| Sun, 04 Oct 2009 13:51:37 +0200 |
When viewing your own profile page, you now get an "edit" link that take you to "My Account"
|
file | diff | annotate |
| Mon, 14 Sep 2009 20:11:17 +0200 |
E_ALL fix
|
file | diff | annotate |
| Fri, 11 Sep 2009 13:03:06 +0200 |
The session and password cookies are now created with the HttpOnly flag set to make it somewhat harder to read them from JavaScript (requires browser support)
|
file | diff | annotate |
| Sun, 06 Sep 2009 15:46:20 +0200 |
Let's use count() instead of sizeof() everywhere from now on
|
file | diff | annotate |
| Mon, 27 Jul 2009 21:39:26 +0200 |
Bah, wrong function name: COM_outputMessageAndAbort -> COM_displayMessageAndAbort
|
file | diff | annotate |
| Sun, 19 Apr 2009 16:57:27 +0200 |
Experimental feature: Optionally compress output before sending it to the browser (disabled by default)
|
file | diff | annotate |
| Sat, 28 Mar 2009 10:31:38 +0100 |
On a login failure, the user registration form showed up even when new user registration was disabled (bug #0000843)
|
file | diff | annotate |
| Sun, 01 Feb 2009 17:46:47 +0100 |
Display a message when sending the email for a new password failed
|
file | diff | annotate |
| Sun, 01 Feb 2009 17:46:47 +0100 |
Display a message when sending the email for a new password failed
|
file | diff | annotate |
| Sat, 31 Jan 2009 17:55:49 +0100 |
Simply calling up /users.php already counted as a failed login attempt
|
file | diff | annotate |
| Sat, 17 Jan 2009 23:08:07 +0100 |
Fixed line endings (DOS vs. Unix) - no change in content
|
file | diff | annotate |
| Sat, 17 Jan 2009 13:50:12 -0500 |
- Usersettings.php - can not change password when custom membership is enabled.
|
file | diff | annotate |
| Thu, 01 Jan 2009 13:50:40 +0100 |
Removed misplaced global declaration (and started using 2009 as the copyright year)
|
file | diff | annotate |
| Sun, 23 Nov 2008 18:02:28 +0100 |
Fixed E_ALL error
|
file | diff | annotate |
| Sat, 04 Oct 2008 20:46:44 +0200 |
Missing exit after redirect to OpenID server
|
file | diff | annotate |
| Sat, 04 Oct 2008 17:28:09 +0200 |
Introduced COM_showMessageText (for feature request #0000676) and COM_showMessageFromParameter (for bug #0000618)
|
file | diff | annotate |
| Mon, 15 Sep 2008 18:26:17 +0000 |
Fixed bug in users.php
|
file | diff | annotate |
| Fri, 04 Jul 2008 15:59:19 +0000 |
Disable OpenID login when new registrations are disabled
|
file | diff | annotate |
| Fri, 04 Jul 2008 15:26:45 +0000 |
E_ALL fix + CUSTOM_loginErrorHandler isn't supposed to return anything
|
file | diff | annotate |
| Sat, 15 Mar 2008 08:57:15 +0000 |
Fixed login when only one remote auth module is enabled
|
file | diff | annotate |
| Sun, 09 Mar 2008 10:23:13 +0000 |
Moved collection of remote auth modules to a separate function; only display the "Service" dropdown if necessary
|
file | diff | annotate |
| Sun, 09 Mar 2008 09:39:16 +0000 |
Make the OpenID input field wider when displayed on users.php
|
file | diff | annotate |
| Sun, 24 Feb 2008 10:55:49 +0000 |
Allow disabling the standard login and forcing users to use remote authentication instead (loosely based on a patch by Jessica Blank)
|
file | diff | annotate |
| Wed, 20 Feb 2008 20:07:59 +0000 |
Ensure every template class has site_url, site_admin_url, layout_url and xhtml variables set. My eyes, they bleed...
|
file | diff | annotate |
| Sat, 16 Feb 2008 21:24:28 +0000 |
Threw in a few htmlspecialchars() calls
|
file | diff | annotate |
| Sun, 20 Jan 2008 10:20:23 +0000 |
Added a second speedlimit for OpenID logins, in case spammers confuse the login prompt with a place to drop their spam ...
|
file | diff | annotate |
| Sun, 09 Dec 2007 18:05:39 +0000 |
New function SEC_encryptPassword() to get all the direct calls to md5() out of the core code and give us a chance to switch to some other encryption method in the future.
