From 995917db93838a04b014b0d345b4d926de5774aa Mon Sep 17 00:00:00 2001 From: Matthias Mees Date: Wed, 17 Jun 2015 20:32:16 +0200 Subject: [PATCH] Move more old news to NEWS_OLD References #348 --- docs/NEWS | 420 ------------------------------------------ docs/NEWS_OLD | 499 ++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 459 insertions(+), 460 deletions(-) diff --git a/docs/NEWS b/docs/NEWS index c6b746ea..61500f03 100644 --- a/docs/NEWS +++ b/docs/NEWS @@ -1,5 +1,3 @@ -# - Version 2.1 () ------------------------------------------------------------------------ @@ -840,422 +838,4 @@ Version 1.7 () that the baseURL is not overriden when configuring serendipity with a possibly autodetected currentl URL. Patch by Manko10. -Version 1.6.2 (May 16th, 2012) ------------------------------------------------------------------------- - - * Fix SQL injection for comment.php used in read-context. - (Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092) - -Version 1.6.1 (May 8th, 2012) ------------------------------------------------------------------------- - - * Improved escaping of backend plugin management for DB query - and media selector output (Stefan Schurtz) - - * Updated spamblock plugin to 1.78 & 1.79 (backport) - changed wordfilter to function to check with 'verify_once' - to reject wordfilter signed spam comments before - - added in 1.79 killswitch check and serendipity_db_bool() - - * fixed draft & future entries preview link in backend (backport) - - * Fixed some possible errors with pdo db_begin/end_transaction() - - * Fixed unneccessary preg_match notices in the statistics backend - - * Fixed a possible problem where template-specific variables would - not be cleared in favor of the new global ones. - - * Fixed serendipity_fetchComments producing wrong SQL code. Please - check your code if you did workarounds already and remove them. - -Version 1.6 (October 27th 2011) ------------------------------------------------------------------------- - - * Fix XSS issue in mediadatabase and karma - filtering, thanks to Stefan Schurtz - - * Fix problem with autosave plugin used in conjunction with - entryproperties (chrisbra) - - * Removed browsercompatibilitty plugin because it's outdated and - IE6 shall be dead. - - * Fixed Spartauc SF.Net download location (Thanks to christian_boltz) - - * Added new event hook 'backend_loginfail' to track failed logins - (serendipity_event_externalauth can make use of it for fail2ban) - - * Fixed a bug in synchronizing new files with the same basename - but different extensions, where files with the same mimetype - would not get added (garvinhicking) - - * Show subscription status of comments in frontend and backend - - * Added ability to report spam/ham to akismet (Black Warthog) - - * Added localization for {$WEBLOG} in trackbacks.tpl (LazyBadger) - - * Added "Options -MultiViews" to .htaccess to prevent IE9 trouble - - * Karma plugin: Added option to only track votings when users are - logged in. - - * Bugfix: Adjust /admin permalink detection so that it does not listen - on /adminbook for example. Thanks to Lux! - - * serendipity_event_mailer now also allows to use commas instead of - spaces to seperate multiple mails. Use distinct email adresses - (Thanks to evanslee) - - * Added new rewrite option for 1&1 specific servers, because a - combined htaccess for both variants could not be find. The reason - is the MultiViews option in certain apache configs. - - * Fix PDO::SQLite to properly fetch the requested row type - (assoc/both/num), important for staticpage plugin - - * TPL fixes for upcoming Smarty3, thanks to timbalu - - * Experimental: Config-Groups for template and plugin options, - currently mimics fold in/out of global configuration. - Usage through "config_groups", examples are in config.inc.php of - bulletproof and spamblock plugin. Needs documentation. - (garvinhicking) - - * Added new parameter "empty" to {serendipity_showPlugin}. When - no callable plugins were found, the string in the "empty" parameter - will be shown instead, allowing users to get notified of a missing - plugin: - - {serendipity_showPlugin - class="serendipity_plugin_twitter" - empty="Twitter plugin not found!"} - - * Bundle jquery by default and enable it in frontend and backend - templates; overrides serendipity_event_jquery. If your template - contains its own "jquery.js" file, the core will NOT use it. - (garvinhicking) - - * Include API logic to allow the core to utilize event hooks with - internal function calls (used for jquery output, for example) - (garvinhicking) - - * Allow to moderate multiple selected comments (garvinhicking) - - * Allow to pass 'template' variable to serendipity_showPlugin - - * Make CSS permalink pattern compatible to 1&1 servers, - thanks to lfrantzen - - * PDO-SQLite patches by nth - - * Fix newline before true); - serendipity_loadGlobalThemeOptions($template_config, $template_loaded_config, $template_global_config); - - More keys apart from "navigation" might get supported in the future. - - - * Implemented suggestion of removing boilerplate code in plugin API: - Change hack