Project

General

Profile

Statistics
| Revision:

# Date Author Comment
1844 2012-12-28 07:03 Dietmar
  1. fixed Use of undefined constant PAGE_ID in /account/forgot.php
    ! change return value to boolean in user management delete.php, add.php
    ! change WEBSITE_SIGNATURE to WBMAIL_SIGNATURE
1842 2012-12-26 03:15 Dietmar
  1. fixed output activation conformation
  2. fixed deleting Users awaiting activation
    ! add YYYY-MM-DD in date_formats dropdown
1833 2012-12-10 05:05 Dietmar
  1. security fix CRLF injection/HTTP response splitting
1810 2012-11-09 16:55 Dietmar

! account signup check that display_name is unique in whole system
(prevents from User-faking)
! add POST Request to admintools

1800 2012-10-29 11:42 Dietmar
  1. add missing lang var in account/languages/EN.PHP
1796 2012-10-24 16:12 Dietmar

! supress frontend preferences, if user have no permission for it

1792 2012-10-24 02:43 Dietmar

! all changes in folder account, Signup with confirmation Mail
! frontend.css now included by account script

1787 2012-10-13 01:26 Dietmar
  1. fixed parsing error in signup
1777 2012-10-01 18:16 Dietmar

+ add methode StripCodeFromText in class.wb to clean injection
! rebranding the admin/settings and security fixes
! a few new styling in backend wb_theme
! beginning aa lot of account changes like correction of $_SESSION indexe, security fixes
+ add head.load.min.js and head.min.js to /include/jquery/ to style HTML5 templates

1776 2012-09-28 11:29 Dietmar

wb theme styling

1773 2012-09-28 01:42 Dietmar

! account split html and code
+ add signup activation registering
+ add missing icons in themes

1742 2012-09-07 02:50 Dietmar

! Now you can style account login with your frontend Template CSS
this change is in work for the whole account

1728 2012-08-30 16:21 Dietmar

! change redirect logic for registered pages

1719 2012-08-29 16:59 Dietmar

! beginning update frontend account
! remove html markup from code

1673 2012-04-18 23:08 Dietmar

! fixed signup, remove $admin->print_error methods
+ add send registation mail to systemadministartor

1654 2012-04-01 01:12 Dietmar

Fixed SERVER_EMAIL in languages, needs double brackets
Installer redesign Step 2

1635 2012-03-09 14:47 Dietmar

fallback signuo2.php revision 1633

1634 2012-03-09 03:20 Dietmar

! update language files and rework some core files (read DEVINFOS)
! compress mdcr.js
+ add DEVINFOS Instructions/Informations for modulecoder

1605 2012-02-08 08:11 Dietmar

login.php fallback to revision 1602

1604 2012-02-08 04:37 Dietmar

fixed parse error in login.php

1603 2012-02-08 04:08 Dietmar

fix local module reload and module manuell install
forgot to upload login.php

1601 2012-02-07 23:48 Dietmar

little designfix in forgot_form.php
fix media if uploading zip files with folder, than create FolderProtectFiles

1599 2012-02-06 16:59 Dietmar

update all used files with redirect_url to $_SESSION['HTTP_REFERER']

1596 2012-02-04 01:50 Dietmar

highly critical security-fix
announced on http://www.darksecurity.de/advisories/2012/SSCHADV2012-003.txt

1595 2012-02-04 00:42 Dietmar

fix form language vars for better understanding (Tks to Maverik)
change request if HTTP_REFERER is not empty in logout.php

1571 2012-01-12 19:07 Dietmar

remove session_start() in /account/logout.php

1569 2012-01-10 09:49 darkviper

possible errors on 'save password' fixed. Minimum length of password set to 6 chars

1566 2012-01-07 03:21 Dietmar

fix class.login, when name and pass are both empty, no longer call increase_attemps
some redirect updates in frontend account files

1557 2012-01-02 16:49 Dietmar ! update editor.css for allcssand round (Tks to Ruebenwurzel)
  1. bugfix in forgot_form.php
1554 2012-01-01 16:20 Dietmar
  1. typofixes in DE languages files (Tks to Ruebenwurzel)
1551 2011-12-27 15:40 Dietmar

