Tue, 12 Jul 2011 22:13:37 -0400 |
Dan Fuhry |
SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
|
file |
diff |
annotate
|
Sat, 17 Jan 2009 11:51:17 -0500 |
Dan |
Rebrand as v1.0.6 (Roane)
|
file |
diff |
annotate
|
Fri, 09 May 2008 23:32:51 -0400 |
Dan |
Rebrand as 1.0.5 (Ferrishyn)
|
file |
diff |
annotate
|
Thu, 28 Feb 2008 12:33:01 -0500 |
Dan |
Rebrand as 1.0.4 (Ellyyllon)
|
file |
diff |
annotate
|
Mon, 28 Jan 2008 23:07:32 -0500 |
Dan |
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
|
file |
diff |
annotate
|
Fri, 18 Jan 2008 10:35:33 -0500 |
Dan |
Removed all PostgreSQL support from the installer as per http://enanocms.org/News:1200114064; installer support for Postgres is available in the 1.1 branch now
|
file |
diff |
annotate
|
Wed, 09 Jan 2008 22:23:09 -0500 |
Dan |
PHP4 fix: sidebar missing in installer UI: problem was wrongly named constructor for templateIndividualSafe
|
file |
diff |
annotate
|
Mon, 31 Dec 2007 21:16:27 -0500 |
Dan |
Integrating patch for PHP 6.0-dev compatibility
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:44:55 -0500 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
file |
diff |
annotate
|
Sat, 15 Dec 2007 18:10:14 -0500 |
Dan |
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
|
file |
diff |
annotate
|
Wed, 12 Dec 2007 21:37:23 -0500 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
file |
diff |
annotate
|
Tue, 11 Dec 2007 19:15:26 -0500 |
Dan |
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
|
file |
diff |
annotate
|
Mon, 03 Dec 2007 18:45:37 -0500 |
Dan |
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
|
file |
diff |
annotate
|
Mon, 03 Dec 2007 17:36:25 -0500 |
Dan |
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 01:02:55 -0500 |
Dan |
Fix missing REPORT_URI variable in template_nodb
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
file |
diff |
annotate
|
Wed, 21 Nov 2007 20:14:14 -0500 |
Dan |
Re-sync Oxygen and Mint and Oxygen simple with Oxygen main; a couple improvements to the redirect-on-no-config code
|
file |
diff |
annotate
|
Wed, 21 Nov 2007 15:10:57 -0500 |
Dan |
Searching sucks, and Enano's search algorithm was complete bullcrap. So I rewrote it. No, it does not use Google search technology. Like they have a patent for using the Arial font on search result pages anyway.
|
file |
diff |
annotate
|
Thu, 15 Nov 2007 18:00:39 -0500 |
Dan |
Merging in all changes from revision 185 (90b7a52bea45)
|
file |
diff |
annotate
|
Fri, 09 Nov 2007 11:14:20 -0500 |
Dan |
Cleaned up some HTML in the installer; corrected some phpDoc syntax errors
|
file |
diff |
annotate
|
Sat, 03 Nov 2007 14:15:14 -0400 |
Dan |
Alternate scaling using GD is implemented now; images will be scaled with ImageMagick if enabled and working; else, GD will be used. No UI changes to speak of, but a check in the installer will be added in a later commit
|
file |
diff |
annotate
|
Tue, 23 Oct 2007 12:30:08 -0400 |
Dan |
Slight HTTPS compatibility improvements
|
file |
diff |
annotate
|
Sun, 21 Oct 2007 02:33:25 -0400 |
Dan |
[minor] added bottom margin for enanocms.org fading button
|
file |
diff |
annotate
|
Sat, 20 Oct 2007 21:51:26 -0400 |
Dan |
Merging in changes from db8a849ad4c9
|
file |
diff |
annotate
|
Wed, 17 Oct 2007 21:54:11 -0400 |
Dan |
Automatic set of state on Oxygen sidebar portlets should work now; reimplemented parts of the template parser (again) to workaround some PHP/PCRE issues and add support for parser plugins
|
file |
diff |
annotate
|
Fri, 12 Oct 2007 14:41:51 -0400 |
Dan |
Replaced autocompleting username with a much more efficient algorithm and caching system
|
file |
diff |
annotate
|
Sun, 07 Oct 2007 08:39:40 -0400 |
Dan |
SECURITY: remove debug message in session manager; implemented alternate MediaWiki syntax for template embedding; added Adobe Spry for "shake" effect on unsuccessful login
|
file |
diff |
annotate
|
Sat, 06 Oct 2007 20:36:40 -0400 |
Dan |
Rebrand as 1.1.1; everything should now be bumped to "unstable" status
|
file |
diff |
annotate
|
Sat, 06 Oct 2007 14:45:00 -0400 |
Dan |
Fixed external links in tplWikiFormat to use my monster HTTP request regex
|
file |
diff |
annotate
|
Sat, 06 Oct 2007 13:01:46 -0400 |
Dan |
Improvements and fixes (hacks?) for HTML sanitization
|
file |
diff |
annotate
|
Fri, 05 Oct 2007 01:57:00 -0400 |
Dan |
Major revamps to the template parser. Fixed a few security holes that could allow PHP to be injected in untimely places in TPL code. Improved Ux for XSS attempt in tplWikiFormat. Documented many functions. Backported much cleaner parser from 2.0 branch. Beautified a lot of code in the depths of the template class. Pretty much a small-scale Extreme Makeover.
