create new theme standard pages with tpl, css, js and images
update backend to handle pages
add config use_standard_pages
on update set config to false, on install set config to true
add standard pages to no be ingored in git
When a password activation or reset link is generated, the link expiry time is now defined in two conf: $conf[’password_reset_duration‘] with a default time of one hour and $conf[’password_activation_duration‘] with a default time of 72 hours.
- add field for add user
- in the `pwg.users.add` method, the params `send_password_by_mail` does nothing anymore. Because we no longer want to send passwords in clear text.
- in the `pwg.users.add` add a new `auto_password` parameter to generate a random password when a user is created
- use this parameter (`auto_password`) in user_list.js
- change mail content et password page on first login
- Implementation of a new modal for modifying a user or guest
- Addition of a function to allow plugins to add a tab to the new user modal
- Fix bug: "badger-number" is updated when a user is added or deleted
- Fix bug: When the user who is editing has permissions to delete the user he is modifying, the delete icon is now displayed correctly
- Added a new api method for modifying the main user and generating a link to reset a password
- Passed $conf[‘webmaster_id’] in database configuration
* reset key has a 1-hour life
* reset key is automatically deleted once used
* reset key is stored as a hash
Thank you effigies for code suggestions
git-svn-id: http://piwigo.org/svn/trunk@29111 68402e56-0260-453c-a942-63ccdbb3a9ee
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.
$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']
git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2750 fixed: HTML-sanitize $_POST['username_or_email'] before display (both
username and email don't allow HTML tags...)
Original report by Stefan Schurtz via Secunia SVCRP
git-svn-id: http://piwigo.org/svn/trunk@17984 68402e56-0260-453c-a942-63ccdbb3a9ee
use only $page['infos'] and $page['errors'] vars and and necessary template to all main pages
git-svn-id: http://piwigo.org/svn/trunk@12764 68402e56-0260-453c-a942-63ccdbb3a9ee
The algorithm is highly inspired from WordPress :
1) in a single field, you give a username or an email
2) Piwigo sends an email with the activation key
3) the user clicks on the link in the email (with the activation key) and is able to set a new password
The "lost password" feature is no longer limited to "classic" users:
administrators and webmasters can use it too (no need to tell webmasters
that they can only change their password in the database)
git-svn-id: http://piwigo.org/svn/trunk@11992 68402e56-0260-453c-a942-63ccdbb3a9ee
Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery"
git-svn-id: http://piwigo.org/svn/trunk@8728 68402e56-0260-453c-a942-63ccdbb3a9ee
Use php-gettext (developpement version rev43, because of php5.3) as fallback
Use native language (english) instead of key for translation
Keep directory en_UK for english customization
Need some refactoring for plurals
Todo : managing plugins in the same way
git-svn-id: http://piwigo.org/svn/trunk@5021 68402e56-0260-453c-a942-63ccdbb3a9ee
Replace all mysql functions in core code by ones independant of database engine
Fix small php code synxtax : hash must be accessed with [ ] and not { }.
git-svn-id: http://piwigo.org/svn/trunk@4325 68402e56-0260-453c-a942-63ccdbb3a9ee
First commit, others will be follow.
Not hesitate to change my translations.
Add upload configuration tabsheet (move and add configuration)
Change and add define for access level
Can show upload link every time
Can restrict access upload.class.php
Can choice category on upload page
Add upload class not use for the moment
Review quickly and temporary style of upload.tpl
git-svn-id: http://piwigo.org/svn/trunk@2325 68402e56-0260-453c-a942-63ccdbb3a9ee
bugged (r2297 was repeating new and old header).
By the way, I've also removed the replacement keywords. We were using them
because it was a common usage with CVS but it is advised not to use them with
Subversion. Personnaly, it is a problem when I search differences between 2
Piwigo installations outside Subversion.
git-svn-id: http://piwigo.org/svn/trunk@2299 68402e56-0260-453c-a942-63ccdbb3a9ee
Administrator can ask a new password
Add message about users witch can change their password
git-svn-id: http://piwigo.org/svn/trunk@1947 68402e56-0260-453c-a942-63ccdbb3a9ee
o Good idea of this new way for way conf['guest_access'], but I kept last implementation for access methods (Could be useful on future development)
git-svn-id: http://piwigo.org/svn/trunk@1851 68402e56-0260-453c-a942-63ccdbb3a9ee
