Change Log

6.1.4

Unreleased
  • No Issues Resolved

6.1.3

2026-07-10
  • 02371 Passkeys and TOTP now work with the reauth system introduced in UserSpice 6.1.2 (Dan Hoover)
  • 02374 The installer is now more robust at recovering from install failures (Thanks JHW!) (Dan Hoover)
  • 02379 An is_numeric check was blocking $menu_override = "menu_name" - that's fixed while still preventing path traversals. (Dan Hoover)
  • 02377 Cloaking now overrides force password reset, so you don't get stuck on that page. Also added some overrides to fix things that prevented you from uncloaking without logging out. (Dan Hoover)
  • 02369 Fixed passkey save error that affected some new installs. (Thanks Tek!) (Dan Hoover)
  • 02372 Users can now define US_CANONICAL_HOST as example.com or example.com:8443 to use it when forcing ssl (Dan Hoover)

6.1.2

2026-06-18
  • No Issues Resolved

6.1.1

2026-06-17
  • 02364 Made echouser cleaner in SSP logs (Brandin) (Dan Hoover)
  • 02363 Admin Pages now shows the permissions to view a page on the main table (jhwilliams) (Dan Hoover)
  • 02367 Security dashboard updated to tweak scoring and show skipped updates. (Dan Hoover)

6.1.0

2026-06-06
  • 02361 Text decoration turned off by default on UltraMenu branding for new installs. (Dan Hoover)
  • 02360 Added enforce password rules to the security dashboard when password are enabled and set this to the default on new installs. (Dan Hoover)
  • 02359 Added a cleaner fail if PDO MySQL is not found (Dan Hoover)
  • 01682 Added a separate mobile menu justification in UltraMenu (Dan Hoover)
  • 02327 Advanced cloaking controls provided with eventHooks, usersc includes, and overrideable functions. (Dan Hoover)
  • 01685 Added the ability to make the horizontal UltraMenu sticky (Dan Hoover)
  • 02289 Payments plugin updated to 1.0.5 to deal with in tripping UserSpice 6.0+ extra column name security (Dan Hoover)
  • 02358 New TOTP policy override at usersc/includes/custom_totp_policy.php allows you to do things like enforce only for admins or disable from certain IPs (Dan Hoover)
  • 02047 added the ability to prevent the user from changing their email address (Dan Hoover)
  • 02356 added cloakAttempt event hook, usersc/scripts/cloak_attempt.php and namespaced session variables for cloak_to and cloak_from, overrideable cloak functions (Dan Hoover)

6.0.9

2026-05-18
  • 02302 Added new indexes to core tables 2026-05-17c (Dan Hoover)
  • 02336 Bug reporter has a new security report flag, hides reports from the public until acknowledged and can fetch ALL your previous reports with status (Dan Hoover)
  • 02354 Removed Admin Pin feature and created a new reAuth system that is knowledgeable about the currently enabled UserSpice auth methods (Dan Hoover)
  • 02334 Brevo Plugin updated to 1.5.1 to better match the standard email function. (Dan Hoover)
  • 02329 Head tags now use the site's site_name and copyright by default. (Dan Hoover)
  • 02353 Plugins widget now puts disabled plugins at the end with grayscale icons. Clicking them takes you to the activate button. This is for a better ux after installing if you don't go right to the activate page. (Dan Hoover)
  • 02330 Ultramenu - deleting a submenu item keeps you in the submenu for a better ux. (Dan Hoover)
  • 02335 Wrapped html_footer on file_exists (like prep.php) (jwilliams) (Dan Hoover)
  • 02338 Continued the work of making the core more CSP friendly with a lot of reworked JS on the admin dashboard. (Dan Hoover)
  • 02337 Tweaked security scoring and ux on security dashboard (Dan Hoover)
  • 02340 File navigation on customizer theme should now be done with file_nav_custom.php so it does not get overwritten with updates (Dan Hoover)
  • 02350 Removed excessive logging from the customizer template (Dan Hoover)
  • 02342 Page manager can now see if the page is in UltraMenu and sync permissions. (Dan Hoover)
  • 02339 Allow Registration, Password Logins Allowed, and Email verification all hide/show their respective UltraMenu links. So the Registration link hides if registration is disabled, etc. (Dan Hoover)
  • 02347 Added another cli fallback for the server class for better php - r operation (Dan Hoover)
  • 02345 User create, update, and checkUser (legacy google oauth) methods now enforce modern UserSpice rules regardless if the code surrounding them does. (Dan Hoover)
  • 02346 added usWarning() function to match usError and usSuccess (Dan Hoover)
  • 02343 safeReturn($dirty,true); now html entity decodes the text before sanitizing it. (Dan Hoover)
  • 02344 Added usguid() function to generate GUIDs (Dan Hoover)

6.0.8

2026-04-12
  • 02324 Removed dead code, add hints for semgrep/zap/phpstan/trivy, fixed some undefined variables etc (Dan Hoover)

6.0.7

2026-04-12
  • 02314 Customizer 2.1.0 released. Since we do not push template updates in our patches, it's recommended that you update to get the latest tweaks. (Dan Hoover)
  • 02322 Added smarter addIndex and dropIndex methods to the db class (Dan Hoover)
  • 02312 Installer now uses the core UserSpice Input class when sanitizing passwords so they match native logins (Thanks Ben!) (Dan Hoover)
  • 02311 Updated passkey_parser to use the newer Server class. (Dan Hoover)
  • 02313 Created a fallback for missing usersc/includes/user_manager_columns.php (Dan Hoover)
  • 02315 Decided it would be nice to use markdown in our README markdown file. (Dan Hoover)
  • 02321 Security dashboard suggests that you change or delete our default README.md and SECURITY.md files. No point deduction. (Dan Hoover)
  • 02320 Added the ability to force password reset from the Add User form on the User Manager (And cleaned up the ui) (Dan Hoover)
  • 02317 Updated email security policy that was preventing us from emailing users telling them their passwords on new accounts. (Dan Hoover)
  • 02318 Updated account.php for better rendering on "in between" screens like ipad mini. (Dan Hoover)
  • 02319 Changed existing passkeys from a table to cards to make them more manageable on mobile (Dan Hoover)
  • 02316 Passwordless login form regex now allows you to enter capital letters because the IOS keyboard is terrible. (Dan Hoover)
  • 02306 Semgrep and psalm helpers added to assist with automated testing. (Dan Hoover)
  • 02307 Security dashboard writes secure cookie and samesite policies to existing init.php files (with backup). Init.example shows how to do this for proxies as well. (Dan Hoover)
  • 02309 Security dashboard shows how to set secure cookies behind trusted proxies. (Dan Hoover)
  • 02301 Removed internal debug_mode tool for verify_resend. Was never triggerable. (Dan Hoover)
  • 02300 Finished replacing old hed( function calls with the safer, future-proof safeReturn function (Dan Hoover)

6.0.6

2026-03-17
  • 02295 UserSpice installer now checks if users/, usersc/ and z_us_root.php are writeable before installing to enable a smoother experience. (Dan Hoover)
  • 02284 When redirected from the security dashboard to a particular setting (like passkeys), it's highlighted to make it more obvious what we want you to do. (Dan Hoover)
  • 02299 The Server class now makes UserSpice CLI compatible for cron/bash scripts that do not involve curl and better integration with AI CLI tooling. (Dan Hoover)
  • 02298 security_headers on new installs now uses the Server class to determine http vs https. Security dashboard offers to fix it for existing installs. (Dan Hoover)
  • 02292 Added some extra mitigations so the security dashboard cannot write curl_extra_security twice. (Dan Hoover)
  • 02286 You can now enter your api key on spice shaker if you do not have one saved. (Dan Hoover)
  • 02287 Fixed text color on UserSpice update checker current version. (Dan Hoover)
  • 02293 Add mjagemini's css fix for the menu not animating on mobile. (Dan Hoover)
  • 02294 In the event the totp encryption key is missing and unable to be written, the totp system is disabled more gracefully to prevent a site lock out. Exception is thrown when trying to enable the feature. (Dan Hoover)
  • 02296 Added additional DB indexes and a where clause on the settings query for improved performance. (Dan Hoover)
  • 02297 Updated webauthn to deal with CVE-2026-30964 (Medium). While this doesn't seem to affect our use case, we aren't taking any chances. (Thanks mexrae) (Dan Hoover)
  • 02288 DB Sanitization now allows joins across multiple dbs and accounts for dbs whose names begin with numbers - See resolution notes (Dan Hoover)
  • 02291 Fixed js error on dropdowns, dealt with child items at end of menu, made entire submenu visible when editing a submenu in Ultra Menu (Dan Hoover)
  • 02290 Fixed bad link on bug reporter and redirected traffic (Dan Hoover)

6.0.5

2026-02-28
  • 02276 Fixed DB constructor for an incompatibility with PHP 8.5 (Dan Hoover)
  • 02281 Tweaked some rate limit buttons for better UX. Updated Rate Limit Auto Config Modal, Removed rate limit score. (Dan Hoover)
  • 02282 Fixed an issue where li tags on system messages were touching the left side of the message toast. (Dan Hoover)
  • 02272 Improved UX on email settings warns you about default values, allows you to do common copies and sets isSMTP by default on new installs. (Dan Hoover)
  • 02273 Increased default passwordless login code length to 6 on new installs. (Dan Hoover)
  • 02271 UserSpice updater clears opcache so new functions don't cause stalls in the update process (Dan Hoover)
  • 02274 New installs get a max length of 150 chars for usernames by default for using emails as usernames on the backend (Dan Hoover)
  • 02277 Fixed the display of custom css from the Customizer Template. You will need to "re-save" your custom css in the gui to get the fix. (Dan Hoover)
  • 02278 Fixed a bug with fetchAllUsers where the security was breaking legit calls. (Dan Hoover)

6.0.4

2026-02-23
  • 02260 Updated installer and init.example.php to show new force collation option (Dan Hoover)
  • 02256 The plugin you just managed in the plugin manager now gets a blue border to make it easier to find where you were. (Dan Hoover)
  • 02255 Removed unnecessary Rate Limit logs (Kept important ones for failures) (Dan Hoover)
  • 02257 Removed an extra } from the override.rename.php of 20 plugins. No update necessary for most people. (Dan Hoover)
  • 02258 Fixed some spelling errors in German Language (Download the language pack in Spice Shaker) (Thanks Andre!) (Dan Hoover)
  • 02261 Restored fetchUserName function that was deprecated in 6.0.1 (Dan Hoover)
  • 02267 Removed logging of visits by blacklisted ip addresses and other unnecessary logs in us_helpers.php (Dan Hoover)
  • 02264 Spice Shaker, Bug Reporter, and Check Updates all warn if it looks like your api key is incorrect. (Dan Hoover)
  • 02266 Fixed uncloaking token error on user_settings.php (Dan Hoover)
  • 02265 Fixed spelling error on _admin_permission.php (Dan Hoover)
  • 02259 Collation can now be specified in init and charset was moved to $dsn (Dan Hoover)

6.0.3

2026-01-30
  • 02253 UserSpice now updates from 5.7.8 to 5.8.0 to avoid an update bug in 5.7.9. Yes, I fixed a bug so people who are than 2 years out of date can update smoothly. (Dan Hoover)
  • 02248 Customizer theme updated to v.1.0.1 to fix over-sanitized custom css (mjaj) (Dan Hoover)
  • 02249 Added the ability to add $html_data_bs_theme before loader to specify a bootstrap theme variant (Dan Hoover)
  • 02251 Tooltip in redirect after login on general settings explains that the default can be overridden in custom_login_script (Dan Hoover)
  • 02252 securePage now stores a sanitized dest session so it can be used after login. Upgraders must update custom_login_script to use this feature. New safelyCaptureDest() function can be used for people who don't use securePage. (Dan Hoover)
  • 02254 Messaging plugin has been updated to take advantage of UserSpice 6.0+ features. (Dan Hoover)

6.0.2

2026-01-24
  • 02242 Updated vericode for email conf, password reset and email login to be stored in hmac with a fallback for people who modified files in usersc (Dan Hoover)
  • 02238 Modernized the formerly deprecated $db->cell method. (Dan Hoover)
  • 02241 Added the ability to add multi-language keys to page titles in the page manager (Tuckbros) (Dan Hoover)
  • 02246 Improved javascript functions allow you to use the built in toast system. usError(), usSuccess, usInfo, usPrimary, usDark (Dan Hoover)
  • 02243 Fixed exception when someone attempted to verify a null password. (Dan Hoover)
  • 02244 Fixed missing toklen on cron manager. (mjaj) (Dan Hoover)
  • 02245 Added the ability to add an $html_class variable to set a class on the opening html tag (Dan Hoover)
  • 02240 Changed the selector on menu.js to auto close menus more reliably when html is in the menu items. (Dan Hoover)

6.0.1

2026-01-11
  • 02231 Plugin manager links to spice shaker to check for updates (Sneekypeet) (Dan Hoover)
  • 02228 Added some extra security in case someone leaves userspice uninstalled but exposed on a server (Dan Hoover)
  • 02226 Updated google login plugin to fix missing icon (Dan Hoover)
  • 02233 Authentication dependencies updated (Dan Hoover)
  • 02234 Tweaked login form for bs4 compatibility (Dan Hoover)
  • 02237 Security dashboard invalidates opcache when making changes to init.php so score is reflected instantly. (Dan Hoover)
  • 02235 Toned down the importance on the security dashboard for deleting the init/z_us_root backups. (Dan Hoover)
  • 02236 Added some highlight to the auto configure rate limits to draw some attention (Dan Hoover)
  • 02227 Most of the functions that were in deprecated.php have fully been deprecated (see description) (Dan Hoover)
  • 01371 Pushover plugin updated to v1.0.1 to give you many more notification and whitelist options. (Dan Hoover)
  • 01988 Rememberme now stores created info regarding sessions and has purge tools to clean up old ones (Dan Hoover)
  • 02221 Brevo Sendinblue libraries updated and UI/UX improvements made (SneekyPeet) (Dan Hoover)
  • 02219 https://userspice.com/594_fix.zip available for people who are stuck on UserSpice 5.9.4 or 5.9.5 and cannot update (Dan Hoover)

6.0.0

2026-01-01
  • 02222 Security dashboard can now detect/update init.php and z_us_root with recommended security improvements (Dan Hoover)
  • 02209 Fixed slow performance issues on permission management on large user sets (Dan Hoover)
  • 02216 Fixed some depredations for PHP 8.4 and 8.5 (Thanks DKY) (Dan Hoover)
  • 02217 new function passwordlessCharset() can be overridden in custom_functions.php to provide custom charsets for passwordless logins (Dan Hoover)
  • 02211 Facebook Login 2.2.1 released - Fixed language issues (Dan Hoover)
  • 02215 Added the ability to add a custom path for your .env file in init.php - define('ENV_PATH', '/custom/path/.customFilename.env'); (Dan Hoover)

