Mon, 03 Aug 2009 02:58:43 -0400 | Dan | Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes. | file | diff | annotate |
Fri, 31 Jul 2009 19:15:48 -0400 | Dan | Merged development from Scribus and Charlie | file | diff | annotate |
Fri, 17 Jul 2009 17:11:09 -0400 | Dan | AJAX Login: Fixed all known issues with lockout (and some unknown ones) | file | diff | annotate |