+ add languages vars in languages files
+ add upload error mesages moduleinstall
+ add index.php if not exists in function createFolderProtectFile
! corrected changed coding between login_form and forgot_form

1546 2011-12-18 21:00 Dietmar

! recoded /account/forgot_form.php
! update quickSkin
! update languages files
+ add /temp/quickSkin/ folder
! begin fixing sec_anchor in urls

1529 2011-11-25 06:03 Dietmar

add new backend theme handling (Tks to Stefek)

1527 2011-11-22 23:19 Dietmar

fix redirect login

1514 2011-10-04 13:37 Dietmar

account/signup.php, check if user is already logged
fix non object message in framework/functions.php

1509 2011-09-07 23:58 Dietmar

continue fixing frontend account

1508 2011-09-07 20:51 Dietmar

fixed print_error exit in frontend account

1473 2011-07-09 02:40 Dietmar

found more backlinks to fix
remove not working ftan in frontend
fixed redirect in login procedure (Tks to mr-fan)
update droplet LoginBox, additional parameter $redirect
remove double config call in media (Tks to Testör)

1446 2011-05-03 20:34 DarkViper

fixed validation of loginname (admin/users and signup)

1435 2011-03-17 00:39 Dietmar

fix entities converting in select languages (Tks to the community)
see http://www.websitebaker2.org/forum/index.php/topic,20547.msg140512.html#msg140512

1425 2011-02-04 00:16 Dietmar

redefined wrong admin backlinks

1420 2011-01-26 18:43 Dietmar

YGN Ethical Hacker Group (2.8.2 / 2.9.0)

1407 2011-01-22 18:21 FrankH
  1. various Security fixes, thanks to secunia and others
1400 2011-01-21 20:42 FrankH
  1. Security fix in account
  2. Security fix in admin/media, thanks to hal 9000
1386 2011-01-16 10:56 Dietmar

update headerinfos

1374 2011-01-10 13:21 Dietmar

fixed headerinfos

1373 2011-01-10 13:14 Dietmar

update headerinfos

1349 2010-12-19 20:04 Dietmar

add ini_set('display_errors', 1) (Tks to Thorn)
update headerinfos

1323 2010-04-14 17:10 Dietmar

Ticket #985 With #1318 no login in backend possible
Ticket #986 Typo inside the german language file
Ticket #982 Unnessesary heredoc causes on errors while installation!
Ticket #926/Ticket #928 Mail Notification on new user registration

1312 2010-04-07 20:57 Dietmar

Ticket #971 Using $_POST in Admin - account - login.php (tks to Aldus)
update class.wb.php added tokens function

1281 2010-01-30 05:57 Dietmar

continue update headertext
Ticket #930 disabled SyntaxHighlighter from default WB Installation
change help url to www.websitebaker2.org

1277 2010-01-28 06:18 Dietmar

update headertext

1268 2010-01-22 18:21 Dietmar

update header info

1262 2010-01-21 09:24 Dietmar

Beginning header information update

1261 2010-01-21 07:54 Dietmar

fix login_form.php sometimes produce javascript errors in IE

1217 2009-12-16 22:05 MaGnaL

Clean check in of minor bugfixes: Add some localizations, correct html/php syntax

1214 2009-12-14 15:49 MaGnaL

Ticket #832: Fix wrong configuration of timezone-handling when saving preferences-form on backend and frontend

1190 2009-11-26 18:17 Dietmar

validate some output files

1189 2009-11-26 17:47 Dietmar

fix some PHP 5.3 deprecated functions

1136 2009-08-15 11:19 kweitzel

Created 2.8.x branch

1088 2009-07-22 17:58 Matthias

Fixed E_ALL&E_STRICT warning on PHP5 servers (Thanks to Aldus)

1072 2009-07-16 20:50 Matthias

replaced all remaining mktime() with time(), except from third party scripts

958 2009-04-12 10:07 Matthias

Fixed not defined language variable in account/email.php (Thanks to Forum-User BlackTiger)

