XOOPS v2 Changelog ============================ 2004/06/14: Version 2.0.7 =============================== !! SECURITY FIX !! preventing code injection in media uploader (skalpa) !! SECURITY FIX !! preventing execution of external scripts in shared environments (skalpa/ackbarr) Fixed bug #963937: Typo in modules/system/admin/findusers/main.php (mithrandir/tom_g3x) Fixed typo in x2t theme css colteaser class definition (w4z004) Set formButton class to Xoops popups buttons (w4z004) Fixed bug #960970: Incorrect display of the graphical pagenav (w4z004) Modified the Word Censoring fix (#962025) for MySQL 4.x compat (skalpa + quick thx 2 hervet 4 help) Ensured page title and slogan are escaped for HTML (onokazu) Fixed bug #961565: Search form keywords not checked by JS (mithrandir/tom_g3x) Fixed bug #961118 in XoopsFormElementTray::getElements() (mithrandir/luckec) Fixed bug #961311: Incorrect definition of headers var in XoopsMailer class (mithrandir/tom_g3x) XoopsForm::assign() now indexes elements by name if possible (mithrandir/kerkness) Fixed bug #963197: xoopsHiddenText is hardcoded in formdhtmlarea (mithrandir/tom_g3x) Fixed bug #963301: XoopsMediaUploader checkMaxHeight() doesn't work (skalpa/onokazu) Fixed bug #963327: XoopsImageHandler delete() keeps rows in imagebody table (skalpa/tom_g3x) Fixed bug #962025: Word censoring can mess db config options up (skalpa/tom_g3x) Fixed bug #961313: XoopsMailer custom headers are duplicated (skalpa/tom_g3x) Fixed bug #960683: [code] wrong translation (skalpa/ryuji+gi_joe) Fixed snoopy bug due to language specific characters (onokazu) Fixed a bug preventing deletion of users from the admin user search results (onokazu) Fixed a bug preventing deletion of admin users (onokazu) Fixed bug #915976: module onInstall feature doesn't display module messages correctly (skalpa/feugy+dave_l) Fixed bug #898776: Xoops module resolution for www.host.com and host.com (wulff_dk) Fixed bug #906282: XoopsGroupPermForm::render() - throws Undefined variable (mithrandir) Fixed bug #946621: Comments system extra_param not working with register_globals off (mithrandir/gstarrett) Fixed bug #932200: Admin > Edit user shows wrong username :-(mithrandir) Fixed bug #936753: $xoops_module_header not in all themes (w4z004) Fixed bug #921930: SQL queries with leading whitespace don't work (mithrandir) Fixed bug #920480: xoops_substr always adds three dots (skalpa) Fixed bug #921448: Undefined variable in xoopscodes.php (skalpa/dave_l) Applied patch #953063: js Calendar first popup date bug fix (mithrandir/venezia) Applied patch #953060: xoopstree.php selbox - subcategories not ordered (mithrandir/venezia) Applied patch #928503: Only show search results for modules with granted permissions (mithrandir/malanciault) Fixed bug #922152 preventing notifications to work with some Windows configurations (skalpa/robekras) Fixed bug #930351 preventing XoopsThemeForm::insertBreak() to work Corrected the content of $xoopsRequestUri on IIS fixing bug #895984 (skalpa) 2/6/2004: Version 2.0.6 =============================== - Removed calls to XoopsHandlerRegistry class (onokazu) - Fixed loop problem after retrieving a lost password (onokazu) - Changed all include() calls to include_once() for xoopscodes.php (onokazu) - Added routines to remove users from the online member list when a user is deleted (onokazu) - Added parameters to the Critreria class constructor to allow the use of DB functions in SQL criteria (skalpa) - Added fetchBoth() method to the XoopsDatabase class (skalpa) - Fixed typos in class/smarty/plugins/resource.db.php (skalpa) - Refactoring in /class/xoopsform/form.php (skalpa) - Added some methods to /class/xoopsform/formelement.php to allow the use of accesskey and class attributes in form element tags (skalpa) - Fixed extra HTML tags not being displayed when using the XoopsThemeForm::insertBreak() method (Catzwolf) - Changed the default HTTP method of the search form to GET (onokazu) - Fixed notification constants not being included during installation (onokazu) - Fixed session data not being properly escaped before inserting to the database (onokazu) - Some useful changes to the group permission form (onokazu) - Fixed the block cachetime selection being reset after preview (onokazu) - Fixed invalid regex patterns used for username filtering, also added fix to allow the safe use of multi-byte characters in username (contributed by GIJOE) - Fixed bug where some blocks were not being displayed in block admin page on certain occasions (onokazu) - Fixed the problem of system admin icon disappearing on certain occasions (onokazu) - Fixed the errorhandler class to check the current error_reporting level before handleing errors (onokazu) - Re-activated the errorhandler class (onokazu) - Updated class/Snoopy.php to the latest version, v1.01 (onokazu) - Fixed a typo in kernel/online.php (onokazu) - Added some useful functions