|
file | diff | annotate |
| Sun, 25 Nov 2007 06:59:56 +0000 |
XHTML optional updates
|
file | diff | annotate |
| Sun, 23 Sep 2007 19:20:40 +0000 |
Fixed option name: 'user_logging_method' -> 'user_login_method'
|
file | diff | annotate |
| Sat, 18 Aug 2007 20:45:49 +0000 |
Update speed limit on invalid OpenID login attempts
|
file | diff | annotate |
| Sat, 26 May 2007 19:31:59 +0000 |
OpenID support, provided by Choplair
|
file | diff | annotate |
| Tue, 13 Feb 2007 02:07:52 +0000 |
fixing bug [#648] sending new password email returns "Ok" message although it fails
|
file | diff | annotate |
| Thu, 08 Feb 2007 04:06:45 +0000 |
using COM_createLink() in users.php
|
file | diff | annotate |
| Mon, 05 Feb 2007 09:00:15 +0000 |
border is set in CSS
|
file | diff | annotate |
| Tue, 16 Jan 2007 07:18:13 +0000 |
adding aditional bouncing email address for use when sending userlogins and other
|
file | diff | annotate |
| Sat, 13 Jan 2007 17:41:47 +0000 |
Due to a language file change, the login form now asked for a "new password" (ported over from the trunk)
|
file | diff | annotate |
| Sat, 06 Jan 2007 11:48:03 +0000 |
Due to a language file change, the login form now asked for a "new password"
|
file | diff | annotate |
| Sat, 09 Dec 2006 19:18:08 +0000 |
Baby steps: Adding Mark's patches to allow CAPTCHA support. Starting with the user registration.
|
file | diff | annotate |
| Sun, 15 Oct 2006 18:56:47 +0000 |
Uninitialized variable
|
file | diff | annotate |
| Sun, 24 Sep 2006 15:21:30 +0000 |
Cleaned up username / fullname and strikethrough display
|
file | diff | annotate |
| Sun, 24 Sep 2006 15:06:26 +0000 |
Display the Access Denied message without a redirect and with a 403 status code.
|
file | diff | annotate |
| Sat, 23 Sep 2006 19:54:24 +0000 |
Restrict access to user profile if 'Banned/Disabled' and user does not have user.edit rights
|
file | diff | annotate |
| Sat, 23 Sep 2006 00:55:50 +0000 |
Added test to not invoke the custom login error handler if the custom registration mode is not enabled.
|
file | diff | annotate |
| Tue, 22 Aug 2006 17:55:00 +0000 |
Save one SQL request on the profile page; added {edit_icon} and {user_edit} for consistency
|
file | diff | annotate |
| Sun, 13 Aug 2006 18:31:39 +0000 |
Introduced $_CONF['disallow_domains']: domain blacklist for new user registrations
|
file | diff | annotate |
| Sat, 29 Jul 2006 11:21:39 +0000 |
Re-implemented $_CONF['allow_domains'] whitelist (when the user submission queue is enabled) that was inexplicably missing from 1.4.0
|
file | diff | annotate |
| Sat, 08 Jul 2006 19:58:43 +0000 |
Use page titles where appropriate
|
file | diff | annotate |
| Fri, 16 Jun 2006 18:12:44 +0000 |
Corrected naming of function to be CUSTOM_loginErrorHandler()
|
file | diff | annotate |
| Fri, 16 Jun 2006 04:00:50 +0000 |
Added support for CUSTOM login error handler. Used when you have a custom front page and need to trap and reformat any error messages.
|
file | diff | annotate |
| Thu, 25 May 2006 16:10:06 +0000 |
Made the new user registration form slightly more userfriendly. It's now prepopulating the fields again when registration was not yet successful (e.g. because the chosen username already exists).
|
file | diff | annotate |
| Wed, 10 May 2006 07:02:38 +0000 |
introducing email confirmation fields to avoid frustration with users that did not realize they mistyped their email address and wonder why they never got a registration email
|
file | diff | annotate |
| Thu, 06 Apr 2006 13:29:57 +0000 |
Whoops, hard-coded 'gl_' prefix in table name ...
|
file | diff | annotate |
| Tue, 04 Apr 2006 02:32:55 +0000 |
adding an edit-icon to user display if user.edit rights are present (conformity with articles etc)
|
file | diff | annotate |
| Sun, 26 Mar 2006 08:50:20 +0000 |
Ensure consistent use of upper/lower case in the names of the CUSTOM_xxxYyy functions
|
file | diff | annotate |
| Fri, 24 Mar 2006 20:25:41 +0000 |
Fixed warning
|
file | diff | annotate |
| Fri, 24 Mar 2006 16:38:43 +0000 |
Added GROUP BY for MSSQL compatibility
|
file | diff | annotate |
| Mon, 20 Mar 2006 00:13:49 +0000 |
Added feature to support a custom handler for a bad login. Typically this will be used if you have a custom main site page and need to control the login process.
|
file | diff | annotate |
| Sun, 05 Mar 2006 09:04:20 +0000 |
Ported security fixes over from the trunk
|
file | diff | annotate |
| Sat, 04 Mar 2006 19:45:37 +0000 |
Strip HTML from the 'location' entry
|
file | diff | annotate |
| Sat, 04 Mar 2006 18:28:03 +0000 |
Strip HTML from the 'location' entry
|
file | diff | annotate |