|
This release addresses several bugfixes and some security issues only affecting Internet Explorer. Additionally, to prevent dictionary attacks happening on some other board to crack user passwords, there is a new feature to limit the number of logins. This feature is configured in two ways, defining the number of maximum allowed logins and setting a time period after the user is allowed to login again.
# [Fix] corrected index on session keys table under MS SQL
# [Fix] added session keys table to backup
# [Fix] delete session keys entries when deleting user
# [Fix] changes to support MySQL 5.0
# [Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu
# [Fix] change truncation of username length in usercp_register.php - BFUK
# [Fix] incorrect path to avatars in admin_users.php (Bug #667)
# [Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez
# [Fix] fixed captcha for those not having the zlib extension enabled
# [Change] Placed version information above who is online in admin panel for better visual presence
# [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
# [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled
# [Sec] added configurable maximum login attempts to prevent dictionary attacks
This release addresses several bugfixes and some security issues only affecting Internet Explorer. Additionally, to prevent dictionary attacks happening on some other board to crack user passwords, there is a new feature to limit the number of logins. This feature is configured in two ways, defining the number of maximum allowed logins and setting a time period after the user is allowed to login again.
# [Fix] corrected index on session keys table under MS SQL
# [Fix] added session keys table to backup
# [Fix] delete session keys entries when deleting user
# [Fix] changes to support MySQL 5.0
# [Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu
# [Fix] change truncation of username length in usercp_register.php - BFUK
# [Fix] incorrect path to avatars in admin_users.php (Bug #667)
# [Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez
# [Fix] fixed captcha for those not having the zlib extension enabled
# [Change] Placed version information above who is online in admin panel for better visual presence
# [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
# [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled
# [Sec] added configurable maximum login attempts to prevent dictionary attacks
|
