Thu, 26 Feb 2009 01:28:18 -0500 Dan Plugin backend: bugfix: installing a plugin should now properly import its strings
Thu, 26 Feb 2009 01:27:56 -0500 Dan Set password in userinfo to allow auth plugins to see it (some really do need it)
Thu, 26 Feb 2009 01:27:23 -0500 Dan Plugin manager: system plugins now sorted to last
Thu, 26 Feb 2009 01:07:32 -0500 Dan Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Thu, 26 Feb 2009 01:06:58 -0500 Dan setConfig() will now delete config values if the second parameter is explicitly set to false
Thu, 26 Feb 2009 01:04:27 -0500 Dan HMAC functions are now standards-compliant (not a security issue). This BREAKS 1.1.6-hg passwords!
Thu, 26 Feb 2009 01:03:22 -0500 Dan Added a basic plugin/hook framework for Javascript
Thu, 26 Feb 2009 01:02:50 -0500 Dan [minor] changed heading format in mainpage-default
Thu, 26 Feb 2009 01:02:33 -0500 Dan Fixed default ACLs
Thu, 26 Feb 2009 01:02:00 -0500 Dan Added color specifications on input fields for admin and oxygen
Wed, 25 Feb 2009 13:39:49 -0500 Dan Blah. Wrong type for those getConfig values.
Wed, 25 Feb 2009 13:38:21 -0500 Dan Fixed: no default values in for avatar upload settings
Mon, 16 Feb 2009 17:12:02 -0500 Dan [Oops] removed debug message in install-cli
Mon, 16 Feb 2009 17:01:56 -0500 Dan Damn, forgot to add the version insertion back into schema
Mon, 16 Feb 2009 16:17:25 -0500 Dan Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
Mon, 16 Feb 2009 16:04:54 -0500 Dan Made all page_id and namespace columns consistent
Mon, 16 Feb 2009 16:04:31 -0500 Dan Added Unicode support for usernames and passwords (this is probably best considered a JS crypto bug)
Mon, 16 Feb 2009 13:01:35 -0500 Dan Fixed https urls not allowed in user_extra CPs; fixed nonworking password reset in admin CP
Mon, 26 Jan 2009 11:45:48 -0500 Dan Added a few hooks to Admin:GeneralConfig (didn't I do this already?)
Sun, 25 Jan 2009 21:21:07 -0500 Dan Merging Nighthawk (anti-spam work) and Scribus (AJAX work + debugging + CLI installer) branches
Sun, 25 Jan 2009 21:20:14 -0500 Dan Replaced integer checks that used preg_match() to use ctype_digit() instead
Sun, 25 Jan 2009 21:18:05 -0500 Dan Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Sun, 25 Jan 2009 20:35:32 -0500 Dan Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Sun, 25 Jan 2009 20:35:06 -0500 Dan AJAX core library: possible breaking change, readystatechange functions are now called with the XHR instance as the first parameter, to allow requests to run in parallel. This means much better stability but may break some applets (compatibility hack is included)
Sun, 25 Jan 2009 20:27:14 -0500 Dan Oxygen: synced mint style
Sun, 25 Jan 2009 20:26:50 -0500 Dan PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Sun, 25 Jan 2009 20:24:38 -0500 Dan Change config.new.php and .htaccess.new to have a single newline according to Fedora project guidelines
Fri, 23 Jan 2009 22:03:39 -0500 Dan Installer: add RewriteBase to .htaccess to work properly under aliased Apache setups (generated 404s in QA)
Fri, 23 Jan 2009 21:59:03 -0500 Dan A few bugfixes in CLI installer related to interactivity
Sat, 17 Jan 2009 15:16:36 -0500 Dan SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Fri, 16 Jan 2009 13:14:08 -0500 Dan Fixed login form being focused too early (caused page to scroll up)
Fri, 16 Jan 2009 13:13:37 -0500 Dan Deprecated old grab_password_hash() functions in session
Fri, 16 Jan 2009 13:13:03 -0500 Dan Whoops! Fixed an SQL injection vulnerability in the CLI installer. (Not like it's a huge deal because the vulnerability was only introduced last commit and if you make it to that stage you already know the database password)
Wed, 14 Jan 2009 23:29:14 -0500 Dan Added already-installed check to cli-core
Wed, 14 Jan 2009 20:33:05 -0500 Dan Added CLI installer. Supports interactive, command-line, and internal-call installation. Fixed a few bugs related to anti-SQL injection parser and plugin installation.
