2008-11-09 |
Dan |
Merging with upstream
|
file |
diff |
annotate
|
2008-11-03 |
Dan |
Fixed error-out when DiffieHellman not supported and respawn requested (part of OS X QA process)
|
file |
diff |
annotate
|
2008-11-09 |
Dan |
Added config option to grant userpage rights to new users (defaults to on, as it was hardcoded on before)
|
file |
diff |
annotate
|
2008-11-09 |
Dan |
Fixed DiffieHellman being included twice when not supported and login fails
|
file |
diff |
annotate
|
2008-09-21 |
Dan |
Added initial support for DST. Rules are defined in constants.php and are extensible.
|
file |
diff |
annotate
|
2008-08-20 |
Dan |
Made upgrades from 1.1.4 -> 1.1.5 work if keyhash is not present
|
file |
diff |
annotate
|
2008-08-13 |
Dan |
Made login forms that use $session->aes_javascript() use new whiteOutForm() function
|
file |
diff |
annotate
|
2008-08-12 |
Dan |
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
|
file |
diff |
annotate
|
2008-08-12 |
Dan |
Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme.
|
file |
diff |
annotate
|
2008-07-12 |
Dan |
Added Gravatar support in UserManager in admin panel
|
file |
diff |
annotate
|
2008-07-10 |
Dan |
Fixed undefined group_rank_id in sessions
|
file |
diff |
annotate
|
2008-07-07 |
Dan |
Moved all account deactivation notice presentation code to its own method in sessions
|
file |
diff |
annotate
|
2008-07-03 |
Dan |
As promised, dropped in the new librijndael. Benchmarks say about 3 times faster, but more performance testing will be done.
|
file |
diff |
annotate
|
2008-07-03 |
Dan |
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
|
file |
diff |
annotate
|
2008-07-02 |
Dan |
Another sweep from the optimization monster.
|
file |
diff |
annotate
|
2008-06-30 |
Dan |
Made $session->private_key protected and added pk_{en,de}crypt methods for encrypting and decrypting data using the private key
|
file |
diff |
annotate
|
2008-06-30 |
Dan |
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
|
file |
diff |
annotate
|
2008-06-26 |
Dan |
Made encryption work in form-based logon again; modified load_component() to fetch compressed versions when possible
|
file |
diff |
annotate
|
2008-06-26 |
Dan |
Fixed missing table_prefix in generate_rank_sql()
|
file |
diff |
annotate
|
2008-06-19 |
Dan |
Fixed SQL syntax error thrown during rank data fetch
|
file |
diff |
annotate
|
2008-06-16 |
Dan |
Fixed undefined index left over from scope system rewrite a few days ago
|
file |
diff |
annotate
|
2008-06-15 |
Dan |
Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
|
file |
diff |
annotate
|
2008-06-15 |
Dan |
Got ACL scope logic working again and began enforcing it. Breaking API change: assigning page title with $template->tpl_strings['PAGE_NAME'] will no longer work, use $template->assign_vars(). Workaround may be added later. Test for assign_vars method if compatibility needed. Added namespace processor API (non-breaking change). Several other things tweaked around as well.
