1) added better validation across all user input both for the operator of Attendize and end user.
2) Remove html from translations so {{ }} can be used instead of {!! !!} as its more secure.
> Verifiers SHALL require subscriber-chosen memorized secrets to be at least 8 characters in length. Verifiers SHOULD permit subscriber-chosen memorized secrets at least 64 characters in length. All printing ASCII [RFC 20] characters as well as the space character SHOULD be acceptable in memorized secrets. Unicode [ISO/ISC 10646] characters SHOULD be accepted as well. To make allowances for likely mistyping, verifiers MAY replace multiple consecutive space characters with a single space character prior to verification, provided that the result is at least 8 characters in length. Truncation of the secret SHALL NOT be performed. For purposes of the above length requirements, each Unicode code point SHALL be counted as a single character.
https://pages.nist.gov/800-63-3/sp800-63b.html#-5112-memorized-secret-verifiers
1. After we have save the order to the database forget the session.
2. Firing events to create and send tickets should only be done after the we have saved the order to the database
On the completion of an order Attendize Generates a ticket and sends it via email. However if the ticket could not be generated we still attempt to send a file that does not exist which causes the checkout process to hang and throw an error message. Chained the Generate Ticket and SendOrderTickets events so that if a ticket cannot be generate we don't attempt to send it.
This library is no longer being supported and only supports Laravel up to 5.5. This prevents us from upgrading to Laravel 5.6.
Will consider adding it back if someone starts maintaining the actual library again.
Going forward Attendize will only support Stripe and Paypal as defaults. In future we will add instructions on customising Attendize with your own payment gateway.
1) Changed method call from lists to pluck.
2) Use set put instead of session set.
3) Removed references to artisan optimize command.
4) Added additionl check to base controller if auth user not set redirect to login.
5) Flush the session on logout.
6) Updated Event and Route service providers to work with Laravel 5.6.
7) Added new default logging config file.
8) Bump PHP versions from 7.0.30 to 7.1.20.
9) Added missing translations.
10) Fixed some issues with the templates.
merdiano
Sebastian Schmidt
Jeremy Quinton
Jeremy Quinton
Alex Chipangura
dsnap1993
Scott Bowler
heilgar