matching the field name. | |||||
2015-12-05 | + Implemented populate function in Form class | M | 1 | -3/+97 | |
+ Added helper function in Form class, logError ! Finished Form class for now | |||||
2015-12-05 | + Added numeric and enum types to Form class | M | 1 | -0/+37 | |
2015-12-03 | + Started Form class definition | M | 1 | -0/+35 | |
2015-11-22 | * Derp, default is a reserved word, calling the function 'deflt' instead | M | 1 | -2/+0 | |
* Removed explicit call to parent constructor in model class, since that function is not explicitly defined | |||||
2015-11-22 | * Implemented framework ar (app root) function | M | 1 | -1/+1 | |
2015-11-21 | + Added abstract model definition | M | 1 | -0/+71 | |
2015-11-21 | + Defined function to check if scrott.conf.php file exists | M | 1 | -0/+9 | |
2015-11-21 | * Framework def file is now condifionally including system-level app ↵ | M | 1 | -0/+4 | |
configuration | |||||
2015-11-21 | + Adding abstract controller class | M | 1 | -0/+17 | |
2015-11-21 | + Committing initial framework class definition | M | 1 | -0/+26 | |