includes/sessions.php
Sat, 17 Nov 2007 22:25:37 -0500 Dan Merging in fixes from stable
Sat, 17 Nov 2007 20:31:01 -0500 Dan Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Sat, 17 Nov 2007 15:02:08 -0500 Dan Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
Thu, 15 Nov 2007 18:00:39 -0500 Dan Merging in all changes from revision 185 (90b7a52bea45)
Fri, 09 Nov 2007 11:18:54 -0500 Dan Merge in some minor fixes from stable
Fri, 09 Nov 2007 11:14:20 -0500 Dan Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Sat, 03 Nov 2007 07:40:54 -0400 Dan Merging in fixes and updates from 90b7a52bea45
Sat, 03 Nov 2007 07:30:11 -0400 Dan Merging in fixes from rev. 207
Fri, 02 Nov 2007 20:37:26 -0400 Dan Localized a good part, if not all, of the registration page and a couple other things.
Sun, 28 Oct 2007 14:32:13 -0400 Dan Login page mostly localized
Wed, 24 Oct 2007 12:45:05 -0400 Dan Merging in fixes from stable
Fri, 26 Oct 2007 19:28:54 -0400 Dan You know what folks, a lot of Mercurial merges failed, and I just now figured out why. So now all changes from stable are permanently synced in.
Tue, 23 Oct 2007 12:30:08 -0400 Dan Slight HTTPS compatibility improvements
Sat, 20 Oct 2007 21:51:26 -0400 Dan Merging in changes from db8a849ad4c9
Sat, 20 Oct 2007 21:44:13 -0400 Dan Merging in changes from stable
Mon, 15 Oct 2007 00:11:51 -0400 Dan SECURITY: Fix failure to log login failure on no row match
Sun, 07 Oct 2007 22:06:15 -0400 Dan Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Sun, 07 Oct 2007 21:41:42 -0400 Dan Upgrade UI should work now (upgrades still don't work); do not pull this revision as there is a security hole in the lockout system pending a fix
Sun, 07 Oct 2007 21:28:36 -0400 Dan [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Sun, 07 Oct 2007 17:28:47 -0400 Dan Merging in latest changes from stable
Sun, 07 Oct 2007 08:39:40 -0400 Dan SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Sat, 06 Oct 2007 20:36:40 -0400 Dan Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Sun, 30 Sep 2007 20:20:07 -0400 Dan Feature add: new page group type: regular expression match (PCRE)
Sun, 23 Sep 2007 23:21:10 -0400 Dan Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Tue, 18 Sep 2007 16:29:26 -0400 Dan Enano should now fully support UTF-8 usernames; newly registered users are now granted automatic edit access to their user pages (admins can still use protection on the page)
Tue, 18 Sep 2007 00:30:43 -0400 Dan Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Thu, 13 Sep 2007 08:28:11 -0400 Dan Fix: activation e-mails were signed by Anonymous :-)
Sat, 08 Sep 2007 15:06:28 -0400 Dan Vastly improved UX for a login to an inactive account
Sat, 21 Jul 2007 18:12:10 -0400 Dan Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Sat, 21 Jul 2007 11:28:59 -0400 Dan Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl() 1.0
less more (0) -30 tip