Tue, 08 Apr 2008 20:30:05 -0400 | Dan | Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php | file | diff | annotate |
Sun, 06 Apr 2008 14:02:20 -0400 | Dan | SECURITY: Disabled caching of decrypted DiffieHellman login requests | file | diff | annotate |
Wed, 26 Mar 2008 20:20:22 -0400 | Dan | Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden | file | diff | annotate |