Change Log


  • No Issues Resolved


  • 02026 Temporarily turned vericode into a text column to fix a vericode truncation. (The Curriculum Manager & Prometeu) (Dan Hoover)
  • 02027 Fixed password scoring issue where score was artificially lowered to 74 (Dwn Wth Vwls) (Dan Hoover)


  • 02022 Updated error display functions (iGriefU) (Dan Hoover)
  • 02014 Messaging plugin updated to v1.0.1 to fix an admin send bug (Dan Hoover)
  • 02008 PHPMailer updated to v6.9.1 for better compatibility with PHP 8.3 (Dan Hoover)
  • 02015 Changed order of redirects for function socialLogin (Dan Hoover)
  • 02016 Updated users/verify.php for better handling of passwordless logins and redirects (Dan Hoover)
  • 02017 removed viewport tag from head_tags so it can be controlled by the templates (Dan Hoover)
  • 02018 Fixed some of the w3c's complaints :) (Dan Hoover)
  • 02019 Fixed password strength meter on admin_user page on dashboard (Dan Hoover)
  • 02020 Fixed broken tooltips on admin dashboard (Dan Hoover)
  • 01514 Clarified API response on successful login (Dan Hoover)
  • 01938 Added hook to api builder to create new api key for user on join (Dan Hoover)
  • 01991 Updated community functions plugin to 1.0.3 with some new functions and php 8.x fixes (Dan Hoover)


  • 02001 Updated bin() function to be multilanguage (Dan Hoover)
  • 02002 Created a new userspice_core plugin (auto installed) for migrations. (Dan Hoover)
  • 02005 Fixed bug preventing from builder from creating forms from db tables (Dan Hoover)
  • 01923 Removed timepicker and jqueryui from form builder (Dan Hoover)
  • 02000 updated jQuery to 3.7.1 and datatables to 2.0.3 (Dan Hoover)
  • 01999 Fixed redirect in language switcher to use built in Redirect class (Dan Hoover)
  • 01998 phpInfo and installation system requirements are available to master accounts from the snapshot widget (Dan Hoover)
  • 01983 Every language updated with 6 new strings to support new front end features (Dan Hoover)
  • 01997 Cleaned up helpers in permissions, us_helpers, and users to better match documentation and improve logic. (Dan Hoover)
  • 01992 Updated addPermission function to take an array of either users or permissions or both. (Dan Hoover)
  • 01996 You can now declare $menu_override = 0; to hide the menu on a page (Dan Hoover)
  • 01989 Changed id of username on admin_users to prevent userinfo plugin from overwriting the username on the user manager (Dan Hoover)
  • 01985 Updated login.php to display error messages. If you have a custom usersc/login.php you will probably want to migrate the usmsgblock section (Dan Hoover)
  • 01981 Added the ability to change update track from the update page (Dan Hoover)
  • 01982 Updated announcements badges, storage, and dismissal (Dan Hoover)
  • 01953 Permissions and User Tags now have a description field (Dan Hoover)
  • 01968 New Social Logins Framework for prettier and more consistent OAuth Experience (BangingHeads) (Dan Hoover)
  • 01969 New checkInternet function allows for faster usage of userspice when offline (Dan Hoover)
  • 01971 Updated userspice announcements system lets the system dynamically create announcements to warn of conflicts etc (Dan Hoover)
  • 01972 Link at the bottom of the dashboard lets you view previously dismissed announcements (Dan Hoover)
  • 01973 Updated the plugin manager to use friendlier names in activation messages (Dan Hoover)
  • 01974 Added the ability to remove passwords from user-facing pages so you can solely use Passwordless, OAuth or Passkeys (Dan Hoover)
  • 01975 Added a new feature for users to login with a link sent to their email. (Dan Hoover)
  • 01976 Deleted many $settings db calls. (Dan Hoover)
  • 01977 The javascript for messages.js (upper right error messages) is now being deferred for faster page loads (Dan Hoover)
  • 01978 Password Reset and Passwordless Logins now prepend uniqid() to the vericode (Dan Hoover)
  • 01979 New quick filter features allows you to filter the list of plugins in the plugin manager (Dan Hoover)
  • 01980 Any single row settings table that begins with plg_ can now use the admin settings ajax by adding a data-table attribute to the input (Dan Hoover)
  • 01967 Added some extra logic for cloaking into users whose emails were not verified. Added uncloak button to user_settings. (Dan Hoover)
  • 01941 Icon filled widgets on dashboard can now be overridden by dropping a custom.php file inside the widget and updating the $array (Dan Hoover)
  • 01959 Input::sanitize updated for non English Characters and given 2 new optional params (trim=true, and fallback=false) (Thanks tomu4) (Dan Hoover)
  • 01920 Functions updated to use global $db instead of DB::getInstance() (Dan Hoover)
  • 01965 Renaming perm 1 now updates the documentation on ultramenu to reflect the new name (Dan Hoover)


  • 01956 Added a check to see if the user is logged in for the metadata parser (Dan Hoover)
  • 01947 Removed extra closing tags in html footer (bestwmm) (Dan Hoover)
  • 01948 Updated styling on close button for announcement banner on the dashboard (Dan Hoover)
  • 01964 Japanese Language added by bestwmm (Dan Hoover)
  • 01955 Fixed bug in French Language (David) (Dan Hoover)
  • 01962 French language updated to fix Gravatar bug (Dan Hoover)
  • 01963 Ultramenu can now be called by id or the menu name (Dan Hoover)
  • 01961 Badges plugin updated to include categories, custom badge locations, permission badges, tags badges etc (Dan Hoover)
  • 01960 forgot_password.php now allows you to override the individual views in usersc/views (Dan Hoover)
  • 01951 Fixed footer not being properly included in admin.php (Dan Hoover)
  • 01949 Fixed an error in prep.php regarding the fallback template (Dan Hoover)


  • 01936 GDPR Plugin Updated to v1.0.7 (Dan Hoover)
  • 01935 Forum plugin updated to 1.0.5 and given a visual refresh (Dan Hoover)
  • 01915 Resolved duplicated in the userspice documentation (Dan Hoover)
  • 01914 Deprecated Hash::salt method (Dan Hoover)
  • 01907 Confirmed that json DB columns do not appear to be a problem for userspice. (Dan Hoover)
  • 01859 Fixed organization management on SAAS plugin (Dan Hoover)
  • 01931 Forgot password link is no longer shown if the default username/password are set on the email settings (Dan Hoover)
  • 01904 The main dashboard has been modularized for upcoming features such as custom dashboards (Dan Hoover)
  • 01618 Simplified user settings (Dan Hoover)
  • 01944 Added some padding to plugin manager (Dan Hoover)
  • 01595 Membership plugin updated to 1.0.7 (Dan Hoover)
  • 01891 Merged with 1859 (Dan Hoover)
  • 01688 Fixed user management on SAAS plugin hook (Dan Hoover)
  • 01943 Fixed spacing on uncloak button on account page (Dan Hoover)
  • 01892 Downloads plugin updated to 1.0.3 to fix an undefined variable (Dan Hoover)
  • 01588 Demo plugin updated to 1.0.9. You can now specify your plugin icon in the menu (Dan Hoover)
  • 01822 Published codesnippets 1.0.3 (Dan Hoover)
  • 01925 Webhooks plugin updated to 1.0.3 to fix a link and better document. (Dan Hoover)
  • 01332 Uptime Plugin updated to 1.1.5 - Added an additional curl option for reliability. (Dan Hoover)
  • 01942 Moved email confirmation to on join to after POST plugin hook so plugins can kill the join process before the email is sent. (Dan Hoover)
  • 01675 SpiceBin updated to 1.0.2 to fix bug for non logged in users (Dan Hoover)
  • 01900 Added 3 additional functions to usertags 1.0.2 (Dan Hoover)
  • 01819 Cron plugin updated to 1.0.2 with additional documentation. (Dan Hoover)
  • 01896 Updated summernote in the plugins that use it (Dan Hoover)
  • 01901 Fixed plugin hook bug for disabled/deleted plugins (Dan Hoover)
  • 01932 Added class gravitar-message so the message can be hidden. (Dan Hoover)
  • 01933 Added class profile-replacer to user_settings profile pic (Dan Hoover)
  • 01930 Added sidebar_menu_id to NEW installs of UserSpice 5.6.6+ (Dan Hoover)


  • 01912 Added the ability to have a different dashboard sidebar menu from the top if you specify $sidebar_menu_id in dashboard_overrides (Dan Hoover)
  • 01913 Adjusted styling on Dashboard filter bar for mobile (Dan Hoover)
  • 01917 Removed stray var_dump from admin_plugins that was visible during a redirect (Dan Hoover)
  • 01918 Fixed some tooltips on the settings pages (Dan Hoover)
  • 01919 Added a message to Registration settings explaining where to setup email verification (Dan Hoover)
  • 01922 Added support to UltraMenu to allow user tags to control access to menu items (Dan Hoover)
  • 01924 Updated Validate class to cross check email and username on unique and unique update (Dan Hoover)
  • 01929 Added screen reader mode to UltraMenu to hide/show a fallback word on menu items with no labels (off by default) (Dan Hoover)
  • 01927 Updated Profile Pic Plugin to v1.0.6 (Dan Hoover)
  • 01928 Added profile-replacer class to profile pic so it can be targeted with css, javascript or the profile pic plugin (Dan Hoover)


  • 01890 Preventing cloaking into unverified and blocked users (Dan Hoover)
  • 01893 Added ipCheck for consistency to user class (Benedikt) (Dan Hoover)
  • 01894 Slovenian Language added to new installs v5.6.5+ - Thanks Jug! (Dan Hoover)
  • 01902 Plugins widget updated for compatibility with the dashboard filter. If you deleted the widget, you will need to delete it again. (Dan Hoover)
  • 01888 Logged in Username string substitution in the menu can now be prepended or appended with other text. (Dan Hoover)
  • 01911 New hed($string) function added to thoroughly html entity decode stubborn text. (Dan Hoover)
  • 01910 if you use dashboard_override to set sidebar menu to true and hide top menu to true, you can add a file to usersc/views/_admin_sidebar_fallback_menu.php to override the "fallback" menu (Dan Hoover)
  • 01908 Updated Menu class and menu editor for better handling of snippets. Existing snippets could break slightly and may need to be minified. (Dan Hoover)
  • 01886 Page links in admin_page view are now clickable (Bobby) (Dan Hoover)
  • 01909 Added new isDebugModeActive() function to see if US debug mode is active for the logged in user (Dan Hoover)
  • 01905 Debug mode now throws stack trace on dump and dnd calls to tell you where they were called from (Bobby) (Dan Hoover)
  • 01899 Add filter to dashboard (Dan Hoover)


