includes/sessions.php
Sun, 18 Nov 2007 20:37:08 -0500 Dan Merging in fixes and updates from stable
Sun, 18 Nov 2007 18:44:55 -0500 Dan Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Sat, 17 Nov 2007 23:09:12 -0500 Dan Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
Sat, 17 Nov 2007 22:25:37 -0500 Dan Merging in fixes from stable
Sat, 17 Nov 2007 20:31:01 -0500 Dan Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Sat, 17 Nov 2007 15:02:08 -0500 Dan Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
Thu, 15 Nov 2007 18:00:39 -0500 Dan Merging in all changes from revision 185 (90b7a52bea45)
Fri, 09 Nov 2007 11:18:54 -0500 Dan Merge in some minor fixes from stable
Fri, 09 Nov 2007 11:14:20 -0500 Dan Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Sat, 03 Nov 2007 07:40:54 -0400 Dan Merging in fixes and updates from 90b7a52bea45
Sat, 03 Nov 2007 07:30:11 -0400 Dan Merging in fixes from rev. 207
Fri, 02 Nov 2007 20:37:26 -0400 Dan Localized a good part, if not all, of the registration page and a couple other things.
Sun, 28 Oct 2007 14:32:13 -0400 Dan Login page mostly localized
Wed, 24 Oct 2007 12:45:05 -0400 Dan Merging in fixes from stable
Fri, 26 Oct 2007 19:28:54 -0400 Dan You know what folks, a lot of Mercurial merges failed, and I just now figured out why. So now all changes from stable are permanently synced in.
Tue, 23 Oct 2007 12:30:08 -0400 Dan Slight HTTPS compatibility improvements
Sat, 20 Oct 2007 21:51:26 -0400 Dan Merging in changes from db8a849ad4c9
Sat, 20 Oct 2007 21:44:13 -0400 Dan Merging in changes from stable
Mon, 15 Oct 2007 00:11:51 -0400 Dan SECURITY: Fix failure to log login failure on no row match
Sun, 07 Oct 2007 22:06:15 -0400 Dan Fixed the security hole (really, I'm a moron - used $failed > $threshold instead of $failed >= $threashold) and patched up some...erm... math issues
Sun, 07 Oct 2007 21:41:42 -0400 Dan Upgrade UI should work now (upgrades still don't work); do not pull this revision as there is a security hole in the lockout system pending a fix
Sun, 07 Oct 2007 21:28:36 -0400 Dan [F] Added support for account lockouts. User is locked out or required to complete a CAPTCHA after specified threshold for specified period.
Sun, 07 Oct 2007 17:28:47 -0400 Dan Merging in latest changes from stable
Sun, 07 Oct 2007 08:39:40 -0400 Dan SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
less more (0) -24 tip