| Age | Commit message (Expand) | Author |
|---|
| 2012-11-29 | Fix account privilege escalation vulnerability | canyonknight |
| 2012-11-29 | Fix account editing and hijacking vulnerability | canyonknight |
| 2012-10-08 | Refactor TU voters list | Lukas Fleischer |
| 2012-09-24 | Avoid use of "<b>"/"</b>" | Lukas Fleischer |
| 2012-09-24 | acctfuncs.inc.php: Document all functions using PHPDoc format | canyonknight |
| 2012-09-18 | Overhaul ability to edit own account | canyonknight |
| 2012-09-18 | Use URL rewriting for user info page | canyonknight |
| 2012-09-18 | Adjust user directions after registering to reflect new login page | canyonknight |
| 2012-09-18 | Migrate all DB code to use PDO | canyonknight |
| 2012-07-15 | Redirect to the home page after successful login | Lukas Fleischer |
| 2012-07-15 | Use virtual path feature for links | Lukas Fleischer |
| 2012-07-14 | Merge branch 'maint' | Lukas Fleischer |
| 2012-07-14 | acctfuncs.inc.php: Make user_suspended() work correctly | canyonknight |
| 2012-07-08 | acctfuncs.inc.php: Fix "Undefined variable" notices | Lukas Fleischer |
| 2012-07-06 | acctfuncs.inc.php: Move XHTML to account_details.php template | canyonknight |
| 2012-07-06 | acctfuncs.inc.php: Make user_is_privileged() work | canyonknight |
| 2012-07-06 | acctfuncs.inc.php: Allow functions to take DB handle as argument | canyonknight |
| 2012-07-06 | Pull out DB code from trusted user page | canyonknight |
| 2012-07-06 | account.php: Pull out DB code | canyonknight |
| 2012-07-06 | passreset.php: Pull out DB code | canyonknight |
| 2012-07-06 | logout.php: Pull out DB code | canyonknight |
| 2012-07-06 | account_search_results.php: Pull out DB code | canyonknight |
| 2012-07-06 | addvote.php: Pull out DB code | canyonknight |
| 2012-07-06 | acctfuncs.inc.php: Move XHTML to account_search_results.php template | canyonknight |
| 2012-07-06 | acctfuncs.inc.php: Move XHTML to account_edit_form.php template | canyonknight |
| 2012-06-24 | Implement token system to fix CSRF vulnerabilities | canyonknight |
| 2012-03-24 | Unify function declaration style | Lukas Fleischer |
| 2012-03-24 | Add field for PGP key in profile information | Lukas Fleischer |
| 2011-10-25 | Escape wildcards in "LIKE" patterns | Lukas Fleischer |
| 2011-10-25 | Wrap mysql_real_escape_string() in a function | Lukas Fleischer |
| 2011-10-24 | Escape wildcards in "LIKE" patterns | Lukas Fleischer |
| 2011-10-24 | Wrap mysql_real_escape_string() in a function | Lukas Fleischer |
| 2011-10-24 | Show last voted date on account details page | Dan McGee |
| 2011-10-24 | Add LastLogin column to Users table | Dan McGee |
| 2011-10-24 | Require DB handle for most user account functions | Dan McGee |
| 2011-10-24 | Remove a boatload of inline table styles | Dan McGee |
| 2011-08-20 | Use "%s" instead of "%h" in format strings | Lukas Fleischer |
| 2011-08-12 | Use secure and httponly session cookies | Lukas Fleischer |
| 2011-06-22 | rename *.inc files to *.inc.php and adjust imports and references | elij |
