2026-06-13

• Security: login brute-force protection added — after 3 failed sign-ins an account is temporarily locked for 5 minutes, and after 6 failed sign-ins it is locked until an administrator unlocks it. System Config › User Management now shows a Locked / Timed-out badge and an Unlock button per account, and every sign-in attempt is recorded for auditing
• Login: the username is now kept after a failed sign-in so it no longer has to be retyped, and the page shows a clear message when an account is temporarily timed out or has been locked
• Security hardening: removed the one-time contribution seed script from the server, blocked direct web access to the uploads and migrations folders, and stopped internal error details from being shown in the browser when Timecard Manager or Departments fail to load
• Account menu: the top-right dropdown now shows your avatar, and avatar badges are color-coded by role (Admin, Payroll Officer, Timekeeper, Supervisor, Employee)
• Tables: column headers now stay pinned to the top while scrolling long tables — applied across the data tables, the Role Permissions matrix, Government Contributions, and System Logs
• Mobile: the Overtime/WDO, Leave, and Loan/CA tables now scroll horizontally within their card instead of overflowing on small screens
• Maintenance: database schema setup was moved out of runtime code into versioned migration files, and a case where a database error while saving the weekly schedule was silently ignored has been fixed
• Pay period: changing the active pay period from the topbar now refreshes the current page so all period-dependent content updates immediately — the Shift & Schedule, Daily Time Record, and Payroll Processing tables, plus the posted/locked banner — instead of continuing to show the previous period
• Timecard Manager: the topbar pay-period selector is now hidden on this page, which has its own Period date-range filter — removing the confusion of two competing period controls