Pontoporeia f398a0f1ff Fix non-constant-time credential comparisons ...

- account.php: replace !== CSRF token check with hash_equals
- ShareLink::setPassword(): also encrypt and store plain-text password
  alongside the hash, matching create() behavior so the decrypted_password
  decoration stays correct after password updates

2026-05-31 17:49:43 +02:00

..

migrations

feat: mandatory auto-generated passwords for share links + admin password copy/regeneration + password gate rate limiting

2026-05-19 00:08:06 +02:00

public

Fix non-constant-time credential comparisons

2026-05-31 17:49:43 +02:00

src

Fix non-constant-time credential comparisons

2026-05-31 17:49:43 +02:00

storage

Phase 4 cleanup: migrate old tests to PHPUnit, add ErrorHandler/PureLogic/SearchController tests, remove app/tests/, update justfile test target

2026-05-20 01:55:58 +02:00

templates

Integrate Monolog: replace four logging systems with single PSR-3 factory

2026-05-20 12:28:31 +02:00

.env

style: normalize headers, overtype editor rounded corners, remove duplicate cover preview, thesis-add-header grid layout, subtitle below header with top gradient

2026-05-19 00:08:05 +02:00

bootstrap.php

Fix: bootstrap.php autoload path detects vendor location (same dir vs parent dir) for flat server layout

2026-05-31 17:46:02 +02:00

router.php

some css changes

2026-04-24 23:01:25 +02:00