Tue, 12 Jul 2011 22:13:37 -0400 |
Dan Fuhry |
SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
|
file |
diff |
annotate
|
Tue, 16 Nov 2010 12:19:13 -0500 |
Dan Fuhry |
SECURITY: Fix SQL injection in banlist check
|
file |
diff |
annotate
|
Sat, 17 Jan 2009 11:51:17 -0500 |
Dan |
Rebrand as v1.0.6 (Roane)
|
file |
diff |
annotate
|
Fri, 09 May 2008 23:32:51 -0400 |
Dan |
Rebrand as 1.0.5 (Ferrishyn)
|
file |
diff |
annotate
|
Thu, 28 Feb 2008 12:33:01 -0500 |
Dan |
Rebrand as 1.0.4 (Ellyyllon)
|
file |
diff |
annotate
|
Mon, 31 Dec 2007 21:16:27 -0500 |
Dan |
Integrating patch for PHP 6.0-dev compatibility
|
file |
diff |
annotate
|
Sun, 23 Dec 2007 17:58:21 -0500 |
Dan |
Corrected licensing issue on YoungPup's DOM-Drag (it is now public domain -> GPLv2+ for Enano); fixed wrongful access denial under specific circumstances (fetch_page_acl() on nonexistent page + wiki mode)
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:44:55 -0500 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
file |
diff |
annotate
|
Sat, 15 Dec 2007 18:10:14 -0500 |
Dan |
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
|
file |
diff |
annotate
|
Wed, 12 Dec 2007 21:37:23 -0500 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
file |
diff |
annotate
|
Mon, 03 Dec 2007 17:36:25 -0500 |
Dan |
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
|
file |
diff |
annotate
|
Sun, 25 Nov 2007 17:53:03 -0500 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 01:35:12 -0500 |
Dan |
Fixed a few major bugs with the upgrade script and the config file not getting loaded properly due to IN_ENANO_INSTALL
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
file |
diff |
annotate
|
Sun, 18 Nov 2007 18:44:55 -0500 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
file |
diff |
annotate
|
Sat, 17 Nov 2007 23:09:12 -0500 |
Dan |
Hopefully managed to put enough hacks in there to make renaming the config file the last step, so if it fails, it can be done manually
|
file |
diff |
annotate
|
Sat, 17 Nov 2007 20:31:01 -0500 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
file |
diff |
annotate
|
Sat, 17 Nov 2007 15:02:08 -0500 |
Dan |
Fixed: secure-cookie option is no longer set if $_SERVER['HTTPS'] is set but == "off"
|
file |
diff |
annotate
|
Thu, 15 Nov 2007 18:00:39 -0500 |
Dan |
Merging in all changes from revision 185 (90b7a52bea45)
|
file |
diff |
annotate
|
Fri, 09 Nov 2007 11:14:20 -0500 |
Dan |
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
|
file |
diff |
annotate
|
Tue, 23 Oct 2007 12:30:08 -0400 |
Dan |
Slight HTTPS compatibility improvements
|
file |
diff |
annotate
|
Sat, 20 Oct 2007 21:51:26 -0400 |
Dan |
Merging in changes from db8a849ad4c9
|
file |
diff |
annotate
|
Mon, 15 Oct 2007 00:11:51 -0400 |
Dan |
SECURITY: Fix failure to log login failure on no row match
|
file |
diff |
annotate
|
Sun, 07 Oct 2007 08:39:40 -0400 |
Dan |
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
|
file |
diff |
annotate
|
Sat, 06 Oct 2007 20:36:40 -0400 |
Dan |
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
|
file |
diff |
annotate
|
Sun, 30 Sep 2007 20:20:07 -0400 |
Dan |
Feature add: new page group type: regular expression match (PCRE)
|
file |
diff |
annotate
|
Sun, 23 Sep 2007 23:21:10 -0400 |
Dan |
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
|
file |
diff |
annotate
|
Tue, 18 Sep 2007 16:29:26 -0400 |
Dan |
Enano should now fully support UTF-8 usernames; newly registered users are now granted automatic edit access to their user pages (admins can still use protection on the page)
|
file |
diff |
annotate
|
Tue, 18 Sep 2007 00:30:43 -0400 |
Dan |
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
|
file |
diff |
annotate
|
Thu, 13 Sep 2007 08:28:11 -0400 |
Dan |
Fix: activation e-mails were signed by Anonymous :-)
|
file |
diff |
annotate
|
Sat, 08 Sep 2007 15:06:28 -0400 |
Dan |
Vastly improved UX for a login to an inactive account
|
file |
diff |
annotate
|
Sat, 21 Jul 2007 18:12:10 -0400 |
Dan |
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
|
file |
diff |
annotate
|
Sat, 21 Jul 2007 11:28:59 -0400 |
Dan |
Fixed a few presentation bugs in installer, made installer more "legally binding", and fixed global permissions inheritance in $session->fetch_page_acl()
|
file |
diff |
annotate
|
Mon, 09 Jul 2007 22:01:27 -0400 |
Dan |
Vastly improved compatibility with older versions of IE, particularly 5.0, through the use of a kill switch that turns off all AJAX functions
|
file |
diff |
annotate
|
Thu, 05 Jul 2007 10:37:36 -0400 |
Dan |
I dunno how many times I'm gonna have to fix the "problem seems to be the hex conversion" bug, but this is at least the fourth try.
|
file |
diff |
annotate
|
Sun, 01 Jul 2007 14:08:39 -0400 |
Dan |
Finished everything on the TODO list (yay!); several CSS cleanups; tons more changes in this commit - see the patch for details
|
file |
diff |
annotate
|
Thu, 28 Jun 2007 15:26:40 -0400 |
Dan |
Finished Special:Preferences/Profile page! Only the wikitext parser cleanup left, yay!
|
file |
diff |
annotate
|
Thu, 28 Jun 2007 13:49:40 -0400 |
Dan |
COPPA support added
|
file |
diff |
annotate
|
Tue, 26 Jun 2007 17:28:18 -0400 |
Dan |
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
|
file |
diff |
annotate
|
Sat, 23 Jun 2007 10:38:24 -0400 |
Dan |
Upgrades (RC2->RC3) should now work
|
file |
diff |
annotate
|
Sat, 23 Jun 2007 10:16:53 -0400 |
Dan |
Emergency version change to 1.0rc3 to fix XSS vulnerabilities
|
file |
diff |
annotate
|
Fri, 22 Jun 2007 10:31:59 -0400 |
Dan |
Installer actually works now on dev servers; minor language change in template.php; code cleanliness fix in sessions.php
|
file |
diff |
annotate
|
Wed, 13 Jun 2007 16:07:17 -0400 |
dan |
Adding /includes
|
file |
diff |
annotate
|