2010-09-21 |
Dan Fuhry |
Fixed password field in HTML login not being focused during >USER_LEVEL_MEMBER auth
|
file |
diff |
annotate
|
2010-08-22 |
Dan Fuhry |
Fixed some bugs with the change password form when pw_strength_enable is 0.
|
file |
diff |
annotate
|
2010-07-31 |
Dan Fuhry |
Improved display of comments from foes, and fixed some general issues with the friend and foe lists
|
file |
diff |
annotate
|
2010-07-27 |
Dan |
Improved captcha word generation; fixed duplicate auth parameter in Special:Login privileged login; improved search indexer performance on websites with lots of words
|
file |
diff |
annotate
|
2010-07-01 |
Dan Fuhry |
Integrated XSS patch for 1.1.7 maintenance branch
1.1.7-maintenance 1.1.7pl1
|
file |
diff |
annotate
|
2010-06-28 |
Dan Fuhry |
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! Also removed my stand-in for ucfirst().
|
file |
diff |
annotate
|
2010-04-19 |
Dan |
Fixed registration admin override with account_activation set to disable.
|
file |
diff |
annotate
|
2010-03-29 |
Dan |
Going ahead with the switch to tabs. This is a major coding standards change! If any unusual parser bugs show up, check this changeset. Converted all .php, .js, .tpl, .css, and .json files and did basic testing.
|
file |
diff |
annotate
|
2010-03-17 |
Dan |
Fixed username not being decoded in Special:ActivateAccount
|
file |
diff |
annotate
|
2010-01-06 |
Dan |
Fixed some bugs with account activation, especially if you're a half-logged-in vegetable.
|
file |
diff |
annotate
|
2009-12-12 |
Dan |
CAPTCHA: Added smart autosubmit for registration page. Usability testing was so-so, may back out later.
|
file |
diff |
annotate
|
2009-11-04 |
Dan |
Logins: reorganized data structures a bit. WiP - needs test routine done.
|
file |
diff |
annotate
|
2009-09-25 |
Dan |
HTML login: fixed bad submit under IE
|
file |
diff |
annotate
|
2009-09-20 |
Dan |
Login: if return-to specified and already logged in, jump to return-to instead of main page.
|
file |
diff |
annotate
|
2009-09-11 |
Dan |
Common: renamed global $title to $urlname (it broke the API from non-plugin Enano scripts)
|
file |
diff |
annotate
|
2009-08-22 |
Dan |
Sessions: Improved inactive account UX; shuffled around a bit of code so that whitelist checks are shared; fixed a bunch of bugs related to ban code and IPv6 addresses
|
file |
diff |
annotate
|
2009-08-21 |
Dan |
Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
|
file |
diff |
annotate
|
2009-07-02 |
Dan |
Login and sessions: fixed some improper handling of the config for lockout logic
|
file |
diff |
annotate
|
2009-05-15 |
Dan |
Added another word to the CAPTCHA blacklist (thanks Neal).
|
file |
diff |
annotate
|
2009-05-15 |
Dan |
Added protection against obscene words in CAPTCHAs
|
file |
diff |
annotate
|
2009-05-13 |
Dan |
Comment UI / Special:Memberlist: UI consistency for Send PM/Add Buddy links in Memberlist and comment display UI
|
file |
diff |
annotate
|
2009-05-10 |
Dan |
Added register_special_page() function, to make it much easier to create special pages. Also, rewrote Special:Memberlist to use more efficient fetch method and not use an unbuffered whole-table query.
|
file |
diff |
annotate
|
2009-05-05 |
Dan |
Made some more changes to the way namespaces are handled, for optimization purposes. This is a bit of a structural reorganization: $paths->pages is obsoleted in its entirety; calculating page existence and metadata is now the job of the Namespace_* backend class. There are many things in PageProcessor that should be reorganized, and page actions in general should really be rethought. This is probably the beginning of a long process that will be taking place over the course of the betas.
|
file |
diff |
annotate
|
2009-04-15 |
Dan |
File rollbacks should be all up to date now.
|
file |
diff |
annotate
|
2009-04-15 |
Dan |
Finished core of log display interface including filter management. There is still a bit of a to-do list, especially regarding rollbacks and reuploads.
|
file |
diff |
annotate
|
2009-04-13 |
Dan |
Memberlist now shows rank instead of user level in "Title" column. (thanks mm3)
|
file |
diff |
annotate
|
2009-04-13 |
Dan |
Live Re-Auth is now required for deleting pages, editing ACLs, protecting pages, and clearing logs. Committing in a hurry as a storm is coming in, hope everything is in there.
