| Age | Commit message (Expand) | Author |
|---|
| 2009-09-15 | CSRF / auth fixes, golden data file checkpoint | Andy Staudacher |
| 2009-09-10 | Use abs_url() inside url::redirect() calls so that we don't just wind | Bharat Mediratta |
| 2009-09-08 | Move specialized (pretty) url generation back into Item_Model so that | Bharat Mediratta |
| 2009-09-04 | When changing user preferences, reset the session based locale preferences. | Andy Staudacher |
| 2009-08-29 | Update all code to use helper method html::clean(), html::purify(), ... inste... | Andy Staudacher |
| 2009-08-29 | Merge commit 'upstream/master' | Andy Staudacher |
| 2009-08-29 | Refactor all calls of p::clean() to SafeString::of() and p::purify() to SafeS... | Andy Staudacher |
| 2009-08-27 | Don't ask for csrf when we're resetting passwords. They're not gonna have on... | Bharat Mediratta |
| 2009-07-29 | Clean up user form events. Thanks to Ben Smith (glooper). | Bharat Mediratta |
| 2009-07-25 | fix for ticket #574. The user->url database wasn't being set when the user wa... | Tim Almdal |
| 2009-07-23 | Add form processing events: | Bharat Mediratta |
| 2009-07-21 | In the logout link, urlencode the continue url so that ampersands, etc | Bharat Mediratta |
| 2009-07-16 | Add missing ) dropped in 8f9a943f. | Bharat Mediratta |
| 2009-07-01 | Fix a bunch of XSS vulnerabilities turned up by manual inspection | Bharat Mediratta |
| 2009-06-10 | Actually save the url when editing user information. | Bharat Mediratta |
| 2009-06-09 | Create a new method in MY_url.php "get_item_from_uri" which loads the item | Tim Almdal |
| 2009-06-06 | Don't ask for CSRF token when trying to view the password reset form. | Bharat Mediratta |
| 2009-06-01 | Security pass over all controller code. Mostly adding CSRF checking | Bharat Mediratta |
| 2009-05-31 | Clean up view variables | Bharat Mediratta |
| 2009-05-27 | Regenerate the session id every time through login::_auth() to avoid session ... | Bharat Mediratta |
| 2009-05-27 | Use a random value for the password reset hash to reduce the chances | Bharat Mediratta |
| 2009-05-26 | White space fixes | Chad Kieffer |
| 2009-05-21 | Changed Name label to Username, closes ticket #93 | Chad Kieffer |
| 2009-05-20 | Move the first-admin-login steps out of the user module and into an event lis... | Bharat Mediratta |
| 2009-05-13 | Gee it's May already. Update copyright to 2009. | Bharat Mediratta |
| 2009-05-13 | Don't allow admins to delete the guest user. Fixes ticket #213 | Bharat Mediratta |
| 2009-05-13 | Variety of changes to the way we do user editing: | Bharat Mediratta |
| 2009-05-13 | Log password reset attempts. Fixes ticket #251. | Bharat Mediratta |
| 2009-05-10 | After ajax login, just reload the current page. | Bharat Mediratta |
| 2009-04-24 | add_group() was not getting $form before using it. | Bharat Mediratta |
| 2009-04-09 | Fix for ticket 181: don't ignore the locale option when adding users | Andy Staudacher |
| 2009-04-05 | Don't do graphics detection in core_installer::install() because that | Bharat Mediratta |
| 2009-04-03 | Fix for ticket #201. | Tim Almdal |
| 2009-03-25 | Fix for ticket #181. Valiant take note of the change to | Tim Almdal |
| 2009-03-17 | Fix the locale field in the change user settings form | Andy Staudacher |
| 2009-03-17 | Fix edit user form handler | Andy Staudacher |
| 2009-03-16 | Proxy the url through _auth() to user::get_login_form() | Bharat Mediratta |
| 2009-03-16 | Clean up the login, maintenance login and required-top-level-login code. | Bharat Mediratta |
| 2009-03-11 | Bag the header("Location:", ...);exit() and replace with | Tim Almdal |
| 2009-03-11 | Force a login if everybody does not have access to the root | Tim Almdal |
| 2009-02-10 | Adding UI for site language selection and user language preference. | Andy Staudacher |
| 2009-02-10 | Line length fix | Bharat Mediratta |
| 2009-02-04 | Use the matches validation rule in order to perform cross field | Tim Almdal |
| 2009-02-04 | Complete the Recover Password functionality (Ticket #5). | Tim Almdal |
| 2009-02-04 | A preview of the password reset functionality. What's working... you | Tim Almdal |
| 2009-02-03 | Add a confirmation password input field that must match the primary | Tim Almdal |
| 2009-01-29 | Fix lint errors | Bharat Mediratta |
| 2009-01-28 | Fully implement the user administration backend with drag/drop to add | Bharat Mediratta |
| 2009-01-28 | Add drag and drop support to the admin_users interface. This is still | Bharat Mediratta |
| 2009-01-25 | Undo the adding underscores to the id on forge generated forms | Tim Almdal |