protection, introduce unified language loading, see - http://board.s9y.org/viewtopic.php?f=11&t=16921 - Thanks to mt2! - - * Fix karma rating plugin missing the text translation for a - specific point area - - * Recent entry properties now recognizes multilingual titles - - * Include referrer in comment notification email (konus) - - * Added new 'fulltext' search option to sidebar plugin - http://board.s9y.org/viewtopic.php?f=4&t=16051 - - * Truncate suppressed referrer's query string to 255 characters - (ads) - - * Fix "viewAuthor" URL detection routine if the path name of a - domain begins with a number. (garvinhicking) - - * Fix SQLite substring search to use % instead of * for secondary - matches (SvOlli) - - * Recent entries plugin can now fetch the associated categoryid, - when a single entry is displayed. (Garvinhicking) - - * Stricter check for sqlite3 extension, only functional interface - instead of OOP currently supported (garvinhicking) - - * Experimental: When sending quoted-printable notification mails, - auto-split after 75 characters. - (Ref: http://board.s9y.org/viewtopic.php?f=3&t=16314) - - * To support custom PHP sessions, s9y will only issue session_start, - if no session exists yet (garvinhicking) - - * Use "Longtext" instead of "text" for new installations on blog entry - body and extended body inside database tables. (garvinhicking) - - * Added ability to mark authorgroups as "hidden", so that members - of such groups are excluded from common author listings. - (Ref http://board.s9y.org/viewtopic.php?f=11&t=16237) - (garvinhicking) - - * Added option for SMF importer to also import tags - - * Added experimental global variable $i18n_filename_utf8 that can - be set in a serendipity_config_local.inc.php or language include - file, which will return Unicode-Permalinks. - (http://board.s9y.org/viewtopic.php?f=11&t=15896) - - * Added event hook backend_sendcomment for sending comments and - being able to chang via plugin API (onli) - -Version 1.5.5 (December 21st, 2010) ------------------------------------------------------------------------- - - * Due to security issues in the bundled Xinha WYSIWYG, - disabled the PHP-based plugins (which are not utilized by - serendipity unless manually enabled), until a proper security - fix is available - -Version 1.5.4 (August 26th, 2010) ------------------------------------------------------------------------- - - * Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595 - - * Fix PHP 5.3.2 parse error in a file, thanks to fyremoon - - * Fix SQL query statement for deleting a category, which on some - DB types (SQlite) might not return "true" and thus not really - delete the category. (garvinhicking) - - * Include license output in plugin listing (onli) - - * Fix escaping when using ImageMagick to create PDF-thumbnail images - (stm9x9) - - * Add new template variable to feed*.tpl files to support new - plugins like pubsubhubbub, so that plugins can embed data to the - main XML element (onli) - -Version 1.5.3 (May 10th, 2010) ------------------------------------------------------------------------- - - * Added workaround for dynamic configuration of Xinha plugins - ExtendedFilemanager, ImageManager, - InsertSnippet and Linker plugins to avoid remote code inclusion. - (Stefan Esser) - -Version 1.5.2 (January 25th, 2010) ------------------------------------------------------------------------- - - * Fixed SQL upgrade path for SQLite. - -Version 1.5.1 (December 21st, 2009) ------------------------------------------------------------------------- - - * Fix bug with not showing "html" type configuration items. - -Version 1.5 (December 21st, 2009) ------------------------------------------------------------------------- - - * Show backend comment pagination in footer and header - - * Don't toggle the border of marked comments in the admin section - to 2px, to avoid padding. Thanks to hboeck! - - * Added expermiantel PDO::SQLite transport, by nth - - * Disallow uploading any files with ".php." in the filename - (garvinhicking) - - * Prevent password autocompletion for user passwords to prevent - possible mismatch. In media manager popup, fix bug that did - not properly forward to image selection after upload (onli) - - * Fix a bug in statistics output, when statistics for single-number - months is created. (Andreas Bilke) - - * Always increase last_modified when an entry is saved to prevent - stale entries in RSS feeds. Thanks to Cenic - - * Allow comment sidebar plugin to only show coments for entries - that are allowed to be viewed by the current visitor. - - * Also use htmlspecialchars() for the Recent Entries sidebar plugin - (Anson) - - * Do not send mails, if the "To:" address is empty, might happen - if authors do not have a mail account entered in their profile. - (nealk) - - * Fixed Spartacus download URLs for SF.Net mirror (christian_boltz) - - * Allow redirects when fetching remote images (garvinhicking) - - * Allow to define sort order for search-results (garvinhicking) - - * More PHP 5.3.0 compat (split(), ereg(), ereg_replace()). - - * PostgreSQL compatibility for the