Wed, 12 Dec 2007 21:04:20 -0500 |
Dan |
SECURITY: CRITICAL: Fix SQL injection in admin CP page editor
|
changeset |
files
|
Tue, 11 Dec 2007 19:15:26 -0500 |
Dan |
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
|
changeset |
files
|
Mon, 03 Dec 2007 18:45:37 -0500 |
Dan |
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
|
changeset |
files
|
Mon, 03 Dec 2007 17:36:25 -0500 |
Dan |
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
|
changeset |
files
|
Sat, 01 Dec 2007 02:39:49 -0500 |
Dan |
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
|
changeset |
files
|
Sat, 01 Dec 2007 00:35:42 -0500 |
Dan |
Stable release: Enano CMS 1.0.2 (Coblynau)
1.0.2
|
changeset |
files
|
Sat, 01 Dec 2007 00:35:15 -0500 |
Dan |
Dummy revision to artificially increment build number
|
changeset |
files
|
Sat, 01 Dec 2007 00:34:03 -0500 |
Dan |
Fix missing dependency on search.php in upgrade script
|
changeset |
files
|
Sat, 01 Dec 2007 00:32:58 -0500 |
Dan |
Detagging release due to stupid upgrade fix
|
changeset |
files
|
Fri, 30 Nov 2007 23:09:44 -0500 |
Dan |
Stable release: Enano CMS 1.0.2 (Coblynau)
|
changeset |
files
|
Fri, 30 Nov 2007 22:16:26 -0500 |
Dan |
How could I forget the TRADEMARK SIGN?
|
changeset |
files
|
Fri, 30 Nov 2007 22:13:03 -0500 |
Dan |
Updated artwork with finalized new/revised logo; finalized upgrade schema
|
changeset |
files
|
Wed, 28 Nov 2007 15:24:23 -0500 |
Dan |
Add installer pop-help topic for URL scheme, in response to http://forum.enanocms.org/viewtopic.php?f=5&t=19
|
changeset |
files
|
Wed, 28 Nov 2007 14:47:42 -0500 |
Dan |
Oops, never merged in updates from ee1fc84f12a8 (240)
|
changeset |
files
|
Wed, 28 Nov 2007 14:46:03 -0500 |
Dan |
Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php
|
changeset |
files
|
Sun, 25 Nov 2007 21:40:42 -0500 |
Dan |
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
|
changeset |
files
|
Sun, 25 Nov 2007 21:18:52 -0500 |
Dan |
Final development freeze for release: 1.0.2 (Coblynau); only critical bugs fixed until GA
|
changeset |
files
|
Sun, 25 Nov 2007 20:24:16 -0500 |
Dan |
Add warning in installer for PHP < 5.2.0; hopefully fix validation of e-mail addresses with dashes
devel-freeze
|
changeset |
files
|
Sun, 25 Nov 2007 19:23:50 -0500 |
Dan |
Nothing special. ksort()ing list of allowed filetypes in the admin panel to make editing the list marginally easier
|
changeset |
files
|
Sun, 25 Nov 2007 19:03:50 -0500 |
Dan |
Added OpenDocument MIME types and extensions; make sql_report page show total time taken for SQL queries
|
changeset |
files
|
Sun, 25 Nov 2007 17:53:03 -0500 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
changeset |
files
|
Sat, 24 Nov 2007 13:16:20 -0500 |
Dan |
A couple of minor tweaks to the upgrade schema; tests pending
|
changeset |
files
|
Sat, 24 Nov 2007 02:11:43 -0500 |
Dan |
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
|
changeset |
files
|
Sat, 24 Nov 2007 01:35:12 -0500 |
Dan |
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
|
changeset |
files
|
Sat, 24 Nov 2007 01:04:30 -0500 |
Dan |
Hopefully once again fix scriptPath detection in dbal.php
|
changeset |
files
|
Sat, 24 Nov 2007 01:02:55 -0500 |
Dan |
Fix missing REPORT_URI variable in template_nodb
|
changeset |
files
|
Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
changeset |
files
|
Fri, 23 Nov 2007 17:59:24 -0500 |
Dan |
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
|
changeset |
files
|
Thu, 22 Nov 2007 02:10:12 -0500 |
Dan |
