Dotclear

source: CHANGELOG @ 4046:0e0075d2cc78

Revision 4046:0e0075d2cc78, 42.1 KB checked in by franck <carnet.franck.paul@…>, 4 years ago (diff)

Merge 2.15.2 release

Line 
1Dotclear 2.15.2 - 2019-10-01
2===========================================================
3* Fix: Ajax saving of files in theme editor when using codemirror
4* Fix: Video insertion with CKEditor or LegacyEditor
5* Fix: Badge position for dashboard modules counters
6
7Dotclear 2.15.1 - 2019-08-29
8===========================================================
9* Fix: SQL request for CSP unsafe-inline setting
10* Fix: CKEditor configuration for foreign language (unabled to save post modifications)
11
12Dotclear 2.15 - 2019-08-13
13===========================================================
14* 🐘 PHP 5.6+ is required, PHP 7.3 compliance
15* Add drag'n'drop sorting system for dashboard blocks
16* Backend context is preserved on switching blog (as far as possible, depending on user's grants)
17* No more inline javascript, default/install CSP directive modified accordingly
18* Add settings (in maintenance plugin) for CSP system
19* Set correct lang attribute (useful for browser/editor spelling) for content (post/page) depending on entry setting, and CK editor UI in user language
20* Add spellcheck="true" attribute on input/textarea
21* Refactoring of notices/messages system on backend
22* Add undo/redo buttons to CKEditor toolbar
23* Add title/legend reminder on media popup insertion (1st tab)
24* Add font loading capabilities for ?pf= system - plugin are now able to load css fonts
25* Add WebP image format support to Dotclear (may depends on your server PHP capabilities)
26* Add <sub>…</sub> support in Dotclear wiki, syntax : _indice_
27* Template system: Allow ?sub for category/categories attributes of tpl:EntryIf, and for url/urls attributes of tpl:CategoryIf
28* Responsive tables/lists (posts, pages, users, …)
29* Spams preview (administrative board) now shows HTML code rather than interpreted content
30* Fix: port used behind reverse proxy (Clearbricks)
31* Lib: Update Codemirror to 5.48.0
32* Lib: Update CKEditor to 4.12.0
33* 🗑 → No more flash players (flv,mp3)
34* 🐛 → Various bugs, a11y concerns and typos fixed
35* 🌼 → Some locales and cosmetic adjustments
36
37Dotclear 2.14.3 - 2018-09-26
38===========================================================
39* 🛡 Security: Avoid XML upload in media manager
40* Fix: Upgrade modification for media_exclusion default setting
41* Fix: cope with PHP.ini setting memory_limit set to -1 (unlimited)
42
43Dotclear 2.14.2 - 2018-09-04
44===========================================================
45* 🛡 Security: Authenticated cross-site scripting (XSS) was possible due to the .ahtml (or .bhtml, .chtml, …) file extension being allowed in the media manager. Thank's Josiah Pierce for report (CVE-2018-16358)
46* 🛡 Security: Unregister phar wrapper in order to avoid PHP Phar extension vulerability
47* Fix: Enter key in some input fields were not redirect to the parent form
48* Fix: Unable to save modified theme's files in theme editor, when Codemirror is used
49* Fix: Back to the original global_filters() template function (will be rewritten in the next 2.15)
50
51Dotclear 2.14.1 - 2018-08-17
52===========================================================
53* 🐘 PHP 5.6+ is required - PHP 5.5 is buggy with the 2.14 release
54* Fix: install wizzard was broken
55* Fix: smallest admin font size was set when saving user prefs
56* Fix: minifying JS scripts may cause problems with regular expressions
57* Fix: empty JS var was set for syntax coloration if disabled
58
59Dotclear 2.14 - 2018-08-13
60===========================================================
61* 🛡 Security: Fix potential reflective XSS, thank's Zekvan Arslan for report (via Daniel Bishtawi from https://www.netsparker.com/)
62* 🐘 PHP 7.2 compliance
63* Use specialized fields whenever it's possible (email, …)
64* Add definition list capabilities (dl, dt, dd) to wiki (= <term>, : <definition>)
65* Add <sup>…</sup> support in wiki, syntax : ^exponant^
66* Add syntax property/method to dblayer driver
67* Replace some js oriented background fading by CSS3 animation
68* Enhance some visual focus indicators
69* Enhance key event management in popup (Esc, Enter, …)
70* Template filters may now be extended (or modified) by 3rd party plugins (via behaviors)
71* PSR-2 code formatting as far as possible (work in progress)
72* Add two new ways to order tags (by oldest or newest associated post publication date)
73* Update Codemirror to 5.38.0
74* Update CKEditor to 4.9.2
75* Update jQuery migrate plugin to 1.4.1
76* Update jQuery UI (custom) 1.12.1
77* Add a dark mode (via user preferences) for administration, CSS refactoring
78* Animate some counters on dashboard icons (nb of comments, spam comments and posts)
79* 🐛 → Various bugs and typos fixed
80* 🌼 → Some locales and cosmetic adjustments
81
82Dotclear 2.13.1 - 2018-01-27
83===========================================================
84* Fix: Weird behaviour of theme editor when typing any of "t", "r", "u" and "e" characters
85* Fix: Unable to save an entry with dcLegacyEditor in XHTML mode, visual pane
86
87Dotclear 2.13 - 2018-01-13
88===========================================================
89* 🐘 PHP 5.5+ is required
90* 🛡 Security: New password management system (including silent migration)
91* 🛡 Security: Add Referrer-Policy header in admin pages
92* 🛡 Security: Fix potential XSS - thank's Trí Chim Trích for report
93* Dotclear news are now displayed in async way by js
94* Dotclear core update check is now done by async js - a forced check may still be done on <admin>/update.php page
95* Add utf8mb4 driver (MySQL server 5.7.7+)
96* Add target="blank" option in simpleMenu
97* Update CKEditor from 4.6.2 to 4.7.3
98* Update CodeMirror from 5.25.1 to 5.32.1
99* Add required attribute for mandatory fields
100* Fix: Avoid horizontal scrolling table when longest comment's usernames in list of comments
101* Fix: Cope with MySQLi connection via socket
102* Fix: Error messages markup and styling
103* Fix: Set caret at the end of the inserted thing (img, url, blockquote, …) in Legacy editor if current selection is empty
104* Fix: Cope with query part only in SimpleMenu URLs
105* 🐛 → Various bugs and typos fixed
106* 🌼 → Some locales and cosmetic adjustments
107
108Dotclear 2.12.2 - merged in 2.13
109===========================================================
110* Fix: lang attribute was missing on entry alone contexts for currywurst and dotty templatesets
111* Fix: Add http:// protocol before media.dotaddict.org for csp_admin_img
112* Fix: tpl:sysIf blog_lang generated code
113* Fix: Duplicate auto-generated URI (entries)
114* Fix: Do not use border and background on select to use the system aspect of them in Firefox.
