mirror/userdir-ldap-cgi.git
11 years agouri_escape input
Martin Zobel-Helas [Fri, 6 Sep 2013 20:20:59 +0000 (22:20 +0200)]
uri_escape input

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoadd debian/changelog entry for Moritz Naumann
Martin Zobel-Helas [Fri, 6 Sep 2013 17:15:08 +0000 (19:15 +0200)]
add debian/changelog entry for Moritz Naumann

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoXSS bug in db.debian.org
Moritz Naumann [Tue, 27 Aug 2013 14:42:49 +0000 (16:42 +0200)]
XSS bug in db.debian.org

Hi, I just stumbled upon an XSS bug in db.debian.org:

https://db.debian.org/search.cgi?id=%22%3E%3C/a%3E%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E%3Cx%20y=%22&dosearch=Search...

Both the "id" and "authtoken" fields lack input validation.

<zobel> bfly: you can find the code at git.debian.org in userdir-ldap-cgi
<zobel> would be nice if you could send a patch

A (n untested) patch is attached. Please let me know whether it's usable
and whether you are going to apply it.

-- Moritz

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoiso-codes and isoquery are build-depends and not depends
Martin Zobel-Helas [Sun, 25 Aug 2013 11:58:32 +0000 (13:58 +0200)]
iso-codes and isoquery are build-depends and not depends

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoadd changelog entry for the typo in update.wml
Martin Zobel-Helas [Sun, 25 Aug 2013 11:52:50 +0000 (13:52 +0200)]
add changelog entry for the typo in update.wml

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoauto-generate html/domains.tab
Martin Zobel-Helas [Sun, 25 Aug 2013 11:52:16 +0000 (13:52 +0200)]
auto-generate html/domains.tab

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agotypo: mail default handling incorrectly pointing to the greylist option.
Ramakrishnan Muthukrishnan [Thu, 22 Aug 2013 17:01:54 +0000 (22:31 +0530)]
typo: mail default handling incorrectly pointing to the greylist option.

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoPoint out users can use non-clearsigned mail, and mention that maybe that is smart...
Peter Palfrader [Sat, 27 Jul 2013 09:37:32 +0000 (11:37 +0200)]
Point out users can use non-clearsigned mail, and mention that maybe that is smart with webmailers

11 years agodie handler breaks stuff on wheezy
Peter Palfrader [Thu, 30 May 2013 14:51:57 +0000 (16:51 +0200)]
die handler breaks stuff on wheezy

11 years agomake dnsZoneEntry description more understandable
Luca Filipozzi [Wed, 23 Jan 2013 05:49:19 +0000 (05:49 +0000)]
make dnsZoneEntry description more understandable

11 years agoUpdate the documentation to mention txt records in dnsZoneEntry fields.
Paul Wise [Sun, 2 Dec 2012 12:15:11 +0000 (20:15 +0800)]
Update the documentation to mention txt records in dnsZoneEntry fields.

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
11 years agoLink to SSO documentation in web password update field
Enrico Zini [Sun, 25 Nov 2012 10:12:10 +0000 (11:12 +0100)]
Link to SSO documentation in web password update field

Hello,

attached is a simple patch that adds a link to
http://wiki.debian.org/DebianSingleSignOn to web password update field.

Can you please apply it and push it to production?

Ciao,

Enrico

--
GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>

From 21da63edc068b1e717c6f48d80bed17178c96e23 Mon Sep 17 00:00:00 2001
From: Enrico Zini <enrico@enricozini.org>
Date: Sun, 25 Nov 2012 11:08:53 +0100
Subject: [PATCH] Added link to single signon documentation

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoand include it
Martin Zobel-Helas [Fri, 15 Jun 2012 17:44:57 +0000 (19:44 +0200)]
and include it
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agofix layout problems
Martin Zobel-Helas [Fri, 15 Jun 2012 17:38:56 +0000 (19:38 +0200)]
fix layout problems
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoreadd the lost items
Martin Zobel-Helas [Fri, 15 Jun 2012 14:37:19 +0000 (16:37 +0200)]
readd the lost items
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agomove the navbar to all pages
Martin Zobel-Helas [Fri, 15 Jun 2012 14:35:13 +0000 (16:35 +0200)]
move the navbar to all pages
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agotwo more pages of documentation
Martin Zobel-Helas [Fri, 15 Jun 2012 13:45:42 +0000 (15:45 +0200)]
two more pages of documentation
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agopromote documentation on searchform.wml
Martin Zobel-Helas [Fri, 15 Jun 2012 13:41:26 +0000 (15:41 +0200)]
promote documentation on searchform.wml
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoMerge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi
Martin Zobel-Helas [Wed, 13 Jun 2012 20:45:51 +0000 (22:45 +0200)]
Merge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi

* 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi:
  And a changelog entry for Nick's change
  Use the changes@ address consistently in preference to change@
  Try a different CreateCryptSalt approach

Conflicts:
debian/changelog

12 years agosome cleanup
Martin Zobel-Helas [Wed, 13 Jun 2012 20:42:50 +0000 (22:42 +0200)]
some cleanup
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agouse libjs-jquery-tablesorter to sort machines.cgi
Martin Zobel-Helas [Wed, 13 Jun 2012 16:49:41 +0000 (18:49 +0200)]
use libjs-jquery-tablesorter to sort machines.cgi
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agorestructure
Martin Zobel-Helas [Wed, 13 Jun 2012 16:23:03 +0000 (18:23 +0200)]
restructure
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoAnd a changelog entry for Nick's change
Peter Palfrader [Sun, 10 Jun 2012 20:03:06 +0000 (22:03 +0200)]
And a changelog entry for Nick's change

12 years agoUse the changes@ address consistently in preference to change@
Peter Palfrader [Sun, 10 Jun 2012 20:01:01 +0000 (22:01 +0200)]
Use the changes@ address consistently in preference to change@

Cherry pick 6e07c94822cba24dd24e5f86e662a7ddabc863ea from torproject,
by Nick Mathewson:

Having both addresses listed on the website led me to think that one
of them must be a misprint, and slowed down my debugging attempts
by a factor of 2 as I tried every one of my incorrect ideas on both
of the addresses.

12 years agoTry a different CreateCryptSalt approach
Peter Palfrader [Fri, 9 Mar 2012 19:58:42 +0000 (20:58 +0100)]
Try a different CreateCryptSalt approach

12 years agoremove code duplication
Martin Zobel-Helas [Fri, 9 Mar 2012 18:51:32 +0000 (19:51 +0100)]
remove code duplication

12 years agoAlso ignore "-" as words for cracklib
Peter Palfrader [Fri, 9 Mar 2012 18:09:52 +0000 (19:09 +0100)]
Also ignore "-" as words for cracklib

12 years agoAnd say which password failed its check
Peter Palfrader [Fri, 9 Mar 2012 17:59:28 +0000 (18:59 +0100)]
And say which password failed its check

12 years agoSay what web password is good for
Peter Palfrader [Fri, 9 Mar 2012 17:58:09 +0000 (18:58 +0100)]
Say what web password is good for

12 years agoBetter salt
Martin Zobel-Helas [Fri, 9 Mar 2012 11:47:38 +0000 (12:47 +0100)]
Better salt
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agofix web password generation
Martin Zobel-Helas [Fri, 9 Mar 2012 11:32:46 +0000 (12:32 +0100)]
fix web password generation
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agounrelease
Martin Zobel-Helas [Fri, 9 Mar 2012 09:04:15 +0000 (10:04 +0100)]
unrelease

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agorelease 0.3.36 release-0.3.36
Martin Zobel-Helas [Fri, 9 Mar 2012 09:02:43 +0000 (10:02 +0100)]
release 0.3.36

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agouse Crypt::PasswdMD5 to create apache passwords
Martin Zobel-Helas [Fri, 9 Mar 2012 09:00:24 +0000 (10:00 +0100)]
use Crypt::PasswdMD5 to create apache passwords
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agofix code
Martin Zobel-Helas [Thu, 8 Mar 2012 22:59:29 +0000 (23:59 +0100)]
fix code

12 years agorelease release-0.3.35
Martin Zobel-Helas [Thu, 8 Mar 2012 22:52:14 +0000 (23:52 +0100)]
release

12 years agoMerge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi
Martin Zobel-Helas [Thu, 8 Mar 2012 18:24:52 +0000 (19:24 +0100)]
Merge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi

* 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi:
  add webpassword Signed-off-by: Martin Zobel-Helas <zobel@debian.org>

12 years agoadd webpassword
Martin Zobel-Helas [Thu, 8 Mar 2012 18:23:11 +0000 (19:23 +0100)]
add webpassword
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoadd webpassword
Martin Zobel-Helas [Thu, 8 Mar 2012 18:23:11 +0000 (19:23 +0100)]
add webpassword
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoadd two more pics
Martin Zobel-Helas [Fri, 10 Feb 2012 18:01:35 +0000 (19:01 +0100)]
add two more pics

