Whoops, it's setHook(), not getHook() (Special:Administration JS core)

HTML login: fixed bad submit under IE

Admin panel: added collapsible tables under GeneralConfig, with room for support on other pages.

Login: if return-to specified and already logged in, jump to return-to instead of main page.

Installer: Fixed "RewriteBase /" bug and some improper Dynano use in formutils.js

Functions: fixed HTML sanitizer to properly preprocess <code> one-liners

Fixed (well, implemented) log clearing functionality on uploaded files.

Request_HTTP: Fixed get_response_body(), added HTTP redirect support, and added support for Content-Length.

Scribus <--> Charlie merge

json2: fixed order of exception classes, it threw fits about missing Zend_Exception in ubuntu's latest PHP 5.2.6

Damn it! gzip_output() was not checking for gzip support in the browser, fixed.

Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)

Removed the $userpage parameter from Namespace_Default::error_404(). It screwed up a couple plugins. (Thanks Mazza for discovering the issue)

Enanium: fixed background in tinymce

Wikitext: added horizontal rule support

Fixed RenderMan::render() flags in default namespace XHTML formatter

Tutorial: improved Creating & Editing page a little bit with respect to wiki formatting stuff

Merging in work done on Charlie with upstream

Fixed a couple bugs with read-only mode and protected pages in the AJAX editor

Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses

Enanium: custom header now has an <a> floating above it that links to the main page.

A bit of shuffling around code related to determining the page title from the URL. It's done in common now, and $paths becomes more of an information repository rather than an information gatherer. Note: This BREAKS $paths->fullpage/$paths->getParam() in *_preloader!

Made internal links to the Admin namespace much smarter. (They do the login box and stuff.)

A bit of work on tutorial content, more still needed

Wiki formatter: heading IDs are now name based ("head:" . sanitize_page_id($text)) instead of tocN.

Avatars: fixed animated avatars rejected even when allowed in ACP

Sidebar editor: fixed ob_end_clean() warning

Wiki engine: optimization for empty-text case

Functions: silenced PHP warnings on ob_* functions

JS: MessageBox: Fixed z-index calc

Autofill: fixed missing parameter to $db->fetchrow()

User ACP: redirect to Special:Login on own account deletion

Common: removed cookie_destroy hack

Updated readme for 1.1.7/1.2 series in general

Avatar UCP and ACP: Ported Dynano -> jQuery; merged POST processing code. Added support for IPv6 URLs (avatar UCP and RequestHTTP).

SECURITY: Comments: fix poor sanitization of subject on initial submit

Sessions: whoops, left a debug message in by accident, broke a few redirects

SECURITY: UCP: Added CSRF protection on Profile (unneeded on EmailPassword due to USER_LEVEL_CHPREF requirement)

index: removed that annoying 2-space indent

Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7

Minor fix to SHA256: some indices were not being initted under some circumstances

Added ability for authentication plugins to modify session keys (to allow invalidation when their own authentication data is changed) as well as the ability to disable the built-in password change facility

Blockquote functionality in wikitext parser now allows rendering of other block level elements properly

Login: enabled DiffieHellman on IE8

Login: visual: fixed separator being displayed with only one of 2 checkboxes

Some changes to AJAX login interface, made it a bit more compact with less language, with some Enanium specific modifications to the same.

Made index.php bootstrap smarter and better commented.

More work on rendering engine. Fixed some bugs with paragraph skipping and added (incomplete) support for blockquotes.

Fixed some "declaration should be compatible" errors that showed up under WinXP QA

Sessions: fixed logout() destroying normal session (instead of elevated) if $level = USER_LEVEL_CHPREF. Possible very minor security concern: elevated sessions were not fully destroyed, so if a normal session is opened from the same IP, the elevated one may be reusable for 15 minutes.

Login: Enabled DiffieHellman for iPhone OS 3.0 (it passes unit tests now)

Merged development from Scribus and Charlie

Editor: completely moved wiki edit notice to AJAX fetch, so it's not shipped with the page anymore.

Admin: query string is now preserved on redirect to login

Fixed some formatter engine errors that were exposed through the wiki edit notice

AJAX Login: Fixed all known issues with lockout (and some unknown ones)

Moved User CP profile settings to front page of CP, and changed associated language

Fixed logins with usernames containing Unicode characters

Fixed title formatting in user pages

Tweaked URL sanitizing a bit to make Enanium work better.