5.9.8

2025-12-01
  • 02206 New option to disable passwords except on localhost makes offline development easier. (Dan Hoover)
  • 02207 Added generateSpiceEncryptionKey, spiceEncryptionKey, spiceEncrypt, spiceDecrypt functions (Dan Hoover)
  • 02212 Fixed null type declaration in Server class (Dan Hoover)
  • 02213 Drank water as requested (Aaron R) (Dan Hoover)
  • 02214 Added plugin hooks to permission editor (BangingHeads) (Dan Hoover)

5.9.7

2025-11-09
  • 02186 Security dashboard suggest using our new Server class which provides various methods for sanitizing things that were traditionally fetched with $_SERVER urls. Consider using Server::get("HTTP_HOST") in place of $_SERVER["HTTP_HOST"] for improved security. (Dan Hoover)
  • 02110 Added a constant EXTRA_CURL_SECURITY to init.php to force ssl verification on requests to the userspice api (Dan Hoover)
  • 02193 added 2 init db config options 'force_utc_mysql' => true, 'charset' => 'utf8mb4' available in init.php (Dan Hoover)
  • 02197 new $userspice_nonce variable added to init.php and used on all users script includes (and usersc on new installs) (Dan Hoover)
  • 02182 SSP has been removed from the user manager. (Dan Hoover)
  • 02204 Fixed Password Logins toggle on Security Dashboard (Dan Hoover)
  • 02199 You can now customize which fields show up in admin_users by editing usersc/includes/user_manager_columns.php (Dan Hoover)
  • 02200 Function hed for html entity decoding now offers a second strip_tags = false option. (Dan Hoover)
  • 02201 You can now set how many users are required to turn the user manager search engine on/off. (Dan Hoover)
  • 02203 You can now choose if you want to have your passkeys/social logins above or below the join/login forms (Dan Hoover)
  • 02194 We are now forcing re-entering totp to disable totp or regen backup codes even if you were technically recently "verified" (Dan Hoover)
  • 02158 Bio plugin updated to 1.0.7 to fix broken summernote css (Dan Hoover)
  • 02180 Fixed spelling error in mysql expert (Bram) (Dan Hoover)
  • 02185 reCaptcha plugin v2 now lets you show the badge on all pages or hide it (with privacy notice) (Dan Hoover)

5.9.6

2025-09-18
  • 02189 New Server class offers methods to sanitize with $_SERVER variables (Dan Hoover)
  • 02188 Converted system messages to toasts and allow you to set $system_messages_justify = 'center'; // Options: 'left', 'center', 'right' (Dan Hoover)
  • 02179 Menu highlighting now works with clean urls (Dan Hoover)
  • 02181 Added data-bs-toggles to ultramenu (left bs4 toggles) (Dan Hoover)
  • 02184 Changed require to require_once for phpmailer (Dan Hoover)
  • 02187 Fixed php 8.5 system requirement and added a way to disable the phpinfo feature with $noPHPInfo = true; in init.php (Dan Hoover)

5.9.5

2025-08-22
  • 02178 Fixed token error on Add User From (pinalgirkar) (Dan Hoover)
  • 02171 Default admin logs set to order by id desc, SSP added to security logs (Tomas) (Dan Hoover)
  • 02172 Added a catch variable in DB class (prbt2016) (Dan Hoover)
  • 02177 Changed perms on server side processing to hasPerm(2) instead of master_account (Dan Hoover)
  • 02174 Rewrite Patch 2025-07-26 to put the favicon at the top of the file in case the user left php tag open (avoids breaking site) (Dan Hoover)
  • 02175 The original user id is now automatically added to the logs when a user is cloaked. (Dan Hoover)
  • 02170 Made some passkey properties dynamic to deal with environmental differences. (Dan Hoover)

5.9.4

2025-08-15
  • 02168 Increased size of code text sent in passwordless login emails (Dan Hoover)
  • 02160 Added server side processing for datatables on Admin Logs and Users Table (Dan Hoover)
  • 02167 Fixed formatting on registration settings page. (Dan Hoover)
  • 02163 TOTP Now has a cookie login option for the remember me cookie (mjaj) (Dan Hoover)
  • 02166 The latest customizable user manager is available at https://userspice.com/userman.zip (Dan Hoover)
  • 02161 Fixed ui for passwordless logins and passkeys on general settings (mjaj) (Dan Hoover)
  • 02165 Fixed Container Open Div in general settings showing the dashboard div instead of the one in the db (mjaj) (Dan Hoover)

5.9.3

2025-08-08
  • 02157 Passkeys, TOTP, Google, Facebook and OAuth login have been updated to work when in maintenance mode. (Thank you TuxMay) (Dan Hoover)
  • 02152 Enhanced Rate Limiting Proxy Features (BangingHeads), New Rate Limiting Dashboard (Dan Hoover)
  • 02151 Custom login script and redirect after login now work properly after login with code (Marc) (Dan Hoover)
  • 02154 The second param of the Input:: methods can now be a default value OR bool for trim (defaults true). If you want trim = false, you can pass that param as the 4th param. This is to match the behavior coding tools expect. Example $password = Input::get('password', randomstring(16)); (Dan Hoover)
  • 02148 New ping and reconnect methods aid with avoiding stale connections on long lived http and websocket connections (Dan Hoover)
  • 02153 New DB methods beginTransaction, commit, rollBack, and inTransaction offer wrappers for pdo transactions (Dan Hoover)
  • 02155 Check to prevent duplicate init.php calls on login now includes a constant. (dmv_p) (Dan Hoover)
  • 02159 Improved error handling for extracting zips with the update system. (Dan Hoover)

5.9.2

2026-07-31
  • 02146 Installer now suggests PHP v8.2 for compatibility with passkeys and totp (Security EOL 2026-12-31) (Dan Hoover)
  • 02145 UserSpice DB update tool _complete.php updated to prevent an error from breaking the update. (Dan Hoover)
  • 02144 Users table updated to allow null surnames and first names (MarcJ) (Dan Hoover)
  • 02143 Custom login script did not have access to the $user variable in certain login scenarios (Dan Hoover)

5.9.1

2026-07-26
  • 02142 Fixed a bug that would cause the footer to float at the top above the login modal (Dan Hoover)
  • 02138 Updated button classes on login.php and passwordless.php that would cause the button text to disappear on hover. (Dan Hoover)
  • 02135 Installer updated to fix issue where it could be broken by clean urls. (Dan Hoover)
  • 02139 favicon icon call moved to usersc/includes/head_tags (Dan Hoover)
  • 02140 Fixed redirect loop when TOTP is required (Dan Hoover)

5.9.0

2025-07-24
  • 02133 You can now change to any update track on the updates page. You can also enter your api key there. (Dan Hoover)
  • 02134 ipCheck now returns a 127.0.0.1 for cli or phpdbg (tocsindata) (Dan Hoover)
  • 02137 Improved backtrace on Redirect::to in debug mode (Dan Hoover)

5.8.6

2025-06-21
  • 02129 New Security Dashboard gives security guidance and quick access to userspice settings. (Dan Hoover)
  • 02126 Removed former google FLoC header (Dan Hoover)
  • 02128 Users can now override the Join thank you, join thank you verify, and thank you views in usersc. (Dan Hoover)

5.8.4

2025-04-12
  • 02122 Fixed a bleeding edge issue where non-master-admins could not edit other users (Dan Hoover)

5.8.3

2025-03-25
  • 02116 If you pass an int instead of an array to $db->delete it now assumes id column =, since that's how everyone assumed it worked anyway. (Dan Hoover)
  • 02115 Russian and Czech language updates (Thank you Serique and Tomu) (Dan Hoover)
  • 02120 Customizer Template 1.0.3+ create their own default css to prevent overwriting customzations. (Dan Hoover)
  • 02117 Added no maintenance redirect to the pw strength meter (Dan Hoover)
  • 02121 Fixed issue relating to dashboard widget icon/label spacing (Dan Hoover)
  • 02118 Customizer updated to 1.0.2 to fix checkbox issues (Dan Hoover)

5.8.2

2025-03-09
  • 02095 Code length on passwordless login is now changeable on the dashboard reg & pw settings page (Dan Hoover)
  • 02104 Added additional fields to IP whitelist/blacklist for notes and custom list expiry (Dan Hoover)
  • 02090 Profile pic plugin now allows you to delete the image (Phillip) (Dan Hoover)
  • 02096 Updated how the user manager search works when the search engine is enabled (Noah) (Dan Hoover)
  • 02097 Changed file naming convention for non-logged in users (Thomas) (Dan Hoover)
  • 02098 Forced menu_override = 2 on file based log viewer so the page shows the admin menu (Thomas) (Dan Hoover)
  • 02106 Updated Spice Shaker Forms (Dan Hoover)
  • 02108 Chart.js version updated on dashboard (Dan Hoover)
  • 02111 Added replyTo $opt to the built in email function (Dan Hoover)
  • 02105 Charts plugin updated to v1.0.5 to fix a vulnerability in the underlying charts.js library (Dan Hoover)
  • 02094 Resend passwordless login feature has been tweaked for better styling and flow with new debug mode (Dan Hoover)

5.8.1

2025-01-19
  • 02088 Added new recovery mechanism to let users know that they update system is broken. (Dan Hoover)
  • 02087 New usersc/scripts for begin update, update success, and update fail allow you to trigger actions for each userspice update (Dan Hoover)
  • 02086 Added new Development update track for pre bleeding edge releases to early testers and devs (Dan Hoover)
  • 02084 Password meter has been updated to fix an issue where a capital letter was being required when it shouldn't (agro) (Dan Hoover)
  • 02085 Fixed bad check in updateUser function that caused it to fail (Dan Hoover)
  • 02082 Protected mode has been expanded to allow Master Accounts to lock certain profiles from editing or being cloaked into. (Dan Hoover)
  • 02083 Logs on admin_user now show the id of the user whose account was updated (Dan Hoover)
  • 02077 Added isHTTPSConnection() to determine http vs https to fix an issue in the cron manager and loader.php (dmv_p) (Dan Hoover)
  • 02070 Full file-based active logging added with per-user (or customer) file storage options for SOC 2 and GDPR compliance (Dan Hoover)
  • 02068 Fixed us_ip_list not recording timestamp properly (Espresso Dan) (Dan Hoover)
  • 02075 Added users/init.example.php to new installs for reference (Dan Hoover)
  • 02076 File based logs are auto added to .gitignore if one exists (Dan Hoover)
  • 02071 Additional passwordless login option lets you enter a code. Great for multi-device auth or dealing with av (Dan Hoover)
  • 02074 The language key itself is now provided along with missing text to help the dev and end user decipher what's missing (Dan Hoover)

5.7.9

2024-10-26
  • 02049 Fixed datatables error in payments plugin (updated to 1.0.0 from 0.9.1 (Dan Hoover)
  • 02064 Badges plugin updated to 1.0.7 with new features to turn badges into links and better documentation (Dan Hoover)
  • 02065 UserSpice OAuth Server updated to v1.0.2 to fix an edit bug and add to the documentation (Tomas) (Dan Hoover)
  • 02067 Added support for password resetting emails with+ in them (Dan Hoover)
  • 02063 Fixed error in fetchUserPermissions documentation and provided an example to get the permission names (Thanks Tomu4!) (Dan Hoover)
  • 02059 Added documentation for the password meter at https://userspice.com/kb/documentation_details.php?v=815 (Dan Hoover)
  • 02061 Added some extra checks and overrides for systems who cannot update because allow_url_fopen is disabled (Dan Hoover)
  • 02060 Fixed broken Password Reset when enforce password strength was enabled (Thanks MadMonk!) (Dan Hoover)

5.7.8

2024-10-06
  • 02058 Fixed an issue where non-standard legacy login forms could have password corruption issues. (Dan Hoover)

5.7.7

2024-10-06
  • 02057 Admins must now change their password on first login (new installs only). (Dan Hoover)
  • 02040 Fixed html entities on documentation (SneekyPeet) (Dan Hoover)
  • 02044 Added "built-in" column to social logins table for people who had the social logins plugin installed before it was part of the core. (Dan Hoover)
  • 02048 Removed not null constraints on locale and gender columns on users table (Dan Hoover)
  • 02050 Function oxfordList can now handle keyed arrays (turns a list of stuff into a comma separated list like x, y, and z) (Dan Hoover)
  • 02051 The default password of "password" has been rehashed to strength of 14 to fix a very obscure bug from when we changed Input::get (Dan Hoover)
  • 02052 New DB logging feature allows you to add $database_logging = true; variable to debug queries (see details) (Dan Hoover)
  • 02056 Added link to debug logs and debug info on dashboard. Added new debug log filter. (Dan Hoover)
  • 02053 Removed stray var dump from verify.php (The Curriculum Manager) (Dan Hoover)
  • 02055 Added new debug mode for passwordless logins (Dan Hoover)
  • 02041 Audit feature added to Messaging Plugin (Dan Hoover)
  • 01937 Fixed undefined variable in SAAS plugin (Dan Hoover)
  • 02024 Fixed some redirects in the SAAS plugin (Dan Hoover)
  • 02025 Original CMS/Blog plugin now uses summernote lite css for fewer conflicts. (Dan Hoover)
  • 01940 Updated original CMS/Blog plugin to allow saving a widget with no text content. (Dan Hoover)
  • 01950 Updated demo plugin to v1.1.0 with new best practices and some more example code. (Dan Hoover)
  • 01958 Added menu snippet example to demo plugin (Dan Hoover)
  • 02009 Membership plugin updated to fix some styling issues and links (Dan Hoover)
  • 02006 Meekro DB Plugin updated to work with new init.php files (Dan Hoover)
  • 02023 Updated messaging plugin to fix query and modal size (Dan Hoover)
  • 02032 BangingHeads' plugins added to spice shaker (Dan Hoover)
  • 02035 Fixed error with Uptime plugin not properly saving site urls (Dan Hoover)

5.7.6

2024-07-29
  • 02037 Updated table schema to look for capitalized TABLE_NAME in information schema (SneekyPeet) (Dan Hoover)
  • 02030 Added a button in email settings to mark all emails as verified and in admin_user to verify one user(First Cut) (Dan Hoover)
  • 02031 Fixed wording on permission manager (First Cut) (Dan Hoover)
  • 02034 Fixed login count and last login not updating for passwordless logins (Thomas) (Dan Hoover)

5.7.5

2024-07-09
  • 02026 Temporarily turned vericode into a text column to fix a vericode truncation. (The Curriculum Manager & Prometeu) (Dan Hoover)
  • 02027 Fixed password scoring issue where score was artificially lowered to 74 (Dwn Wth Vwls) (Dan Hoover)

5.7.4

2024-06-14
  • 02022 Updated error display functions (iGriefU) (Dan Hoover)
  • 02014 Messaging plugin updated to v1.0.1 to fix an admin send bug (Dan Hoover)
  • 02008 PHPMailer updated to v6.9.1 for better compatibility with PHP 8.3 (Dan Hoover)
  • 02015 Changed order of redirects for function socialLogin (Dan Hoover)
  • 02016 Updated users/verify.php for better handling of passwordless logins and redirects (Dan Hoover)
  • 02017 removed viewport tag from head_tags so it can be controlled by the templates (Dan Hoover)
  • 02018 Fixed some of the w3c's complaints :) (Dan Hoover)
  • 02019 Fixed password strength meter on admin_user page on dashboard (Dan Hoover)
  • 02020 Fixed broken tooltips on admin dashboard (Dan Hoover)
  • 01514 Clarified API response on successful login (Dan Hoover)
  • 01938 Added hook to api builder to create new api key for user on join (Dan Hoover)
  • 01991 Updated community functions plugin to 1.0.3 with some new functions and php 8.x fixes (Dan Hoover)

