- Fixed comment reference to \Fortress\JqueryValidationAdaptor
- CONTRIBUTING.md - Added note about proper Pull Requests
- French language file fixes (#565) (lcharette)
- Added HTTP status codes to 404 errors and database errors (frostbitten)
- Changed database errors to use BaseController instead of DatabaseController (frostbitten)
- Fix unattached submitHandler bug in Group and Auth edit interfaces (#465)
- Remove references to nonexistent
formUserView
andformGroupView
(#478) - Gracefully handle session destruction due to missing or disabled accounts (#510)
- Add
attributeExists
andrelationExists
for models (#520)
- Stop reading entire log files to avoid out-of-memory errors (#497)
- Deploy league/csv to properly generate CSV files (#557)
- Fix typos in language files
- Bump dependencies
- userfrosting/fortress now has a release version
- Add sendmail support in Notification class
- Fixed problem with strict comparison in Handlebars templates and inconsistent data types among different database technologies
- Overrided paths to font files for Bootstrap Glyphicons to support the UserFrosting directory structure
- Added missing lines of Thai language (popiazaza)
- Fixed a vulnerability where users still logged in wouldn't automatically be logged out if they were disabled
- Added option for HTTPS in
.htaccess
, commented out by default - Minor syntax fixes in
public/js/userfrosting.js
,widget-auth.js
,widget-groups.js
, andwidget-users.js
- Composer can now include composer.json files from plugin folders (added "wikimedia/composer-merge-plugin" to composer)
- Select correct versions (PHP 5.x compatible) of packages in
composer.json
- Turkish language translation
- Return
User
object created inAccountController::register
- Revert to loose comparison for
user_id
s because of issues with Ubuntu's PDO driver (see http://stackoverflow.com/questions/5323146/mysql-integer-field-is-returned-as-string-in-php#comment41836471_5323169)
- Finish replacing all usages of
*Loader
classes with Eloquent syntax - Installer warning for missing
imagepng
- Fix bug in CSV generation for user table
- Change "default theme" to "guest theme" and fix loading issues (#463). What used to be called "default theme" is now base theme, i.e. the theme to fall back to when a template file cannot be found in the current theme (user group or guest theme)
- New public template for "nyx" theme
- Remove trailing slash from configuration JS/CSS paths to make uniform with site.uri.public
- Make routes for config.js and theme.css dynamically generated from configuration variables (#461)
- Make cookie name for "remember me" use session name
- Fix potential bug in configuration user_id's for guest, master accounts
- Fix exception-handling for mail server errors
- Notify if account creation was successful, even if mail server failed.
- Add Romanian translation
- Upgrade Tablesorter and pretty URLs for searched/sorted/paginated tables
- Fix bug in default value for user
secret_token
- .htaccess redirect trailing slash: change to only redirect GET requests
- Natural sort order in API
- Fix bug in table pagination
- Fix bug in loading user primary group properties as user properties
- Fix mailto link bug in tables
- Warn if config file missing (#445)
- Fix dutch error (#447)
- Implement CSV download feature
- Implement
no_leading_whitespace
andno_trailing_whitespace
rules
- Improved initialization routine as middleware
- Implemented "remember me" for persistent sessions - see https://github.com/gbirke/rememberme
- Converted page templates to inheritance architecture, using Twig
extends
- Start using the
.twig
extension for template files - All content is now part of a theme, and site can be configured so that one theme is the default theme for unauthenticated users
- User session stored via
user_id
, rather than the entire User object - Data model is now built on Eloquent, instead of in-house
- Cleaned up some of the per-page Javascript, refactoring repetitive code
- Implement server-side pagination
- Upgrade to Tablesorter v2.23.4
- Switch from DateJS to momentjs
- Switch to jQueryValidation from FormValidation
- Implement basic interface for modifying group authorization rules
- User events - timestamps for things like sign-in, sign-up, password reset, etc are now stored in a
user_event
table - Wrapper class Notification for sending emails, other notifications to users
- Remove username requirement for password reset. It is more likely that an attacker would know the user's username, than the user themselves. For the next version, we can try to implement some real multi-factor authentication.
- When a user creates another user, they don't need to set a password. Instead, an email is sent out to the new user, with a token allowing them to set their own password.
- Admins can manually generate a password reset request for another user, or directly change the user's password.
http://www.userfrosting.com/navigating/#composer
http://www.userfrosting.com/navigating/#slim
http://www.userfrosting.com/navigating/#structure
http://www.userfrosting.com/navigating/#twig