includes/functions.php
Tue, 12 Jul 2011 22:37:21 -0400 Dan Fuhry Release prep 1.0.6pl4 1.0.6pl4
Tue, 12 Jul 2011 22:13:37 -0400 Dan Fuhry SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
Mon, 28 Dec 2009 16:52:41 -0500 Dan Fixed a couple non-security sanitizer and editor bugs
Sat, 22 Aug 2009 13:31:09 -0400 Dan Fixed lockup on unclosed HTML tags in wikiformat_process_block() 1.0.6pl1
Sat, 22 Aug 2009 13:30:39 -0400 Dan Version bumped to v1.0.6pl1
Sat, 17 Jan 2009 11:51:17 -0500 Dan Rebrand as v1.0.6 (Roane)
Sat, 17 Jan 2009 11:32:18 -0500 Dan SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Fri, 07 Nov 2008 08:56:53 -0500 Dan Fixed sanitization of full page IDs with accidental parse of escaped hex character in dirtify_page_id(). Thanks Asterion; see http://forum.enanocms.org/post/20/
Tue, 16 Sep 2008 08:20:14 -0400 Dan Fixed IPv6 address match (the one from phpBB3 did not work)
Fri, 09 May 2008 23:32:51 -0400 Dan Rebrand as 1.0.5 (Ferrishyn)
Thu, 28 Feb 2008 12:33:01 -0500 Dan Rebrand as 1.0.4 (Ellyyllon)
Sun, 27 Jan 2008 23:43:24 -0500 Dan Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
Wed, 19 Dec 2007 17:15:48 -0500 Dan Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
Tue, 18 Dec 2007 23:44:55 -0500 Dan Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Sat, 15 Dec 2007 18:10:14 -0500 Dan SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
Wed, 12 Dec 2007 21:37:23 -0500 Dan Rebrand as 1.0.3 (Dyrad)
Tue, 11 Dec 2007 19:15:26 -0500 Dan Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
Mon, 03 Dec 2007 17:36:25 -0500 Dan Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
Wed, 28 Nov 2007 14:47:42 -0500 Dan Oops, never merged in updates from ee1fc84f12a8 (240)
Wed, 28 Nov 2007 14:46:03 -0500 Dan Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php
Sun, 25 Nov 2007 19:23:50 -0500 Dan Nothing special. ksort()ing list of allowed filetypes in the admin panel to make editing the list marginally easier
Wed, 21 Nov 2007 20:14:14 -0500 Dan Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
Wed, 21 Nov 2007 15:10:57 -0500 Dan Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
Sun, 18 Nov 2007 18:44:55 -0500 Dan Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Thu, 15 Nov 2007 18:00:39 -0500 Dan Merging in all changes from revision 185 (90b7a52bea45)
Sat, 03 Nov 2007 18:26:24 -0400 Dan Fix PHP4 compatibility (function def. of password_score)
Sat, 03 Nov 2007 14:15:14 -0400 Dan Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
Sat, 20 Oct 2007 21:51:26 -0400 Dan Merging in changes from db8a849ad4c9
Fri, 19 Oct 2007 21:39:33 -0400 Dan Added a cron framework. Currently tasks will not be run; will implement into templates in next commit
Fri, 12 Oct 2007 14:41:51 -0400 Dan Replaced autocompleting username with a much more efficient algorithm and caching system
Tue, 09 Oct 2007 16:14:55 -0400 Dan Fixed some regular expressions in HTML optimization algorithm; regex page groups can be edited now (oops)
Sun, 07 Oct 2007 08:39:40 -0400 Dan SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
Sat, 06 Oct 2007 20:36:40 -0400 Dan Rebrand as 1.1.1; everything should now be bumped to "unstable" status
Sat, 06 Oct 2007 13:18:30 -0400 Dan Fixed comment stripping in sanitize_html()
Sat, 06 Oct 2007 13:01:46 -0400 Dan Improvements and fixes (hacks?) for HTML sanitization
Mon, 24 Sep 2007 23:59:31 -0400 Dan Rebrand for 1.0.2b1 1.0.2b1
Sun, 23 Sep 2007 23:21:10 -0400 Dan Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
