Commit Graph

50 Commits

Author SHA1 Message Date
Calvin Montgomery 0d31d6eea2 Fix stupid typos 2013-08-12 00:09:43 -04:00
Calvin Montgomery 03e27a7720 Various fixes to the API 2013-08-11 23:36:42 -04:00
Calvin Montgomery 4aa0e7a4ef Start updating to new API 2013-08-11 23:10:55 -04:00
Calvin Montgomery 0bf80a375d Refactor log reading 2013-08-11 22:32:02 -04:00
Calvin Montgomery b06d8ff09f Refactor register, my channels 2013-08-11 22:20:09 -04:00
calzoneman 25a877dc3c Refactor password recover, email set, profile get/set 2013-08-11 18:55:53 -04:00
calzoneman c4588fab49 Refactor password change and reset 2013-08-11 18:23:20 -04:00
Calvin Montgomery d266175d5b Start working on API refactor 2013-08-07 23:44:41 -04:00
calzoneman b53ac91a61 Add 'My Channels' to prevent silly people from forgetting which rooms they own 2013-08-06 11:20:15 -04:00
Calvin Montgomery 27b95fd856 Only record login-success for rank >= 255 2013-07-30 23:23:20 -04:00
Calvin Montgomery 49f7fb2e15 Change the way action log is queried 2013-07-30 23:21:32 -04:00
calzoneman 6899186600 Add cache TTL option; fixes 2013-07-28 17:10:35 -04:00
calzoneman 2fb28f4d43 Change config system 2013-07-28 11:49:29 -04:00
calzoneman b9e465b714 Fix URI encoding on register/login, also fix database escape bug 2013-07-27 10:11:31 -04:00
Calvin Montgomery 21cda67163 Fix password reset not returning a response 2013-07-20 21:38:03 -04:00
calzoneman 9b7ebde551 More fixes 2013-07-16 12:12:00 -04:00
calzoneman 200f1aadb5 Fix channellist.html if anyone still uses that 2013-07-16 11:50:08 -04:00
calzoneman bd6acc42c9 fix index page 2013-07-16 11:49:32 -04:00
calzoneman c2baf8dde3 Quickfix 2013-07-16 11:48:11 -04:00
calzoneman 824a313b19 Fixes 2013-07-16 11:46:09 -04:00
calzoneman bf8fef29cf Start working on refactoring server 2013-07-15 18:57:33 -04:00
Calvin Montgomery e5d9a4c125 A few small improvements 2013-07-13 22:25:34 -04:00
Calvin Montgomery f2b6534d0a Fix channels not unloading / video skipping 2013-07-13 22:19:47 -04:00
calzoneman 5df30cb8a9 Move action log to DB, throttle registrations 2013-07-13 12:05:58 -04:00
Calvin Montgomery 53f6a39a7a Fix channeldata API for current media 2013-07-05 23:40:31 -04:00
calzoneman 1a3d92c903 Fixes and improvements 2013-06-23 14:02:20 -04:00
calzoneman 6943845d7a Add action log 2013-06-21 21:28:21 -04:00
calzoneman 52b88c0e40 Finish up 2013-05-30 14:34:54 -04:00
calzoneman 5205afb9cd Add password reset emailer 2013-05-30 14:07:29 -04:00
calzoneman c8df4b036c More work 2013-05-29 21:04:22 -04:00
calzoneman 74203ad223 Continue work on account management and password reset 2013-05-29 14:19:43 -04:00
calzoneman f3da02566c Start working on account management 2013-05-29 11:49:09 -04:00
calzoneman a882f598d6 begin working on password reset 2013-05-28 11:40:06 -04:00
calzoneman cc8c2d8463 Fixes 2013-05-27 15:43:37 -04:00
calzoneman 828b7e0381 Fix #149 and a couple other issues 2013-05-26 11:38:38 -04:00
calzoneman d9ed665540 Show page title in channel list 2013-05-12 11:46:19 -04:00
calzoneman 3af35cb268 Add links to playlist entries and the index page 2013-05-12 11:41:14 -04:00
calzoneman 62e80cec63 Add password change (#88) 2013-05-04 13:01:04 -05:00
calzoneman 1b376d3177 Fix cross-domain policy for reading logs 2013-05-04 11:40:46 -05:00
calzoneman e524fca989 Add logviewer to ACP 2013-05-03 15:53:10 -05:00
Calvin Montgomery 923ecc2bf3 Add API endpoints for global ban management 2013-05-03 21:52:14 +04:00
calzoneman 41de5c5d7a Add homepage channel list 2013-05-01 17:49:34 -05:00
calzoneman ab3dd208c3 Alert on wrong credentials (#76) 2013-05-01 13:02:06 -05:00
calzoneman d5fc0bb03d Fix 'that username is already taken' login bug 2013-04-26 12:50:31 -05:00
calzoneman 84fb4214d7 Fix cross-domain issues 2013-04-25 23:57:46 -05:00
calzoneman 087f612b37 Bugfixes for last commit
- Fix race condition for login frame
- Fix guest logins
2013-04-25 23:04:51 -05:00
calzoneman 3a7acd0526 Implement new session system
I replaced the old login system with a more secure one.
Instead of storing cookies containing the username and plaintext password, the password
is submitted once to obtain a session hash, which is valid for a given length of time.
Registering and logging in is now done via an iframe, which prevents custom javascript from having access to the password field.
Site admins need to run the following SQL before updating, or else all of your logins/registrations will fail:

ALTER TABLE `registrations` ADD `session_hash` VARCHAR( 64 ) NOT NULL ,
ADD `expire` BIGINT NOT NULL
2013-04-25 22:50:12 -05:00
calzoneman ea4ed864c8 Fix content-length bug for api.js
Well, it finally happened.  I made an assumption about text and it bit me in the butt.  Protip: not everything is 1 byte per character!
2013-04-25 16:36:56 -05:00
calzoneman a88088f2d6 Continue working on API 2013-04-25 16:16:53 -05:00
calzoneman 9786d7eff5 start working on API 2013-04-25 11:00:06 -05:00