Mercurial
Mercurial
>
repos
>
enano-1.0
/ graph
summary
|
shortlog
|
changelog
| graph |
tags
|
bookmarks
|
branches
|
files
|
help
less
more
|
(0)
-300
-100
-96
tip
Find changesets by keywords (author, files, the commit message), revision number or hash, or
revset expression
.
The revision graph only works with JavaScript-enabled browsers.
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks!
1.0.6pl2
2010-06-28, by Dan Fuhry
Fixed a couple non-security sanitizer and editor bugs
2009-12-28, by Dan
Updated current-stable tag
2009-12-28, by Dan
Stable release: Enano CMS 1.0.6pl1
2009-08-24, by Dan
Fixed lockup on unclosed HTML tags in wikiformat_process_block()
1.0.6pl1
2009-08-22, by Dan
Version bumped to v1.0.6pl1
2009-08-22, by Dan
SECURITY: Comments: fix poor sanitization of subject on initial submit
2009-08-21, by Dan
Merging nighthawk and scribus branches
2009-03-21, by Dan
Fixed typo in function call to check for apache 2.2
2009-03-21, by Dan
Added license block to AmigaLink captcha engine and set this engine as the default; clarified licensing situation for this module in licenses/index.html
2009-01-18, by Dan
Updated current-stable tag
2009-01-18, by Dan
Re-merged 1.0.6 tag
2009-01-18, by Dan
Continuation of previous commit in admin CP; EditSidebar: updated strings to be more accurate (thanks again Vadi)
2009-01-18, by Dan
Pageutils: Also delete page-specific ACL rules when deleting a page (thanks Vadi)
2009-01-18, by Dan
SECURITY: Enforce denied history_view on previous revisions
2009-01-18, by Dan
Removed some crufty CSS classes in enano-shared (thanks Vadi)
2009-01-18, by Dan
Stable release: Enano CMS 1.0.6 (Roane)
2009-01-17, by Dan
Updated readme for Roane
1.0.6
2009-01-17, by Dan
Rebrand as v1.0.6 (Roane)
2009-01-17, by Dan
Merging branches
2009-01-17, by Dan
SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
2009-01-17, by Dan
Minor fix to OS detection in install
2009-01-17, by Dan
Plugins can now register their own custom actions for $_GET["do"]. (Backport from unstable)
2008-11-29, by Dan
Stable release: Enano CMS 1.0.5 (Ferrishyn)
2008-11-27, by Dan
Remove some unused/obsolete release tags
1.0.5
2008-11-27, by Dan
[cosmetic only] lowercase release name in installer splash
2008-11-27, by Dan
Made UX for Windows patch more pleasant including external documentation. Breaking change to dynamic download script.
2008-11-27, by Dan
Updated readme for Ferrishyn
2008-11-25, by Dan
Fixed sanitization of full page IDs with accidental parse of escaped hex character in dirtify_page_id(). Thanks Asterion; see http://forum.enanocms.org/post/20/
2008-11-07, by Dan
Fixed IPv6 address match (the one from phpBB3 did not work)
2008-09-16, by Dan
Fixed SQL parse errors caused by conversion to \r\n by some FTP/zip clients (hackish workaround that isn't Enano's fault)
2008-09-10, by Dan
Forgot to update, merging heads from nighthawk and scribus
2008-08-22, by Dan
Redid tags to match version numbers; only latest release will be tagged as such from now on. Hopefully Mercurial registers this.
2008-08-22, by Dan
Upgrade from 1.0.4 -> 1.0.5 now tolerates errors in user -> user_id transition in tags table
2008-08-17, by Dan
Tagging revision 290 (72ecb951b313) as release, it was never done before.
2008-08-05, by Dan
Backported customizable 404 page from unstable (thanks Vadi); made customizable 404 page have a {STANDARD404} variable available to allow embedding the "default" 404 content.
2008-08-05, by Dan
RNG now uses /dev/urandom instead of /dev/random to fix slowdowns during login. Potentially not as secure, but speed problems on some servers were of blocker severity.
2008-08-04, by Dan
Merging scribus and nighthawk branches
2008-06-26, by Dan
Fixed jBox hover event reference to undefined object
2008-06-26, by Dan
Fixed E_STRICT under PHP 5 and 6 (reference operator in instanciation)
2008-06-26, by Dan
Merging in page['visible'] patch from unstable, pages marked as invisible should now be omitted from searches
2008-06-12, by Dan
Tagging latest revision as rebrand
2008-05-09, by Dan
Rebrand as 1.0.5 (Ferrishyn)
2008-05-09, by Dan
Fixed (again) the user -> user_id transition in enano_tags table
2008-05-09, by Dan
Fixed aclScopeSel control in Safari/KHTML
2008-04-13, by Dan
Added enforced warning about PHP4
2008-04-13, by Dan
Filled and updated out the README for 1.0.4
1.0.4
2008-03-16, by Dan
Backporting cron fixes from unstable
2008-03-15, by Dan
Allowed uppercase characters to be used in the database name (thanks Andrew)
2008-03-02, by Dan
Fixed PHP warning in Rijndael RNG code when open_basedir restriction in effect
2008-03-02, by Dan
Tagging latest revision as rebrand
2008-02-28, by Dan
Rebrand as 1.0.4 (Ellyyllon)
2008-02-28, by Dan
Fixed: RenderMan::getPage() failing with access denial when fetching template and view_source results in deny
2008-02-22, by Dan
Made all captcha fields case-insensitive (thanks pkeating)
2008-02-01, by Dan
Merging scribus and nighthawk branches
2008-01-31, by Dan
Fixed jBox menus failing to appear when window scrolled down
2008-01-31, by Dan
Fixed special pages being returned with subpage information inappropriately from $paths->get_pageid_from_url()
2008-01-31, by Dan
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
2008-01-28, by Dan
Re-applying the revision with the comment fix (bad merge a couple revs back)
2008-01-28, by Dan
Fixed case where HTML comments were getting stripped when opening tag not followed by whitespace (<!--foo--> was stripped, <!-- foo --> was not, neither is stripped now)
2008-01-27, by Dan
Merging in a couple revisions from Nighthawk
2008-01-23, by Dan
Fixed case-sensitive file extensions
2008-01-23, by Dan
Fixed broken regenCaptcha() in Special:Register
2008-01-20, by Dan
Not sure if $taboo was getting sanitized or not. Possibly an SQL injection vulnerability that allows maliciously crafted group names to inject SQL at a later date when the group CP is loaded. Unconfirmed, theoretical fix.
