mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

Move more old news to NEWS_OLD

Browse Source 
References #348
This commit is contained in:
Matthias Mees
2015-06-17 20:32:16 +02:00
parent 0d71cac44a
commit 995917db93
2 changed files with 459 additions and 460 deletions
Download Patch File Download Diff File Expand all files Collapse all files

420
docs/NEWS
View File

@ -1,5 +1,3 @@
#
Version 2.1 ()
------------------------------------------------------------------------
@ -840,422 +838,4 @@ Version 1.7 ()
that the baseURL is not overriden when configuring serendipity
with a possibly autodetected currentl URL. Patch by Manko10.
Version 1.6.2 (May 16th, 2012)
------------------------------------------------------------------------
* Fix SQL injection for comment.php used in read-context.
(Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092)
Version 1.6.1 (May 8th, 2012)
------------------------------------------------------------------------
* Improved escaping of backend plugin management for DB query
and media selector output (Stefan Schurtz)
* Updated spamblock plugin to 1.78 & 1.79 (backport)
changed wordfilter to function to check with 'verify_once'
to reject wordfilter signed spam comments before -
added in 1.79 killswitch check and serendipity_db_bool()
* fixed draft & future entries preview link in backend (backport)
* Fixed some possible errors with pdo db_begin/end_transaction()
* Fixed unneccessary preg_match notices in the statistics backend
* Fixed a possible problem where template-specific variables would
not be cleared in favor of the new global ones.
* Fixed serendipity_fetchComments producing wrong SQL code. Please
check your code if you did workarounds already and remove them.
Version 1.6 (October 27th 2011)
------------------------------------------------------------------------
* Fix XSS issue in mediadatabase and karma
filtering, thanks to Stefan Schurtz
* Fix problem with autosave plugin used in conjunction with
entryproperties (chrisbra)
* Removed browsercompatibilitty plugin because it's outdated and
IE6 shall be dead.
* Fixed Spartauc SF.Net download location (Thanks to christian_boltz)
* Added new event hook 'backend_loginfail' to track failed logins
(serendipity_event_externalauth can make use of it for fail2ban)
* Fixed a bug in synchronizing new files with the same basename
but different extensions, where files with the same mimetype
would not get added (garvinhicking)
* Show subscription status of comments in frontend and backend
* Added ability to report spam/ham to akismet (Black Warthog)
* Added localization for {$WEBLOG} in trackbacks.tpl (LazyBadger)
* Added "Options -MultiViews" to .htaccess to prevent IE9 trouble
* Karma plugin: Added option to only track votings when users are
logged in.
* Bugfix: Adjust /admin permalink detection so that it does not listen
on /adminbook for example. Thanks to Lux!
* serendipity_event_mailer now also allows to use commas instead of
spaces to seperate multiple mails. Use distinct email adresses
(Thanks to evanslee)
* Added new rewrite option for 1&1 specific servers, because a
combined htaccess for both variants could not be find. The reason
is the MultiViews option in certain apache configs.
* Fix PDO::SQLite to properly fetch the requested row type
(assoc/both/num), important for staticpage plugin
* TPL fixes for upcoming Smarty3, thanks to timbalu
* Experimental: Config-Groups for template and plugin options,
currently mimics fold in/out of global configuration.
Usage through "config_groups", examples are in config.inc.php of
bulletproof and spamblock plugin. Needs documentation.
(garvinhicking)
* Added new parameter "empty" to {serendipity_showPlugin}. When
no callable plugins were found, the string in the "empty" parameter
will be shown instead, allowing users to get notified of a missing
plugin:
{serendipity_showPlugin
class="serendipity_plugin_twitter"
empty="Twitter plugin not found!"}
* Bundle jquery by default and enable it in frontend and backend
templates; overrides serendipity_event_jquery. If your template
contains its own "jquery.js" file, the core will NOT use it.
(garvinhicking)
* Include API logic to allow the core to utilize event hooks with
internal function calls (used for jquery output, for example)
(garvinhicking)
* Allow to moderate multiple selected comments (garvinhicking)
* Allow to pass 'template' variable to serendipity_showPlugin
* Make CSS permalink pattern compatible to 1&1 servers,
thanks to lfrantzen
* PDO-SQLite patches by nth
* Fix newline before <?xml tag, thanks to deedw
* Only do '*' parameter expansion on the first page of search
results: http://board.s9y.org/viewtopic.php?f=10&t=14810
(onli, Timbalu)
* RSS feed timestamp properly calculates offset (abdussamad)
* (experimental) global theme options (garvinhicking)
Inside template's config.inc.php you can enable a global
navigation configuration feature:
$template_global_config = array('navigation' => true);
serendipity_loadGlobalThemeOptions($template_config, $template_loaded_config, $template_global_config);
More keys apart from "navigation" might get supported in the future.
* Implemented suggestion of removing boilerplate code in plugin API:
Change hack protection, introduce unified language loading, see
http://board.s9y.org/viewtopic.php?f=11&t=16921
Thanks to mt2!
