Commit Graph

56 Commits (b8518b7e2684684c218c7d6b2fa0c83f633c42d6)

Author SHA1 Message Date
CodeKevin b8518b7e26 Merge branch 'master' of https://github.com/isislab/CTFd 2015-05-03 17:26:14 -04:00
CodeKevin f63b894258 Preventing team name changes 2015-05-03 17:25:59 -04:00
Kevin Chung 44df12550a Removing extra checkbox 2015-04-19 18:39:09 -04:00
CodeKevin 5e24fba459 Closes #16 2015-04-19 04:24:48 -04:00
Kevin Chung 4319af3b0d Merge pull request #30 from bburky/installation-fixes
Update installation scripts
2015-04-01 23:13:03 -04:00
Kevin Chung 561e5a61d2 Merge pull request #31 from bburky/mailgun
Fix Mailgun from address
2015-03-21 22:38:36 -04:00
Blake Burkhart 3cc62b3103 Fix Mailgun from address
Use the app.config['ADMINS'][0] address as the from address in Mailgun messages.

TODO: This email address should probably be configurable in the admin settings.
2015-03-21 21:06:15 -05:00
Blake Burkhart 0125be9403 Update installation scripts
Install libffi-dev in prepare.sh. Bcrypt seems to depend on this.

Add exact versions for all packages in requrements.txt
2015-03-21 20:40:57 -05:00
Kevin Chung 4d62a1dbcc Update README.md 2015-03-20 03:22:32 -04:00
CodeKevin ac83c8a576 Fixing DOM XSS issues, upload issues, and usability issues 2015-03-16 16:03:58 -04:00
CodeKevin 95e015abe6 Proper custom CTF name
I should have better pushing habits
2015-03-15 15:03:16 -04:00
CodeKevin 0179fa7115 Custom CTF Name 2015-03-15 14:55:50 -04:00
CodeKevin c26d0924bf Fixing XSS issue for users 2015-03-15 14:44:47 -04:00
CodeKevin a0d3a1e640 Fixing XSS issue 2015-03-15 14:42:31 -04:00
CodeKevin a499f8c731 Adding favicon for non-admins 2015-03-15 04:23:16 -04:00
CodeKevin 8334c15f98 Adding favicon 2015-03-15 04:19:58 -04:00
CodeKevin d09d0a9678 Closes #21 2015-03-15 04:18:39 -04:00
CodeKevin eced601485 Updating logo 2015-03-15 02:39:32 -04:00
CodeKevin 5f4a670b7a Removing debug print statement 2015-03-15 00:28:12 -04:00
CodeKevin 0a27d11f45 Fixing score and place for team pages 2015-03-14 23:39:05 -04:00
CodeKevin f2484c519a Closes #15 (Thanks mwinstead3790), various fixes 2015-03-14 23:01:21 -04:00
Kevin Chung b4dd54d36a Adding score and place to team page, fixing create_app 2015-03-08 13:39:22 -04:00
CodeKevin f43c695330 Keeping ban/unban in the admin panel 2015-01-26 01:08:51 -05:00
Kevin Chung 613ed46298 Merge pull request #17 from xkjcf/master
make the ban and unban switcher work
2015-01-26 01:07:09 -05:00
CodeKevin 81ea0f8d52 Send email tested and improved 2015-01-24 20:04:58 -05:00
CodeKevin 29071a6d5c Cleaning out some leftover text 2015-01-24 19:41:34 -05:00
CodeKevin 52becebbdb Adding team emailing
Untested since I don't have a mail server on my dev environment
2015-01-24 19:40:52 -05:00
CodeKevin b1c09e832e Listing DO hosts
Swapped out API wrappers
2015-01-24 03:50:45 -05:00
CodeKevin 6b81ac4577 Merging local changes 2015-01-24 00:51:32 -05:00
CodeKevin 7642aeb1e5 Starting DO integration 2015-01-24 00:48:41 -05:00
xkjcf 6916f5f68b make the ban and unban switcher work 2015-01-20 15:05:17 +08:00
Kevin Chung 8ec79d9337 Removing hits calculation for issue #12 2015-01-18 20:25:05 -05:00
Kevin Chung 3b93a40f2b Closes #9 2015-01-18 20:07:02 -05:00
Kevin Chung 1882d8231d Properly checking for config values and setting them if they don't exist 2015-01-18 19:33:48 -05:00
Kevin Chung 4a128e83dc Adding user deletion from admin panel 2015-01-18 19:17:57 -05:00
Kevin Chung fb5e525775 Merge pull request #11 from bburky/view-challenges-unregistered
Optionally allow unregistered users to view challenges
2015-01-08 00:13:39 -05:00
CodeKevin 7bb7186f8d Preventing unnecessary requests 2015-01-08 00:13:13 -05:00
Blake Burkhart 2972cf506d Optionally allow unregistered users to view challenges
Add a Config entry `view_challenges_unregistered` to indicate whether
unregistered users can view challenges. Add the setting to the admin config
page.

Add can_view_challenges() to utils to test if a user is either authed, or the
configuration allow unauthenticated users to view the challenges.

Return a HTTP 401 Unauthorized error when the /chals/solves API can't provide
results for an unauthenticated user. This is needed because the client side
code in `chalboard.js` doesn't know if it's logged in or not and requests this
anyway. (And AJAX doesn't handle redirects very well.) Alternately the client
could actually know if they're logged in and not make needless API calls.

When an unregistered user attempts to submit a flag, it will also fail. The
user will be redirected to a login page.
2015-01-07 22:11:31 -06:00
Kevin Chung c5c3126bb4 Closes #10 2015-01-07 21:32:31 -05:00
Kevin Chung ce4766003a Admin teams javascript removes whitespace before opening modal 2015-01-07 21:12:52 -05:00
Kevin Chung a1f30547d2 Admins can edit users from the admin interface 2015-01-07 21:03:37 -05:00
CodeKevin 7c7632301f Closes #7
Stack trace only applies in debug mode which shouldn't be used in
production but password length bug is valid
2015-01-05 20:32:34 -05:00
Kevin Chung 7cf762a6c4 Merge pull request #6 from takeshixx/upstream-fixes
Missing dependencies added, some weird imports fixed
2015-01-02 18:48:40 -05:00
takeshix 88c79ec1a6 Missing dependencies added 2015-01-02 20:19:00 +01:00
Kevin Chung 16a344cfab Update setup.html
Spellcheck is your friend
2015-01-02 00:31:00 -05:00
CodeKevin 872e310380 Closes #5 2015-01-01 23:11:59 -05:00
Kevin Chung 0a75864ce4 Adding demo site 2015-01-01 21:16:16 -05:00
Kevin Chung 6705f97194 Merge pull request #4 from takeshixx/dev
Fixed permanent "referenced before assignment" condition
2015-01-01 20:47:58 -05:00
Kevin Chung 0c379e7444 Merge pull request #3 from mark-ignacio/pip-freeze
Freeze package + version requirements and changed pip install command
2015-01-01 20:47:11 -05:00
takeshix 65891ed215 Fixed permanent referenced before assignment condition 2015-01-02 01:12:17 +01:00