Skip to content

Releases: SnatMTE/code-examples

v0.04-security

v0.04-security Pre-release
Pre-release

Choose a tag to compare

@SnatMTE SnatMTE released this 15 Dec 22:04

This release hardens the forum application against common web risks: CSRF, XSS, session hijacking, unsafe DB access, and insecure password reset flows. It centralises security logic, improves database handling, and adds safer defaults; no breaking API changes, but follow the migration and test checklist below before deploying.

If, for some reason, you need to upgrade from v0.3, run this wherever you run your SQL queries.

ALTER TABLE users
ADD COLUMN reset_token VARCHAR(255) DEFAULT NULL,
ADD COLUMN reset_expires DATETIME DEFAULT NULL;

Full Changelog: v0.03...v0.04-security

v0.03

v0.03 Pre-release
Pre-release

Choose a tag to compare

@SnatMTE SnatMTE released this 06 Feb 17:48
9ba66f7

Corrected a couple of issues and added two new things.

  • User profile page to allow the user to change email and password.
  • Forgotten password feature - just sends a random password to their email address.

v0.02

v0.02 Pre-release
Pre-release

Choose a tag to compare

@SnatMTE SnatMTE released this 05 Feb 22:23
278ec96

Cleaned it up a little bit to make it easier to follow. The header and footer use a template file now.

v0.01

v0.01 Pre-release
Pre-release

Choose a tag to compare

@SnatMTE SnatMTE released this 05 Feb 19:06
766d029

There will be no updates for this so please feel free to do with it as you wish. This was done while bored just so I can say to myself I have made a forum. There are no real security checks or no real features that make it useful for a forum.