| Fri, 21 Aug 2009 20:41:38 -0400 |
Dan |
Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
|
file |
diff |
annotate
|
| Fri, 21 Aug 2009 13:49:45 -0400 |
Dan |
User ACP: redirect to Special:Login on own account deletion
|
file |
diff |
annotate
|
| Thu, 20 Aug 2009 21:15:19 -0400 |
Dan |
Sessions: whoops, left a debug message in by accident, broke a few redirects
|
file |
diff |
annotate
|
| Thu, 20 Aug 2009 20:01:55 -0400 |
Dan |
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
|
file |
diff |
annotate
|
| Mon, 10 Aug 2009 22:43:26 -0400 |
Dan |
Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility
|
file |
diff |
annotate
|
| Mon, 03 Aug 2009 02:58:43 -0400 |
Dan |
Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.
|
file |
diff |
annotate
|
| Fri, 31 Jul 2009 19:15:48 -0400 |
Dan |
Merged development from Scribus and Charlie
|
file |
diff |
annotate
|
| Fri, 17 Jul 2009 17:11:09 -0400 |
Dan |
AJAX Login: Fixed all known issues with lockout (and some unknown ones)
|
file |
diff |
annotate
|
| Wed, 29 Jul 2009 11:49:30 -0400 |
Dan |
Fixed logins with usernames containing Unicode characters
|
file |
diff |
annotate
|
| Thu, 02 Jul 2009 09:01:29 -0400 |
Dan |
Login and sessions: fixed some improper handling of the config for lockout logic
|
file |
diff |
annotate
|
| Sun, 21 Jun 2009 00:16:21 -0400 |
Dan |
AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
|
file |
diff |
annotate
|
| Fri, 22 May 2009 13:49:02 -0400 |
Dan |
Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
|
file |
diff |
annotate
|
| Fri, 15 May 2009 15:56:10 -0400 |
Dan |
Fixed undefined indices for user_extra in various places
|
file |
diff |
annotate
|
| Tue, 05 May 2009 00:10:26 -0400 |
Dan |
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
|
file |
diff |
annotate
|
| Sun, 19 Apr 2009 19:01:08 -0400 |
Dan |
Upgrader: UX: Added welcome page, different between Caoineag and Banshee
|
file |
diff |
annotate
|
| Wed, 15 Apr 2009 19:44:47 -0400 |
Dan |
New, beautiful, rethought Admin:Home. No, really, you'll like it.
|
file |
diff |
annotate
|
| Sat, 11 Apr 2009 16:58:32 -0400 |
Dan |
session: login_process_userdata_json hook should work with more than one installed auth plugin now
|
file |
diff |
annotate
|
| Sat, 04 Apr 2009 22:35:44 -0400 |
Dan |
Session: additional metadata passed back from auth plugins is passed through to client for optional further parsing
|
file |
diff |
annotate
|
| Sat, 14 Mar 2009 14:06:02 -0400 |
Dan |
Added support for alternate port numbers on database servers. Also in install-cli, merged in new sysreqs functionality.
|
file |
diff |
annotate
|
| Thu, 26 Feb 2009 01:07:32 -0500 |
Dan |
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
|
file |
diff |
annotate
|
| Mon, 16 Feb 2009 16:17:25 -0500 |
Dan |
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
|
file |
diff |
annotate
|
| Sun, 25 Jan 2009 21:20:14 -0500 |
Dan |
Replaced integer checks that used preg_match() to use ctype_digit() instead
|
file |
diff |
annotate
|
| Fri, 16 Jan 2009 13:13:37 -0500 |
Dan |
Deprecated old grab_password_hash() functions in session
|
file |
diff |
annotate
|
| Sun, 11 Jan 2009 21:37:49 -0500 |
Dan |
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
|
file |
diff |
annotate
|
| Sun, 04 Jan 2009 01:43:16 -0500 |
Dan |
Upgrades should work now.
|
file |
diff |
annotate
|
| Sun, 04 Jan 2009 00:55:40 -0500 |
Dan |
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
|
file |
diff |
annotate
|
| Sun, 21 Dec 2008 17:25:28 -0500 |
Dan |
Corrected a few issues with languages and client-side code
|
file |
diff |
annotate
|
| Sun, 21 Dec 2008 07:07:21 -0500 |
Dan |
Fixed a couple PostgreSQL bugs.
