2008-01-29 |
Dan |
Re-applying the revision with the comment fix (bad merge a couple revs back)
|
changeset |
files
|
2008-01-28 |
Dan |
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
|
changeset |
files
|
2008-01-24 |
Dan |
Merging in a couple revisions from Nighthawk
|
changeset |
files
|
2008-01-24 |
Dan |
Fixed case-sensitive file extensions
|
changeset |
files
|
2008-01-21 |
Dan |
Fixed broken regenCaptcha() in Special:Register
|
changeset |
files
|
2008-01-19 |
Dan |
Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.
|
changeset |
files
|
2008-01-18 |
Dan |
Removed all PostgreSQL support from the installer as per http://enanocms.org/News:1200114064; installer support for Postgres is available in the 1.1 branch now
|
changeset |
files
|
2008-01-10 |
Dan |
PHP4 fix: sidebar missing in installer UI: problem was wrongly named constructor for templateIndividualSafe
|
changeset |
files
|
2008-01-10 |
Dan |
Fix undefined E_STRICT under PHP 4; add PHP 4 deprecation notice in admin panel
|
changeset |
files
|
2008-01-02 |
Dan |
Installer works again now (for MySQL only)
|
changeset |
files
|
2008-01-02 |
Dan |
Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
|
changeset |
files
|
2008-01-01 |
Dan |
Integrating patch for PHP 6.0-dev compatibility
|
changeset |
files
|
2007-12-27 |
Dan |
Fixed search indexer causing duplicate keys when two "words" of 64+ characters encountered and first 64 characters are the same (thanks Vadi); attempt to fix onunload confirmation during page editing
|
changeset |
files
|
2007-12-23 |
Dan |
Corrected licensing issue on YoungPup's DOM-Drag (it is now public domain -> GPLv2+ for Enano); fixed wrongful access denial under specific circumstances (fetch_page_acl() on nonexistent page + wiki mode)
|
changeset |
files
|
2007-12-19 |
Dan |
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
|
changeset |
files
|
2007-12-19 |
Dan |
Merging in a few stray changes from the MySQL branch
|
changeset |
files
|
2007-12-19 |
Dan |
A number of updates to the graphing code (it should actually work now)
|
changeset |
files
|
2007-12-19 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
changeset |
files
|
2007-12-15 |
Dan |
Set Content-type on AJAX login key request to application/json to hopefully block ad injection
|
changeset |
files
|
2007-12-15 |
Dan |
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
|
changeset |
files
|
2007-12-13 |
Dan |
Stable release: Enano CMS 1.0.3 (Dyrad)
1.0.3
|
changeset |
files
|
2007-12-13 |
Dan |
Tagging latest revision for rebrand
|
changeset |
files
|
2007-12-13 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
changeset |
files
|
2007-12-13 |
Dan |
SECURITY: CRITICAL: Fix SQL injection in admin CP page editor
|
changeset |
files
|
2007-12-12 |
Dan |
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
|
changeset |
files
|
2007-12-03 |
Dan |
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
|
changeset |
files
|
2007-12-03 |
Dan |
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
|
changeset |
files
|
2007-12-01 |
Dan |
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
|
changeset |
files
|
2007-12-01 |
Dan |
Stable release: Enano CMS 1.0.2 (Coblynau)
1.0.2
|
changeset |
files
|
2007-12-01 |
Dan |
Dummy revision to artificially increment build number
|
changeset |
files
|
2007-12-01 |
Dan |
Fix missing dependency on search.php in upgrade script
|
changeset |
files
|
2007-12-01 |
Dan |
Detagging release due to stupid upgrade fix
|
changeset |
files
|
2007-12-01 |
Dan |
Stable release: Enano CMS 1.0.2 (Coblynau)
|
changeset |
files
|
2007-12-01 |
Dan |
How could I forget the TRADEMARK SIGN?
|
changeset |
files
|
2007-12-01 |
Dan |
Updated artwork with finalized new/revised logo; finalized upgrade schema
|
changeset |
files
|
2007-11-28 |
Dan |
Add installer pop-help topic for URL scheme, in response to http://forum.enanocms.org/viewtopic.php?f=5&t=19
|
changeset |
files
|
2007-11-28 |
Dan |
Oops, never merged in updates from ee1fc84f12a8 (240)
|
changeset |
files
|
2007-11-28 |
Dan |
Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php
|
changeset |
files
|
2007-11-26 |
Dan |
SECURITY: Tighten default allowed file types; make sure search index rebuild is performed on upgrade
|
changeset |
files
|
2007-11-26 |
Dan |
Final development freeze for release: 1.0.2 (Coblynau); only critical bugs fixed until GA
|
changeset |
files
|
2007-11-26 |
Dan |
Add warning in installer for PHP < 5.2.0; hopefully fix validation of e-mail addresses with dashes
devel-freeze
|
changeset |
files
|
2007-11-26 |
Dan |
Nothing special. ksort()ing list of allowed filetypes in the admin panel to make editing the list marginally easier
|
changeset |
files
|
2007-11-26 |
Dan |
Added OpenDocument MIME types and extensions; make sql_report page show total time taken for SQL queries
|
changeset |
files
|
2007-11-25 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
changeset |
files
|
2007-11-24 |
Dan |
A couple of minor tweaks to the upgrade schema; tests pending
|
changeset |
files
|
2007-11-24 |
Dan |
The template-cache incompatibility bug has finally been isolated, so a function to clear the template cache was added into the upgrade script for 1.0.2
|
changeset |
files
|
2007-11-24 |
Dan |
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
|
changeset |
files
|
2007-11-24 |
Dan |
Hopefully once again fix scriptPath detection in dbal.php
|
changeset |
files
|
2007-11-24 |
Dan |
Fix missing REPORT_URI variable in template_nodb
|
changeset |
files
|
2007-11-24 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
changeset |
files
|
2007-11-23 |
Dan |
Changed all urlname/page_id columns to varchar(255) because 63 characters just isn't long enough
|
changeset |
files
|
2007-11-22 |
Dan |
Made the username validation regexp in install less picky since it was blacklisting two of the letters in my name. >.<
|
changeset |
files
|
2007-11-22 |
Dan |
Feature freezing repository for Coblynau release
|
changeset |
files
|
2007-11-22 |
Dan |
Entering feature freeze for Coblynau release
feature-freeze
|
changeset |
files
|
2007-11-22 |
Dan |
AJAX login box now briefly shows the message "success" when a login is successful
|
changeset |
files
|
2007-11-22 |
Dan |
Deprecated and removed Oxygen css-simple/bleu.css
|
changeset |
files
|
2007-11-22 |
Dan |
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
|
changeset |
files
|
2007-11-21 |
Dan |
Re-add search_results hook and changed column type of search_index.word to varchar(64) in installer schema
|
changeset |
files
|
2007-11-21 |
Dan |
Merging in new search algo from Scribus
|
changeset |
files
|
2007-11-21 |
Dan |
Minor fix for the password meter in Admin:UserManager
|
changeset |
files
|
2007-11-21 |
Dan |
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
|
changeset |
files
|
2007-11-18 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
changeset |
files
|
2007-11-18 |
Dan |
Fixed a couple of renaming issues in the installer
|
changeset |
files
|
2007-11-18 |
Dan |
Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
|
changeset |
files
|
2007-11-18 |
Dan |
Removed stray debug message in installer
|
changeset |
files
|
2007-11-18 |
Dan |
Well I'm an idiot - the fulltext index on page_text was missing from a default installation. It didn't break searches but probably slowed them down tremendously. Also set engine to MyISAM on page_text to avoid cryptic error messages from MySQL.
|
changeset |
files
|
2007-11-18 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
changeset |
files
|
2007-11-17 |
Dan |
Javascript validation for install DB info form didn't allow dashes
|
changeset |
files
|
2007-11-17 |
Dan |
Changed default content for the main page to something a lot more user-friendly and helpful
|
changeset |
files
|
2007-11-17 |
Dan |
Rewrote some security code in PageUtils::savepage to accommodate the ACL system better; there was an issue with non-admin users saving pages on which they have edit rights but wiki mode is turned off
|
changeset |
files
|
2007-11-17 |
Dan |
Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
|
changeset |
files
|
2007-11-17 |
Dan |
Patched in dash-in-database-name fix from unstable
|
changeset |
files
|
2007-11-15 |
Dan |
Merge in installer fixes from 204 (ba28d43a6b86)
|
changeset |
files
|
2007-11-15 |
Dan |
Merging in all changes from revision 185 (90b7a52bea45)
|
changeset |
files
|
2007-11-15 |
Dan |
Fixed a few (more) MySQL issues with the installer and dashes in the database name
|
changeset |
files
|
2007-11-10 |
Dan |
Database name can now contain dashes (as per requested at http://forum.enanocms.org/viewtopic.php?f=5&t=14); corrected some installer behavior issues with connecting as root and setting up permissions resulting in logs not being flushed, configs not being inserted, and what have you.
|
changeset |
files
|
2007-11-09 |
Dan |
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
|
changeset |
files
|
2007-11-06 |
Dan |
Fix installation with MySQL root option
|
changeset |
files
|
2007-11-06 |
Dan |
Out with the old, in with the new. Welcome to Enano's new installer framework!
|
changeset |
files
|
2007-11-05 |
Dan |
Second try (need config.php to exist before the API can be started, duh)
|
changeset |
files
|
2007-11-05 |
Dan |
Renaming config.php and .htaccess to *.new to allow tarbombing an Enano installation with no adverse effects; first attempt, may not work right.