  • 01862 Fixed bug in French language and updated language pack to 1.1.2 (Jeff B) (Dan Hoover)
  • 01879 null coalescing IP if remote addr not set in ipCheck() (BangingHeads) (Dan Hoover)
  • 01811 Removed strong and paragraph tags from language files (Dan Hoover)
  • 01872 Made password reset views more responsive (Dan Hoover)
  • 01874 Fixed view password eye on user_settings (Dan Hoover)
  • 01877 Menus now allow you to override the light/dark theme (Dan Hoover)
  • 01883 Fixed dropdown not closing on page click (NES Collector, BangingHeads) (Dan Hoover)
  • 01884 Updated cancel button on user_settings (Dan Hoover)
  • 01880 Added an extra measure to prevent permissionless menu items (bobby) (Dan Hoover)


  • 01858 Fixed some bugs to allow userspice to survive usersc/includes/dashboard_overrides not being writeable. (Dan Hoover)
  • 01860 Spice shaker now shows the current version installs and updates the buttons for better UX (Dan Hoover)
  • 01863 Added support for those who want to update all 100 versions from 4.3 to 5.6 by fixing a missing table. (Dan Hoover)
  • 01864 Now recording the modified date if someone tries to update their user settings. (Dan Hoover)
  • 01865 Removed a stray user_spice_ver file in usersc (Dan Hoover)
  • 01868 Fixed closing snippet div on ultramenu (Thanks Ivo) (Dan Hoover)


  • 01844 Chat plugin updated to v1.0.2 for better z-index and us_url_root conflicts. (Dan Hoover)
  • 01828 Updated UltraMenu code usage examples to show how to override a menu on a page (Dan Hoover)
  • 01829 Explained on UltraMenu that a tags are automatically closed on brand html (Dan Hoover)
  • 01830 The IP manager prevents you from blacklisting your own IP. (Dan Hoover)
  • 01831 Dan took a water break. (Dan Hoover)
  • 01832 SaaS Plugin updated to 1.0.4 (Dan Hoover)
  • 01833 Added hook to the bug reporter to return back to your project after visiting the userspice site (Dan Hoover)
  • 01834 Fixed some undefined variables and minor bugs in us_helpers.php (Dan Hoover)
  • 01835 Deprecated mqtt function (Dan Hoover)
  • 01837 Fixed the 2000 users message in admin_users (Dan Hoover)
  • 01840 Fixed UI for dashboard access (Dan Hoover)
  • 01843 Fixed unnecessarily slow query in join.php (Dan Hoover)
  • 01827 Fixed UltraMenu link bug which ignored the link target (Dan Hoover)
  • 01845 Email function allows you to now specify an authtype. (Dan Hoover)
  • 01846 Spice shaker is performing a different is_writable check for better compatibility with nginx (Dan Hoover)
  • 01848 You can now pass an array of email addresses to the email function $to variable (Dan Hoover)
  • 01849 Fixed a php 8.1 data type error in function money (Dan Hoover)
  • 01850 Benchmarking plugin updated to v.2.0 (Dan Hoover)
  • 01851 Fixed ultramenu snippet selector dropdown (Dan Hoover)
  • 01853 Updated is_writeable check on spice shaker to prevent false error (Dan Hoover)
  • 01854 Added the ability to have always visible mobile icons and usersc/includes/hooks/mobile_hooks (Dan Hoover)
  • 01855 Form builder - fixed hidden fields not being properly rendered (Dan Hoover)
  • 01856 Fixed examples for offsetDate function (Dan Hoover)
  • 01807 Alerts plugin updated with a new default style and shoelace.js (Dan Hoover)
  • 01663 Form Builder - Removed old datetime picker stuff in favor of the built in browser pickers (Dan Hoover)
  • 01677 Updated hasher plugin for compatibility with left sidebar menus (Dan Hoover)
  • 01689 Added fallback menu labels for ultramenu items without labels (Dan Hoover)
  • 01690 Fixed bug where padlock on user manager was not changing for banned users (Telnz) (Dan Hoover)
  • 01693 Added the ability to manage pages from the permission manager (LBC) (Dan Hoover)
  • 01694 From Builder: You can now pass the logged in user's id to database populated form options (Dan Hoover)
  • 01699 Provided a json header on the returnError function (Dan Hoover)
  • 01701 Form Builder - Better handling of db dropdown options (Dan Hoover)
  • 01804 You cannot delete permissions 1 or 2 (pushed in 5.5) (Dan Hoover)
  • 01806 User Manager will now properly display a warning about disabled features for high user counts (Brandin Arsenault)
  • 01633 Removed calls to fetchUserDetails on the admin_user page (Dan Hoover)
  • 01808 Resolved a bug in how snippets are parsed in UltraMenu (Dan Hoover)
  • 01810 Form Builder - disallowing hyphens in forms and table names due to unpredictable mysql behavior. (Dan Hoover)
  • 01812 Cleaned up some functions in permissions.php (Dan Hoover)
  • 01815 Updated html_footer to allow usersc/includes/footer.php to truly include inside the footer. (Dan Hoover)
  • 01816 Fixed translated edit account info button on account.php (Dan Hoover)
  • 01818 Updated admin_menu to provide full path to the css in case the view is cloned to usersc (Dan Hoover)
  • 01821 Uptime plugin updated to fix datatables error (Dan Hoover)
  • 01823 MySQL expert plugin updated to 2.0.1 with ui improvements and the ability to save queries without executing them. (Dan Hoover)
  • 01825 Store plugin updated to v.1.0.0 with a minor code cleanup and bugfix (Dan Hoover)
  • 01826 Updated some rarely-used column types on settings and users to save space (Dan Hoover)


  • 01654 Fixed error not being properly displayed for case unique in validation class (Renato) (Dan Hoover)
  • 01674 Added show password eye on login. (Dan Hoover)
  • 01672 Fixed a bug when creating a new menu (Dan Hoover)
  • 01671 Fixed issue where link target was not being shown in the ui of the menu builder (Dan Hoover)
  • 01670 Fixed a bug where html branding was not being shown on manually inserted menus (Dan Hoover)
  • 01669 Fixed issue with debug modal not popping on admin logs (Dan Hoover)
  • 01667 Fixed bug where dropdowns were not being populated on form updates (SeemsLikeChris) (Dan Hoover)
  • 01662 Fixed join form not showing validation errors (Renato) (Dan Hoover)
  • 01661 General settings now contains the option to load all users on the user manager and provides a search engine instead. (Dan Hoover)
  • 01660 Added the ability to highlight active menu items (Gamine) (Dan Hoover)
  • 01655 Removed deprecated php function call from time2str function in us_helpers (Dan Hoover)
  • 01540 Resolved a discrepancy on how widgets are loaded in the cms plugin. (Dan Hoover)
  • 01653 Added class "alternate-background" to many divs to allow them to be targeted when default background colors clash with templates (Dan Hoover)
  • 01652 Restored accidentally removed body plugin hook on account.php (Dan Hoover)
  • 01650 Protected Downloads plugin updated to support UserSpice 5.5+ (Dan Hoover)
  • 01647 Fixed broken dropdowns in cms plugin (Dan Hoover)
  • 01646 Fixed some issues with the cron manager and oce that were preventing cron edits from saving. (Dan Hoover)
  • 01645 Removed permission delete button on main permissions screen (Dan Hoover)
  • 01644 Resolved several ux issues in the form builder plugin (Dan Hoover)
  • 01641 Both menu builders now display a warning if you've turned DB navigation off in general settings. (Dan Hoover)
  • 01609 Resolved a bug in form builder where views were not ignoring validation for fields that were not being displayed (Briadark) (Dan Hoover)
  • 01541 Fixed an issue regarding changing CMS subcategories to parent categories. (Dan Hoover)


  • 01594 URL encoding error fixed with pr 25 (Dan Hoover)
  • 01619 Updated plain template navbar (Dan Hoover)
  • 01626 Dashboard widgets only drag from the header for a better mobile experience (Dan Hoover)
  • 01627 Updated spice shaker for enhanced template info and visuals (Dan Hoover)
  • 01630 Duplicate dbmenu.php functions were removed from us_helpers.php (Dan Hoover)
  • 01631 The Notification class has been deprecated but is still being auto-loaded for current installs via users/ (Dan Hoover)
  • 01632 ui has been updated for a better user experience (Dan Hoover)
  • 01635 Fixed an issue where deleting users failed (Dan Hoover)
  • 01636 Deprecated audit.php file to users/helpers/deprecated.php (will not autoload because they were not loaded at the time of deprecation) (Dan Hoover)
  • 01638 Template manager updated to show bigger/better thumbnails and enhanced accessibility (Dan Hoover)
  • 01639 backup_util.php has been deprecated to usersc/includes/deprecated (Dan Hoover)
  • 01640 Fixed bugs in admin page preventing the toggling of public and private (Dan Hoover)


  • 01621 Resolved styling issues with login modal and social logins (sam) (Dan Hoover)
  • 01622 Fixed PHP 7 errors and updated some logic on permission management (Dan Hoover)
  • 01623 Fixed some settings ui issues (Dan Hoover)
  • 01624 Fixed styling on login close button on bootstrap 4. (Dan Hoover)


  • 01600 Providing option to use your template footer on the dashboard in usersc/includes/dashboard_overrides (Dan Hoover)
  • 01601 Removed logo files from 5.5.1 update (Dan Hoover)
  • 01604 Added Accordion Menu option to Dashboard (Set in usersc/includes/dashboard_overrides (Dan Hoover)
  • 01606 Deprecated abrev_date, format_date, and userHasPermission functions. Removed old token classes. (Dan Hoover)
  • 01607 Suppressed error when multiple menus with plugin hooks were called on the same page. (Dan Hoover)
  • 01610 Save button disabled on menu manager if 0 permissions are selected (Dan Hoover)
  • 01611 Fixed improper location for storage of menu hooks in usersc (Dan Hoover)
  • 01612 You can hide the top nav by creating a variable $hide_top_navigation = true; Also available in dashboard_overrides.php (Dan Hoover)
  • 01613 Added return to index button on login modal (Dan Hoover)
  • 01616 Fixed incompatibilities with Ultramenu builder and PHP 7 (Dan Hoover)
  • 01602 Moved logos to usersc/images from users/images (Dan Hoover)


  • 01596 Improved creation of admin dashboard top menu (Dan Hoover)
  • 01597 style.css was not being included in the bs5 template (Dan Hoover)
  • 01598 Fixed a bug in the plugin menu hook (Dan Hoover)
  • 01599 Fixed a UI issue in ultramenu where current snippet was not being shown (Dan Hoover)


  • 01555 Updated validateJson function for php 8 compatibility (Dan Hoover)
  • 01558 echouser can return instead of echo echouser(1,$settings->echouser,true); (Dan Hoover)
  • 01559 Hooker plugin updated with new hooks for hooking (Dan Hoover)
  • 01560 Added new event hooks passwordResetFail and passwordResetSuccess on forgot_password_reset (Dan Hoover)
  • 01569 Added new fetchFolderFiles function to fetch all files by extension (Dan Hoover)
  • 01581 Access Delegation now works properly with more than 1 permission (Brandin Arsenault)
  • 01582 Reports plugin now supports excel exports in XLSX, CSV, ODS, or PDF (Clayton256) (Dan Hoover)
  • 01584 Tickets Plugin updated to v.1.0.4 (Dan Hoover)
  • 01411 Removed legacy err= and msg= from core URLs (Dan Hoover)
  • 01492 Webhooks plugin updated with example test script (Dan Hoover)
  • 01542 Removed legacy backup feature (Dan Hoover)
  • 01568 Added new offsetDate function for easy date manipulation (Dan Hoover)


