Fri, 11 Dec 2009 17:11:47 -0500 |
Dan |
A couple fixes to permission out-of-scope errors.
|
file |
diff |
annotate
|
Mon, 07 Dec 2009 15:21:47 -0500 |
Dan |
Sessions: Made acl_check_deps() verify scope, so that all of an action's dependencies must apply to the namespace of the given action.
|
file |
diff |
annotate
|
Sun, 06 Dec 2009 21:51:55 -0500 |
Dan |
PostgreSQL: Fixed $session->create_user()
|
file |
diff |
annotate
|
Tue, 03 Nov 2009 22:08:48 -0500 |
Dan |
Logins: reorganized data structures a bit. WiP - needs test routine done.
|
file |
diff |
annotate
|
Fri, 21 Aug 2009 20:41:38 -0400 |
Dan |
Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
|
file |
diff |
annotate
|
Fri, 21 Aug 2009 13:49:45 -0400 |
Dan |
User ACP: redirect to Special:Login on own account deletion
|
file |
diff |
annotate
|
Thu, 20 Aug 2009 21:15:19 -0400 |
Dan |
Sessions: whoops, left a debug message in by accident, broke a few redirects
|
file |
diff |
annotate
|
Thu, 20 Aug 2009 20:01:55 -0400 |
Dan |
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
|
file |
diff |
annotate
|
Mon, 10 Aug 2009 22:43:26 -0400 |
Dan |
Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility
|
file |
diff |
annotate
|
Mon, 03 Aug 2009 02:58:43 -0400 |
Dan |
Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.
|
file |
diff |
annotate
|
Fri, 31 Jul 2009 19:15:48 -0400 |
Dan |
Merged development from Scribus and Charlie
|
file |
diff |
annotate
|
Fri, 17 Jul 2009 17:11:09 -0400 |
Dan |
AJAX Login: Fixed all known issues with lockout (and some unknown ones)
|
file |
diff |
annotate
|
Wed, 29 Jul 2009 11:49:30 -0400 |
Dan |
Fixed logins with usernames containing Unicode characters
|
file |
diff |
annotate
|
Thu, 02 Jul 2009 09:01:29 -0400 |
Dan |
Login and sessions: fixed some improper handling of the config for lockout logic
|
file |
diff |
annotate
|
Sun, 21 Jun 2009 00:16:21 -0400 |
Dan |
AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
|
file |
diff |
annotate
|
Fri, 22 May 2009 13:49:02 -0400 |
Dan |
Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
|
file |
diff |
annotate
|
Fri, 15 May 2009 15:56:10 -0400 |
Dan |
Fixed undefined indices for user_extra in various places
|
file |
diff |
annotate
|
Tue, 05 May 2009 00:10:26 -0400 |
Dan |
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
|
file |
diff |
annotate
|
Sun, 19 Apr 2009 19:01:08 -0400 |
Dan |
Upgrader: UX: Added welcome page, different between Caoineag and Banshee
|
file |
diff |
annotate
|
Wed, 15 Apr 2009 19:44:47 -0400 |
Dan |
New, beautiful, rethought Admin:Home. No, really, you'll like it.
|
file |
diff |
annotate
|
Sat, 11 Apr 2009 16:58:32 -0400 |
Dan |
session: login_process_userdata_json hook should work with more than one installed auth plugin now
|
file |
diff |
annotate
|
Sat, 04 Apr 2009 22:35:44 -0400 |
Dan |
Session: additional metadata passed back from auth plugins is passed through to client for optional further parsing
|
file |
diff |
annotate
|
Sat, 14 Mar 2009 14:06:02 -0400 |
Dan |
Added support for alternate port numbers on database servers. Also in install-cli, merged in new sysreqs functionality.
|
file |
diff |
annotate
|
Thu, 26 Feb 2009 01:07:32 -0500 |
Dan |
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
|
file |
diff |
annotate
|
Mon, 16 Feb 2009 16:17:25 -0500 |
Dan |
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
|
file |
diff |
annotate
|
Sun, 25 Jan 2009 21:20:14 -0500 |
Dan |
Replaced integer checks that used preg_match() to use ctype_digit() instead
|
file |
diff |
annotate
|
Fri, 16 Jan 2009 13:13:37 -0500 |
Dan |
Deprecated old grab_password_hash() functions in session
|
file |
diff |
annotate
|
Sun, 11 Jan 2009 21:37:49 -0500 |
Dan |
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
|
file |
diff |
annotate
|