5.7.0

2024-04-26
  • 02001 Updated bin() function to be multilanguage (Dan Hoover)
  • 02002 Created a new userspice_core plugin (auto installed) for migrations. (Dan Hoover)
  • 02005 Fixed bug preventing from builder from creating forms from db tables (Dan Hoover)
  • 01923 Removed timepicker and jqueryui from form builder (Dan Hoover)
  • 02000 updated jQuery to 3.7.1 and datatables to 2.0.3 (Dan Hoover)
  • 01999 Fixed redirect in language switcher to use built in Redirect class (Dan Hoover)
  • 01998 phpInfo and installation system requirements are available to master accounts from the snapshot widget (Dan Hoover)
  • 01983 Every language updated with 6 new strings to support new front end features (Dan Hoover)
  • 01997 Cleaned up helpers in permissions, us_helpers, and users to better match documentation and improve logic. (Dan Hoover)
  • 01992 Updated addPermission function to take an array of either users or permissions or both. (Dan Hoover)
  • 01996 You can now declare $menu_override = 0; to hide the menu on a page (Dan Hoover)
  • 01989 Changed id of username on admin_users to prevent userinfo plugin from overwriting the username on the user manager (Dan Hoover)
  • 01985 Updated login.php to display error messages. If you have a custom usersc/login.php you will probably want to migrate the usmsgblock section (Dan Hoover)
  • 01981 Added the ability to change update track from the update page (Dan Hoover)
  • 01982 Updated announcements badges, storage, and dismissal (Dan Hoover)
  • 01953 Permissions and User Tags now have a description field (Dan Hoover)
  • 01968 New Social Logins Framework for prettier and more consistent OAuth Experience (BangingHeads) (Dan Hoover)
  • 01969 New checkInternet function allows for faster usage of userspice when offline (Dan Hoover)
  • 01971 Updated userspice announcements system lets the system dynamically create announcements to warn of conflicts etc (Dan Hoover)
  • 01972 Link at the bottom of the dashboard lets you view previously dismissed announcements (Dan Hoover)
  • 01973 Updated the plugin manager to use friendlier names in activation messages (Dan Hoover)
  • 01974 Added the ability to remove passwords from user-facing pages so you can solely use Passwordless, OAuth or Passkeys (Dan Hoover)
  • 01975 Added a new feature for users to login with a link sent to their email. (Dan Hoover)
  • 01976 Deleted many $settings db calls. (Dan Hoover)
  • 01977 The javascript for messages.js (upper right error messages) is now being deferred for faster page loads (Dan Hoover)
  • 01978 Password Reset and Passwordless Logins now prepend uniqid() to the vericode (Dan Hoover)
  • 01979 New quick filter features allows you to filter the list of plugins in the plugin manager (Dan Hoover)
  • 01980 Any single row settings table that begins with plg_ can now use the admin settings ajax by adding a data-table attribute to the input (Dan Hoover)
  • 01967 Added some extra logic for cloaking into users whose emails were not verified. Added uncloak button to user_settings. (Dan Hoover)
  • 01941 Icon filled widgets on dashboard can now be overridden by dropping a custom.php file inside the widget and updating the $array (Dan Hoover)
  • 01959 Input::sanitize updated for non English Characters and given 2 new optional params (trim=true, and fallback=false) (Thanks tomu4) (Dan Hoover)
  • 01920 Functions updated to use global $db instead of DB::getInstance() (Dan Hoover)
  • 01965 Renaming perm 1 now updates the documentation on ultramenu to reflect the new name (Dan Hoover)

5.6.8

2024-03-17
  • 01956 Added a check to see if the user is logged in for the metadata parser (Dan Hoover)
  • 01947 Removed extra closing tags in html footer (bestwmm) (Dan Hoover)
  • 01948 Updated styling on close button for announcement banner on the dashboard (Dan Hoover)
  • 01964 Japanese Language added by bestwmm (Dan Hoover)
  • 01955 Fixed bug in French Language (David) (Dan Hoover)
  • 01962 French language updated to fix Gravatar bug (Dan Hoover)
  • 01963 Ultramenu can now be called by id or the menu name (Dan Hoover)
  • 01961 Badges plugin updated to include categories, custom badge locations, permission badges, tags badges etc (Dan Hoover)
  • 01960 forgot_password.php now allows you to override the individual views in usersc/views (Dan Hoover)
  • 01951 Fixed footer not being properly included in admin.php (Dan Hoover)
  • 01949 Fixed an error in prep.php regarding the fallback template (Dan Hoover)

5.6.7

2024-01-19
  • 01859 Fixed organization management on SAAS plugin (Dan Hoover)
  • 01907 Confirmed that json DB columns do not appear to be a problem for userspice. (Dan Hoover)
  • 01914 Deprecated Hash::salt method (Dan Hoover)
  • 01915 Resolved duplicated in the userspice documentation (Dan Hoover)
  • 01935 Forum plugin updated to 1.0.5 and given a visual refresh (Dan Hoover)
  • 01936 GDPR Plugin Updated to v1.0.7 (Dan Hoover)
  • 01931 Forgot password link is no longer shown if the default username/password are set on the email settings (Dan Hoover)
  • 01904 The main dashboard has been modularized for upcoming features such as custom dashboards (Dan Hoover)
  • 01618 Simplified user settings (Dan Hoover)
  • 01944 Added some padding to plugin manager (Dan Hoover)
  • 01595 Membership plugin updated to 1.0.7 (Dan Hoover)
  • 01891 Merged with 1859 (Dan Hoover)
  • 01688 Fixed user management on SAAS plugin hook (Dan Hoover)
  • 01943 Fixed spacing on uncloak button on account page (Dan Hoover)
  • 01892 Downloads plugin updated to 1.0.3 to fix an undefined variable (Dan Hoover)
  • 01588 Demo plugin updated to 1.0.9. You can now specify your plugin icon in the menu (Dan Hoover)
  • 01822 Published codesnippets 1.0.3 (Dan Hoover)
  • 01925 Webhooks plugin updated to 1.0.3 to fix a link and better document. (Dan Hoover)
  • 01332 Uptime Plugin updated to 1.1.5 - Added an additional curl option for reliability. (Dan Hoover)
  • 01942 Moved email confirmation to on join to after POST plugin hook so plugins can kill the join process before the email is sent. (Dan Hoover)
  • 01675 SpiceBin updated to 1.0.2 to fix bug for non logged in users (Dan Hoover)
  • 01900 Added 3 additional functions to usertags 1.0.2 (Dan Hoover)
  • 01819 Cron plugin updated to 1.0.2 with additional documentation. (Dan Hoover)
  • 01896 Updated summernote in the plugins that use it (Dan Hoover)
  • 01901 Fixed plugin hook bug for disabled/deleted plugins (Dan Hoover)
  • 01932 Added class gravitar-message so the message can be hidden. (Dan Hoover)
  • 01933 Added class profile-replacer to user_settings profile pic (Dan Hoover)
  • 01930 Added sidebar_menu_id to NEW installs of UserSpice 5.6.6+ (Dan Hoover)

5.6.6

2023-11-17
  • 01912 Added the ability to have a different dashboard sidebar menu from the top if you specify $sidebar_menu_id in dashboard_overrides (Dan Hoover)
  • 01913 Adjusted styling on Dashboard filter bar for mobile (Dan Hoover)
  • 01917 Removed stray var_dump from admin_plugins that was visible during a redirect (Dan Hoover)
  • 01918 Fixed some tooltips on the settings pages (Dan Hoover)
  • 01919 Added a message to Registration settings explaining where to setup email verification (Dan Hoover)
  • 01922 Added support to UltraMenu to allow user tags to control access to menu items (Dan Hoover)
  • 01924 Updated Validate class to cross check email and username on unique and unique update (Dan Hoover)
  • 01929 Added screen reader mode to UltraMenu to hide/show a fallback word on menu items with no labels (off by default) (Dan Hoover)
  • 01927 Updated Profile Pic Plugin to v1.0.6 (Dan Hoover)
  • 01928 Added profile-replacer class to profile pic so it can be targeted with css, javascript or the profile pic plugin (Dan Hoover)

5.6.5

2023-11-15
  • 01890 Preventing cloaking into unverified and blocked users (Dan Hoover)
  • 01893 Added ipCheck for consistency to user class (Benedikt) (Dan Hoover)
  • 01894 Slovenian Language added to new installs v5.6.5+ - Thanks Jug! (Dan Hoover)
  • 01902 Plugins widget updated for compatibility with the dashboard filter. If you deleted the widget, you will need to delete it again. (Dan Hoover)
  • 01888 Logged in Username string substitution in the menu can now be prepended or appended with other text. (Dan Hoover)
  • 01911 New hed($string) function added to thoroughly html entity decode stubborn text. (Dan Hoover)
  • 01910 if you use dashboard_override to set sidebar menu to true and hide top menu to true, you can add a file to usersc/views/_admin_sidebar_fallback_menu.php to override the "fallback" menu (Dan Hoover)
  • 01908 Updated Menu class and menu editor for better handling of snippets. Existing snippets could break slightly and may need to be minified. (Dan Hoover)
  • 01886 Page links in admin_page view are now clickable (Bobby) (Dan Hoover)
  • 01909 Added new isDebugModeActive() function to see if US debug mode is active for the logged in user (Dan Hoover)
  • 01905 Debug mode now throws stack trace on dump and dnd calls to tell you where they were called from (Bobby) (Dan Hoover)
  • 01899 Add filter to dashboard (Dan Hoover)

5.6.4

2023-10-16
  • 01862 Fixed bug in French language and updated language pack to 1.1.2 (Jeff B) (Dan Hoover)
  • 01879 null coalescing IP if remote addr not set in ipCheck() (BangingHeads) (Dan Hoover)
  • 01811 Removed strong and paragraph tags from language files (Dan Hoover)
  • 01872 Made password reset views more responsive (Dan Hoover)
  • 01874 Fixed view password eye on user_settings (Dan Hoover)
  • 01877 Menus now allow you to override the light/dark theme (Dan Hoover)
  • 01883 Fixed dropdown not closing on page click (NES Collector, BangingHeads) (Dan Hoover)
  • 01884 Updated cancel button on user_settings (Dan Hoover)
  • 01880 Added an extra measure to prevent permissionless menu items (bobby) (Dan Hoover)

5.6.3

2023-06-29
  • 01858 Fixed some bugs to allow userspice to survive usersc/includes/dashboard_overrides not being writeable. (Dan Hoover)
  • 01860 Spice shaker now shows the current version installs and updates the buttons for better UX (Dan Hoover)
  • 01863 Added support for those who want to update all 100 versions from 4.3 to 5.6 by fixing a missing table. (Dan Hoover)
  • 01864 Now recording the modified date if someone tries to update their user settings. (Dan Hoover)
  • 01865 Removed a stray user_spice_ver file in usersc (Dan Hoover)
  • 01868 Fixed closing snippet div on ultramenu (Thanks Ivo) (Dan Hoover)

5.6.1

2023-06-10
  • 01804 You cannot delete permissions 1 or 2 (pushed in 5.5) (Dan Hoover)
  • 01806 User Manager will now properly display a warning about disabled features for high user counts (Brandin From Envesko)
  • 01807 Alerts plugin updated with a new default style and shoelace.js (Dan Hoover)
  • 01808 Resolved a bug in how snippets are parsed in UltraMenu (Dan Hoover)
  • 01810 Form Builder - disallowing hyphens in forms and table names due to unpredictable mysql behavior. (Dan Hoover)
  • 01812 Cleaned up some functions in permissions.php (Dan Hoover)
  • 01815 Updated html_footer to allow usersc/includes/footer.php to truly include inside the footer. (Dan Hoover)
  • 01816 Fixed translated edit account info button on account.php (Dan Hoover)
  • 01818 Updated admin_menu to provide full path to the css in case the view is cloned to usersc (Dan Hoover)
  • 01821 Uptime plugin updated to fix datatables error (Dan Hoover)
  • 01823 MySQL expert plugin updated to 2.0.1 with ui improvements and the ability to save queries without executing them. (Dan Hoover)
  • 01825 Store plugin updated to v.1.0.0 with a minor code cleanup and bugfix (Dan Hoover)
  • 01826 Updated some rarely-used column types on settings and users to save space (Dan Hoover)
  • 01827 Fixed UltraMenu link bug which ignored the link target (Dan Hoover)
  • 01828 Updated UltraMenu code usage examples to show how to override a menu on a page (Dan Hoover)
  • 01829 Explained on UltraMenu that a tags are automatically closed on brand html (Dan Hoover)
  • 01830 The IP manager prevents you from blacklisting your own IP. (Dan Hoover)
  • 01831 Dan took a water break. (Dan Hoover)
  • 01832 SaaS Plugin updated to 1.0.4 (Dan Hoover)
  • 01833 Added hook to the bug reporter to return back to your project after visiting the userspice site (Dan Hoover)
  • 01834 Fixed some undefined variables and minor bugs in us_helpers.php (Dan Hoover)
  • 01835 Deprecated mqtt function (Dan Hoover)
  • 01837 Fixed the 2000 users message in admin_users (Dan Hoover)
  • 01840 Fixed UI for dashboard access (Dan Hoover)
  • 01843 Fixed unnecessarily slow query in join.php (Dan Hoover)
  • 01844 Chat plugin updated to v1.0.2 for better z-index and us_url_root conflicts. (Dan Hoover)
  • 01845 Email function allows you to now specify an authtype. (Dan Hoover)
  • 01846 Spice shaker is performing a different is_writable check for better compatibility with nginx (Dan Hoover)
  • 01848 You can now pass an array of email addresses to the email function $to variable (Dan Hoover)
  • 01849 Fixed a php 8.1 data type error in function money (Dan Hoover)
  • 01850 Benchmarking plugin updated to v.2.0 (Dan Hoover)
  • 01851 Fixed ultramenu snippet selector dropdown (Dan Hoover)
  • 01853 Updated is_writeable check on spice shaker to prevent false error (Dan Hoover)
  • 01854 Added the ability to have always visible mobile icons and usersc/includes/hooks/mobile_hooks (Dan Hoover)
  • 01855 Form builder - fixed hidden fields not being properly rendered (Dan Hoover)
  • 01856 Fixed examples for offsetDate function (Dan Hoover)
  • 01633 Removed calls to fetchUserDetails on the admin_user page (Dan Hoover)
  • 01663 Form Builder - Removed old datetime picker stuff in favor of the built in browser pickers (Dan Hoover)
  • 01677 Updated hasher plugin for compatibility with left sidebar menus (Dan Hoover)
  • 01689 Added fallback menu labels for ultramenu items without labels (Dan Hoover)
  • 01690 Fixed bug where padlock on user manager was not changing for banned users (Telnz) (Dan Hoover)
  • 01693 Added the ability to manage pages from the permission manager (LBC) (Dan Hoover)
  • 01694 From Builder: You can now pass the logged in user's id to database populated form options (Dan Hoover)
  • 01699 Provided a json header on the returnError function (Dan Hoover)
  • 01701 Form Builder - Better handling of db dropdown options (Dan Hoover)

