Dan [Fri, 20 Mar 2009 09:13:17 -0400] rev 870
Swapped in a new theme selector.
Dan [Wed, 18 Mar 2009 11:35:28 -0400] rev 869
Plugins: Added checks and additional warning for authentication plugins.
Dan [Sun, 15 Mar 2009 11:15:16 -0400] rev 868
Special:About_Enano should be up to date for another 9 months.
Dan [Sun, 15 Mar 2009 11:09:02 -0400] rev 867
Moved gzip and aggressive_optimize_html calls to output.php
Dan [Sun, 15 Mar 2009 11:08:07 -0400] rev 866
Fixed a bug in default namespace handler: referenced global page_id instead of local
Dan [Sun, 15 Mar 2009 11:07:28 -0400] rev 865
New template feature: template hooks (<!-- HOOK foo -->)
Dan [Sat, 14 Mar 2009 15:26:33 -0400] rev 864
Dynano: don't try to destroy MCE if window.tinymce is invalid
Dan [Sat, 14 Mar 2009 15:26:19 -0400] rev 863
SQL parse: fix improper mid-query newline handling
Dan [Sat, 14 Mar 2009 15:25:55 -0400] rev 862
Installer: pgsql main schema: fixed missing page_format in logs
Dan [Sat, 14 Mar 2009 15:25:23 -0400] rev 861
Installer: payload: Minor performance tweak
Dan [Sat, 14 Mar 2009 15:24:56 -0400] rev 860
DBAL: Fixed missing $loc in pgsql die_json()
Dan [Sat, 14 Mar 2009 14:14:41 -0400] rev 859
Removed some stray PunBB CSS files (thanks Neal)
Dan [Sat, 14 Mar 2009 14:14:24 -0400] rev 858
install-cli: Fixed wrong language string id for $driver
Dan [Sat, 14 Mar 2009 14:06:02 -0400] rev 857
Added support for alternate port numbers on database servers. Also in install-cli, merged in new sysreqs functionality.
Dan [Fri, 06 Mar 2009 11:19:55 -0500] rev 856
template: added ability for themes to hide user, tools, and search sidebar blocks
Dan [Fri, 06 Mar 2009 11:19:29 -0500] rev 855
Change to search behavior for heading+link in sidebar collapse code
Dan [Fri, 06 Mar 2009 11:18:34 -0500] rev 854
MessageBox: fixed: load fadefilter when aclDisableTransitionFX on
Dan [Fri, 06 Mar 2009 11:17:47 -0500] rev 853
Added ability for jBox to align submenu position to right of parent button instead of left
Dan [Mon, 02 Mar 2009 17:05:27 -0500] rev 852
Installer: minor: added a box on sysreqs success
Dan [Mon, 02 Mar 2009 16:46:10 -0500] rev 851
Redesigned installer sysreqs page to cover more features, be more comprehensive, and look better
Dan [Mon, 02 Mar 2009 16:45:28 -0500] rev 850
Installer: fixed load of lang_js on finish
Dan [Sun, 01 Mar 2009 22:52:31 -0500] rev 849
jQuery: updated to latest jQuery + jQuery UI
Dan [Sun, 01 Mar 2009 22:52:20 -0500] rev 848
Template: addslashes() around wiki_edit_notice_text (whoops)
Dan [Sat, 28 Feb 2009 14:38:10 -0500] rev 847
http: minor fix to tolerate missing SERVER_SOFTWARE
Dan [Thu, 26 Feb 2009 01:28:18 -0500] rev 846
Plugin backend: bugfix: installing a plugin should now properly import its strings
Dan [Thu, 26 Feb 2009 01:27:56 -0500] rev 845
Set password in userinfo to allow auth plugins to see it (some really do need it)
Dan [Thu, 26 Feb 2009 01:27:23 -0500] rev 844
Plugin manager: system plugins now sorted to last
Dan [Thu, 26 Feb 2009 01:07:32 -0500] rev 843
Added possibility for auth plugins, which can log a user in using non-standard authentication methods.
Dan [Thu, 26 Feb 2009 01:06:58 -0500] rev 842
setConfig() will now delete config values if the second parameter is explicitly set to false
Dan [Thu, 26 Feb 2009 01:04:27 -0500] rev 841
HMAC functions are now standards-compliant (not a security issue). This BREAKS 1.1.6-hg passwords!
Dan [Thu, 26 Feb 2009 01:03:22 -0500] rev 840
Added a basic plugin/hook framework for Javascript
Dan [Thu, 26 Feb 2009 01:02:50 -0500] rev 839
[minor] changed heading format in mainpage-default
Dan [Thu, 26 Feb 2009 01:02:33 -0500] rev 838
Fixed default ACLs
Dan [Thu, 26 Feb 2009 01:02:00 -0500] rev 837
Added color specifications on input fields for admin and oxygen
Dan [Wed, 25 Feb 2009 13:39:49 -0500] rev 836
Blah. Wrong type for those getConfig values.
