tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-30 16:39:38 +02:00
Code Issues Projects Releases Wiki Activity
ff63d7ae26
silverstripe-framework/security
History
Ingo Schommer eecd34868f BUGFIX Keep Member.PasswordEncryption setting on empty passwords 
This will prevent empty passwords to set the encryption to 'none',
which in turn will store any subsequent password changes in cleartext.
Reproduceable e.g. with ConfirmedPasswordField and setCanBeEmpty(true).
2013-02-17 23:16:25 +01:00
..
Authenticator.php Merged changes from 2.3 branch 2009-02-01 23:49:53 +00:00
BasicAuth.php MINOR Checking for class_exists() before SapphireTest::is_running_tests() to avoid including the whole testing framework, and triggering PHPUnit to run a performance-intensive directory traversal for coverage file blacklists (from r114332) 2011-02-02 14:20:03 +13:00
ChangePasswordForm.php BUGFIX Avoid potential referer leaking in Security->changepassword() form by storing Member->AutoLoginHash in session instead of 'h' GET parameter (from r114758) 2011-02-02 14:20:05 +13:00
Group.php BUGFIX Using current controller for MemberTableField constructor in Group->getCMSFields() instead of passing in a wrong instance (Group) 2011-02-02 14:19:58 +13:00
GroupCsvBulkLoader.php ENHANCEMENT Added GroupCsvBulkLoader class to facilitate group imports with permission codes and hierarchy (merged from r94252) 2011-02-02 14:18:30 +13:00
LoginAttempt.php Merged from branches/2.3 2009-04-29 00:07:39 +00:00
LoginForm.php Merged from branches/nzct-trunk. Use 'svn log -c <changeset> -g' for full commit message. Merge includes stability fixes and minor refactor of TableListField and ComplexTableField. 2008-10-08 02:00:12 +00:00
Member.php API Hash autologin tokens before storing in the database. 2012-11-09 12:03:55 +01:00
MemberAuthenticator.php BUGFIX Logging in with an invalid email returns no error message (fixes #5332, thanks ajshort) 2011-02-02 14:19:11 +13:00
MemberCsvBulkLoader.php ENHANCEMENT MemberCsvBulkLoader for easy member import with group associations (merged from r94251) 2011-02-02 14:18:30 +13:00
MemberLoginForm.php API Hash autologin tokens before storing in the database. 2012-11-09 12:03:55 +01:00
MemberPassword.php ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665) (merged from r90949) 2011-02-02 14:17:36 +13:00
NZGovtPasswordValidator.php MINOR Unified @package PHPdoc (added where missing, removed duplicates) 2008-06-15 13:33:53 +00:00
PasswordEncryptor.php API Hash autologin tokens before storing in the database. 2012-11-09 12:03:55 +01:00
PasswordValidator.php MINOR Fixed hardcoded error message in PasswordValidator (fixes #5734) 2011-02-02 14:19:32 +13:00
Permission.php MINOR: remove SQL table alias keyword AS 2011-02-02 14:19:44 +13:00
PermissionCheckboxSetField.php MINOR Using PermissionCheckboxSetField.js instead of MemberTableField.js 2011-02-02 14:18:53 +13:00
PermissionProvider.php MINOR Unified @package PHPdoc (added where missing, removed duplicates) 2008-06-15 13:33:53 +00:00
PermissionRole.php MINOR Documentation 2011-02-02 14:19:22 +13:00
PermissionRoleCode.php MINOR Fixed phpdoc documentation (from r103390) 2011-02-02 14:19:15 +13:00
RandomGenerator.php API Hash autologin tokens before storing in the database. 2012-11-09 12:03:55 +01:00
Security.php BUGFIX Keep Member.PasswordEncryption setting on empty passwords 2013-02-17 23:16:25 +01:00
SecurityToken.php API Hash autologin tokens before storing in the database. 2012-11-09 12:03:55 +01:00