Made the username validation regexp in install less picky since it was blacklisting two of the letters in my name. >.<
|
changeset |
files
|
Wed, 21 Nov 2007 22:50:08 -0500 |
Dan |
Feature freezing repository for Coblynau release
|
changeset |
files
|
Wed, 21 Nov 2007 22:49:37 -0500 |
Dan |
Entering feature freeze for Coblynau release
feature-freeze
|
changeset |
files
|
Wed, 21 Nov 2007 21:56:49 -0500 |
Dan |
AJAX login box now briefly shows the message "success" when a login is successful
|
changeset |
files
|
Wed, 21 Nov 2007 20:40:26 -0500 |
Dan |
Deprecated and removed Oxygen css-simple/bleu.css
|
changeset |
files
|
Wed, 21 Nov 2007 20:14:14 -0500 |
Dan |
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
|
changeset |
files
|
Wed, 21 Nov 2007 15:18:15 -0500 |
Dan |
Re-add search_results hook and changed column type of search_index.word to varchar(64) in installer schema
|
changeset |
files
|
Wed, 21 Nov 2007 15:13:06 -0500 |
Dan |
Merging in new search algo from Scribus
|
changeset |
files
|
Wed, 21 Nov 2007 15:11:51 -0500 |
Dan |
Minor fix for the password meter in Admin:UserManager
|
changeset |
files
|
Wed, 21 Nov 2007 15:10:57 -0500 |
Dan |
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
|
changeset |
files
|
Sun, 18 Nov 2007 18:44:55 -0500 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
changeset |
files
|
Sat, 17 Nov 2007 23:30:23 -0500 |
Dan |
Fixed a couple of renaming issues in the installer
|
changeset |
files
|
Sat, 17 Nov 2007 23:09:12 -0500 |
Dan |
Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
|
changeset |
files
|
Sat, 17 Nov 2007 22:56:26 -0500 |
Dan |
Removed stray debug message in installer
|
changeset |
files
|
Sat, 17 Nov 2007 21:09:31 -0500 |
Dan |
Well I'm an idiot - the fulltext index on page_text was missing from a default installation. It didn't break searches but probably slowed them down tremendously. Also set engine to MyISAM on page_text to avoid cryptic error messages from MySQL.
|
changeset |
files
|
Sat, 17 Nov 2007 20:31:01 -0500 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
changeset |
files
|
Sat, 17 Nov 2007 18:54:13 -0500 |
Dan |
Javascript validation for install DB info form didn't allow dashes
|
changeset |
files
|
Sat, 17 Nov 2007 18:51:06 -0500 |
Dan |
Changed default content for the main page to something a lot more user-friendly and helpful
|
changeset |
files
|
Sat, 17 Nov 2007 15:40:04 -0500 |
Dan |
Rewrote some security code in PageUtils::savepage to accommodate the ACL system better; there was an issue with non-admin users saving pages on which they have edit rights but wiki mode is turned off
|
changeset |
files
|
Sat, 17 Nov 2007 15:02:08 -0500 |
Dan |
Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
|
changeset |
files
|
Sat, 17 Nov 2007 14:57:00 -0500 |
Dan |
Patched in dash-in-database-name fix from unstable
|
changeset |
files
|
Thu, 15 Nov 2007 18:02:14 -0500 |
Dan |
Merge in installer fixes from 204 (ba28d43a6b86)
|
changeset |
files
|
Thu, 15 Nov 2007 18:00:39 -0500 |
Dan |
Merging in all changes from revision 185 (90b7a52bea45)
|
changeset |
files
|
Thu, 15 Nov 2007 17:52:53 -0500 |
Dan |
Fixed a few (more) MySQL issues with the installer and dashes in the database name
|
changeset |
files
|
Fri, 09 Nov 2007 23:36:49 -0500 |
Dan |
Database name can now contain dashes (as per requested at http://forum.enanocms.org/viewtopic.php?f=5&t=14); corrected some installer behavior issues with connecting as root and setting up permissions resulting in logs not being flushed, configs not being inserted, and what have you.