12 years agofix URL path
Martin Zobel-Helas [Fri, 10 Feb 2012 17:52:34 +0000 (18:52 +0100)]
fix URL path

12 years agostart new version
Martin Zobel-Helas [Fri, 6 Jan 2012 12:02:08 +0000 (13:02 +0100)]
start new version
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agomake selection a link release-0.3.34
Martin Zobel-Helas [Fri, 6 Jan 2012 11:55:49 +0000 (12:55 +0100)]
make selection a link
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agofix quoting in machines.cgi
Martin Zobel-Helas [Fri, 6 Jan 2012 11:55:14 +0000 (12:55 +0100)]
fix quoting in machines.cgi
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agorelease release-0.3.33
Martin Zobel-Helas [Fri, 6 Jan 2012 11:28:18 +0000 (12:28 +0100)]
release
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agoadjust to new layout (no warranties for breakage)
Martin Zobel-Helas [Wed, 4 Jan 2012 22:59:40 +0000 (23:59 +0100)]
adjust to new layout (no warranties for breakage)
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agocorrect mail address
Martin Zobel-Helas [Wed, 4 Jan 2012 22:23:17 +0000 (23:23 +0100)]
correct mail address
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agocorrect mail address
Martin Zobel-Helas [Wed, 4 Jan 2012 22:21:52 +0000 (23:21 +0100)]
correct mail address
Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
12 years agomachines.cgi: generate fingerprints for ecdsa-sha2-nistp256 ssh keys.
Peter Palfrader [Wed, 23 Nov 2011 11:12:45 +0000 (12:12 +0100)]
machines.cgi: generate fingerprints for ecdsa-sha2-nistp256 ssh keys.

13 years agoUtil.pm:UpgradeConnection(): properly concatenate strings
Peter Palfrader [Sun, 30 Oct 2011 16:40:52 +0000 (17:40 +0100)]
Util.pm:UpgradeConnection(): properly concatenate strings

13 years agocracklib-packer complains about '*' on input
Peter Palfrader [Fri, 15 Jul 2011 23:04:27 +0000 (01:04 +0200)]
cracklib-packer complains about '*' on input

13 years agoChange import of Net::LDAP to work on squeeze
Peter Palfrader [Thu, 9 Jun 2011 13:02:06 +0000 (13:02 +0000)]
Change import of Net::LDAP to work on squeeze

13 years agoLuca added entry for changelog; ready to build
root [Mon, 3 Jan 2011 23:04:26 +0000 (23:04 +0000)]
Luca added entry for changelog; ready to build

13 years agofixed link to SPI CA; added link to Debian CA
root [Mon, 3 Jan 2011 22:57:43 +0000 (22:57 +0000)]
fixed link to SPI CA; added link to Debian CA

14 years agoadd patch from vorlon
Martin Zobel-Helas [Tue, 10 Aug 2010 06:40:50 +0000 (08:40 +0200)]
add patch from vorlon

14 years agoMerge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi
Martin Zobel-Helas [Tue, 10 Aug 2010 06:38:39 +0000 (08:38 +0200)]
Merge branch 'master' of git+ssh://db.debian.org/git/userdir-ldap-cgi

14 years agodon't use sentence fragments, make the docs searchable
Steve Langasek [Tue, 10 Aug 2010 01:43:11 +0000 (18:43 -0700)]
don't use sentence fragments, make the docs searchable

Hi all,

Here's a patch to userdir-ldap-cgi to improve the documentation in
doc-mail.wml:

 Replace the sentence fragment at the beginning of the documentation on
 DNS records with a complete sentence that uses the actual field name, making
 the documentation more searchable.

