Dan [Sat, 17 Jan 2009 11:32:52 -0500] rev 317
Merging branches
Dan [Sat, 17 Jan 2009 11:32:18 -0500] rev 316
SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Dan [Sat, 17 Jan 2009 11:31:45 -0500] rev 315
Minor fix to OS detection in install
Dan [Sat, 29 Nov 2008 22:50:19 -0500] rev 314
Plugins can now register their own custom actions for $_GET["do"]. (Backport from unstable)
Dan [Thu, 27 Nov 2008 10:57:50 -0500] rev 313
Stable release: Enano CMS 1.0.5 (Ferrishyn)
Dan [Thu, 27 Nov 2008 10:38:00 -0500] rev 312
Remove some unused/obsolete release tags
Dan [Thu, 27 Nov 2008 10:26:49 -0500] rev 311
[cosmetic only] lowercase release name in installer splash
Dan [Thu, 27 Nov 2008 10:21:58 -0500] rev 310
Made UX for Windows patch more pleasant including external documentation. Breaking change to dynamic download script.
Dan [Tue, 25 Nov 2008 22:08:00 -0500] rev 309
Updated readme for Ferrishyn
Dan [Fri, 07 Nov 2008 08:56:53 -0500] rev 308
Fixed sanitization of full page IDs with accidental parse of escaped hex character in dirtify_page_id(). Thanks Asterion; see http://forum.enanocms.org/post/20/
Dan [Tue, 16 Sep 2008 08:20:14 -0400] rev 307
Fixed IPv6 address match (the one from phpBB3 did not work)
Dan [Wed, 10 Sep 2008 06:57:54 -0400] rev 306
Fixed SQL parse errors caused by conversion to \r\n by some FTP/zip clients (hackish workaround that isn't Enano's fault)
Dan [Fri, 22 Aug 2008 01:05:42 -0400] rev 305
Forgot to update, merging heads from nighthawk and scribus
Dan [Fri, 22 Aug 2008 01:04:20 -0400] rev 304
Redid tags to match version numbers; only latest release will be tagged as such from now on. Hopefully Mercurial registers this.
Dan [Sun, 17 Aug 2008 08:38:15 -0400] rev 303
Upgrade from 1.0.4 -> 1.0.5 now tolerates errors in user -> user_id transition in tags table
Dan [Tue, 05 Aug 2008 14:02:26 -0400] rev 302
Tagging revision 290 (72ecb951b313) as release, it was never done before.
Dan [Tue, 05 Aug 2008 14:02:18 -0400] rev 301
Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
Dan [Mon, 04 Aug 2008 11:44:20 -0400] rev 300
RNG now uses /dev/urandom instead of /dev/random to fix slowdowns during login. Potentially not as secure, but speed problems on some servers were of blocker severity.
Dan [Thu, 26 Jun 2008 21:00:25 -0400] rev 299
Merging scribus and nighthawk branches
Dan [Thu, 26 Jun 2008 20:59:57 -0400] rev 298
Fixed jBox hover event reference to undefined object
Dan [Thu, 26 Jun 2008 20:59:23 -0400] rev 297
Fixed E_STRICT under PHP 5 and 6 (reference operator in instanciation)
Dan [Thu, 12 Jun 2008 10:58:48 -0400] rev 296
Merging in page['visible'] patch from unstable, pages marked as invisible should now be omitted from searches
Dan [Fri, 09 May 2008 23:33:11 -0400] rev 295
Tagging latest revision as rebrand
Dan [Fri, 09 May 2008 23:32:51 -0400] rev 294
Rebrand as 1.0.5 (Ferrishyn)
Dan [Fri, 09 May 2008 23:32:00 -0400] rev 293
Fixed (again) the user -> user_id transition in enano_tags table
Dan [Sun, 13 Apr 2008 17:03:15 -0400] rev 292
Fixed aclScopeSel control in Safari/KHTML
Dan [Sun, 13 Apr 2008 17:02:42 -0400] rev 291
Added enforced warning about PHP4
Dan [Sun, 16 Mar 2008 21:08:37 -0400] rev 290
Filled and updated out the README for 1.0.4
Dan [Sat, 15 Mar 2008 16:34:28 -0400] rev 289
Backporting cron fixes from unstable
Dan [Sun, 02 Mar 2008 21:34:56 -0500] rev 288
Allowed uppercase characters to be used in the database name (thanks Andrew)
Dan [Sun, 02 Mar 2008 14:52:08 -0500] rev 287
Fixed PHP warning in Rijndael RNG code when open_basedir restriction in effect