* Fix karma rating plugin missing the text translation for a
specific point area
* Recent entry properties now recognizes multilingual titles
* Include referrer in comment notification email (konus)
* Added new 'fulltext' search option to sidebar plugin
http://board.s9y.org/viewtopic.php?f=4&t=16051
* Truncate suppressed referrer's query string to 255 characters
(ads)
* Fix "viewAuthor" URL detection routine if the path name of a
domain begins with a number. (garvinhicking)
* Fix SQLite substring search to use % instead of * for secondary
matches (SvOlli)
* Recent entries plugin can now fetch the associated categoryid,
when a single entry is displayed. (Garvinhicking)
* Stricter check for sqlite3 extension, only functional interface
instead of OOP currently supported (garvinhicking)
* Experimental: When sending quoted-printable notification mails,
auto-split after 75 characters.
(Ref: http://board.s9y.org/viewtopic.php?f=3&t=16314)
* To support custom PHP sessions, s9y will only issue session_start,
if no session exists yet (garvinhicking)
* Use "Longtext" instead of "text" for new installations on blog entry
body and extended body inside database tables. (garvinhicking)
* Added ability to mark authorgroups as "hidden", so that members
of such groups are excluded from common author listings.
(Ref http://board.s9y.org/viewtopic.php?f=11&t=16237)
(garvinhicking)
* Added option for SMF importer to also import tags
* Added experimental global variable $i18n_filename_utf8 that can
be set in a serendipity_config_local.inc.php or language include
file, which will return Unicode-Permalinks.
(http://board.s9y.org/viewtopic.php?f=11&t=15896)
* Added event hook backend_sendcomment for sending comments and
being able to chang via plugin API (onli)
Version 1.5.5 (December 21st, 2010)
------------------------------------------------------------------------
* Due to security issues in the bundled Xinha WYSIWYG,
disabled the PHP-based plugins (which are not utilized by
serendipity unless manually enabled), until a proper security
fix is available
Version 1.5.4 (August 26th, 2010)
------------------------------------------------------------------------
* Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595
* Fix PHP 5.3.2 parse error in a file, thanks to fyremoon
* Fix SQL query statement for deleting a category, which on some
DB types (SQlite) might not return "true" and thus not really
delete the category. (garvinhicking)
* Include license output in plugin listing (onli)
* Fix escaping when using ImageMagick to create PDF-thumbnail images
(stm9x9)
* Add new template variable to feed*.tpl files to support new
plugins like pubsubhubbub, so that plugins can embed data to the
main XML element (onli)
Version 1.5.3 (May 10th, 2010)
------------------------------------------------------------------------
* Added workaround for dynamic configuration of Xinha plugins
ExtendedFilemanager, ImageManager,
InsertSnippet and Linker plugins to avoid remote code inclusion.
(Stefan Esser)
Version 1.5.2 (January 25th, 2010)
------------------------------------------------------------------------
* Fixed SQL upgrade path for SQLite.
Version 1.5.1 (December 21st, 2009)
------------------------------------------------------------------------
* Fix bug with not showing "html" type configuration items.
Version 1.5 (December 21st, 2009)
------------------------------------------------------------------------
* Show backend comment pagination in footer and header
* Don't toggle the border of marked comments in the admin section
to 2px, to avoid padding. Thanks to hboeck!
* Added expermiantel PDO::SQLite transport, by nth
* Disallow uploading any files with ".php." in the filename
(garvinhicking)
* Prevent password autocompletion for user passwords to prevent
possible mismatch. In media manager popup, fix bug that did
not properly forward to image selection after upload (onli)
* Fix a bug in statistics output, when statistics for single-number
months is created. (Andreas Bilke)
* Always increase last_modified when an entry is saved to prevent
stale entries in RSS feeds. Thanks to Cenic
* Allow comment sidebar plugin to only show coments for entries
that are allowed to be viewed by the current visitor.
* Also use htmlspecialchars() for the Recent Entries sidebar plugin
(Anson)
* Do not send mails, if the "To:" address is empty, might happen
if authors do not have a mail account entered in their profile.
(nealk)
* Fixed Spartacus download URLs for SF.Net mirror (christian_boltz)
* Allow redirects when fetching remote images (garvinhicking)
* Allow to define sort order for search-results (garvinhicking)
* More PHP 5.3.0 compat (split(), ereg(), ereg_replace()).
* PostgreSQL compatibility for the printArchives() function to
gather only unique timestamps (cite)
-- beta1 release
* PHP 5.3.0 compatibility without E_WARNING triggers (garvinhicking)
* Added 'orderby' parameter to plugin API hooks for the serendipity
fulltext search function (garvinhicking)
* Added new event hook frontend_sidebar_plugins to iterate through
sidebar plugins and modify their output. $eventData is the array
of their data. (garvinhicking)
* Added ability to specify a custom Xinha config. Either supply
a 'my_custom.js' file inside the template directory, or if
omitted, the default htmlarea/my_custom.js is used. With this
you can overwrite the plugins and buttons of all Xinha instances.