|
changeset |
files
|
Fri, 09 Nov 2007 11:14:20 -0500 |
Dan |
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
|
changeset |
files
|
Mon, 05 Nov 2007 20:00:41 -0500 |
Dan |
Fix installation with MySQL root option
|
changeset |
files
|
Mon, 05 Nov 2007 19:50:40 -0500 |
Dan |
Out with the old, in with the new. Welcome to Enano's new installer framework!
|
changeset |
files
|
Mon, 05 Nov 2007 17:11:37 -0500 |
Dan |
Second try (need config.php to exist before the API can be started, duh)
|
changeset |
files
|
Mon, 05 Nov 2007 17:07:22 -0500 |
Dan |
Renaming config.php and .htaccess to *.new to allow tarbombing an Enano installation with no adverse effects; first attempt, may not work right.
|
changeset |
files
|
Sat, 03 Nov 2007 21:32:26 -0400 |
Dan |
"Fix" e-mail parse bugs in installer
|
changeset |
files
|
Sat, 03 Nov 2007 18:26:24 -0400 |
Dan |
Fix PHP4 compatibility (function def. of password_score)
|
changeset |
files
|
Sat, 03 Nov 2007 14:15:14 -0400 |
Dan |
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
|
changeset |
files
|
Fri, 02 Nov 2007 15:38:20 -0400 |
Dan |
Fixed: invalid smartform input to Admin:UserManager when errors present and changing own account; [demo mode] default user can no longer change password
|
changeset |
files
|
Thu, 01 Nov 2007 15:13:27 -0400 |
Dan |
F'ing private message message_read column...
|
changeset |
files
|
Thu, 01 Nov 2007 10:06:19 -0400 |
Dan |
Fixed: radiobutton state in Admin:GeneralConfig not remembered when registration disabled
|
changeset |
files
|
Tue, 23 Oct 2007 12:30:08 -0400 |
Dan |
Slight HTTPS compatibility improvements
|
changeset |
files
|
Sun, 21 Oct 2007 21:26:11 -0400 |
Dan |
Nothing special at all. Unnamed sidebar blocks will show the text <Unnamed> instead of just showing nothing, thus making them renamable
|
changeset |
files
|
Sun, 21 Oct 2007 02:33:25 -0400 |
Dan |
[minor] added bottom margin for enanocms.org fading button
|
changeset |
files
|
Sun, 21 Oct 2007 01:45:00 -0400 |
Dan |
Nothing real special. The AJAX loading icon can be changed using the Javascript variable ajax_load_icon in header.tpl.
|
changeset |
files
|
Sat, 20 Oct 2007 22:21:46 -0400 |
Dan |
Fixing permissions
|
changeset |
files
|
Sat, 20 Oct 2007 22:16:25 -0400 |
Dan |
That merge did NOT go well.