Dan [Thu, 28 Feb 2008 12:33:25 -0500] rev 286
Tagging latest revision as rebrand
Dan [Thu, 28 Feb 2008 12:33:01 -0500] rev 285
Rebrand as 1.0.4 (Ellyyllon)
Dan [Fri, 22 Feb 2008 12:46:51 -0500] rev 284
Fixed: RenderMan::getPage() failing with access denial when fetching template and view_source results in deny
Dan [Fri, 01 Feb 2008 22:31:57 -0500] rev 283
Made all captcha fields case-insensitive (thanks pkeating)
Dan [Thu, 31 Jan 2008 22:28:40 -0500] rev 282
Merging scribus and nighthawk branches
Dan [Thu, 31 Jan 2008 22:28:12 -0500] rev 281
Fixed jBox menus failing to appear when window scrolled down
Dan [Thu, 31 Jan 2008 21:52:39 -0500] rev 280
Fixed special pages being returned with subpage information inappropriately from $paths->get_pageid_from_url()
Dan [Mon, 28 Jan 2008 23:07:32 -0500] rev 279
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
Dan [Mon, 28 Jan 2008 23:06:38 -0500] rev 278
Re-applying the revision with the comment fix (bad merge a couple revs back)
Dan [Sun, 27 Jan 2008 23:43:24 -0500] rev 277
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
Dan [Wed, 23 Jan 2008 19:36:42 -0500] rev 276
Merging in a couple revisions from Nighthawk
Dan [Wed, 23 Jan 2008 19:36:16 -0500] rev 275
Fixed case-sensitive file extensions
Dan [Sun, 20 Jan 2008 23:18:03 -0500] rev 274
Fixed broken regenCaptcha() in Special:Register
Dan [Sat, 19 Jan 2008 00:47:52 -0500] rev 273
Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.
Dan [Fri, 18 Jan 2008 10:35:33 -0500] rev 272
Removed all PostgreSQL support from the installer as per http://enanocms.org/News:1200114064; installer support for Postgres is available in the 1.1 branch now
Dan [Wed, 09 Jan 2008 22:23:09 -0500] rev 271
PHP4 fix: sidebar missing in installer UI: problem was wrongly named constructor for templateIndividualSafe
Dan [Wed, 09 Jan 2008 22:13:42 -0500] rev 270
Fix undefined E_STRICT under PHP 4; add PHP 4 deprecation notice in admin panel
Dan [Tue, 01 Jan 2008 22:50:49 -0500] rev 269
Installer works again now (for MySQL only)
Dan [Tue, 01 Jan 2008 22:30:53 -0500] rev 268
Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
Dan [Mon, 31 Dec 2007 21:16:27 -0500] rev 267
Integrating patch for PHP 6.0-dev compatibility
Dan [Thu, 27 Dec 2007 11:35:00 -0500] rev 266
Fixed search indexer causing duplicate keys when two "words" of 64+ characters encountered and first 64 characters are the same (thanks Vadi); attempt to fix onunload confirmation during page editing
Dan [Sun, 23 Dec 2007 17:58:21 -0500] rev 265
Corrected licensing issue on YoungPup's DOM-Drag (it is now public domain -> GPLv2+ for Enano); fixed wrongful access denial under specific circumstances (fetch_page_acl() on nonexistent page + wiki mode)
Dan [Wed, 19 Dec 2007 17:15:48 -0500] rev 264
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Dan [Tue, 18 Dec 2007 23:47:33 -0500] rev 263
Merging in a few stray changes from the MySQL branch
Dan [Tue, 18 Dec 2007 23:45:43 -0500] rev 262
A number of updates to the graphing code (it should actually work now)
Dan [Tue, 18 Dec 2007 23:44:55 -0500] rev 261
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Dan [Sat, 15 Dec 2007 18:11:59 -0500] rev 260
Set Content-type on AJAX login key request to application/json to hopefully block ad injection
Dan [Sat, 15 Dec 2007 18:10:14 -0500] rev 259
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
Dan [Wed, 12 Dec 2007 21:46:28 -0500] rev 258
Stable release: Enano CMS 1.0.3 (Dyrad)
