Commit Graph

22 Commits

Author SHA1 Message Date
Eloy Lafuente (stronk7) 6d12bf2020 MDL-26371 sql - avoid distinct + text in security report 2011-02-13 01:30:20 +01:00
Sam Hemelryk f334afe662 admin MDL-20980 Touched up regex that determines weak password salts 2009-11-26 09:01:04 +00:00
Martin Dougiamas 8ee5b976b1 security overview MDL-20834 Added support for role aliases in courses 2009-11-25 18:01:24 +00:00
Martin Dougiamas f9e1d25dbb security overview MDL-20834 Improved strings, and 3 lists now: roles, overrides and users (SQL from skodak, thanks!) 2009-11-25 17:45:24 +00:00
Martin Dougiamas 6d558e7705 security report MDL-20834 Fixing roles checks 2009-11-25 15:28:18 +00:00
Martin Dougiamas 47ee4d187f security report MDL-20834 Added a check for moodle/backup:userinfo to inform the admin about people who might be able to backup user data 2009-11-25 08:43:59 +00:00
Sam Hemelryk b1807d5b43 security MDL-18807 Changed language strings: Thanks for the new strings Helen 2009-11-18 09:39:01 +00:00
Petr Skoda e9a71201b0 MDL-18006 MDL-18807 MDL-20853 warn that the default salt is definitely weak 2009-11-17 16:35:08 +00:00
Sam Hemelryk 0a4b736b9c security MDL-18006 MDL-18807 MDL-20853 Several improvements to increase security
*  Installation
      o Adds a random $CFG->passwordsaltmain to config.php on install
      o Changes passwordpolicy default to on
* Upgrade
      o If passwordpolicy is off it switches it on
      o Checks if passwordsaltmain has been set and if not recommends to the user and all admins to add it, both on the upgrade output and via messaging.
      o Forces all admin users to change their password at next login.
* General
      o Extends the security overview report to check for passwordmainsalt and recommend if it not set (or weak)
2009-11-17 09:55:51 +00:00
skodak 52c28ff98a MDL-18313 - fixed admin count on security overview report - finally! 2009-03-26 20:59:31 +00:00
skodak e0240b2abd MDL-18041 improved hints - thanks helen 2009-02-18 20:32:13 +00:00
skodak a5886c1a26 MDL-18258 fixed legacy type and improved risky default course role hints; backported from HEAD 2009-02-15 18:46:07 +00:00
skodak 6ed6493820 MDL-18039 xhtml strict fixes 2009-02-15 17:40:59 +00:00
skodak 8cc2a7e47a MDL-18041 improved admin risk info; backported from HEAD 2009-02-15 11:31:18 +00:00
skodak ecde99b07d MDL-18155 no warning if allowed email domains set 2009-02-15 09:55:19 +00:00
skodak 26f86416a0 MDL-18078 adding docs links from detailed security overview report 2009-02-15 09:45:00 +00:00
skodak 256c570e0a MDL-18040 fixed adminrisk query too - now much faster; backported from HEAD 2009-02-02 13:15:43 +00:00
skodak b3b4937eb6 MDL-18040 rewritten XSS query, I hope this will be much faster; backported from HEAD 2009-01-28 22:51:28 +00:00
skodak ba58c9f08e MDL-18057 fixed XSS test 2009-01-27 17:38:40 +00:00
skodak dd75d8696e MDL-18040 adding warning that the security report processing may take a long time; backported from HEAD 2009-01-27 16:22:32 +00:00
mudrd8mz 3b8a200da9 MDL-17982 Security overview report backported to 1.9 uses 2.0 API
Fixes:
- admin/roles/manage.php instead of new admin/roles/define.php
- results returned by old get_recordset_sql() must be iterated using rs_fetch_next_record() instead of new foreach()
2009-01-21 10:57:53 +00:00
skodak d78bca84e8 MDL-17222 backported security report into 1.9.x 2009-01-15 20:16:12 +00:00