5.5.7

2023-02-27
  • 01540 Resolved a discrepancy on how widgets are loaded in the cms plugin. (Dan Hoover)
  • 01541 Fixed an issue regarding changing CMS subcategories to parent categories. (Dan Hoover)
  • 01609 Resolved a bug in form builder where views were not ignoring validation for fields that were not being displayed (Briadark) (Dan Hoover)
  • 01641 Both menu builders now display a warning if you've turned DB navigation off in general settings. (Dan Hoover)
  • 01644 Resolved several ux issues in the form builder plugin (Dan Hoover)
  • 01645 Removed permission delete button on main permissions screen (Dan Hoover)
  • 01646 Fixed some issues with the cron manager and oce that were preventing cron edits from saving. (Dan Hoover)
  • 01647 Fixed broken dropdowns in cms plugin (Dan Hoover)
  • 01650 Protected Downloads plugin updated to support UserSpice 5.5+ (Dan Hoover)
  • 01652 Restored accidentally removed body plugin hook on account.php (Dan Hoover)
  • 01653 Added class "alternate-background" to many divs to allow them to be targeted when default background colors clash with templates (Dan Hoover)
  • 01654 Fixed error not being properly displayed for case unique in validation class (Renato) (Dan Hoover)
  • 01655 Removed deprecated php function call from time2str function in us_helpers (Dan Hoover)
  • 01660 Added the ability to highlight active menu items (Gamine) (Dan Hoover)
  • 01661 General settings now contains the option to load all users on the user manager and provides a search engine instead. (Dan Hoover)
  • 01662 Fixed join form not showing validation errors (Renato) (Dan Hoover)
  • 01667 Fixed bug where dropdowns were not being populated on form updates (SeemsLikeChris) (Dan Hoover)
  • 01669 Fixed issue with debug modal not popping on admin logs (Dan Hoover)
  • 01670 Fixed a bug where html branding was not being shown on manually inserted menus (Dan Hoover)
  • 01671 Fixed issue where link target was not being shown in the ui of the menu builder (Dan Hoover)
  • 01672 Fixed a bug when creating a new menu (Dan Hoover)
  • 01674 Added show password eye on login. (Dan Hoover)

5.5.4

2023-01-15
  • 01594 URL encoding error fixed with pr 25 https://github.com/mudmin/UserSpice5/pull/25 (Dan Hoover)
  • 01619 Updated plain template navbar (Dan Hoover)
  • 01626 Dashboard widgets only drag from the header for a better mobile experience (Dan Hoover)
  • 01627 Updated spice shaker for enhanced template info and visuals (Dan Hoover)
  • 01630 Duplicate dbmenu.php functions were removed from us_helpers.php (Dan Hoover)
  • 01631 The Notification class has been deprecated but is still being auto-loaded for current installs via users/ (Dan Hoover)
  • 01632 userspice.com/kb ui has been updated for a better user experience (Dan Hoover)
  • 01635 Fixed an issue where deleting users failed (Dan Hoover)
  • 01636 Deprecated audit.php file to users/helpers/deprecated.php (will not autoload because they were not loaded at the time of deprecation) (Dan Hoover)
  • 01638 Template manager updated to show bigger/better thumbnails and enhanced accessibility (Dan Hoover)
  • 01639 backup_util.php has been deprecated to usersc/includes/deprecated (Dan Hoover)
  • 01640 Fixed bugs in admin page preventing the toggling of public and private (Dan Hoover)

5.5.3

2023-01-10
  • 01621 Resolved styling issues with login modal and social logins (sam) (Dan Hoover)
  • 01622 Fixed PHP 7 errors and updated some logic on permission management (Dan Hoover)
  • 01623 Fixed some settings ui issues (Dan Hoover)
  • 01624 Fixed styling on login close button on bootstrap 4. (Dan Hoover)

5.5.2

2023-01-07
  • 01600 Providing option to use your template footer on the dashboard in usersc/includes/dashboard_overrides (Dan Hoover)
  • 01601 Removed logo files from 5.5.1 update (Dan Hoover)
  • 01604 Added Accordion Menu option to Dashboard (Set in usersc/includes/dashboard_overrides (Dan Hoover)
  • 01606 Deprecated abrev_date, format_date, and userHasPermission functions. Removed old token classes. (Dan Hoover)
  • 01607 Suppressed error when multiple menus with plugin hooks were called on the same page. (Dan Hoover)
  • 01610 Save button disabled on menu manager if 0 permissions are selected (Dan Hoover)
  • 01611 Fixed improper location for storage of menu hooks in usersc (Dan Hoover)
  • 01612 You can hide the top nav by creating a variable $hide_top_navigation = true; Also available in dashboard_overrides.php (Dan Hoover)
  • 01613 Added return to index button on login modal (Dan Hoover)
  • 01616 Fixed incompatibilities with Ultramenu builder and PHP 7 (Dan Hoover)
  • 01602 Moved logos to usersc/images from users/images (Dan Hoover)

5.5.1

2023-01-02
  • 01596 Improved creation of admin dashboard top menu (Dan Hoover)
  • 01597 style.css was not being included in the bs5 template (Dan Hoover)
  • 01598 Fixed a bug in the plugin menu hook (Dan Hoover)
  • 01599 Fixed a UI issue in ultramenu where current snippet was not being shown (Dan Hoover)

5.5.0

2022-12-30
  • 01555 Updated validateJson function for php 8 compatibility (Dan Hoover)
  • 01558 echouser can return instead of echo echouser(1,$settings->echouser,true); (Dan Hoover)
  • 01559 Hooker plugin updated with new hooks for hooking (Dan Hoover)
  • 01560 Added new event hooks passwordResetFail and passwordResetSuccess on forgot_password_reset (Dan Hoover)
  • 01569 Added new fetchFolderFiles function to fetch all files by extension (Dan Hoover)
  • 01581 Access Delegation now works properly with more than 1 permission (Brandin From Envesko)
  • 01582 Reports plugin now supports excel exports in XLSX, CSV, ODS, or PDF (Clayton256) (Dan Hoover)
  • 01584 Tickets Plugin updated to v.1.0.4 (Dan Hoover)
  • 01542 Removed legacy backup feature (Dan Hoover)
  • 01568 Added new offsetDate function for easy date manipulation (Dan Hoover)
  • 01411 Removed legacy err= and msg= from core URLs (Dan Hoover)
  • 01492 Webhooks plugin updated with example test script (Dan Hoover)

5.4.5

2022-07-26
  • 01537 Updated classes on login.php (Dan Hoover)
  • 01539 Added Korean Language to new installs the language pack - Thanks Thadius! (Dan Hoover)
  • 01543 Backup menu item will not show on dashboard if backup has been removed (Dan Hoover)
  • 01544 Updated example for language creation (Jibak) (Dan Hoover)
  • 01545 Default language is now set for users when created by the admin (Jibak) (Dan Hoover)
  • 01546 Form builder updated to v2.1.3 with better form deletion logic (Stan R) (Dan Hoover)
  • 01511 Debug mode warning on dashboard is now a link to the debug logs (Dan Hoover)
  • 01515 Updated force ssl to use Tekniskedirektorn's excellent patch to allow proxy servers (Dan Hoover)
  • 01523 Input::get no longer tries to force numeric values (Dan Hoover)
  • 01525 Updated Documentation for addPermission function (DKY) (Dan Hoover)
  • 01527 Updated tickets plugin to fix a stray comma that will break some db queries (Dan Hoover)
  • 01529 Fixed Nav errors in PHP 8.1 while being a punk to Brandin :) (Dan Hoover)
  • 01530 Updated admin nav for better display of permission groups (Dan Hoover)
  • 01531 Clean urls plugin example script updated to support forms with no method attribute (Dan Hoover)
  • 01532 Added Danish translation - Thanks TFN (Dan Hoover)
  • 01533 Sendinblue Plugin updated to better work with built-in functions (Thadius/BangingHeads) (Dan Hoover)

5.4.4

2022-05-19
  • 01186 Benchmark Plugin updated to v1.0.2 with better math function (Dan Hoover)
  • 00980 Simple Forums plugin updated to v1.0.2 (Dan Hoover)
  • 01500 Removed stray opening php tag in check processing (Dan Hoover)
  • 01516 Fixed bug where email settings were being improperly stored (Dan Hoover)
  • 01517 Fixed bug where some users would get {missing text} on new installs (Dan Hoover)
  • 01518 Fixed bug where removing all permissions causes a redirect loop. Who in their right mind would do that :) (Dan Hoover)
  • 01519 Fixed error on installer where db connection would incorrectly be reported as unsuccessful (Dan Hoover)
  • 01520 Added the ability to specify a custom db port in the installer (Dan Hoover)

5.4.3

2022-05-13
  • 00802 Removed duplicate query from snapshot widget (Dan Hoover)
  • 01443 API Builder updated with some customization options and some RESTful responses (Mr. Serikus) (Dan Hoover)
  • 01453 Documentation link now shown on API Builder Config Page (Dan Hoover)
  • 01479 Convert head_tags Comments to PHP for New Installs (Brandin From Envesko)
  • 01487 Alerts plugin updated for compatibility with custom templates (Dan Hoover)
  • 01489 Updated input class to deal with inputs starting with leading zeroes (Dan Hoover)
  • 01493 Updated installer to deal with deprecated datetime call (Dan Hoover)
  • 01494 Removed copyright message on dashboard menu (Dan Hoover)
  • 01497 Security Logs will now show for delegated users (Brandin From Envesko)
  • 01503 Update SQL for New Installs (Brandin From Envesko)
  • 01505 Pulled ReAuth UI Components (Legacy Feature) (Brandin From Envesko)
  • 01507 Created the ability to completely override the admin menu (telnz) (Dan Hoover)
  • 01508 Added the ability to change email authtype to CRAM-MD5, LOGIN, PLAIN, or XOAUTH2 (Dan Hoover)
  • 01509 Protected Downloads plugin updated to clarify instructions (Dan Hoover)
  • 01510 Added the ability to override or add additional parameters to the email function with a usersc script (Dan Hoover)
  • 01512 Removed requirement for mb_strlen from Validate class (Dan Hoover)

5.4.1

2022-03-22
  • 01417 Fixed a sorting issue in the built in cron manager. (Marc) (Dan Hoover)
  • 01448 SAAS plugin fixed bug that could result in organization leader losing ability to manage their own org. Please update. (Dan Hoover)
  • 01276 Tickets plugin has been updated to 1.0.2 to fix a config bug (Dan Hoover)
  • 01389 Now allowing languages to create a key valled VAL_ALLOWED to be more flexible on min-max validation (Dan Hoover)
  • 01391 Logged in user is redirected to user settings if they try to navigate to forgot password (Dan Hoover)
  • 01426 Added cloakBegin and cloakEnd plugin event hooks (Dan Hoover)
  • 01457 You can now call the userspice message system from javascript usMessage("testing123","success");); (Dan Hoover)
  • 01463 Improved Input::sanitize and added Input::json and Input::recursive (Dan Hoover)
  • 01469 Darkened font on the dashboard (Dan Hoover)
  • 01470 The dashboard css can now be overridden in usersc/includes/dashboard.css (Dan Hoover)
  • 00627 displayTable function in forms plugin allows you to pass ["id"=>1] to show the id in the table. (Dan Hoover)
  • 01422 Updated legacy sanitize helper function to use input static method (Dan Hoover)
  • 01189 Added multilanguage support to form builder (Thanks Alexander!) (Dan Hoover)
  • 01449 Fixed an error in SAAS plugin for assigning permissions to an organization (Dan Hoover)
  • 01450 Fixed broken form in SAAS plugin (Dan Hoover)
  • 01451 Cleaned up some divs in the SAAS Plugin thanks to some great reports by Espresso Dan (Dan Hoover)
  • 01455 Charts plugin updated to 1.0.4 to make line charts prettier (Dan Hoover)
  • 01471 Comments plugin updated with additional documentation (Dan Hoover)
  • 01472 Fixed loader to prevent redirect loops for banned ips (Dan Hoover)
  • 01473 Form Builder now allows underscores and hyphens in form names (Dan Hoover)
  • 01410 Form builder now returns "rule broken" so you can create custom error messages (Dan Hoover)

5.4.0

2021-12-30
  • 01437 Resolved error messages only showing first character on user creation (Dan Hoover)
  • 01438 Add additional usersc include before system messages and force html entity encode before decode (Dan Hoover)
  • 01442 Removed stray html tag in login.php (Dan Hoover)
  • 01444 $validated variable on login.php now allows you to kill login with a hook in the post position (Dan Hoover)
  • 01445 Created unique table ids for tables with an id of paginate (Dan Hoover)

5.3.9

2021-12-12
  • 01420 Form builder has been updated to better handle non-English characters (Dan Hoover)
  • 01421 Updated sanitize function in Input class for cleaner usage (Dan Hoover)
  • 01423 Removed hard coded user id 1 on logger functions (Dan Hoover)
  • 01424 Updated logger function to avoid throwing errors on PHP 8 (Dan Hoover)
  • 01428 Fixed email verification bug caused by GDPR override plugin. (Dan Hoover)
  • 01429 Fixed missing email url encoding on email verification (Dan Hoover)
  • 01430 Updated echouser to deal with blanks and 0s (Dan Hoover)
  • 01431 Deal with hard coded + spaces in language files (Dan Hoover)
  • 00976 Removed unused columns from stripe plugin that broke table. (Dan Hoover)