115* Fix: For select element, target Safari to cope with font-size select/option problem.
116* Fix: Error messages styling
117
118Dotclear 2.12.1 - 2017-08-13
119===========================================================
120* Fix: 3rd party filters for template tags (std filters are not more modifiable)
121* Fix: Media filename are now used without modification for media title on upload (advanced mode)
122
123Dotclear 2.12 - 2017-07-27
124===========================================================
125* 🛡 Security: Fix potential XSS
126* 🛡 Security: Enforce uniqness of the recovery key
127* 🛡 Security: Switch hash method from sha1 to sha512 (new installation only)
128* Two new values for base font size (37.5% and 87.5%)
129* Adaptive admin font size is now optional
130* Reduce base font size on very small devices
131* Refactor some functions to closures
132* No CSP directives in safe mode
133* Add current blog domain for script and style CSP directives
134* Backlinks:
135  * Retrieving ping URLs, let trackback first, then pingback, then finally webmention
136  * Get source post content to compose webmention excerpt and retrieve title
137  * Use source post title as blog name if this one is unknown (Anonymous blog is used if neither title nor blog name are known)
138* Datepicker's look refreshed
139* Allow 3rd party additional headers (URL handler)
140* Dublin core metadata removed
141* Using theme\<theme_name> namespace for _public.php and _prepend.php, in order to simplify theme copy and hack
142* Temporary password will have to be changed at first login (after resetting password)
143* Add ukrainian language
144* French help updated for theme editor
145* Add an option to disable Dotclear updates check (super-admin only)
146* Fix: Blogs’ admin (ie not super-admin) got back their blogs’ list but only super-admin may do actions
147* Fix: Post/page edition layout on different screen sizes
148* Fix: x-frame-options URL in admin
149* Fix: Cope with several copies of a same smiley in content
150* Fix: Allow 3rd party filters for template tags
151* Fix: Use getURLFor instead of old getBase function for breadcrumb
152* Fix: Give mysql/mysqli driver choice for DC 1.2 import
153* Clearbricks lib update from 0.9 to 1.0
154* jQuery lib update from 2.2.0 to 2.2.4 (last release of jQuery 2.n branch)
155* CKEditor lib update from 4.6.1 to 4.6.2
156* CodeMirror lib update from 5.15.3 to 5.25.1
157* 🐛 → Various bugs and typos fixed
158* 🌼 → Some locales and cosmetic adjustments
159* 📣 Warning: Next major release (2.13) will require PHP 5.5+
160
161Dotclear 2.11.2 - 2016-12-29
162===========================================================
163* Fix: Ensure compatibility with old version of PHP (5.3, 5.4)
164* Fix: New path of CSP report for maintenance deletion task
165* Fix: Broken entry preview
166* Fix: Avoid outgoing link on images in media manager
167* 🌼 → Do not include empty div as it disrupts CSS flexbox system
168
169Dotclear 2.11.1 - 2016-12-28
170===========================================================
171* Fix: admin menu not visible and some plugin admin not accessible with PHP < 5.5
172
173Dotclear 2.11 - 2016-12-28
174===========================================================
175* 🐘 PHP 5.3+ is required
176* 🛡 Security : Prevents XSS injection in media title, thanks smarterbitbybit for report
177* Cope with locale for sorting order if possible (work in progress)
178* Rich-text-editor (xhtml) may be disabled for Blog/Category description, widget's textareas, …
179* Add direct access to module's settings from plugins management page (depends on _define.php of modules)
180* Menus (except favorites) are now lexically sorted (except "new post" item)
181* Add Entry date as sort order in comments list
182* Switch admin CSS to Sass/Compass (work in progress)
183* Add 'l' and 'm' accesskey for editor toolbars, respectively for 'insert link' and 'select media' buttons
184* Add new categories attribute to EntryIf template tag
185* Remove Dublin-core metadata from <head> in template-sets
186* ToolMan (js) not more used, thank's Tim Taylor for all this years together!
