moon
/
sync
mirror of https://github.com/calzoneman/sync.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
sync/www
History
calzoneman 3a7acd0526 Implement new session system 
I replaced the old login system with a more secure one.
Instead of storing cookies containing the username and plaintext password, the password
is submitted once to obtain a session hash, which is valid for a given length of time.
Registering and logging in is now done via an iframe, which prevents custom javascript from having access to the password field.
Site admins need to run the following SQL before updating, or else all of your logins/registrations will fail:

ALTER TABLE `registrations` ADD `session_hash` VARCHAR( 64 ) NOT NULL ,
ADD `expire` BIGINT NOT NULL
 		2013-04-25 22:50:12 -05:00
..
assets Implement new session system 2013-04-25 22:50:12 -05:00
acp.html List loaded channels on ACP 2013-03-23 13:29:47 -05:00
channellist.html Continue working on API 2013-04-25 16:16:53 -05:00
channelwidget.html Continue working on API 2013-04-25 16:16:53 -05:00
help.html Document /afk in help.html 2013-04-19 14:58:37 -05:00
index.html Implement new session system 2013-04-25 22:50:12 -05:00
login.html Implement new session system 2013-04-25 22:50:12 -05:00