5.3.8

2021-12-06
  • 01305 Reports plugin updated to handle larger data sets (Dan Hoover)
  • 01357 Added a new System Logs Action: Delete Logs (Keep ID) (Brandin From Envesko)
  • 01361 New fetchProfilePicture($userid) function is overridable and more flexible. (Dan Hoover)
  • 01364 Log Filters and Actions have been moved to a dropdown for a cleaner UI (Brandin From Envesko)
  • 01376 User Settings will now properly display the correct field name during a validation error (Brandin From Envesko)
  • 01377 Validate class now returns a rulesBroken array for better Multilanguage support (Dan Hoover)
  • 01379 Added Staging Code for Log Profiles/Filters via Hooks (Brandin From Envesko)
  • 01380 Performed Log Actions will now be tracked in the logs (Brandin From Envesko)
  • 01382 Check updates and spice shaker will throw system errors if curl or zip are not installed. No diag mode needed. (Dan Hoover)
  • 01383 fetchUserDetails function now behaves like the documenation (Dan Hoover)
  • 01385 pluginHooks can return data with the hookData variable (Dan Hoover)
  • 01386 new User() can now be forced to look at the email column with second parameter (Dan Hoover)
  • 01387 Added new hooks for the email verification and password reset process (Dan Hoover)
  • 01392 Fixed hard coded password minimum length on forgot password reset (Dan Hoover)
  • 01393 Added translation to login.php (Dan Hoover)
  • 01394 Removed deprecated font color = tags in userspice core (Dan Hoover)
  • 01397 first parameter of logger() function can now ne an empty string (Dan Hoover)
  • 01399 created new usError, usSuccess, usMessage functions to make passing errors cleaner and easer (Dan Hoover)
  • 01400 New tokenHere() function to create a hidden input with the csrf token (Dan Hoover)
  • 01402 Changed settings query in cron.php to select * for convenience (Dan Hoover)
  • 01403 Added missing language support to verify.php (Dan Hoover)
  • 01405 Added missing form label to verify_resend view (Dan Hoover)
  • 01407 Fixed missing translation on force pw reset (Dan Hoover)
  • 01409 new fetchUser($id) function addresses the awkwardness of the legacy fetchUserDetails function (Dan Hoover)
  • 01412 updated createAttempt plugin hook (Dan Hoover)
  • 01413 includeHook function now returns more gracefully if a bogus position is called. (Dan Hoover)
  • 00916 Auto logout plugin updated to detect mouse and keyboard input (Dan Hoover)

5.3.7

2021-10-20
  • 01368 Fixd speling eror on dashbeoard menue (Dan Hoover)
  • 01308 Dashboard Access Features are now more verbose to avoid duplicated feature names (Brandin From Envesko)
  • 01310 Fixed Hooker Plugin not listing the hooks it created. (Dan Hoover)
  • 01312 Added tooltip to badges plugin (PR From RoelandvanD) (Dan Hoover)
  • 01314 Added the ability to hide the id in the Quick Crud plugin (Dan Hoover)
  • 01298 New Hook: adminUser createAttempt (Brandin From Envesko)
  • 01303 Fixed issue where some errors were being described twice (Dan Hoover)
  • 01304 Functions that globalize $user will gracefully fail if accessed without $user being properly defined (or accessed by guest) (Brandin From Envesko)
  • 01309 Form builder can now skip fields without creating a custom view (Dan Hoover)
  • 01317 System Messages Footer now correctly defines the Error Class valErr (Brandin From Envesko)
  • 01326 Migrate Core Code from checkMenu (legacy) to hasPerm (maintained) (Brandin From Envesko)
  • 01329 Improper Plugin Removal (deleting files without uninstalling) will no longer cause errors in the Admin Panel or in the Plugins Manager (Brandin From Envesko)
  • 01331 cleanupPermissionPageMatches will no longer produce an error when it is triggered by a logged in user (Brandin From Envesko)
  • 01333 Updated plugin manager activation/deactivation/deletion logic (see notes on ticket) (Dan Hoover)
  • 01336 Badges User UI updated and new hasBadge function added (Dan Hoover)
  • 01337 login.php now has $username and $password which can be modified via the hook on this page and is passed to loginEmail (Brandin From Envesko)
  • 01338 Remember Var on Login is now above the hook so it can be modified via the hook if required (Brandin From Envesko)
  • 01339 Added new hooks to Page Manager (Dan Hoover)
  • 01340 Remember Me Feature added via plugin (Dan Hoover)
  • 01341 Users of Clean URLs should update Form Builder and their .htaccess file with the snippet from the updated plugin (Dan Hoover)
  • 01343 Added ability to prevent maintenance.php redirect on parsers/apis but setting $noMaintenanceRedirect = true before init.php (Dan Hoover)
  • 01344 Added new API Hooks (Dan Hoover)
  • 01345 Fixed language call on Validate class. (Dan Hoover)
  • 01346 Fixed issue allowing admins to change passwords without confirming the new pw matches (chalnger86) (Dan Hoover)
  • 01347 New Function: UserSpice_getLogs (Brandin From Envesko)
  • 01348 Only Debugging Logs button will now properly filter logs (Brandin From Envesko)
  • 01349 views/_admin_logs now uses UserSpice_getLogs (Brandin From Envesko)
  • 01350 Security logs now has the ability to hide whitelsited IPs (James) (Dan Hoover)
  • 01375 Updated init.php for new installs to fix redirect bug. (Dan Hoover)
  • 01272 Fixed bad link on Twilio dashboard (Dan Hoover)

5.3.5

2021-09-01
  • 01280 Added isSelected helper form helper function (Dan Hoover)
  • 01282 Logger function is overwriteable again (Brandin From Envesko)
  • 01283 Corrected a lognote in update 2021-07-11a for future updates (Brandin From Envesko)
  • 01284 Standard template updated to 2.0.1 to use dynamic container open class. (Dan Hoover)
  • 01285 CMS Plugin updated to fix missing script tags. (Dan Hoover)
  • 01286 Loader.php now uses isUserLoggedIn to validate a user being logged in (Brandin From Envesko)
  • 01288 Form builder updated to 2.0.3 (Dan Hoover)
  • 01289 Added .htaccess to prevent rewriting of parser file urls (Dan Hoover)
  • 01290 The for for log clearing tools in System Logs now has an ID of log_clearing_tools that can be targeted (Brandin From Envesko)
  • 01291 Accessing login.php while logged in will now cause you to be redirected to settings.redirect_uri_after_login (Brandin From Envesko)
  • 01292 Sessions will no longer be destroyed automatically from visiting login.php (Brandin From Envesko)
  • 01293 New Function: isUserLoggedIn (Brandin From Envesko)
  • 01294 MQTT plugin updated (Dan Hoover)
  • 01295 Fixed some migrations in the CMS plugin (Dan Hoover)
  • 01299 Moved API key entry to only the dashboard with jQuery feedback on key validation (Dan Hoover)
  • 01301 Removed checkWrite.php parser file (Dan Hoover)
  • 01302 Removed non-working ReAuth feature but left fields for plugin development (Dan Hoover)
  • 01306 Removed required fields on email settings (Dan Hoover)
  • 01277 Spice shaker now attempts to delete stray temp.zip files and warns you if it can't (Dan Hoover)
  • 01279 GDPR Plugin Updated to support longer text (Dan Hoover)

5.3.4

2021-07-17
  • 01263 Helper Functions now use ipCheck instead of REMOTE_ADDR (Brandin From Envesko)
  • 00730 cleanupPermissionPageMatches is triggered when deletePages is successful (Brandin From Envesko)
  • 01261 Added debug mode to dashboard and logger (Dan Hoover)
  • 01265 Updated PHPMailer to latest version (Dan Hoover)
  • 01266 Fixed bug that breaks error messages when the session is not set on some servers. (Dan Hoover)
  • 01268 ReAuth now uses isLocalhost instead of hard coding conditions (Brandin From Envesko)
  • 01270 New Function: cleanupPermissionPageMatches (Brandin From Envesko)
  • 01271 Removed extra divs from default index.php page (Dan Hoover)
  • 01273 Added maintenance and debug mode warnings to admin.php (Dan Hoover)
  • 01274 Updated form actions for better compatibility with clean urls (Dan Hoover)
  • 01275 Upgraded from jQuery 3.5.1 to jQuery 3.6.0 (Dan Hoover)

5.3.3

2021-06-22
  • 01256 Fixed broken link in admin menu (Dan Hoover)
  • 01257 Check it out on SS now takes you to the Plugin Config. Logo now takes you to the config if active (Dan Hoover)
  • 01258 Refer plugin updated to 1.0.4 (Dan Hoover)

5.3.2

2021-06-03
  • 01093 Footer now included on join after form submission (Dan Hoover)
  • 01216 Updated email settings to prevent accidental autofill (Dan Hoover)
  • 01218 Fixed verify email resend encoding (Dan Hoover)
  • 01236 Better compatibility for display_errors and display_successes (Dan Hoover)
  • 00731 Admin Panel: Added IDs and Classes for Menu Items (Brandin From Envesko)
  • 01244 Admin Panel: Added Language Translations for hard-coded menu items (Brandin From Envesko)
  • 01253 Added ability to parse html in error messages (Dan Hoover)
  • 01254 updated sessionValMessages to merge error messages into arrays (Dan Hoover)

5.3.1

2021-05-12
  • 01214 Added the 5.3.1 plugin hooks to the hooker plugin (Dan Hoover)
  • 01224 Added missing logo to the alerts plugin (Dan Hoover)
  • 01231 Removed orphaned dashboard views (Dan Hoover)
  • 01232 Better UserSpice API Key Validation (Brandin Arsenault) (Dan Hoover)
  • 01238 Removed TinyMCE from GDPR Plugin (Dan Hoover)
  • 01239 Logger function now json_encodes metatdata if it's an array or object (Brandin Arsenault) (Dan Hoover)
  • 01234 Re-preventing using emails as usernames (Dan Hoover)
  • 00840 All references to user_agreement removed in favor of GDPR plugin (Dan Hoover)
  • 01137 Fixed error when $_SESSION['kUserSessionID'] is not set (Dan Hoover)
  • 01147 Fixed error message on user_settings.php (Dan Hoover)
  • 01150 Changed inputs on admin_user(s) to type="search" to combat lastpass bug (Dan Hoover)
  • 01151 Charts plugin updated to 1.0.2 (Dan Hoover)
  • 01154 Fixed function for backwards compatibility (Dan Hoover)
  • 01157 Session:get now returns null if session does not exist (Dan Hoover)
  • 01159 Deprecated checkPermission and updated securePage (Dan Hoover)
  • 01161 Resolved missing > in French language file (Dan Hoover)
  • 01162 Preventing null on logs.user_id (default 0) (Dan Hoover)
  • 01163 Adjusted formatting on system logs page (Dan Hoover)
  • 01166 Updated join form validation for consistency (Dan Hoover)
  • 01167 If you pass ONLY an array or object as your lognote, it will be automatically json encoded (Dan Hoover)
  • 01179 Added loader feature - adds to init.php (Dan Hoover)
  • 01182 Moved security headers higher on header1_must_include (Dan Hoover)
  • 01183 Added usersc/includes/pre_header.php (Dan Hoover)
  • 01184 Moved IP Blacklist earlier on page load (Dan Hoover)
  • 01185 Added explicit int on admin user view (Dan Hoover)
  • 01191 Better handling of registering and de-registering plugin hooks (Dan Hoover)
  • 01193 user_settings.php now redirects after update for better plugin compatibility. (Dan Hoover)
  • 01194 Fixed untranslated line in email message (Dan Hoover)
  • 01196 Added IP address to security logs (Dan Hoover)
  • 01197 Fixed bad DB query example in Charts Plugin (Dan Hoover)
  • 01198 DB class now supports alternative charsets (Dan Hoover)
  • 01200 Fixed div closing too early on check updates (Dan Hoover)
  • 01201 Removed shortcodes <? from code in favor of <?php (Dan Hoover)
  • 01203 New Norwegian language and updated French language (Dan Hoover)
  • 01204 Redirect::to no longer checking for file to exist (use Redirect::safe to do that) (Dan Hoover)
  • 01205 Better spacing on Authorized Groups on admin_nav_item view (Scourgess) (Dan Hoover)
  • 01206 Improved usability on admin_nav_item view (Scourgess) (Dan Hoover)
  • 01207 Fixed spelling error on admin_permission (Scourgess) (Dan Hoover)
  • 01208 reCaptcha removed from core (Dan Hoover)
  • 01209 Removed auto assign username feature (Dan Hoover)
  • 01210 New plugin hooks on forgot_password.php (Dan Hoover)
  • 01211 Removed restriction of using an email as a username (Dan Hoover)
  • 01215 Created a new joinAttempt plugin hook (Dan Hoover)
  • 00963 Refer plugin updated to 1.0.3 (Dan Hoover)
  • 01220 Updated error message for init files without loader.php (Dan Hoover)
  • 01223 Plugin management hidden for non-master-accounts (Dan Hoover)
  • 01225 Added if ! function_exists to checkAccess function on admin.php (Dan Hoover)
  • 01227 Added additional try/catch to db class (Dan Hoover)
  • 01228 Form Builder 1.2.0 released with UserSpice 5.3 support. Please update (Dan Hoover)
  • 01229 Added explicit null to error message function (Dan Hoover)
  • 01230 Updated Try/Catch statement in DB Class (Dan Hoover)
  • 00983 Updated Swedish language (Dan Hoover)
  • 00495 Fixed super long logs squish the admin panel (Dan Hoover)
  • 01009 Validate class handles non-submitted fields more gracefully. (Dan Hoover)

5.2.6

2021-03-19
  • 00622 Password reset returns the same message regardless of if the email is in the db (Dan Hoover)
  • 01144 Added switch to enable bleeding edge on dashboard general settings (Dan Hoover)
  • 01146 Added featured addons to spice shaker (Dan Hoover)

5.2.5

2021-02-16
  • 01092 Join.php now checking for usersc/views/_join and thank you (Alex) (Dan Hoover)
  • 01096 "forms" column removed from new installs was causing a form builder issue (Dan Hoover)
  • 01109 Added try/catch on _db->execute() (Banging Heads) (Dan Hoover)
  • 01112 Form builder migration tweak (Dan Hoover)
  • 01113 Fixed some errors in form builder. (Dan Hoover)
  • 01114 Plugin functions can now override anything except usersc/custom_functions.php (Banging Heads) (Dan Hoover)
  • 01119 Defaulting to port 443 for checking updates (Tek) (Dan Hoover)
  • 01121 Added graceful skipping of missing widgets (Brandin) (Dan Hoover)
  • 01122 Fixed broken fetchAllUsers function (Dan Hoover)
  • 01126 Added check/uncheck box to pages on permission editor (Dan Hoover)
  • 01129 Removed stray hard coding in User Class (Mark Z) (Dan Hoover)
  • 01130 Fixed undefined variable in checkAcces function (Dan Hoover)
  • 01132 Updated parser files so attempted hackers see cleaner error messages (Brandin) (Dan Hoover)
  • 01133 Fixed https redirect issues on some servers (Thanks Abd) (Dan Hoover)
  • 01134 Added .htaccess to users/views (BangingHeads) (Dan Hoover)
  • 01135 Plugins can now override core functions with an override.php file (BangingHeads) (Dan Hoover)
  • 01136 Facebook login plugin updated to v1.0.2 (Dan Hoover)
  • 01139 If max password is set to 30, will be increased to 150 (Dan Hoover)
  • 01141 Large log notes turn into a textarea that can be expanded (Dan Hoover)
  • 01142 Remove us_css and track_guest columns (Dan Hoover)
  • 00631 Confirmed all form character limit checks are working (Dan Hoover)
  • 01143 Move dashboard copyright to left menu (FeistySquirrel) (Dan Hoover)
  • 00699 Resolved combobox errors in an earlier commit (Dan Hoover)

5.2.4

2021-01-29
  • 01108 Fixed hard coded session name in account.php (Dan Hoover)

