plugins/SpecialUserFuncs.php
Tue, 12 Jul 2011 22:13:37 -0400 Dan Fuhry SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
Mon, 28 Jun 2010 11:00:51 -0400 Dan Fuhry SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! 1.0.6pl2
Sat, 17 Jan 2009 11:51:17 -0500 Dan Rebrand as v1.0.6 (Roane)
Thu, 28 Feb 2008 12:33:01 -0500 Dan Rebrand as 1.0.4 (Ellyyllon)
Fri, 01 Feb 2008 22:31:57 -0500 Dan Made all captcha fields case-insensitive (thanks pkeating)
Sun, 20 Jan 2008 23:18:03 -0500 Dan Fixed broken regenCaptcha() in Special:Register
Tue, 18 Dec 2007 23:47:33 -0500 Dan Merging in a few stray changes from the MySQL branch
Tue, 18 Dec 2007 23:44:55 -0500 Dan Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Sat, 15 Dec 2007 18:11:59 -0500 Dan Set Content-type on AJAX login key request to application/json to hopefully block ad injection
Wed, 12 Dec 2007 21:37:23 -0500 Dan Rebrand as 1.0.3 (Dyrad)
Sun, 25 Nov 2007 17:53:03 -0500 Dan Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Sat, 24 Nov 2007 00:53:23 -0500 Dan Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Sun, 18 Nov 2007 18:44:55 -0500 Dan Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Sat, 17 Nov 2007 20:31:01 -0500 Dan Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Sat, 20 Oct 2007 11:11:40 -0400 Dan Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
less more (0) -15 tip