Dan [Wed, 12 Dec 2007 21:37:40 -0500] rev 257
Tagging latest revision for rebrand
Dan [Wed, 12 Dec 2007 21:37:23 -0500] rev 256
Rebrand as 1.0.3 (Dyrad)
Dan [Wed, 12 Dec 2007 21:04:20 -0500] rev 255
SECURITY: CRITICAL: Fix SQL injection in admin CP page editor
Dan [Tue, 11 Dec 2007 19:15:26 -0500] rev 254
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Dan [Mon, 03 Dec 2007 18:45:37 -0500] rev 253
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
Dan [Mon, 03 Dec 2007 17:36:25 -0500] rev 252
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Dan [Sat, 01 Dec 2007 02:39:49 -0500] rev 251
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
Dan [Sat, 01 Dec 2007 00:35:42 -0500] rev 250
Stable release: Enano CMS 1.0.2 (Coblynau)
Dan [Sat, 01 Dec 2007 00:35:15 -0500] rev 249
Dummy revision to artificially increment build number
Dan [Sat, 01 Dec 2007 00:34:03 -0500] rev 248
Fix missing dependency on search.php in upgrade script
Dan [Sat, 01 Dec 2007 00:32:58 -0500] rev 247
Detagging release due to stupid upgrade fix
Dan [Fri, 30 Nov 2007 23:09:44 -0500] rev 246
Stable release: Enano CMS 1.0.2 (Coblynau)
Dan [Fri, 30 Nov 2007 22:16:26 -0500] rev 245
How could I forget the TRADEMARK SIGN?
Dan [Fri, 30 Nov 2007 22:13:03 -0500] rev 244
Updated artwork with finalized new/revised logo; finalized upgrade schema
Dan [Wed, 28 Nov 2007 15:24:23 -0500] rev 243
Add installer pop-help topic for URL scheme, in response to http://forum.enanocms.org/viewtopic.php?f=5&t=19
Dan [Wed, 28 Nov 2007 14:47:42 -0500] rev 242
Oops, never merged in updates from ee1fc84f12a8 (240)
Dan [Wed, 28 Nov 2007 14:46:03 -0500] rev 241
Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php
Dan [Sun, 25 Nov 2007 21:40:42 -0500] rev 240
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
Dan [Sun, 25 Nov 2007 21:18:52 -0500] rev 239
Final development freeze for release: 1.0.2 (Coblynau); only critical bugs fixed until GA
Dan [Sun, 25 Nov 2007 20:24:16 -0500] rev 238
Add warning in installer for PHP < 5.2.0; hopefully fix validation of e-mail addresses with dashes
Dan [Sun, 25 Nov 2007 19:23:50 -0500] rev 237
Nothing special. ksort()ing list of allowed filetypes in the admin panel to make editing the list marginally easier
Dan [Sun, 25 Nov 2007 19:03:50 -0500] rev 236
Added OpenDocument MIME types and extensions; make sql_report page show total time taken for SQL queries
Dan [Sun, 25 Nov 2007 17:53:03 -0500] rev 235
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Dan [Sat, 24 Nov 2007 13:16:20 -0500] rev 234
A couple of minor tweaks to the upgrade schema; tests pending
Dan [Sat, 24 Nov 2007 02:11:43 -0500] rev 233
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
Dan [Sat, 24 Nov 2007 01:35:12 -0500] rev 232
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
Dan [Sat, 24 Nov 2007 01:04:30 -0500] rev 231
Hopefully once again fix scriptPath detection in dbal.php
Dan [Sat, 24 Nov 2007 01:02:55 -0500] rev 230
Fix missing REPORT_URI variable in template_nodb
Dan [Sat, 24 Nov 2007 00:53:23 -0500] rev 229
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Dan [Fri, 23 Nov 2007 17:59:24 -0500] rev 228
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
Dan [Thu, 22 Nov 2007 02:10:12 -0500] rev 227
Made the username validation regexp in install less picky since it was blacklisting two of the letters in my name. >.<
Dan [Wed, 21 Nov 2007 22:50:08 -0500] rev 226
Feature freezing repository for Coblynau release
Dan [Wed, 21 Nov 2007 22:49:37 -0500] rev 225
Entering feature freeze for Coblynau release