5.2.3

2021-01-14
  • 01066 Fixed error in fetchAllUsers (Dan Hoover)
  • 01067 Added 3 new plugin hooks in users/verify.php (Dan Hoover)
  • 01068 Changed the cookie class to deal with samesite attribute on all modern versions of php (Dan Hoover)
  • 01071 Fixed a bug preventing the old us_update.zip from being deleted (Dan Hoover)
  • 01072 Updated securePage function for better handling of http to https redirects (Dan Hoover)
  • 01073 Improved default language for new users (Dan Hoover)
  • 01077 Fixed token error in bug reporter (Dan Hoover)
  • 01078 temporarily readded columns to the users table for compatibility. (Dan Hoover)
  • 01079 Added backticks around password in the user class (Dan Hoover)
  • 01080 Moved head tag on dashboard (Dan Hoover)
  • 01081 Renamed manage to settings in admin breadcrumbs (Dan Hoover)
  • 01082 Removed extra </div> reported by Andrew (Dan Hoover)
  • 01083 Added a warning not to muck with permissions 1 and 2 (Dan Hoover)
  • 01084 Lengthened page and title columns in the pages table for better language support (Dan Hoover)
  • 01085 Wrapped audit.php functions in if !function_exists (Dan Hoover)
  • 01086 Deleting temp.php before downloading a plugin (Dan Hoover)
  • 01088 Added options for cc and bcc to email function (Dan Hoover)
  • 01095 Afrikaans language added (John Dovey) (Dan Hoover)
  • 01097 Added space on join view (BangingHeads) (Dan Hoover)
  • 01099 Cosmetic tweaks to plugin manager (Dan Hoover)
  • 01100 Removed 2 deprecated files (Dan Hoover)
  • 01102 Updated German language (Dan Hoover)
  • 01103 Fixed email verification link when overridden in usersc (Dan Hoover)
  • 01104 Made verify.php more compatible with usersc (Dan Hoover)
  • 01105 Form builder plugin updated to 1.1.6 (Dan Hoover)
  • 01022 Fixed ui bug in CMS plugin (Dan Hoover)

5.2.2

2020-11-17
  • 01039 Added notice about UserInfo Plugin on registration settings page (Dan Hoover)
  • 01045 Removed duplicate isStandardUser function (Brandin From Envesko)
  • 01046 Fixed Punctuation for Logtype in the Users Class (Brandin From Envesko)
  • 01047 Backup link fixed on check updates (Dan Hoover)
  • 01049 Added DB Update for container_open_class (Brandin From Envesko)
  • 01051 Rewriting banned.php in a migration file (Dan Hoover)
  • 01052 logs_exempt table pulled from new installs (Dan Hoover)
  • 01053 Rolled back some broken functions (Dan Hoover)
  • 01055 Updated ip ban logic (Dan Hoover)
  • 01056 Checking before unlinking update zips to avoid warnings (Dan Hoover)
  • 01057 UserInfo Plugin Updated (Dan Hoover)
  • 01060 Updated db schema on new installs to support old mysql versions (Dan Hoover)
  • 01061 Fixed account_owner bug (Dan Hoover)
  • 01062 Fixed active column in Database (Dan Hoover)
  • 01063 Added cz-CZ language (Dan Hoover)
  • 01064 Resolved LDAP token issue (Dan Hoover)
  • 00978 Added samesite attribute by default to the cookie class. (Dan Hoover)
  • 01007 Fixed google oauth token errors (Dan Hoover)

5.1.9

2020-10-29
  • No Issues Resolved

5.1.8

2020-10-29
  • 01043 Created isStandardUser function (Dan Hoover)
  • 01044 Hotfix: hasPerm NULL ID Bug (Brandin From Envesko)
  • 01040 all logs for various login types now say login (Dan Hoover)

5.1.7

2020-10-27
  • 01024 Removed legacy code for the session manager on account.php (Brandin From Envesko)
  • 01026 Updated container to container-fluid on standard template (Brandin From Envesko)
  • 01029 **IMPORTANT** fetchAllUsers now ONLY accepts a boolean value for the desc parameter (Brandin Arsenault) (Brandin From Envesko)
  • 01032 Code & Logic Improvements to hasPerm, added optional parameter to disable masterAccount checking (Brandin From Envesko)
  • 01035 Added setting for main div classes (Brandin From Envesko)
  • 01036 Fixed a number of autocomplete issues on the Admin Panel (Brandin From Envesko)
  • 01037 **IMPORTANT** the users.active column was removed for future installs, some code was added to join.php and views/_admin_users.php to handle legacy support for this column (Brandin From Envesko)
  • 01038 Fixed line-height for the ACP Navigation Toggle that cause misalignment (Brandin From Envesko)
  • 00356 Removed Logs Manager (Legacy) (Brandin From Envesko)
  • 00936 Large cleanups to the users table for new installs, core code updates were required (Brandin From Envesko)
  • 00969 Removed a redirect on user_settings that caused a lack of success messages (Brandin From Envesko)
  • 00979 Corrected "cycle" from "cylce" on views/_admin_tools.php (Brandin From Envesko)
  • 00982 Removed a double class attribute on admin_users (Brandin From Envesko)
  • 00984 Resolved some legacy tooltip calls on the standard template and misc pages (Brandin From Envesko)
  • 00986 time2str will now return null if supplied null (Brandin From Envesko)
  • 01002 Removed spaces that were breaking userinfo plugin (Dan Hoover)
  • 01003 Wrapped join inputs in form group class (Dan Hoover)
  • 01005 Centered text on a few views for better styling (Dan Hoover)
  • 01006 Made view usersc compatible (Dan Hoover)
  • 01008 _joinThankYou no longer has a bad link when join.php is in the usersc folder (Brandin From Envesko)
  • 01010 Cleaned up securePage function (Dan Hoover)
  • 01011 Added Metadata Column to Logs table (Brandin From Envesko)
  • 01015 Fixed bug where previously verified emails could not update. (Dan Hoover)
  • 01016 Coding Standard Fixes for users/views/_admin_settings_general.php (Brandin From Envesko)
  • 01017 Coding Standard Fixes and strict variables on functions for helpers/users.php (Brandin From Envesko)
  • 01018 Coding Standard Fixes and strict variables on functions for helpers/helpers.php (Brandin From Envesko)
  • 01019 Removed legacy code and performed cleanup on user_settings.php (Brandin From Envesko)
  • 01023 Added a redirect when you successfully add or remove a folder on admin_pages (Brandin From Envesko)

5.1.6

2020-09-15
  • 00988 moved title in admin.php (Dan Hoover)
  • 00989 Fixed html in loop (Dan Hoover)
  • 00990 Fixed missing space in admin users (Dan Hoover)
  • 00991 Moved closing p tag (Dan Hoover)
  • 00992 Removed extra </div>s reported by Andrew (Dan Hoover)
  • 00993 Removed extra </div> reported by Andrew (Dan Hoover)
  • 00994 Fixed html errors in admin_pages (Dan Hoover)
  • 00995 Fixed missing </p> tag. Thanks Andrew (Dan Hoover)
  • 00996 Fixed html spice shaker form - Thanks Andrew. (Dan Hoover)
  • 00997 Removed extra </div> reported by Andrew (Dan Hoover)
  • 00824 Facebook Redirect/Session issues resolved in another commit (Dan Hoover)
  • 00947 OAuth Session User to Session Name, Add Success Hooks to Facebook Login. Thanks BangingHeads! (Dan Hoover)
  • 00948 Fixed Facebook redirect after login bug (Dan Hoover)
  • 00955 Deleting usupdate.zip before update (Dan Hoover)
  • 00956 Rolled back a bad patch from bug 931 (Dan Hoover)
  • 00959 Added link to security logs. Thanks Odin (Dan Hoover)
  • 00962 Fixed a bug in the pluginActive function for non logged in users (Dan Hoover)
  • 00967 Added check for http host in force_ssl (Dan Hoover)
  • 00970 Added a FName First Initial of LName option in echouser (Dan Hoover)
  • 00974 Used dustball's preg match to detect bad pastes of api keys (Dan Hoover)
  • 00998 Changed documentation for custom css with ihadavision's snippet (Dan Hoover)
  • 00746 All facebook redirect issues appear to be solved (Dan Hoover)

5.1.5

2020-08-05
  • 00934 Removed references to two factor authentication from the core code (Dan Hoover)
  • 00938 Added missing pages from default page hider in admin pages (Dan Hoover)
  • 00950 DB class not throwing error on first with no results. (Dan Hoover)
  • 00952 Pushed Brandin's improvement for the fetchUserDetails function (Dan Hoover)
  • 00954 Fixed a bug causing the notification system to not display properly on some installs. (Dan Hoover)
  • 00007 Cron job ip regulation was added in 5.0 (Dan Hoover)
  • 00779 URL regeneration resolved in an earlier release (Dan Hoover)
  • 00797 Root write check now happens on install as of 5.1.4 (Dan Hoover)
  • 00566 Validation code Resolved in another commit (Dan Hoover)
  • 00827 Added ability to send attachment to emails (Dan Hoover)
  • 00580 Missing text resolved in an earlier commit (Dan Hoover)
  • 00837 Added min/max characters for password and username on new user modal in admin_users (Dan Hoover)
  • 00842 Fixed buttons at the bottom of user_settings.php (Dan Hoover)
  • 00588 Installer updated (Dan Hoover)
  • 00589 Most table character sets were cleared up in 5.1.4 (Dan Hoover)
  • 00593 localhost placeholder removed (Dan Hoover)
  • 00868 custom_functions.php is now included earlier so you can override more core functions with your custom ones (Dan Hoover)
  • 00616 Updated installer logic (Dan Hoover)
  • 00875 Forgot password page does not attempt now if email is not setup. (Dan Hoover)
  • 00876 Classes were added to the err and msg functions in 5.1.4 (Dan Hoover)
  • 00121 Unique session and cookie names generated during install since earlier version (Dan Hoover)
  • 00896 Updated multidb logic in the db class (Dan Hoover)
  • 00897 Verify email does not try if email is already verified (Dan Hoover)
  • 00909 Fixed html entities and non-translated email subjects (Dan Hoover)
  • 00917 htmlspecialchars_decode has been replaced with html_entity_decode (Dan Hoover)
  • 00925 Updated file based CMS widget logic. (Dan Hoover)
  • 00930 Form builder is now optional but recommended for the UserInfo plugin (Dan Hoover)
  • 00931 Email becomes "unverified" now if updating your email address in user_settings.php (Dan Hoover)
  • 00932 Updated hashing logic on API and downloader.php (Dan Hoover)
  • 00933 pluginActive now works if not logged in (Dan Hoover)
  • 00937 Logging for user blocking on _admin_user now uses the correct column (Brandin From Envesko)
  • 00940 Updated blank page to match new template system (Brandin From Envesko)
  • 00941 Modified fetchUserDetails to return null if no data is sent to the function (Brandin From Envesko)
  • 00942 Fixed data error on Admin Logs where the Log ID was shown as the User ID (Brandin From Envesko)
  • 00951 Added plugin hooks for admin_settings parser (pre and bottom) (Dan Hoover)
  • 00953 Cleaned up dnd function (Dan Hoover)
  • 00465 after_user_deletion script was added a while back (Dan Hoover)
  • 00467 errors have ids or classes now (Dan Hoover)

5.1.4

2020-07-16
  • 00888 Added eventhooks to verifyFail and verifySuccess (Dan Hoover)
  • 00891 Implemented Had3z's improvements to the Input class (Dan Hoover)
  • 00893 Moved character set designation higher up into mail function (Dan Hoover)
  • 00899 Fixed parser file location in session manager plugin (Dan Hoover)
  • 00903 Duplicate of simplex footer fix (Dan Hoover)
  • 00904 HTML edited in GDPR plugin (Dan Hoover)
  • 00905 Fixed a footer issue in simplex template (Dan Hoover)
  • 00906 Added a space to the English language and to the userspice language pack (Dan Hoover)
  • 00907 Fixed a php tag that was supposed to be php echo in user_settings.php (Dan Hoover)
  • 00911 Fixed rendering error in the form fields in the form builder plugin (Dan Hoover)
  • 00870 We now have a link to backup userspice on the auto update page (Dan Hoover)
  • 00874 Fixed a div causing footer/modal issues (Dan Hoover)
  • 00878 Removed remember me checkbox on login (Dan Hoover)
  • 00881 Fixed token error in stripe plugin (Dan Hoover)
  • 00886 After creating a new menu item, you are now redirected to the edit page (Dan Hoover)
  • 00887 Spelling error in en-us lang file (Dan Hoover)
  • 00889 Resolved in another commit (Dan Hoover)
  • 00890 Admin pages shows an alert when pages are removed from the db (Dan Hoover)
  • 00892 Added default timeout of 15 seconds for error messages (Dan Hoover)
  • 00894 Added an extra hook for the userInfo plugin (Dan Hoover)
  • 00900 Made the Update/Cancel buttons on user_settings.php look less terrible (Dan Hoover)
  • 00901 Added better ios compatibility to dropzone (Dan Hoover)
  • 00902 Disabling messaging if plugin not active for old installs (Dan Hoover)
  • 00912 Login.php now logs failed login attempts (Dan Hoover)
  • 00914 Fixed the inability for the public (not logged in) to view forums (Dan Hoover)
  • 00915 Fixed checkbox logic (Dan Hoover)
  • 00920 Resolved in Forum 1.0.1 (Dan Hoover)
  • 00921 New migration schema for plugins (Dan Hoover)
  • 00923 Updated fetchUserDetails to return null on no hits (Dan Hoover)
  • 00924 Wrapped helpers.php in function_exists and added classes to error messages (Dan Hoover)
  • 00670 Resolved in another commit (Dan Hoover)
  • 00926 Updated login.php err logic (Dan Hoover)
  • 00927 Updated logout method (Dan Hoover)
  • 00928 Made a db patch for db engine (Dan Hoover)
  • 00929 Made a db patch for db charset (Dan Hoover)
  • 00237 This feature is already implemented. (Dan Hoover)

5.1.3

2020-05-29
  • 00873 Missing $form_valid = true; causing misc scripts not be called in some circumstances (Dan Hoover)
  • 00877 Missing $form_valid = true; causing some of the join thank you scripts to not be called in some circumstances (Dan Hoover)
  • 00879 Missing $form_valid = true; causing during_user_creation to not be called in some circumstances (Dan Hoover)

5.1.2

2020-05-09
  • 00871 Added UTF-8 Encoding + Email attachment feature to mail function (From Edward) (Dan Hoover)
  • 00872 Upgraded to jQuery after bugs found by Edward and Waldo (Dan Hoover)