See the mentioned default file for usage. (garvinhicking)
* Removed "static" db layer typelist to prevent accidental over-
writes of referenced return values (garvinhicking)
* Upgrade to Smarty 2.6.26
* Removed inline styles of the s9y media insertion, they will now
properly utilize CSS classes (defined in the new file
style_fallback.css). Also added support for entering "ALT/TITLE"
attributes to an <img> tag, can be used as a media property if
you add "ALT" and "TITLE" to the list of "Media properties" in the
main configuration. (garvinhicking)
* Filter entries only by authors that have written at least
one article (garvinhicking)
* Fix PDF imagemagick thumbnail generation to be properly displayed
(http://board.s9y.org/viewtopic.php?f=3&t=15446)
* Warn about non-writable "plugins" directory in installation
* Added new optional parameter for plugin config type "text": rows.
Added new optional parameter "input_type"="password" for plugin
string type configuration (brockhaus)
* pingbacks were not counted as entry trackbacks although added to
entries. (brockhaus)
* Added "exclude urls" to ip validation functionality in spam block
plugin. identi.ca is sending pingbacks but fails the ip validation!
(brockhaus)
* no longer use htmlspecialchars() on the blog's title and sub-
title, to allow for custom HTML code to appear and unify
only letting Smarty do the escaping (garvinhicking,falk)
* Plugin drag/drop now can scroll up/down/left/right when touching
the borders. Thanks to onli!
* Changed shoutbox plugin. Shoutbox input size is configurable now.
Wrong description for dateformat fixed.
(brockhaus)
* Change mail entry plugin to be able to send mails without
hyperlinks and images. (garvinhicking)
* Change uriArgument parsing routine to allow "!" in URLs.
Now we can have absolute serocracy.
* Changed image upload workflow so that the upload results/errors
are shown on top of the media library, allowing to go on
immediately (onli)
* Added new smarty variable $admin_vars.title to the admin/index.tpl
template file to customize the title (onli)
* Add new config option to base server time on UTC
(http://board.s9y.org/viewtopic.php?f=2&t=15123) (Abdussamad)
* Use a unique session name for each blog instance, so that multiple
s9y installations can live on the same domain and having their
own sessions (kleinerChemiker, DrNI)
* Livejournal importer update by Anson now supports importing
comments, see http://board.s9y.org/viewtopic.php?f=11&t=15141
* Enhance xhtml cleanup plugin to also work on <param value="..." />
tags and fix youtube html. (garvinhicking)
* Changed bookmarklet to work with Chrome, thanks to Oliver
Gassner & TextPattern :-) (garvinhicking)
* Enhanced serendipity_printEntries() logic to bypass smarty
parsing ($smarty_fetch) (garvinhicking)
* Changed karma plugin to only track GET requests as visits, not
POSTs. Thanks to Marcus Friedman
* Enhanced nl2br plugin to also use <p> tags, by onli
* Added possibility for templates to register a central function
serendipity_plugin_api_event_hook() and
serendipity_plugin_api_pre_event_hook() that can be used to
use plugin API interaction WITHOUT actual plugins. So special
plugins can be bundled within a template, without the need to
seperately install them. The "pre" function is called BEFORE
all normal plugins are executed, the normal function is called
AFTER plugin execution. (garvinhicking)
* Change javascript non-wysiwyg insertion methods to propery
return to scrollposition, patch by onli
* Enhance TrackExits plugin to also support link redirection for
future german law/access blocking :) (garvinhicking)
* Enhance quicksearch by performing a wildcard-search for the
searchterms, when less than 4 matches are found. (onli)
* Updated czech translation, by Vlada Ajgl
* Use a space instead of comma to seperate DENY rules in spamblock
plugin, patch by brielle
* Added ability to use strftime variables in the spamblock.log
filename. (kleinerchemiker)
* Added improved Blogger.com importer using the API, thanks to jaa
* Change password hashing from plain md5 to salted SHA1. Logins
should continue to work and are migrated to SHA1 keys upon
first login. MD5-logins will only work successfully once. This
mechanism will expire 6 months after the upgrade has been executed.
EXPERIMENTAL! (http://blog.s9y.org/archives/205-hash.html)
(garvinhicking)
* Allow admins to also approve comments awaiting user-confirmation
(garvinhicking)
* Fix statistics sidebar plugin to properly count weekly visitors
(garvinhicking)
* Allow javascript inside Xinha WYSIWYG textarea (garvinhicking)
* Allow anonymized submission to Typepad/Akismet to attribute
possible federal laws for data protection (garvinhicking)
(RFE #2517320)
* Change antispam plugin to also support Typepad as an alternative
to Akismet. (judebert)
(Older NEWS see file NEWS_OLD)