Dan [Wed, 21 Nov 2007 21:56:49 -0500] rev 224
AJAX login box now briefly shows the message "success" when a login is successful
Dan [Wed, 21 Nov 2007 20:40:26 -0500] rev 223
Deprecated and removed Oxygen css-simple/bleu.css
Dan [Wed, 21 Nov 2007 20:14:14 -0500] rev 222
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Dan [Wed, 21 Nov 2007 15:18:15 -0500] rev 221
Re-add search_results hook and changed column type of search_index.word to varchar(64) in installer schema
Dan [Wed, 21 Nov 2007 15:13:06 -0500] rev 220
Merging in new search algo from Scribus
Dan [Wed, 21 Nov 2007 15:11:51 -0500] rev 219
Minor fix for the password meter in Admin:UserManager
Dan [Wed, 21 Nov 2007 15:10:57 -0500] rev 218
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Dan [Sun, 18 Nov 2007 18:44:55 -0500] rev 217
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Dan [Sat, 17 Nov 2007 23:30:23 -0500] rev 216
Fixed a couple of renaming issues in the installer
Dan [Sat, 17 Nov 2007 23:09:12 -0500] rev 215
Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
Dan [Sat, 17 Nov 2007 22:56:26 -0500] rev 214
Removed stray debug message in installer
Dan [Sat, 17 Nov 2007 21:09:31 -0500] rev 213
Well I'm an idiot - the fulltext index on page_text was missing from a default installation. It didn't break searches but probably slowed them down tremendously. Also set engine to MyISAM on page_text to avoid cryptic error messages from MySQL.
Dan [Sat, 17 Nov 2007 20:31:01 -0500] rev 212
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Dan [Sat, 17 Nov 2007 18:54:13 -0500] rev 211
Javascript validation for install DB info form didn't allow dashes
Dan [Sat, 17 Nov 2007 18:51:06 -0500] rev 210
Changed default content for the main page to something a lot more user-friendly and helpful
Dan [Sat, 17 Nov 2007 15:40:04 -0500] rev 209
Rewrote some security code in PageUtils::savepage to accommodate the ACL system better; there was an issue with non-admin users saving pages on which they have edit rights but wiki mode is turned off
Dan [Sat, 17 Nov 2007 15:02:08 -0500] rev 208
Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
Dan [Sat, 17 Nov 2007 14:57:00 -0500] rev 207
Patched in dash-in-database-name fix from unstable
Dan [Thu, 15 Nov 2007 18:02:14 -0500] rev 206
Merge in installer fixes from 204 (ba28d43a6b86)
Dan [Thu, 15 Nov 2007 18:00:39 -0500] rev 205
Merging in all changes from revision 185 (90b7a52bea45)
Dan [Thu, 15 Nov 2007 17:52:53 -0500] rev 204
Fixed a few (more) MySQL issues with the installer and dashes in the database name
Dan [Fri, 09 Nov 2007 23:36:49 -0500] rev 203
Database name can now contain dashes (as per requested at http://forum.enanocms.org/viewtopic.php?f=5&t=14); corrected some installer behavior issues with connecting as root and setting up permissions resulting in logs not being flushed, configs not being inserted, and what have you.
Dan [Fri, 09 Nov 2007 11:14:20 -0500] rev 202
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
Dan [Mon, 05 Nov 2007 20:00:41 -0500] rev 201
Fix installation with MySQL root option
Dan [Mon, 05 Nov 2007 19:50:40 -0500] rev 200
Out with the old, in with the new. Welcome to Enano's new installer framework!
Dan [Mon, 05 Nov 2007 17:11:37 -0500] rev 199
Second try (need config.php to exist before the API can be started, duh)
Dan [Mon, 05 Nov 2007 17:07:22 -0500] rev 198
Renaming config.php and .htaccess to *.new to allow tarbombing an Enano installation with no adverse effects; first attempt, may not work right.