to include/xoops.js (skalpa) - Fix for Opera in include/xoops.js (onokazu) - Fixed user bio and signature values causing corruption in the edit profile form on certain occasions (onokazu) - Fixed the module name being reset to the default value after module update (onokazu) - Fixed invalid regex patterns in xoopslists.php (onokazu) - Fixed a few issues with register_globals setting - Fix for the auto-login feature (not activated) - Fixed image categories not being displayed in the order set by admin (onokazu)- Fixed a typo in kernel/config.php (onokazu) - Fixed comments not being displayed in the order as requested (onokazu) - Fixed the mailer class not setting some header values (onokazu) - Fixed chmod problem in class/uploader.php - Fixed magic_quotes related problems in class/uploader.php - Fixed notification routines causing a fatal error while trying to notify non-existent users (onokazu) - Added fix to convert & to & within mail messages (onokazu) - Fixed html special characters causing problem when submitting a new module name (onokazu) - Fixed javascript error in mailuser form (onokazu) - Fixed javascript error in calendar date select form - Added a new Smarty function <{xoops_link}> (skalpa) - Added check to prevent webmaster user/group from being removed completely (contributed by Ryuji) newbb - Security fix in modules/newbb/viewtopic.php (onokazu) - Security fix in modules/newbb/viewforum.php (onokazu) - Added register_globals related fix to topicmanager.php (onokazu) - Fixed topic moderation icons not being displayed for moderators in templates/newbb_thread.html (onokazu) - Fixed topic time not being displayed in recent posts block on certain occasions in blocks/newbb_new.php (onokazu) - Added fix to correctly navigate to the requested post even when the post is not on the first page of flat view (contrib by GIJOE in class/forumpost.php, viewtopic.php, viewforum.php) sections - Added missing global variable declarations to index.php (onokazu) mydownloads - Added register_globals related fix to modfile.php (onokazu) news - Added fix to always display published date in each article (onokazu) - Added missing ?> at the end of file in xoops_version.php (onokazu) - Some fixes in admin/index.php xoopspolls - Fixed color bar selections not working when creating/editing a new poll (onokazu) xoopsmembers - Fixed 'more than X posts' not working when set to 0 (onokazu) - Added a new language constant to language/english/main.php (Catzwolf) - Removed invalid HTML tags in templates/xoopsmembers_searchresults.html (Catzwolf) 1/5/2004: Version 2.0.5.2 =============================== - Security fix in modules/mylinks/myheader.php - Security fix in modules/mylinks/visit.php - Security fix in modules/mylinks/admin/index.php 11/22/2003: Version 2.0.5.1 =============================== - Added $option parameter to xoops_gethandler function (skalpa) - Security fix in banners.php (onokazu) - Security fix in modules/newss/include/forumform.inc.php (onokazu) - Security fix in include/common.php (onokazu) - Temporarily disabled XoopsErrorHandler class (onokazu) - Security fix in include/functions.php (onokazu) - Removed XoopsHandlerRegistry class (onokazu) - Added fix for preventing users entering infinite loop when recovering a lost password (onokazu) 10/8/2003: Version 2.0.5 =============================== - Fixed template files not being updated even when the 'allow update from themes directory' option was enabled in preferences - Fixed RSS channel title being cutoff at special characters - Minor bug fix in pagenav.php - Fixed blocks disappearing from the block admin page on certain occasion - Additional fixes to work with register_globals off - Fixed problem with XoopsCode Img button not working on certain occasion - Added missing SQL query in kernel/avatar.php - Fixed problem with the newbb module where users could post without a thread title on certain occasion - Fixed problem in banner admin page where banner edit form not being displayed on certain occasion - Fixed group selection option in the blocks admin page not being selected on certain occasion - Fixed poll option textbox forms not displaying the correct values - Fixed show all link in user profile page not working in 2.0.5RC - Additional phrases in language/english/global.php(_NOTITLE), language/english/search.php(_SR_IGNOREDWORDS), install/language/english/install.php(_INSTALL_L128, _INSTALL_L200) - Added check in install/index.php to read $HTTP_ACCEPT_LANGUAGE on initial load 9/30/2003: Version 2.0.5 RC =============================== - Fixed email checking bug mentioned in http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=12288&forum=2 (mvandam) - Fixed a number of bugs in blocks admin page (onokazu) - More usability fix in blocks admin page (onokazu) - Fixed forum topic links to correctly use the # feature in url (onokazu) - Fixed password checking bug mentioned in