servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity
318 Commits 2 Branches 0 Tags 907 KiB
Commit Graph

24 Commits

Author SHA1 Message Date
Miraty 4fbdcdb13b Knot timeout: 3 > 20 2023-08-11 18:56:52 +02:00
Miraty 2570d09ba9 Add reg/edit.php and regParseRecord() 2023-07-31 01:13:06 +02:00
Miraty 40e67b0c0c declare(strict_types=1); 2023-07-17 21:15:18 +02:00
Miraty 858d6e8d02 Add ns/sync and jobs/ns-syncs 2023-06-24 16:54:36 +02:00
Miraty 973a129079 Add type in functions signatures 2023-06-20 00:36:58 +02:00
Miraty 7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape 
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
 2023-06-19 02:15:43 +02:00
Miraty c05c16a516 --blocking for knotc everywhere 2023-05-03 01:38:50 +02:00
Miraty 813927e03e Ensure domains are not too long 2023-04-21 19:01:46 +02:00
Miraty 312292d06a feature: reg: allow multiple suffixes 2023-01-23 01:14:59 +01:00
Miraty 335b826559 Gettext internationalization and english translation 2023-01-21 01:27:52 +01:00
Miraty 73c137aaba Split pages/ between pg-act/ and pg-view/ 2022-12-20 21:17:03 +01:00
Miraty 1c193cd59d Add reg/transfer.php 2022-12-13 16:52:10 +01:00
Miraty 567034b8fe Fix regDeleteDomain security flaw + D regex modifier 
regDeleteDomain() in fn/reg.php used too loose pattern matching for data deletion, that also deleted other domains that included the deleted domain
 2022-11-20 18:17:03 +01:00
Miraty 18d976217b Use single quotes instead of double quotes 2022-11-20 15:11:54 +01:00
Miraty 763762f08b fn success/userError/serverError > output($code) 2022-09-15 19:18:48 +02:00
Miraty e64b6f5f56 Allow reserved IP adresses 2022-08-11 16:36:54 +02:00
Miraty d984dd2f20 Allow private IP adresses 2022-08-07 00:09:56 +02:00
Miraty 6dbc63a36a Add form to delete account 
Move service-specific deletion code to functions
 2022-06-18 04:22:05 +02:00
Miraty 9bcf3a57a2 Add formatAbsoluteDomain, remove regGetUpperDomain 2022-06-15 15:30:18 +02:00
Miraty 265097aa85 Use the query() function more 2022-06-12 01:31:16 +02:00
Miraty d9440231ac del-http-onion.php + query() 2022-06-11 23:42:48 +02:00
Miraty 6b602eb43f Update auth forms 2022-06-10 21:14:47 +02:00
Miraty a6873d6ea6 knotcExec: abort transition on failure 2022-06-10 00:38:05 +02:00
Miraty fac61531dd Create fn/ directory 2022-05-31 19:12:14 +02:00