9ba946621e
feat: email template management with DB override, modern mail redesign
2026-04-18 15:41:23 +08:00
e689699f44
fix: batchUpdate use model instance to trigger observer
2026-04-18 04:26:25 +08:00
521d4e3ac5
fix: dedup device IPs, reset stale online_count on disconnect and scheduled cleanup ( #886 )
2026-04-18 02:57:55 +08:00
1708b6564b
feat: add xhttp subscriptions, network monitoring, chart legend toggle and ticket sender labels
2026-04-18 02:02:06 +08:00
d9833fab47
fix(plugin): improve plugin install and uninstall migration handling
2026-04-17 23:11:03 +08:00
f84afc7903
fix: support both GET and POST for handshake endpoint (backward compatibility)
2026-04-17 20:59:48 +08:00
fea7d97aa3
Update installer URL to use 'dev' branch
2026-04-17 12:54:22 +08:00
a74cc2f19d
feat: show install command on machine creation
2026-04-17 06:47:05 +08:00
e297b5fe9f
feat: machine mode, ECH subscriptions, batch ops & security hardening
2026-04-17 03:02:53 +08:00
edbd8de356
QuantumultX下发Anytls节点 ( #880 )
...
QuantumultX最新版本支持Anytls了,做适配
2026-04-16 19:31:24 +08:00
13756956a6
fix: reset traffic stats when copying server nodes
2026-04-11 20:24:43 +08:00
121511523f
Fix: CVE-2026-39912 - Magic link token leak in loginWithMailLink ( #873 )
...
The loginWithMailLink endpoint returns the magic login link in the
HTTP response body, allowing unauthenticated account takeover.
The fix returns true instead of the link. The email delivery is
the authentication factor.
Bug inherited from V2Board commit bdb10bed (2022-06-27).
2026-04-10 02:44:20 +08:00
1fe6531924
fix(update): avoid duplicate safe.directory entries for repo and admin submodule
2026-04-09 20:31:19 +08:00
38ea7d0067
docs: add donation section
2026-04-09 00:21:28 +08:00
58ef46f754
fix: stop sending VLESS decryption when encryption is disabled
2026-04-08 11:05:55 +08:00
ec49ba3fd1
Loon和Surfboard适配anytls ( #854 )
...
* Loon适配anytls
* Surfboard适配anytls
Surfboard适配anytls
2026-04-02 15:47:41 +08:00
b7c8b31a91
Merge pull request #856 from NFamou/master
...
支持Surfboard下发SS2022
2026-04-02 15:46:55 +08:00
f3fd40008b
updata admin asset
2026-04-02 05:51:16 +08:00
94fc5f6942
Merge pull request #841 from cedar2025/revert-755-feat/server-id-stat-user
...
Revert "feat: Track user traffic per node (server_id)"
2026-03-30 18:18:35 +08:00
c5a8c836c0
Revert "feat: Track user traffic per node (server_id)"
2026-03-30 18:17:27 +08:00
048530a893
Remove duplicate doc files
2026-03-30 18:04:41 +08:00
7ed5fc8fd3
fix: remove 2026_03_28_050000_lowercase_existing_emails.php
2026-03-30 17:59:39 +08:00
5f1afe4bdc
feat: add Vless Encryption support
2026-03-30 17:03:37 +08:00
0cd20d12dd
Merge pull request #755 from socksprox/feat/server-id-stat-user
...
feat: Track user traffic per node (server_id)
2026-03-30 13:55:11 +08:00
b4a94d1605
Merge pull request #689 from socksprox/fix-user-generation-multiple-prefix
...
Fix user generation with email_prefix to support multiple users
2026-03-30 13:32:46 +08:00
7879a9ef85
Merge pull request #786 from lithromantic/master
...
Add sha256salt hashing option in password verification
2026-03-30 13:05:39 +08:00
d6a3614d98
update 2026_03_28_161536_add_traffic_fields_to_servers.php
2026-03-30 02:58:09 +08:00
a58d66d72e
feat: node traffic limit & batch operations
...
- Traffic monitoring with transfer_enable limit
- Batch delete nodes
- Reset traffic (single/batch)
2026-03-30 02:50:56 +08:00
daf3055b42
fix: escape Telegram Markdown special characters
2026-03-30 01:46:56 +08:00
3744ebcd5a
Revert "fix: escape Telegram Markdown special characters ( fix #450 )"
...
This reverts commit 23294c1f93
2026-03-29 17:48:49 +08:00
6cac241144
Merge branch 'cedar2025:master' into master
2026-03-29 00:00:34 +01:00
76a800ddbb
Merge pull request #832 from Dlphine/fix/raw-array-access-data-get
...
fix: replace raw array access with data_get() to prevent Undefined array key
2026-03-28 17:38:44 +08:00
bbc96a18bc
fix: use getHost() for proper host comparison in safe mode
2026-03-28 15:52:25 +08:00
23294c1f93
fix: escape Telegram Markdown special characters ( fix #450 )
2026-03-28 09:10:54 +08:00
130f7c82a8
feat: revoke other sessions when changing password ( fix #414 )
2026-03-28 08:31:24 +08:00
0ab67c7a9b
fix: add ru-RU.json
2026-03-28 07:44:43 +08:00
5512841ba2
fix: iOS Safari autofill not filling email field ( Fixes #330 )
2026-03-28 07:41:57 +08:00
7fbd1bb92d
feat: implement email case-insensitive queries ( fix #318 )
2026-03-28 07:09:21 +08:00
5dd4cd4bc9
fix: replace raw array access with data_get() to prevent Undefined array key
...
- Migrate $protocol_settings['key'] to data_get($protocol_settings, 'key') across General, SingBox, Shadowrocket, Surfboard, QuantumultX
- Prevents PHP 8 Undefined array key fatal errors when optional protocol_settings fields are missing
- Same class of bug that caused #735
2026-03-27 13:51:28 +08:00
a6c37bb112
feat: add Russian language support and remove v2board theme
2026-03-26 23:35:30 +08:00
3c3639613e
fix: use ServerService::getServer() for node lookup in WebSocket
2026-03-26 03:51:58 +08:00
74b5ef0b27
fix: resolve device sync issues and refactor WebSocket server
2026-03-26 03:33:01 +08:00
420521d90a
refactor: restructure device limit system
2026-03-25 17:50:16 +08:00
73a37a07dd
feat: ws notify nodes when user traffic is exhausted
2026-03-25 01:44:55 +08:00
7dacb69275
feat: Trojan Reality support and protocol distribution optimizations
2026-03-23 14:56:41 +08:00
a712be7cd4
update admin assets submodule
2026-03-23 11:00:31 +08:00
08d68cbcae
fix: intval u/d to avoid bigint overflow ( #821 )
2026-03-22 19:13:07 +08:00
b779bd4fd5
Merge pull request #789 from socksprox/feat/or-filter-logic
...
feat: Add OR logic support to user fetch API filters
2026-03-21 07:49:03 +08:00
64e6d8148e
feat: Add admin bulk-mail placeholder variables and template rendering
2026-03-19 05:02:16 +08:00
47983dec40
fix(runtime): force app_url/force_https per-request via middlewar
2026-03-19 04:22:17 +08:00
xboard