includes/sessions.php
Sun, 18 Nov 2007 18:44:55 -0500 Dan Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Sat, 17 Nov 2007 23:09:12 -0500 Dan Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
Sat, 17 Nov 2007 22:25:37 -0500 Dan Merging in fixes from stable
Sat, 17 Nov 2007 20:31:01 -0500 Dan Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Sat, 17 Nov 2007 15:02:08 -0500 Dan Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
Thu, 15 Nov 2007 18:00:39 -0500 Dan Merging in all changes from revision 185 (90b7a52bea45)
Fri, 09 Nov 2007 11:18:54 -0500 Dan Merge in some minor fixes from stable
Fri, 09 Nov 2007 11:14:20 -0500 Dan Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Sat, 03 Nov 2007 07:40:54 -0400 Dan Merging in fixes and updates from 90b7a52bea45
Sat, 03 Nov 2007 07:30:11 -0400 Dan Merging in fixes from rev. 207
Fri, 02 Nov 2007 20:37:26 -0400 Dan Localized a good part, if not all, of the registration page and a couple other things.
Sun, 28 Oct 2007 14:32:13 -0400 Dan Login page mostly localized
Wed, 24 Oct 2007 12:45:05 -0400 Dan Merging in fixes from stable
Fri, 26 Oct 2007 19:28:54 -0400 Dan You know what folks, a lot of Mercurial merges failed, and I just now figured out why. So now all changes from stable are permanently synced in.
Tue, 23 Oct 2007 12:30:08 -0400 Dan Slight HTTPS compatibility improvements
Sat, 20 Oct 2007 21:51:26 -0400 Dan Merging in changes from db8a849ad4c9
Sat, 20 Oct 2007 21:44:13 -0400 Dan Merging in changes from stable
Mon, 15 Oct 2007 00:11:51 -0400 Dan SECURITY: Fix failure to log login failure on no row match
Sun, 07 Oct 2007 22:06:15 -0400 Dan Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Sun, 07 Oct 2007 21:41:42 -0400 Dan Upgrade UI should work now (upgrades still don't work); do not pull this revision as there is a security hole in the lockout system pending a fix
Sun, 07 Oct 2007 21:28:36 -0400 Dan [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Sun, 07 Oct 2007 17:28:47 -0400 Dan Merging in latest changes from stable
Sun, 07 Oct 2007 08:39:40 -0400 Dan SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Sat, 06 Oct 2007 20:36:40 -0400 Dan Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Sun, 30 Sep 2007 20:20:07 -0400 Dan Feature add: new page group type: regular expression match (PCRE)
Sun, 23 Sep 2007 23:21:10 -0400 Dan Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Tue, 18 Sep 2007 16:29:26 -0400 Dan Enano should now fully support UTF-8 usernames; newly registered users are now granted automatic edit access to their user pages (admins can still use protection on the page)
Tue, 18 Sep 2007 00:30:43 -0400 Dan Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Thu, 13 Sep 2007 08:28:11 -0400 Dan Fix: activation e-mails were signed by Anonymous :-)
Sat, 08 Sep 2007 15:06:28 -0400 Dan Vastly improved UX for a login to an inactive account
less more (0) -30 tip