  • 01511 Debug mode warning on dashboard is now a link to the debug logs (Dan Hoover)
  • 01515 Updated force ssl to use Tekniskedirektorn's excellent patch to allow proxy servers (Dan Hoover)
  • 01523 Input::get no longer tries to force numeric values (Dan Hoover)
  • 01525 Updated Documentation for addPermission function (DKY) (Dan Hoover)
  • 01527 Updated tickets plugin to fix a stray comma that will break some db queries (Dan Hoover)
  • 01529 Fixed Nav errors in PHP 8.1 while being a punk to Brandin :) (Dan Hoover)
  • 01530 Updated admin nav for better display of permission groups (Dan Hoover)
  • 01531 Clean urls plugin example script updated to support forms with no method attribute (Dan Hoover)
  • 01532 Added Danish translation - Thanks TFN (Dan Hoover)
  • 01533 Sendinblue Plugin updated to better work with built-in functions (Thadius/BangingHeads) (Dan Hoover)
  • 01537 Updated classes on login.php (Dan Hoover)
  • 01539 Added Korean Language to new installs the language pack - Thanks Thadius! (Dan Hoover)
  • 01543 Backup menu item will not show on dashboard if backup has been removed (Dan Hoover)
  • 01544 Updated example for language creation (Jibak) (Dan Hoover)
  • 01545 Default language is now set for users when created by the admin (Jibak) (Dan Hoover)
  • 01546 Form builder updated to v2.1.3 with better form deletion logic (Stan R) (Dan Hoover)


  • 00980 Simple Forums plugin updated to v1.0.2 (Dan Hoover)
  • 01186 Benchmark Plugin updated to v1.0.2 with better math function (Dan Hoover)
  • 01500 Removed stray opening php tag in check processing (Dan Hoover)
  • 01516 Fixed bug where email settings were being improperly stored (Dan Hoover)
  • 01517 Fixed bug where some users would get {missing text} on new installs (Dan Hoover)
  • 01518 Fixed bug where removing all permissions causes a redirect loop. Who in their right mind would do that :) (Dan Hoover)
  • 01519 Fixed error on installer where db connection would incorrectly be reported as unsuccessful (Dan Hoover)
  • 01520 Added the ability to specify a custom db port in the installer (Dan Hoover)


  • 00802 Removed duplicate query from snapshot widget (Dan Hoover)
  • 01443 API Builder updated with some customization options and some RESTful responses (Mr. Serikus) (Dan Hoover)
  • 01453 Documentation link now shown on API Builder Config Page (Dan Hoover)
  • 01479 Convert head_tags Comments to PHP for New Installs (Brandin Arsenault)
  • 01487 Alerts plugin updated for compatibility with custom templates (Dan Hoover)
  • 01489 Updated input class to deal with inputs starting with leading zeroes (Dan Hoover)
  • 01493 Updated installer to deal with deprecated datetime call (Dan Hoover)
  • 01494 Removed copyright message on dashboard menu (Dan Hoover)
  • 01497 Security Logs will now show for delegated users (Brandin Arsenault)
  • 01503 Update SQL for New Installs (Brandin Arsenault)
  • 01505 Pulled ReAuth UI Components (Legacy Feature) (Brandin Arsenault)
  • 01507 Created the ability to completely override the admin menu (telnz) (Dan Hoover)
  • 01508 Added the ability to change email authtype to CRAM-MD5, LOGIN, PLAIN, or XOAUTH2 (Dan Hoover)
  • 01509 Protected Downloads plugin updated to clarify instructions (Dan Hoover)
  • 01510 Added the ability to override or add additional parameters to the email function with a usersc script (Dan Hoover)
  • 01512 Removed requirement for mb_strlen from Validate class (Dan Hoover)


  • 01276 Tickets plugin has been updated to 1.0.2 to fix a config bug (Dan Hoover)
  • 01417 Fixed a sorting issue in the built in cron manager. (Marc) (Dan Hoover)
  • 01448 SAAS plugin fixed bug that could result in organization leader losing ability to manage their own org. Please update. (Dan Hoover)
  • 01389 Now allowing languages to create a key valled VAL_ALLOWED to be more flexible on min-max validation (Dan Hoover)
  • 01391 Logged in user is redirected to user settings if they try to navigate to forgot password (Dan Hoover)
  • 01426 Added cloakBegin and cloakEnd plugin event hooks (Dan Hoover)
  • 01470 The dashboard css can now be overridden in usersc/includes/dashboard.css (Dan Hoover)
  • 01469 Darkened font on the dashboard (Dan Hoover)
  • 01463 Improved Input::sanitize and added Input::json and Input::recursive (Dan Hoover)
  • 01457 You can now call the userspice message system from javascript usMessage("testing123","success");); (Dan Hoover)
  • 01449 Fixed an error in SAAS plugin for assigning permissions to an organization (Dan Hoover)
  • 01473 Form Builder now allows underscores and hyphens in form names (Dan Hoover)
  • 01472 Fixed loader to prevent redirect loops for banned ips (Dan Hoover)
  • 01471 Comments plugin updated with additional documentation (Dan Hoover)
  • 01455 Charts plugin updated to 1.0.4 to make line charts prettier (Dan Hoover)
  • 01451 Cleaned up some divs in the SAAS Plugin thanks to some great reports by Espresso Dan (Dan Hoover)
  • 01450 Fixed broken form in SAAS plugin (Dan Hoover)
  • 00627 displayTable function in forms plugin allows you to pass ["id"=>1] to show the id in the table. (Dan Hoover)
  • 01422 Updated legacy sanitize helper function to use input static method (Dan Hoover)
  • 01189 Added multilanguage support to form builder (Thanks Alexander!) (Dan Hoover)
  • 01410 Form builder now returns "rule broken" so you can create custom error messages (Dan Hoover)


  • 01437 Resolved error messages only showing first character on user creation (Dan Hoover)
  • 01438 Add additional usersc include before system messages and force html entity encode before decode (Dan Hoover)
  • 01442 Removed stray html tag in login.php (Dan Hoover)
  • 01444 $validated variable on login.php now allows you to kill login with a hook in the post position (Dan Hoover)
  • 01445 Created unique table ids for tables with an id of paginate (Dan Hoover)


  • 00976 Removed unused columns from stripe plugin that broke table. (Dan Hoover)
  • 01420 Form builder has been updated to better handle non-English characters (Dan Hoover)
  • 01421 Updated sanitize function in Input class for cleaner usage (Dan Hoover)
  • 01423 Removed hard coded user id 1 on logger functions (Dan Hoover)
  • 01424 Updated logger function to avoid throwing errors on PHP 8 (Dan Hoover)
  • 01428 Fixed email verification bug caused by GDPR override plugin. (Dan Hoover)
  • 01429 Fixed missing email url encoding on email verification (Dan Hoover)
  • 01430 Updated echouser to deal with blanks and 0s (Dan Hoover)
  • 01431 Deal with hard coded + spaces in language files (Dan Hoover)


  • 01387 Added new hooks for the email verification and password reset process (Dan Hoover)
  • 01413 includeHook function now returns more gracefully if a bogus position is called. (Dan Hoover)
  • 01412 updated createAttempt plugin hook (Dan Hoover)
  • 01409 new fetchUser($id) function addresses the awkwardness of the legacy fetchUserDetails function (Dan Hoover)
  • 01407 Fixed missing translation on force pw reset (Dan Hoover)
  • 01405 Added missing form label to verify_resend view (Dan Hoover)
  • 01403 Added missing language support to verify.php (Dan Hoover)
  • 01402 Changed settings query in cron.php to select * for convenience (Dan Hoover)
  • 01400 New tokenHere() function to create a hidden input with the csrf token (Dan Hoover)
  • 01399 created new usError, usSuccess, usMessage functions to make passing errors cleaner and easer (Dan Hoover)
  • 01397 first parameter of logger() function can now ne an empty string (Dan Hoover)
  • 01394 Removed deprecated font color = tags in userspice core (Dan Hoover)
  • 01393 Added translation to login.php (Dan Hoover)
  • 01392 Fixed hard coded password minimum length on forgot password reset (Dan Hoover)
  • 00916 Auto logout plugin updated to detect mouse and keyboard input (Dan Hoover)
  • 01386 new User() can now be forced to look at the email column with second parameter (Dan Hoover)
  • 01385 pluginHooks can return data with the hookData variable (Dan Hoover)
  • 01383 fetchUserDetails function now behaves like the documenation (Dan Hoover)
  • 01382 Check updates and spice shaker will throw system errors if curl or zip are not installed. No diag mode needed. (Dan Hoover)
  • 01380 Performed Log Actions will now be tracked in the logs (Brandin Arsenault)
  • 01379 Added Staging Code for Log Profiles/Filters via Hooks (Brandin Arsenault)
  • 01377 Validate class now returns a rulesBroken array for better Multilanguage support (Dan Hoover)
  • 01376 User Settings will now properly display the correct field name during a validation error (Brandin Arsenault)
  • 01364 Log Filters and Actions have been moved to a dropdown for a cleaner UI (Brandin Arsenault)
  • 01361 New fetchProfilePicture($userid) function is overridable and more flexible. (Dan Hoover)
  • 01357 Added a new System Logs Action: Delete Logs (Keep ID) (Brandin Arsenault)
  • 01305 Reports plugin updated to handle larger data sets (Dan Hoover)


