We have presented a lot of changes and improvements regarding the general usability as a user. It's about time to take a closer look at the improvements to the administration control panel (ACP).
Simplified style import
Styles can be directly imported through the style management, but styles offered in the Plugin-Store are always encapsulated in a package in order to distribute it using our package servers. Unfortunately attempting to upload such a package in the style management would just cause the system to reject it, causing confusion every once in a while. We have change the style import form to be aware of packages and it is now able to properly detect them and forwards it to the package installation system.
Uploading smiley images
Smilies can now be uploaded directly in the smiley add/edit form and no longer requires the administrator to manual upload the file using FTP.
Assign and send a new password for users
We have added a new clipboard action related to users, it allows the administrator to send the selected users a new, randomly generated password by email.
Comparing changed templates
Being able to customize every template in the system is a great thing, but as new versions of the templates gets deployed through updates, your own versions will sooner or later get out of sync. We've added a comparison tool which allows you to compare your modified template against the original version, easing the process of applying required changes.
Manage page menu items the easy way
The page menu item management has always been pretty powerful, but requiring to know the exact controller name (including its full namespace) goes a bit too far. Instead of manually providing the correct class name, you can now select from a list of known controllers and the system will do everything else in the background. It is worth noting that you can still provide the controller name yourself, the page list is intended to be a helpful addition, not a replacement.
Failed login attempts
We have added an optional setting to write failed login attempts to a log, accessible through the ACP. Next there are a bunch of new settings controlling the system's behavior towards failed attempts. Once a certain amount of failed attempts occurred in a short period of time, the user will be asked to solve a captcha before continuing to login. In addition there is a higher threshold at which the user's IP address will be temporarily blocked from the login system. One short notice on the count for failed attempts, the system both tracks failed attempts per IP and per username and will defend against single and distributed attempts to log into a foreign account.