* reset key has a 1-hour life
* reset key is automatically deleted once used
* reset key is stored as a hash
Thank you effigies for code suggestions
git-svn-id: http://piwigo.org/svn/trunk@29111 68402e56-0260-453c-a942-63ccdbb3a9ee
rewrite pwg_mail_group() and pwg_mail_notification_admins()
new function pwg_mail_admins()
add complete template management in pwg_mail()
TODO : font-size problem in Thunderbird
git-svn-id: http://piwigo.org/svn/trunk@25357 68402e56-0260-453c-a942-63ccdbb3a9ee
Move the "send connection settings" code to function register_user (avoid code duplication).
git-svn-id: http://piwigo.org/svn/trunk@25237 68402e56-0260-453c-a942-63ccdbb3a9ee
is returned, mysql returns bool:false, while mysqli returns null and it was
breaking completely the installation process. I have faked the old mysql
behavior with mysqli (just for get_default_user_infos function)
git-svn-id: http://piwigo.org/svn/trunk@20545 68402e56-0260-453c-a942-63ccdbb3a9ee
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.
$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']
git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
- remove unused css, shorten/optimize php called very often (at least theoretically should be faster)
git-svn-id: http://piwigo.org/svn/trunk@13240 68402e56-0260-453c-a942-63ccdbb3a9ee
- fix content margin on password register
- purge derivative cache by type of derivative
- session saved infos/messages are not given to the page on html redirections
- shorter/faster code in functions_xxx
git-svn-id: http://piwigo.org/svn/trunk@13074 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2534 fixed: clean (as clean as possible with MySQL+MyISAM) handle of
concurrency on user cache refresh. No more error when regenerating several
thumbnails at once.
git-svn-id: http://piwigo.org/svn/trunk@12748 68402e56-0260-453c-a942-63ccdbb3a9ee
The algorithm is highly inspired from WordPress :
1) in a single field, you give a username or an email
2) Piwigo sends an email with the activation key
3) the user clicks on the link in the email (with the activation key) and is able to set a new password
The "lost password" feature is no longer limited to "classic" users:
administrators and webmasters can use it too (no need to tell webmasters
that they can only change their password in the database)
git-svn-id: http://piwigo.org/svn/trunk@11992 68402e56-0260-453c-a942-63ccdbb3a9ee
- removed obsolete known_script template block
- added a warning on usage of is_adviser function
git-svn-id: http://piwigo.org/svn/trunk@11753 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2338 fixed: force purge on sessions table (each time a user gets connected)
git-svn-id: http://piwigo.org/svn/trunk@11737 68402e56-0260-453c-a942-63ccdbb3a9ee
bug 2340 fixed: external authentication was broken, error in SQL syntax and wrong PHP variable name was used.
git-svn-id: http://piwigo.org/svn/trunk@11356 68402e56-0260-453c-a942-63ccdbb3a9ee
better managment if $conf['insensitive_case_logon'] is true, for identification
git-svn-id: http://piwigo.org/svn/trunk@10860 68402e56-0260-453c-a942-63ccdbb3a9ee
useless code. We couldn't create a migration task on the stable branch, but
on trunk this is possible.
git-svn-id: http://piwigo.org/svn/trunk@9074 68402e56-0260-453c-a942-63ccdbb3a9ee
Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery"
git-svn-id: http://piwigo.org/svn/trunk@8728 68402e56-0260-453c-a942-63ccdbb3a9ee
lang remove unused 'return to homepage'
lang change key 'a user use already this mail address' to 'this email address is already in use'
git-svn-id: http://piwigo.org/svn/trunk@8635 68402e56-0260-453c-a942-63ccdbb3a9ee
After connection, session id is changed using session_regenerate_id
but without removing old session. Passing param true makes the job.
git-svn-id: http://piwigo.org/svn/trunk@6660 68402e56-0260-453c-a942-63ccdbb3a9ee
