Michael Hawkins
18a7f0134d
MDL-56873 admin: Set sensible default cURL security settings
2021-06-10 12:01:39 +08:00
Peter Burnett
b4623c8975
MDL-68820 web: Added referrer policy header setting
2020-06-03 15:18:19 +10:00
Peter Burnett
59298ccebc
MDL-67309 login: Added check for password policy at login time.
2020-02-17 09:55:07 +10:00
Shamim Rezaie
9175a97822
MDL-46317 admin: minor coding style fixes
2019-08-12 14:44:12 +10:00
Shamim Rezaie
e945b883fa
MDL-46317 admin: convert userquota config from text to filesize widget
2019-08-12 14:44:10 +10:00
Michael Hawkins
76d0192e0b
MDL-7339 admin: Replaced "open to google" references to be more generic
...
AMOS BEGIN
MOV [configopentogoogle,admin],[configopentowebcrawlers,admin]
MOV [opentogoogle,admin],[opentowebcrawlers,admin]
MOV [check_google_details,report_security],[check_crawlers_details,report_security]
MOV [check_google_error,report_security],[check_crawlers_error,report_security]
MOV [check_google_info,report_security],[check_crawlers_info,report_security]
MOV [check_google_name,report_security],[check_crawlers_name,report_security]
MOV [check_google_ok,report_security],[check_crawlers_ok,report_security]
AMOS END
2019-06-11 10:04:01 +08:00
Andrew Nicols
4f2bc5bc8f
MDL-61876 admin: Move forceclean to experimental settings
2018-05-08 13:30:09 +08:00
Andrew Nicols
1144ae255f
Revert "MDL-61876 admin: set default forceclean=1"
...
This reverts commit c182f060fa .
2018-05-08 13:28:12 +08:00
Marina Glancy
c182f060fa
MDL-61876 admin: set default forceclean=1
2018-04-17 09:39:22 +08:00
David Mudrák
4b82c15cdb
MDL-60940 weblib: Introduce an ability to force cleaning of all content
...
The new configuration flag $CFG->forceclean overrides the noclean
option when calling format_text() so that the text is always
and unconditionally cleaned.
2018-04-11 10:23:45 +02:00
Marina Glancy
1727c939ba
MDL-61477 admin: sitepolicy handler API
...
- Define sitepolicy handler manager class, base class and the core handler
- Allow to set a plugin as sitepolicyhandler that implements the sitepolicy API
- Modify web services to return information from the 3rd party handler instead of core if needed
2018-03-15 11:32:55 +08:00
David Mudrák
0bdc578567
MDL-61477 admin: Allow plugins to act as alternate policy handlers
...
The patch introduces a new site setting 'sitepolicyhandler' that can be
either empty or contain a plugin component name. If it is empty, the
site policy feature keeps working as before and the core keeps the
control over it.
If a plugin is specified, it is expected to implement the callback
'site_policy_handler' in its lib.php file. The callback should return a
URL to a script where the user can accept the site policies. The plugin
itself is responsible for setting the 'policyagreed' flag in the users
table. The callback may return an empty value, in which case the user
can continue using the site without being redirected.
The patch adds support for a new pre-config flag NO_SITEPOLICY_CHECK.
This constant should be defined and set to true if we should not check
the user's policyagreed status during the require_login().
This is for pages where the user actually accepts the site policies and
helps to avoid the redirect loop.
2018-03-15 09:31:41 +08:00
John Okely
b58764ff99
MDL-42834 admin: Remove loginhttps
2017-10-23 12:25:35 +08:00
Juan Leyva
993e817576
MDL-56751 admin: New setting to set user created tokens duration
...
We were using a hardcoded value for 12 months.
With this change, administrators can change the duration time via a
security setting.
2017-07-14 10:24:53 +01:00
Yair Spielmann
409ad1d60a
MDL-57734 admin: New setting for when to use the noindex meta tag
2017-06-26 10:38:25 +08:00
sam marshall
38fa1ca558
MDL-55980 Scheduled tasks: Run individual scheduled tasks from web
2017-02-24 10:42:28 +00:00
Jade Telford
8380658219
MDL-55476 auth: remove loginpasswordautocomplete
2017-01-19 07:24:46 +00:00
Jake Dallimore
067268942c
MDL-48498 admin: new setting types for curl host/port restrictions
...