5.1.1

2020-05-04
  • 00821 Added password length and new ids for plugins/javascript (Dan Hoover)
  • 00826 Added after_user_deletion.php (Dan Hoover)
  • 00830 Now disabling messaging in DB if plugin is not active (Dan Hoover)
  • 00835 db results() now returns empty if the query fails (Dan Hoover)
  • 00836 Email query updated _admin_user.php (Dan Hoover)
  • 00838 Fixed bad return statement (Dan Hoover)
  • 00845 SAAS Updated (Dan Hoover)
  • 00850 Added Update & Close button to page editor (Dan Hoover)
  • 00851 Updated buttons on Admin Permissions (Dan Hoover)
  • 00852 Added Update & Close button to user editor (Dan Hoover)
  • 00853 Created IP Lock Plugin (Dan Hoover)
  • 00854 Changed int size on 5 columns (Dan Hoover)
  • 00857 Deleted 404 link in UserSpice forums (Dan Hoover)
  • 00858 New Validation Rule is_in_database (Dan Hoover)
  • 00860 Updated hasPerm logic (Dan Hoover)
  • 00795 Stable version users no longer see a new version in the update checker until it goes stable. (Dan Hoover)
  • 00799 Fixed user agent error (Dan Hoover)
  • 00813 Updated login id's and fixed bug that broke login if settings->recaptcha == 2 (Dan Hoover)
  • 00816 Usamusa UI changes (Dan Hoover)
  • 00817 This issue was resolved over email (Dan Hoover)
  • 00818 Fixed language issues in English and German [astrakid] (Dan Hoover)
  • 00828 Removed terms & conditions in favor of the GDPR plugin (Dan Hoover)
  • 00832 Updated stripe sign in button (Dan Hoover)
  • 00841 Usamusa UI changes (Dan Hoover)
  • 00847 Added feature in membership 1.0.5 (Dan Hoover)
  • 00859 You can now pass internal links to search in Spice Shaker (Dan Hoover)
  • 00861 Updated to jQuery 3.5.0 (Dan Hoover)
  • 00863 Updated to Bootstrap 4.4 by Usamusa (Dan Hoover)
  • 00864 Popper.js updated by Usamusa (Dan Hoover)
  • 00865 Added a space in the echouser function (Dan Hoover)
  • 00866 Updated to phpmailer 6.1.5 (Dan Hoover)
  • 00867 Cleaned up user_settings.php (Dan Hoover)

5.0.09

2020-01-22
  • No Issues Resolved

5.0.08

2019-12-21
  • 00768 Resolved in another commit (Dan Hoover)
  • 00772 Resolved in another commit (Dan Hoover)
  • 00778 Resolved some autocompletion errors (Dan Hoover)
  • 00780 Gravatar language no longer shows if profile_pic plugin is active (Dan Hoover)
  • 00786 Fixed language error in validate.php (Dan Hoover)
  • 00787 Updated backup delete feature (Dan Hoover)
  • 00788 Removed class text-danger from Validate class and helpers.php (Dan Hoover)
  • 00742 Resolved in another commit (Dan Hoover)
  • 00753 Moved form tag on admin_user (Dan Hoover)
  • 00755 PHP Mailer Updated to 7.3 compatible. (Dan Hoover)
  • 00761 Made fname, lname, email lengths consistent (Dan Hoover)
  • 00762 Resolved in another commit (Dan Hoover)
  • 00763 Fixed bug in _admin_user.php (Dan Hoover)
  • 00764 Fixed profile not being created for new users (Dan Hoover)
  • 00330 Resolved in another commit (Dan Hoover)
  • 00422 Resolved in another commit (Dan Hoover)
  • 00737 Updated phpmailer (Dan Hoover)
  • 00747 Resolved (Dan Hoover)
  • 00752 admin.php will now properly display Admin Dashboard as the page title (Brandin From Envesko)
  • 00771 Fixed dashboard hand floating improperly (Dan Hoover)
  • 00777 Fixed a bug causing some plugin hooks to install twice. (Dan Hoover)
  • 00781 Created diagnostic mode for spice shaker (Dan Hoover)
  • 00783 Removed duplicate language keys (Dan Hoover)
  • 00789 Tweaked admin menu (Dan Hoover)
  • 00790 Add ability to hide userspice default pages in the page manager (Dan Hoover)
  • 00791 Updated pluginActive function (Dan Hoover)
  • 00725 Hooker Plugin Updated (Dan Hoover)
  • 00484 Messaging Plugin Updated (Dan Hoover)
  • 00741 Messaging Plugin Updated (Dan Hoover)
  • 00750 Added sticky footer to default theme. (Dan Hoover)
  • 00759 Added the ability to specify a bug report is for a plugin/template etc (Dan Hoover)
  • 00765 Initial blocked and whitelisted ips cleared (Dan Hoover)

5.0.07

2019-11-07
  • 00697 Resolved in another commit (Dan Hoover)
  • 00701 No commit needed (Dan Hoover)
  • 00703 Resolved in another commit (Dan Hoover)
  • 00705 Got this working (Dan Hoover)
  • 00707 Added IP to user login logging (Dan Hoover)
  • 00708 Messaging Plugin Updated (Dan Hoover)
  • 00709 Forms plugin has been updated (Dan Hoover)
  • 00716 Stripe plugin has been updated (Dan Hoover)
  • 00717 Resolved duplicate ids in admin_user (Dan Hoover)
  • 00719 Please update your standard template (Dan Hoover)
  • 00722 Documentation Updated (Dan Hoover)
  • 00726 Documentation Updated (Dan Hoover)
  • 00704 Fixed spice shaker language downloader (Dan Hoover)
  • 00393 Using latest recaptcha with curl (Dan Hoover)
  • 00710 Cron jobs are now editable with oce.js (Dan Hoover)
  • 00711 Fixed a reintroduced bug (Dan Hoover)
  • 00712 Removed notice about API calls without a key (Dan Hoover)
  • 00713 UserSpice can now update itself through the check for updates button. (Dan Hoover)
  • 00714 API Key can now be entered on the dashboard general settings (Dan Hoover)
  • 00715 users/helpers/audit.php removed for new installs (Dan Hoover)
  • 00721 Updated join thank you. (Dan Hoover)
  • 00723 Please update form builder (Dan Hoover)
  • 00724 Update the styling of the ip manager (usamusa) (Dan Hoover)
  • 00728 Standard Template Updated (Dan Hoover)
  • 00729 Languages updated for new installs (Dan Hoover)
  • 00732 Die after successful join (Dan Hoover)
  • 00733 Twofa disabled for upgraders (Dan Hoover)

5.0.03

2019-09-05
  • 00683 Russian language added to language pack in spice shaker (Dan Hoover)
  • 00689 Removed the last few stray </img> tags (Dan Hoover)
  • 00691 Resolved along with other us_announcements issues (Dan Hoover)
  • 00692 Login TOS resolved! (Dan Hoover)
  • 00694 Edited helpers.php (see below (Dan Hoover)
  • 00695 Resolved in admin dashboard and admin templates views (Dan Hoover)
  • 00700 Resolved in 5.0.3 (Dan Hoover)
  • 00687 Made new _admin_annoucnements view (Dan Hoover)
  • 00693 Added pre to getMyHooks function (Dan Hoover)

5.0.01

2019-08-31
  • 00682 Non DB Nav Fixed (Dan Hoover)
  • 00684 _isCurl function added to check for Curl Installation (Brandin From Envesko)
  • 00643 Added timeout in update checker in case server is offline (Brandin From Envesko)
  • 00673 Standard Template: fixed footer class (Brandin From Envesko)
  • 00674 Standard Template: Removed duplicate <body> tag (Brandin From Envesko)
  • 00675 Stand Template: Removed rouge <img> tag (Brandin From Envesko)
  • 00677 Default Template: Resolved issue with header tag (Brandin From Envesko)
  • 00678 Added CDN popper.js to standard template (Dan Hoover)
  • 00679 Created new _configure_plugin_header to deal with plugin config header issue (Dan Hoover)

5.0.00

2019-08-23
  • 00658 Spice shaker now showing installed items (Dan Hoover)
  • 00660 Token issue resolved. (Dan Hoover)
  • 00661 Body tag added (Dan Hoover)
  • 00664 View Delete working now (Dan Hoover)
  • 00608 Merged some fixes for de-DE language (Brandin From Envesko)
  • 00611 languageSwitcher function now calls a DB instance instead of relying on it being available (Brandin From Envesko)
  • 00613 Email Settings now enforces a trailing slash (Brandin From Envesko)
  • 00614 Corrected a closing tag on _admin_page.php to span instead of small (Brandin From Envesko)
  • 00619 Removed duplicate messaging on _admin_permissions.php (Brandin From Envesko)
  • 00621 Not Malicious. Copy/pasta error (Dan Hoover)
  • 00625 Nulled Notification class (Dan Hoover)
  • 00628 Admin Dashboard Access now checks for Admin Perms prior to checking for additional permissions (Brandin From Envesko)
  • 00629 Added admin_pin.php back for new installs (Brandin From Envesko)
  • 00633 Prevented enter from submitting blank form (Dan Hoover)
  • 00636 Removed timepicker stuff from usersc (Dan Hoover)
  • 00637 Removed Spice Shaker from Menu for Non-Master Account (Dan Hoover)
  • 00639 Added new 'pre' plugin hook (Dan Hoover)
  • 00640 An extra closing bracket on the plugin parser has been removed (Brandin From Envesko)
  • 00642 Removed extra fclose in step2.php (Dan Hoover)
  • 00644 Bug Reporter now redirects to void the form submission (Brandin From Envesko)
  • 00655 Master account link on dashboard with documentation (Dan Hoover)
  • 00656 Hook explicitly defined (Dan Hoover)
  • 00657 Pulled from next installer (Dan Hoover)
  • 00662 Resolved in another commit (Dan Hoover)

4.4.14

2019-06-13
  • 00521 Admin Forms will no longer autocomplete (Brandin From Envesko)
  • 00558 Optimized hasPerm Function (Brandin From Envesko)
  • 00598 Forgot Password will no longer show if the email is invalid, just says there is an error (Brandin From Envesko)
  • 00602 Added containers to default template (Brandin From Envesko)
  • 00428 Minor redundancy fixes on Maintenance page (Brandin From Envesko)

4.4.13

2019-06-12
  • 00567 DB Clean widget updated (Dan Hoover)
  • 00569 Resolved in another commit (Dan Hoover)
  • 00571 Added missing {} (Dan Hoover)
  • 00576 Removed duplicate line (Dan Hoover)
  • 00577 LDAP Plugin Updated (Dan Hoover)
  • 00578 LDAP plugin now updates F/L name on login (Dan Hoover)
  • 00581 Some features pulled from dashboard access. (Dan Hoover)
  • 00582 Menu editor now saves sort. (Dan Hoover)
  • 00583 Bug reporter is now master only (Dan Hoover)
  • 00584 Added viewport to dashboard (Dan Hoover)
  • 00587 Fixed notifications (Dan Hoover)
  • 00590 Added Russian Language (Dan Hoover)
  • 00592 This is already fixed in 4.4.12/3 (Dan Hoover)
  • 00595 Changed language on email (Dan Hoover)
  • 00596 Removed autocomplete (Dan Hoover)
  • 00559 Removed front end Mass Messaging (Dan Hoover)
  • 00560 Containers, wrappers, and wells removed. (Dan Hoover)
  • 00572 Improved hook features (Dan Hoover)
  • 00579 Better description on email settings (Dan Hoover)
  • 00585 Removed features from dashboard access (Dan Hoover)
  • 00440 Removed ssp from logs (Dan Hoover)
  • 00555 Dashboard emails now sent in default system language (Dan Hoover)

4.4.12

2019-05-29
  • No Issues Resolved

4.4.11

2019-04-28
  • No Issues Resolved

4.4.10

2019-04-25
  • 00541 Updated documentation (Dan Hoover)
  • 00542 Documentation Updated (Dan Hoover)
  • 00545 Removed padding (Dan Hoover)
  • 00546 Remove meta information from admin_menu (Dan Hoover)
  • 00547 Replaced validation string (Dan Hoover)
  • 00548 Saving state of most datatables (Dan Hoover)
  • 00549 Moved Google Analytics to inside body tag (Dan Hoover)
  • 00550 Some meta tags moved to usersc/includes/head_tags.php (Dan Hoover)
  • 00515 Added a (rough) time option to the form manager (Dan Hoover)
  • 00535 Now allowing numbers in form names but no symbols (Dan Hoover)
  • 00538 Fixed some includes in superhero theme (Dan Hoover)
  • 00543 Fixed some form actions that caused errors on certain servers (Dan Hoover)
  • 00551 FB now logging IP on login (Dan Hoover)
  • 00493 Resolved in another commit (Dan Hoover)
  • 00494 Re-implemented custom settings (Dan Hoover)
  • 00497 Added type of money (Dan Hoover)
  • 00503 Resolved in another commit (Dan Hoover)
  • 00508 Changed some form editor formatting (Dan Hoover)
  • 00509 Form help opens in a new tab (Dan Hoover)

4.4.09

2019-04-12
  • 00524 Added users/includes/dashboard_language.php and changed some lang function logic (Dan Hoover)
  • 00525 Fixed dropdown value errors (Dan Hoover)
  • 00527 Moved favicon.ico (Dan Hoover)
  • 00529 Found stray ?> in users/includes/facebook_oauth.php (Dan Hoover)
  • 00510 Fixed JS error (Dan Hoover)
  • 00519 https://userspice.com/connecting-to-azure/ (Dan Hoover)
  • 00522 No commit needed (Dan Hoover)
  • 00528 Moved code to the bottom for better loading (Dan Hoover)
  • 00530 If statement modified to make sure messages are shown (Dan Hoover)
  • 00532 Implemented new language keys for emails (Dan Hoover)
  • 00533 Made plugin footers available both front and backend. (Dan Hoover)

4.4.08

2019-04-11
  • 00500 Added a fallback to en-US if $save is not defined (Dan Hoover)
  • 00502 Made db update to warn of this and significant changes to the user agreement file (Dan Hoover)
  • 00507 Added some {} (Dan Hoover)
  • 00501 Implemented Usamusa's cards and popovers (Dan Hoover)
  • 00512 Removed second join_cap (Dan Hoover)
  • 00513 Dashboard reworked, existing content converted to full width modules (Dan Hoover)
  • 00514 Added pt-PT from Flávio Martins Brasil (Dan Hoover)
  • 00517 Finished (see note) (Dan Hoover)
  • 00439 Idk what this meant. I need to make more detailed bug reports :) (Dan Hoover)
  • 00466 Changed div tags to nav (Dan Hoover)
  • 00470 Implemented Usamusa's fix (Dan Hoover)
  • 00492 Added suggested example (Dan Hoover)
  • 00504 Bulgarian Added (Dan Hoover)
  • 00506 Added links for everything except widgets (Dan Hoover)
  • 00511 Put a javascript widget in usersc/templates/default.footer.php (Dan Hoover)