Tue, 18 Sep 2007 17:27:55 -0400 Dan Fix: textarea tags got stripped naked by the HTML optimizer, now no longer
Mon, 17 Sep 2007 11:52:58 -0400 Dan [sync only] Minor display change in Special:About_Enano; added initial PHP function for password strength testing
Tue, 11 Sep 2007 18:35:39 -0400 Dan Rebranded as 1.0.1.1; fixed category page drawing bug; updated link to GPL in the about page to the GPLv2
Sat, 08 Sep 2007 22:58:38 -0400 Dan Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
Sat, 08 Sep 2007 14:02:19 -0400 Dan Fixed some rather major bugs in the registration system, this will need a release followup
Sun, 02 Sep 2007 00:23:07 -0400 Dan Rewrote all code related to delvote_ips column to use serialize()
Tue, 14 Aug 2007 15:13:40 -0400 Dan Added ability to detag deleted pages
Fri, 10 Aug 2007 15:57:22 -0400 Dan Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
Sun, 05 Aug 2007 17:10:17 -0400 Dan Fixed IE6 + Admin theme, version typo in installer, and paginator + IE6
Sun, 05 Aug 2007 15:58:50 -0400 Dan Replaced the menu in the admin theme with something much more visually pleasureable; minor fix in Special:UploadFile; finished patching a couple of XSS problems from Banshee; finished Admin:PageGroups; removed unneeded code in flyin.js; finished tag system (except tag cloud); 1.0.1 release candidate
Wed, 01 Aug 2007 13:39:27 -0400 Dan Improved and enabled HTML optimization algorithm; enabled gzip compression; added but did not test at all the tag cloud class in includes/tagcloud.php, this is still very preliminary and not ready for any type of production use
Sun, 29 Jul 2007 17:40:36 -0400 Dan Modified Text_Wiki parser to fully support UTF-8 strings; several other UTF-8 fixes, international characters seem to work reasonably well now
Sat, 28 Jul 2007 18:08:58 -0400 Dan Work started on page tags, still aways to go, but syncing to Nighthawk
Wed, 25 Jul 2007 18:06:34 -0400 Dan Various bugfixes and cleanups, too much to remember... see the diffs for what got changed :-)
Sat, 21 Jul 2007 18:12:10 -0400 Dan Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
Wed, 11 Jul 2007 13:00:19 -0400 Dan Redirect pages actually work stable-ish now; critical extraneous debug message removed (oops!)
Fri, 06 Jul 2007 11:45:50 -0400 Dan E-mail address mask engine non-Javascript fallback now picks random substitutions for @ and . to make address more unreadable by bots
Tue, 03 Jul 2007 14:07:35 -0400 Dan Fixed a lot of bugs with Safari and Konqueror; improved Opera compatibility
Mon, 02 Jul 2007 15:17:54 -0400 Dan Fixed user pages + the new .xx page URL format
Sun, 01 Jul 2007 14:08:39 -0400 Dan Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
Tue, 26 Jun 2007 20:48:44 -0400 Dan More preliminary l10n work; userpage portal style basics implemented
Tue, 26 Jun 2007 17:28:18 -0400 Dan Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Sat, 23 Jun 2007 18:54:16 -0400 Dan Added demo mode functionality to various parts of Enano (unlocked only with a plugin) and fixed groups table
Sat, 23 Jun 2007 10:16:53 -0400 Dan Emergency version change to 1.0rc3 to fix XSS vulnerabilities
Sat, 23 Jun 2007 09:55:58 -0400 Dan Fixed complicated SQL injection vulnerability in URL handler, updated license info for Tigra Tree Menu, and killed one XSS vulnerability
Fri, 22 Jun 2007 18:42:26 -0400 Dan Security: NUL characters are now stripped from GPC; several code readability standards changes
Wed, 13 Jun 2007 16:07:17 -0400 dan Adding /includes
less more (0) tip