187* Soft redesign of administration pages using responsive font-size and OS system fonts (IE 10+)
188* Add a user preference to hide additional/secondary information
189* Add actions on blog list, new sort order: blog status
190* Update CKEditor to 4.6.1
191* Open trackbacks with behaviors and add basic Webmention support
192* Add First Publication mecanism and an option to auto-ping when fired
193* Berlin theme is now based on Dotty template-set
194* Move advanced and plugins blog’s prefs in two separate foldable sections
195* Add legend and title insertion option for image insertion in entry
196* Some notices and messages may be hidden
197* Add urls attribute to CategoryIf template tag
198* CSP: Move admin CSP admin/csp_report.txt to DC_VAR/csp/csp_report.json
199* CSP: Violations are now stored only once in report if repeated
200* a11y: Remove empty link (href=#) from admin
201* Fix: Proxies may use standard HTTP(S) ports and SSL may now run through a proxy
202* Fix: Prevents precondition failed during activated theme update
203* 🐛 → Various bugs and typos fixed
204* 🌼 → A lot of locales and cosmetic adjustments
205* 🚽 → Housecleaning of no more used scripts, images, resources, IE 9- :-)
206
207Dotclear 2.10.4 - 2016-11-02
208===========================================================
209* PostgreSQL < 9.1 fix
210
211Dotclear 2.10.3 - 2016-11-01
212===========================================================
213* Security: Fix CVE-2016-7903: Password Reset Address Spoof — Thank's Hongkun Zeng for report
214* Security: Fix CVE-2016-7902: Media Manager, unrestricted File Upload — Thank's Hongkun Zeng for report
215* CSP: Cope with external sources used in editor's iframe to preview public external content
216* Fix: Cope with post.post_position field during flat import
217* Fix: Prevents precondition failed during currently activated theme update
218* Fix: Remove unecessary header (cope by dotclear) in page plugin
219* Fix: Let some proxies playing with standard http and https ports
220* Fix: Let SSL runs through a proxy, it may be ok, sometimes
221* 🐛 → Various bugs and typos fixed
222
223Dotclear 2.10.2 - 2016-08-17
224===========================================================
225* Update fails with PostgreSQL db support → fixed
226
227Dotclear 2.10.1 - 2016-08-15
228===========================================================
229* CSP (Content-Security-Policies) :
230  * Fix default directive for new installation
231  * Cope with media public URL for media manager
232  * Cope with blog public URL for post/page preview
233* Codemirror lib is now packed as the other Javascript lib are
234
235Dotclear 2.10 - 2016-08-13
236===========================================================
237* Security: Prevents .htaccess upload, thanks wiswat
238* Security: Prevents download of a zip media folder outside root media folder, thanks wiswat
239* Security: Prevents sort of SSRF/XSPA vulnerability in feed import, thanks wiswat
240* Security: Prevents reflected XSS in meda manager, thanks Chen Ruiqi
241* Security: Fix somes vulnerabilities in blogroll plugin, thanks Onur Yılmaz - Netsparker (https://www.netsparker.com)
242* Fix mix-content preview
243* Pure CSS3 sticky footer for admin pages (aka « footer de merde »)
244* Add missing breadcrumb styles for blowup theme
245* Currently logged super-admin may now change it's id wihtout loosing access at next login
246* The favorites icons may now be hidden from dashboard in user preferences
247* Number of posts/pages/comments are now displayed at top of lists, including quick filters depending on their status
248* Search widget has now a placeholder option (HTML5 only)
249* Add Apache 2.4+ directives in .htaccess
250* New favorites media folders (displayed at the top of recent folder list) in media manager
251* New pure HTML5 template set named dotty cloned from currywurst templateset
252* Codemirror lib updated (2.35.0 → 5.15.2) and moved to core:
253  * 40+ Codemirror themes are available — set in user preferences
254  * Fullscreen mode has been added (F11 switching key)
255  * 3rd party plugins may now load and run it with dcPage::jsLoadCodeMirror() and dcPage::jsRunCodeMirror(), see themeEditor plugin for example
256* New mark button for legacy editor (HTML5 only)
257* New with_category attribute for tpl:Entries
258* Add a /var directory:
259  * Set with DC_VAR constant in inc/config.php
260  * Admin URL of a var file should be retrieve with dcPage::getVF()
261  * Public URL of a var file should be retrieve with dcBlog::getVF()
262  * 3rd party plugins should create their own folder inside /var (aka DC_VAR) to keep it correctly organized
263* Emails and web site have been added to the comments filters' list
264* Some columns for posts and pages lists are now optional — set in user preferences
265* Add Post URL sample in blog parameters
266* CKEditor lib update (4.5.8 → 4.6.0)
267* Wiki syntax: new ") <text>" mark to generate aside blocks
268* CSP (Content Security Policies) have been implemented on admin pages:
269  * settings may be adjusted in system settings / about:config → system (see csp_admin… values)
270  * violation reports will be stored in admin/csp_report.txt (PHP 5.4+ only)
271  * new behaviour adminPageHTTPHeaderCSP may be used by 3rd party to adjust CSP directives
272* New behaviour adminPageHTTPheaders
273* New "Go Top" button displayed for long admin pages
274* 🐛 → Various bugs and typos fixed
275* 🌼 → Some locales and cosmetic adjustments
276
277Dotclear 2.9.1 - 2016-03-27
278===========================================================
279* Security: Add shtml extension to default media exclusion extension control, thanks Nitin Venkatesh for report
280* Changing theme is now allowed even with read-only theme folder
281* Audio media are not more preloaded in media manager pages
282* Array settings/prefs are stored with 'array' type rather than 'string'
283* 🐛 → Various bug fixes
284* 🌼 → Some cosmetic adjustments
285
286Dotclear 2.9 - 2016-02-29
287===========================================================
288* Additionnal menu items are now lexically sorted (default items and favorites order will be preserved)
289* Wiki syntax : Added ""marked text"" support (HTML5 only)
290* Session TTL are now adjustable (set DC_SESSION_TTL in inc/config.php)
