Geeklog History/Changes: Jun 28, 2009 (1.6.0rc1) ------------ Geeklog 1.6.0 incorporates the following projects implemented during the 2008 Google Summer of Code: + Site migration support and easier plugin installation, by Matt West + Improved search, by Sami Barakat + Comment moderation and editable comments, by Jared Wenerd Changes since 1.6.0b3: - Fixed include path for db-config.php in bigdump.php (bug #0000915) [Dirk] - Improved detection of UTF-8 database dumps in migration (bug #0000916) [Dirk] - Fixed typos in the install script (bugs #0000913 and #0000914) [Dirk] Jun 21, 2009 (1.6.0b3) ------------ Changes since 1.6.0b2: - Fixed IE6 and Safari compatibility issue with sort and limit combo boxes in search results (part of bug #0000874) [Sami] - Fixed HTML in the Configuration (bug #0000907) [Dirk] - Added a more prominent reminder to remove the install script [Dirk] - Made the link to a comment's parent object from the comment bar work properly for plugins [Dirk] - Allow searching by topic (without a query string) again (reported by Markus Wollschläger) [Dirk] - Fixed handling of $_CONF['comment_close_rec_stories'] (bug #0000899) [Dirk] - Improved selection of text portion displayed in search results [Dirk] - Fixed an error that occured after deleting a trackback [Dirk] - Replace autotags in search results (bug #0000887) [Dirk] - Don't insist on an email address when editing a Remote User (bug #0000885) [Dirk] - Added a config option to send an X-FRAME-OPTIONS HTTP header to prevent "clickjacking" (requires browser support) [Dirk] - Prevent XSS in the install script (reported independently by Nemesis and MaXe) [Dirk] - Removed old plugin API function plugin_commentsupport from the Calendar, Polls, and Static Pages plugins [Dirk] - Updated Japanese language files and Japanese documentation, provided by the Geeklog.jp group Calendar plugin --------------- - Fixed leap year check [Sean Clark] Polls plugin ------------ - Implemented PLG_getCommentUrlId [Dirk] - Update polls comments when changing a poll's ID so the comments don't become orphaned (part of bug #0000901) [Dirk] Static Pages plugin ------------------- - Another attempt to fix a compatibility issue with PHP 4 (parse error) [Ben, Dirk] - Implemented PLG_getCommentUrlId [Dirk] - Update static pages comments when changing a page's ID so the comments don't become orphaned (part of bug #0000901) [Dirk] - When deleting a static page, also delete its comments (bug #0000901) [Dirk] XMLSitemap plugin ----------------- - Add the Polls plugin to the sitemap by default (part of bug #0000898) [Dirk] - When manually adding or removing plugins, automatically add/remove corresponding entries for priority and frequency (part of bug #0000898) [Dirk] May 31, 2009 (1.6.0b2) ------------ Changes since 1.6.0b1: - Various fixes to the new search (work in progress) [Sami] - The list of Comment Submissions now tries to provide a link to a comment's parent object (article, poll, ...). If not available, it displays an excerpt from the comment [Dirk] - Plugin comments lost their type when being saved in the comment submission queue (they were treated as comments on stories) [Dirk] - SQL errors now trigger the standard error handler ("Unfortunately, an error has occurred ..."). Details are available in error.log, as usual [Tony, Dirk] - Removed the $_CONF['search_no_data'] config option and moved the text to the language files (bug #0000873) [Dirk] - All bundled plugins now include a check to see if they support the DBMS the site is running on [Dirk] - A fresh install didn't check if the bundled plugins are compatible with the Geeklog version about to be installed [Dirk] - Users couldn't change their password or delete their account (reported by Tom Homer) [Dirk] - Fixed plugin postinstall from the install script [Dirk] - Made COM_createImage recognize https:// URLs (bug #0000881) [Dirk] - Fixed notices in the config class (reported by tgc and others) [Dirk] - Fixed empty entries in the "Type" dropdown on the Advanced Search page. Requires an updated search/searchform.thtml template (part of bug #0000874) - Ensure PLG_templateSetVars (and therefore CUSTOM_templateSetVars) is called