Show copy/send password links by default but hide them for users with status 'generic'. Adds a change handler in fill_user_edit_properties to call toggle_send_copy_password when the status select changes, and implements toggle_send_copy_password(status) to show/hide #copy_password_link and #send_password_link accordingly.
Hide AddUser error block on close and make the AddUser popin scrollable with layout fixes. Also refine two French translations (password and login key).
Use binary (1024-based) prefixes instead of decimal (1000-based) for
storage unit conversion. Previously dividing by 1000000 and 1000,
now correctly dividing by 1048576 (1024*1024) and 1024.
Fixes#2502
Updated user activity display to show when a user is connected via API key, including an icon and updated tooltip. Modified backend to set a 'connected_with' flag in activity details when API key authentication is used.
Introduces password and password confirmation fields when creating a user with 'generic' status. The password fields are shown or hidden based on the selected user status, and validation is added to ensure passwords are entered and match. Also adds a button to generate random passwords for new generic users.
Improves login security by:
- implementing constant-time authentication to reduce timing attacks
- refactoring user lookup into find_user_by_username_or_email() for username or email login
- introducing a fake user to keep password verification time consistent
- adding a finalize_login hook so plugins can control the authentication flow (2FA, rate limiting, etc.)
Also updates user activity JS to:
- better display action details
- properly handle user lists (login/logout with multiple users)
Added support for bulk comment validation and deletion with updated confirmation messages and translations. Improved modal dialog behavior, including keyboard accessibility and button visibility. Updated CSS for consistent button styling across themes. Fixed author name display for guest comments.
Replaces legacy PHP comment management with a new interface for listing, filtering, selecting, validating, and deleting user comments. Updates templates and CSS for a modern, interactive experience, adds advanced filters, selection mode, and modal comment viewing. Removes obsolete server-side logic from comments.php and introduces new api methods for comment actions.
* Add an action filter and a date filter.
* Additional filters on a specific object (photo/album/group) are available from their dedicated administration page.
* Performances of the page was improved : instead of loading 100k lines in activity table, we loop on 500 activity lines until 100 aggregated lines are found for the current page.
When a password activation or reset link is generated, the link expiry time is now defined in two conf: $conf[’password_reset_duration‘] with a default time of one hour and $conf[’password_activation_duration‘] with a default time of 72 hours.
...with spread operator for cleaner code. This change also allows for compatibility with additional fields that may be returned by the API, such as those added by plugins, ensuring all elements are captured without explicitly defining each one.
- Delete old files (cat_search.php and cat_search.tpl) and his tab un add_core_tabs.inc.php
- Add search field and result in albums.tpl
- Separate js code from template
- Reuse data of albums.tpl for jqtree for the search algorithm
Linty