OK screw that, put the crypto backend check in functions.

Fixed libenanoinstall/CLI double declaration of run_installer_stage()

Forgot table_prefix in the logs table migrator

Fixed no author_uid in PageProcessor::rename_page()

Added an upgrade hook to populate the author_uid column in logs, pending test by Neal

Added ajaxLoginInit to JS load stub list

Added a graceful dead-end for the tutorial; removed the hash symbols from IRC links per a heads-up from Neal.

AJAX login: Fixed error box failure to destroy upon cancel. Fixes issue 8.

Logs: Fully integrated an author_uid column. Logs are now linked by user ID instead of just username, so they survive username changes better. Database is changed. Fixes issue 6.

Wikitext parer: re-added the <code> tag thing

Comments (AJAX): Now paginated server side. Fixes issue 2.

Mod extras: Changed string for RDNS generic failure error

Fixed php_in_pages out-of-scope error in Special:UploadFile; modified RenderMan::preprocess_text() to take a permissions object for any page

ACP: Added lockout management feature

Fixed undefined $score_min in password change. Potential security concern?

Namespace_Default: added a workaround for an inconsistency in SQL. Basically, if you join the same table multiple times under multiple aliases, COUNT() always uses the first instance. Was affecting the comment counter in the "discussion" button.

JSON preparser: fixed corruption of strings that include the exact pattern word, comma, space, word, colon

Merge from accidental split

DBAL: Majorly cleaned up and improved coding standards/documentation

Installer: cleaned up CSS header; updated comments in config.php to not say that passwords are stored with AES (as they are now stored with HMAC-SHA1)

Updated KNOWN_BUGS to point to our issue tracker

Crap, broke page editing. Fixed it.

Drafts saved on nonexistent pages now show up. Fixes issue 7.

Re-merge changes from a2hosting dev

Set up more sensible defaults (UTC, DST off) for timezone preferences. Also modified enano_date() to properly include GMT offsets when timezone characters are used. Fixes issue 4.

CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.

A couple fixes to permission out-of-scope errors.

Wikitext parser: re-added mailto support

Sessions: Made acl_check_deps() verify scope, so that all of an action's dependencies must apply to the namespace of the given action.

Removed history_rollback_extra action from scope of Special pages, as it's unneeded

PostgreSQL: bugfix in ACL related SQL query

PostgreSQL: Fixed another bug, this time in the log fetch code

Fixed ranks table under PostgreSQL. FIXME, only affects new installations and upgrades, if this bug is encountered in the wild we might want to look at auto-integrating a fix.

Updated default main page with links to the Google Code issue tracker

Improved language for static HTML page delete interface

PostgreSQL: Fixed $session->create_user()

PostgreSQL: Fixed user pages. Also added a columns_in() method to the DBAL to list columns in a table

PostgreSQL: fixed Admin:SecurityLog database error

Plugin block parser: Fixed plugin block parsing for plugin files in CRLF format

Installer sysreqs: Merged all the crypto extensions into one check; altered warnings. Strings are hopefully cleaned up.

common_cli and dbal: Fixed lack of ENANO_INSTALLED check in determining config path

Merge from accidental split

Admin User Manager: When a user with a DB-driven user page is renamed, also change urlname of their user page. Fixes issue 3.

Admin Home: fixed undefined %num_users% in string acphome_msg_inactive_users_plural

Language update for About Enano page ("help achieve" sentence added)

parse_mediawiki: Marked the paragraph bug as non-blocker, delayed until RC1. I have higher priorities than a minor win32 only parsing issue.

Fixed some open_basedir errors in SpecialPageFuncs

Login: Fixed typo that prevented non-DH crypto from working (thanks Keith Schmader)

Added a switch to disable following redirects in Request_HTTP

Hack: temporarily disabled PCRE recursion for Win32 in the paragraph block tag parser until a better parser can be written/adapted

which(): added silencer to shut up errors on servers with open_basedir restriction

Logins: reorganized data structures a bit. WiP - needs test routine done.

Another fix to paragraph bypass behavior, for when the same substring appears more than once in the text

OK, I'm done with the preg_replace() in the paragraph parser. It's too buggy. Replaced with preg_match_all()/str_replace_once().

MiniPrompt: [minor] Added short delay before destruction in whiteOutDestroyWithImage().

Merged from accidental split

More parser work: fixed a few bugs with [[intlinks]] in headers, a bug that caused the paragraph parser to return an empty string, and added a warning/backup-and-restore for when a render stage returns an empty string.

