Hello out there,
today I released another update which brings mainly security fixes including some changes inside of the Back End regarding changin passwords.
Feel free to download it here:
https://www.paderdesign.de/gigkalender/downloads.html
There is also an update file available.
Btw, version v1.3 will get skipped, since I'm already working on v1.4.
Friendly greetings
PaderDesign
__
--Change Log (new features marked bold):
v1.2.83_134: installation.txt: Just some minor changes
v1.2.83_133: languages\*.php: Every "deinstall" renamed into "uninstall"
v1.2.83_132: install\uninstall.php: Every "deinstall" renamed into "uninstall"
v1.2.83_131: install\deinstall.php: Renamed into uninstall.php
v1.2.83_130: Bug fix: frontend\example_formate.scss: Removed declaration "x-padding-right" in #List and then the empy #List too
v1.2.83_129: contact-form\contact-form.php: Added date and time into email (like in GB email)
v1.2.83_128: contact-form\contact-form.php: Removed the IP from being send with the email
v1.2.83_127: guestbook\functions.php: sendMail(): Removed ICQ from being send with the email
v1.2.83_126: guestbook\functions.php: sendMail(): Removed the IP from being send with the email
v1.2.83_125: New file: user\editCurrentPassword.php
v1.2.83_124: functions\standard.php: editCurrentUser(): Removed anything password related
v1.2.83_123: functions\standard.php: New function editCurrentPassword()
v1.2.83_122: user\editCurrentUser.php: Removed anything password related
v1.2.83_121: submenues\user.php: New button "Password"
v1.2.83_120: functions\export\export.php: Changed the two FOR into FOREACH loops
v1.2.83_119: Bug fix: Back End > Admin > Export: Throws "Deprecated: strpos(): Passing null to parameter #1 ($haystack)"
⇒ functions\export.php: Added a !is_null() to the IF and improved the function some more
v1.2.83_118: functions\standard.php: Added an IF...ELSE to avoid rehashing passwords on importing from CSV
v1.2.83_117: functions\standard.php: In editUser() removed the strip_tags() applied on password
v1.2.83_116: functions\standard.php: In addUser(), editCurrentUser() and editUser() removed the mysqli_real_escape_string() applied on password
v1.2.83_115: functions\standard.php: addUser(): Updated to hash the new password when editing a user
v1.2.83_114: functions\standard.php: editUser(): Updated to hash the new password when editing a user
v1.2.83_113: admin\includes\addUser\UserCurrentPassword.php: Applied password_verify() to compare against hashed password
v1.2.83_112: gigkalender.ini.php: New vars $MaxPasswordChars and $MinPasswordChars
v1.2.83_111: admin\includes\addUser\UserNewPasswordRepeated.php: Password field not pre-filled anymore (empty value)
v1.2.83_110: admin\includes\addUser\UserNewPassword.php: Password field not pre-filled anymore (empty value)
v1.2.83_109: admin\includes\addUser\UserNewPassword.php: Removed check for proper minimum password length
v1.2.83_108: functions\standard.php: Updated editCurrentUser() to hash the new password when editing own profile
v1.2.83_107: user\editCurrentUser.php: Applied password_verify() to compare against hashed password
v1.2.83_106: admin\includes\addUser\UserNewPasswordRepeated.php added minlength="8" for minimum password length
v1.2.83_105: admin\includes\addUser\UserNewPassword.php: added minlength="8" for minimum password length
v1.2.83_104: functions\standard.php: Updated function getUID() to consider the hashed passwords
v1.2.83_103: update.sql.php: Added a green tick infront of each success note
v1.2.83_102: update.sql.php: Function hashUserPasswords() applied
v1.2.83_101: update.sql.php: Added the function hashUserPasswords()
v1.2.83_100: install\iniUser.php: Changed UserCurrentPassword to VARCHAR(255)
v1.2.83_099: Bug fix: Front End > Gallery: Shows several debug string outputs "gallery.html?"
⇒ gallery\gallery.php: Removed the echo() in question
-
PaderDesign
- Administrator
- Posts: 146
- Joined: Tue 15. Apr 2008, 15:34
- Location: Altenbeken
- Contact: