Mon, 28 Jun 2010 10:43:04 -0400 |
Dan Fuhry |
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! Also removed my stand-in for ucfirst().
|
file |
diff |
annotate
|
Sun, 16 May 2010 21:35:43 -0400 |
Dan |
Added the ability to trust XFF (X-Forwarded-For) headers.
|
file |
diff |
annotate
|
Sun, 02 May 2010 23:15:18 -0400 |
Dan |
Added a box on Admin:UploadConfig showing the value of upload_max_filesize.
|
file |
diff |
annotate
|
Sun, 28 Mar 2010 23:10:46 -0400 |
Dan |
Going ahead with the switch to tabs. This is a major coding standards change! If any unusual parser bugs show up, check this changeset. Converted all .php, .js, .tpl, .css, and .json files and did basic testing.
|
file |
diff |
annotate
|
Sun, 28 Mar 2010 21:49:26 -0400 |
Dan |
Introduced configurability for gzip compression. Fixes issue 18.
|
file |
diff |
annotate
|
Sat, 20 Mar 2010 16:05:38 -0400 |
Dan |
Fixed "unapproved" status taking precedence over "spam" flag in comment submit and some display related bugs in comments.js
|
file |
diff |
annotate
|
Sun, 07 Feb 2010 17:07:42 -0500 |
Dan |
URL sanitizer: disabled uppercase letters in URL hex character codes (it was causing conflicts with the Windows/Apache 2.2 alt namespace separator). Thanks Techokami for finding and reporting this bug.
|
file |
diff |
annotate
|
Wed, 06 Jan 2010 02:02:51 -0500 |
Dan |
Fixed some bugs with account activation, especially if you're a half-logged-in vegetable.
|
file |
diff |
annotate
|
Tue, 05 Jan 2010 09:56:00 -0500 |
Dan |
Fixed ENANO_VERSION under databaseless template class
|
file |
diff |
annotate
|
Mon, 28 Dec 2009 16:53:19 -0500 |
Dan |
Fixed oversanitation of multiple XHTML closing tags in a row
|
file |
diff |
annotate
|
Fri, 18 Dec 2009 21:21:59 -0500 |
Dan |
OK screw that, put the crypto backend check in functions.
|
file |
diff |
annotate
|
Thu, 17 Dec 2009 04:26:21 -0500 |
Dan |
JSON preparser: fixed corruption of strings that include the exact pattern word, comma, space, word, colon
|
file |
diff |
annotate
|
Sat, 12 Dec 2009 15:43:23 -0500 |
Dan |
Set up more sensible defaults (UTC, DST off) for timezone preferences. Also modified enano_date() to properly include GMT offsets when timezone characters are used. Fixes issue 4.
|
file |
diff |
annotate
|
Mon, 09 Nov 2009 09:18:29 -0500 |
Dan |
which(): added silencer to shut up errors on servers with open_basedir restriction
|
file |
diff |
annotate
|
Sat, 26 Sep 2009 15:21:51 -0400 |
Dan |
More blank-urlname bugfixes, this time involving internal links
|
file |
diff |
annotate
|
Sun, 20 Sep 2009 02:51:54 -0400 |
Dan |
Functions: fixed HTML sanitizer to properly preprocess <code> one-liners
|
file |
diff |
annotate
|
Fri, 11 Sep 2009 09:55:24 -0400 |
Dan |
Damn it! gzip_output() was not checking for gzip support in the browser, fixed.
|
file |
diff |
annotate
|
Fri, 21 Aug 2009 20:37:18 -0400 |
Dan |
A bit of shuffling around code related to determining the page title from the URL. It's done in common now, and $paths becomes more of an information repository rather than an information gatherer. Note: This BREAKS $paths->fullpage/$paths->getParam() in *_preloader!
|
file |
diff |
annotate
|
Fri, 21 Aug 2009 15:37:23 -0400 |
Dan |
Functions: silenced PHP warnings on ob_* functions
|
file |
diff |
annotate
|
Thu, 20 Aug 2009 20:01:55 -0400 |
Dan |
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
|
file |
diff |
annotate
|
Wed, 29 Jul 2009 11:48:54 -0400 |
Dan |
Tweaked URL sanitizing a bit to make Enanium work better.
|
file |
diff |
annotate
|
Mon, 06 Jul 2009 11:26:21 -0400 |
Dan |
Fixed decode_unicode_url() trying to parse non-hex %uXXXX sequences
|
file |
diff |
annotate
|
Sun, 21 Jun 2009 00:20:32 -0400 |
Dan |
First implementation of new parser; Text_Wiki is now gone. VERY BETA! WiP.
|
file |
diff |
annotate
|
Thu, 14 May 2009 11:34:24 -0400 |
Dan |
A few safety changes to tolerate no $session when it's not available
|
file |
diff |
annotate
|
Sun, 10 May 2009 15:52:53 -0400 |
Dan |
Wikitext redirects should work again + get_redirect() added to Namespace_* to allow plugins to extend
|
file |
diff |
annotate
|
Tue, 05 May 2009 00:10:26 -0400 |
Dan |
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
|
file |
diff |
annotate
|
Wed, 15 Apr 2009 19:44:47 -0400 |
Dan |
New, beautiful, rethought Admin:Home. No, really, you'll like it.
|
file |
diff |
annotate
|
Tue, 14 Apr 2009 21:02:13 -0400 |
Dan |
Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
|
file |
diff |
annotate
|
Mon, 13 Apr 2009 14:43:28 -0400 |
Dan |
New page protection UI. Both miniPrompt and failsafe HTML.
|
file |
diff |
annotate
|
Sat, 11 Apr 2009 22:32:45 -0400 |
Dan |
When changing namespace of a File: page, associated files are now deleted. Also fixed some issues with image scaling.
|
file |
diff |
annotate
|