Sun, 11 Jan 2009 21:37:49 -0500 Dan Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Sun, 11 Jan 2009 21:37:39 -0500 Dan JS core: whiteOutReportSuccess now has a sister whiteOutReportFailure(); both abstracted to function whiteOutDestroyWithImage(whitey, image_url)
Sun, 11 Jan 2009 21:36:36 -0500 Dan DBAL: Fixed issues with die_json() and multiline responses from {mysql,pg_last}_error()
Sun, 11 Jan 2009 21:35:39 -0500 Dan Plugin manager: added support for having specific install and uninstall blocks per DBMS
Sun, 11 Jan 2009 21:35:03 -0500 Dan Special:Administration: fixed 404 on several Tigra tree menu images
Sun, 11 Jan 2009 21:34:27 -0500 Dan jBox: When an anchor in a menu is clicked, menu is now hidden
Sun, 11 Jan 2009 21:32:24 -0500 Dan Fix undefined variable in special namespace missing function handler
Sun, 11 Jan 2009 21:31:27 -0500 Dan If there's an onlineupgrade.php, installer index.php will link to that instead of upgrade.php (future readiness ;))
Sun, 11 Jan 2009 21:30:46 -0500 Dan Fix version number warning in installer common
Sun, 04 Jan 2009 01:43:16 -0500 Dan Upgrades should work now.
Sun, 04 Jan 2009 00:55:40 -0500 Dan Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Sat, 03 Jan 2009 18:11:18 -0500 Dan Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].
Sat, 03 Jan 2009 17:54:26 -0500 Dan Added a couple of hooks for the registration form.
Wed, 31 Dec 2008 08:40:38 -0500 Dan Redid error handler (it was causing some problems with gzip enabled)
Wed, 24 Dec 2008 10:04:48 -0500 Dan Small speed optimization to admin panel loader
Wed, 24 Dec 2008 10:04:37 -0500 Dan Revamped main page default content
Wed, 24 Dec 2008 10:04:19 -0500 Dan Several thematic enhancements to Oxygen including making the main page title an h1
Mon, 22 Dec 2008 21:54:30 -0500 Dan Added support for re-auth on submit to rank manager when session goes bad; still more to come
Mon, 22 Dec 2008 21:26:19 -0500 Dan Added dynamic reload-less re-auth to admin panel, so that if a session is lost it can be recovered without a reload. Support for hooking into form submits will be added in the future.
Mon, 22 Dec 2008 21:25:14 -0500 Dan Updated URLs and strings to point to the new server (ktulu)
Mon, 22 Dec 2008 18:51:05 -0500 Dan Fixed a few bugs with plugin management and importing of old plugin metadata
Mon, 22 Dec 2008 13:31:07 -0500 Dan Added support for upgrades from Ferrishyn
Mon, 22 Dec 2008 13:30:49 -0500 Dan Added paginator_goto() to function reverse map; fixed some missing component loads in pagination code
Mon, 22 Dec 2008 13:30:00 -0500 Dan When will that stupid user -> user_id bug stop REARING ITS UGLY HEAD. DIE! DIE! DIE! DIE! DIE!
Sun, 21 Dec 2008 22:06:25 -0500 Dan Fixed: autocomplete got broken somehow
(0) -300 -100 -60 +60 +100 +300 tip