|
changeset |
files
|
Sat, 20 Oct 2007 21:59:27 -0400 |
Dan |
Merging in changes from 9e205056f825
|
changeset |
files
|
Sat, 20 Oct 2007 21:58:56 -0400 |
Dan |
Merging in changes from 9b4279c25d33
|
changeset |
files
|
Sat, 20 Oct 2007 21:51:26 -0400 |
Dan |
Merging in changes from db8a849ad4c9
|
changeset |
files
|
Sat, 20 Oct 2007 21:46:05 -0400 |
Dan |
SECURITY: Fixed possible SQL injection in PageUtils page protection; general cleanup of PageUtils; blocked using Project: prefix for page URL strings
|
changeset |
files
|
Sat, 20 Oct 2007 11:11:40 -0400 |
Dan |
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
|
changeset |
files
|
Fri, 19 Oct 2007 21:39:33 -0400 |
Dan |
Added a cron framework. Currently tasks will not be run; will implement into templates in next commit
|
changeset |
files
|
Fri, 19 Oct 2007 21:07:54 -0400 |
Dan |
Sidebar blocks can be renamed now (untested except in Fx2)
|
changeset |
files
|
Wed, 17 Oct 2007 21:54:11 -0400 |
Dan |
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
|
changeset |
files
|
Mon, 15 Oct 2007 00:11:51 -0400 |
Dan |
SECURITY: Fix failure to log login failure on no row match
|
changeset |
files
|
Sun, 14 Oct 2007 20:47:01 -0400 |
Dan |
Merge between Scribus and Nighthawk
|
changeset |
files
|
Sun, 14 Oct 2007 01:07:07 -0400 |
Dan |
Coupla cheap hacks in St. Patty to make developing more color themes easier
|
changeset |
files
|
Fri, 12 Oct 2007 14:41:51 -0400 |
Dan |
Replaced autocompleting username with a much more efficient algorithm and caching system
|
changeset |
files
|
Tue, 09 Oct 2007 16:14:55 -0400 |
Dan |
Fixed some regular expressions in HTML optimization algorithm; regex page groups can be edited now (oops)
|
changeset |
files
|
Sun, 07 Oct 2007 17:22:25 -0400 |
Dan |
More minor Ux improvements
|
changeset |
files
|
Sun, 07 Oct 2007 16:56:14 -0400 |
Dan |
AJAX login box is now used in userprefs panel; Spry shake effect and general UX on auth fail is smoother now; added ajaxLoginNavTo() JS function
|
changeset |
files
|
Sun, 07 Oct 2007 08:39:40 -0400 |
Dan |
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
|
changeset |
files
|
Sat, 06 Oct 2007 20:47:09 -0400 |
Dan |
Minor text change + link to docs for "about keep-alive" help dialog
|
changeset |
files
|
Sat, 06 Oct 2007 20:44:24 -0400 |
Dan |
"Perhaps you were looking for" box now only shows if strlen($q) >= 4
|
changeset |
files
|
Sat, 06 Oct 2007 20:39:18 -0400 |
Dan |
Dummy commit to (hopefully) revert merge of unstable code
|
changeset |
files
|
Sat, 06 Oct 2007 20:36:52 -0400 |
Dan |
Added tag rebrand for changeset d53cc29308f4
|
changeset |
files
|
Sat, 06 Oct 2007 20:36:40 -0400 |
Dan |
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
|
changeset |
files
|
Sat, 06 Oct 2007 14:45:00 -0400 |
Dan |
Fixed external links in tplWikiFormat to use my monster HTTP request regex
|
changeset |
files
|
Sat, 06 Oct 2007 13:18:30 -0400 |
Dan |
Fixed comment stripping in sanitize_html()
|
changeset |
files
|
Sat, 06 Oct 2007 13:01:46 -0400 |
Dan |
Improvements and fixes (hacks?) for HTML sanitization
|
changeset |
files
|
Fri, 05 Oct 2007 01:57:00 -0400 |
Dan |
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
|
changeset |
files
|
Thu, 04 Oct 2007 08:22:25 -0400 |
Dan |
Fixed text colors on pages when dark system themes are used (bug could be seen using MurrinaNightOrange on an Ubuntu system)
|
changeset |
files
|
