# HG changeset patch # User Dan # Date 1195703377 18000 # Node ID 90632c09ed7ec816da708df1341d9f4019de9adf # Parent db8d5111ad20442f029809b7372e4287c9ef0f25 Entering feature freeze for Coblynau release diff -r db8d5111ad20 -r 90632c09ed7e README --- a/README Wed Nov 21 21:56:49 2007 -0500 +++ b/README Wed Nov 21 22:49:37 2007 -0500 @@ -55,7 +55,7 @@ be shown on the (renamed) Special:About_Enano page: "The software used on this website was based on Enano CMS. Copyright - (C) 2006-2007 Enano Foundation." + (C) 2006-2007 Dan Fuhry." The words "Enano CMS" must link to the page . You may (at your option) also include a notice of non-endorsement by the Enano @@ -82,9 +82,8 @@ This tarball includes an upgrade script that can migrate any previous version of Enano to this one. Before you upload the contents of this tarball to your -server, be sure to delete the config.php and .htaccess files included with this -tarball, and back up these two files from your server. (.htaccess only needs to -be backed up if you're using the Tiny URLs option and/or you have Apache.) +server, you might want to delete the files config.new.php and .htaccess.new, +neither of which are needed if you are performing an upgrade. EXPANDING YOUR SITE'S CAPABILITIES ----------------------------- diff -r db8d5111ad20 -r 90632c09ed7e install.php --- a/install.php Wed Nov 21 21:56:49 2007 -0500 +++ b/install.php Wed Nov 21 22:49:37 2007 -0500 @@ -1359,7 +1359,7 @@ { var frm = document.forms.login; ret = true; - if ( frm.admin_user.value.match(/^([A-z0-9 \\-\\.]+)$/) && !frm.admin_user.value.match(/^(?:(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])\\.){3}(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])$/) && frm.admin_user.value.toLowerCase() != \'anonymous\' ) + if ( frm.admin_user.value.match(/^([^<>&\?\'"%\n\r\t\a\/]+)$/) && !frm.admin_user.value.match(/^(?:(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])\\.){3}(?:\\d{1,2}|1\\d\\d|2[0-4]\\d|25[0-5])$/) && frm.admin_user.value.toLowerCase() != \'anonymous\' ) { document.getElementById(\'s_user\').src = \'images/good.gif\'; } diff -r db8d5111ad20 -r 90632c09ed7e plugins/SpecialSearch.php diff -r db8d5111ad20 -r 90632c09ed7e schema.sql