Dan Fuhry <dan@enanocms.org> [Mon, 28 Jun 2010 10:43:04 -0400] rev 1253
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! Also removed my stand-in for ucfirst().
Dan [Wed, 02 Jun 2010 21:58:26 -0400] rev 1252
Rewrote category editor. This breaks the JSON API. Also fixed a few bugs with how Wiki Mode is set in $paths. (Hopefully that doesn't cause infinite loops, heh). Fixes issue 20.
Dan [Sun, 16 May 2010 21:35:43 -0400] rev 1251
Added the ability to trust XFF (X-Forwarded-For) headers.
Dan [Sat, 15 May 2010 03:05:43 -0400] rev 1250
Test commit to verify that ktulu auto sync works properly
Dan [Sun, 02 May 2010 23:15:18 -0400] rev 1249
Added a box on Admin:UploadConfig showing the value of upload_max_filesize.
Dan [Fri, 30 Apr 2010 22:15:03 -0400] rev 1248
Merged (accidental split)
Dan [Fri, 30 Apr 2010 22:13:08 -0400] rev 1247
Fixed typo in that, the parameter that was supposed to go to getConfig was going to htmlspecialchars()
Dan [Fri, 30 Apr 2010 22:10:57 -0400] rev 1246
Added an ajax auto check for the path to ImageMagick in Admin:UploadConfig
Dan [Tue, 20 Apr 2010 11:38:59 -0400] rev 1245
Reordered wiki render stages so images happen before external links. Fixes a parser bug seen, among other places, on the Donation page.
Dan [Tue, 20 Apr 2010 11:38:24 -0400] rev 1244
Fixed some cosmetic bugs in Special:AllPages
Dan [Mon, 19 Apr 2010 18:07:43 -0400] rev 1243
Fixed registration admin override with account_activation set to disable.
Dan [Sat, 17 Apr 2010 03:33:14 -0400] rev 1242
Made separate methods in sessionManager for static and non-static generate_aes_form(), because PHP (erroneously) always calls that method statically.