printArchives() function to - gather only unique timestamps (cite) - - -- beta1 release - - * PHP 5.3.0 compatibility without E_WARNING triggers (garvinhicking) - - * Added 'orderby' parameter to plugin API hooks for the serendipity - fulltext search function (garvinhicking) - - * Added new event hook frontend_sidebar_plugins to iterate through - sidebar plugins and modify their output. $eventData is the array - of their data. (garvinhicking) - - * Added ability to specify a custom Xinha config. Either supply - a 'my_custom.js' file inside the template directory, or if - omitted, the default htmlarea/my_custom.js is used. With this - you can overwrite the plugins and buttons of all Xinha instances. - See the mentioned default file for usage. (garvinhicking) - - * Removed "static" db layer typelist to prevent accidental over- - writes of referenced return values (garvinhicking) - - * Upgrade to Smarty 2.6.26 - - * Removed inline styles of the s9y media insertion, they will now - properly utilize CSS classes (defined in the new file - style_fallback.css). Also added support for entering "ALT/TITLE" - attributes to an tag, can be used as a media property if - you add "ALT" and "TITLE" to the list of "Media properties" in the - main configuration. (garvinhicking) - - * Filter entries only by authors that have written at least - one article (garvinhicking) - - * Fix PDF imagemagick thumbnail generation to be properly displayed - (http://board.s9y.org/viewtopic.php?f=3&t=15446) - - * Warn about non-writable "plugins" directory in installation - - * Added new optional parameter for plugin config type "text": rows. - Added new optional parameter "input_type"="password" for plugin - string type configuration (brockhaus) - - * pingbacks were not counted as entry trackbacks although added to - entries. (brockhaus) - - * Added "exclude urls" to ip validation functionality in spam block - plugin. identi.ca is sending pingbacks but fails the ip validation! - (brockhaus) - - * no longer use htmlspecialchars() on the blog's title and sub- - title, to allow for custom HTML code to appear and unify - only letting Smarty do the escaping (garvinhicking,falk) - - * Plugin drag/drop now can scroll up/down/left/right when touching - the borders. Thanks to onli! - - * Changed shoutbox plugin. Shoutbox input size is configurable now. - Wrong description for dateformat fixed. - (brockhaus) - - * Change mail entry plugin to be able to send mails without - hyperlinks and images. (garvinhicking) - - * Change uriArgument parsing routine to allow "!" in URLs. - Now we can have absolute serocracy. - - * Changed image upload workflow so that the upload results/errors - are shown on top of the media library, allowing to go on - immediately (onli) - - * Added new smarty variable $admin_vars.title to the admin/index.tpl - template file to customize the title (onli) - - * Add new config option to base server time on UTC - (http://board.s9y.org/viewtopic.php?f=2&t=15123) (Abdussamad) - - * Use a unique session name for each blog instance, so that multiple - s9y installations can live on the same domain and having their - own sessions (kleinerChemiker, DrNI) - - * Livejournal importer update by Anson now supports importing - comments, see http://board.s9y.org/viewtopic.php?f=11&t=15141 - - * Enhance xhtml cleanup plugin to also work on - tags and fix youtube html. (garvinhicking) - - * Changed bookmarklet to work with Chrome, thanks to Oliver - Gassner & TextPattern :-) (garvinhicking) - - * Enhanced serendipity_printEntries() logic to bypass smarty - parsing ($smarty_fetch) (garvinhicking) - - * Changed karma plugin to only track GET requests as visits, not - POSTs. Thanks to Marcus Friedman - - * Enhanced nl2br plugin to also use

tags, by onli - - * Added possibility for templates to register a central function - serendipity_plugin_api_event_hook() and - serendipity_plugin_api_pre_event_hook() that can be used to - use plugin API interaction WITHOUT actual plugins. So special - plugins can be bundled within a template, without the need to - seperately install them. The "pre" function is called BEFORE - all normal plugins are executed, the normal function is called - AFTER plugin execution. (garvinhicking) - - * Change javascript non-wysiwyg insertion methods to propery - return to scrollposition, patch by onli - - * Enhance TrackExits plugin to also support link redirection for - future german law/access blocking :) (garvinhicking) - - * Enhance quicksearch by performing a wildcard-search for the - searchterms, when less than 4 matches are found. (onli) - - * Updated czech translation, by Vlada Ajgl - - * Use a space instead of comma to seperate DENY rules in spamblock - plugin, patch by brielle - - * Added ability to use strftime variables in the spamblock.log - filename. (kleinerchemiker) - - * Added improved Blogger.com importer using the API, thanks to jaa - - * Change password hashing from plain md5 to salted SHA1. Logins - should continue to work and are migrated to SHA1 keys upon - first login. MD5-logins will only work successfully once. This - mechanism will