  • 01368 Fixd speling eror on dashbeoard menue (Dan Hoover)
  • 01308 Dashboard Access Features are now more verbose to avoid duplicated feature names (Brandin Arsenault)
  • 01310 Fixed Hooker Plugin not listing the hooks it created. (Dan Hoover)
  • 01312 Added tooltip to badges plugin (PR From RoelandvanD) (Dan Hoover)
  • 01314 Added the ability to hide the id in the Quick Crud plugin (Dan Hoover)
  • 01340 Remember Me Feature added via plugin (Dan Hoover)
  • 01337 login.php now has $username and $password which can be modified via the hook on this page and is passed to loginEmail (Brandin Arsenault)
  • 01341 Users of Clean URLs should update Form Builder and their .htaccess file with the snippet from the updated plugin (Dan Hoover)
  • 01343 Added ability to prevent maintenance.php redirect on parsers/apis but setting $noMaintenanceRedirect = true before init.php (Dan Hoover)
  • 01344 Added new API Hooks (Dan Hoover)
  • 01345 Fixed language call on Validate class. (Dan Hoover)
  • 01346 Fixed issue allowing admins to change passwords without confirming the new pw matches (chalnger86) (Dan Hoover)
  • 01347 New Function: UserSpice_getLogs (Brandin Arsenault)
  • 01348 Only Debugging Logs button will now properly filter logs (Brandin Arsenault)
  • 01349 views/_admin_logs now uses UserSpice_getLogs (Brandin Arsenault)
  • 01350 Security logs now has the ability to hide whitelsited IPs (James) (Dan Hoover)
  • 01375 Updated init.php for new installs to fix redirect bug. (Dan Hoover)
  • 01339 Added new hooks to Page Manager (Dan Hoover)
  • 01338 Remember Var on Login is now above the hook so it can be modified via the hook if required (Brandin Arsenault)
  • 01272 Fixed bad link on Twilio dashboard (Dan Hoover)
  • 01336 Badges User UI updated and new hasBadge function added (Dan Hoover)
  • 01333 Updated plugin manager activation/deactivation/deletion logic (see notes on ticket) (Dan Hoover)
  • 01331 cleanupPermissionPageMatches will no longer produce an error when it is triggered by a logged in user (Brandin Arsenault)
  • 01329 Improper Plugin Removal (deleting files without uninstalling) will no longer cause errors in the Admin Panel or in the Plugins Manager (Brandin Arsenault)
  • 01326 Migrate Core Code from checkMenu (legacy) to hasPerm (maintained) (Brandin Arsenault)
  • 01317 System Messages Footer now correctly defines the Error Class valErr (Brandin Arsenault)
  • 01309 Form builder can now skip fields without creating a custom view (Dan Hoover)
  • 01304 Functions that globalize $user will gracefully fail if accessed without $user being properly defined (or accessed by guest) (Brandin Arsenault)
  • 01303 Fixed issue where some errors were being described twice (Dan Hoover)
  • 01298 New Hook: adminUser createAttempt (Brandin Arsenault)


  • 01290 The for for log clearing tools in System Logs now has an ID of log_clearing_tools that can be targeted (Brandin Arsenault)
  • 01306 Removed required fields on email settings (Dan Hoover)
  • 01302 Removed non-working ReAuth feature but left fields for plugin development (Dan Hoover)
  • 01301 Removed checkWrite.php parser file (Dan Hoover)
  • 01299 Moved API key entry to only the dashboard with jQuery feedback on key validation (Dan Hoover)
  • 01295 Fixed some migrations in the CMS plugin (Dan Hoover)
  • 01294 MQTT plugin updated (Dan Hoover)
  • 01293 New Function: isUserLoggedIn (Brandin Arsenault)
  • 01292 Sessions will no longer be destroyed automatically from visiting login.php (Brandin Arsenault)
  • 01291 Accessing login.php while logged in will now cause you to be redirected to settings.redirect_uri_after_login (Brandin Arsenault)
  • 01277 Spice shaker now attempts to delete stray files and warns you if it can't (Dan Hoover)
  • 01289 Added .htaccess to prevent rewriting of parser file urls (Dan Hoover)
  • 01288 Form builder updated to 2.0.3 (Dan Hoover)
  • 01286 Loader.php now uses isUserLoggedIn to validate a user being logged in (Brandin Arsenault)
  • 01285 CMS Plugin updated to fix missing script tags. (Dan Hoover)
  • 01284 Standard template updated to 2.0.1 to use dynamic container open class. (Dan Hoover)
  • 01283 Corrected a lognote in update 2021-07-11a for future updates (Brandin Arsenault)
  • 01282 Logger function is overwriteable again (Brandin Arsenault)
  • 01280 Added isSelected helper form helper function (Dan Hoover)
  • 01279 GDPR Plugin Updated to support longer text (Dan Hoover)


  • 01263 Helper Functions now use ipCheck instead of REMOTE_ADDR (Brandin Arsenault)
  • 00730 cleanupPermissionPageMatches is triggered when deletePages is successful (Brandin Arsenault)
  • 01261 Added debug mode to dashboard and logger (Dan Hoover)
  • 01265 Updated PHPMailer to latest version (Dan Hoover)
  • 01266 Fixed bug that breaks error messages when the session is not set on some servers. (Dan Hoover)
  • 01268 ReAuth now uses isLocalhost instead of hard coding conditions (Brandin Arsenault)
  • 01270 New Function: cleanupPermissionPageMatches (Brandin Arsenault)
  • 01271 Removed extra divs from default index.php page (Dan Hoover)
  • 01273 Added maintenance and debug mode warnings to admin.php (Dan Hoover)
  • 01274 Updated form actions for better compatibility with clean urls (Dan Hoover)
  • 01275 Upgraded from jQuery 3.5.1 to jQuery 3.6.0 (Dan Hoover)


  • 01256 Fixed broken link in admin menu (Dan Hoover)
  • 01257 Check it out on SS now takes you to the Plugin Config. Logo now takes you to the config if active (Dan Hoover)
  • 01258 Refer plugin updated to 1.0.4 (Dan Hoover)


  • 00731 Admin Panel: Added IDs and Classes for Menu Items (Brandin Arsenault)
  • 01093 Footer now included on join after form submission (Dan Hoover)
  • 01216 Updated email settings to prevent accidental autofill (Dan Hoover)
  • 01218 Fixed verify email resend encoding (Dan Hoover)
  • 01236 Better compatibility for display_errors and display_successes (Dan Hoover)
  • 01244 Admin Panel: Added Language Translations for hard-coded menu items (Brandin Arsenault)
  • 01253 Added ability to parse html in error messages (Dan Hoover)
  • 01254 updated sessionValMessages to merge error messages into arrays (Dan Hoover)


  • 01239 Logger function now json_encodes metatdata if it's an array or object (Brandin Arsenault) (Dan Hoover)
  • 01238 Removed TinyMCE from GDPR Plugin (Dan Hoover)
  • 01232 Better UserSpice API Key Validation (Brandin Arsenault) (Dan Hoover)
  • 01231 Removed orphaned dashboard views (Dan Hoover)
  • 01214 Added the 5.3.1 plugin hooks to the hooker plugin (Dan Hoover)
  • 01224 Added missing logo to the alerts plugin (Dan Hoover)
  • 01234 Re-preventing using emails as usernames (Dan Hoover)
  • 01209 Removed auto assign username feature (Dan Hoover)
  • 01200 Fixed div closing too early on check updates (Dan Hoover)
  • 01208 reCaptcha removed from core (Dan Hoover)
  • 01207 Fixed spelling error on admin_permission (Scourgess) (Dan Hoover)
  • 01206 Improved usability on admin_nav_item view (Scourgess) (Dan Hoover)
  • 01205 Better spacing on Authorized Groups on admin_nav_item view (Scourgess) (Dan Hoover)
  • 01204 Redirect::to no longer checking for file to exist (use Redirect::safe to do that) (Dan Hoover)
  • 01203 New Norwegian language and updated French language (Dan Hoover)
  • 01201 Removed shortcodes <? from code in favor of <?php (Dan Hoover)
  • 01198 DB class now supports alternative charsets (Dan Hoover)
  • 01210 New plugin hooks on forgot_password.php (Dan Hoover)
  • 01211 Removed restriction of using an email as a username (Dan Hoover)
  • 01215 Created a new joinAttempt plugin hook (Dan Hoover)
  • 01220 Updated error message for init files without loader.php (Dan Hoover)
  • 01223 Plugin management hidden for non-master-accounts (Dan Hoover)
  • 01225 Added if ! function_exists to checkAccess function on admin.php (Dan Hoover)
  • 01227 Added additional try/catch to db class (Dan Hoover)
  • 01228 Form Builder 1.2.0 released with UserSpice 5.3 support. Please update (Dan Hoover)
  • 01229 Added explicit null to error message function (Dan Hoover)
  • 01230 Updated Try/Catch statement in DB Class (Dan Hoover)
  • 01163 Adjusted formatting on system logs page (Dan Hoover)
  • 00840 All references to user_agreement removed in favor of GDPR plugin (Dan Hoover)
  • 00963 Refer plugin updated to 1.0.3 (Dan Hoover)
  • 00983 Updated Swedish language (Dan Hoover)
  • 01009 Validate class handles non-submitted fields more gracefully. (Dan Hoover)
  • 01137 Fixed error when $_SESSION['kUserSessionID'] is not set (Dan Hoover)
  • 01147 Fixed error message on user_settings.php (Dan Hoover)
  • 01150 Changed inputs on admin_user(s) to type="search" to combat lastpass bug (Dan Hoover)
  • 01151 Charts plugin updated to 1.0.2 (Dan Hoover)
  • 01154 Fixed function for backwards compatibility (Dan Hoover)
  • 01157 Session:get now returns null if session does not exist (Dan Hoover)
  • 01159 Deprecated checkPermission and updated securePage (Dan Hoover)
  • 01161 Resolved missing > in French language file (Dan Hoover)
  • 01162 Preventing null on logs.user_id (default 0) (Dan Hoover)
  • 00495 Fixed super long logs squish the admin panel (Dan Hoover)
  • 01166 Updated join form validation for consistency (Dan Hoover)
  • 01167 If you pass ONLY an array or object as your lognote, it will be automatically json encoded (Dan Hoover)
  • 01179 Added loader feature - adds to init.php (Dan Hoover)
  • 01182 Moved security headers higher on header1_must_include (Dan Hoover)
  • 01183 Added usersc/includes/pre_header.php (Dan Hoover)
  • 01184 Moved IP Blacklist earlier on page load (Dan Hoover)
  • 01185 Added explicit int on admin user view (Dan Hoover)
  • 01191 Better handling of registering and de-registering plugin hooks (Dan Hoover)
  • 01193 user_settings.php now redirects after update for better plugin compatibility. (Dan Hoover)
  • 01194 Fixed untranslated line in email message (Dan Hoover)
  • 01196 Added IP address to security logs (Dan Hoover)
  • 01197 Fixed bad DB query example in Charts Plugin (Dan Hoover)


  • 00622 Password reset returns the same message regardless of if the email is in the db (Dan Hoover)
  • 01144 Added switch to enable bleeding edge on dashboard general settings (Dan Hoover)
  • 01146 Added featured addons to spice shaker (Dan Hoover)