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
14 years agoAnd a changelog entry
Peter Palfrader [Wed, 21 Jul 2010 12:38:22 +0000 (14:38 +0200)]
And a changelog entry

14 years agoMerge branch 'master' of ssh://db.debian.org/git/userdir-ldap-cgi
Peter Palfrader [Wed, 21 Jul 2010 12:37:50 +0000 (14:37 +0200)]
Merge branch 'master' of ssh://db.debian.org/git/userdir-ldap-cgi

* 'master' of ssh://db.debian.org/git/userdir-ldap-cgi:
  Fix typo in update.wml spotted by Sylvain Beucler.
  Actually install new doc.
  updated css from interwebs
  actually install new file

14 years agoOnly import cracklib (do not fallback to crack). Also makes setting cracklib.min_len...
Peter Palfrader [Wed, 21 Jul 2010 12:37:44 +0000 (14:37 +0200)]
Only import cracklib (do not fallback to crack).  Also makes setting cracklib.min_length actually work

14 years agoFix typo in update.wml spotted by Sylvain Beucler.
Martin Zobel-Helas [Tue, 1 Jun 2010 20:28:08 +0000 (22:28 +0200)]
Fix typo in update.wml spotted by Sylvain Beucler.

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
14 years agoActually install new doc.
Stephen Gran [Mon, 15 Mar 2010 11:44:19 +0000 (11:44 +0000)]
Actually install new doc.

14 years agoupdated css from interwebs
Stephen Gran [Mon, 15 Mar 2010 11:43:25 +0000 (11:43 +0000)]
updated css from interwebs

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoactually install new file
Stephen Gran [Mon, 15 Mar 2010 11:43:06 +0000 (11:43 +0000)]
actually install new file

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agowe should also install the CSS files
Martin Zobel-Helas [Sun, 31 Jan 2010 12:35:30 +0000 (13:35 +0100)]
we should also install the CSS files

14 years agonew changelog entry
Martin Zobel-Helas [Sun, 31 Jan 2010 12:09:45 +0000 (13:09 +0100)]
new changelog entry

14 years agoignore debian/substvars
Martin Zobel-Helas [Sun, 31 Jan 2010 12:09:29 +0000 (13:09 +0100)]
ignore debian/substvars

14 years agodon't link outside db.d.o when using https
Martin Zobel-Helas [Sun, 31 Jan 2010 12:08:45 +0000 (13:08 +0100)]
don't link outside db.d.o when using https

14 years agoadd myself to uploaders
Martin Zobel-Helas [Sun, 31 Jan 2010 12:05:03 +0000 (13:05 +0100)]
add myself to uploaders

14 years agosome corrections suggested by #debian-devel channel members
Martin Zobel-Helas [Sun, 31 Jan 2010 11:07:59 +0000 (12:07 +0100)]
some corrections suggested by #debian-devel channel members

14 years agodocument "allowed_hosts" function
Martin Zobel-Helas [Sun, 31 Jan 2010 10:49:33 +0000 (11:49 +0100)]
document "allowed_hosts" function

14 years agowe do not do password logins to our machines any more
Martin Zobel-Helas [Sun, 31 Jan 2010 10:26:58 +0000 (11:26 +0100)]
we do not do password logins to our machines any more

14 years agoMove ud-ldap-cgi wml templates away from gif navbar to CSS navbar See http://lists...
Simon Paillard [Mon, 25 Jan 2010 20:54:23 +0000 (21:54 +0100)]
Move ud-ldap-cgi wml templates away from gif navbar to CSS navbar See lists.debian.org/debian-www/2010/01/msg00120.html

Signed-off-by: Martin Zobel-Helas <zobel@debian.org>
14 years agoAdd a .gitignore
Peter Palfrader [Wed, 13 Jan 2010 12:36:07 +0000 (13:36 +0100)]
Add a .gitignore

14 years agoFix building of wml things [Erinn Clark (helix)]
Peter Palfrader [Wed, 13 Jan 2010 12:35:44 +0000 (13:35 +0100)]
Fix building of wml things [Erinn Clark (helix)]

14 years agostop mentioning gluck as a good machine to work on
Stephen Gran [Thu, 26 Nov 2009 08:41:26 +0000 (08:41 +0000)]
stop mentioning gluck as a good machine to work on

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agono more need for cvs metadata
Peter Palfrader [Wed, 18 Nov 2009 19:06:06 +0000 (20:06 +0100)]
no more need for cvs metadata

14 years ago.cvsignore is now a .gitignore
Peter Palfrader [Wed, 18 Nov 2009 19:04:26 +0000 (20:04 +0100)]
.cvsignore is now a .gitignore

14 years agowmlify doc-mail-handling
Peter Palfrader [Wed, 18 Nov 2009 19:03:59 +0000 (20:03 +0100)]
wmlify doc-mail-handling

14 years agoReplace compiled .html with .wml source from the db.d.o cvs repository
Peter Palfrader [Wed, 18 Nov 2009 19:02:37 +0000 (20:02 +0100)]
Replace compiled .html with .wml source from the db.d.o cvs repository