Fixed (more) output buffering bugs in Special:EditSidebar

Javascript lib: UX: When whiteOutReportSuccess() is called on a whiteout over a miniPrompt, the miniPrompt and whiteout are now flown out together. Also, a bit of improvement to message box DOM object destruction code; this fixes problems with message boxes appearing below the shade when ajax auth is done 3 or more times in one page load.

Same issue, was doing an empty() check on $page_urlname in Admin:PageManager and not taking both main pages into account

More blank-urlname bugfixes, this time involving internal links

A bit of refinement and consistency to "Powered by Enano" link and associated documentation

Fixed handling of blank urlname as guest main page / other main page for members

Whoops, it's setHook(), not getHook() (Special:Administration JS core)

HTML login: fixed bad submit under IE

Admin panel: added collapsible tables under GeneralConfig, with room for support on other pages.

Login: if return-to specified and already logged in, jump to return-to instead of main page.

Installer: Fixed "RewriteBase /" bug and some improper Dynano use in formutils.js

Functions: fixed HTML sanitizer to properly preprocess <code> one-liners

Fixed (well, implemented) log clearing functionality on uploaded files.

Request_HTTP: Fixed get_response_body(), added HTTP redirect support, and added support for Content-Length.

Scribus <--> Charlie merge

json2: fixed order of exception classes, it threw fits about missing Zend_Exception in ubuntu's latest PHP 5.2.6

Damn it! gzip_output() was not checking for gzip support in the browser, fixed.

Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)

Removed the $userpage parameter from Namespace_Default::error_404(). It screwed up a couple plugins. (Thanks Mazza for discovering the issue)

Enanium: fixed background in tinymce

Wikitext: added horizontal rule support

Fixed RenderMan::render() flags in default namespace XHTML formatter

Tutorial: improved Creating & Editing page a little bit with respect to wiki formatting stuff

Merging in work done on Charlie with upstream

Fixed a couple bugs with read-only mode and protected pages in the AJAX editor

Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses

Enanium: custom header now has an <a> floating above it that links to the main page.

A bit of shuffling around code related to determining the page title from the URL. It's done in common now, and $paths becomes more of an information repository rather than an information gatherer. Note: This BREAKS $paths->fullpage/$paths->getParam() in *_preloader!

Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)

A bit of work on tutorial content, more still needed

Wiki formatter: heading IDs are now name based ("head:" . sanitize_page_id($text)) instead of tocN.

Avatars: fixed animated avatars rejected even when allowed in ACP

Sidebar editor: fixed ob_end_clean() warning

Wiki engine: optimization for empty-text case

Functions: silenced PHP warnings on ob_* functions

JS: MessageBox: Fixed z-index calc

Autofill: fixed missing parameter to $db->fetchrow()

User ACP: redirect to Special:Login on own account deletion

Common: removed cookie_destroy hack

Updated readme for 1.1.7/1.2 series in general

Avatar UCP and ACP: Ported Dynano -> jQuery; merged POST processing code. Added support for IPv6 URLs (avatar UCP and RequestHTTP).

SECURITY: Comments: fix poor sanitization of subject on initial submit

Sessions: whoops, left a debug message in by accident, broke a few redirects

SECURITY: UCP: Added CSRF protection on Profile (unneeded on EmailPassword due to USER_LEVEL_CHPREF requirement)

index: removed that annoying 2-space indent

Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7

Minor fix to SHA256: some indices were not being initted under some circumstances

Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility

Blockquote functionality in wikitext parser now allows rendering of other block level elements properly

Login: enabled DiffieHellman on IE8

Login: visual: fixed separator being displayed with only one of 2 checkboxes

Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.

Made index.php bootstrap smarter and better commented.

More work on rendering engine. Fixed some bugs with paragraph skipping and added (incomplete) support for blockquotes.

Fixed some "declaration should be compatible" errors that showed up under WinXP QA

Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.

Login: Enabled DiffieHellman for iPhone OS 3.0 (it passes unit tests now)

Merged development from Scribus and Charlie

Editor: completely moved wiki edit notice to AJAX fetch, so it's not shipped with the page anymore.

Admin: query string is now preserved on redirect to login

Fixed some formatter engine errors that were exposed through the wiki edit notice

AJAX Login: Fixed all known issues with lockout (and some unknown ones)

Moved User CP profile settings to front page of CP, and changed associated language