properly when the "Skip Preview" option is disabled (bug #0000880) [Dirk] - Fixed handling of multi-byte encoded texts when limiting the content of feed entries to a certain amount of characters (reported by alank) [Dirk] - Added a verbose logging option to the search class and make it default to off [Dirk] - lib-custom.php was missing from the 1.6.0b1 tarball - Updated Spanish language file, provided by Juan Pablo Novillo Polls plugin ------------ - Display a message when a plugin comment is queued [Dirk] - If you knew a poll's ID, you could find out the poll's title even if you did not have access to the poll [Dirk] - Fixed (mostly) blank page when calling up a non-existing poll ID (reported by scarecrow) [Dirk] Static Pages plugin ------------------- - Display a message when a plugin comment is queued [Dirk] - Fixed handling of "entire page" centerblocks in a multi-language environment: Need to allow one per language (reported by Norbert Ortmann) [Dirk] - Fixed a typo that prevented the [staticpage:] autotag from working [Dirk] XMLSitemap plugin ----------------- - Added an option to exclude plugins from inclusion in the sitemap. Defaults to the Links plugin [Dirk] - Remove sitemap files when uninstalling the plugin [Dirk] - Don't include Links in the sitemap.xml automatically [Dirk] - Fixed "missing argument 2" error when changing config options (reported by Markus Wollschläger) [Dirk] May 1, 2009 (1.6.0b1) ----------- - New XMLSitemap plugin that creates a XML sitemaps file as supported by all major search engines, provided by mystral-kk - Don't allow to add/remove users to/from the All Users and Logged-in Users groups via the group editor (bugs #0000863 and #0000864) [Dirk] - Cosmetic changes to the form to add/remove users to/from groups, for consistency with the other admin panels [Dirk] - Document where CUSTOM_templateSetVars is actually called from (bug #0000862) [Dirk] - Added option to search by titles only (feature request #0000840) [Sami] - The "Plugins" entry in the Admins Block now displays the number of enabled plugins (previously included the disabled plugins) [Dirk] - Added a config option to enable/disable automatically turning URLs in text postings into clickable URLs [Dirk] - Changed some default settings [Dirk]: * Webservices are now disabled * Cronjob emulation is off * Default sort for topics is alphabetically * Default comment mode is nested These settings are _not_ changed when upgrading from an earlier version. - Experimental: Compress HTML output before sending it to the browser (disabled by default; has to be supported by both the browser and the webserver) [Dirk] - Added canonical link for article directory [Dirk] - Moved hard-coded texts from admin/sectest.php to the language files (bug #0000716) [Dirk] - Added an option to send a copy of the email to a user to self (feature request #0000771, based on a patch by Roshan Singh) - COM_checkList would use the table name for the name of the checkbox array in the HTML(!). Added a new parameter for the name (pointed out by Bookoo in the exploit for usersettings.php, cf. Geeklog 1.5.2sr4) [Dirk] - Fixed wrong use of COM_allowedHTML and COM_checkHTML in plugins: Functions were called without specific permissions, so they defaulted to 'story.edit'. I.e. as a Story Admin, you could use the admin_html set in events, but as a Calendar admin, you could not ... (bug #0000785) [Dirk] - Added missing finish() calls for some templates, e.g. header.thtml (bug #0000855) [Dirk] - Moved documentation to docs/english so that it can be translated (feature request #0000770) [Dirk] - New plugin API function PLG_pluginStateChange [Dirk] - Fixed dropdown for the "censor mode", which has more than the two options offered previously (bug #0000692) [Mike, Maciej Cupial] - Slightly faster template class (feature request #0000760, patches provided by dengen and mystral-kk) - Use a more efficient implementation of Story::hasContent (bug #0000858, patch provided by Maciej Cupial) - Make sure formerly optional config items can be disabled (bug #0000846) [Dirk] - New plugin API function PLG_getDocumentationUrl (feature request #0000848) [Dirk] - Fresh installs + MySQL only: Changed some tinyint fields that are only used as flags to tinyint(1) from tinyint(3) (bug #0000857) - Fixed one of the predefined date format strings (bug #0000854) - Replace Wiki-style formatting in the Daily Digest and when emailing a story to a friend (bug #0000837, patch provided by Pawel Szczur) - New plugin API function PLG_configChange (feature request #0000694) [Dirk] - Fixed layout of Batch Add and Batch Admin options of the User Manager [Dirk] - On a login failure, the user registration form showed up even when new user registration was disabled (bug #0000843) - The Wiki-style format broke national special characters, e.g. Japanese and German umlauts (bug #0000823) [Dirk] - Introduced new plugin API function PLG_migrate [Dirk] - Allow switching the DOCTYPE from the Configuration. Requires a theme that uses {doctype} instead of a hard-coded DOCTYPE declaration (feature request #0000745) [Dirk] - The notification email about new user submissions didn't include information about the remote service used (if any) [Dirk] - Define {xmlns} when using XHTML for XHTML compliance. Updated header.thtml and article/printable.thtml template files to include that variable [Dirk] - Fixed wrong use of '&' when sending a trackback (bug #0000825) - Removed incomplete PDF generator (never enabled in any shipped version) [Dirk] - Fixed a problem with words being merged together in newsfeeds when the article was written with CR as the line separator [Dirk] - Made url rewriting work on setups that only set $_SERVER['ORIG_PATH_INFO'] (bug #0000816) - Fixed duplicate plugin entries when a plugin has more than one entry for the admin or user menu (bug #0000820) - {contributedby_user} and {contributedby_fullname} weren't set in the story templates (bug #0000821) [Dirk] - Reinstated old definitions of the {start_contributedby_anchortag}, {end_contributedby_anchortag}, and {contributedby_author} variables, i.e. the two anchortag variables are set again and _author contains the name only (bug #0000821) [Dirk] - Auto-deleting a story didn't delete trackbacks for that story [Dirk] - Ensure consistent template variable names for the Permission Editor [Dirk] - Added new permission 'group.assign', now required to be able to assign a user to a group. Part of the Group Admin (not User Admin) permissions by default (feature request #0000190) [Dirk] - Raised minimum required PHP version to PHP 4.3.0 and removed all workarounds that ensured compatibility with PHP 4.1.0 [Dirk] - Added a filename mask config option for the names of the database backups [Dirk] - Removed $_CONF['pagetitle'] hack. Use COM_siteHeader('menu', $pagetitle) instead [Dirk] - Added canonical link for articles [Dirk] - Moved hard-coded "Reminders" column title to the language file (bug #0000817) - Hide archive option radiobutton from the story editor when no archive topic is defined (feature request #0000807) [Dirk] - Display group names with an uppercase first letter everywhere [Dirk] - Added an ISO 8601-ish format to the gl_dateformats table [Dirk] - Let users with user.mail permissions only email groups that they are in themselves [Dirk] - Gave the Groups and User editors a facelift. Requires a new template file, admin/lists/inline.thtml [Dirk] - Introduced list of "advanced HTML" tags that are allowed when FCKeditor is enabled. Needed for images (bug #0000757) [Blaine] - Add new permissions plugin.install and plugin.upload for more fine-grained control to the plugin admin panel (bug #0000637) [Dirk] - Introduced new plugin API function PLG_itemDeleted [Dirk] - Changed API for PLG_itemSaved to make it simpler and easier to use [Dirk] - Updated FCKeditor to version 2.6.4 [Blaine] - Usersettings.php - can not change password when custom membership is enabled. Modified CUSTOM_userCheck to return both a error message string and Error code. Updated users.php and usersettings,php (bug #0000776) [Blaine] - Implemented extended API for PLG_getItemInfo [mystral-kk, Dirk] - Fixed inconsistencies and various small mistakes when displaying "Access denied" messages on the admin pages [Dirk] - Added a print.css stylesheet to be used by the printable template files (feature request #0000766) [Dirk] - Re-introduced the path hints in the install script when it can't find db-config.php [Dirk] - Added a note about the max. dimensions of a userphoto in the About You pane of a user's My Account page (feature request #0000629) [Dirk] - Display a message when no topics exist and don't let the user enter the story editors (bug #0000738) [Dirk] - Added a configuration option to control the JPEG quality (Feature request #0000720) [Dirk] - Updated Hebrew language file for the install script, provided by LWC - New Serbian (Latin) language files, provided by Aleksandar Scepanovic Calendar plugin --------------- - Added migration support [Dirk] - Removed extra double quote from upcoming events block (bug #0000827) - Added auto installation support [Dirk] - Added support for PLG_getItemInfo, PLG_itemSaved, PLG_itemDeleted [Dirk] Links plugin ------------ - Added migration support [Dirk] - Added category default permissions [Dirk] - Added auto installation support [Dirk] - Added support for PLG_getItemInfo, PLG_itemSaved, PLG_itemDeleted [Dirk] - Introduced function LINKS_getCategorySQL and fixed visibility of link categories in the Top 10 Links list and site statistics [Dirk] - Added an option to allow opening external links in a new window (feature request #0000693). Use with care, please [Dirk] - Only external links are marked with class="ext-link" [Dirk] Polls plugin ------------ - Added migration support [Dirk] - Set the page title when viewing a poll [Dirk] - Added auto installation support [Dirk] - Added support for PLG_getItemInfo, PLG_itemSaved, PLG_itemDeleted [Dirk] - Extended length of poll IDs to 40 characters (feature request #0000754) [Dirk] Spam-X ------ - Added migration support [Dirk] - Added auto installation support [Dirk] Static Pages plugin ------------------- - Added migration support [Dirk] - The printable.thtml template file now uses the {xmlns} variable [Dirk] - Added canonical link [Dirk] - Added auto installation support [Dirk] - Added support for PLG_getItemInfo, PLG_itemSaved, PLG_itemDeleted [Dirk] - The printable.thtml template file uses the HTML Strict doctype and print.css now [Dirk] - Display "successfully saved" and "successfully deleted" messages, just like every other plugin and built-in function does (bug #0000644) [Dirk] Apr 18, 2009 (1.5.2sr4) ------------ This release addresses the following security issue: Bookoo of the Nine Situations Group posted another SQL injection exploit, targetting an old bug in usersettings.php. As with the previous issues, this allowed an attacker to extract the password hash for any account and is fixed with this release. Apr 13, 2009 (1.5.2sr3) ------------ This release addresses the following security issue: Bookoo of the Nine Situations Group posted another SQL injection exploit, this time targetting the webservices API. As with the previous issue, this allowed an attacker to extract the password hash for any account and is fixed with this release. Not security-related: - Re-introduced function get_SPX_Ver in the install script, which is still needed when upgrading from old Geeklog releases (reported by Sheila) [Dirk] Apr 4, 2009 (1.5.2sr2) ----------- This release addresses the following security issue: Bookoo of the Nine Situations Group posted an SQL injection exploit for glFusion that also works with Geeklog. This issue allowed an attacker to extract the password hash for any account and is fixed with this release. Mar 30, 2009 (1.5.2sr1) ------------ This release addresses the following security issue: Fernando Munoz reported a possible XSS in the query form on most admin panels that we are fixing with this release (bug #0000841). Feb 8, 2009 (1.5.2) ----------- - The default replacement text for censored text was supposed to read "censored", not "censormode" [Dirk] - Fixed problem with extra backslashes appearing in a story's title during the story preview when magic_quotes_gpc = On (bug #0000790) [Mike, Dirk] - Added missing page title when viewing a single comment [Dirk] - Sort groups in the group dropdowns non-case sensitive [Dirk] - Display a message when sending the email to report an abusive comment failed [Dirk] - Display a message when