Changes made from v2.0.1 to v2.0.2 (29. may 2007) ================================== * Fixed a bug causing the logout-page not working if PHP has short_open_tag=0 * Fixed a bug causing the version-checker not working * Fixed a bug causing the script not to work if your server doesn't have the GD-library installed (Thanks to rickie!) * Removed the .htaccess-directive forcing register_globals=off, since some servers resulted in a 500-internal error due to this * Added romanian language (Thanks to Genu!) Changes made from v2.0.0b to v2.0.1 (12. march 2007) =================================== * Fixed a bug with showing errors upon validation of user-registration, when errormessage contained " or ' * Fixed a bug causing the last field in the form not to be registered in the database * Improved the installation-guide in the readme, adding screenshots of how to chmod and setup the database Changes made from v1.8.1 to v2.0.0 (1. february 2007) ================================== * Changed the style for the table in the admin overview * Changed the flag for the english-language * Updated the language-file for spanish * Updated the language-file for dutch * The captcha-image now more readable * Fixed the "forgot password"-function so that the email is sent from the "noreply-address", instead of "admin-email" * Fixed a small bug in the admin-area, causing the text-description of custom fields to be printed "escaped" with slashes * Fixed a bug causing the language-cookie to be stored the given number of hours, instead of days, as it was inteded to * Fixed a bug causing the user to get an email that he's been approved, even if the admin deactivates him * Fixed a bug causing the form to allow requiered fileds to contain just a "space" (" ") * Fixed a bug causing the user-confirmation-link sent by email not working * Fixed a bug causing extra "\" added if having special chars in site-name * An email is now sent to the user if the admin sets the status to "deactivated" in the admin-panel * Scripts checks if the server supports the use of the "anti-spam"-image and disables this, if not supported * Changed the login-function for the admin-area, so that it now uses sessions, instead of cookies for improved compatibility * Changed the error-handling of the registration-form, it's now more clear what went wrong and the form is now re-displayed. * Modified the session-handling in the member-login to be more "correct" with new PHP-standards * Added a setting in config-area for setting max length of username * Added a "send email"-function in the admin-area for sending out emails to users * Added a sorting-function in admin-overview to sort the userlist by whatever the admin wants * Added another admin-password that gives access to the admin-area, but not the config-area * Added an option for admin to add form-fields that are only available for edit by admin (like comment-fields) and choose to make them available for reading to the user or not * Added "remember me"-option for web-login (for users, not admin) * Added optional "terms and conditions" that the user must agree to when registering (config-setting) * Added checking if emails are really sent in various situations * Added a link to the registration-form on the login-page * Cleaned up the "PHP-notice"-messages some users were getting in some situations * New readme-file (HTML-format) Changes made from v1.8.0 to v1.8.1 (20. september 2006) ================================== * Fixed bug causing passwords to be converted to lowercase when changed on the update-page (Thanks to David Lowry!) * Fixed bug causing error if using .htpasswd located in different folder * Added support for "_" and "-" in usernames * Added "ID"-field in front of the user-list in admin-area * Optimized some code * Minor changes to DB, just to reduce the size of the DB, no need to change if you have the DB setup already Changes made from v1.7b to v1.8.0 (27. june 2006) ================================= * Added an automated feature that checks for updates for ezUserManager every 10 days * Changed version numbering from x.y to x.y.z to make it more compatible with the update-checker * The version-number of ezUM is no longer printed in the footer-text for the "public"-pages, this is to reduce the chance of attackers to identify what version of ezUM you are using * Added an option to allow/disallow multiple users to have the same email-address * Added an option to enable/disable the use of .htpasswd/.htaccess so you can disable the update of the .htpasswd-file if you're using only web-login * Added an option to enable/disable the use of "return-path" when sending mail, cause some servers require this to be able to send emails, and some doesn't support this at all * Added an option to add an anti-spam (visual confirmation) image at registration (requires GD-library enabled on the server) * Added a confirmation-question when deleting users in admin Changes made from v1.7 to v1.7b: (17. may 2006) =============================== * Fixed minor bug in index.php that appeared in 1.7 Changes made from v1.6 to v1.7: (17. may 2006) ============================== * Fixed security-issue affecting users with register_globals=on, see http://www.ezusermanager.com/security.php * Fixed missing include of footer-file in a few files (Thanks to jombi!) * Added