FreshRSS (Customized)/app/Controllers/userController.php, branch 1.27.1Customized version of FreshRSS, a self-hosted RSS feed aggregatorhttps://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.27.12025-09-15T20:17:14+00:00Fix another user self-delete regression (#7877)2025-09-15T20:17:14+00:00Inverleinverle@proton.me2025-09-15T20:17:14+00:00urn:sha1:ddb51c0e95074c6fbddade547ca267801177bb01
Regression from #7763
Earlier regression which was fixed before #7626
In addition:
* get rid of `data-toggle` (refactor)
* show invalid login message if deleting account and entered incorrect password instead of redirect to 403
* remove unused reference to `r` parameter
* `forgetOpenCategories()` on login not on any crypto form
Use `Minz_Translate::exists()` for language check in `createUser()` (#7934)2025-09-09T21:11:38+00:00Inverleinverle@proton.me2025-09-09T21:11:38+00:00urn:sha1:087df1e5d990cb9464bf1ac7f36f136c64d9dd2e
(consistency)
Related / follow-up: #7878
Add a default language constant (#7933)2025-09-09T20:01:04+00:00Alexis Degrugillieraledeg@users.noreply.github.com2025-09-09T20:01:04+00:00urn:sha1:6ad625812a77dc1a63b3c88792b588de11ae8f3c
This replace the use of `en` through out the code.Change how files are included (#7916)2025-09-05T13:56:46+00:00Alexis Degrugillieraledeg@users.noreply.github.com2025-09-05T13:56:46+00:00urn:sha1:23ba48c71f0d41bbe012d668349f6516dad527b4
1. `include`, `include_once`, `require` and `require_once` are expressions not functions, parentheses are not necessary.
2. to move up the directory tree, it's better to use the `dirname` function instead of relying on `/..`.Regenerate session ID on login (#7829)2025-08-30T19:40:00+00:00Inverleinverle@proton.me2025-08-30T19:40:00+00:00urn:sha1:200eafb352f807bd70592b2ccc06745017328a85
Follow-up to #7762
* Regenerate session ID on login
* Send only one cookie
* Improvements
* Delete old session file
* Simplify
* Make function consistent with others
Fix create user bugs (#7783)2025-08-03T21:14:59+00:00Inverleinverle@proton.me2025-08-03T21:14:59+00:00urn:sha1:26377b543d8b1cc4f3c0c60300d49fcbb2dcfa13
* Fix registration regression due to #7753
* Add missing access check
Implement sudo mode / reauthentication (#7753)2025-07-31T11:53:14+00:00Inverleinverle@proton.me2025-07-31T11:53:14+00:00urn:sha1:3ce64d271b2b470bd6c9f7294946347dcdfed9b9
* Implement sudo mode / reauthentication
* i18n: fr
* generate flags
* Improvements
* Remove HMAC check
* Don't require reauth to access logs when signed in as admin
* Notify user of bad login via notification instead
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>Require current password when setting new password (#7763)2025-07-31T07:24:37+00:00Inverleinverle@proton.me2025-07-31T07:24:37+00:00urn:sha1:f85333e98adff296700e01ece8843aaf94694257
* Require current password when setting new password
* i18n: fr
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>`before_login_btn` hook + system conf attributes (#7761)2025-07-30T06:03:04+00:00Inverleinverle@proton.me2025-07-30T06:03:04+00:00urn:sha1:e33ef74af9ff2f8ba1c6909b78ee07633cff240a
* `before_login_btn` hook + system conf attributes
* phpstan fix
* Refactoring
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>Restore user config from backup when it doesn't exist (#7682)2025-06-21T22:10:13+00:00Inverleinverle@proton.me2025-06-21T22:10:13+00:00urn:sha1:bea9ca12adf58896a95959c4a1fbb48f4bbc144b
* Restore user config from backup when it doesn't exist
* Supress warnings
* Remove copied config if copy() fails
* `return false` after `unlink()`
* Performance
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>