sending the email for a new password failed [Dirk] - Updated Estonian language file for the Calendar plugin, provided by Artur Räpp - Updated Japanese language file, provided by the Geeklog.jp group Static Pages plugin ------------------- - Fixed parse error when saving a static page (reported by greenteagod). This problem was only introduced in 1.5.2rc1 [Dirk] Jan 24, 2009 (1.5.2rc1) ------------ - Fixed various issues with COM_makeClickableLinks (bug #0000767, #0000793, #0000796) [Sami] - The comment submission form didn't show the user's full name when $_CONF['show_fullname'] was enabled [Dirk] - Comments were always showing the username, even when $_CONF['show_fullname'] was enabled (reported and patch provided by mystral-kk, bug #0000800) - Fixed story preview losing the story when the sid already existed (bug #0000789) [Dirk] - Fixed wrong use of str_replace in STORY_extractLinks (bug #0000794) [Dirk] - Added "Send Pings" to the Story Options block (if enabled and allowed for the current user) [Dirk] - Don't let the user enable plugins when there's no functions.inc for the plugin [Dirk] - When the install script can't find db-config.php, that message was always displayed in English, i.e. you could not change the language for that screen [Dirk] - When upgrading from a Geeklog version prior to 1.5.0, the plugin config.php files are no longer renamed [Dirk] - Admin lists allowed non-sortable columns to be sortable (reported and patch provided by hiroron, bug #0000791) - Fixed STORY_getItemInfo - need to check the draft flag and for a publish date in the future [mystral-kk, Dirk] - Fixed wrong use of COM_isAnonUser in COM_getPermSQL (since 1.5.0) [Dirk] - When calling COM_getYearFormOptions with a $startoffset parameter, the list of years was off by one (bug #0000783; patch provided by hiroron) - Fixed updating feeds after changing topic permissions (bug #0000779) [Dirk] - The security token was missing from the trackback editor template file (reported and patch provided by hiroron, bug #0000778) - Removed rel="tag" from topic links in lib-story.php as that would indicate a Microformat with a slightly different meaning [Dirk] - Don't include X-Originating-IP header in emails sent from the site's admin area (bug #0000701) [Dirk] - Check if COM_errorLog exists before using it in the config class (for possible problems during installation, bug #0000768) [Dirk] - Fixed filling out the Site Email / No-Reply Email fields in the install script, which was overwriting the correct values from config.php during upgrades (bug #0000759) [Dirk] - Set language direction in templates for printable versions of articles and static pages. Also set $LANG_DIRECTION to 'ltr' now if the language file does not already define it (bug #0000762) [Dirk] - Removing an element from the middle of the censorlist caused the censoring to act up (bug #0000763) [Dirk] - Saving a story tried to update a feed of type 'geeklog' instead of 'article' (reported by Tom Homer) - Delete a feed's file when deleting a feed (bug #0000758) [Dirk] - When using gdlib, use imagecopyresampled instead or imagecopyresized to scale images. This should result in better image quality (part of Feature request #0000720) [Dirk] - The {start_storylink_anchortag} variable in the story templates was missing a '>' (reported by Michael Brusletten) [Dirk] - Display a "Service" column in the Admin's list of users when remote auth is activated [Dirk] - Introduced new function COM_showMessageText to display a free-form text in a "System Message" box (feature request #0000676) [Dirk] - Introduced new function COM_showMessageFromParameter for easy and consistent display of messages passed in the URL, including plugin messages (second attempt to fix bug #0000618) [Dirk] - Display confirmation message when emailing a story (feature request #0000689) [Dirk] - Implemented new function COM_renderWikiText to convert wiki-formatted text to (X)HTML (feature request #0000643) [Dirk] - Added support for CUSTOM_formatEmailAddress and CUSTOM_emailEscape functions (feature request #0000727) [Dirk] - Fixed 'cookiedomain' being reported as changed in the Configuration (bug #0000638) [Dirk] - Reverted fix