expire 6 months after the upgrade has been executed. - EXPERIMENTAL! (http://blog.s9y.org/archives/205-hash.html) - (garvinhicking) - - * Allow admins to also approve comments awaiting user-confirmation - (garvinhicking) - - * Fix statistics sidebar plugin to properly count weekly visitors - (garvinhicking) - - * Allow javascript inside Xinha WYSIWYG textarea (garvinhicking) - - * Allow anonymized submission to Typepad/Akismet to attribute - possible federal laws for data protection (garvinhicking) - (RFE #2517320) - - * Change antispam plugin to also support Typepad as an alternative - to Akismet. (judebert) (Older NEWS see file NEWS_OLD) diff --git a/docs/NEWS_OLD b/docs/NEWS_OLD index 50338288..72e2c6b9 100644 --- a/docs/NEWS_OLD +++ b/docs/NEWS_OLD @@ -1,5 +1,424 @@ (The latest changes are documented in the NEWS-file) +Version 1.6.2 (May 16th, 2012) +------------------------------------------------------------------------ + + * Fix SQL injection for comment.php used in read-context. + (Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092) + +Version 1.6.1 (May 8th, 2012) +------------------------------------------------------------------------ + + * Improved escaping of backend plugin management for DB query + and media selector output (Stefan Schurtz) + + * Updated spamblock plugin to 1.78 & 1.79 (backport) + changed wordfilter to function to check with 'verify_once' + to reject wordfilter signed spam comments before - + added in 1.79 killswitch check and serendipity_db_bool() + + * fixed draft & future entries preview link in backend (backport) + + * Fixed some possible errors with pdo db_begin/end_transaction() + + * Fixed unneccessary preg_match notices in the statistics backend + + * Fixed a possible problem where template-specific variables would + not be cleared in favor of the new global ones. + + * Fixed serendipity_fetchComments producing wrong SQL code. Please + check your code if you did workarounds already and remove them. + +Version 1.6 (October 27th 2011) +------------------------------------------------------------------------ + + * Fix XSS issue in mediadatabase and karma + filtering, thanks to Stefan Schurtz + + * Fix problem with autosave plugin used in conjunction with + entryproperties (chrisbra) + + * Removed browsercompatibilitty plugin because it's outdated and + IE6 shall be dead. + + * Fixed Spartauc SF.Net download location (Thanks to christian_boltz) + + * Added new event hook 'backend_loginfail' to track failed logins + (serendipity_event_externalauth can make use of it for fail2ban) + + * Fixed a bug in synchronizing new files with the same basename + but different extensions, where files with the same mimetype + would not get added (garvinhicking) + + * Show subscription status of comments in frontend and backend + + * Added ability to report spam/ham to akismet (Black Warthog) + + * Added localization for {$WEBLOG} in trackbacks.tpl (LazyBadger) + + * Added "Options -MultiViews" to .htaccess to prevent IE9 trouble + + * Karma plugin: Added option to only track votings when users are + logged in. + + * Bugfix: Adjust /admin permalink detection so that it does not listen + on /adminbook for example. Thanks to Lux! + + * serendipity_event_mailer now also allows to use commas instead of + spaces to seperate multiple mails. Use distinct email adresses + (Thanks to evanslee) + + * Added new rewrite option for 1&1 specific servers, because a + combined htaccess for both variants could not be find. The reason + is the MultiViews option in certain apache configs. + + * Fix PDO::SQLite to properly fetch the requested row type + (assoc/both/num), important for staticpage plugin + + * TPL fixes for upcoming Smarty3, thanks to timbalu + + * Experimental: Config-Groups for template and plugin options, + currently mimics fold in/out of global configuration. + Usage through "config_groups", examples are in config.inc.php of + bulletproof and spamblock plugin. Needs documentation. + (garvinhicking) + + * Added new parameter "empty" to {serendipity_showPlugin}. When + no callable plugins were found, the string in the "empty" parameter + will be shown instead, allowing users to get notified of a missing + plugin: + + {serendipity_showPlugin + class="serendipity_plugin_twitter" + empty="Twitter plugin not found!"} + + * Bundle jquery by default and enable it in frontend and backend + templates; overrides serendipity_event_jquery. If your template + contains its own "jquery.js" file, the core will NOT use it. + (garvinhicking) + + * Include API logic to allow the core to utilize event hooks with + internal function calls (used for jquery output, for example) + (garvinhicking) + + * Allow to moderate multiple selected comments (garvinhicking) + + * Allow to pass 'template' variable to serendipity_showPlugin + + * Make CSS permalink pattern compatible to 1&1 servers, + thanks to lfrantzen + + * PDO-SQLite patches by nth + + * Fix newline before true); + serendipity_loadGlobalThemeOptions($template_config, $template_loaded_config, $template_global_config); + + More keys apart from "navigation" might get supported in the