|
file |
diff |
annotate
|
| Sun, 21 Dec 2008 04:26:56 -0500 |
Dan |
Fixed timezone preference setting not fully implemented; added ability for users to select their own rank from a list of possible ranks based on group membership and user level
|
file |
diff |
annotate
|
| Thu, 20 Nov 2008 22:59:25 -0500 |
Dan |
Added dependency checking in ACL tracer
|
file |
diff |
annotate
|
| Sun, 09 Nov 2008 14:22:41 -0500 |
Dan |
Merging with upstream
|
file |
diff |
annotate
|
| Mon, 03 Nov 2008 08:56:44 -0500 |
Dan |
Fixed error-out when DiffieHellman not supported and respawn requested (part of OS X QA process)
|
file |
diff |
annotate
|
| Sun, 09 Nov 2008 09:03:10 -0500 |
Dan |
Added config option to grant userpage rights to new users (defaults to on, as it was hardcoded on before)
|
file |
diff |
annotate
|
| Sat, 08 Nov 2008 22:35:59 -0500 |
Dan |
Fixed DiffieHellman being included twice when not supported and login fails
|
file |
diff |
annotate
|
| Sun, 21 Sep 2008 09:01:27 -0400 |
Dan |
Added initial support for DST. Rules are defined in constants.php and are extensible.
|
file |
diff |
annotate
|
| Tue, 19 Aug 2008 20:57:17 -0400 |
Dan |
Made upgrades from 1.1.4 -> 1.1.5 work if keyhash is not present
|
file |
diff |
annotate
|
| Wed, 13 Aug 2008 08:48:03 -0400 |
Dan |
Made login forms that use $session->aes_javascript() use new whiteOutForm() function
|
file |
diff |
annotate
|
| Tue, 12 Aug 2008 00:06:35 -0400 |
Dan |
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
|
file |
diff |
annotate
|
| Mon, 11 Aug 2008 22:31:04 -0400 |
Dan |
Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme.
|
file |
diff |
annotate
|
| Sat, 12 Jul 2008 03:55:14 -0400 |
Dan |
Added Gravatar support in UserManager in admin panel
|
file |
diff |
annotate
|
| Wed, 09 Jul 2008 21:02:28 -0400 |
Dan |
Fixed undefined group_rank_id in sessions
|
file |
diff |
annotate
|
| Mon, 07 Jul 2008 02:49:26 -0400 |
Dan |
Moved all account deactivation notice presentation code to its own method in sessions
|
file |
diff |
annotate
|
| Thu, 03 Jul 2008 15:34:09 -0400 |
Dan |
As promised, dropped in the new librijndael. Benchmarks say about 3 times faster, but more performance testing will be done.
|
file |
diff |
annotate
|
| Wed, 02 Jul 2008 22:15:55 -0400 |
Dan |
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
|
file |
diff |
annotate
|
| Wed, 02 Jul 2008 19:36:44 -0400 |
Dan |
Another sweep from the optimization monster.
|
file |
diff |
annotate
|
| Mon, 30 Jun 2008 17:22:29 -0400 |
Dan |
Made $session->private_key protected and added pk_{en,de}crypt methods for encrypting and decrypting data using the private key
|
file |
diff |
annotate
|
| Mon, 30 Jun 2008 17:20:02 -0400 |
Dan |
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
|
file |
diff |
annotate
|
| Thu, 26 Jun 2008 18:03:04 -0400 |
Dan |
Made encryption work in form-based logon again; modified load_component() to fetch compressed versions when possible
|
file |
diff |
annotate
|
| Thu, 26 Jun 2008 17:01:42 -0400 |
Dan |
Fixed missing table_prefix in generate_rank_sql()
|
file |
diff |
annotate
|
| Wed, 18 Jun 2008 22:43:16 -0400 |
Dan |
Fixed SQL syntax error thrown during rank data fetch
|
file |
diff |
annotate
|
| Mon, 16 Jun 2008 19:05:16 -0400 |
Dan |
Fixed undefined index left over from scope system rewrite a few days ago
|
file |
diff |
annotate
|
| Sun, 15 Jun 2008 01:30:00 -0400 |
Dan |
Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
|
file |
diff |
annotate
|
| Sun, 15 Jun 2008 00:59:37 -0400 |
Dan |
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
|
file |
diff |
annotate
|
| Sat, 14 Jun 2008 22:01:24 -0400 |
Dan |
Fixed some plugin compatibility issues seen in Nuggie
|
file |
diff |
annotate
|
| Tue, 10 Jun 2008 00:21:34 -0400 |
Dan |
A bit of UX improvement to upgrade UI; updated readme for 1.1.4
|
file |
diff |
annotate
|
| Sat, 07 Jun 2008 12:39:24 -0400 |
Dan |
Modified $template->init_vars() to pivot to local page metadata and permissions from a PageProcessor object instead of global data from $paths and permissions from $session to allow redirects to affect on-page controls as well as the actual content (only partially complete, protection and several other elements still need to be localized)
|
file |
diff |
annotate
|
| Sat, 24 May 2008 23:40:42 -0400 |
Dan |
More work done on effective permissions API, namely reporting of page group and usergroup names
|
file |
diff |
annotate
|
| Fri, 16 May 2008 12:22:26 -0400 |
Dan |
Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
|
file |
diff |
annotate
|
| Mon, 12 May 2008 00:59:46 -0400 |
Dan |
Revamped some ACL code and added effective permissions calculation code into session manager
|
file |
diff |
annotate
|
| Mon, 05 May 2008 20:06:37 -0400 |
Dan |
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
|
file |
diff |
annotate
|