for bug #0000618 (COM_showMessage automatically picking up a 'plugin' parameter) as it's causing problems when displaying more than one message on the same page [Dirk] - Added missing check for allowed IP addresses in downloader class (bug #0000709) [Dirk] - Force a refresh after uninstalling a plugin so that the plugin's entry disappears from the Admins block [Dirk] - Fixed an issue with story expiry dates on PHP 4/Windows (reported by zeb) [Mike] - Updated Hebrew language file for the install script and Spam-X plugin, provided by LWC - Updated Japanese language files, provided by the Geeklog.jp group - Updated Polish language files, provided by Robert Stadnik - Updated Slovenian language file for the Links plugin, provided by gape Calendar plugin --------------- - Fix for calendar plugin - unable to add personal event [Blaine] - Make {event_url} available in eventdetails.thtml [Dirk] Links plugin ------------ - Missing parentheses my have resulted in incorrect search results [Dirk] - Added urlencoded versions of {link_actual_url} and {link_name} [Dirk] - Prevent overwriting existing links when changing the link ID [Dirk] Polls plugin ------------ - Lowered the default number of questions per poll to 5 and the number of answers per question to 8 to avoid running into Suhosin's default post.max_vars limit (for new installs only) [Dirk] - Fixed SQL error when poll questions contained single quotes (bug #0000756) [Dirk] - Fixed handling of poll IDs in Polls editor (bug #0000753) [Dirk] Static Pages plugin ------------------- - The owner of a static page changed to the user who last edited it (bug #0000777) [Dirk] - Fixed call to WS_makeId when sp_id was longer than STATICPAGE_MAX_ID_LENGTH (found by Marc Maier) [Dirk] Sep 22, 2008 (1.5.1) ------------ - Fixed protection against direct execution in various include files which may have failed on non-case sensitive file systems (reported by Mark Evans) [Dirk] - Saving a story as someone other than the owner will revert the story to your ownership. (bug #0000742) [Mike] - Fixed searching for non-installed plugins when open_basedir restrictions are in effect (bug #0000741) - Fix for first change of password issue (bug #0000724) [Mike] - Fixed failure to switch language with new query highlighting URLs (bug #0000733) [Dirk] - Fixed bug with HTML Encoding of default comment title for articles (bug #0000737) [Mike] - Fixed another case where a duplicate of a story submission was left in the submission queue after approving the story [Mike] - Fixed problem with the MySQL class not recognizing UTF-8 when the character set name was written in uppercase (bug #0000731) [Dirk] - Updated Hebrew language files, provided by LWC - Updated Estonian language files, provided by Artur Räpp - Updated Japanese language files, provided by the Geeklog.jp group - Updated Slovenian language files, provided by gape Sep 7, 2008 (1.5.1rc1) ----------- - Added missing slash in the install script (bug #0000715) [Dirk] - CSRF token not passed to draft list (bug #0000726) [Ted Powell] - If root debugging is enabled, hide anything in the array stack that has a key containing 'cookie' or 'pass'. And added option to override this. (bug #0000722) [Mike] - Prevent direct execution of the FCKeditor upload script (reported by t0pP8uZz) [Dirk] - Renamed the "Restore" option in the Configuration to "Enable" [Dirk] - Provided better error handling for database backups (bug #0000714) [Mike] - Provided auto-detection of -left and -right overrides for any given block template. This allows any block to auto-style to left and right for themes without the need for the theme to work it out, or talk to the database. ("Bug" #0000684) [Mike] - Fixed handling of corrupted config value db entries, e.g. after importing Calendar event_types with the wrong character set (bug #0000690) [Dirk] - Fixed handling of HTML entities in the Configuration (bug #0000710) [Sami, Dirk] - Story image upload: Only add a link to the unscaled image if such an image actually exists [Dirk] - Removed unused code from lib-story.php [Dirk] - COM_siteFooter no-longer creates two sets of right blocks. (bug #0000698) [Mike] - Microsummaries work in