future. + + + * Implemented suggestion of removing boilerplate code in plugin API: + Change hack protection, introduce unified language loading, see + http://board.s9y.org/viewtopic.php?f=11&t=16921 + Thanks to mt2! + + * Fix karma rating plugin missing the text translation for a + specific point area + + * Recent entry properties now recognizes multilingual titles + + * Include referrer in comment notification email (konus) + + * Added new 'fulltext' search option to sidebar plugin + http://board.s9y.org/viewtopic.php?f=4&t=16051 + + * Truncate suppressed referrer's query string to 255 characters + (ads) + + * Fix "viewAuthor" URL detection routine if the path name of a + domain begins with a number. (garvinhicking) + + * Fix SQLite substring search to use % instead of * for secondary + matches (SvOlli) + + * Recent entries plugin can now fetch the associated categoryid, + when a single entry is displayed. (Garvinhicking) + + * Stricter check for sqlite3 extension, only functional interface + instead of OOP currently supported (garvinhicking) + + * Experimental: When sending quoted-printable notification mails, + auto-split after 75 characters. + (Ref: http://board.s9y.org/viewtopic.php?f=3&t=16314) + + * To support custom PHP sessions, s9y will only issue session_start, + if no session exists yet (garvinhicking) + + * Use "Longtext" instead of "text" for new installations on blog entry + body and extended body inside database tables. (garvinhicking) + + * Added ability to mark authorgroups as "hidden", so that members + of such groups are excluded from common author listings. + (Ref http://board.s9y.org/viewtopic.php?f=11&t=16237) + (garvinhicking) + + * Added option for SMF importer to also import tags + + * Added experimental global variable $i18n_filename_utf8 that can + be set in a serendipity_config_local.inc.php or language include + file, which will return Unicode-Permalinks. + (http://board.s9y.org/viewtopic.php?f=11&t=15896) + + * Added event hook backend_sendcomment for sending comments and + being able to chang via plugin API (onli) + +Version 1.5.5 (December 21st, 2010) +------------------------------------------------------------------------ + + * Due to security issues in the bundled Xinha WYSIWYG, + disabled the PHP-based plugins (which are not utilized by + serendipity unless manually enabled), until a proper security + fix is available + +Version 1.5.4 (August 26th, 2010) +------------------------------------------------------------------------ + + * Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595 + + * Fix PHP 5.3.2 parse error in a file, thanks to fyremoon + + * Fix SQL query statement for deleting a category, which on some + DB types (SQlite) might not return "true" and thus not really + delete the category. (garvinhicking) + + * Include license output in plugin listing (onli) + + * Fix escaping when using ImageMagick to create PDF-thumbnail images + (stm9x9) + + * Add new template variable to feed*.tpl files to support new + plugins like pubsubhubbub, so that plugins can embed data to the + main XML element (onli) + +Version 1.5.3 (May 10th, 2010) +------------------------------------------------------------------------ + + * Added workaround for dynamic configuration of Xinha plugins + ExtendedFilemanager, ImageManager, + InsertSnippet and Linker plugins to avoid remote code inclusion. + (Stefan Esser) + +Version 1.5.2 (January 25th, 2010) +------------------------------------------------------------------------ + + * Fixed SQL upgrade path for SQLite. + +Version 1.5.1 (December 21st, 2009) +------------------------------------------------------------------------ + + * Fix bug with not showing "html" type configuration items. + +Version 1.5 (December 21st, 2009) +------------------------------------------------------------------------ + + * Show backend comment pagination in footer and header + + * Don't toggle the border of marked comments in the admin section + to 2px, to avoid padding. Thanks to hboeck! + + * Added expermiantel PDO::SQLite transport, by nth + + * Disallow uploading any files with ".php." in the filename + (garvinhicking) + + * Prevent password autocompletion for user passwords to prevent + possible mismatch. In media manager popup, fix bug that did + not properly forward to image selection after upload (onli) + + * Fix a bug in statistics output, when statistics for single-number + months is created. (Andreas Bilke) + + * Always increase last_modified when an entry is saved to prevent + stale entries in RSS feeds. Thanks to Cenic + + * Allow comment sidebar plugin to only show coments for entries + that are allowed to be viewed by the current visitor. + + * Also use htmlspecialchars() for the Recent Entries sidebar plugin + (Anson) + + * Do not send mails, if the "To:" address is empty, might happen + if authors do not have a mail account entered in their profile. + (nealk) + + * Fixed Spartacus download URLs for SF.Net mirror (christian_boltz) + + * Allow redirects when fetching remote images (garvinhicking) + + * Allow to define sort order for search-results (garvinhicking) + + * More