http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=12301&post_id=49369&order=0&viewmode=flat&pid=49203&forum=21#forumpost49369 - Fixed database connection error when creating database during install (onokazu) - Fixed mb_output_handler causing problems in backend.php/image.php/downloader (onokazu) - Fixed search feature to use GET requests for prev/next/showall links (onokazu) - Register_globals related fix in /include/comment_post.php (contrib by gstarrett) - Added $xoopsUserIsAdmin global variable (onokazu) - Added xoops_getLinkedUnameById function to /include/functions.php (Catzwolf) - Fixed invalid Smarty tags in /modules/system/templates/system_siteclosed.html, /modules/system/templates/system_redirect.html, /modules/system/templates/system_imagemanager2.html (onokazu) 9/19/2003: Version 2.0.4 =============================== - XOOPS_CACHE_PATH, XOOPS_UPLOAD_PATH, XOOPS_THEME_PATH", XOOPS_COMPILE_PATH, XOOPS_THEME_URL, XOOPS_UPLOAD_URL are now set in include/common.php (onokazu) - Added [siteurl][/siteurl] tag to XoopsCode (mvandam) - Fixed a typo in class/uploader.php (onokazu) - Fixed some redirect problems after login (onokazu) - registre_globals fix in include/comment_view.php (onokazu) - Xoops.org news is disabled by default in the admin section (onokazu) - Added a new error handler class (class/errorhandler.php) (mvandam) - Fixed XoopsGroupPermHandler returning duplicate permissions (onokazu) - Fixed block-disappearing problem in blocks admin (onokazu) - Fixed typo in kernel/notification.php (mvandam) - Added XoopsGuestUser class in kernel/user.php (onokazu) - Fixed newbb module to correctly use the # feature in URL (onokazu) - Improved usability in blocks admin section - Reduced number of users to display in group/edituser page to max 200 users (onokazu) - Fixed bug where admins could add users with a existing username (onokazu) - Added files for module developers to easily add group permisson feature (modules/system/groupperm.php, class/xoopsform/groupperm.php) (onokazu) - Fixed typo in register.php (onokazu) 6/17/2003: Version 2.0.3 =============================== - fixed CSS related bug in global search page - register_globals bug fix in comments - Smarty updated to 2.5.0 - fixed typo in kernel/object.php - fixed group permission bug - fixed bug where image categories were deleted after group permission update - fixed bug where user votes could not be deleted in the mylinks module - fixed some language typos - changed XoopsGroupPermHandler::getItemIds to accept an array fot the second parameter (gperm_groupid), which was required in certain places.. - removed avatar image files 4/25/2003: Version 2.0.2 =============================== - security fix to prevent malicious cross site scripting attacks (onokazu) - fixed character encoding problem for some languages when using the mailer class (onokazu) - fixed some major bugs in the xoopsheadline module (onokazu) - fixed some cookie related problems in the forums module (mvandam) 4/18/2003: Version 2.0.1 =============================== - fixed bug where notification feature could not be turned on - fixed character encoding problem for some languages when using the mailer class (onokazu) - fixed the theme selection block to work again - fixed typo in kernel/module.php - fixed incorrect table name in xoops_version.php of the new headline module - changed max limit size of some columns in the configoption table - fixed image manager bug when using db store method - xoops.org can now be disabled by adding nonews=1 4/16/2003: Version 2.0.0 =============================== - xoopsheadlines module replaced with xoopsheadline module to fix character encoding problems - numerous bug fixes 3/19/2003: Version 2.0.0 RC3 =============================== - a major change in the handling of theme files, the detail of which you can read in this [url=http://www.xoops.org/modules/news/article.php?storyid=677]article[/url] (onokazu) - a new global notification feature that can easily be incorporated into modules (that use Smarty) by only modifying xoops_version.php and template files (mvandam) - SMTP support using phpMailer (bunny) - group permission tables merged into one table (onokazu) - code refactoring 2/9/2003: Version 2.0.0 RC2 =============================== A bug fix release.. - avatar upload bug - themeset image upload bug - register_globals fix - recommend us block error - error message displayed upon submit of news article - page navigation bug in some modules - blank page bug on some servers - SQL displayed in blocks admin 1/31/2003: Version 2.0.0 RC1 =============================== The first public release of 2.0 series. For new features that have been added from 1.3.x, please refer to the articles listed below: http://www.xoops.org/modules/news/article.php?storyid=486 http://www.xoops.org/modules/news/article.php?storyid=549 http://www.xoops.org/modules/xoopsdocs/index.php?cat_id=6