topics, reported by Joe. [Mike] - Added DB_checkTableExists and changed INST_checkTableExists to use it. [Mike] - Changed REPLACE INTO for DB_save for MSSQL compat [Mike] - Re-introduced function get_SP_Ver in the install script, which is still needed when upgrading from old Geeklog releases (reported by libexec) [Dirk] - Fixed issue where you can post a comment to an unpublished story (bug #0000705) [mystral-kk/Mike] - Fixed make clickable links with quotes (bug #0000691) plus truncated long urls. [Sami] - Fixed table prefix issues with constraints (bug #0000702) [Mike/Sami] - Fixed error when attempting to highlight a search query that contained a slash [Dirk] - Updated FCKeditor to v2.6.3 [Blaine] - Moved remove() (config JavaScript) to gl_cfg_remove (bug #0000681) [Mike] - Change for CUSTOM_usercreate to support passing in $batchimport, set true if called via the Admin->Users Batch_Add [Blaine] - Fix for date formatting in RSS fields (bug #0000696) [mystral-kk] - A small tweak to the Professional theme's commentbar to make the "Post a comment" option easier to find [Dirk] - Renamed the syndication feed type "geeklog" to "article" since that's what they are nowadays [Dirk] - New option "All Frontpage Stories" for article feeds: skip stories that have the "Show only in topic" option set (feature request #0000652) [Dirk] - If there is a feed for a topic, there will now be a "Subscribe to ..." option in the Story Options block for every story for that topic (feature request #0000154) [Dirk] - Cop-out fix for bug #0000671: Don't display the icon for external links when the text direction is 'rtl' (e.g. Hebrew) [Dirk, Mike] - Keep letter case intact when highlighting a search query string (patch provided by Sami Barakat) - Provide nicer URLs to story search results when URL rewriting is enabled (bug #0000665, based on a patch by Sami Barakat) [Dirk] - Better support for plugin messages (bug #0000618) [Blaine] - Introduced new variable {page_title_and_site_name} for header.thtml so that we can have "Site Name - Site Slogan" in the frontpage's title again [Dirk] - Fixed SQL error(s) for story submissions by users with story.submit but no further Story Admin permissions (reported by Orion) [Dirk] - End a user's session when they are being banned [Dirk] - Signatures in HTML-formatted comments weren't XHTML compliant [Dirk] - Minor cleanups in style.css - no actual layout changes (bug #0000683) [Dirk] - Allow creation of banned users, i.e. ban the user on account creation [Dirk] - Minor improvements in the error handling, e.g. preventing Geeklog from creating error.log files outside the logs directory [Dirk] - Send a HTTP status code 503 "Service Unavailable" when the site is disabled [Dirk] - Hide the database password when the database backup failed and we're logging the mysqldump command [Dirk] - Disable OpenID login when new registrations are disabled [Dirk] - Allow to unset Configuration options again after they have been "restored", i.e. enabled (bug #0000664) [Dirk] - Adopted hack to allow multilingual blocks (bug #0000626) [Dirk] - Fixed SQL error in story submissions (reported by Chase) [Mike] - Stories with a publishing date in the future and stories with the draft flag set were accessible if you knew their story id (bug #0000678) [Mike] - Enabled siteconfig.php to override database config in core, primarily for rootdebug. [bug 0000673] [Mike] - Allow remote users to use the webservices (bug #0000640). Due to the authentication method it is not possible for OpenID users to use the webservices. Other remote users will have to use username@servicename for their username when logging in through the webservices [Dirk] - Fix to template.class to better handle full path being passed in [Blaine] - Updated PLG_uninstall to supress errors for table drop. [bug 0000668] [Mike] - Fixed INST_checkTableExists for MS SQL Support. [bug 0000668] [Mike] - Hardcode an ltr div around HTML tags in the allowed html tag list. Plus minor HTML compliance issues. [bug 0000669] [Mike] - Plaintext stories have nl2br applied in syndication feeds to provide correct formatting in feed readers. [bug 0000662] [Mike] - Changed SEC_createToken so that it