-Update cookie to use pwg_lang to avoid conflicts with other potential apps.
-Add cookie path to the pwg_lang cookie to help with conflicts also.
-Be less restrictive in load_cookie_language function
-We can't use pwg_set_cookie because it is set in js not PHP so we force it to be called pwg_lang
Replace the explicit "An email has been sent with a verification code" message with a privacy-preserving wording: "If your account exists, a verification code has been sent to your email address." This avoids account enumeration. Updated language entries in en_UK and fr_FR, the server-side message in password.php, and the password reset template.
change how required inputs are handled
change js to display error message for inputs only with data-required
for register handle mandatory or not email
update success message css
Replaces 'Public key' references with 'ID' and updates related copy messages in English and French language files and profile template. Also changes key icon to 'icon-user-secret' for better clarity and consistency in the API key generation UI.
* Introduces a verification code step before generating password reset links.
* New configuration "password_reset_code_duration".
* Adds Base32, TOTP and PHPQRCode classes .
* New section is required in password.tpl: code verification won't work on themes not updated yet.
* 5 new language strings were added.
Change how user language selection is managed and displayed in the profile page. The selected language is now updated in the user profile (in db) and template variable names have been standardized for consistency.
...and improve profile JS. Replaces can_manage_api_key() with connected_with_pwg_ui() to ensure API key management is only allowed from UI logins, and sets 'connected_with' in session during auto-login. Refactors profile.js to respect canUpdatePreferences and canUpdatePassword, moves user state initialization to template, and improves preference reset/default logic. Also adjusts script loading and minor UI details in profile.tpl.
- Added API key get, creation, editing, and revocation methods.
- Updated the profile template to include API key management features.
- Updated the database schema to support the new API key system, including additional fields for key management.
- Added client-side JavaScript functionality to handle API key operations and display responses.
- Update tools/htm.ws with the new way to authenticate.
- Restriction of certain api methods when used with an api key
- Backward compatibility with older apps
create new theme standard pages with tpl, css, js and images
update backend to handle pages
add config use_standard_pages
on update set config to false, on install set config to true
add standard pages to no be ingored in git
HWFord