flatpress

Author	SHA1	Message	Date
Fraenkiman	326f5aa163	- Error messages now multilingual - Error messages are now supported in multiple languages	2023-09-01 23:09:33 +02:00
Fraenkiman	759a459e01	Update main.lib.php	2023-09-01 00:45:06 +02:00
Fraenkiman	36df32236c	Update main.lib.php - Username can only contain letters, numbers and 1 underscore.	2023-08-31 23:59:53 +02:00
azett	5f23b4c2ea	fixes #176 , possible XSS in setup	2022-12-25 14:16:25 +01:00
azett	83e1644c0f	Restored some changes from the last commit. Turns out, the HASHSALT_FILE is still used elsewhere ó_Ò	2020-12-19 19:25:52 +01:00
azett	f265b22b0b	Fix for #59 : Updated password hash algorithm from md5 to bcrypt (via password_hash() function). Thanks a lot, @axelhahn! In detail: Added function io_delete_file(). Removed system_hashsalt_save(). Added password hash update mechanics to user_login().	2020-12-19 14:02:27 +01:00
real_nowhereman	c0642e4f0f	huge security commit, this should be an almost hassle-free hash salt: the salt is created on setup and then STORED in fp-content/config/hashsalt.conf.php (you can change the name of the file from defaults.php); as salt is based on the path on the server, if you had to move to another directory or to another server, then you wouldn't be able to login anymore and you had to reinstall, now this shouldn't be needed anymore; moreover as this is now safe in a file we can add additional security by * concatenating the default paths+random blog id to another random number, which is not written anywhere else * changing the contents with your very own salt string: then re-run setup and overwrite your old user: the hashsalt won't be overwritten (this needs testing)	2008-02-10 14:20:09 +00:00
real_nowhereman	725a70f1d0	finally moved from simple md5 to salted wp_hash ; please remember to REINSTALL and OVERWRITE your old user in order to be able to login !	2008-01-01 09:34:41 +00:00
real_nowhereman	a68630bf35	First revision of FlatPress Crescendo+1 ( 0.703+n :) )	2007-10-30 10:30:07 +00:00

9 Commits