will only return one token per page (effectively making it a singleton). This fixes the problem of not being able to delete comments when you also have trackbacks for the same article [Mike, Dirk] - Approving a story submission by saving it from the Admin's story editor left a duplicate in the submission queue, unless you changed the story ID at the same time [Dirk, Mark Evans] - Fixed user submission queue (reported by greenteagod) [Dirk] - Updated Hebrew language files, provided by LWC Calendar plugin --------------- - Fixed tags in the German language files for the Calendar [Dirk] - Fixed date comparison ("End date is before start date.", bug #0000703) [Dirk] - Fixed Admin delete links in day and week view (bug #0000680) [Dirk] - Search for an event's "author" didn't work [Dirk] - Calendar block now includes events from the current day (in progress or all day events, bug 0000604, patch from forums) (really) [Mike] Links plugin ------------ - Fixed passing the category on multi-page link lists [Dirk] - Fixed new category silently overwriting an existing category if they had the same id (part 2 of bug #0000659) [Dirk] - Fixed SQL error when trying to change a category id to an already existing id (part 1 of bug #0000659) [Dirk] Polls plugin ------------ - For multi-question polls, make the "Vote" button read "Start Poll" in the polls block (bug #0000633) [Dirk] - Fixed display of "Results" link while a poll is open [Dirk] Static Pages plugin ------------------- - Menu entries were not language-aware (in multi-language setups), i.e. all the menu entries were always displayed (bug #0000713) [Dirk] - Removed unused 'config_data' entry from the plugin uninstall function (bug #0000666) [Dirk] - Fixed printer friendly version of a static page not working when url_rewrite is enabled (bug #0000661) [Dirk] June 15, 2008 (1.5.0) ------------- Geeklog 1.5.0 incorporates the following projects implemented during the 2007 Google Summer of Code: + New user-friendly install script by Matt West + New Configuration GUI (replacing config.php) by Aaron Blankstein + New Webservices API based on the Atom Publishing Protocol by Ramnath R. Iyer Changes since 1.5.0rc2: - Users that used a different theme than the site default would see the site switch temporarily back to the site's default theme when changing a config option. This was a side effect of the fix for bug #0000648 [Dirk] - In a tradeoff between security and convenience, we decided to go with security: The install script will no longer display the database credentials from db-config.php. The downside is that you will have to enter them again when doing a database upgrade or re-running the install (reported by Mark Evans) [Dirk] - Links plugin: The word "Root" wasn't taken from the language file for the page title of the public list of links (reported by Markus Wollschläger) [Dirk] - Fixed remaining places where the Admin panels had inconsistent layouts: Calendar list of events, Polls editor (bug #0000650) [Dirk] - Updated Hebrew language file, provided by LWC - Updated German language files, provided by Markus Wollschläger - Some Korean language files had a mixture of CR/LF and LF as line separators (bug #0000655) [Dirk] June 8, 2008 (1.5.0rc2) ------------ Changes since 1.5.0rc1: - Hide the | separator for static pages with page format "blank page" (reported by Tetsuko Komma) [Dirk] - Hardcoded all URL entry fields in the templates and the date selection in the calendar plugin to dir="ltr" (reported by LWC) [Dirk] - Fixed handling of UTF-8 languages in the install script (reported by Tetsuko Komma) [Dirk] - Ensure consistent display of the admin lists (bug #0000650) [Dirk] - Sanitize the language in the install help (reported by Mark Evans) [Dirk] - Moved the hard-coded CSS for the System Message to the stylesheet [Dirk] - Added a workaround for the Yulup Atompub client that sometimes sends Text nodes within XHTML nodes [Dirk] - Made the Install / Upgrade buttons in the install script a bit wider to provide more space for the Japanese and German translations [Dirk] - Fixed bug #0000647: All modifications of usersettings should go through CUSTOM_usercheck [Blaine] - Removed hard-coded