Search find on this site
Due to Zend's recent decision to end support for PHP 4.x at the end of this year, the Enano project has made the decision to drop support for PHP 4.x in versions 1.1.x and newer. The 1.0.x stable branch will be the last branch to support servers running PHP 4.x.
We're doing this because Enano relies mainly on OOP for most of its operations, and PHP 4 does not provide the security we need. Any fool can find about $session->private_key, or any other of Enano's secrets, and have a properly-written page spit out that private key and the entire contents of the password list. To that end, we may be taking the SHA1 route, depending on what kind of encryption technologies can be developed, but in the mean time, the plan is to make sensitive variables like $session->private_key protected and only accessible to internal Enano functions.
The Enano 1.0.x branch will be maintained indefinitely at this point. We plan to provide at least 2 years of support and updates, possibly more. This all depends on how many bug and security reports we receive. The Enano Project's policy with security patches is, as soon as a security flaw notice is received and reviewed and the bug is patched, we will send out a new release.
