Enhanced security

What else:

1. Browser should encrypt user password before sending Login Form Data (using javasript).
   
2. Time limit for session using encrypted cookies - after a certain period of time session should be disconnected
   
3. Storing encypted session data in database
   Jacek

Jacek,
honestly, this sounds like a bit of overkill.
I think if you run your application under HTTPS and have tight session timeout set in php.ini you should be fine in most cases.

I'm not sure if javascript-encrypted passwords add much value to the application.

SFTP (SSH) for file uploads would be a nice feature.
Thanks
wengen

Yes, SFTP over SSH2 may be a must have, cause all new rootserver are so configuratet the you can't via normal FTP on it.
Please fix it a.s.a.p.

Definitely the ability to manage/add groups. I have always thought it would be so much nicer to be able to have a web-based version of the Permission administration set, with the check the block method for assigning permissions.
Also, the ability to add your own {if $allow_OPTION} and then assign it a checkbox in the Group manager, as I recently had the need for a record Transfer button, which allowed me to transfer a similar record from one table to the other.

I would like to see the ability to use more than one Group Id in the security area. I am in need of having multiple admins ; but don't want the admins to see any of the other admins records. I know you can use the advanced security but I also have users logging into the same project and need the group id field for that level security. I have had to make two projects with two seperate logins meaning the admins have to login twice. I cannot use the same login as the access level for groups is different in each project.