|
changeset |
files
|
2007-11-04 |
Dan |
"Fix" e-mail parse bugs in installer
|
changeset |
files
|
2007-11-03 |
Dan |
Fix PHP4 compatibility (function def. of password_score)
|
changeset |
files
|
2007-11-03 |
Dan |
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
|
changeset |
files
|
2007-11-02 |
Dan |
Fixed: invalid smartform input to Admin:UserManager when errors present and changing own account; [demo mode] default user can no longer change password
|
changeset |
files
|
2007-11-01 |
Dan |
F'ing private message message_read column...
|
changeset |
files
|
2007-11-01 |
Dan |
Fixed: radiobutton state in Admin:GeneralConfig not remembered when registration disabled
|
changeset |
files
|
2007-10-23 |
Dan |
Slight HTTPS compatibility improvements
|
changeset |
files
|
2007-10-22 |
Dan |
Nothing special at all. Unnamed sidebar blocks will show the text <Unnamed> instead of just showing nothing, thus making them renamable
|
changeset |
files
|
2007-10-21 |
Dan |
[minor] added bottom margin for enanocms.org fading button
|
changeset |
files
|
2007-10-21 |
Dan |
Nothing real special. The AJAX loading icon can be changed using the Javascript variable ajax_load_icon in header.tpl.
|
changeset |
files
|
2007-10-21 |
Dan |
Fixing permissions
|
changeset |
files
|
2007-10-21 |
Dan |
That merge did NOT go well.
|
changeset |
files
|
2007-10-21 |
Dan |
Merging in changes from 9e205056f825
|
changeset |
files
|
2007-10-21 |
Dan |
Merging in changes from 9b4279c25d33
|
changeset |
files
|
2007-10-21 |
Dan |
Merging in changes from db8a849ad4c9
|
changeset |
files
|
2007-10-21 |
Dan |
SECURITY: Fixed possible SQL injection in PageUtils page protection; general cleanup of PageUtils; blocked using Project: prefix for page URL strings
|
changeset |
files
|
2007-10-20 |
Dan |
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
|
changeset |
files
|
2007-10-20 |
Dan |
Added a cron framework. Currently tasks will not be run; will implement into templates in next commit
|
changeset |
files
|
2007-10-20 |
Dan |
Sidebar blocks can be renamed now (untested except in Fx2)
|
changeset |
files
|
2007-10-18 |
Dan |
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
|
changeset |
files
|
2007-10-15 |
Dan |
SECURITY: Fix failure to log login failure on no row match
|
changeset |
files
|
2007-10-15 |
Dan |
Merge between Scribus and Nighthawk
|
changeset |
files
|
2007-10-14 |
Dan |
Coupla cheap hacks in St. Patty to make developing more color themes easier
|
changeset |
files
|
2007-10-12 |
Dan |
Replaced autocompleting username with a much more efficient algorithm and caching system
|
changeset |
files
|
2007-10-09 |
Dan |
Fixed some regular expressions in HTML optimization algorithm; regex page groups can be edited now (oops)
|
changeset |
files
|
2007-10-07 |
Dan |
More minor Ux improvements
|
changeset |
files
|
2007-10-07 |
Dan |
AJAX login box is now used in userprefs panel; Spry shake effect and general UX on auth fail is smoother now; added ajaxLoginNavTo() JS function
|
changeset |
files
|
2007-10-07 |
Dan |
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
|
changeset |
files
|
2007-10-07 |
Dan |
Minor text change + link to docs for "about keep-alive" help dialog
|
changeset |
files
|
2007-10-07 |
Dan |
"Perhaps you were looking for" box now only shows if strlen($q) >= 4
|
changeset |
files
|
2007-10-07 |
Dan |
Dummy commit to (hopefully) revert merge of unstable code
|
changeset |
files
|
2007-10-07 |
Dan |
Added tag rebrand for changeset d53cc29308f4
|
changeset |
files
|
2007-10-07 |
Dan |
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
|
changeset |
files
|
2007-10-06 |
Dan |
Fixed external links in tplWikiFormat to use my monster HTTP request regex
|
changeset |
files
|
2007-10-06 |
Dan |
Fixed comment stripping in sanitize_html()
|
changeset |
files
|
2007-10-06 |
Dan |
Improvements and fixes (hacks?) for HTML sanitization
|
changeset |
files
|
2007-10-05 |
Dan |
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
|
changeset |
files
|
2007-10-04 |
Dan |
Fixed text colors on pages when dark system themes are used (bug could be seen using MurrinaNightOrange on an Ubuntu system)
|
changeset |
files
|
2007-10-02 |
Dan |
Fixed: wiki mode edit notice should be shown on fallback editor now
|
changeset |
files
|