291* Add behaviors for posts/pages/comments/users lists' columns → let 3rd party plugin playing with them
292* Blog and user lists are now lexically sorted
293* Some new filters have been added for post lists
294* Add a search engine in media manager (looking in filename, title and description metadata)
295* Add recent folders direct access mechanism for the media manager (setting in user prefs)
296* Add a another display mode (list) to the media manager
297* Details about currently selected thumbnail in media manager are now displayed
298* Shortcut access to the upload file form is now displayed on top on media page
299* Default insertion size (width and height) may now be defined for video media
300* Flash player fallback insertion is now optional for audio and video media
301* Modules may have dependencies on Dotclear core version too (using 'core' as module name)
302* Avoid mixed content (http vs https) for post/page preview: will open preview in another window if necessary
303* Finnish translation has been added
304* Content-length header is not more sent in HTTP response (should fix very long delays on some servers)
305* Template engine : add tpl:EntryAuthorEmailMD5 and tpl:EntryCategoryDescription tags
306* A new pref/setting array type is now available (JSON encoded in db)
307* Cope with sort of "un-attached" media → allows new features as "featured media" plugin
308* CKEditor library updated from 4.5.1 to 4.5.8
309* Update jQuery from 1.11.3 to 2.2.0, jQuery-migrate from 1.2.1 to 1.3.0, jQuery-ui-custom from 1.11.2 to 1.11.4
310* Provide jQuery 2.2.0 for public use (themes/plugins) - 1.4.2 (default) and 1.11.3 still provided
311* Some locales added or updated
312* PHP 7 compliance, PHP 5.3 min
313* Fix : Cope with "unknown" scheme in url (ie nor http: neither https: is defined in origin url)
314* Fix : Let select another theme even if theme folder is read-only
315* Fix : XML-RPC media uploaded are not more twice Base64 decoded
316* And plenty of other 🐛 🔫, various 🌼 adjustments, and also lot of 🍻 drunk
317
318Dotclear 2.8.2 - 2015-10-25
319===========================================================
320* Security fix : Fixed potential XSS on comments management page
321* Security fix : Enforce media exclusion control
322* Php 5.5 leaves NULL chars in unpack ==> add trim, fixed
323* Media title (in standard mode) is now taken into account on upload
324* Some 🐛 🔫
325
326Dotclear 2.8.1 - 2015-09-23
327===========================================================
328* Fix admin pager parameters escaping - thanks Keiko Yashiki from JPCERT/CC for reporting this XSS
329* Error on changing post author in entries' lists: fixed
330* Cope with unknown URL scheme in X-Frame-Options
331* One ot two of 🍻 drunk
332
333Dotclear 2.8 - 2015-08-13
334===========================================================
335* New module dependencies system (plugins)
336* Theme editor: Cope with css theme sub-folder
337* extension/heritage system applied to mustek templateset
338* installation wizard now allows SQLite engine
339* Legacy editor toolbar may now be displayed below textarea
340* Breadcrumb plugin added to the distribution, included in mustek/currywurst templatesets
341* Allow a fifth parameter (optional) for image to insert a legend using figure/figcaption tags (wiki)
342* XHTML validator removed from legacy editor
343* Update jQuery from 1.11.2 to 1.11.3
344* Add a blog parameter to disable internal search
345* Add some sort orders and filters criteria for posts and comments
346* Update CKEditor from 4.4.8 to 4.5.2
347* Add IP and antispam filter columns when displaying spams
348* Add actions to directly blacklist IP from comments list
349* Lexical sort order for tags and widgets
350* Use HTML5 audio tag for MP3 attachments
351* Bye the 🐈, welcome the 🐸
352* Lot of 🐛 🔫
353* Various 🌼 adjustments
354* Full of 🍻 drunk
355
356Dotclear 2.7.4 - 2015-02-13
357===========================================================
358* Berlin theme: resources usage has been optimized
359* currywurst templateset: head-linkrel block name fixed
360* Current editor syntax: now displayed near edited field (post/page/quick entry)
361* Some admin URLs were malformed: fixed
362* Post/page preview: anti-clickjacking system fixed
363* The cat is valid now
364
365Dotclear 2.7.3 - 2015-01-13
366===========================================================
367* Restore advanced edition of category description (as in 2.6)
368* Various bug fixes
369* Some cosmetic adjustments
370
371Dotclear 2.7.2 - 2014-12-25
372===========================================================
373* Dotclear wiki could not be used by standard user: fixed
374
375Dotclear 2.7.1 - 2014-12-25
376===========================================================
377* Various bug fixes
378* Some cosmetic adjustments
379
380Dotclear 2.7 - 2014-12-13
381===========================================================
382* Security : protection against clickjacking may be activated (see blog parameters)
383* Switch to HTML5 : backend, templatesets and themes
384* ARIA roles in da place (a11y)
385* Multiple templatesets : mustek (legacy) and currywurst
386* Themes may use extension/heritage template mechanisms
387* New theme (Berlin) based on currywurst templateset
388* New WYSIWYG editor (CKEditor)
389* Dotclear Wiki now produces HTML5 compatible markup
390* Video and audio HTML5 tags are now used (with fallback to flash if possible)
391* Copying default theme to user-defined theme folder is not more necessary
392* Preview of comment may be optional (see blog parameters)
393* Widgets may be put offline without deleting them
394* jQuery version may be choosen between 1.4.2 (default) and 1.11.1 (see blog parameters)
395* Number of posts listed on home page may be different than other pages (see blog parameters)
396* Hidden folders are now hidden in media manager (set DC_SHOW_HIDDEN_DIRS to true in config.php to display them)
397* User-defined template files may be reset (deleted) in theme editor
398* Drag'n'drop now enabled on touch screens
399* Alternative syntax may be set for comments by third-party plugins
400* A lot of bug fixes
401* Much more cosmetic adjustements and enhancements
402
403Dotclear 2.6.4 - 2014-08-18
404===========================================================
