includes/sessions.php
Mon, 03 Aug 2009 02:58:43 -0400 Dan Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.
Fri, 31 Jul 2009 19:15:48 -0400 Dan Merged development from Scribus and Charlie
Fri, 17 Jul 2009 17:11:09 -0400 Dan AJAX Login: Fixed all known issues with lockout (and some unknown ones)
Wed, 29 Jul 2009 11:49:30 -0400 Dan Fixed logins with usernames containing Unicode characters
Thu, 02 Jul 2009 09:01:29 -0400 Dan Login and sessions: fixed some improper handling of the config for lockout logic
Sun, 21 Jun 2009 00:16:21 -0400 Dan AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page
Fri, 22 May 2009 13:49:02 -0400 Dan Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses
Fri, 15 May 2009 15:56:10 -0400 Dan Fixed undefined indices for user_extra in various places
less more (0) -100 -30 -10 -8 tip