- Check for XSS vulnerabilities etc.
- DONE---Create the ability to reset passwords via challenge question.
- DONE---Give users the ability to update and change ALL of their private information.
- DONE---Give admins the ability to edit all information that belongs to registered users.
The default dump provided has these accounts already installed.
[email protected] => pw: 'password'
[email protected] => pw: 'password'
[email protected] => pw: 'password'
[email protected] => pw: 'password'
The password-reset answer for all of these accounts is 'Team Alpha'
To display a notice or an error message the next time a page is rendered to
this user, set the $_SESSION['notice']
or $_SESSION['error']
variables,
respectively. Like so:
$_SESSION['error'] = 'Invalid user credentials, please try again.';
Next time a page is rendered (through index.php), the message will be prettily
displayed then removed from that user's session variables. The pages the message
displays via are html/notice.html
and html/error.html
.