Replace the explicit "An email has been sent with a verification code" message with a privacy-preserving wording: "If your account exists, a verification code has been sent to your email address." This avoids account enumeration. Updated language entries in en_UK and fr_FR, the server-side message in password.php, and the password reset template.
Added email notification for successful password reset, improved verification code handling, and implemented account lockout after too many failed attempts. Introduced new language strings for user feedback and security messages. Refactored password reset logic to better handle guest/generic users and API key recommendations.
Deleted the "Customize" and "customize the appareance of the gallery" translation strings from all language files. Added a new string for "edit user preferences" in en_UK and fr_FR. This streamlines user preference terminology and removes redundant or outdated translation keys.
Replaces 'Public key' references with 'ID' and updates related copy messages in English and French language files and profile template. Also changes key icon to 'icon-user-secret' for better clarity and consistency in the API key generation UI.
* Introduces a verification code step before generating password reset links.
* New configuration "password_reset_code_duration".
* Adds Base32, TOTP and PHPQRCode classes .
* New section is required in password.tpl: code verification won't work on themes not updated yet.
* 5 new language strings were added.
Adds logic to detect when an API key is about to expire and sends a notification email to the user if the key expires within 7 days and no recent notification was sent. Introduces a new 'last_notified_on' column to the user_auth_keys table to track notification timing.
- Added API key get, creation, editing, and revocation methods.
- Updated the profile template to include API key management features.
- Updated the database schema to support the new API key system, including additional fields for key management.
- Added client-side JavaScript functionality to handle API key operations and display responses.
- Update tools/htm.ws with the new way to authenticate.
- Restriction of certain api methods when used with an api key
- Backward compatibility with older apps
create new theme standard pages with tpl, css, js and images
update backend to handle pages
add config use_standard_pages
on update set config to false, on install set config to true
add standard pages to no be ingored in git
Add default config pdf_viewer_filesize_threshold
Add function to get number of PDF pages
Add translations
update picture.php to send pdf filesize threshold and nb page to tpl
update picture.tpl to add number of pages for PDF
picture_content.tpl update for new config name and add translation functions. use embed for pdf if file ext = pdf
* ability to combine albums in URL index.php?/category/1/2/3 will consider 1 as $page['category'] and {2,3} as $page['combined_categories']
* new menu block "related albums" which displays only the hierarchy of albums related to the current set of photos, excluding current album(s). In the hierarchy, only the related albums have a link, not ancestors