PHP 5.3.0 compat (split(), ereg(), ereg_replace()). + + * PostgreSQL compatibility for the printArchives() function to + gather only unique timestamps (cite) + + -- beta1 release + + * PHP 5.3.0 compatibility without E_WARNING triggers (garvinhicking) + + * Added 'orderby' parameter to plugin API hooks for the serendipity + fulltext search function (garvinhicking) + + * Added new event hook frontend_sidebar_plugins to iterate through + sidebar plugins and modify their output. $eventData is the array + of their data. (garvinhicking) + + * Added ability to specify a custom Xinha config. Either supply + a 'my_custom.js' file inside the template directory, or if + omitted, the default htmlarea/my_custom.js is used. With this + you can overwrite the plugins and buttons of all Xinha instances. + See the mentioned default file for usage. (garvinhicking) + + * Removed "static" db layer typelist to prevent accidental over- + writes of referenced return values (garvinhicking) + + * Upgrade to Smarty 2.6.26 + + * Removed inline styles of the s9y media insertion, they will now + properly utilize CSS classes (defined in the new file + style_fallback.css). Also added support for entering "ALT/TITLE" + attributes to an tag, can be used as a media property if + you add "ALT" and "TITLE" to the list of "Media properties" in the + main configuration. (garvinhicking) + + * Filter entries only by authors that have written at least + one article (garvinhicking) + + * Fix PDF imagemagick thumbnail generation to be properly displayed + (http://board.s9y.org/viewtopic.php?f=3&t=15446) + + * Warn about non-writable "plugins" directory in installation + + * Added new optional parameter for plugin config type "text": rows. + Added new optional parameter "input_type"="password" for plugin + string type configuration (brockhaus) + + * pingbacks were not counted as entry trackbacks although added to + entries. (brockhaus) + + * Added "exclude urls" to ip validation functionality in spam block + plugin. identi.ca is sending pingbacks but fails the ip validation! + (brockhaus) + + * no longer use htmlspecialchars() on the blog's title and sub- + title, to allow for custom HTML code to appear and unify + only letting Smarty do the escaping (garvinhicking,falk) + + * Plugin drag/drop now can scroll up/down/left/right when touching + the borders. Thanks to onli! + + * Changed shoutbox plugin. Shoutbox input size is configurable now. + Wrong description for dateformat fixed. + (brockhaus) + + * Change mail entry plugin to be able to send mails without + hyperlinks and images. (garvinhicking) + + * Change uriArgument parsing routine to allow "!" in URLs. + Now we can have absolute serocracy. + + * Changed image upload workflow so that the upload results/errors + are shown on top of the media library, allowing to go on + immediately (onli) + + * Added new smarty variable $admin_vars.title to the admin/index.tpl + template file to customize the title (onli) + + * Add new config option to base server time on UTC + (http://board.s9y.org/viewtopic.php?f=2&t=15123) (Abdussamad) + + * Use a unique session name for each blog instance, so that multiple + s9y installations can live on the same domain and having their + own sessions (kleinerChemiker, DrNI) + + * Livejournal importer update by Anson now supports importing + comments, see http://board.s9y.org/viewtopic.php?f=11&t=15141 + + * Enhance xhtml cleanup plugin to also work on + tags and fix youtube html. (garvinhicking) + + * Changed bookmarklet to work with Chrome, thanks to Oliver + Gassner & TextPattern :-) (garvinhicking) + + * Enhanced serendipity_printEntries() logic to bypass smarty + parsing ($smarty_fetch) (garvinhicking) + + * Changed karma plugin to only track GET requests as visits, not + POSTs. Thanks to Marcus Friedman + + * Enhanced nl2br plugin to also use

tags, by onli + + * Added possibility for templates to register a central function + serendipity_plugin_api_event_hook() and + serendipity_plugin_api_pre_event_hook() that can be used to + use plugin API interaction WITHOUT actual plugins. So special + plugins can be bundled within a template, without the need to + seperately install them. The "pre" function is called BEFORE + all normal plugins are executed, the normal function is called + AFTER plugin execution. (garvinhicking) + + * Change javascript non-wysiwyg insertion methods to propery + return to scrollposition, patch by onli + + * Enhance TrackExits plugin to also support link redirection for + future german law/access blocking :) (garvinhicking) + + * Enhance quicksearch by performing a wildcard-search for the + searchterms, when less than 4 matches are found. (onli) + + * Updated czech translation, by Vlada Ajgl + + * Use a space instead of comma to seperate DENY rules in spamblock + plugin, patch by brielle + + * Added ability to use strftime variables in the spamblock.log + filename. (kleinerchemiker) + + * Added improved Blogger.com importer using the API, thanks to jaa + + * Change password hashing from plain md5 to salted SHA1. Logins + should continue to work and are migrated to SHA1 