Dan [Sat, 03 Nov 2007 21:32:26 -0400] rev 197
"Fix" e-mail parse bugs in installer
Dan [Sat, 03 Nov 2007 18:26:24 -0400] rev 196
Fix PHP4 compatibility (function def. of password_score)
Dan [Sat, 03 Nov 2007 14:15:14 -0400] rev 195
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Dan [Fri, 02 Nov 2007 15:38:20 -0400] rev 194
Fixed: invalid smartform input to Admin:UserManager when errors present and changing own account; [demo mode] default user can no longer change password
Dan [Thu, 01 Nov 2007 15:13:27 -0400] rev 193
F'ing private message message_read column...
Dan [Thu, 01 Nov 2007 10:06:19 -0400] rev 192
Fixed: radiobutton state in Admin:GeneralConfig not remembered when registration disabled
Dan [Tue, 23 Oct 2007 12:30:08 -0400] rev 191
Slight HTTPS compatibility improvements
Dan [Sun, 21 Oct 2007 21:26:11 -0400] rev 190
Nothing special at all. Unnamed sidebar blocks will show the text <Unnamed> instead of just showing nothing, thus making them renamable
Dan [Sun, 21 Oct 2007 02:33:25 -0400] rev 189
[minor] added bottom margin for enanocms.org fading button
Dan [Sun, 21 Oct 2007 01:45:00 -0400] rev 188
Nothing real special. The AJAX loading icon can be changed using the Javascript variable ajax_load_icon in header.tpl.
Dan [Sat, 20 Oct 2007 22:21:46 -0400] rev 187
Fixing permissions
Dan [Sat, 20 Oct 2007 22:16:25 -0400] rev 186
That merge did NOT go well.
Dan [Sat, 20 Oct 2007 21:59:27 -0400] rev 185
Merging in changes from 9e205056f825
Dan [Sat, 20 Oct 2007 21:58:56 -0400] rev 184
Merging in changes from 9b4279c25d33
Dan [Sat, 20 Oct 2007 21:51:26 -0400] rev 183
Merging in changes from db8a849ad4c9
Dan [Sat, 20 Oct 2007 21:46:05 -0400] rev 182
SECURITY: Fixed possible SQL injection in PageUtils page protection; general cleanup of PageUtils; blocked using Project: prefix for page URL strings
Dan [Sat, 20 Oct 2007 11:11:40 -0400] rev 181
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Dan [Fri, 19 Oct 2007 21:39:33 -0400] rev 180
Added a cron framework. Currently tasks will not be run; will implement into templates in next commit
Dan [Fri, 19 Oct 2007 21:07:54 -0400] rev 179
Sidebar blocks can be renamed now (untested except in Fx2)
Dan [Wed, 17 Oct 2007 21:54:11 -0400] rev 178
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
Dan [Mon, 15 Oct 2007 00:11:51 -0400] rev 177
SECURITY: Fix failure to log login failure on no row match
Dan [Sun, 14 Oct 2007 20:47:01 -0400] rev 176
Merge between Scribus and Nighthawk
Dan [Sun, 14 Oct 2007 01:07:07 -0400] rev 175
Coupla cheap hacks in St. Patty to make developing more color themes easier
Dan [Fri, 12 Oct 2007 14:41:51 -0400] rev 174
Replaced autocompleting username with a much more efficient algorithm and caching system
Dan [Tue, 09 Oct 2007 16:14:55 -0400] rev 173
Fixed some regular expressions in HTML optimization algorithm; regex page groups can be edited now (oops)
Dan [Sun, 07 Oct 2007 17:22:25 -0400] rev 172
More minor Ux improvements
Dan [Sun, 07 Oct 2007 16:56:14 -0400] rev 171
AJAX login box is now used in userprefs panel; Spry shake effect and general UX on auth fail is smoother now; added ajaxLoginNavTo() JS function
Dan [Sun, 07 Oct 2007 08:39:40 -0400] rev 170
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Dan [Sat, 06 Oct 2007 20:47:09 -0400] rev 169
Minor text change + link to docs for "about keep-alive" help dialog
Dan [Sat, 06 Oct 2007 20:44:24 -0400] rev 168
"Perhaps you were looking for" box now only shows if strlen($q) >= 4
Dan [Sat, 06 Oct 2007 20:39:18 -0400] rev 167
