09-25-2017, 02:48 PM
I take a day off and you guys go overboard on productivity without me (although I don't get much time to help anyway). What would happen if I take a vacation?? 
Just a couple notes from earlier commit threads-
-I moved my CSRF check and token creation to the init file. That way I can add as many forms to a page as I want and the token will always be correct on the next page load.
-When a user changes their password, I keep the last x amount of old passwords in a separate table for x months (both defined by admin.php). Since they are hashes, it's as secure as the main password and prevents my employees from using their usually terrible passwords over and over. Since I added in a zxcvbn check, I can at least keep passwords moderately complex so even a bad password isn't overly terrible.
Do you guys have anything you want me to test with the new code, or did you iron out the kinks you were having?
Just a couple notes from earlier commit threads-
-I moved my CSRF check and token creation to the init file. That way I can add as many forms to a page as I want and the token will always be correct on the next page load.
-When a user changes their password, I keep the last x amount of old passwords in a separate table for x months (both defined by admin.php). Since they are hashes, it's as secure as the main password and prevents my employees from using their usually terrible passwords over and over. Since I added in a zxcvbn check, I can at least keep passwords moderately complex so even a bad password isn't overly terrible.
Do you guys have anything you want me to test with the new code, or did you iron out the kinks you were having?