405* Security fix: Sanitize search request. Thanks to Takayuki Uchiyama
406* Security fix: Strenghened xmlrpc (see http://www.breaksec.com/?p=6362)
407
408Dotclear 2.6.3 - 2014-05-16
409===========================================================
410* Security fix: Strengthened xmlrpc auth. Thanks to Egidio Romano
411* Security fix: Strengthened categories ordering. Thanks to Egidio Romano
412
413Dotclear 2.6.2 - 2014-01-20
414===========================================================
415* Security fix: Fixed potential code injection on password protected post/page. Thanks to Charlie Briggs
416* Bugfix: cope with numeric module (plugin/theme) id
417* Bugfix: Bad SQL syntax when using SQLite
418* Bugfix: BlogParentThemeURL template value is back
419* Various bug fixes
420
421Dotclear 2.6.1 - 2013-11-22
422===========================================================
423* Bugfix: trackbacks/pingbacks post URL
424* Bugfix: short/full list of tags (post edition)
425* Bugfix: Toolbar not drawn on new comment form (administration)
426* Various bug fixes
427* Some cosmetic adjustments
428
429Dotclear 2.6 - 2013-11-13
430===========================================================
431* Various bug fixes
432* Various cosmetic adjustments
433
434Dotclear 2.6-RC - 2013-10-18
435===========================================================
436* PHP 5.2 required
437* jQuery upgraded to 1.10.2 (including jQuery migrate plugin 1.2.1)
438* mySQLi support (now proposed by default rather than mySQL)
439* Administration revamped, relooked, redesigned, new icons, new ergonomic's behaviours
440* Administration is now responsive (easier to cope with it on small devices)
441* Administration menu re-organized
442* a11y (accessibility) everywhere, with and whithout Js
443* Success, notice and warning messages have been harmonized
444* daInstaller has been dispatched in core (in plugins and blog themes management)
445* Global help is now available, contextual help is available on every page
446* Media manager enhanced
447* Maintenance plugin revamped and enhanced (now includes export features)
448* Categories management enhanced
449* Plugins and themes management revamped
450* New “Plumetis” variation for Blowup theme
451* Jasmine is now used for unit testing of js components
452* A lot of bug fixes
453* A lot of cosmetics adjustments
454* A lot of enhancements
455
456Dotclear 2.5.3 - 2013-09-13
457===========================================================
458* Bugfix: l10n Clearbricks library
459* Bugfix: post's comments and trackbacks counters
460* Check public and cache directories (existence and permissions)
461* Avoid Categorie's identical URL as far as possible
462* Cope with alpha layers in PNG images for thumbnails generation
463* Add password strength indicators
464* Fix permission form (checkboxes management)
465* Better management of antispam filters
466* Minor enhancements
467* Various bug fixes
468* Various cosmetic adjustments
469
470Dotclear 2.5.2 - 2013-08-14
471===========================================================
472* Security fix: Fixed potential XSS
473* Bugfix: l10n Clearbricks library
474* <tpl:LoopPosition> now works <tpl:Attachments>
475* Dotclear update check may now be forced (ignoring cache)
476* Enforce integration of daInstaller plugin
477* Tags link button is now available on page editor
478* Default cache age is now 1 week instead of 2 hours
479* Quick entry dashboard module is not activated by default on new installation
480* New template {{tpl:BlogParentThemeURL}} (return URL of parent theme of blog's theme if any, URL of blog's theme otherwise)
481* Fix post comments number on comments deletion
482* Fix order of backup files
483* Minor enhancements
484* Various bug fixes
485* Various cosmetic adjustments
486
487Dotclear 2.5.1 - 2013-07-20
488===========================================================
489* Security fix: Replacement of swfupload.swf by a jQuery plugin
490* Security enhancement: Strenghened lists display
491* Thumbnails quality improved
492* Minor enhancements
493* Various bug fixes
494* Various cosmetic adjustments
495
496Dotclear 2.5.0 - 2013-03-12
497===========================================================
498* Security fix: XSS vulnerabilities in swfupload.swf (media enhanced uploader)
499* Ductile theme may now use webfont (from Google, Adobe and similar providers)
500* daInstaller plugin is now included in the official distribution
501* The media enhanced uploader may now be temporarily enabled or disabled
502* Add mass expand on posts and comments lists
503* Allow wildcard for IP address on comments filters
504* Add ability to delete non empty category (and move its content to another category)
505* Every types of entries may be used to inserted an entry link in current edited post
506* Add (none) option to image insertion title pattern
507* Smileys are not more converted in image in pre,code,kbd,script and math contents
508* Notes' title can be now enclosed in h4 (default), h3 or p HTML tag
509* Now display translated name and desc of plugins
510* Add publication date validation on post and page editing forms
511* Add description to widgets
512* Add syntax color option to theme editor plugin
513* Add delete button on media item page
514* Add/complement display modes (all pages, home page only, except on home page) for all widgets
515* {{tpl:Widgets}} without type attribute set displays now all widgets (from nav, extra and custom)
516* Add {{tpl:else}}, {{tpl:TagCount}}, <tpl:TagIf>, {{tpl:CategoryEntriesCount}} template tags
517* Add cat_only, no_tag and content_only attributes to {{tpl:EntryFirstImage}} tag
518* Add capitalize attribute to template filters' list
519* Enhance links lookup anti spam filter
520* Add hidden optional attribute for pages
521* Adaptative compression rate for thumbnails generation
522* Add timestamp on admin information messages
523* Update to jQuery 1.8.3 and jQuery-UI 1.9.2 (custom)
524* Add default favicon.ico
525* Add default attributes settings for image,mp3,flv insertion
526* Various bug fixes
527* Various cosmetic updates and contrast adjustments
528
529Dotclear 2.4.4 - 2012-08-13
530===========================================================
531* Bugfix: Programmed entries works again.