  • 01126 Added check/uncheck box to pages on permission editor (Dan Hoover)
  • 01143 Move dashboard copyright to left menu (FeistySquirrel) (Dan Hoover)
  • 01142 Remove us_css and track_guest columns (Dan Hoover)
  • 01141 Large log notes turn into a textarea that can be expanded (Dan Hoover)
  • 01139 If max password is set to 30, will be increased to 150 (Dan Hoover)
  • 01136 Facebook login plugin updated to v1.0.2 (Dan Hoover)
  • 01135 Plugins can now override core functions with an override.php file (BangingHeads) (Dan Hoover)
  • 01134 Added .htaccess to users/views (BangingHeads) (Dan Hoover)
  • 01133 Fixed https redirect issues on some servers (Thanks Abd) (Dan Hoover)
  • 01132 Updated parser files so attempted hackers see cleaner error messages (Brandin) (Dan Hoover)
  • 01130 Fixed undefined variable in checkAcces function (Dan Hoover)
  • 01129 Removed stray hard coding in User Class (Mark Z) (Dan Hoover)
  • 00631 Confirmed all form character limit checks are working (Dan Hoover)
  • 01122 Fixed broken fetchAllUsers function (Dan Hoover)
  • 01121 Added graceful skipping of missing widgets (Brandin) (Dan Hoover)
  • 01119 Defaulting to port 443 for checking updates (Tek) (Dan Hoover)
  • 01114 Plugin functions can now override anything except usersc/custom_functions.php (Banging Heads) (Dan Hoover)
  • 01113 Fixed some errors in form builder. (Dan Hoover)
  • 01112 Form builder migration tweak (Dan Hoover)
  • 01109 Added try/catch on _db->execute() (Banging Heads) (Dan Hoover)
  • 01096 "forms" column removed from new installs was causing a form builder issue (Dan Hoover)
  • 01092 Join.php now checking for usersc/views/_join and thank you (Alex) (Dan Hoover)
  • 00699 Resolved combobox errors in an earlier commit (Dan Hoover)


  • 01108 Fixed hard coded session name in account.php (Dan Hoover)


  • 01083 Added a warning not to muck with permissions 1 and 2 (Dan Hoover)
  • 01105 Form builder plugin updated to 1.1.6 (Dan Hoover)
  • 01104 Made verify.php more compatible with usersc (Dan Hoover)
  • 01103 Fixed email verification link when overridden in usersc (Dan Hoover)
  • 01102 Updated German language (Dan Hoover)
  • 01100 Removed 2 deprecated files (Dan Hoover)
  • 01099 Cosmetic tweaks to plugin manager (Dan Hoover)
  • 01097 Added space on join view (BangingHeads) (Dan Hoover)
  • 01095 Afrikaans language added (John Dovey) (Dan Hoover)
  • 01088 Added options for cc and bcc to email function (Dan Hoover)
  • 01086 Deleting temp.php before downloading a plugin (Dan Hoover)
  • 01085 Wrapped audit.php functions in if !function_exists (Dan Hoover)
  • 01084 Lengthened page and title columns in the pages table for better language support (Dan Hoover)
  • 01022 Fixed ui bug in CMS plugin (Dan Hoover)
  • 01082 Removed extra </div> reported by Andrew (Dan Hoover)
  • 01081 Renamed manage to settings in admin breadcrumbs (Dan Hoover)
  • 01080 Moved head tag on dashboard (Dan Hoover)
  • 01079 Added backticks around password in the user class (Dan Hoover)
  • 01078 temporarily readded columns to the users table for compatibility. (Dan Hoover)
  • 01077 Fixed token error in bug reporter (Dan Hoover)
  • 01073 Improved default language for new users (Dan Hoover)
  • 01072 Updated securePage function for better handling of http to https redirects (Dan Hoover)
  • 01071 Fixed a bug preventing the old from being deleted (Dan Hoover)
  • 01068 Changed the cookie class to deal with samesite attribute on all modern versions of php (Dan Hoover)
  • 01067 Added 3 new plugin hooks in users/verify.php (Dan Hoover)
  • 01066 Fixed error in fetchAllUsers (Dan Hoover)


  • 01053 Rolled back some broken functions (Dan Hoover)
  • 01064 Resolved LDAP token issue (Dan Hoover)
  • 01063 Added cz-CZ language (Dan Hoover)
  • 01062 Fixed active column in Database (Dan Hoover)
  • 01061 Fixed account_owner bug (Dan Hoover)
  • 01060 Updated db schema on new installs to support old mysql versions (Dan Hoover)
  • 01057 UserInfo Plugin Updated (Dan Hoover)
  • 01056 Checking before unlinking update zips to avoid warnings (Dan Hoover)
  • 01055 Updated ip ban logic (Dan Hoover)
  • 00978 Added samesite attribute by default to the cookie class. (Dan Hoover)
  • 01052 logs_exempt table pulled from new installs (Dan Hoover)
  • 01051 Rewriting banned.php in a migration file (Dan Hoover)
  • 01049 Added DB Update for container_open_class (Brandin Arsenault)
  • 01047 Backup link fixed on check updates (Dan Hoover)
  • 01046 Fixed Punctuation for Logtype in the Users Class (Brandin Arsenault)
  • 01045 Removed duplicate isStandardUser function (Brandin Arsenault)
  • 01039 Added notice about UserInfo Plugin on registration settings page (Dan Hoover)
  • 01007 Fixed google oauth token errors (Dan Hoover)


  • 01043 Created isStandardUser function (Dan Hoover)
  • 01044 Hotfix: hasPerm NULL ID Bug (Brandin Arsenault)
  • 01040 all logs for various login types now say login (Dan Hoover)


  • No Issues Resolved


  • 01015 Fixed bug where previously verified emails could not update. (Dan Hoover)
  • 01038 Fixed line-height for the ACP Navigation Toggle that cause misalignment (Brandin Arsenault)
  • 01037 **IMPORTANT** the column was removed for future installs, some code was added to join.php and views/_admin_users.php to handle legacy support for this column (Brandin Arsenault)
  • 01036 Fixed a number of autocomplete issues on the Admin Panel (Brandin Arsenault)
  • 01035 Added setting for main div classes (Brandin Arsenault)
  • 01032 Code & Logic Improvements to hasPerm, added optional parameter to disable masterAccount checking (Brandin Arsenault)
  • 01029 **IMPORTANT** fetchAllUsers now ONLY accepts a boolean value for the desc parameter (Brandin Arsenault) (Brandin Arsenault)
  • 01026 Updated container to container-fluid on standard template (Brandin Arsenault)
  • 01024 Removed legacy code for the session manager on account.php (Brandin Arsenault)
  • 01023 Added a redirect when you successfully add or remove a folder on admin_pages (Brandin Arsenault)
  • 01019 Removed legacy code and performed cleanup on user_settings.php (Brandin Arsenault)
  • 01018 Coding Standard Fixes and strict variables on functions for helpers/helpers.php (Brandin Arsenault)
  • 01017 Coding Standard Fixes and strict variables on functions for helpers/users.php (Brandin Arsenault)
  • 01016 Coding Standard Fixes for users/views/_admin_settings_general.php (Brandin Arsenault)
  • 00356 Removed Logs Manager (Legacy) (Brandin Arsenault)
  • 01011 Added Metadata Column to Logs table (Brandin Arsenault)
  • 01010 Cleaned up securePage function (Dan Hoover)
  • 01008 _joinThankYou no longer has a bad link when join.php is in the usersc folder (Brandin Arsenault)
  • 01006 Made view usersc compatible (Dan Hoover)
  • 01005 Centered text on a few views for better styling (Dan Hoover)
  • 01003 Wrapped join inputs in form group class (Dan Hoover)
  • 01002 Removed spaces that were breaking userinfo plugin (Dan Hoover)
  • 00986 time2str will now return null if supplied null (Brandin Arsenault)
  • 00984 Resolved some legacy tooltip calls on the standard template and misc pages (Brandin Arsenault)
  • 00982 Removed a double class attribute on admin_users (Brandin Arsenault)
  • 00979 Corrected "cycle" from "cylce" on views/_admin_tools.php (Brandin Arsenault)
  • 00969 Removed a redirect on user_settings that caused a lack of success messages (Brandin Arsenault)
  • 00936 Large cleanups to the users table for new installs, core code updates were required (Brandin Arsenault)


  • 00997 Removed extra </div> reported by Andrew (Dan Hoover)
  • 00996 Fixed html spice shaker form - Thanks Andrew. (Dan Hoover)
  • 00995 Fixed missing </p> tag. Thanks Andrew (Dan Hoover)
  • 00994 Fixed html errors in admin_pages (Dan Hoover)
  • 00993 Removed extra </div> reported by Andrew (Dan Hoover)
  • 00992 Removed extra </div>s reported by Andrew (Dan Hoover)
  • 00991 Moved closing p tag (Dan Hoover)
  • 00990 Fixed missing space in admin users (Dan Hoover)
  • 00989 Fixed html in loop (Dan Hoover)
  • 00988 moved title in admin.php (Dan Hoover)
  • 00998 Changed documentation for custom css with ihadavision's snippet (Dan Hoover)
  • 00746 All facebook redirect issues appear to be solved (Dan Hoover)
  • 00974 Used dustball's preg match to detect bad pastes of api keys (Dan Hoover)
  • 00970 Added a FName First Initial of LName option in echouser (Dan Hoover)
  • 00967 Added check for http host in force_ssl (Dan Hoover)
  • 00962 Fixed a bug in the pluginActive function for non logged in users (Dan Hoover)
  • 00959 Added link to security logs. Thanks Odin (Dan Hoover)
  • 00956 Rolled back a bad patch from bug 931 (Dan Hoover)
  • 00955 Deleting before update (Dan Hoover)
  • 00948 Fixed Facebook redirect after login bug (Dan Hoover)
  • 00947 OAuth Session User to Session Name, Add Success Hooks to Facebook Login. Thanks BangingHeads! (Dan Hoover)
  • 00824 Facebook Redirect/Session issues resolved in another commit (Dan Hoover)


  • 00954 Fixed a bug causing the notification system to not display properly on some installs. (Dan Hoover)
  • 00934 Removed references to two factor authentication from the core code (Dan Hoover)
  • 00938 Added missing pages from default page hider in admin pages (Dan Hoover)
  • 00950 DB class not throwing error on first with no results. (Dan Hoover)
  • 00952 Pushed Brandin's improvement for the fetchUserDetails function (Dan Hoover)
  • 00951 Added plugin hooks for admin_settings parser (pre and bottom) (Dan Hoover)
  • 00942 Fixed data error on Admin Logs where the Log ID was shown as the User ID (Brandin Arsenault)
  • 00941 Modified fetchUserDetails to return null if no data is sent to the function (Brandin Arsenault)
  • 00940 Updated blank page to match new template system (Brandin Arsenault)
  • 00953 Cleaned up dnd function (Dan Hoover)
  • 00937 Logging for user blocking on _admin_user now uses the correct column (Brandin Arsenault)
  • 00897 Verify email does not try if email is already verified (Dan Hoover)
  • 00933 pluginActive now works if not logged in (Dan Hoover)
  • 00932 Updated hashing logic on API and downloader.php (Dan Hoover)
  • 00931 Email becomes "unverified" now if updating your email address in user_settings.php (Dan Hoover)
  • 00930 Form builder is now optional but recommended for the UserInfo plugin (Dan Hoover)
  • 00925 Updated file based CMS widget logic. (Dan Hoover)
  • 00917 htmlspecialchars_decode has been replaced with html_entity_decode (Dan Hoover)
  • 00909 Fixed html entities and non-translated email subjects (Dan Hoover)
  • 00779 URL regeneration resolved in an earlier release (Dan Hoover)
  • 00121 Unique session and cookie names generated during install since earlier version (Dan Hoover)
  • 00465 after_user_deletion script was added a while back (Dan Hoover)
  • 00467 errors have ids or classes now (Dan Hoover)
  • 00566 Validation code Resolved in another commit (Dan Hoover)
  • 00580 Missing text resolved in an earlier commit (Dan Hoover)
  • 00588 Installer updated (Dan Hoover)
  • 00589 Most table character sets were cleared up in 5.1.4 (Dan Hoover)
  • 00593 localhost placeholder removed (Dan Hoover)
  • 00616 Updated installer logic (Dan Hoover)
  • 00007 Cron job ip regulation was added in 5.0 (Dan Hoover)
  • 00797 Root write check now happens on install as of 5.1.4 (Dan Hoover)
  • 00827 Added ability to send attachment to emails (Dan Hoover)
  • 00837 Added min/max characters for password and username on new user modal in admin_users (Dan Hoover)
  • 00842 Fixed buttons at the bottom of user_settings.php (Dan Hoover)
  • 00868 custom_functions.php is now included earlier so you can override more core functions with your custom ones (Dan Hoover)
  • 00875 Forgot password page does not attempt now if email is not setup. (Dan Hoover)
  • 00876 Classes were added to the err and msg functions in 5.1.4 (Dan Hoover)
  • 00896 Updated multidb logic in the db class (Dan Hoover)