Dummy commit to (hopefully) revert merge of unstable code
Dan [Sat, 06 Oct 2007 20:36:52 -0400] rev 166
Added tag rebrand for changeset d53cc29308f4
Dan [Sat, 06 Oct 2007 20:36:40 -0400] rev 165
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Dan [Sat, 06 Oct 2007 14:45:00 -0400] rev 164
Fixed external links in tplWikiFormat to use my monster HTTP request regex
Dan [Sat, 06 Oct 2007 13:18:30 -0400] rev 163
Fixed comment stripping in sanitize_html()
Dan [Sat, 06 Oct 2007 13:01:46 -0400] rev 162
Improvements and fixes (hacks?) for HTML sanitization
Dan [Fri, 05 Oct 2007 01:57:00 -0400] rev 161
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
Dan [Thu, 04 Oct 2007 08:22:25 -0400] rev 160
Fixed text colors on pages when dark system themes are used (bug could be seen using MurrinaNightOrange on an Ubuntu system)
Dan [Mon, 01 Oct 2007 23:52:25 -0400] rev 159
Fixed: wiki mode edit notice should be shown on fallback editor now
Dan [Mon, 01 Oct 2007 23:48:24 -0400] rev 158
Fixed: RenderMan::parse_internal_links() problems with prepending Project: instead of Site_name: to project page alias-namespace links
Dan [Mon, 01 Oct 2007 22:18:51 -0400] rev 157
SECURITY: tightened up validation for rollbacks
Dan [Mon, 01 Oct 2007 19:29:52 -0400] rev 156
Creating pages doesn't insert that crappy javascript hack anymore
Dan [Sun, 30 Sep 2007 20:20:07 -0400] rev 155
Feature add: new page group type: regular expression match (PCRE)
Dan [Sun, 30 Sep 2007 19:40:07 -0400] rev 154
Oops forgot to update common.php version
Dan [Sun, 30 Sep 2007 19:32:15 -0400] rev 153
Added tag rebrand for changeset 42c6c83b8a00
Dan [Sun, 30 Sep 2007 19:27:44 -0400] rev 152
Crap, that didn't work. Remerge of 42c6c83b8a00 and 824821224153
Dan [Sun, 30 Sep 2007 19:22:04 -0400] rev 151
Merging branches from Scribus and Nighthawk
Dan [Sun, 30 Sep 2007 19:18:09 -0400] rev 150
Added a new Javascript variable, aclDisableTransitionFX, that will switch off effects on message boxes and the ACL editor when set to true
Dan [Sun, 30 Sep 2007 19:16:36 -0400] rev 149
Added tag rebrand for changeset 42c6c83b8a00
Dan [Sun, 30 Sep 2007 19:16:24 -0400] rev 148
Rebrand for 1.0.2 (again, lol)
Dan [Sat, 29 Sep 2007 09:43:46 -0400] rev 147
Added tag rebrand for changeset 0b5244001799
Dan [Mon, 24 Sep 2007 23:59:42 -0400] rev 146
Added tag rebrand for changeset 6f0bbf88c325
Dan [Mon, 24 Sep 2007 23:59:31 -0400] rev 145
Rebrand for 1.0.2b1
Dan [Mon, 24 Sep 2007 21:29:19 -0400] rev 144
Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
Dan [Sun, 23 Sep 2007 23:22:25 -0400] rev 143
Added tag rebrand for changeset ca9118d9c0f2
Dan [Sun, 23 Sep 2007 23:21:10 -0400] rev 142
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Dan [Sun, 23 Sep 2007 23:03:34 -0400] rev 141
SECURITY: Anonymous user can't be edited now; user accounts could be deleted even if errors detected; user CP saving disabled for demo mode
Dan [Sun, 23 Sep 2007 18:42:16 -0400] rev 140
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
Dan [Thu, 20 Sep 2007 11:27:49 -0400] rev 139
Sync Oxygen Bleu and Mint; fixed list-style-image ref and ordered lists getting bulleted
Dan [Wed, 19 Sep 2007 13:26:42 -0400] rev 138
SECURITY: Fix unescaped SQL in paths.php rebuild_page_index()
Dan [Tue, 18 Sep 2007 17:27:55 -0400] rev 137
Fix: textarea tags got stripped naked by the HTML optimizer, now no longer
Dan [Tue, 18 Sep 2007 17:03:03 -0400] rev 136
Fix: internal links parsed with RenderMan::parse_internal_links() did not get namespaces prepended; added Project: alias namespace for internal links