532* Compatibility fix: widgets are now fully php >=5.3 compliant
533* Security fix: potential CSRF in user management
534* has_tag now part of dotclear core, moved from tag plugin.
535* empty title fixed on rss reader widget
536
537Dotclear 2.4.3 - 2012-05-18
538===========================================================
539* Admin: My favorites menu can be hidden
540* Admin: Fix wordpress importer
541* Admin: about:config and user:pref tables are now more readable
542* Ductile theme: Blog logo can be changed
543* New lithuanian language (thanks to Paulius Černakauskas)
544* Various bug fixes
545
546Dotclear 2.4.2 - 2012-02-11
547===========================================================
548* Security fix release
549* 4 XSS vulnerabilities fixed, discovered by High-Tech Bridge
550
551Dotclear 2.4.1.2 - 2011-12-24
552===========================================================
553* Happy Christmas!
554* Security: fixed one SQL injection vulnerability in Clearbricks, thanks to Adjaya
555* New behaviour: publicGetURLFor
556* New behaviour: publicRegisterURL
557* New behaviour: templatePrepareParams
558* Changed the way to get artefacts URLs, through $core->url->getURLFor calls, instead of $core->url->getBase()
559* new/updated parameter sql_only in $core->blog->getPosts and $core->blog->getComments
560
561Dotclear 2.4.0 - 2011-11-13
562===========================================================
563* Admin: new iconset from Thomas Daveluy
564* Admin: Accessibility enhancements
565* Added a custom widget sidebar
566* Added a new theme (Ductile)
567* Added a new plugin (simpleMenu)
568* handling of postgres non default schemas (db_prefix = 'schema.prefix')
569* New iconset mechanism
570* New behaviour: coreBlogBeforeGetPosts
571* Security fix: Spam comments feed now checks for blog permission. Thanks to Romuald Brunet.
572* Various bug fixes
573
574Dotclear 2.3.1 - 2011-06-14
575===========================================================
576* Updated makefile for cleaner distrib.
577* Better localization handling for prefs and shortcuts.
578* Misc JS & CSS cleaning.
579* Import/Export preferences-related bugfix.
580* Administrative mail address is now configurable.
581* Security: one minor fix and changes for two potential problems. Thanks to Jeremie Boutoille
582
583Dotclear 2.3.0 - 2011-05-16
584===========================================================
585* Admin: Major backend redesign
586* Admin: Customizable Dashboard
587* Admin: New Favourites admin submenu
588* Admin: New user preferences backend
589* Admin: Accessibility enhancements
590* Admin: Inline help extended
591* Templates: Default theme templates moved to inc/public/default-templates
592* Clearbricks: External libraries relocated to inc/libs
593* Clearbricks: fixed utf-8 and mysql strict mode problems
594* Added a safe mode connection, disabling all plugins
595* Mysqli support (config.php may need to be updated manually)
596* Fixed dcLog bug with pgsql
597* Fixed comment/trackbacks counters reset.
598* Several other bug fixes
599
600
601Dotclear 2.2.3 - 2011-04-01
602===========================================================
603* Security fix in media manager. Thx to Raphaël
604* Bugfix : 2.2.2 was preventing manual thumbnail regeneration.
605* Database handling bugfixes
606
607Dotclear 2.2.2 - 2011-01-17
608===========================================================
609* Bugfix: 2.2.1 was blocking new installations
610* Autoupdate procedure should now be "bad ftp client configuration"-proof.
611* Several other small bugfixes
612
613Dotclear 2.2.1 - 2011-01-15
614===========================================================
615* ExternalMedia is not part of the core distribution anymore
616* New attribute to tpl:SysIf: blog_id
617* New behaviour: adminMediaItemForm
618* Several bugfixes
619* Several code optimizations
620* Several typos corrected
621* Security fix in Clearbricks. Thx to François Pierre-Doray for pointing it out.
622
623Dotclear 2.2 - 2010-07-01
624===========================================================
625* New installation wizard.
626* Several new behaviours:
627     - adminCommentHeaders
628     - adminCommentsActionsCombo
629     - adminCommentsActions
630     - adminCommentsActionsContent
631     - adminBeforeCommentDelete
632     - adminPostsActionsHeaders
633     - adminUsersActionsCombo
634     - coreBeforeCategoryCreate & coreAfterCategoryCreate
635     - coreBeforeCategoryUpdate & coreAfterCategoryUpdate
636     - coreBeforeLogCreate & coreAfterLogCreate
637     - coreBeforePostCreate & coreAfterPostCreate
638     - coreBeforePostUpdate & coreAfterPostUpdate
639     - coreMediaConstruct
640     - templateCustomSortByAlias
641     - urlHandlerGetArgsDocument
642* New methods for several core classes.