  • 00891 Implemented Had3z's improvements to the Input class (Dan Hoover)
  • 00905 Fixed a footer issue in simplex template (Dan Hoover)
  • 00904 HTML edited in GDPR plugin (Dan Hoover)
  • 00903 Duplicate of simplex footer fix (Dan Hoover)
  • 00906 Added a space to the English language and to the userspice language pack (Dan Hoover)
  • 00907 Fixed a php tag that was supposed to be php echo in user_settings.php (Dan Hoover)
  • 00911 Fixed rendering error in the form fields in the form builder plugin (Dan Hoover)
  • 00899 Fixed parser file location in session manager plugin (Dan Hoover)
  • 00893 Moved character set designation higher up into mail function (Dan Hoover)
  • 00888 Added eventhooks to verifyFail and verifySuccess (Dan Hoover)
  • 00920 Resolved in Forum 1.0.1 (Dan Hoover)
  • 00915 Fixed checkbox logic (Dan Hoover)
  • 00902 Disabling messaging if plugin not active for old installs (Dan Hoover)
  • 00914 Fixed the inability for the public (not logged in) to view forums (Dan Hoover)
  • 00912 Login.php now logs failed login attempts (Dan Hoover)
  • 00921 New migration schema for plugins (Dan Hoover)
  • 00923 Updated fetchUserDetails to return null on no hits (Dan Hoover)
  • 00924 Wrapped helpers.php in function_exists and added classes to error messages (Dan Hoover)
  • 00926 Updated login.php err logic (Dan Hoover)
  • 00927 Updated logout method (Dan Hoover)
  • 00928 Made a db patch for db engine (Dan Hoover)
  • 00929 Made a db patch for db charset (Dan Hoover)
  • 00237 This feature is already implemented. (Dan Hoover)
  • 00901 Added better ios compatibility to dropzone (Dan Hoover)
  • 00900 Made the Update/Cancel buttons on user_settings.php look less terrible (Dan Hoover)
  • 00894 Added an extra hook for the userInfo plugin (Dan Hoover)
  • 00892 Added default timeout of 15 seconds for error messages (Dan Hoover)
  • 00890 Admin pages shows an alert when pages are removed from the db (Dan Hoover)
  • 00889 Resolved in another commit (Dan Hoover)
  • 00887 Spelling error in en-us lang file (Dan Hoover)
  • 00886 After creating a new menu item, you are now redirected to the edit page (Dan Hoover)
  • 00881 Fixed token error in stripe plugin (Dan Hoover)
  • 00878 Removed remember me checkbox on login (Dan Hoover)
  • 00874 Fixed a div causing footer/modal issues (Dan Hoover)
  • 00870 We now have a link to backup userspice on the auto update page (Dan Hoover)
  • 00670 Resolved in another commit (Dan Hoover)


  • 00873 Missing $form_valid = true; causing misc scripts not be called in some circumstances (Dan Hoover)
  • 00877 Missing $form_valid = true; causing some of the join thank you scripts to not be called in some circumstances (Dan Hoover)
  • 00879 Missing $form_valid = true; causing during_user_creation to not be called in some circumstances (Dan Hoover)


  • 00871 Added UTF-8 Encoding + Email attachment feature to mail function (From Edward) (Dan Hoover)
  • 00872 Upgraded to jQuery after bugs found by Edward and Waldo (Dan Hoover)


  • 00835 db results() now returns empty if the query fails (Dan Hoover)
  • 00857 Deleted 404 link in UserSpice forums (Dan Hoover)
  • 00854 Changed int size on 5 columns (Dan Hoover)
  • 00853 Created IP Lock Plugin (Dan Hoover)
  • 00852 Added Update & Close button to user editor (Dan Hoover)
  • 00851 Updated buttons on Admin Permissions (Dan Hoover)
  • 00850 Added Update & Close button to page editor (Dan Hoover)
  • 00858 New Validation Rule is_in_database (Dan Hoover)
  • 00845 SAAS Updated (Dan Hoover)
  • 00838 Fixed bad return statement (Dan Hoover)
  • 00836 Email query updated _admin_user.php (Dan Hoover)
  • 00860 Updated hasPerm logic (Dan Hoover)
  • 00830 Now disabling messaging in DB if plugin is not active (Dan Hoover)
  • 00826 Added after_user_deletion.php (Dan Hoover)
  • 00821 Added password length and new ids for plugins/javascript (Dan Hoover)
  • 00847 Added feature in membership 1.0.5 (Dan Hoover)
  • 00859 You can now pass internal links to search in Spice Shaker (Dan Hoover)
  • 00861 Updated to jQuery 3.5.0 (Dan Hoover)
  • 00863 Updated to Bootstrap 4.4 by Usamusa (Dan Hoover)
  • 00864 Popper.js updated by Usamusa (Dan Hoover)
  • 00865 Added a space in the echouser function (Dan Hoover)
  • 00866 Updated to phpmailer 6.1.5 (Dan Hoover)
  • 00867 Cleaned up user_settings.php (Dan Hoover)
  • 00795 Stable version users no longer see a new version in the update checker until it goes stable. (Dan Hoover)
  • 00841 Usamusa UI changes (Dan Hoover)
  • 00832 Updated stripe sign in button (Dan Hoover)
  • 00828 Removed terms & conditions in favor of the GDPR plugin (Dan Hoover)
  • 00818 Fixed language issues in English and German [astrakid] (Dan Hoover)
  • 00817 This issue was resolved over email (Dan Hoover)
  • 00816 Usamusa UI changes (Dan Hoover)
  • 00813 Updated login id's and fixed bug that broke login if settings->recaptcha == 2 (Dan Hoover)
  • 00799 Fixed user agent error (Dan Hoover)


  • No Issues Resolved


  • 00788 Removed class text-danger from Validate class and helpers.php (Dan Hoover)
  • 00787 Updated backup delete feature (Dan Hoover)
  • 00786 Fixed language error in validate.php (Dan Hoover)
  • 00780 Gravatar language no longer shows if profile_pic plugin is active (Dan Hoover)
  • 00778 Resolved some autocompletion errors (Dan Hoover)
  • 00742 Resolved in another commit (Dan Hoover)
  • 00772 Resolved in another commit (Dan Hoover)
  • 00768 Resolved in another commit (Dan Hoover)
  • 00764 Fixed profile not being created for new users (Dan Hoover)
  • 00753 Moved form tag on admin_user (Dan Hoover)
  • 00755 PHP Mailer Updated to 7.3 compatible. (Dan Hoover)
  • 00763 Fixed bug in _admin_user.php (Dan Hoover)
  • 00761 Made fname, lname, email lengths consistent (Dan Hoover)
  • 00762 Resolved in another commit (Dan Hoover)
  • 00422 Resolved in another commit (Dan Hoover)
  • 00752 admin.php will now properly display Admin Dashboard as the page title (Brandin Arsenault)
  • 00330 Resolved in another commit (Dan Hoover)
  • 00737 Updated phpmailer (Dan Hoover)
  • 00747 Resolved (Dan Hoover)
  • 00771 Fixed dashboard hand floating improperly (Dan Hoover)
  • 00750 Added sticky footer to default theme. (Dan Hoover)
  • 00777 Fixed a bug causing some plugin hooks to install twice. (Dan Hoover)
  • 00741 Messaging Plugin Updated (Dan Hoover)
  • 00765 Initial blocked and whitelisted ips cleared (Dan Hoover)
  • 00781 Created diagnostic mode for spice shaker (Dan Hoover)
  • 00783 Removed duplicate language keys (Dan Hoover)
  • 00725 Hooker Plugin Updated (Dan Hoover)
  • 00484 Messaging Plugin Updated (Dan Hoover)
  • 00759 Added the ability to specify a bug report is for a plugin/template etc (Dan Hoover)
  • 00789 Tweaked admin menu (Dan Hoover)
  • 00790 Add ability to hide userspice default pages in the page manager (Dan Hoover)
  • 00791 Updated pluginActive function (Dan Hoover)


  • 00697 Resolved in another commit (Dan Hoover)
  • 00722 Documentation Updated (Dan Hoover)
  • 00719 Please update your standard template (Dan Hoover)
  • 00717 Resolved duplicate ids in admin_user (Dan Hoover)
  • 00716 Stripe plugin has been updated (Dan Hoover)
  • 00726 Documentation Updated (Dan Hoover)
  • 00709 Forms plugin has been updated (Dan Hoover)
  • 00708 Messaging Plugin Updated (Dan Hoover)
  • 00707 Added IP to user login logging (Dan Hoover)
  • 00705 Got this working (Dan Hoover)
  • 00703 Resolved in another commit (Dan Hoover)
  • 00701 No commit needed (Dan Hoover)
  • 00704 Fixed spice shaker language downloader (Dan Hoover)
  • 00393 Using latest recaptcha with curl (Dan Hoover)
  • 00732 Die after successful join (Dan Hoover)
  • 00729 Languages updated for new installs (Dan Hoover)
  • 00728 Standard Template Updated (Dan Hoover)
  • 00724 Update the styling of the ip manager (usamusa) (Dan Hoover)
  • 00723 Please update form builder (Dan Hoover)
  • 00733 Twofa disabled for upgraders (Dan Hoover)
  • 00721 Updated join thank you. (Dan Hoover)
  • 00715 users/helpers/audit.php removed for new installs (Dan Hoover)
  • 00714 API Key can now be entered on the dashboard general settings (Dan Hoover)
  • 00713 UserSpice can now update itself through the check for updates button. (Dan Hoover)
  • 00712 Removed notice about API calls without a key (Dan Hoover)
  • 00711 Fixed a reintroduced bug (Dan Hoover)
  • 00710 Cron jobs are now editable with oce.js (Dan Hoover)


