Skip to content

Releases: emreakay/CodeIgniter-Aauth

v2.5.7

17 Jun 08:58
Compare
Choose a tag to compare
  • fixed login remember
  • removed use_cookies-config_var (unused since reCAPTCHA doesn't use cookie/session)
  • changed logout()
  • changed is_loggedin() removed wrong session checks
  • updated config/aauth.php

For the Users who use it in CI2: CI2 native Support is back.
(Since v2.5.6 Session's tempdata not used anymore for reCAPTCHA, that are not available in CI2)

v2.5.6

14 Jun 12:37
Compare
Choose a tag to compare
  • added abilty to set a config for CI's Email Library

v2.5.5

07 Jun 10:56
Compare
Choose a tag to compare
  • fixed reCAPTCHA-validation (moved after DDoS check) (@REJack)
  • some little fixes with ddos_protection & reCAPTCHA (@REJack)
    • fixed timestamp where in reset_login_attempts(), get_login_attempts() & update_login_attempts()
    • fixed login() removed cookie/session-userdata for reCAPTCHA (if reCAPTCHA needed)
    • fixed login() moved update_login_attempts() before test email/name & password
    • fixed generate_recaptcha_field()

v2.5.4

02 Jun 16:59
Compare
Choose a tag to compare
  • DDoS Protections fixes in login() (@REJack)
    • removed user get query from DDoS check in
    • fixed DDoS protection to update login_attempts if user not exist too
    • removed user get query from DDoS/reCAPTCHA check
    • fixed DDoS/reCAPTCHA proection to update login_attempts if user not exist too
    • added get_login_attempts() returns login_attempts as INT (used in login())

v2.5.3

02 Jun 12:31
Compare
Choose a tag to compare
  • fixed reCAPTCHA DDoS check

v2.5.2

02 Jun 08:25
Compare
Choose a tag to compare
  • fixed error with user_exist_by_name()

v2.5.1

01 Jun 16:50
Compare
Choose a tag to compare

fixed Issue with PM's

  • fixed PM's not being decrypted with `list_pms() #145
  • fixed get_pm() method to fetch correct PM #145
  • fixed delete_pm() method to fetch correct PM #145

v2.5.0

25 May 11:49
Compare
Choose a tag to compare

Major Changes:

  • BCrypt/PHP's password_hash support requires PHP 5 >= 5.5.0, PHP 7
  • Non-user based DDoS check
  • removed System Variables
  • Language support for Traditional Chinese, Simplified Chinese & German
  • PM Encryption and send PM to multiple Users with send_pms()

This is the last Version of with Support for CodeIgniter 2.x!!!

if anyone use the System Variables and want update to v2.5.0 a Compatibility Library is available under https://github.com/REJack/CodeIgniter-Aauth-Compat

Changes:

  • changed last_login_attempt value to Y-m-d H:i:s from Y-m-d H:0:0
  • changed last_login_attempt-check to check every x minute based on config var (max_login_attempt_per_minutes)
  • added optional last_login_attempt update on login attempt (update_last_login_attempt)
  • added config var max_login_attempt_per_minutes
  • added config var update_last_login_attempt
  • fixed config var info for max_login_attempt (20 to 10)
  • changed ver_code to sha1 hashed timestamp (remind_password())
  • removed user_id in reset password link (remind_password())
  • removed function param $user_id (reset_password())
  • changed password length to an even number based on config var min (reset_password())
  • fixed strtotime params in update_login_attempts
  • changed config var update_last_login_attempt to true
  • changed get_user_groups() (public groups now visible if checked on guests)
  • changed update_login_attempts() (removed config var update_last_login_attempt & optimized if's)
  • fixed config var password_hash_algo string to constant and added info link
  • is_loggedin() 2 empty lines removed
  • control() it hasn't checked if no perm_par was given
  • added 2 config vars (totp_two_step_login_active, totp_two_step_login_redirect)
  • changed login() to set session data if totp is required and two_step_login is active and skip default
  • fixed control() to check if totp verification is required, if required then it redirects to totp_two_step_login_redirect
  • fixed control() to check if is_loggedin not with totp verification is required
  • changed is_allowed() to check if totp verification is required, if required then it redirects to totp_two_step_login_redirect
  • added 2 functions verify_user_totp_code($totp_code, $user_id = FALSE) & is_totp_required()
  • added config var info for totp_two_step_login_redirect
  • removed aauth_system_variables from SQL files
  • removed config var system_variables
  • added a new table for login_attempts (in both SQL files)
  • added 2 config vars login_attempts(db) & remove_successful_attempts
  • changed function reset_login_attempts() (removed user_id and changed where to ip_address and timestamp from user_id only)
  • changed function update_login_attempts() (removed user_id and changed where to ip_address and timestamp from email/user_id only)
  • changed function login() (removed arguments from changed functions, added abilty to enable/disable removing login attempt after successful login)
  • fixed SQL files (now its compatible with MySQL >= 5.7.3)
  • added Traditional & Simplified Chinese language file (thanks @terrylinooo)
  • added German language file (thanks @tobiasfichtner)
  • fixed missing comma in sql files
  • SQL files Tested with MySQL v5.7.11
  • changed some explanation infos in aauth's config
  • fixed explanation info text in aauth config
  • added pm_cleanup_max_age-config_var
  • added 2 files (pm_deleted_sender & pm_deleted_receiver) in pm table
  • changed list_pms() to catch only not deleted pm's
  • changed delete_pm() now it need a user_id to delete a pm (like get_pm())
  • changed delete_pm() sender's can now detete pm's from outbox
  • changed count_unread_pms() it counts now only not deleted pm's.
  • added cleanup_pms() removes pms older than X defined by pm_cleanup_max_age-config_var
  • changed send_pm() to send_pms()
  • added send_pm()
  • enhanced send_pm()
    • changed $receiver_id to $receiver_ids
    • sends multiple pms
    • returns array of receiver user ids with specific error message on failure or TRUE if message successfully sent
  • added date_created field to aauth_users-table in both SQL files
  • changed create_user() to fill date_created on user creation
  • added pm_encryption config_var
  • added abilty to encrypt PM's in send_pm() & get_pm()
  • added function user_exist_by_id used in send_pm()
  • added a user_id check in get_pm()
  • enhanced get_pm()
    • added $user_id argument between $pm_id & $set_as_true
    • changed set_as_true to set read date only if user_id is equal to receiver's id
  • reverted changed count_unread_pms() it counts now only not deleted pm's
  • changed delete_pm() if a receiver deletes a pm it updates date_read
  • fixed both SQL files
  • fixed list_pms()
  • fixed delete_pm()
  • updated CHANGELOG
  • added abilty to send system PM's for send_pm() & send_pms()
  • changed name to username in aauth_users table
  • changed name to username in all user related functions
  • changed $name to $username in create_user() & update_user()
  • added user_exist_by_username()
  • changed user_exist_by_name() to an alias of user_exist_by_username()
  • release prefix changed in library
  • changed copyright in library
  • fixed usernames in Quick Start-Section

v2.4.7

13 May 07:23
Compare
Choose a tag to compare

Sub-Groups added & some enhancements

  • added function add_subgroup($group_par, $subgroup_par)
  • added function remove_subgroup($group_par, $subgroup_par)
  • added function get_subgroups($group_par)
  • modified is_group_allowed() to check subgroups
  • modified delete_group() to remove subgroups
  • added 2 lines for subgroups to english/aauth_lang.php
  • added a new table to the database group_to_group
  • changed verstion from 2.4.6 to 2.4.7
  • verification email sending disabled if a admin is creating a user (#119 improved with @vipinks)
  • fixed Quick Start-Section (changed deny to deny_group) (found by #118)
  • renamed valid_chars to additional_valid_chars (suggestion by #125)
  • added function get_user_vars($user_id) (suggestion by #129)

v2.4.6

02 Dec 11:38
Compare
Choose a tag to compare

added in allow_user & allow_group check if perm exists
added in allow_group check if group exists
changed 'TOTP Code' to 'Authentication Code' in english lang file
Update array clearing for php compatibilities