643* Metadata integration to the core.
644* Error handlers can now be extended.
645* Templates: blocks can now be recursive.
646* Templates: Entries & Comments tags can now be sorted.
647* Templates: The template subsystem is quicker, linier, and ready to be extended.
648* Complete reworking of the settings system
649* Correct handling of postgresql non default schemas.
650* Admin: Autocompletion and further enhancing to tags handling.
651* Admin: Accessibility & ergonomic tweaks.
652* Admin: Administrator tag in users list.
653* Comment cookies are now specific to the blog rather than to the domain.
654* Password changes can now be mandatory.
655* jQuery updated to 1.4.2.
656* And way too many bugfixes and typos squashes to be listed.
657
658
659Dotclear 2.1.7 - 2010-05-25
660===========================================================
661* Auto-update procedure fix
662
663Dotclear 2.1.6 - 2009-10-01
664===========================================================
665* Install procedure fixes
666* Admin: Page managers can now create pages
667* Admin: several typos corrected.
668* Admin: Widgets now work in IE8.
669* Admin: Password protected posts can now be previewed.
670* Templates: tpl:Meta* are now tpl:Tags*.
671* Templates: <tpl:Entries lastn="0"> now display all posts.
672* new behavior: adminPageHTMLHead
673* DB schema: new blog_id field in log table
674* Media manager: Pubic folder can now be set on a different host.
675* WordPress import fixes
676* Dailymotion insertion fix
677* Upgrade procedure: CRLF removed in files that were bugging the upgrade.
678* JQuery updated to 1.3
679* IE7-js update
680* security: Full Path Disclosure protection. Thx to Karim Ayad for pointing it out.
681* and way too many bugfixes to be listed.
682
683Dotclear 2.1.5 - 2009-02-05
684===========================================================
685* Security release
686* Youtube insertion update
687
688Dotclear 2.1.4 - 2008-12-21
689===========================================================
690* Security flaw fix
691* WordPress import refining
692* XML-RPC improvements
693
694Dotclear 2.1.3 - 2008-11-19
695===========================================================
696* Admin: New upgrade procedure
697* Admin: Fixed video insertion bug
698* Template: New attributes
699  * url on EntryIf
700  * only_category on Blogroll
701  * no_context on Pagination
702* Template: New tag
703  * BlogID
704* Admin: escaped blog_id on authentication page
705
706Dotclear 2.1.1 - 2008-11-07
707===========================================================
708* Admin: Automatic Update bug fixes
709* Admin: Disable Automatic Update if no digests file
710* Admin: Javascript fixes in authentication page
711* Admin: Fixed errors with categories select boxes
712* Template: Added level attribute in tpl:Categories
713* Media: Added H.264/MPEG-4 AVC for mp4 files
714
715Dotclear 2.1 - 2008-11-01
716===========================================================
717* Subcategories
718* Admin: Automatic Update
719* Admin: Flash 10 support for uploader
720* Admin: mailto link in comment details
721* Admin: Embedded video size selection
722* Admin: Restrict session cookie path to admin
723* Media: H.264/MPEG-4 AVC (HD) support with m4v files
724* Inherited themes
725* WordPress XML-RPC methods support
726* True unicode URLs
727* Plugin: Widgets as template tags
728* Plugin: Filters in entries widgets and Blogroll
729* Plugin: Added vimeo.com in external media
730* Template: New tags
731  * LoopPosition
732  * CommentAuthorDomain
733  * CommentAuthorMD5
734  * EntryFirstImage
735  * EntryCategoryShortURL
736  * CategoryIf
737  * CategoryFirstChildren
738  * CategoryParents
739  * EntryCategoriesBreadcrum
740  * MediaURL
741
742Dotclear 2.0.2 - 2008-09-05
743===========================================================
744* New installation procedure
745* Plugin: WordPress import fixes
746* Plugin: Plain text export as downloadable files
747* Plugin: Message about URLs in Dotclear 1.2 import
748* Public: Display a message if search returns no result
749* Admin: Fixed some CSS bugs
750* Admin: Batch select/unselect entries
751* Admin: In a media item, find entries containing it
752
753Dotclear 2.0.1 - 2008-08-16
754===========================================================
755* Plugin: Fixed a bug with Dotclear 1.2 URLs import.
756* Plugin: Fixed a l10n bug in Pages
757* Admin: Enhanced plugins resources loading and cache
758
759Dotclear 2.0 - 2008-08-01
760===========================================================
761* Public: Atom becomes the default feed format. RSS 2 is always available.