4.4.07

2019-04-04
  • 00452 Created 2 videos as requested (Dan Hoover)
  • 00488 Bumped Version to 4.4.06 (Brandin From Envesko)
  • 00446 OAuth Success now reads from Database (Brandin From Envesko)
  • 00451 Resolved issue with helpers including usersc autoload (Brandin From Envesko)
  • 00471 Made logo.png, facebook.png, google.png responsive (Dan Hoover)
  • 00478 Resolved undefined issue with Update VNEno3E4zaNz (Brandin From Envesko)
  • 00481 Resolved issue with updater indicating file didn't exist when in fact it did (Brandin From Envesko)
  • 00482 Resolved (Dan Hoover)
  • 00487 Multi-Language Feature Addition (Brandin From Envesko)
  • 00411 Updated and restored Facebook Login (Brandin From Envesko)
  • 00443 Made changes to the way the footer is called and 2 minor fixes to form builder (Dan Hoover)
  • 00458 Force PW Reset Label will no longer trigger reset (Brandin From Envesko)
  • 00462 Built new form view preview feature (Dan Hoover)
  • 00472 Resolved issue with messages container (Brandin From Envesko)
  • 00474 Added Favicon code (Brandin From Envesko)
  • 00475 Resolved footer HTML issue (Brandin From Envesko)
  • 00477 Added PHP 7 ZIP warning for backups (Brandin From Envesko)
  • 00479 Multilanguage support for Validate Class (Brandin From Envesko)
  • 00480 Language keys for join frontend (Brandin From Envesko)
  • 00483 Added User Management Menu Language Key (Brandin From Envesko)
  • 00485 User Settings translations (Brandin From Envesko)
  • 00486 Multilanguage support for User Agreement (Brandin From Envesko)
  • 00490 Multilanguage compare (Brandin From Envesko)

4.4.04

2019-03-09
  • 00461 Bumped version to 4.4.04 (Brandin From Envesko)
  • 00450 Fixed footer on users/messages.php (Brandin From Envesko)
  • 00453 Updated group_menus and users login ints to 11 and unsigned in database (Brandin From Envesko)
  • 00454 Resolved token undefined error on Admin General Settings (Brandin From Envesko)
  • 00455 Resolved token undefined error on Admin Registration Settings (Brandin From Envesko)
  • 00456 Resolved token undefined error on Admin Login Settings (Brandin From Envesko)
  • 00459 Removed the delete button from the default permission levels (Brandin From Envesko)

4.4.03

2019-03-02
  • 00449 Bumped Version to 4.4.03 (Brandin From Envesko)
  • 00405 reAuth will no longer be unset on account.php (Brandin From Envesko)
  • 00414 Update system rewrite (Brandin From Envesko)
  • 00430 admin_verify.php uses the new nav engine (Brandin From Envesko)
  • 00433 Usersc Composer is now included in helpers by default (Brandin From Envesko)
  • 00435 Restored code for admin session management (Brandin From Envesko)
  • 00436 Manage Sessions kill button updated for BS4 compatibility (Brandin From Envesko)
  • 00437 Updated tomfoolery.js and header fixes for Session Management (Brandin From Envesko)
  • 00438 User creation exceptions now return the DB error for you to use (Brandin From Envesko)
  • 00442 Made validation errors on Users in ACP visible (Brandin From Envesko)
  • 00447 Disabled autocomplete on Admin Users (Brandin From Envesko)

4.4.02

2019-02-06
  • 00417 Fixed (Dan Hoover)
  • 00420 Fixed (Dan Hoover)
  • 00394 Updated FB Graph (Dan Hoover)
  • 00413 IP Logger rmigration (Brandin From Envesko)
  • 00415 Fixed by updating 2 links (Dan Hoover)
  • 00416 Resolved from PM (Dan Hoover)
  • 00419 resolved (Dan Hoover)
  • 00421 Thank you Trebor (Dan Hoover)
  • 00424 Fixed (Dan Hoover)
  • 00425 Fixed (Dan Hoover)
  • 00426 Fixed in both versions (Dan Hoover)

4.4.01

2019-01-24
  • 00409 70 changed files :) (Dan Hoover)
  • 00389 Resolved protection checkbox not working (Brandin From Envesko)
  • 00345 Complete. (Dan Hoover)
  • 00349 Edited installer sql file (Dan Hoover)
  • 00357 Fixed (Dan Hoover)
  • 00381 All resolved (Dan Hoover)
  • 00391 resolved (Dan Hoover)
  • 00395 Resolved exactly as shown in bug report (Dan Hoover)
  • 00398 Fixed (Dan Hoover)
  • 00403 Database navigation custom hook fixes (Brandin From Envesko)

4.4.0 BETA

2019-01-01
  • No Issues Resolved

4.3.26

2018-12-15
  • 00272 UserSpice 4.4 GDPR plugin addresses this. (Dan Hoover)
  • 00017 Resolved although not fully documented in 4.4 (Dan Hoover)
  • 00031 EchoUser has options now (Dan Hoover)
  • 00290 OCE only used in MQTT plugin. Left for compatibility reasons (Dan Hoover)
  • 00385 Fixed in 4.3 and 4.4 (Dan Hoover)
  • 00386 Fixed. Commit name was wrong. D'oh. (Dan Hoover)
  • 00387 Fixed and tested (Dan Hoover)
  • 00388 Fixed in 4.3.26 (Dan Hoover)
  • 00243 Fixed in Beta 3 (Dan Hoover)

4.3.25

2018-06-17
  • 00248 Fixed ipCheck function. (Dan Hoover)
  • 00249 Removed feature and killed parser. (Dan Hoover)

4.3.24

2018-05-15
  • 00209 Cross-Site Scripting (Brandin From Envesko)
  • 00211 admin_permission.php Unsanitized (Brandin From Envesko)
  • 00213 Remove legacy code from admin_permissions.php (Brandin From Envesko)
  • 00214 admin_user.php Unsanitized Value (Brandin From Envesko)
  • 00215 edit_form.php Unsanitized Values (Brandin From Envesko)
  • 00216 manage_sessions.php Unsanitized Values (Brandin From Envesko)
  • 00217 manage2fa.php Unsanitized Values (Brandin From Envesko)
  • 00218 tomfoolery.php Unsanitized Values (Brandin From Envesko)
  • 00219 messages.php Unsanitized Values (Brandin From Envesko)
  • 00220 admin_manage_sessions.php Unsanitized Values (Brandin From Envesko)
  • 00221 admin_message.php Unsanitized Values (Brandin From Envesko)
  • 00222 admin_messages.php Unsanitized Values (Brandin From Envesko)
  • 00223 admin_page.php Unsanitized Values (Brandin From Envesko)
  • 00224 edit_profile.php Unsanitized Values (Brandin From Envesko)
  • 00225 Repair Bios (Brandin From Envesko)

4.3.23

2018-04-26
  • No Issues Resolved

4.3.21

2018-04-25
  • 00130 Line 80 on twofa.php is incorrect (Brandin From Envesko)
  • 00023 Character "&" (Brandin From Envesko)
  • 00026 hasPerm needs isLoggedIn check before ID (Brandin From Envesko)
  • 00029 Settings are not refreshed after custom (Brandin From Envesko)
  • 00034 If you change your password any remote sessions should be destroyed (Brandin From Envesko)
  • 00059 forms.php (Brandin From Envesko)
  • 00086 User Settings email change (Brandin From Envesko)
  • 00098 User Settings for OAuth Users (Brandin From Envesko)
  • 00113 usersc-check for matching users on insert and match perms (Brandin From Envesko)
  • 00128 Are we sure Admin Verify Timeout is being used? (Brandin From Envesko)
  • 00129 us_fingerprint_assets does not have Fingerprint_Added (Brandin From Envesko)
  • 00131 manage2fa.php IP code wrong (Brandin From Envesko)
  • 00132 _admin_stats.php (Brandin From Envesko)
  • 00133 Redirect after creating form (Brandin From Envesko)
  • 00134 Reset Links from ACP invalid (Brandin From Envesko)
  • 00136 Add X-Editable CSS (Brandin From Envesko)
  • 00138 Composer.Json is missing some packages (Brandin From Envesko)
  • 00139 Update composer packages (Brandin From Envesko)
  • 00140 Update twofa security (Brandin From Envesko)
  • 00141 Global $us_url_root for verifyAdmin (Brandin From Envesko)
  • 00142 Two FA assets being inserted every time (Brandin From Envesko)
  • 00143 Two FA check failing (Brandin From Envesko)
  • 00147 verify_new error (Brandin From Envesko)
  • 00148 New Google Users die (Brandin From Envesko)
  • 00149 Have to revert all changes to params (Brandin From Envesko)
  • 00152 twofa.php API URL is not cross-compatible (Brandin From Envesko)
  • 00153 Manage 2Fa IP Echo Wrong (Brandin From Envesko)
  • 00154 Two FA Fingerprint Compare is wrong (Brandin From Envesko)
  • 00155 Fingerprinting and Session Tracking (Brandin From Envesko)
  • 00157 Make killAllSessions master account array only (Brandin From Envesko)
  • 00161 Remove error on page_footer session manager (Brandin From Envesko)

4.3.20

2018-04-21
  • 00114 PIN codes don't have to be numbers! (Brandin From Envesko)
  • 00115 Autocomplete on admin_pin should be disabled (Brandin From Envesko)
  • 00080 Fix form builder if required dropdown/etc is added later (Dan Hoover)
  • 00101 admin_user.php JS file call not cross-compatible (Brandin From Envesko)
  • 00103 Don't allow reauth on admin_pin (Brandin From Envesko)
  • 00104 Can't make disable_2fa private? (Brandin From Envesko)
  • 00105 Admin option to reset User PIN (Brandin From Envesko)
  • 00106 if local was commented out for reauth (Brandin From Envesko)
  • 00108 Fix to time2str() function in us_helpers.php (Brandin From Envesko)
  • 00110 2FA Assets Broken (Brandin From Envesko)
  • 00112 isAdmin needs $isLoggedIn (Brandin From Envesko)
  • 00117 Remove botched Fingerprinting Updates (Brandin From Envesko)
  • 00118 Allow overriding un-completed updates (Brandin From Envesko)

4.3.19

2018-04-14
  • 00043 MQTT tables does not load (Brandin From Envesko)
  • 00088 Couple of non usersc compatible links (Brandin From Envesko)
  • 00091 Omit disabled users from User Management List (Brandin From Envesko)
  • 00097 Advancements in admin_verify technology (Brandin From Envesko)
  • 00010 Two FA is not compatible with OAuth currently (Brandin From Envesko)
  • 00028 Your old password can be the same as your new... (Brandin From Envesko)
  • 00055 Link on "Database out of date..." warning not /usersc compatible (Brandin From Envesko)
  • 00060 Make the expiry time for $vericode_expiry in join.php a site setting (Brandin From Envesko)
  • 00061 Delete forms (Dan Hoover)
  • 00064 My cloaking got deleted! (Brandin From Envesko)
  • 00066 Redirect after confirmation of permissions (Brandin From Envesko)
  • 00068 Should email_test be UID 1 only? (Brandin From Envesko)
  • 00071 Allow destroying of fingerprints (Brandin From Envesko)
  • 00072 double checking what should be compared... (Brandin From Envesko)
  • 00073 Registration - Add Text Letting User Know Link Expires and To Check Their Junk Mail (Brandin From Envesko)
  • 00075 Clean up dnd and dump functions (Brandin From Envesko)
  • 00078 Get displaySingleItem update from RFID System (Dan Hoover)
  • 00079 Add and document skip field on displayForm function (Dan Hoover)
  • 00081 Remove Experimental From backup options (Dan Hoover)
  • 00083 Limit usersc redirect to only files in the 'users' folder (Dan Hoover)
  • 00084 Incorrect redirect after creating a new form (Brandin From Envesko)
  • 00092 Mistake on mqtt_settings.php (Brandin From Envesko)
  • 00093 FORCE updates on new install (Dan Hoover)
  • 00095 Create Form causes 404 (Brandin From Envesko)
  • 00099 Allow hasPerm to default to current user ID (Brandin From Envesko)
  • 00100 Track the date the use enrolls in 2FA (Brandin From Envesko)

4.3.18

2018-03-29
  • 00011 2FA needs some recognition for same PC? (Brandin From Envesko)
  • 00013 reAuth needs to be baked more (Brandin From Envesko)
  • 00065 We made re_auth illegal to set on admin_verify but shouldn't we just exclude it from check? (Brandin From Envesko)

4.3.17

2018-03-21
  • 00024 reAuth should be spam-proof (Brandin From Envesko)
  • 00032 Missing return in permissionNameExists function (Brandin From Envesko)
  • 00033 Update user: not check for new or old values (Brandin From Envesko)
  • 00041 Cron manager page typo (Brandin From Envesko)
  • 00044 _email_adminUser.php spelling mistake (Brandin From Envesko)
  • 00045 Join redirect got added before loggers again (Brandin From Envesko)
  • 00046 forgot_password link is not cross compatible (Brandin From Envesko)
  • 00047 Facebook login broken (Brandin From Envesko)
  • 00048 randomstring isn't overwriteable (Brandin From Envesko)
  • 00049 Update LoI68El211ON botches update.php (Brandin From Envesko)
  • 00050 Facebook Login on admin_social should be above the FB settings (Brandin From Envesko)
  • 00052 admin_logs should be sorted by logid not logdate (Brandin From Envesko)
  • 00053 Not all of the cancel buttons are cross-compatible (Brandin From Envesko)
  • 00054 2FA buttons on accounts.php not /usersc compatible (Brandin From Envesko)

4.3.16

2018-03-12
  • 00020 Two FA force outside of users directory (Brandin From Envesko)
  • 00025 No success message on messages archive? (Brandin From Envesko)
  • 00039 Force PR will die outside of users (Brandin From Envesko)
  • 00040 Misspelling (Dan Hoover)

4.3.15

2018-03-11
  • 00030 DB menus do not respect external URLS (Brandin From Envesko)
  • 00037 Wrong call on admin_users and admin_user for banning (Brandin From Envesko)

4.3.14

2018-02-18
  • No Issues Resolved

4.3.13

2018-02-07
  • No Issues Resolved

4.3.12

2018-02-07
  • No Issues Resolved

4.3.11

2018-02-07
  • No Issues Resolved

4.3.10

2017-12-12
  • No Issues Resolved

4.3.09

2017-12-02
  • No Issues Resolved

4.3.08

2017-11-27
  • No Issues Resolved

4.3.07

2017-11-27
  • No Issues Resolved

4.3.06

2017-11-27
  • No Issues Resolved

4.3.05

2017-11-27
  • No Issues Resolved

4.3.04

2017-11-16
  • No Issues Resolved

4.3.03

2017-11-16
  • No Issues Resolved

4.3.02

2017-11-11
  • No Issues Resolved

4.3.01

2017-11-11
  • No Issues Resolved

4.3.00

2017-11-11
  • No Issues Resolved

4.2.12

2017-11-11
  • No Issues Resolved

4.2.11

2017-09-09
  • No Issues Resolved

4.2.10

2017-08-13
  • No Issues Resolved

4.2.09

2017-07-02
  • No Issues Resolved

4.2.08

2017-06-08
  • No Issues Resolved

4.2.07

2017-06-08
  • No Issues Resolved

4.2.06

2017-04-18
  • No Issues Resolved

4.2.05

2017-04-18
  • No Issues Resolved

4.2.04

2017-04-18
  • No Issues Resolved

4.2.03

2017-03-10
  • No Issues Resolved

4.2.02

2017-03-06
  • No Issues Resolved

© 2026 UserSpice