keys upon + first login. MD5-logins will only work successfully once. This + mechanism will expire 6 months after the upgrade has been executed. + EXPERIMENTAL! (http://blog.s9y.org/archives/205-hash.html) + (garvinhicking) + + * Allow admins to also approve comments awaiting user-confirmation + (garvinhicking) + + * Fix statistics sidebar plugin to properly count weekly visitors + (garvinhicking) + + * Allow javascript inside Xinha WYSIWYG textarea (garvinhicking) + + * Allow anonymized submission to Typepad/Akismet to attribute + possible federal laws for data protection (garvinhicking) + (RFE #2517320) + + * Change antispam plugin to also support Typepad as an alternative + to Akismet. (judebert) + Version 1.4.2 () ------------------------------------------------------------------------ @@ -17,10 +436,10 @@ Version 1.4.1 (January 16th, 2009) * Fix missing index key creation for statistics tables in the statistics plugin (isotopp) - + * Change "Allow duplicate content" in spamblock plugin to not operate on (empty) pingbacks (garvinhicking) - + * Upgrade to Smarty 2.6.22 to fix a PCRE bug * Remove warning message when checking for plugin documentation files @@ -76,9 +495,9 @@ Version 1.4 (December 29th 2008) All three possible links are shown on the Serendipity interface when configuring or installing a plugin. - + (garvinhicking) - + * Fix not properly counting trackbacks or resetting comment/tb counter when editing an entry [1.4-beta2] (garvinhicking) @@ -112,7 +531,7 @@ Version 1.4 (December 29th 2008) via email ("once" or "always" as options). * Replace htmlarea with XINHA. Thanks to abdussamad! - (Experimental! Needs testing on shared installations. Might + (Experimental! Needs testing on shared installations. Might need browser cache refresh!) * Add link to preview entries by an author into the usermanagement @@ -140,7 +559,7 @@ Version 1.4 (December 29th 2008) panel for "Advanced Options". (garvinhicking) * Propagate a 'article_count' smarty variable for each category - in the category sidebar plugin, when article counting is + in the category sidebar plugin, when article counting is enabled. (garvinhicking) * Trackbacks are no longer sent when an entry shall be published @@ -154,17 +573,17 @@ Version 1.4 (December 29th 2008) * Do not show title of entries marked as public/private when viewed without permissions. Patch thanks to Anthem - + * Make cookie deletion routine use the same host like cookie insertion, thanks to JPhilip - * Added optional token insertion for comment notification + * Added optional token insertion for comment notification (moderation) e-mails, which you can click without the need for authentication. This is a convenience feature, note that if someone can access your mails, he does not need to authenticate for deleting/approving a comment with the contained link. (Rob A) - + * Fix showing wrong metadata (00:00:00" for uploaded metadata. (garvinhicking) @@ -179,19 +598,19 @@ Version 1.4 (December 29th 2008) (garvinhicking) * Fix bug in category sidebar plugin, which showed categories that - should have been hidden when the option "Hide parents of + should have been hidden when the option "Hide parents of selected sub-tree" was selected and Smarty templating was enabled. (garvinhicking) * Change option to allow subscriptions to comments so that fulltext comments can be mailed to subscribers. (garvinhicking) - + * Default .htaccess now contains a conditional rewrite pattern for fallback *.html generation. Thanks to absynth. (TODO: Regenerate .htaccess on update, maybe make this condition optional) - + * Update to Spartacus to support custom mirrors (garvinhicking) * Added possibility to access more SQL query parts of fetchEntries @@ -207,8 +626,8 @@ Version 1.4 (December 29th 2008) * Added file checksums to be able to verify integral structure of a s9y release (judebert) - - * Use semantically better HTML output by sidebar plugins + + * Use semantically better HTML output by sidebar plugins (ordererd lists, less
s, ...) (YellowLED) * Add new configuration option to allow rescaling thumbnails @@ -216,7 +635,7 @@ Version 1.4 (December 29th 2008) * Allow to override $serendipity['languages'] array, do not issue s9y version number in RSS feed if 'expose_s9y' is disabled. - + * Add new config option to entryproperties plugin to not use extensive joins to save performance in cases where no ACLs need to be evaluated. (garvinhicking) @@ -228,22 +647,22 @@ Version 1.3.1 () hypothetical application :) (Hanno B�ck) * Add {serendipity_getImageSize} smarty function (judebert) - + * Add escaping to "Top Referrers" plugin and honor local configuration of "Show links" option, thanks to Hanno B�ck - + * Fix some PostgreSQL implicit casts for SQL queries (changed LIKE to =). (Devrim G�nd�z) Version 1.3 (March 18th, 2008) ------------------------------------------------------------------------ - * Fix possible XSS injection for published trackbacks, thanks to + * Fix possible XSS injection for published trackbacks, thanks to Peter H�we! * Added "Google Reader" option to syndication plugin, by Adam Charnock - + * Updated