762* Admin: design enhancements and new Dotclear logo
763* Admin: entries preview in blog context
764* L10N: New language manager with zip files support
765* Plugin: Import/Export plugin version 2.0 with import from Dotclear 1.2 and WordPress
766* Plugin: Pages enhancements (preview, sorting)
767* Plugin: support for jamendo and deezer in External Media
768* JSMin on JavaScript files instead of JS packing
769* SQLite 3 only support (PDO based)
770* Many bug fixes and major performances improvements
771
772Dotclear 2.0 RC2 - 2008-06-21
773===========================================================
774* FairTrackback spam filter
775* Language pack infrastructure
776* Bug fix on comment search with author "0"
777* Javascript fixes
778* dcAuth::sessionExists and dcAuth::checkSession new methods
779* Right management in dcAuth::sudo
780* Media File sorting options in media manager
781* CandyUpload, new uploader tool based on SWFUpload
782* New search engine robots options
783* New image options
784* L10N: Japanese and Portugues (Brazil) language packs
785* Many bug fixes and enhancements
786
787Dotclear 2.0 RC1 - 2008-05-01
788===========================================================
789* New: Pages plugin
790* New: Theme editor plugin
791* Entries: Text and WYSIWYG enhancements
792* Entries: Markup validator
793* Entries: Insertion of links to other entries from toolbar
794* Entries: External media insertion (dailymotion, youtube, google video)
795* Tags: Same list for new and existing entries
796* Tags: Tags can be removed on all associated entries
797* Tags: Tags can be removed on a post selection
798* Admin: Ask password for user management tasks, theme upload and plugin upload
799* Admin: New contextual help viewer
800* Media manager: Recreate thumbnails option
801* Media manager: Custom medium thumbnail size (per blog)
802* Media manager: Zip files extract support
803* Media manager: Zip file download of directory
804* Media manager: File exclusion pattern option
805* Themes and plugins: Zip as new package format
806* Themes and plugins: Upload
807* Themes and plugins: Upgrade within administration interface
808* Themes and plugins: Deletion
809* Public: New default theme: Blowup (fully customizable)
810* Public: Changed the way commenter cookie is handled
811* Themes: Template files moved to tpl/ directory
812* L10N: Polish, Catalan and Spanish translations
813* Misc: jQuery upgraded to 1.2.3
814* Misc: Crushed png files
815* Fixed many bugs
816
817Dotclear 2.0 beta 7 - 2007-07-12
818===========================================================
819* New way to display comments and trackbacks on entries in backend
820* Dashboard visual improvements
821* Default cache dir created by installation process
822* Option to limit posts and comments in feeds
823* Introduced UDBS for installation and upgrade
824* Changed handling of XML-RPC URLs
825* New option to force HTTPS redirect if wanted
826* Enforced cookies security (directory and ssl support)
827* Added Plugin auto-install and auto-upgrade support
828* Added trackbacks ttl and moderation preferences
829* Added an Internal search engine
830* FLV support in backend with Neolao player
831* Added nice messages if database is broken or Dotclear not installed
832* upgrade jQuery to 1.1.3
833* Fixed many bugs
834* Fixed security issues in backend
835
836Dotclear 2.0 beta 6 - 2007-02-19
837===========================================================
838* New antispam plugin, with a set of filters (rbl, ipblacklist, spamwords, akismet)
839* New admin dashboard page
840* Fixed unwanted logout bug
841* Added settings to disable template caching and allow PHP code
842* Blog preferences panel bug fix
843* New XML-RPC Client and Server
844* Comment posting permissions bug fix
845
846Dotclear 2.0 beta 5.4 - 2007-01-19
847===========================================================
848* Minor change on spam display in comments.php
849* Command line upgrade script and fix in load_plugin_file.php
850* Make akismet configurable only by superadmin with DC_AKISMET_SUPER
851* SQL optimisations
852* New comments view in post
853
854Dotclear 2.0 beta 5.2 - 2007-01-11
855===========================================================
856* Fixed a bug with imageMeta::getMeta
857* Enhanced dynamic file uploader
858* Move clearbricks files to their own repository
859* Fixed a bug with auto_br in wikiSimpleComment
860* Support for language restriction in feeds
861* Default theme structure changes
862* Fixed a PHP 5.0 compatibility issue
863* Installation Wizard
864
865Dotclear 2.0 beta 4 - 2006-12-26
866===========================================================
867* Performances enhancements.
868* Administration UI enhancements.
869* More user-friendly Widgets (version 1.5).
870* Switch to jQuery <http://jquery.com>.
871* Added jQuery in default theme.
872* Major changes in HTTP client and Feed Parser based on a
873  generic socket handler.
874* PHP 5.2 compatibility.
875* Code documentation (all core and most of clearbricks).
876* Many bug fixes.
877
878Dotclear 2.0 beta 3 - 2006-11-05
879===========================================================
880* Disallow special wrappers for fopen like functions.
881* XML/RPC improvements.
882* Read IPTC and EXIF metadata in uploaded pictures.
883* MySQL 4.1 support only.
884* Metadata import from Dotclear 1.2.x.
885* Akismet plugin.
886* Pings plugin.
887* Added a priority setting for plugins.
888* Many bug fixes.
889
890Dotclear 2.0 beta 2 - 2006-08-09
891===========================================================
892* DC_PLUGIN_ROOT can handle more than one path.
893* OPML/XBEL import in blogroll plugin.
894* Fixed a security issue in html::absoluteURLs().
895* Fixed issues with timezone on scheduled entries.
896* Multiple categories selection in tpl:Entries.
897* Improved dbLayer.
898* Changed category feed URL.
899* Feeds for tags (entries and comments).
900* Added attachments count on backend and frontend.
901* New settings code design. Can now handle wide system settings.
902* Memory usage improvements with autoloader.
903* Some code cleanup.
904* Feed parser improvements.
905* Themes can be configured if needed.
906* XMP support on JPEG files.
907* Media manager improvements.
908* Spamplemousse now uses DNSBL (and the guy who left the bug was fired).
909* Javascript editor and toolbar improvements.
910* RDS support (XML/RPC API discovery).
911* Added a theme with user stylesheet.
912* Plugins manager
Note: See TracBrowser for help on using the repository browser.

Sites map