Dan [Wed, 25 Feb 2009 13:38:21 -0500] rev 835
Fixed: no default values in for avatar upload settings
Dan [Mon, 16 Feb 2009 17:12:02 -0500] rev 834
[Oops] removed debug message in install-cli
Dan [Mon, 16 Feb 2009 17:01:56 -0500] rev 833
Damn, forgot to add the version insertion back into schema
Dan [Mon, 16 Feb 2009 16:17:25 -0500] rev 832
Major redesign of rendering pipeline that separates pages saved with MCE from pages saved with the plaintext editor (full description in long commit message)
- Pages are now stored with an extra metadata field called page_format which is "wikitext" or "xhtml"
- New $flags parameter + RENDER_* constants added that control RenderMan::render() behavior
- Several other changes:
* Added a sprite API for Javascript and made editor use sprites when possible
* Removed a number of config options from the default install schema, replaced with second parameter to getConfig() calls
* MessageBox in editor mostly replaced with miniPrompt
* A few bugfixes related to password changes (registration didn't even work)
* Rewrote the bitfield compression algorithm used to serialize allowed MIME types
* Fixed some typos in language files and strings
* Fixed a Text_Wiki bug in Heading parser
Dan [Mon, 16 Feb 2009 16:04:54 -0500] rev 831
Made all page_id and namespace columns consistent
Dan [Mon, 16 Feb 2009 16:04:31 -0500] rev 830
Added Unicode support for usernames and passwords (this is probably best considered a JS crypto bug)
Dan [Mon, 16 Feb 2009 13:01:35 -0500] rev 829
Fixed https urls not allowed in user_extra CPs; fixed nonworking password reset in admin CP
Dan [Mon, 26 Jan 2009 11:45:48 -0500] rev 828
Added a few hooks to Admin:GeneralConfig (didn't I do this already?)
Dan [Sun, 25 Jan 2009 21:21:07 -0500] rev 827
Merging Nighthawk (anti-spam work) and Scribus (AJAX work + debugging + CLI installer) branches
Dan [Sun, 25 Jan 2009 21:20:14 -0500] rev 826
Replaced integer checks that used preg_match() to use ctype_digit() instead
Dan [Sun, 25 Jan 2009 21:18:05 -0500] rev 825
Added (very basic) spam filtering plugin support. Plugins can mark a message as spam by hooking into the spam check API, which is documented in functions.php. No spam checking functionality is built-in.
Dan [Sun, 25 Jan 2009 20:35:32 -0500] rev 824
Login: reauth: window.location.hash is now updated to include the new SID so that page reloads will use it
Dan [Sun, 25 Jan 2009 20:35:06 -0500] rev 823
AJAX core library: possible breaking change, readystatechange functions are now called with the XHR instance as the first parameter, to allow requests to run in parallel. This means much better stability but may break some applets (compatibility hack is included)
Dan [Sun, 25 Jan 2009 20:27:14 -0500] rev 822
Oxygen: synced mint style
Dan [Sun, 25 Jan 2009 20:26:50 -0500] rev 821
PageProcessor: fix not setting page_exists to true after create_page() success (todo: move to Namespace_*?); add $visible parameter to create_page()
Dan [Sun, 25 Jan 2009 20:24:38 -0500] rev 820
Change config.new.php and .htaccess.new to have a single newline according to Fedora project guidelines
Dan [Fri, 23 Jan 2009 22:03:39 -0500] rev 819
Installer: add RewriteBase to .htaccess to work properly under aliased Apache setups (generated 404s in QA)
Dan [Fri, 23 Jan 2009 21:59:03 -0500] rev 818
A few bugfixes in CLI installer related to interactivity
Dan [Sat, 17 Jan 2009 15:16:36 -0500] rev 817
SECURITY: Fix XSS under IE in closing tags (shared sanitizer)
Dan [Fri, 16 Jan 2009 13:14:08 -0500] rev 816
Fixed login form being focused too early (caused page to scroll up)
Dan [Fri, 16 Jan 2009 13:13:37 -0500] rev 815
Deprecated old grab_password_hash() functions in session
Dan [Fri, 16 Jan 2009 13:13:03 -0500] rev 814
Whoops! Fixed an SQL injection vulnerability in the CLI installer. (Not like it's a huge deal because the vulnerability was only introduced last commit and if you make it to that stage you already know the database password)
Dan [Wed, 14 Jan 2009 23:29:14 -0500] rev 813
Added already-installed check to cli-core
Dan [Wed, 14 Jan 2009 20:33:05 -0500] rev 812
Added CLI installer. Supports interactive, command-line, and internal-call installation. Fixed a few bugs related to anti-SQL injection parser and plugin installation.
Dan [Sun, 11 Jan 2009 21:37:49 -0500] rev 811
Added support for live re-auth and de-auth; fully AJAX, no page reload required, plus plugin-usable API.