Added method add_header_js() to template to allow insertion of code to be run immediately after JS init

Added ability to specify PNG or JPEG as the format of thumbnails/scaled images in Special:DownloadFile

ACL manager: started on IE support; button clicking not working. Other compatibility improvements and bugfixes.

Userpage: rewrite of many CSS rules for better scaling behavior

ACL editor: finally fixed that annoying blank-window bug on rule deletion

Here we go, preload_js() officially added to admin panel. Pray with me.

Renderer: added "smart paragraphs" for templates. <p><b>Foo</b> {bar}</p> where bar is multiline is basically turned into proper XHTML paragraphs.

One word: Internet Explorer 6. This includes a rewrite of $paths->parseAdminTree() that encodes to JSON instead of manually generating JS, so good-bye to stupid parser problems I hope.

AJAX login: fixed lockout string being displayed where it shouldn't be

Enanium: Added some IE6 fixes

Enanium: consolidated jBox and toolbar CSS. Firefox 3.5 did a double-request and it was slowing things down. Thanks YSlow.

Admin theme: fixed onload behavior of collapsible menu

OK, JS preloading on a CDN works perfectly now. I'm sure of it.

Fixed inconsistency in JS component load order between CDN sites and non-CDN sites

Fixed a series of infinite loops with preloading components and placeholders

Enanium: <pre> elements under div.content are now indented

Wiki engine: improved behavior in block level element finding/wrapping algorithm

Template: minor: documented sidebar_widget()

Namespace_Default::bake_cdata() now guesses values for anything missing

jQuery: UI: Upgraded to 1.7.2

Dynano: finally deprecated $() syntax due to jQuery

Fixed one unlocalized string in sidebar editor; fixed sidebar editor jQuery init race condition seen under Firefox and Chromium on 64-bit

SECURITY: Fixed potential XSS in $output->set_title() (introduced: 1.1.6)

History: Fixed missing $q in fetchrow()

Language: fixed improper null return in add_filter()

Fixed decode_unicode_url() trying to parse non-hex %uXXXX sequences

Fixed onload_hooks[] being initted to null after runOnloadHooks() called (should now be initted to an array)

Fixed makeUrl() Javascript version not calling append_sid()

Login and sessions: fixed some improper handling of the config for lockout logic

Wiki formatting: Headings: tolerate spaces after line; added disable_rule method (required for rev. 1029)

SHA256: Fixed broken hashes on 64-bit PHP

Installer: now compatible with new rendering engine

Removed Text_Wiki and Firebug Lite from 3rd party code list

First implementation of new parser; Text_Wiki is now gone. VERY BETA! WiP.

AJAX login: fixed improper run of login_submit_early; fixed failure to redirect if main_page_members == current page

Fixed improper usage of function_exists() in captcha

Merging branches. Revision 2^10! :D

Added support for preloading javascript libs ($template->preload_js()). Updated admin theme and Tigra Tree Menu to support this + JS_{HEADER,FOOTER} variables.

Install: fixed a few bugs that showed up under IE8

Fixed broken javascript magic on Admin:PageGroups

Enabled tiny URL scheme support in installer cli-core

Whoops, plugin upgrades got broken

Minor plugin compatibility fix to Special:Search

Theme selector: fixed disabled themes being displayed

Comments: SECURITY: Fixed IP not recorded in non-JSON submit and a few other non-security issues

Removed Firebug Lite - unused, outdated, and potential licensing issue. All licensing issues should be resolved now.

Fixed missing global $cache; in $plugins->upgrade_plugin();

Set a few queries to buffered due to intermediate queries during fetching

Stats: fixed missing $q in $db->fetchrow()

Comments: fixed failure to supply $q to fetchrow() in JSON fetcher

Clarified some licensing issues from the Fedora project's preliminary review.

Fixed lack of default value in main page field on admin panel

Fixed a PHP warning in Admin:GeneralConfig default theme selection

Disabled Connection: close in AJAX lib (throws error under Chrome 2.0)

JS core: allow setting loaded_components in other scripts

AJAX rdns call now calls is_valid_ip() (security?)

Enanium: bumped top heading down a few px

Class "currentpage" is now added to all internal links, including sidebar buttons, if the link points to the current page.

Whoa! I broke Live Re-Auth, fortunately after the 1.1.6 release.

Sped up AJAX de-auth a little; added a little extra info to login_success JSON responses