Dan [Tue, 18 Sep 2007 16:29:26 -0400] rev 135
Enano should now fully support UTF-8 usernames; newly registered users are now granted automatic edit access to their user pages (admins can still use protection on the page)
Dan [Tue, 18 Sep 2007 00:31:22 -0400] rev 134
Oops - forgot to add pwstrength.js
Dan [Tue, 18 Sep 2007 00:30:43 -0400] rev 133
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Dan [Mon, 17 Sep 2007 11:52:58 -0400] rev 132
[sync only] Minor display change in Special:About_Enano; added initial PHP function for password strength testing
Dan [Thu, 13 Sep 2007 08:28:11 -0400] rev 131
Fix: activation e-mails were signed by Anonymous :-)
Dan [Wed, 12 Sep 2007 00:18:32 -0400] rev 130
Fixed unwanted sanitization in Admin:PageManager form submit
Dan [Tue, 11 Sep 2007 18:35:39 -0400] rev 129
Rebranded as 1.0.1.1; fixed category page drawing bug; updated link to GPL in the about page to the GPLv2
Dan [Sat, 08 Sep 2007 22:58:38 -0400] rev 128
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Dan [Sat, 08 Sep 2007 15:06:28 -0400] rev 127
Vastly improved UX for a login to an inactive account
Dan [Sat, 08 Sep 2007 14:04:15 -0400] rev 126
Merging Nighthawk and Scribus repositories
Dan [Sat, 08 Sep 2007 14:02:19 -0400] rev 125
Fixed some rather major bugs in the registration system, this will need a release followup
Dan [Fri, 07 Sep 2007 18:19:50 -0400] rev 124
Added tag release for changeset 8df3abef6647
Dan [Fri, 07 Sep 2007 18:19:30 -0400] rev 123
Fixed the two known issues in the release notes; tarballs will be updated accordingly
Dan [Fri, 07 Sep 2007 18:18:55 -0400] rev 122
Fixed the two known issues in the release notes; tarballs will be updated accordingly
Dan [Fri, 07 Sep 2007 16:39:42 -0400] rev 121
1.0.1 Loch Ness stable release
Dan [Fri, 07 Sep 2007 16:38:50 -0400] rev 120
PROPOSED RELEASE: 1.0.1 (Loch Ness)
Dan [Fri, 07 Sep 2007 16:27:40 -0400] rev 119
Merging Scribus and Nighthawk repositories
Dan [Fri, 07 Sep 2007 16:25:16 -0400] rev 118
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
Dan [Fri, 07 Sep 2007 00:48:51 -0400] rev 117
Bugfix in Special:AllPages; fixed tinyMCE under Opera (finally!)
Dan [Thu, 06 Sep 2007 23:03:51 -0400] rev 116
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Dan [Tue, 04 Sep 2007 12:52:23 -0400] rev 115
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Dan [Tue, 04 Sep 2007 08:25:48 -0400] rev 114
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
Dan [Sun, 02 Sep 2007 00:33:22 -0400] rev 113
Oops - fixed small glitch in delvote_ips converter code
Dan [Sun, 02 Sep 2007 00:23:07 -0400] rev 112
Rewrote all code related to delvote_ips column to use serialize()
Dan [Sat, 01 Sep 2007 23:29:33 -0400] rev 111
Added registration date column to members list
Dan [Thu, 30 Aug 2007 20:46:57 -0400] rev 110
Removed a few stale debug messages
Dan [Wed, 29 Aug 2007 23:35:06 -0400] rev 109
Added a ton of new log points for administrator actions; restructured security log view and enabled pagination for security logs; string change in ajax.php for RDNS operation failure
Dan [Wed, 29 Aug 2007 18:23:37 -0400] rev 108
Implemented some extra functionality for friends/foes in comments; fixed lack of table_prefix in stats.php line 63
Dan [Tue, 28 Aug 2007 19:00:20 -0400] rev 107
Synched installation schema to upgrade schema for delvote_ips
Dan [Tue, 28 Aug 2007 18:58:27 -0400] rev 106
Second attempt at making delvote_ips work under MySQL 5.0.45 and 5.0.41
Dan [Sun, 26 Aug 2007 22:52:38 -0400] rev 105
