2025-12-05
Hardening certain URL paths.

Fixing bug in cron.php which allowed it to run w/o the proper token provided.

Hard-coding (and modifying repo) so that /custom/files/private and its .htaccess file is
included by default, since other modules assume it to be there.

Added IP-banning functionality.

2025-11-20
Minor changes for PHP 8.3.

2025-11-13
Minor changes for PHP 8.3.

If term structures not set up yet, does not produce a warning.

2025-10-13
Minor changes for PHP 8.3 and to fix warnings.

Removed unnecessary array_get() function from misc.php. It duplicated the functionality of the ??
operator in PHP 7.0, which is a minimum requirement for FlightPath.

2025-09-18
Minor change to login page CSS for mobile screens

2025-09-10
Minor changes for PHP 8.3.

2025-08-31
Made modifications to make more compatible with PHP 8.3.

2025-08-04
If we lack the ability to receive emails, then the engagements module displays a different message when you send
an email to a student.

2025-07-30
Added use of random_bytes() function (from PHP 7+) if available, when creating a new password hash.

2025-07-29
Added a try/catch around a call to the Twilio API in the engagements module.

Added some code to fix a deprecated message when setting password.

2025-07-28
Modifications to ensure that if a password is entered, it is trimmed of preceeding or trailing whitespace before being saved.

Modifications to display password complexity requirements. Added comments for future revisions.

2025-07-26
Tweak to style.css so that fpm messages are always left-aligned.

Added documentation to hook.api.php

Added a new argument in form_error(), that tells FlightPath to stop running other validator functions if the form error is set.

Created new functions in password.inc to check that a password is complex enough, and another to return
the complexity rules so we can print them on screen.

2025-07-21
Hardening inputs in course_search module (when selecting subject).

Added function: filter_untrusted_input() to misc.inc. Useful for stripping possible trouble characters
from user input.

Tidied up code in various spots, hardened inputs as well just to be safe.

2025-05-23
Added new setting to System Settings form (utilized by the advise module, content module, comments, etc.) which lets you selectively delete or NOT delete
data (like student substitutions) which have been flagged as "deleted" in the database. The previous behavior was to
delete such data.

Added extra watchdog logging to student_files deletion as well as modifications in the audit module.

Minor changes to engagements module to stop "notices" from PHP 8.