|
file |
diff |
annotate
|
2009-02-26 |
Dan |
Set password in userinfo to allow auth plugins to see it (some really do need it)
|
file |
diff |
annotate
|
2009-02-26 |
Dan |
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
|
file |
diff |
annotate
|
2009-02-16 |
Dan |
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
|
file |
diff |
annotate
|
2009-01-04 |
Dan |
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
|
file |
diff |
annotate
|
2009-01-03 |
Dan |
Added a couple of hooks for the registration form.
|
file |
diff |
annotate
|
2008-12-21 |
Dan |
Corrected a few issues with languages and client-side code
|
file |
diff |
annotate
|
2008-11-19 |
Dan |
Fixed: Special:Memberlist still used SpryEffects
|
file |
diff |
annotate
|
2008-11-15 |
Dan |
Added ability to have alternate main page for members
|
file |
diff |
annotate
|
2008-08-21 |
Dan |
Autocomplete further stabilized. Made Special:PasswordReset and Special:Register prevent use if logged in.
|
file |
diff |
annotate
|
2008-08-12 |
Dan |
Added customizable parameters for session length and the long-missing "remember me" option (or rather, the ability to turn it off and make sessions temporary)
|
file |
diff |
annotate
|
2008-08-12 |
Dan |
Rebranded as 1.1.5 (Caoineag alpha 5) and fixed a couple bugs related to CDN support in template_nodb and installerUI. Updated readme.
|
file |
diff |
annotate
|
2008-08-12 |
Dan |
A few fixes in SpecialUserFuncs: made avatars have a +30-day expiry date and made full login form show encryption blurb even when user_level > USER_LEVEL_MEMBER. Added expanding user-info blocks in memberlist (experimental).
|
file |
diff |
annotate
|
2008-07-10 |
Dan |
Added Gravatar support! And it's really configurable too.
|
file |
diff |
annotate
|
2008-07-09 |
Dan |
Got user registration working with the new componentized JS framework
|
file |
diff |
annotate
|
2008-07-07 |
Dan |
Fixed missing require() on math.php in SpecialUserFuncs
|
file |
diff |
annotate
|
2008-07-03 |
Dan |
More optimization work. Moved special page init functions to common instead of common_post hook. Allowed paths to cache page metadata on filesystem. Phased out the redundancy in $paths->pages that paired a number with every urlname as foreach loops are allowed now (and have been for some time). Fixed missing includes for several functions. Rewrote str_replace_once to be a lot more efficient.
|
file |
diff |
annotate
|
2008-06-30 |
Dan |
Made $session->private_key protected and added pk_{en,de}crypt methods for encrypting and decrypting data using the private key
|
file |
diff |
annotate
|
2008-06-30 |
Dan |
Several optimization changes including getting rid of a few eval()s. Added placeholder functions for the theme manager, which should be working now
|
file |
diff |
annotate
|
2008-06-26 |
Dan |
Made encryption work in form-based logon again; modified load_component() to fetch compressed versions when possible
|
file |
diff |
annotate
|
2008-06-15 |
Dan |
Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
|
file |
diff |
annotate
|
2008-06-07 |
Dan |
Got initial CSRF token framework implemented and sample implementation added in Special:Logout; removing Javascript compression engine from aggressive_optimize_html() and instead calling JavascriptCompressor class from js-compressor.php
|
file |
diff |
annotate
|
2008-05-16 |
Dan |
Added user preference for disabling visual effects in Javascript applets; added re-import button to installed plugins
|
file |
diff |
annotate
|
2008-05-06 |
Dan |
Added ETag support and increased caching settings to try and speed the system up. Result of a YSlow audit.
|
file |
diff |
annotate
|
2008-05-05 |
Dan |
Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
|
file |
diff |
annotate
|
2008-04-14 |
Dan |
Rebrand as 1.1.4 (Caoineag alpha 4)
|
file |
diff |
annotate
|
2008-04-09 |
Dan |
Merging nighthawk and scribus branches
|
file |
diff |
annotate
|
2008-04-09 |
Dan |
Implemented the password-reset redirect _properly_ instead of the hackish direct header() call in sessions.php
|
file |
diff |
annotate
|
2008-04-06 |
Dan |
Started work on the new plugin manager and associated management code. Very incomplete at this point and not usable.
|
file |
diff |
annotate
|
2008-04-01 |
Dan |
Fixed bad captcha refresh code on registration page
|
file |
diff |
annotate
|