tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-30 21:29:23 +02:00
Code Issues Projects Releases Wiki Activity
d386db0bc3
silverstripe-framework/security
History
Ingo Schommer d386db0bc3 ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database. 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86021 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-09-10 03:01:46 +00:00
..
Authenticator.php Merged changes from 2.3 branch 2009-02-01 23:49:53 +00:00
BasicAuth.php MINOR phpdoc documentation 2009-03-22 22:59:14 +00:00
ChangePasswordForm.php Merged changes from 2.3 branch 2009-02-01 23:49:53 +00:00
Group.php NOTFORMERGE: Merged 84085 from 2.3 2009-08-10 04:32:39 +00:00
LoginAttempt.php Merged from branches/2.3 2009-04-29 00:07:39 +00:00
LoginForm.php Merged from branches/nzct-trunk. Use 'svn log -c <changeset> -g' for full commit message. Merge includes stability fixes and minor refactor of TableListField and ComplexTableField. 2008-10-08 02:00:12 +00:00
Member.php ENHANCEMENT Added Member->FailedLoginCount property to allow Member->registerFailedLogin() to persist across sessions by writing them to the database, and be less vulnerable to brute force attacks. This means failed logins will persist longer than before, but are still reset after a valid login. 2009-09-10 02:42:26 +00:00
MemberAuthenticator.php BUGFIX: MemberAuthenticator::authenticate() returns a member object or false, in keeping with the current docs. 2009-06-28 02:48:33 +00:00
MemberLoginForm.php ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database. 2009-09-10 03:01:46 +00:00
MemberPassword.php Merged changes from 2.3 branch 2009-02-01 23:49:53 +00:00
NZGovtPasswordValidator.php MINOR Unified @package PHPdoc (added where missing, removed duplicates) 2008-06-15 13:33:53 +00:00
PasswordValidator.php Updating queries to be more DB agnostic 2008-11-24 09:31:14 +00:00
Permission.php API CHANGE Removed Permission->listcodes(), use custom code 2009-09-10 01:54:15 +00:00
PermissionDropdownField.php MINOR Unified @package PHPdoc (added where missing, removed duplicates) 2008-06-15 13:33:53 +00:00
PermissionProvider.php MINOR Unified @package PHPdoc (added where missing, removed duplicates) 2008-06-15 13:33:53 +00:00
Security.php ENHANCEMENT Avoid information disclosure in Security/lostpassword form by returning the same message regardless wether a matching email address was found in the database. 2009-09-10 03:01:46 +00:00