  • 00683 Russian language added to language pack in spice shaker (Dan Hoover)
  • 00689 Removed the last few stray </img> tags (Dan Hoover)
  • 00691 Resolved along with other us_announcements issues (Dan Hoover)
  • 00692 Login TOS resolved! (Dan Hoover)
  • 00694 Edited helpers.php (see below (Dan Hoover)
  • 00695 Resolved in admin dashboard and admin templates views (Dan Hoover)
  • 00700 Resolved in 5.0.3 (Dan Hoover)
  • 00687 Made new _admin_annoucnements view (Dan Hoover)
  • 00693 Added pre to getMyHooks function (Dan Hoover)


  • 00682 Non DB Nav Fixed (Dan Hoover)
  • 00684 _isCurl function added to check for Curl Installation (Brandin Arsenault)
  • 00643 Added timeout in update checker in case server is offline (Brandin Arsenault)
  • 00673 Standard Template: fixed footer class (Brandin Arsenault)
  • 00674 Standard Template: Removed duplicate <body> tag (Brandin Arsenault)
  • 00675 Stand Template: Removed rouge <img> tag (Brandin Arsenault)
  • 00677 Default Template: Resolved issue with header tag (Brandin Arsenault)
  • 00678 Added CDN popper.js to standard template (Dan Hoover)
  • 00679 Created new _configure_plugin_header to deal with plugin config header issue (Dan Hoover)


  • 00664 View Delete working now (Dan Hoover)
  • 00661 Body tag added (Dan Hoover)
  • 00660 Token issue resolved. (Dan Hoover)
  • 00658 Spice shaker now showing installed items (Dan Hoover)
  • 00639 Added new 'pre' plugin hook (Dan Hoover)
  • 00662 Resolved in another commit (Dan Hoover)
  • 00657 Pulled from next installer (Dan Hoover)
  • 00656 Hook explicitly defined (Dan Hoover)
  • 00655 Master account link on dashboard with documentation (Dan Hoover)
  • 00644 Bug Reporter now redirects to void the form submission (Brandin Arsenault)
  • 00642 Removed extra fclose in step2.php (Dan Hoover)
  • 00640 An extra closing bracket on the plugin parser has been removed (Brandin Arsenault)
  • 00608 Merged some fixes for de-DE language (Brandin Arsenault)
  • 00637 Removed Spice Shaker from Menu for Non-Master Account (Dan Hoover)
  • 00636 Removed timepicker stuff from usersc (Dan Hoover)
  • 00633 Prevented enter from submitting blank form (Dan Hoover)
  • 00629 Added admin_pin.php back for new installs (Brandin Arsenault)
  • 00628 Admin Dashboard Access now checks for Admin Perms prior to checking for additional permissions (Brandin Arsenault)
  • 00625 Nulled Notification class (Dan Hoover)
  • 00621 Not Malicious. Copy/pasta error (Dan Hoover)
  • 00619 Removed duplicate messaging on _admin_permissions.php (Brandin Arsenault)
  • 00614 Corrected a closing tag on _admin_page.php to span instead of small (Brandin Arsenault)
  • 00613 Email Settings now enforces a trailing slash (Brandin Arsenault)
  • 00611 languageSwitcher function now calls a DB instance instead of relying on it being available (Brandin Arsenault)


  • 00428 Minor redundancy fixes on Maintenance page (Brandin Arsenault)
  • 00521 Admin Forms will no longer autocomplete (Brandin Arsenault)
  • 00558 Optimized hasPerm Function (Brandin Arsenault)
  • 00598 Forgot Password will no longer show if the email is invalid, just says there is an error (Brandin Arsenault)
  • 00602 Added containers to default template (Brandin Arsenault)


  • 00596 Removed autocomplete (Dan Hoover)
  • 00595 Changed language on email (Dan Hoover)
  • 00592 This is already fixed in 4.4.12/3 (Dan Hoover)
  • 00567 DB Clean widget updated (Dan Hoover)
  • 00569 Resolved in another commit (Dan Hoover)
  • 00571 Added missing {} (Dan Hoover)
  • 00590 Added Russian Language (Dan Hoover)
  • 00576 Removed duplicate line (Dan Hoover)
  • 00577 LDAP Plugin Updated (Dan Hoover)
  • 00578 LDAP plugin now updates F/L name on login (Dan Hoover)
  • 00587 Fixed notifications (Dan Hoover)
  • 00581 Some features pulled from dashboard access. (Dan Hoover)
  • 00582 Menu editor now saves sort. (Dan Hoover)
  • 00583 Bug reporter is now master only (Dan Hoover)
  • 00584 Added viewport to dashboard (Dan Hoover)
  • 00579 Better description on email settings (Dan Hoover)
  • 00585 Removed features from dashboard access (Dan Hoover)
  • 00440 Removed ssp from logs (Dan Hoover)
  • 00572 Improved hook features (Dan Hoover)
  • 00560 Containers, wrappers, and wells removed. (Dan Hoover)
  • 00559 Removed front end Mass Messaging (Dan Hoover)
  • 00555 Dashboard emails now sent in default system language (Dan Hoover)


  • No Issues Resolved


  • No Issues Resolved


  • 00550 Some meta tags moved to usersc/includes/head_tags.php (Dan Hoover)
  • 00549 Moved Google Analytics to inside body tag (Dan Hoover)
  • 00548 Saving state of most datatables (Dan Hoover)
  • 00547 Replaced validation string (Dan Hoover)
  • 00546 Remove meta information from admin_menu (Dan Hoover)
  • 00545 Removed padding (Dan Hoover)
  • 00541 Updated documentation (Dan Hoover)
  • 00542 Documentation Updated (Dan Hoover)
  • 00551 FB now logging IP on login (Dan Hoover)
  • 00493 Resolved in another commit (Dan Hoover)
  • 00543 Fixed some form actions that caused errors on certain servers (Dan Hoover)
  • 00538 Fixed some includes in superhero theme (Dan Hoover)
  • 00535 Now allowing numbers in form names but no symbols (Dan Hoover)
  • 00515 Added a (rough) time option to the form manager (Dan Hoover)
  • 00509 Form help opens in a new tab (Dan Hoover)
  • 00508 Changed some form editor formatting (Dan Hoover)
  • 00503 Resolved in another commit (Dan Hoover)
  • 00497 Added type of money (Dan Hoover)
  • 00494 Re-implemented custom settings (Dan Hoover)


  • 00510 Fixed JS error (Dan Hoover)
  • 00524 Added users/includes/dashboard_language.php and changed some lang function logic (Dan Hoover)
  • 00525 Fixed dropdown value errors (Dan Hoover)
  • 00527 Moved favicon.ico (Dan Hoover)
  • 00529 Found stray ?> in users/includes/facebook_oauth.php (Dan Hoover)
  • 00519 (Dan Hoover)
  • 00522 No commit needed (Dan Hoover)
  • 00528 Moved code to the bottom for better loading (Dan Hoover)
  • 00530 If statement modified to make sure messages are shown (Dan Hoover)
  • 00532 Implemented new language keys for emails (Dan Hoover)
  • 00533 Made plugin footers available both front and backend. (Dan Hoover)


  • 00500 Added a fallback to en-US if $save is not defined (Dan Hoover)
  • 00502 Made db update to warn of this and significant changes to the user agreement file (Dan Hoover)
  • 00507 Added some {} (Dan Hoover)
  • 00501 Implemented Usamusa's cards and popovers (Dan Hoover)
  • 00439 Idk what this meant. I need to make more detailed bug reports :) (Dan Hoover)
  • 00466 Changed div tags to nav (Dan Hoover)
  • 00470 Implemented Usamusa's fix (Dan Hoover)
  • 00492 Added suggested example (Dan Hoover)
  • 00504 Bulgarian Added (Dan Hoover)
  • 00506 Added links for everything except widgets (Dan Hoover)
  • 00511 Put a javascript widget in usersc/templates/default.footer.php (Dan Hoover)
  • 00512 Removed second join_cap (Dan Hoover)
  • 00513 Dashboard reworked, existing content converted to full width modules (Dan Hoover)
  • 00514 Added pt-PT from Flávio Martins Brasil (Dan Hoover)
  • 00517 Finished (see note) (Dan Hoover)


  • 00452 Created 2 videos as requested (Dan Hoover)
  • 00488 Bumped Version to 4.4.06 (Brandin Arsenault)
  • 00446 OAuth Success now reads from Database (Brandin Arsenault)
  • 00451 Resolved issue with helpers including usersc autoload (Brandin Arsenault)
  • 00487 Multi-Language Feature Addition (Brandin Arsenault)
  • 00471 Made logo.png, facebook.png, google.png responsive (Dan Hoover)
  • 00482 Resolved (Dan Hoover)
  • 00478 Resolved undefined issue with Update VNEno3E4zaNz (Brandin Arsenault)
  • 00481 Resolved issue with updater indicating file didn't exist when in fact it did (Brandin Arsenault)
  • 00477 Added PHP 7 ZIP warning for backups (Brandin Arsenault)
  • 00490 Multilanguage compare (Brandin Arsenault)
  • 00486 Multilanguage support for User Agreement (Brandin Arsenault)
  • 00485 User Settings translations (Brandin Arsenault)
  • 00483 Added User Management Menu Language Key (Brandin Arsenault)
  • 00480 Language keys for join frontend (Brandin Arsenault)
  • 00479 Multilanguage support for Validate Class (Brandin Arsenault)
  • 00411 Updated and restored Facebook Login (Brandin Arsenault)
  • 00475 Resolved footer HTML issue (Brandin Arsenault)
  • 00474 Added Favicon code (Brandin Arsenault)
  • 00472 Resolved issue with messages container (Brandin Arsenault)
  • 00462 Built new form view preview feature (Dan Hoover)
  • 00458 Force PW Reset Label will no longer trigger reset (Brandin Arsenault)
  • 00443 Made changes to the way the footer is called and 2 minor fixes to form builder (Dan Hoover)


  • 00461 Bumped version to 4.4.04 (Brandin Arsenault)
  • 00450 Fixed footer on users/messages.php (Brandin Arsenault)
  • 00453 Updated group_menus and users login ints to 11 and unsigned in database (Brandin Arsenault)
  • 00454 Resolved token undefined error on Admin General Settings (Brandin Arsenault)
  • 00455 Resolved token undefined error on Admin Registration Settings (Brandin Arsenault)
  • 00456 Resolved token undefined error on Admin Login Settings (Brandin Arsenault)
  • 00459 Removed the delete button from the default permission levels (Brandin Arsenault)