Two new classes in lib/adminlib. One providing validation for a
newline-delimited textarea supporting domain names, domain wildcards,
IPv4/IPv6 addresses and IPv4/IPv6 ranges. The second providing
validation for a newline-delimited textarea of port numbers.
2016-11-08 15:10:35 +08:00
Juan Leyva
6a09295857
MDL-55923 webservice: Add global setting for forcing token deletion
2016-10-05 20:34:01 +01:00
Brendan Heywood
657ddbf592
MDL-55273 admin: Change $CFG->cookiesecure default to on
2016-08-22 09:20:32 +10:00
Ruslan Kabalin
7d19e0e33d
MDL-50887 antivirus_clamav: Move global clamav settings to plugin level.
...
AMOS BEGIN
MOV [clamfailureonupload,core],[clamfailureonupload,antivirus_clamav]
MOV [configclamactlikevirus,core],[configclamactlikevirus,antivirus_clamav]
MOV [configclamdonothing,core],[configclamdonothing,antivirus_clamav]
MOV [configclamfailureonupload,core],[configclamfailureonupload,antivirus_clamav]
MOV [configpathtoclam,core],[configpathtoclam,antivirus_clamav]
MOV [configquarantinedir,core],[configquarantinedir,antivirus_clamav]
MOV [configrunclamavonupload,core],[configrunclamavonupload,antivirus_clamav]
MOV [pathtoclam,core],[pathtoclam,antivirus_clamav]
MOV [quarantinedir,core],[quarantinedir,antivirus_clamav]
MOV [runclamavonupload,core],[runclamavonupload,antivirus_clamav]
AMOS END
2016-02-25 09:55:45 +00:00
Dani Palou
dbcade703b
MDL-51829 admin: Set userquota setting as PARAM_INT
2015-10-20 10:01:11 +02:00
Ankit Agarwal
5254140b0c
MDL-48559 cron: Disable web cron by default
2015-01-27 10:14:11 +05:30
Petr Skoda
1d658535b6
MDL-47830 auth: Add pw rotation restrictions
2014-12-01 08:53:52 +13:00
Petr Skoda
866f03de46
MDL-47800 auth: Add option to logout on pw change
2014-11-18 09:51:52 +13:00
Ankit Agarwal
52dc1de746
MDL-42891 administration: Re-implement incorrect login notification, without using the logtable.
2014-04-01 17:18:15 +08:00
Peter Bulmer
2f0dd8d5bd
MDL-23692 forgotpw: Coding style tidyups.
2013-10-07 20:54:51 +13:00
Peter Bulmer
92de749fc7
MDL-23692 forgotpw: Simplify forgotpw process.
2013-10-04 22:37:56 +13:00
Adrian Greeve
a327f25ef1
MDL-31776 - lib: Alternate name fields
...
Add support for additional name fields and flexible formating of
user names.
2013-07-09 11:45:50 +08:00
Damyon Wiese
c9c01f75b1
MDL-39077 maxbytes - fix warnings for cli install
2013-05-02 12:11:08 +08:00
Damyon Wiese
367b977d4d
MDL-39077 max_files does not include current option when it is non-standard
...
Non-standard means php.ini was set to something not in the default list (like 7MB),
then the config was saved to that specific value, and now the value in php.ini has been changed
again so 7MB does not appear in the list.
2013-05-01 12:40:57 +01:00
Petr Škoda
b28247fe90
MDL-21342 add user login lockout
2013-01-04 15:12:31 +01:00
Tim Hunt
9665ecd275
MDL-19125 module restrictions: use a capability
...
1. This used to use a complex legacy system which was buggy.
2. It now relies on a new mod/...:addinstance capability for each module.
3. All the legacy code has been stripped out.
4. Old restriction data is upgraded by creating the necessary permission
overrides. Similarly, when old backups are restored, the old settings
are converted to be overrides.
5. The required addinstance capabilities will be added as a separate
commit.
6. There is a developer debug warning about modules that are missing the
addinstance capability, unless they are MOD_ARCHETYPE_SYSTEM mods.
2012-03-15 17:11:27 +00:00
Eloy Lafuente (stronk7)
bb2308a33a
Merge branch 'wip-MDL-26155-m23' of git://github.com/samhemelryk/moodle
...