|
file |
diff |
annotate
|
2008-06-15 |
Dan |
Fixed some plugin compatibility issues seen in Nuggie
|
file |
diff |
annotate
|
2008-06-10 |
Dan |
A bit of UX improvement to upgrade UI; updated readme for 1.1.4
|
file |
diff |
annotate
|
2008-06-07 |
Dan |
Modified $template->init_vars() to pivot to local page metadata and permissions from a PageProcessor object instead of global data from $paths and permissions from $session to allow redirects to affect on-page controls as well as the actual content (only partially complete, protection and several other elements still need to be localized)
|
file |
diff |
annotate
|
2008-05-25 |
Dan |
More work done on effective permissions API, namely reporting of page group and usergroup names
|
file |
diff |
annotate
|
2008-05-16 |
Dan |
Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
|
file |
diff |
annotate
|
2008-05-12 |
Dan |
Revamped some ACL code and added effective permissions calculation code into session manager
|
file |
diff |
annotate
|
2008-05-06 |
Dan |
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
|
file |
diff |
annotate
|
2008-05-05 |
Dan |
Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
|
file |
diff |
annotate
|
2008-04-14 |
Dan |
Rebrand as 1.1.4 (Caoineag alpha 4)
|
file |
diff |
annotate
|
2008-04-09 |
Dan |
Merging nighthawk and scribus branches
|
file |
diff |
annotate
|
2008-04-09 |
Dan |
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
|
file |
diff |
annotate
|
2008-04-06 |
Dan |
SECURITY: Disabled caching of decrypted DiffieHellman login requests
|
file |
diff |
annotate
|
2008-03-27 |
Dan |
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
|
file |
diff |
annotate
|
2008-03-18 |
Dan |
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
|
file |
diff |
annotate
|
2008-03-16 |
Dan |
Added support for embedding language data into plugins; updated all version numbers on plugin files
|
file |
diff |
annotate
|
2008-03-15 |
Dan |
Fixed some bugs with PostgreSQL and added a word_lcase column to the search_index table because collation is not working under MySQL. TODO: Trigger search index rebuild on upgrade to 1.1.4.
|
file |
diff |
annotate
|
2008-03-08 |
Dan |
Fixed undefined variable ($row['is_regex'] instead of $is_regex) in sessions.php
|
file |
diff |
annotate
|
2008-03-07 |
Dan |
[Security] made session manager have some degree of IP validation for session keys and upgrades
|
file |
diff |
annotate
|
2008-03-07 |
Dan |
Fixed session validation bug in upgrade script; fixed non-object reference in template_nodb
|
file |
diff |
annotate
|
2008-03-07 |
Dan |
Added a cron task to sessions.php that deletes old admin keys once a week
|
file |
diff |
annotate
|
2008-03-03 |
Dan |
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
|
file |
diff |
annotate
|
2008-03-02 |
Dan |
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
|
file |
diff |
annotate
|
2008-03-01 |
Dan |
Fixed improper serializing of IP that could allow reusing of key from multiple IP addresses.
|
file |
diff |
annotate
|
2008-02-24 |
Dan |
Merging in changes from Nighthawk
|
file |
diff |
annotate
|
2008-02-22 |
Dan |
Merging fixes and updates from stable branch
|
file |
diff |
annotate
|
2008-01-01 |
Dan |
Integrating patch for PHP 6.0-dev compatibility
|
file |
diff |
annotate
|
2008-02-20 |
Dan |
Added support for Diffie-Hellman key exchange during login. w00t!
|
file |
diff |
annotate
|
2008-02-18 |
Dan |
Fixed typo in ban logic
|
file |
diff |
annotate
|
2008-02-11 |
Dan |
Rebrand as 1.1.2; made upgrade framework functional
|
file |
diff |
annotate
|
2008-02-09 |
Dan |
Added some basic timezone support; DST support is still to come.
|
file |
diff |
annotate
|
2008-02-07 |
Dan |
Fixed some captcha bugs and made all captcha fields case-insensitive
|
file |
diff |
annotate
|
2008-02-06 |
Dan |
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
|
file |
diff |
annotate
|
2008-01-30 |
Dan |
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
|
file |
diff |
annotate
|
2008-01-29 |
Dan |
Rebranded source code as 1.1.1; added TinyMCE ACL rule as per Vadi's request: http://forum.enanocms.org/viewtopic.php?f=7&t=54
|
file |
diff |
annotate
|
2008-01-28 |
Dan |
Got Enano to load even if there are no plugins; added caching for decrypted session keys to significantly improve performance (in theory at least)
|
file |
diff |
annotate
|
2008-01-26 |
Dan |
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
|
file |
diff |
annotate
|
2008-01-25 |
Dan |
[minor] Trying to be a little more careful with values from users_extra in validate_session()
|
file |
diff |
annotate
|