Mon, 01 Oct 2007 23:52:25 -0400 |
Dan |
Fixed: wiki mode edit notice should be shown on fallback editor now
|
changeset |
files
|
Mon, 01 Oct 2007 23:48:24 -0400 |
Dan |
Fixed: RenderMan::parse_internal_links() problems with prepending Project: instead of Site_name: to project page alias-namespace links
|
changeset |
files
|
Mon, 01 Oct 2007 22:18:51 -0400 |
Dan |
SECURITY: tightened up validation for rollbacks
|
changeset |
files
|
Mon, 01 Oct 2007 19:29:52 -0400 |
Dan |
Creating pages doesn't insert that crappy javascript hack anymore
|
changeset |
files
|
Sun, 30 Sep 2007 20:20:07 -0400 |
Dan |
Feature add: new page group type: regular expression match (PCRE)
|
changeset |
files
|
Sun, 30 Sep 2007 19:40:07 -0400 |
Dan |
Oops forgot to update common.php version
|
changeset |
files
|
Sun, 30 Sep 2007 19:32:15 -0400 |
Dan |
Added tag rebrand for changeset 42c6c83b8a00
|
changeset |
files
|
Sun, 30 Sep 2007 19:27:44 -0400 |
Dan |
Crap, that didn't work. Remerge of 42c6c83b8a00 and 824821224153
|
changeset |
files
|
Sun, 30 Sep 2007 19:22:04 -0400 |
Dan |
Merging branches from Scribus and Nighthawk
|
changeset |
files
|
Sun, 30 Sep 2007 19:18:09 -0400 |
Dan |
Added a new Javascript variable, aclDisableTransitionFX, that will switch off effects on message boxes and the ACL editor when set to true
|
changeset |
files
|
Sun, 30 Sep 2007 19:16:36 -0400 |
Dan |
Added tag rebrand for changeset 42c6c83b8a00
|
changeset |
files
|
Sun, 30 Sep 2007 19:16:24 -0400 |
Dan |
Rebrand for 1.0.2 (again, lol)
|
changeset |
files
|
Sat, 29 Sep 2007 09:43:46 -0400 |
Dan |
Added tag rebrand for changeset 0b5244001799
|
changeset |
files
|
Mon, 24 Sep 2007 23:59:42 -0400 |
Dan |
Added tag rebrand for changeset 6f0bbf88c325
|
changeset |
files
|
Mon, 24 Sep 2007 23:59:31 -0400 |
Dan |
Rebrand for 1.0.2b1
1.0.2b1
|
changeset |
files
|
Mon, 24 Sep 2007 21:29:19 -0400 |
Dan |
Improved response time for username autofill; fix JS login box in Safari (bug surfaced only after 1.0.1)
|
changeset |
files
|
Sun, 23 Sep 2007 23:22:25 -0400 |
Dan |
Added tag rebrand for changeset ca9118d9c0f2
|
changeset |
files
|
Sun, 23 Sep 2007 23:21:10 -0400 |
Dan |
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
|
changeset |
files
|
Sun, 23 Sep 2007 23:03:34 -0400 |
Dan |
SECURITY: Anonymous user can't be edited now; user accounts could be deleted even if errors detected; user CP saving disabled for demo mode
|
changeset |
files
|
Sun, 23 Sep 2007 18:42:16 -0400 |
Dan |
Revamped the administrator's user CP, big time. The admin module now uses a smart form and enables all profile fields, including users_extra, to be changed. Passwords are encrypted when sent. The whole CP has been split off into a different file to accomodate the large amount of code.
|
changeset |
files
|
Thu, 20 Sep 2007 11:27:49 -0400 |
Dan |
Sync Oxygen Bleu and Mint; fixed list-style-image ref and ordered lists getting bulleted
|
changeset |
files
|
Wed, 19 Sep 2007 13:26:42 -0400 |
Dan |
SECURITY: Fix unescaped SQL in paths.php rebuild_page_index()
|
changeset |
files
|
Tue, 18 Sep 2007 17:27:55 -0400 |
Dan |
Fix: textarea tags got stripped naked by the HTML optimizer, now no longer
|
changeset |
files
|
Tue, 18 Sep 2007 17:03:03 -0400 |
Dan |
Fix: internal links parsed with RenderMan::parse_internal_links() did not get namespaces prepended; added Project: alias namespace for internal links
|
changeset |
files
|