Conflicts:
admin/settings/security.php
2012-01-03 17:26:31 +01:00
Eloy Lafuente
90911c4ff9
MDL-29844 Administration: Added new config for users to login for viewing profile image
2012-01-03 11:53:49 +08:00
Sam Hemelryk
e106013f34
MDL-26155 admin: Converted admin settings to use new lang_string
2012-01-03 09:09:40 +13:00
adrian@moodle.com
aa30d3e8ce
MDL-30336 - login - Added a setting in security that allows auto complete to be set to off in password fields.
2011-12-06 15:50:26 +08:00
Petr Skoda
73b309e6a3
MDL-28627 remove buggy and obsolete KSES cleaning
2011-10-22 09:25:06 +02:00
Marina Glancy
7b5702b681
MDL-19907 rewrote validation for required fields in forms, including support for editor field. Added parameter to use strict (no spaces) required fields validation
2011-07-29 13:51:26 +08:00
Petr Skoda
5c754932e7
MDL-28344 new option to prevent clickjacking via frame embedding
2011-07-14 22:01:23 +02:00
Eloy Lafuente (stronk7)
21ba26e814
Merge branch 'w27_MDL-28158_m22_cookies' of git://github.com/skodak/moodle
2011-07-11 15:33:03 +02:00
Petr Skoda
0342fc3609
MDL-28158 add optional "Remember username" checkbox in login forms
2011-07-10 13:22:55 +02:00
Petr Skoda
cdbd37126d
MDL-28279 remove flash client version blocking
...
Everybody is responsible for upgrades of Flash, there is no excuse any more.
2011-07-10 11:03:02 +02:00
John Beedell
7351b54e86
MDL-27123 adds a new admin_setting_configmultiselect_modules class
...
and uses it on the module security page. This saves one DB query per
page for users who can see the admin tree in the settings nav.
2011-04-14 12:25:41 +01:00
Petr Skoda
69747f00de
MDL-24834 removing usetags duplicate setting - credit goes to Mark Drechsler
2010-10-26 17:59:56 +00:00
Petr Skoda
b593d49d59
MDL-24570 multiple sitepolicy fixes + adding new separate guest user policy
...
AMOS BEGIN
MOV [configsitepolicy,core_admin],[sitepolicy_help,core_admin]
AMOS END
2010-10-09 18:13:33 +00:00
Petr Skoda
6bdfef5da9
MDL-24321 switching to standard stdClass()
2010-09-21 08:54:01 +00:00
Petr Skoda
eab8ed9fb7
fixed a few spelling errors in /admin/
2010-09-17 10:27:26 +00:00
Petr Skoda
df997f841f
MDL-21782 reworked enrolment framework, the core infrastructure is in place, the basic plugins are all implemented; see the tracker issue for list of unfinished bits, expect more changes and improvements during the next week
...
AMOS START
MOV [sendcoursewelcomemessage,core_admin],[sendcoursewelcomemessage,enrol_self]
MOV [configsendcoursewelcomemessage,core_admin],[sendcoursewelcomemessage_desc,enrol_self]
MOV [enrolstartdate,core],[enrolstartdate,enrol_self]
MOV [enrolenddate,core],[enrolenddate,enrol_self]
CPY [welcometocourse,core],[welcometocourse,enrol_self]
CPY [welcometocoursetext,core],[welcometocoursetext,enrol_self]
MOV [notenrollable,core],[notenrollable,core_enrol]
MOV [enrolenddaterror,core],[enrolenddaterror,enrol_self]
MOV [enrolmentkeyhint,core],[passwordinvalidhint,enrol_self]
MOV [coursemanager,core_admin],[coursecontact,core_admin]
MOV [configcoursemanager,core_admin],[coursecontact_desc,core_admin]
MOV [enrolledincourserole,core],[enrolledincourserole,enrol_manual]
MOV [enrolme,core],[enrolme,core_enrol]
MOV [unenrol,core],[unenrol,core_enrol]
MOV [unenrolme,core],[unenrolme,core_enrol]
MOV [enrolmentnew,core],[enrolmentnew,core_enrol]
MOV [enrolmentnewuser,core],[enrolmentnewuser,core_enrol]
MOV [enrolments,core],[enrolments,core_enrol]
MOV [enrolperiod,core],[enrolperiod,core_enrol]
MOV [unenrolroleusers,core],[unenrolroleusers,core_enrol]
AMOS END
2010-06-21 15:30:49 +00:00
Petr Skoda
39668e9beb
MDL-22544 html purifier now default cleaning engine - die kses die
2010-05-21 11:13:52 +00:00