Added search function for memberlist
Dan [Sun, 26 Aug 2007 20:55:12 -0400] rev 104
Added ACL rule preventing guests from viewing the memberlist (by request from Neal Gompa <ngompa13 at gmail>)
Dan [Sun, 26 Aug 2007 20:45:33 -0400] rev 103
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
Dan [Sun, 26 Aug 2007 16:48:15 -0400] rev 102
[comments] fixed edit button (source wasn't getting filled)
[editor] fixed issue with PHP execution and preview (PHP code is executed now, ACL-permitting)
[admin] added checkbox to toggle account activation status in user manager (thanks Manoj)
Dan [Sat, 25 Aug 2007 12:53:03 -0400] rev 101
Dramatically cleaned up HTML in registration form; cheat code to activate Bill Gates easter egg is now "William Henry Gates III"... OOPS!! hehe
Dan [Sat, 25 Aug 2007 12:35:48 -0400] rev 100
Fixed: highlighting issue in search results renderer when the search query was comprised entirely of one quoted term
Dan [Sat, 25 Aug 2007 12:22:46 -0400] rev 99
Added a few low-level checks in config.php for changes of search algorithm and AES cipher parameters
Dan [Sat, 25 Aug 2007 12:11:31 -0400] rev 98
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
Dan [Sun, 19 Aug 2007 16:22:04 -0400] rev 97
Fallback non-JS wiki mode switch is now implemented (doh!)
Dan [Sun, 19 Aug 2007 15:53:56 -0400] rev 96
Fixed: when going beta 4 or earlier -> RC1 or later, default ACL rule for admins was not created, causing possibly confusing lockouts
dan [Sun, 19 Aug 2007 15:35:01 -0400] rev 95
Changed style of copyright in St. Patty; first attempt at fixing some upgrade issues from beta 3 or so
Dan [Fri, 17 Aug 2007 12:35:29 -0400] rev 94
Fixed delvote_ips bug with MySQL 5.0.45 - see http://forum.enanocms.org/viewtopic.php?f=5&t=8
Dan [Thu, 16 Aug 2007 20:35:49 -0400] rev 93
Redirections to the main page use the redirect() function now
Dan [Tue, 14 Aug 2007 20:48:29 -0400] rev 92
Fixed stupid redirect bug that referenced $paths without importing it, gah...
Dan [Tue, 14 Aug 2007 15:13:40 -0400] rev 91
Added ability to detag deleted pages
Dan [Sun, 12 Aug 2007 14:56:52 -0400] rev 90
Fixed yet another minor XSS hole, this time in search results
Dan [Sun, 12 Aug 2007 13:33:04 -0400] rev 89
Fixed XSS vulnerability in admin panel page manager
Dan [Sun, 12 Aug 2007 13:14:26 -0400] rev 88
Fixed missing table_prefix in u_1_0_RC3_make_users_extra() in upgrade.php
Dan [Sun, 12 Aug 2007 13:11:16 -0400] rev 87
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
Dan [Fri, 10 Aug 2007 15:57:22 -0400] rev 86
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Dan [Thu, 09 Aug 2007 12:26:16 -0400] rev 85
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
Dan [Mon, 06 Aug 2007 10:37:42 -0400] rev 84
Now using a CSS hack for IE's "filter" attribute to prevent CSS warnings in Firefox
Dan [Mon, 06 Aug 2007 10:09:48 -0400] rev 83
Tag cloud is now implemented
Dan [Sun, 05 Aug 2007 17:10:17 -0400] rev 82
Fixed IE6 + Admin theme, version typo in installer, and paginator + IE6
Dan [Sun, 05 Aug 2007 15:58:50 -0400] rev 81
Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Dan [Wed, 01 Aug 2007 13:39:27 -0400] rev 80
Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Dan [Mon, 30 Jul 2007 10:46:17 -0400] rev 79
Admin theme now uses a collapsable sidebar instead of that ugly menu (WiP)
Dan [Sun, 29 Jul 2007 17:40:36 -0400] rev 78
Modified Text_Wiki parser to fully support UTF-8 strings; several other UTF-8 fixes, international characters seem to work reasonably well now