Sun, 04 Sep 2011 02:32:49 -0400 |
Dan Fuhry |
SECURITY: Various security enhancements to password resets. They are now rate-limited by username and IP, and it is possible to disable username autofill for guests.
|
file |
diff |
annotate
|
Tue, 16 Nov 2010 12:31:41 -0500 |
Dan Fuhry |
SECURITY: Fix SQL injection in banlist check (1.1.7 branch)
1.1.7-maintenance 1.1.7pl2
|
file |
diff |
annotate
|
Tue, 16 Nov 2010 12:11:29 -0500 |
Dan Fuhry |
SECURITY: Fix SQL injection in banlist check
|
file |
diff |
annotate
|
Fri, 20 Aug 2010 01:36:44 -0400 |
Dan Fuhry |
Fixed some ACL scope warnings
|
file |
diff |
annotate
|
Thu, 29 Jul 2010 19:30:11 -0400 |
Dan |
Pending group memberships no longer alter result in rank alterations
|
file |
diff |
annotate
|
Mon, 26 Jul 2010 20:10:01 -0400 |
Dan |
Improved captcha word generation; fixed duplicate auth parameter in Special:Login privileged login; improved search indexer performance on websites with lots of words
|
file |
diff |
annotate
|
Sun, 25 Jul 2010 11:15:53 -0400 |
Dan Fuhry |
Made login window focus the controls earlier if animations are disabled.
|
file |
diff |
annotate
|
Thu, 01 Jul 2010 20:51:53 -0400 |
Dan Fuhry |
Fixed the (rather expected) 1.0.x migration issues db revision system
|
file |
diff |
annotate
|
Mon, 28 Jun 2010 10:43:04 -0400 |
Dan Fuhry |
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! Also removed my stand-in for ucfirst().
|
file |
diff |
annotate
|
Wed, 02 Jun 2010 21:58:26 -0400 |
Dan |
Rewrote category editor. This breaks the JSON API. Also fixed a few bugs with how Wiki Mode is set in $paths. (Hopefully that doesn't cause infinite loops, heh). Fixes issue 20.
|
file |
diff |
annotate
|
Sat, 17 Apr 2010 03:33:14 -0400 |
Dan |
Made separate methods in sessionManager for static and non-static generate_aes_form(), because PHP (erroneously) always calls that method statically.
|
file |
diff |
annotate
|
Tue, 06 Apr 2010 15:54:45 -0400 |
Dan |
Added Diffie-Hellman crypto support into the installer. Fixes issue 13.
|
file |
diff |
annotate
|
Tue, 30 Mar 2010 11:37:00 -0400 |
Dan |
Added selection and popup for <pre> tags within wikitext. Also fixed more bugs found in the HTML paragraph parser (mostly self-closing tags e.g. <hr />).
|
file |
diff |
annotate
|
Sun, 28 Mar 2010 23:10:46 -0400 |
Dan |
Going ahead with the switch to tabs. This is a major coding standards change! If any unusual parser bugs show up, check this changeset. Converted all .php, .js, .tpl, .css, and .json files and did basic testing.
|
file |
diff |
annotate
|
Mon, 01 Feb 2010 02:15:04 -0500 |
Dan |
Fixed more places where author_uid wasn't right.
|
file |
diff |
annotate
|
Sun, 10 Jan 2010 17:13:03 -0500 |
Dan |
Fixed author_uid in activation request insertion
|
file |
diff |
annotate
|
Wed, 06 Jan 2010 02:02:51 -0500 |
Dan |
Fixed some bugs with account activation, especially if you're a half-logged-in vegetable.
|
file |
diff |
annotate
|
Wed, 06 Jan 2010 01:18:19 -0500 |
Dan |
Sessions: fixed on_critical_page(), it referenced the wrong global; enabled better extensible behavior in the account_active column
|
file |
diff |
annotate
|
Fri, 18 Dec 2009 19:17:18 -0500 |
Dan |
AJAX login: Fixed error box failure to destroy upon cancel. Fixes issue 8.
|
file |
diff |
annotate
|
Fri, 18 Dec 2009 19:06:49 -0500 |
Dan |
Logs: Fully integrated an author_uid column. Logs are now linked by user ID instead of just username, so they survive username changes better. Database is changed. Fixes issue 6.
|
file |
diff |
annotate
|
Fri, 18 Dec 2009 05:12:02 -0500 |
Dan |
Comments (AJAX): Now paginated server side. Fixes issue 2.
|
file |
diff |
annotate
|
Thu, 17 Dec 2009 04:31:55 -0500 |
Dan |
ACP: Added lockout management feature
|
file |
diff |
annotate
|
Sat, 12 Dec 2009 15:44:36 -0500 |
Dan |
Re-merge changes from a2hosting dev
|
file |
diff |
annotate
|
Sat, 12 Dec 2009 15:39:36 -0500 |
Dan |
CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
|
file |
diff |
annotate
|
Fri, 11 Dec 2009 17:11:47 -0500 |
Dan |
A couple fixes to permission out-of-scope errors.
|
file |
diff |
annotate
|
Mon, 07 Dec 2009 15:21:47 -0500 |
Dan |
Sessions: Made acl_check_deps() verify scope, so that all of an action's dependencies must apply to the namespace of the given action.
|
file |
diff |
annotate
|
Sun, 06 Dec 2009 21:51:55 -0500 |
Dan |
PostgreSQL: Fixed $session->create_user()
|
file |
diff |
annotate
|
Tue, 03 Nov 2009 22:08:48 -0500 |
Dan |
Logins: reorganized data structures a bit. WiP - needs test routine done.
|
file |
diff |
annotate
|