949 2009-02-25 18:06 Matthias

removed unneeded icons from wb_theme

removed unneeded stylesheet.css from account dir

renamed warning.htt to warning.html to fix display of sourcecode after invalid login attemps

added fixed error.htt also to classic theme

944 2009-02-22 10:39 Matthias

added skinable Admin Interface

921 2009-02-05 23:17 doc

Mail text for register, signup and forgot mail now taken from WB language file (ticket #684)

915 2009-01-21 20:27 Matthias

Copyright notices now includes 2009

850 2008-06-29 18:59 doc

applied additional mail check to forgot login form

803 2008-04-05 16:27 thorn

some small fixes: group_id/groups_id-handling, safe_mode-query in install, better work-around for issue with phplib and code-module (removed {})

791 2008-04-02 22:00 Matthias

fixed bug with registration of users are not added to signup group

762 2008-03-24 16:30 thorn

removed include/captcha/asp.php. css have to be added to module's css-files.

739 2008-03-02 22:10 thorn

reintroduced include/captcha/asp.php

734 2008-03-02 13:53 thorn

removed include/captcha/asp.php

681 2008-02-09 10:03 doc

fixed bug in user signup

669 2008-02-04 22:38 thorn

Fixed possible XSS in account/login.php and forgot-form.php

665 2008-02-03 14:03 thorn

fixed fixed typo :-(

664 2008-02-03 14:00 thorn

fixed typo

656 2008-02-01 23:53 thorn

Added some missing add_slashes(), get_post_escaped(), and strip_tags() for $_POST, $_GET and $_REQUEST-data. Also for $_SERVER['PHP_SELF'].

596 2008-01-25 22:29 thorn

added new CAPTCHA and ASP (Advanced Spam Protection)

550 2008-01-17 22:40 doc

removed the PAGE_EXTENSION added with changeset 549

549 2008-01-17 22:31 doc

fixed bug in frontend login and multiple groups (in conjunction with error_reporting = E_ALL)

546 2008-01-17 19:10 doc

added the "users in multiple groups" feature (closes parts of ticket #546)

540 2008-01-14 22:08 Matthias

Replaced the variable PAGE_EXTENSION with hardcoded .php on all places where the pathes points to WB Corefiles with the page extension .php

538 2008-01-14 18:23 Matthias

Replaced hardcoded text in login.php with language variables (fixes #386)

519 2007-12-23 15:37 Matthias

Changed all copyright notices to include now 2008

432 2007-02-12 17:36 doc

Security enhancement (reduced number of login trials from 50 to 3).

399 2006-12-24 08:50 Matthias

Added 2007 to all copyright notices
Added missing ID Keywords
Removed not Unix conform line endings

372 2006-12-20 21:23 Matthias

Fixed spelling errors in the signup2.php (#330)

353 2006-05-20 09:52 ryan

Fixed more security issue's related to ticket #237

352 2006-05-19 12:40 ryan

Fixed tickets 190 and 207

350 2006-05-15 20:07 stefan

Fixes security issue #237.

344 2006-05-03 14:38 stefan

Removed "From:" from calls to internal mail function. Ticket 189

323 2006-03-09 12:18 stefan

Applied fix regarding ticket #138

322 2006-03-09 12:14 stefan

Ticket #137 - Last Reset timer not reset in frontend forgotten password process

310 2006-02-19 06:31 ryan

Updated all copyright notices to include 2006

302 2006-02-03 23:00 stefan

Ticket #126. Cookie REMEMBER_KEY wasn't cleared in account/logout and expiration date is now set to time in the past. Thanks to alex!

300 2006-02-03 22:49 stefan

Changed mail calls to $wb->mail (thanks to John!).

297 2006-02-03 22:38 stefan

John: changed captcha.php call to include timestamp

293 2006-01-31 00:00 stefan

Forgotten password: if sending of e-mail fails, restore old password. Ticket #110

286 2006-01-23 22:15 stefan

Added an exit call after every heading("Location:...") redirector to prevent unwanted execution of code.