Dan [Sun, 25 Jan 2009 21:21:07 -0500] rev 827
Merging Nighthawk (anti-spam work) and Scribus (AJAX work + debugging + CLI installer) branches
Dan [Sun, 25 Jan 2009 21:20:14 -0500] rev 826
Replaced integer checks that used preg_match() to use ctype_digit() instead
Dan [Sun, 25 Jan 2009 21:18:05 -0500] rev 825
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan [Sun, 25 Jan 2009 20:35:32 -0500] rev 824
Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan [Sun, 25 Jan 2009 20:35:06 -0500] rev 823
AJAX core library: possible breaking change, readystatechange functions are now called with the XHR instance as the first parameter, to allow requests to run in parallel. This means much better stability but may break some applets (compatibility hack is included)
Dan [Sun, 25 Jan 2009 20:27:14 -0500] rev 822
Oxygen: synced mint style
Dan [Sun, 25 Jan 2009 20:26:50 -0500] rev 821
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan [Sun, 25 Jan 2009 20:24:38 -0500] rev 820
Change config.new.php and .htaccess.new to have a single newline according to Fedora project guidelines
Dan [Fri, 23 Jan 2009 22:03:39 -0500] rev 819
Installer: add RewriteBase to .htaccess to work properly under aliased Apache setups (generated 404s in QA)
Dan [Fri, 23 Jan 2009 21:59:03 -0500] rev 818
A few bugfixes in CLI installer related to interactivity
Dan [Sat, 17 Jan 2009 15:16:36 -0500] rev 817
SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Dan [Fri, 16 Jan 2009 13:14:08 -0500] rev 816
Fixed login form being focused too early (caused page to scroll up)
Dan [Fri, 16 Jan 2009 13:13:37 -0500] rev 815
Deprecated old grab_password_hash() functions in session
Dan [Fri, 16 Jan 2009 13:13:03 -0500] rev 814
Whoops! Fixed an SQL injection vulnerability in the CLI installer. (Not like it's a huge deal because the vulnerability was only introduced last commit and if you make it to that stage you already know the database password)
Dan [Wed, 14 Jan 2009 23:29:14 -0500] rev 813
Added already-installed check to cli-core
Dan [Wed, 14 Jan 2009 20:33:05 -0500] rev 812
Added CLI installer. Supports interactive, command-line, and internal-call installation. Fixed a few bugs related to anti-SQL injection parser and plugin installation.
Dan [Sun, 11 Jan 2009 21:37:49 -0500] rev 811
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.
Dan [Sun, 11 Jan 2009 21:37:39 -0500] rev 810
JS core: whiteOutReportSuccess now has a sister whiteOutReportFailure(); both abstracted to function whiteOutDestroyWithImage(whitey, image_url)
Dan [Sun, 11 Jan 2009 21:36:36 -0500] rev 809
DBAL: Fixed issues with die_json() and multiline responses from {mysql,pg_last}_error()
Dan [Sun, 11 Jan 2009 21:35:39 -0500] rev 808
Plugin manager: added support for having specific install and uninstall blocks per DBMS
Dan [Sun, 11 Jan 2009 21:35:03 -0500] rev 807
Special:Administration: fixed 404 on several Tigra tree menu images
Dan [Sun, 11 Jan 2009 21:34:27 -0500] rev 806
jBox: When an anchor in a menu is clicked, menu is now hidden
Dan [Sun, 11 Jan 2009 21:32:24 -0500] rev 805
Fix undefined variable in special namespace missing function handler
Dan [Sun, 11 Jan 2009 21:31:27 -0500] rev 804
If there's an onlineupgrade.php, installer index.php will link to that instead of upgrade.php (future readiness ;))
Dan [Sun, 11 Jan 2009 21:30:46 -0500] rev 803
Fix version number warning in installer common
Dan [Sun, 04 Jan 2009 01:43:16 -0500] rev 802
Upgrades should work now.
Dan [Sun, 04 Jan 2009 00:55:40 -0500] rev 801
Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan [Sat, 03 Jan 2009 18:11:18 -0500] rev 800
Major underlying changes to namespace handling. Each namespace is handled by its own class which extends Namespace_Default. Much greater customization/pluggability potential, at the possible expense of some code reusing (though code reusing has been avoided thus far). Also a bit better handling of page passwords [SECURITY].