When a user successfully performs an authentication with an auth_key, Piwigo
registers it in the history table.
For now, it is not shown/searchable in the history screen, but we can add it
in the future and we can provide a plugin with specific details about
authentication keys usage.
* On album notification (for a group), sends one distinct email for each user
with a new authentication key.
* When someone clicks the link with auth=<key> in URL, if the user is not
already connected, Piwigo will automatically connect the user.
bug 3223 fixed: make sure we have found a user before validating the connection
git-svn-id: http://piwigo.org/svn/trunk@31168 68402e56-0260-453c-a942-63ccdbb3a9ee
* reset key has a 1-hour life
* reset key is automatically deleted once used
* reset key is stored as a hash
Thank you effigies for code suggestions
git-svn-id: http://piwigo.org/svn/trunk@29111 68402e56-0260-453c-a942-63ccdbb3a9ee
rewrite pwg_mail_group() and pwg_mail_notification_admins()
new function pwg_mail_admins()
add complete template management in pwg_mail()
TODO : font-size problem in Thunderbird
git-svn-id: http://piwigo.org/svn/trunk@25357 68402e56-0260-453c-a942-63ccdbb3a9ee
Move the "send connection settings" code to function register_user (avoid code duplication).
git-svn-id: http://piwigo.org/svn/trunk@25237 68402e56-0260-453c-a942-63ccdbb3a9ee
is returned, mysql returns bool:false, while mysqli returns null and it was
breaking completely the installation process. I have faked the old mysql
behavior with mysqli (just for get_default_user_infos function)
git-svn-id: http://piwigo.org/svn/trunk@20545 68402e56-0260-453c-a942-63ccdbb3a9ee
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.
$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']
git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
- remove unused css, shorten/optimize php called very often (at least theoretically should be faster)
git-svn-id: http://piwigo.org/svn/trunk@13240 68402e56-0260-453c-a942-63ccdbb3a9ee
- fix content margin on password register
- purge derivative cache by type of derivative
- session saved infos/messages are not given to the page on html redirections
- shorter/faster code in functions_xxx
git-svn-id: http://piwigo.org/svn/trunk@13074 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2534 fixed: clean (as clean as possible with MySQL+MyISAM) handle of
concurrency on user cache refresh. No more error when regenerating several
thumbnails at once.
git-svn-id: http://piwigo.org/svn/trunk@12748 68402e56-0260-453c-a942-63ccdbb3a9ee
The algorithm is highly inspired from WordPress :
1) in a single field, you give a username or an email
2) Piwigo sends an email with the activation key
3) the user clicks on the link in the email (with the activation key) and is able to set a new password
The "lost password" feature is no longer limited to "classic" users:
administrators and webmasters can use it too (no need to tell webmasters
that they can only change their password in the database)
git-svn-id: http://piwigo.org/svn/trunk@11992 68402e56-0260-453c-a942-63ccdbb3a9ee
- removed obsolete known_script template block
- added a warning on usage of is_adviser function
git-svn-id: http://piwigo.org/svn/trunk@11753 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2338 fixed: force purge on sessions table (each time a user gets connected)
git-svn-id: http://piwigo.org/svn/trunk@11737 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2340 fixed: external authentication was broken, error in SQL syntax and wrong PHP variable name was used.
git-svn-id: http://piwigo.org/svn/trunk@11356 68402e56-0260-453c-a942-63ccdbb3a9ee
