Tue, 12 Jul 2011 22:13:37 -0400 |
Dan Fuhry |
SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
|
file |
diff |
annotate
|
Mon, 28 Jun 2010 11:00:51 -0400 |
Dan Fuhry |
SECURITY: Multiple XSS in Special:ChangeStyle. Reported by Mesut Timur of Mavituna Security - thanks!
1.0.6pl2
|
file |
diff |
annotate
|
Sat, 17 Jan 2009 11:51:17 -0500 |
Dan |
Rebrand as v1.0.6 (Roane)
|
file |
diff |
annotate
|
Thu, 28 Feb 2008 12:33:01 -0500 |
Dan |
Rebrand as 1.0.4 (Ellyyllon)
|
file |
diff |
annotate
|
Fri, 01 Feb 2008 22:31:57 -0500 |
Dan |
Made all captcha fields case-insensitive (thanks pkeating)
|
file |
diff |
annotate
|
Sun, 20 Jan 2008 23:18:03 -0500 |
Dan |
Fixed broken regenCaptcha() in Special:Register
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:47:33 -0500 |
Dan |
Merging in a few stray changes from the MySQL branch
|
file |
diff |
annotate
|
Tue, 18 Dec 2007 23:44:55 -0500 |
Dan |
Many changes. Installer with PostgreSQL is broken badly and will be for some time.
|
file |
diff |
annotate
|
Sat, 15 Dec 2007 18:11:59 -0500 |
Dan |
Set Content-type on AJAX login key request to application/json to hopefully block ad injection
|
file |
diff |
annotate
|
Wed, 12 Dec 2007 21:37:23 -0500 |
Dan |
Rebrand as 1.0.3 (Dyrad)
|
file |
diff |
annotate
|
Sun, 25 Nov 2007 17:53:03 -0500 |
Dan |
Fixed highlighting in search results; changed search algorithm to give more score for terms found in page title; hopefully (hackishly) fixed login_key_cache getting too long
|
file |
diff |
annotate
|
Sat, 24 Nov 2007 00:53:23 -0500 |
Dan |
Fixed a number of issues with SQL query readability and some undefined index-ish errors; consequently the SQL report feature was added
|
file |
diff |
annotate
|
Sun, 18 Nov 2007 18:44:55 -0500 |
Dan |
Major fixes to the ban system - large IP match lists don't slow down the server miserably anymore.
|
file |
diff |
annotate
|
Sat, 17 Nov 2007 20:31:01 -0500 |
Dan |
Major improvements in the security of the CAPTCHA system (no SQL injection or anything like that); fixed denied form submission due to _af_acting on form object wrongly switched to true
|
file |
diff |
annotate
|
Sat, 20 Oct 2007 11:11:40 -0400 |
Dan |
Implemented cron image into Oxygen and St Patty as promised; fixed way-outdated version numbers in plugins
|
file |
diff |
annotate
|
Tue, 18 Sep 2007 00:30:43 -0400 |
Dan |
Fully implemented password complexity enforcement; added encryption for passwords on registration form; some baby steps taken towards supporting international usernames - this is not working very well, we might need a hackish fix; TODO: implement password strength meter into installer UI and get international usernames 100% working
|
file |
diff |
annotate
|
Sat, 08 Sep 2007 14:04:15 -0400 |
Dan |
Merging Nighthawk and Scribus repositories
|
file |
diff |
annotate
|
Sat, 08 Sep 2007 14:02:19 -0400 |
Dan |
Fixed some rather major bugs in the registration system, this will need a release followup
|
file |
diff |
annotate
|
Fri, 07 Sep 2007 16:27:40 -0400 |
Dan |
Merging Scribus and Nighthawk repositories
|
file |
diff |
annotate
|
Thu, 06 Sep 2007 23:03:51 -0400 |
Dan |
Made most special pages "visible"; fixup for non-existent special page redirect in paths.php; rewrote Special:AllPages to have pagination (WiP, Special:SpecialPages is possibly next, depending on whether paginate_array works or not)
|
file |
diff |
annotate
|
Tue, 04 Sep 2007 12:52:23 -0400 |
Dan |
Fixed the obnoxious issue with forms using GET and index.php?title=Foo URL scheme (this works a whole lot better than MediaWiki now
|
file |
diff |
annotate
|
Sat, 01 Sep 2007 23:29:33 -0400 |
Dan |
Added registration date column to members list
|
file |
diff |
annotate
|
Sun, 26 Aug 2007 22:52:38 -0400 |
Dan |
Added search function for memberlist
|
file |
diff |
annotate
|
Sun, 26 Aug 2007 20:45:33 -0400 |
Dan |
Several major improvements: Memberlist page added (planned since about beta 2), page group support added for non-JS ACL editor (oops!), and attempting to view a page for which you lack read permissions will get you logged.
|
file |
diff |
annotate
|