missing -endtag in index.php * Added a line in .htaccess for disabling register_globals for improved security Changes made from v1.5b to v1.6: (24. feb 2006) =============================== * Added "Return-Path"-parameter to mail-function, to prevent mail-sending-errors (Thanks to jan35utr!) * The login-form now redirects to the requested page after successful login * Added polish language * Added new option for having one "noreply"-email and one "admin"-email * Passwords are now case-sensitive, both on the user-login and the admin-login * The user can no longer change his/hers password to contain his/hers username (Thanks to jan35utr!) * Added header.inc.php and footer.inc.php containing the head and footer of each file for easy customising * If the filepermissions for the config-files are OK, it jumps directly to the next step in the configuration-area * Fixed bug in display when having ' (apostrofe) in form-fields (Thanks to airiz!) * Fixed bug in emails for dutch-language * Minor bugfixes and code cleanup/optimizing Changes made from v1.5 to v1.5b: (28. nov 2005) ================================ * Fixed bug in german language-file, caused the script to fail when selecting german (Thanks to rtenny!) Changes made from v1.4c to v1.5: (22. nov 2005) ================================ * Fixed bug letting disabled or new users log in with web-form (Thanks to ankit!) * Fixed bug in login with web-form if protected-folder is not named "members" * Corrected an error in the readme.txt about how to protect files with web-form Changes made from v1.4b to v1.4c: (08. sep 2005) ================================= * Fixed parse-error bug in login-handle.php * Fixed bug with "headers already sent" when including login.php * Removed background and font color from config-area, since this setting is overridden by the stylesheet Changes made from v1.4 to v1.4b: (21. jul 2005) ================================ * Added chinese simplified, chinese traditional, indonesian, italian and czech translations * Updated english and german translations * Corrected bug in charset not working on any pages * Chinese will override the charset-setting to match chinese charset * The web-based login is now split into 2 files for easier implementation into existing design of your website * Updated urls in all files to match the new site: www.ezusermanager.com Changes made from v1.3 to v1.4: (30. may 2005) =============================== * Improved security (regarding "SQL injection") * Added Web-login (a lot people wanted that!) * Added a new setting for debugging-mode. * Added browser-language auto-detect (optional) * Modified the forgott-password function to email the current password if passwords are stored in plain-text. * Added a separate config-file for languages so that it's easier to add new languages that are released * Added portugese-brazil and swedish translations into the package * Updated danish language-files * Removed the support of login to ezusermanager_update.php from .htaccess. You have to logon via the form no matter what. Changes made from v1.2 to v1.3: (21. mar 2005) =============================== * Added web-configuration * Added option to choose that admin-must approve users before becoming active, due to this there is no longer possible to change a users status back to "new" after once activated. * Added log-out function in admin-area * Added link to email in admin-area * Added blank index.htm-files in some folders and "dummy" .htaccess-files in some to hide files from "web-sniffers" * Added option for what languages you want to display in the language-bar * Added "alt"-text on flags in language-bar * Added dutch, danish, spanish, spanish-argentina and catalan translations into the package * Added stylesheet for better customizing of apperance (Thanks to knightofoldcode!) * Fixed bug with file-permission check on .htpasswd-file (Thanks to knightofoldcode!) * Fixed bug which allowed users with status "New" or "Disabled" to use the forgott-password-function. Changes made from v1.1 to v1.2: (10. jan 2005) =============================== * Added possibility for users to update their info (members/ezusermanager_update.php) * Added possibility for users to select language themself * Added $show_flags in config-file which let you choose to hide the "flag-line" * Moved some functions from the end of the config-file to the core-file * Re-arranged the settings in the config-file * Added "days since registration" in the admin-area * Made a separate language-file containing the emails for easier customizing Changes made from v1.0 to v1.1: (01. jan 2005) =============================== Many thanks to Roger Koukerjinian for making me aware of these bugs! * Fixed error in the link in the confirmation-mail * Fixed bug causing a missing text-line in the confirmation-mail * Fixed the bug causing a lot of error-messages appearing when activating user * Fixed bug causing the info in the "forgotten-password"-mail to be missing * Changed all filenames to lowercase, due to many FTP-clients changing names to lowercase when uploading * Changed the default tablename to lowercase due to most MySQL-client changing to lowercase when importing .sql-file * Added the "Forgott password"-string in the language-files, instead of being "hard-coded" so that it may be translated