-----BEGIN PGP SIGNED MESSAGE-----


Simple Text-File Login script (SiTeFiLo).
Copyright 2004 by Mario A. Valdez-Ramirez
(mario@mariovaldez.org). 
(Read the license.txt file for details).


This is version 1.0.2.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Summary of this release (1.0.2):

* Support for encrypted passwords.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1.0.2, 2004/10/11:

Added support for MD5 hashed (encrypted) passwords in function
fslogin_check_user in slogin_lib.inc.php. Added new configuration
variable slogin_usehashes to slogin_lib.inc.php.

Added example users to slog_users.txt and slog_users.php files with
MD5 hashed passwords.

Created new script slogin_genpass.php to generate MD5 hashes from a
given string. To be used to generate MD5 hashes.

Added preset value for username field in slogin.inc.php so that the
username field is prefilled with the latest tried username.

Added lenght verification for POST and SESSION data, to improve
security.



%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1.0.1, 2004/07/28:

Added alternative users file (slog_users.php) to use when fopen is
disabled.

Added verifications to slogin_lib.inc.php to check if fopen was
succesful or not (when reading the user file or writing to the logs).

Added checks to adminlog.php for user identity (only admin can see
the logs) and if we can use fopen or not. If we are not using fopen
we can't show the logs, as there are not logs to show anyway.




%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1.0.0, 2004/07/14:

Initial release.






-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQWrVNTpHuYe8JiHtAQHP9AP+It53CPvWkALPOhaJfpt77zr0T4N4j9tR
Ia5wYTO+N1AISQNBnBlXeA7oHP1wnMhTWqN1f3VE4GiIFt82/7kQxmzjDepx/Bf3
cZWxNyeHhkAe/XZ030tVPayoTUMm41kf+KGML9rzt4/TIixaZYTRjgi0UkMkMOWI
hr6i35Yc1sM=
=FOaR
-----END PGP SIGNATURE-----
