plugins/SpecialUserFuncs.php
Tue, 12 Jul 2011 22:13:37 -0400 Dan Fuhry SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
Mon, 28 Jun 2010 11:00:51 -0400 Dan Fuhry SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks! 1.0.6pl2
Sat, 17 Jan 2009 11:51:17 -0500 Dan Rebrand as v1.0.6 (Roane)
Thu, 28 Feb 2008 12:33:01 -0500 Dan Rebrand as 1.0.4 (Ellyyllon)
Fri, 01 Feb 2008 22:31:57 -0500 Dan Made all captcha fields case-insensitive (thanks pkeating)
Sun, 20 Jan 2008 23:18:03 -0500 Dan Fixed broken regenCaptcha() in Special:Register
Tue, 18 Dec 2007 23:47:33 -0500 Dan Merging in a few stray changes from the MySQL branch
Tue, 18 Dec 2007 23:44:55 -0500 Dan Many changes. Installer with PostgreSQL is broken badly and will be for some time.
Sat, 15 Dec 2007 18:11:59 -0500 Dan Set Content-type on AJAX login key request to application/json to hopefully block ad injection
Wed, 12 Dec 2007 21:37:23 -0500 Dan Rebrand as 1.0.3 (Dyrad)
Sun, 25 Nov 2007 17:53:03 -0500 Dan Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
Sat, 24 Nov 2007 00:53:23 -0500 Dan Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
Sun, 18 Nov 2007 18:44:55 -0500 Dan Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
Sat, 17 Nov 2007 20:31:01 -0500 Dan Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
Sat, 20 Oct 2007 11:11:40 -0400 Dan Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
Tue, 18 Sep 2007 00:30:43 -0400 Dan Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
Sat, 08 Sep 2007 14:04:15 -0400 Dan Merging Nighthawk and Scribus repositories
Sat, 08 Sep 2007 14:02:19 -0400 Dan Fixed some rather major bugs in the registration system, this will need a release followup
Fri, 07 Sep 2007 16:27:40 -0400 Dan Merging Scribus and Nighthawk repositories
Thu, 06 Sep 2007 23:03:51 -0400 Dan Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
Tue, 04 Sep 2007 12:52:23 -0400 Dan Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
Sat, 01 Sep 2007 23:29:33 -0400 Dan Added registration date column to members list
Sun, 26 Aug 2007 22:52:38 -0400 Dan Added search function for memberlist
Sun, 26 Aug 2007 20:45:33 -0400 Dan Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
less more (0) -24 tip