recent_entries plugin to show/hide on overview, detailed entry, or all pages (don chambers). @@ -251,9 +670,9 @@ Version 1.3 (March 18th, 2008) (roti) * Updated hungarian language - + * Allow to submit comments to future entries, when showing - future entries is enabled (garvinhicking) + future entries is enabled (garvinhicking) Version 1.3-beta1 (February 25th, 2008) ------------------------------------------------------------------------ @@ -281,7 +700,7 @@ Version 1.3-beta1 (February 25th, 2008) * Added czech translation to bulletproof templates and bundled plugins, by Vlada Ajgl - * Sidebar plugin comments: URLs of writers now are shown for all + * Sidebar plugin comments: URLs of writers now are shown for all entries not only for trackbacks. You may configure if they should be shown for all, none, normal writers or trackback/pingbacks. (brockhaus) @@ -290,8 +709,8 @@ Version 1.3-beta1 (February 25th, 2008) to characters. (brockhaus) * For Pingback it is now possible to define the maximum amount of - characters while fetching text of the remote site. Add - $serendipity['pingbackFetchPageMaxLength'] = 200 to your + characters while fetching text of the remote site. Add + $serendipity['pingbackFetchPageMaxLength'] = 200 to your serendipity_config_local.php. (brockhaus) * Add ability to set comments as "pending" again, even when already @@ -305,7 +724,7 @@ Version 1.3-beta1 (February 25th, 2008) * Fix displaying entry title in the backend section exactly like in the frontend, thanks to Alex (garvinhicking) - * Added hooks to trackback listing in order to let plugins change + * Added hooks to trackback listing in order to let plugins change it (the avatar plugin in example) (brockhaus) * Add more verbose CSS classes to remote RSS sidebar plugin, also @@ -316,7 +735,7 @@ Version 1.3-beta1 (February 25th, 2008) * Make browser compatibility plugin bail out for IE7. Thanks to Freudi from the forums. - + * Add possibility to spartacus to upload files via FTP. This can bypass Safe_mode restrictions on your server to make Spartacus work for you. (VladaAjgl) @@ -327,7 +746,7 @@ Version 1.3-beta1 (February 25th, 2008) * Allow the "send mail" plugin to send mails to all registered authors (garvinhicking) - * New spam blocking method for trackbacks: ip validation. The + * New spam blocking method for trackbacks: ip validation. The senders ip is compared with the ip of the host, the trackback is set to. If they don't match, the trackback is rejected/moderated. This should reject most of the trackback spam bots. (brockhaus) @@ -358,10 +777,10 @@ Version 1.3-beta1 (February 25th, 2008) (brockhaus) * Patch popup-HTML-code insertion javascript to better inter- - operate with tinymce, xinha or fckeditor. Thanks to + operate with tinymce, xinha or fckeditor. Thanks to Assen Tchorbadjiev. - * Add experimental DB layer for "SQLRelay" database proxy extension, + * Add experimental DB layer for "SQLRelay" database proxy extension, by Dante Mason * On the fly update of the media database: Not only images are added @@ -397,12 +816,12 @@ Version 1.2.1 (December 8th, 2007) * Fix proper encoding of '%' sign when used in post titles (garvinhicking) - + * Encode RSS feed links, Patch by Hanno Boeck * Fix spartacus filter listing showing event plugin groups in the sidebar listing. - + * Patch PEAR.php for better detection, if already included. Thanks to Assen Tchorbadjiev. @@ -410,17 +829,17 @@ Version 1.2.1 (December 8th, 2007) criteria. (Don Chambers) * Fix PHP notice about session_start() - + * Bulletproof template can now include custom user stylesheets (*_style.css) in the dropdown of a colorset. (garvinhicking) - + Version 1.2 (August 26th, 2007) ------------------------------------------------------------------------ * Added bulletproof template by http://s9y-bulletproof.com * (beta4) Fix comment-RSS feeds - + * (beta4) serendipity_plugin_comments now also supports Favatars and Pavatars in combination with serendipity_event_gravatar instead of Gravatars only. (brockhaus) @@ -428,21 +847,21 @@ Version 1.2 (August 26th, 2007) * (beta4) Fix wrong event hook for entry manager to display toolbar for the main body area. - * (beta4) Stronger autologin cookie encryption, prevent mixup with - template options (which could make foreign users delete your + * (beta4) Stronger autologin cookie encryption, prevent mixup with + template options (which could make foreign users delete your configured template option keys). Also use new serendpity_db_implode() - function for a safer API on image handling. + function for a safer API on image handling. All hail Stefan Esser. :) * (beta4) Backend templating changes to insert more classes to input fields etc (Don Chambers) * (beta4) Fix invalid pingback XML code, by Slim - - * (beta2) Fix when saving personal configuration the userlevel and + + * (beta2) Fix when saving personal configuration the userlevel and "no_create" flags where not properly saved, thanks to PHPaws! (garvinhicking) - + * When a category or entry does not exist, emit HTTP 404 message template instead of "No entries to print" and HTTP 200 status. (garvinhicking)