|
file |
diff |
annotate
|
Sun, 23 Sep 2007 23:21:10 -0400 |
Dan |
Rebrand as 1.0.2 (Coblynau); internal links are now parsed by RenderMan::parse_internal_links()
|
file |
diff |
annotate
|
Tue, 18 Sep 2007 00:30:43 -0400 |
Dan |
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
|
file |
diff |
annotate
|
Sat, 08 Sep 2007 22:58:38 -0400 |
Dan |
Improved ban control page and allowed multiple entries/IP ranges; changed some parameters on jBox; user level changes are logged now
|
file |
diff |
annotate
|
Sat, 08 Sep 2007 14:02:19 -0400 |
Dan |
Fixed some rather major bugs in the registration system, this will need a release followup
|
file |
diff |
annotate
|
Fri, 07 Sep 2007 16:25:16 -0400 |
Dan |
Added keep-alive function to admin panel (had been planned for some time) and a new hook, template_var_init_end
|
file |
diff |
annotate
|
Tue, 04 Sep 2007 12:52:23 -0400 |
Dan |
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
|
file |
diff |
annotate
|
Tue, 04 Sep 2007 08:25:48 -0400 |
Dan |
Nothing special, just syncing to Scribus, several bugs have been found with GET forms and a fix is in the works
|
file |
diff |
annotate
|
Sun, 26 Aug 2007 16:48:15 -0400 |
Dan |
[comments] fixed edit button (source wasn't getting filled)
|
file |
diff |
annotate
|
Sat, 25 Aug 2007 12:11:31 -0400 |
Dan |
Fixed non-object reference in databaseless template, added locking for Javascript paginator, made comments on AES key size more clear in constants, and disallowed "anonymous" and IP addresses for admin username in install.php; Loch Ness release candidate
|
file |
diff |
annotate
|
Tue, 14 Aug 2007 15:13:40 -0400 |
Dan |
Added ability to detag deleted pages
|
file |
diff |
annotate
|
Sun, 12 Aug 2007 13:11:16 -0400 |
Dan |
Redid stupid fading button code and fixed several RC2 bugs in the upgrade schema; 1.0.1 release candidate
|
file |
diff |
annotate
|
Fri, 10 Aug 2007 15:57:22 -0400 |
Dan |
Finished pagination code (was incomplete in previous revision) and added a few hacks for an upcoming theme
|
file |
diff |
annotate
|
Thu, 09 Aug 2007 12:26:16 -0400 |
Dan |
AJAX comments are now paginated; plugin manager can now show system plugins; typo in installer corrected; links in oxygen/stpatty/admin footers changed to "About Enano" page; 1.0.1 release candidate
|
file |
diff |
annotate
|
Sat, 21 Jul 2007 18:12:10 -0400 |
Dan |
Made the move to Loch Ness, and got some basic page grouping functionality working. TODO: fix some UI issues in Javascript ACL editor and change non-JS ACL editor to work with page groups too
|
file |
diff |
annotate
|
Sun, 15 Jul 2007 11:41:06 -0400 |
Dan |
Pseudo-commit: Merging Scribus and Nighthawk repos
1.0
|
file |
diff |
annotate
|
Thu, 12 Jul 2007 15:30:26 -0400 |
Dan |
Fixed stupid typo in template.php that made the fading button not work...
|
file |
diff |
annotate
|
Tue, 10 Jul 2007 11:59:02 -0400 |
Dan |
Changed administration login request to use the AJAX login form; made high-level authentication more apparent in the AJAX box; recompiled Oxygen Mint
|
file |
diff |
annotate
|