2008-01-19, by Dan
Removed all PostgreSQL support from the installer as per http://enanocms.org/News:1200114064; installer support for Postgres is available in the 1.1 branch now
2008-01-18, by Dan
PHP4 fix: sidebar missing in installer UI: problem was wrongly named constructor for templateIndividualSafe
2008-01-09, by Dan
Fix undefined E_STRICT under PHP 4; add PHP 4 deprecation notice in admin panel
2008-01-09, by Dan
Installer works again now (for MySQL only)
2008-01-01, by Dan
Adding a few stray files and removing the no-longer-needed Creative Commons Attribution 2.0 license (no more libraries under that license are included with Enano); adding hooks pageprocess_render_{head,tail} to be run before and after the final page render, respectively.
2008-01-01, by Dan
Integrating patch for PHP 6.0-dev compatibility
2007-12-31, by Dan
Fixed search indexer causing duplicate keys when two "words" of 64+ characters encountered and first 64 characters are the same (thanks Vadi); attempt to fix onunload confirmation during page editing
2007-12-27, by Dan
Corrected licensing issue on YoungPup's DOM-Drag (it is now public domain -> GPLv2+ for Enano); fixed wrongful access denial under specific circumstances (fetch_page_acl() on nonexistent page + wiki mode)
2007-12-23, by Dan
Fixed: $paths->page_id not set when the page doesn't exist; finally fixed garbled page names for IP addresses
2007-12-19, by Dan
Merging in a few stray changes from the MySQL branch
2007-12-18, by Dan
A number of updates to the graphing code (it should actually work now)
2007-12-18, by Dan
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
2007-12-18, by Dan
Set Content-type on AJAX login key request to application/json to hopefully block ad injection
2007-12-15, by Dan
SURPRISE! Preliminary PostgreSQL support added. The required schema file is not present in this commit and will be included at a later date. No installer support is implemented. Also in this commit: several fixes including <!-- SYSMSG ... --> was broken in template compiler; set fixed width on included images to prevent the thumbnail box from getting huge; added a much more friendly interface to AJAX responses that are invalid JSON
2007-12-15, by Dan
Stable release: Enano CMS 1.0.3 (Dyrad)
1.0.3
2007-12-12, by Dan
Tagging latest revision for rebrand
2007-12-12, by Dan
Rebrand as 1.0.3 (Dyrad)
2007-12-12, by Dan
SECURITY: CRITICAL: Fix SQL injection in admin CP page editor
2007-12-12, by Dan
Fixed focus of AJAX login form fields in IE; removed stale/unused call to $template->makeParserText() in paginate_array(); added hook page_create_request to possibly help control creation of pages of certain namespaces from plugins; fixed critical bug in user CP that prevented plugins from adding custom CP modules
2007-12-11, by Dan
Improved physical pages: they support comments and have their own dedicated namespace now. Still some consistency fixes to make.
2007-12-03, by Dan
Deprecated debugConsole and removed all calls to it. Added a lot of comments to common.php. Added support for "anonymous pages" that are created when the Enano API is loaded from an external script. Fixed missing border-bottom on Type 2 sidebar blocks in Oxygen.
2007-12-03, by Dan
Fixed: sanitation loop on ampersands in encodeAttribute() (this was MediaWiki's fault)
2007-12-01, by Dan
Stable release: Enano CMS 1.0.2 (Coblynau)
1.0.2
2007-12-01, by Dan
Dummy revision to artificially increment build number
2007-12-01, by Dan
Fix missing dependency on search.php in upgrade script
2007-12-01, by Dan
Detagging release due to stupid upgrade fix
2007-12-01, by Dan
Stable release: Enano CMS 1.0.2 (Coblynau)
2007-11-30, by Dan
How could I forget the TRADEMARK SIGN?
2007-11-30, by Dan
Updated artwork with finalized new/revised logo; finalized upgrade schema
2007-11-30, by Dan
Add installer pop-help topic for URL scheme, in response to http://forum.enanocms.org/viewtopic.php?f=5&t=19
2007-11-28, by Dan
Oops, never merged in updates from ee1fc84f12a8 (240)
2007-11-28, by Dan
Hopefully now all calls to escape() are replaced with ajaxEscape() in response to Tomasz's forum post; remove deprecated version of show_category_info() from functions.php
2007-11-28, by Dan
less
more
|
(0)
-300
-100
-96
tip