| Tue, 08 Apr 2008 20:30:05 -0400 |
Dan |
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
|
file |
diff |
annotate
|
| Sun, 06 Apr 2008 14:02:20 -0400 |
Dan |
SECURITY: Disabled caching of decrypted DiffieHellman login requests
|
file |
diff |
annotate
|
| Wed, 26 Mar 2008 20:20:22 -0400 |
Dan |
Made some improvements to ACL system including: warning on setting Deny for Everyone on the entire site, added ACL_ALWAYS_ALLOW_ADMIN_EDIT_ACL, and changed behavior as noted in the docs so that Deny for Everyone is no longer able to be overridden
|
file |
diff |
annotate
|
| Tue, 18 Mar 2008 14:32:40 -0400 |
Dan |
Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
|
file |
diff |
annotate
|
| Sun, 16 Mar 2008 16:06:59 -0400 |
Dan |
Added support for embedding language data into plugins; updated all version numbers on plugin files
|
file |
diff |
annotate
|
| Sat, 15 Mar 2008 00:08:01 -0400 |
Dan |
Fixed some bugs with PostgreSQL and added a word_lcase column to the search_index table because collation is not working under MySQL. TODO: Trigger search index rebuild on upgrade to 1.1.4.
|
file |
diff |
annotate
|
| Sat, 08 Mar 2008 12:13:23 -0500 |
Dan |
Fixed undefined variable ($row['is_regex'] instead of $is_regex) in sessions.php
|
file |
diff |
annotate
|
| Thu, 06 Mar 2008 23:31:28 -0500 |
Dan |
[Security] made session manager have some degree of IP validation for session keys and upgrades
|
file |
diff |
annotate
|
| Thu, 06 Mar 2008 23:27:50 -0500 |
Dan |
Fixed session validation bug in upgrade script; fixed non-object reference in template_nodb
|
file |
diff |
annotate
|
| Thu, 06 Mar 2008 20:53:26 -0500 |
Dan |
Added a cron task to sessions.php that deletes old admin keys once a week
|
file |
diff |
annotate
|
| Sun, 02 Mar 2008 19:32:19 -0500 |
Dan |
Implemented password reset (albeit hackishly) into the new login API; added dummy window.console object to hopefully reduce errors when Firebug isn't around; fixed the longstanding ACL dismiss/close button bug; fixed a couple undefined variables in mailer; fixed PHP error on attempted opening of /dev/(u)random in rijndael.php; clarified documentation for PageProcessor::update_page(); fixed some logic problems in theme ACL code; disabled CAPTCHA debug
|
file |
diff |
annotate
|
| Sat, 01 Mar 2008 23:02:05 -0500 |
Dan |
Implemented all security features on theme disabling and ACLs; added clean_key mode to login API to clean unused encryption keys
|
file |
diff |
annotate
|
| Sat, 01 Mar 2008 18:55:54 -0500 |
Dan |
Fixed improper serializing of IP that could allow reusing of key from multiple IP addresses.
|
file |
diff |
annotate
|
| Sun, 24 Feb 2008 12:52:07 -0500 |
Dan |
Merging in changes from Nighthawk
|
file |
diff |
annotate
|
| Fri, 22 Feb 2008 12:51:53 -0500 |
Dan |
Merging fixes and updates from stable branch
|
file |
diff |
annotate
|
| Mon, 31 Dec 2007 21:16:27 -0500 |
Dan |
Integrating patch for PHP 6.0-dev compatibility
|
file |
diff |
annotate
|
| Wed, 20 Feb 2008 14:38:39 -0500 |
Dan |
Added support for Diffie-Hellman key exchange during login. w00t!
|
file |
diff |
annotate
|
| Mon, 18 Feb 2008 16:13:56 -0500 |
Dan |
Fixed typo in ban logic
|
file |
diff |
annotate
|
| Mon, 11 Feb 2008 14:33:31 -0500 |
Dan |
Rebrand as 1.1.2; made upgrade framework functional
|
file |
diff |
annotate
|
| Fri, 08 Feb 2008 23:20:20 -0500 |
Dan |
Added some basic timezone support; DST support is still to come.
|
file |
diff |
annotate
|
| Wed, 06 Feb 2008 19:27:43 -0500 |
Dan |
Fixed some captcha bugs and made all captcha fields case-insensitive
|
file |
diff |
annotate
|
| Wed, 06 Feb 2008 18:41:47 -0500 |
Dan |
Implemented a new CAPTCHA API; the frontend ($session->{make,get}_captcha) is API-compatible but the backend (the captcha class) is deprecated.
|
file |
diff |
annotate
|
| Tue, 29 Jan 2008 23:15:44 -0500 |
Dan |
Localization is FINISHED, DAMN IT HELLAH YEAH! OVER WITH! Man, it feels to get that off my chest. Release is in under 48 hours, folks. And we're ready for it.
|
file |
diff |
annotate
|
| Tue, 29 Jan 2008 16:19:51 -0500 |
Dan |
Rebranded source code as 1.1.1; added TinyMCE ACL rule as per Vadi's request: http://forum.enanocms.org/viewtopic.php?f=7&t=54
|
file |
diff |
annotate
|
| Sun, 27 Jan 2008 22:57:40 -0500 |
Dan |
Got Enano to load even if there are no plugins; added caching for decrypted session keys to significantly improve performance (in theory at least)
|
file |
diff |
annotate
|
| Sat, 26 Jan 2008 15:42:32 -0500 |
Dan |
Removed stray debugging info from ACL editor success notification; added ability for guests to set language on URI (?lang=eng); added html_in_pages ACL type and separated from php_in_pages so HTML can be embedded but not PHP; rewote portions of the path manager to better abstract URL input; added Zend Framework into list of BSD-licensed libraries; localized some remaining strings; got the migration script working, but just barely; fixed display bug in Special:Contributions; localized Main Page button in admin panel
|
file |
diff |
annotate
|
| Thu, 24 Jan 2008 22:14:40 -0500 |
Dan |
[minor] Trying to be a little more careful with values from users_extra in validate_session()
|
file |
diff |
annotate
|
| Thu, 24 Jan 2008 22:06:09 -0500 |
Dan |
A number of scattered changes. Profiler added and only enabled in debug mode (currently on), but awfully useful for fixing performance in the future. Started work on Admin:LangManager
|
file |
diff |
annotate
|
| Wed, 23 Jan 2008 12:48:22 -0500 |
Dan |
Improved compatibility with PostgreSQL and fixed a number of installer bugs; fixed missing "meta" category declaration in language files
|
file |
diff |
annotate
|
| Tue, 22 Jan 2008 01:08:15 -0500 |
Dan |
Localized registration errors and activation/COPPA e-mails
|
file |
diff |
annotate
|
| Mon, 21 Jan 2008 10:09:48 -0500 |
Dan |
Implemented IP logging for comments and registration
|
file |
diff |
annotate
|
| Thu, 03 Jan 2008 00:53:33 -0500 |
Dan |
WiP commit for admin panel localization. All modules up to Admin:UserManager (working down the list) are localized except Admin:ThemeManager, which is due for a rewrite
|
file |
diff |
annotate
|
| Fri, 28 Dec 2007 00:07:53 -0500 |
Dan |
Merging in the last couple of revisions from stable
|
file |
diff |
annotate
|
| Sun, 23 Dec 2007 17:58:21 -0500 |
Dan |
Corrected licensing issue on YoungPup's DOM-Drag (it is now public domain -> GPLv2+ for Enano); fixed wrongful access denial under specific circumstances (fetch_page_acl() on nonexistent page + wiki mode)
|
file |
diff |
annotate
|
| Thu, 27 Dec 2007 22:09:33 -0500 |
Dan |
Replaced TinyMCE 2.x with 3.0 beta 3. Supports everything but IE. Also rewrote the editor interface completely from the ground up.
|
file |
diff |
annotate
|
| Wed, 19 Dec 2007 22:55:40 -0500 |
Dan |
Redid merge, the previous one had a few problems
|
file |
diff |
annotate
|
| Tue, 18 Dec 2007 23:44:55 -0500 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
file |
diff |
annotate
|
| Sat, 15 Dec 2007 18:10:14 -0500 |
Dan |
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
|
file |
diff |
annotate
|
| Wed, 12 Dec 2007 21:37:23 -0500 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
file |
diff |
annotate
|
| Fri, 07 Dec 2007 16:42:22 -0500 |
Dan |
Merging in changes from stable
|
file |
diff |
annotate
|
| Mon, 03 Dec 2007 17:36:25 -0500 |
Dan |
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
|
file |
diff |
annotate
|
| Sun, 02 Dec 2007 16:00:10 -0500 |
Dan |
Merging in the newly stable Coblynau
|
file |
diff |
annotate
|
| Sun, 25 Nov 2007 17:53:03 -0500 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
file |
diff |
annotate
|
| Sat, 24 Nov 2007 01:35:12 -0500 |
Dan |
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
|
file |
diff |
annotate
|
| Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
file |
diff |
annotate
|
| Sun, 18 Nov 2007 20:37:08 -0500 |
Dan |
Merging in fixes and updates from stable
|
file |
diff |
annotate
|
| Sun, 18 Nov 2007 18:44:55 -0500 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
file |
diff |
annotate
|
| Sat, 17 Nov 2007 23:09:12 -0500 |
Dan |
Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
|
file |
diff |
annotate
|
| Sat, 17 Nov 2007 22:25:37 -0500 |
Dan |
Merging in fixes from stable
|
file |
diff |
annotate
|
| Sat, 17 Nov 2007 20:31:01 -0500 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
file |
diff |
annotate
|
| Sat, 17 Nov 2007 15:02:08 -0500 |
Dan |
Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
|
file |
diff |
annotate
|
| Thu, 15 Nov 2007 18:00:39 -0500 |
Dan |
Merging in all changes from revision 185 (90b7a52bea45)
|
file |
diff |
annotate
|
| Fri, 09 Nov 2007 11:18:54 -0500 |
Dan |
Merge in some minor fixes from stable
|
file |
diff |
annotate
|
| Fri, 09 Nov 2007 11:14:20 -0500 |
Dan |
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
|
file |
diff |
annotate
|
| Sat, 03 Nov 2007 07:40:54 -0400 |
Dan |
Merging in fixes and updates from 90b7a52bea45
|
file |
diff |
annotate
|
| Sat, 03 Nov 2007 07:30:11 -0400 |
Dan |
Merging in fixes from rev. 207
|
file |
diff |
annotate
|
| Fri, 02 Nov 2007 20:37:26 -0400 |
Dan |
Localized a good part, if not all, of the registration page and a couple other things.
|
file |
diff |
annotate
|
| Sun, 28 Oct 2007 14:32:13 -0400 |
Dan |
Login page mostly localized
|
file |
diff |
annotate
|
| Wed, 24 Oct 2007 12:45:05 -0400 |
Dan |
Merging in fixes from stable
|
file |
diff |
annotate
|
| Fri, 26 Oct 2007 19:28:54 -0400 |
Dan |
You know what folks, a lot of Mercurial merges failed, and I just now figured out why. So now all changes from stable are permanently synced in.
|
file |
diff |
annotate
|