14 years agoInitial mail docs
Stephen Gran [Mon, 16 Nov 2009 22:12:53 +0000 (22:12 +0000)]
Initial mail docs
Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomake mailDefaultOptions default to true in web interface
Stephen Gran [Mon, 16 Nov 2009 21:32:10 +0000 (21:32 +0000)]
make mailDefaultOptions default to true in web interface

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agodoc fixups
Stephen Gran [Mon, 16 Nov 2009 00:18:12 +0000 (00:18 +0000)]
doc fixups

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoSupport for defaultMailOptions attribute
Stephen Gran [Sun, 15 Nov 2009 23:18:15 +0000 (23:18 +0000)]
Support for defaultMailOptions attribute

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoreadd dropped mail content inspection option to web page
Stephen Gran [Sun, 15 Nov 2009 22:41:50 +0000 (22:41 +0000)]
readd dropped mail content inspection option to web page

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agomove html into the cgi
Stephen Gran [Sun, 15 Nov 2009 15:43:11 +0000 (15:43 +0000)]
move html into the cgi

Signed-off-by: Stephen Gran <steve@lobefin.net>
14 years agoInitial BATV token support
Stephen Gran [Sun, 15 Nov 2009 12:31:50 +0000 (12:31 +0000)]
Initial BATV token support

14 years agoRemove Ryan and Joey from Uploaders: thanks for all the fish!
Stephen Gran [Sun, 15 Nov 2009 12:29:10 +0000 (12:29 +0000)]
Remove Ryan and Joey from Uploaders: thanks for all the fish!

14 years agoAdd myself to uploaders
Stephen Gran [Sun, 15 Nov 2009 12:28:37 +0000 (12:28 +0000)]
Add myself to uploaders

15 years agoadd support for mailContentInspectionAction to web interface
Stephen Gran [Sat, 19 Sep 2009 17:09:26 +0000 (18:09 +0100)]
add support for mailContentInspectionAction to web interface

15 years agoFix showing echelon information. It needs unescaped input
Peter Palfrader [Tue, 12 May 2009 22:11:56 +0000 (00:11 +0200)]
Fix showing echelon information.  It needs unescaped input

15 years agoMerge
Peter Palfrader [Fri, 8 May 2009 23:33:17 +0000 (01:33 +0200)]
Merge

15 years agoIn machines.cgi: do not skip [[- purposes. "[[-<hostname>]]" gets stuff added to...
Peter Palfrader [Fri, 8 May 2009 23:30:55 +0000 (01:30 +0200)]
In machines.cgi: do not skip [[- purposes. "[[-<hostname>]]" gets stuff added to ssh_known_hosts but not http linked.

15 years agoWork around brain damage
Peter Palfrader [Fri, 27 Feb 2009 10:35:53 +0000 (11:35 +0100)]
Work around brain damage

15 years agoIgnore the * in [[*host]] links, and ignore [[- ]] in [[-hostname]] entries.
Peter Palfrader [Sun, 23 Nov 2008 20:42:59 +0000 (21:42 +0100)]
Ignore the * in [[*host]] links, and ignore [[- ]] in [[-hostname]] entries.

15 years agoNew hmac scheme for sudo passwords.
Peter Palfrader [Fri, 14 Nov 2008 19:35:58 +0000 (20:35 +0100)]
New hmac scheme for sudo passwords.

16 years agoVerify confirmed hmac in web display, showing status as either 'confirmed'
Peter Palfrader [Tue, 16 Sep 2008 20:11:07 +0000 (22:11 +0200)]
Verify confirmed hmac in web display, showing status as either 'confirmed'
(which now means also verified, i.e. it will make it to the host), or
'invalid'.

16 years agoSlightly change find call in cronjob
Peter Palfrader [Tue, 16 Sep 2008 14:42:09 +0000 (16:42 +0200)]
Slightly change find call in cronjob

16 years agoInstall a cron job to get rid of old sessions
Peter Palfrader [Tue, 16 Sep 2008 14:39:55 +0000 (16:39 +0200)]
Install a cron job to get rid of old sessions

16 years agoDo not HTML escape stuff we just got from the user before writing it to LDAP,
Peter Palfrader [Tue, 16 Sep 2008 14:29:40 +0000 (16:29 +0200)]
Do not HTML escape stuff we just got from the user before writing it to LDAP,
set it as passwords, etc.  Instead escape stuff we did read from LDAP.