includes/sessions.php
Thu, 20 Aug 2009 20:01:55 -0400 Dan Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Mon, 10 Aug 2009 22:43:26 -0400 Dan Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility
Mon, 03 Aug 2009 02:58:43 -0400 Dan Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.
less more (0) -100 -30 -10 -3 tip