  • 00449 Bumped Version to 4.4.03 (Brandin Arsenault)
  • 00405 reAuth will no longer be unset on account.php (Brandin Arsenault)
  • 00414 Update system rewrite (Brandin Arsenault)
  • 00430 admin_verify.php uses the new nav engine (Brandin Arsenault)
  • 00433 Usersc Composer is now included in helpers by default (Brandin Arsenault)
  • 00435 Restored code for admin session management (Brandin Arsenault)
  • 00436 Manage Sessions kill button updated for BS4 compatibility (Brandin Arsenault)
  • 00437 Updated tomfoolery.js and header fixes for Session Management (Brandin Arsenault)
  • 00438 User creation exceptions now return the DB error for you to use (Brandin Arsenault)
  • 00442 Made validation errors on Users in ACP visible (Brandin Arsenault)
  • 00447 Disabled autocomplete on Admin Users (Brandin Arsenault)


  • 00417 Fixed (Dan Hoover)
  • 00420 Fixed (Dan Hoover)
  • 00394 Updated FB Graph (Dan Hoover)
  • 00413 IP Logger rmigration (Brandin Arsenault)
  • 00415 Fixed by updating 2 links (Dan Hoover)
  • 00416 Resolved from PM (Dan Hoover)
  • 00419 resolved (Dan Hoover)
  • 00421 Thank you Trebor (Dan Hoover)
  • 00424 Fixed (Dan Hoover)
  • 00425 Fixed (Dan Hoover)
  • 00426 Fixed in both versions (Dan Hoover)


  • 00409 70 changed files :) (Dan Hoover)
  • 00389 Resolved protection checkbox not working (Brandin Arsenault)
  • 00345 Complete. (Dan Hoover)
  • 00349 Edited installer sql file (Dan Hoover)
  • 00357 Fixed (Dan Hoover)
  • 00381 All resolved (Dan Hoover)
  • 00391 resolved (Dan Hoover)
  • 00395 Resolved exactly as shown in bug report (Dan Hoover)
  • 00398 Fixed (Dan Hoover)
  • 00403 Database navigation custom hook fixes (Brandin Arsenault)

4.4.0 BETA

  • No Issues Resolved


  • 00017 Resolved although not fully documented in 4.4 (Dan Hoover)
  • 00031 EchoUser has options now (Dan Hoover)
  • 00243 Fixed in Beta 3 (Dan Hoover)
  • 00272 UserSpice 4.4 GDPR plugin addresses this. (Dan Hoover)
  • 00290 OCE only used in MQTT plugin. Left for compatibility reasons (Dan Hoover)
  • 00385 Fixed in 4.3 and 4.4 (Dan Hoover)
  • 00386 Fixed. Commit name was wrong. D'oh. (Dan Hoover)
  • 00387 Fixed and tested (Dan Hoover)
  • 00388 Fixed in 4.3.26 (Dan Hoover)


  • 00248 Fixed ipCheck function. (Dan Hoover)
  • 00249 Removed feature and killed parser. (Dan Hoover)


  • 00209 Cross-Site Scripting (Brandin Arsenault)
  • 00211 admin_permission.php Unsanitized (Brandin Arsenault)
  • 00213 Remove legacy code from admin_permissions.php (Brandin Arsenault)
  • 00214 admin_user.php Unsanitized Value (Brandin Arsenault)
  • 00215 edit_form.php Unsanitized Values (Brandin Arsenault)
  • 00216 manage_sessions.php Unsanitized Values (Brandin Arsenault)
  • 00217 manage2fa.php Unsanitized Values (Brandin Arsenault)
  • 00218 tomfoolery.php Unsanitized Values (Brandin Arsenault)
  • 00219 messages.php Unsanitized Values (Brandin Arsenault)
  • 00220 admin_manage_sessions.php Unsanitized Values (Brandin Arsenault)
  • 00221 admin_message.php Unsanitized Values (Brandin Arsenault)
  • 00222 admin_messages.php Unsanitized Values (Brandin Arsenault)
  • 00223 admin_page.php Unsanitized Values (Brandin Arsenault)
  • 00224 edit_profile.php Unsanitized Values (Brandin Arsenault)
  • 00225 Repair Bios (Brandin Arsenault)


  • No Issues Resolved


  • 00130 Line 80 on twofa.php is incorrect (Brandin Arsenault)
  • 00136 Add X-Editable CSS (Brandin Arsenault)
  • 00161 Remove error on page_footer session manager (Brandin Arsenault)
  • 00157 Make killAllSessions master account array only (Brandin Arsenault)
  • 00155 Fingerprinting and Session Tracking (Brandin Arsenault)
  • 00154 Two FA Fingerprint Compare is wrong (Brandin Arsenault)
  • 00153 Manage 2Fa IP Echo Wrong (Brandin Arsenault)
  • 00152 twofa.php API URL is not cross-compatible (Brandin Arsenault)
  • 00149 Have to revert all changes to params (Brandin Arsenault)
  • 00148 New Google Users die (Brandin Arsenault)
  • 00147 verify_new error (Brandin Arsenault)
  • 00143 Two FA check failing (Brandin Arsenault)
  • 00142 Two FA assets being inserted every time (Brandin Arsenault)
  • 00141 Global $us_url_root for verifyAdmin (Brandin Arsenault)
  • 00140 Update twofa security (Brandin Arsenault)
  • 00139 Update composer packages (Brandin Arsenault)
  • 00138 Composer.Json is missing some packages (Brandin Arsenault)
  • 00023 Character "&" (Brandin Arsenault)
  • 00134 Reset Links from ACP invalid (Brandin Arsenault)
  • 00133 Redirect after creating form (Brandin Arsenault)
  • 00132 _admin_stats.php (Brandin Arsenault)
  • 00131 manage2fa.php IP code wrong (Brandin Arsenault)
  • 00129 us_fingerprint_assets does not have Fingerprint_Added (Brandin Arsenault)
  • 00128 Are we sure Admin Verify Timeout is being used? (Brandin Arsenault)
  • 00113 usersc-check for matching users on insert and match perms (Brandin Arsenault)
  • 00098 User Settings for OAuth Users (Brandin Arsenault)
  • 00086 User Settings email change (Brandin Arsenault)
  • 00059 forms.php (Brandin Arsenault)
  • 00034 If you change your password any remote sessions should be destroyed (Brandin Arsenault)
  • 00029 Settings are not refreshed after custom (Brandin Arsenault)
  • 00026 hasPerm needs isLoggedIn check before ID (Brandin Arsenault)


  • 00114 PIN codes don't have to be numbers! (Brandin Arsenault)
  • 00115 Autocomplete on admin_pin should be disabled (Brandin Arsenault)
  • 00080 Fix form builder if required dropdown/etc is added later (Dan Hoover)
  • 00101 admin_user.php JS file call not cross-compatible (Brandin Arsenault)
  • 00103 Don't allow reauth on admin_pin (Brandin Arsenault)
  • 00104 Can't make disable_2fa private? (Brandin Arsenault)
  • 00105 Admin option to reset User PIN (Brandin Arsenault)
  • 00106 if local was commented out for reauth (Brandin Arsenault)
  • 00108 Fix to time2str() function in us_helpers.php (Brandin Arsenault)
  • 00110 2FA Assets Broken (Brandin Arsenault)
  • 00112 isAdmin needs $isLoggedIn (Brandin Arsenault)
  • 00117 Remove botched Fingerprinting Updates (Brandin Arsenault)
  • 00118 Allow overriding un-completed updates (Brandin Arsenault)


  • 00043 MQTT tables does not load (Brandin Arsenault)
  • 00097 Advancements in admin_verify technology (Brandin Arsenault)
  • 00091 Omit disabled users from User Management List (Brandin Arsenault)
  • 00088 Couple of non usersc compatible links (Brandin Arsenault)
  • 00078 Get displaySingleItem update from RFID System (Dan Hoover)
  • 00100 Track the date the use enrolls in 2FA (Brandin Arsenault)
  • 00099 Allow hasPerm to default to current user ID (Brandin Arsenault)
  • 00095 Create Form causes 404 (Brandin Arsenault)
  • 00093 FORCE updates on new install (Dan Hoover)
  • 00092 Mistake on mqtt_settings.php (Brandin Arsenault)
  • 00084 Incorrect redirect after creating a new form (Brandin Arsenault)
  • 00083 Limit usersc redirect to only files in the 'users' folder (Dan Hoover)
  • 00081 Remove Experimental From backup options (Dan Hoover)
  • 00079 Add and document skip field on displayForm function (Dan Hoover)
  • 00010 Two FA is not compatible with OAuth currently (Brandin Arsenault)
  • 00075 Clean up dnd and dump functions (Brandin Arsenault)
  • 00073 Registration - Add Text Letting User Know Link Expires and To Check Their Junk Mail (Brandin Arsenault)
  • 00072 double checking what should be compared... (Brandin Arsenault)
  • 00071 Allow destroying of fingerprints (Brandin Arsenault)
  • 00068 Should email_test be UID 1 only? (Brandin Arsenault)
  • 00066 Redirect after confirmation of permissions (Brandin Arsenault)
  • 00064 My cloaking got deleted! (Brandin Arsenault)
  • 00061 Delete forms (Dan Hoover)
  • 00060 Make the expiry time for $vericode_expiry in join.php a site setting (Brandin Arsenault)
  • 00055 Link on "Database out of date..." warning not /usersc compatible (Brandin Arsenault)
  • 00028 Your old password can be the same as your new... (Brandin Arsenault)


  • 00011 2FA needs some recognition for same PC? (Brandin Arsenault)
  • 00013 reAuth needs to be baked more (Brandin Arsenault)
  • 00065 We made re_auth illegal to set on admin_verify but shouldn't we just exclude it from check? (Brandin Arsenault)


  • 00024 reAuth should be spam-proof (Brandin Arsenault)
  • 00032 Missing return in permissionNameExists function (Brandin Arsenault)
  • 00033 Update user: not check for new or old values (Brandin Arsenault)
  • 00041 Cron manager page typo (Brandin Arsenault)
  • 00044 _email_adminUser.php spelling mistake (Brandin Arsenault)
  • 00045 Join redirect got added before loggers again (Brandin Arsenault)
  • 00046 forgot_password link is not cross compatible (Brandin Arsenault)
  • 00047 Facebook login broken (Brandin Arsenault)
  • 00048 randomstring isn't overwriteable (Brandin Arsenault)
  • 00049 Update LoI68El211ON botches update.php (Brandin Arsenault)
  • 00050 Facebook Login on admin_social should be above the FB settings (Brandin Arsenault)
  • 00052 admin_logs should be sorted by logid not logdate (Brandin Arsenault)
  • 00053 Not all of the cancel buttons are cross-compatible (Brandin Arsenault)
  • 00054 2FA buttons on accounts.php not /usersc compatible (Brandin Arsenault)


  • 00020 Two FA force outside of users directory (Brandin Arsenault)
  • 00025 No success message on messages archive? (Brandin Arsenault)
  • 00039 Force PR will die outside of users (Brandin Arsenault)
  • 00040 Misspelling (Dan Hoover)


  • 00030 DB menus do not respect external URLS (Brandin Arsenault)
  • 00037 Wrong call on admin_users and admin_user for banning (Brandin Arsenault)


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved


  • No Issues Resolved

© 2024 UserSpice