| Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
* reset key has a 1-hour life
* reset key is automatically deleted once used
* reset key is stored as a hash
Thank you effigies for code suggestions
git-svn-id: http://piwigo.org/svn/trunk@29111 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@28587 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@26461 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
feature:2978
git-svn-id: http://piwigo.org/svn/trunk@25018 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@25005 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@20609 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
expected on r12922)
git-svn-id: http://piwigo.org/svn/trunk@19703 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.
$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']
git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
bug 2774 fixed: better sanitize on username_or_email user input
git-svn-id: http://piwigo.org/svn/trunk@18700 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@18063 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
bug 2750 fixed: HTML-sanitize $_POST['username_or_email'] before display (both
username and email don't allow HTML tags...)
Original report by Stefan Schurtz via Secunia SVCRP
git-svn-id: http://piwigo.org/svn/trunk@17984 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
'loc_end_index' and 'loc_end_picture'
git-svn-id: http://piwigo.org/svn/trunk@15578 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
apocalypse
git-svn-id: http://piwigo.org/svn/trunk@12922 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
use only $page['infos'] and $page['errors'] vars and and necessary template to all main pages
git-svn-id: http://piwigo.org/svn/trunk@12764 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@12672 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
The algorithm is highly inspired from WordPress :
1) in a single field, you give a username or an email
2) Piwigo sends an email with the activation key
3) the user clicks on the link in the email (with the activation key) and is able to set a new password
The "lost password" feature is no longer limited to "classic" users:
administrators and webmasters can use it too (no need to tell webmasters
that they can only change their password in the database)
git-svn-id: http://piwigo.org/svn/trunk@11992 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@10824 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@10812 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@9169 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery"
git-svn-id: http://piwigo.org/svn/trunk@8728 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Remove adviser from user_list page and some db queries.
git-svn-id: http://piwigo.org/svn/trunk@8131 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@5196 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Use php-gettext (developpement version rev43, because of php5.3) as fallback
Use native language (english) instead of key for translation
Keep directory en_UK for english customization
Need some refactoring for plurals
Todo : managing plugins in the same way
git-svn-id: http://piwigo.org/svn/trunk@5021 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Replace all mysql functions in core code by ones independant of database engine
Fix small php code synxtax : hash must be accessed with [ ] and not { }.
git-svn-id: http://piwigo.org/svn/trunk@4325 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Display correctly usernames
(I hope not to have made mistakes)
git-svn-id: http://piwigo.org/svn/trunk@4304 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
small php code improvements
git-svn-id: http://piwigo.org/svn/trunk@4265 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@3049 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
- Correction on install.tpl (link color).
git-svn-id: http://piwigo.org/svn/trunk@2752 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
First commit, others will be follow.
Not hesitate to change my translations.
Add upload configuration tabsheet (move and add configuration)
Change and add define for access level
Can show upload link every time
Can restrict access upload.class.php
Can choice category on upload page
Add upload class not use for the moment
Review quickly and temporary style of upload.tpl
git-svn-id: http://piwigo.org/svn/trunk@2325 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
bugged (r2297 was repeating new and old header).
By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.
git-svn-id: http://piwigo.org/svn/trunk@2299 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@2297 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@2223 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Allow administrator and webmaster ADVISER to ask a new password
git-svn-id: http://piwigo.org/svn/trunk@1951 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Administrator can ask a new password
Add message about users witch can change their password
git-svn-id: http://piwigo.org/svn/trunk@1947 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
- Copyrights 2003-2007
- help
- Some HTML comform requests
git-svn-id: http://piwigo.org/svn/trunk@1903 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
images in this category' for cases when categories contain both images and sub-categories
o Good idea of this new way for way conf['guest_access'], but I kept last implementation for access methods (Could be useful on future development)
git-svn-id: http://piwigo.org/svn/trunk@1851 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
Sent multi-part message in MIME format. (With only one part for the moment).
Improvement pwg_mail function.
git-svn-id: http://piwigo.org/svn/trunk@1809 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
o format of email
o max_execution_time equal to 0
o -f with only adress mail
o use of standard function get_webmaster_mail_address
2 news $conf parameters.
Merge branch-1_6 r1529:1530 into BSF
git-svn-id: http://piwigo.org/svn/trunk@1531 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
you now have category.php?/search/123/start-42. Functions make_index_url and
make_picture_url build these new URLs. Functions duplicate_picture_url and
duplicate_index_url provide shortcuts to URL creation. The current main page
page is still category.php but this can be modified easily in make_index_url
function. In this first version, no backward compatibility. Calendar
definition in URL must be discussed with rvelices.
improvement: picture.php redesigned. First actions like "set as
representative" or "delete a comment" which all lead to a redirection. Then
the page (the big mess) and includes of new sub pages to manage specific
parts of the page (metadata, user comments, rates).
new: with the cleaner URL comes a new terminology. $page['cat'] doesn't
exist anymore. $page['section'] is among 'categories', 'tags' (TODO),
'list', 'most_seen'... And sub parameters are set : $page['category'] if
$page['section'] is "categories". See URL analyse in
include/section_init.inc.php for details.
git-svn-id: http://piwigo.org/svn/trunk@1082 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
o Change status of table #_user_infos
o Don't send password to webmaster, guest, generic
Next Step:
o Functions Check of status
o Restricted Access for user generic
git-svn-id: http://piwigo.org/svn/trunk@1070 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
fonctions (with improvement)
git-svn-id: http://piwigo.org/svn/trunk@1018 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
- use only cookies to store session id on client side
- use default php session system with database handler to store sessions on server side
git-svn-id: http://piwigo.org/svn/trunk@1004 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
default.
git-svn-id: http://piwigo.org/svn/trunk@901 68402e56-0260-453c-a942-63ccdbb3a9ee
|
|
git-svn-id: http://piwigo.org/svn/trunk@866 68402e56-0260-453c-a942-63ccdbb3a9ee
|