plugins/SpecialUserFuncs.php
Tue, 12 Jul 2011 22:15:18 -0400 Dan Fuhry SECURITY: Fixed XSS in post-login page redirection. Reported by Secunia.
Sat, 29 Jan 2011 15:22:06 -0500 Dan Fuhry Corrected a link
Tue, 16 Nov 2010 12:10:24 -0500 Dan Fuhry SECURITY: Fix path disclosure in Special:Captcha
Tue, 21 Sep 2010 14:14:55 -0400 Dan Fuhry Fixed password field in HTML login not being focused during >USER_LEVEL_MEMBER auth
Sat, 21 Aug 2010 23:29:54 -0400 Dan Fuhry Fixed some bugs with the change password form when pw_strength_enable is 0.
Fri, 30 Jul 2010 21:32:05 -0400 Dan Fuhry Improved display of comments from foes, and fixed some general issues with the friend and foe lists
Mon, 26 Jul 2010 20:10:01 -0400 Dan Improved captcha word generation; fixed duplicate auth parameter in Special:Login privileged login; improved search indexer performance on websites with lots of words
Thu, 01 Jul 2010 18:24:11 -0400 Dan Fuhry Integrated XSS patch for 1.1.7 maintenance branch 1.1.7-maintenance 1.1.7pl1
Mon, 28 Jun 2010 10:43:04 -0400 Dan Fuhry SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! Also removed my stand-in for ucfirst().
Mon, 19 Apr 2010 18:07:43 -0400 Dan Fixed registration admin override with account_activation set to disable.
Sun, 28 Mar 2010 23:10:46 -0400 Dan Going ahead with the switch to tabs. This is a major coding standards change! If any unusual parser bugs show up, check this changeset. Converted all .php, .js, .tpl, .css, and .json files and did basic testing.
Wed, 17 Mar 2010 14:21:46 -0400 Dan Fixed username not being decoded in Special:ActivateAccount
Wed, 06 Jan 2010 02:02:51 -0500 Dan Fixed some bugs with account activation, especially if you're a half-logged-in vegetable.
Sat, 12 Dec 2009 15:39:36 -0500 Dan CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
Tue, 03 Nov 2009 22:08:48 -0500 Dan Logins: reorganized data structures a bit. WiP - needs test routine done.
Fri, 25 Sep 2009 14:18:20 -0400 Dan HTML login: fixed bad submit under IE
Sun, 20 Sep 2009 03:59:36 -0400 Dan Login: if return-to specified and already logged in, jump to return-to instead of main page.
Fri, 11 Sep 2009 09:54:32 -0400 Dan Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)
Fri, 21 Aug 2009 20:41:38 -0400 Dan Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
Thu, 20 Aug 2009 20:01:55 -0400 Dan Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Thu, 02 Jul 2009 09:01:29 -0400 Dan Login and sessions: fixed some improper handling of the config for lockout logic
Fri, 15 May 2009 19:52:12 -0400 Dan Added another word to the CAPTCHA blacklist (thanks Neal).
Fri, 15 May 2009 17:24:12 -0400 Dan Added protection against obscene words in CAPTCHAs
Wed, 13 May 2009 09:43:00 -0400 Dan Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
Sun, 10 May 2009 14:44:37 -0400 Dan Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
Tue, 05 May 2009 00:10:26 -0400 Dan Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
Wed, 15 Apr 2009 16:20:33 -0400 Dan File rollbacks should be all up to date now.
Tue, 14 Apr 2009 21:02:13 -0400 Dan Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
Mon, 13 Apr 2009 17:28:24 -0400 Dan Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
Mon, 13 Apr 2009 16:57:20 -0400 Dan Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
Thu, 26 Feb 2009 01:27:56 -0500 Dan Set password in userinfo to allow auth plugins to see it (some really do need it)
Thu, 26 Feb 2009 01:07:32 -0500 Dan Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
less more (0) -100 -50 -32 tip