// $Id: Changelog-4.5,v 1.998 2004/04/07 12:47:51 saka_car Exp $ 1. Changelog ------------ This is a non-exhaustive (but still near complete) changelog for Mambo Open Source 4.5, including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes. ------------------- 4.5 Stable 1.0.8 Released ---------------------- 14-Apr-2004 Andrew Eddie - Fixed security vulnerability in PCL libraries - Fixed security vulnerability in registration component - Removed version number from admin login screen - Updated version ------------------- 4.5 Stable 1.0.7 Released ---------------------- 08-Apr-2004 Emir Sakic - Fixed bug with content link access 07-Apr-2004 Andrew Eddie - Fixed bug with registration and login links ------------------- 4.5 Stable 1.0.6 Released ---------------------- 07-Apr-2004 Andrew Eddie - Fixed mosDBTable exploit - Fixed return page for logout 05-Apr-2004 Ron Bakker - fixed bug #241 - Not authorized access to sections with SPECIAL or REGISTERED access level - fixed bug #244 - 2nd instance of WysiwygPro isn't working in the frontend 03-Apr-2004 Robert Castley - Fixed bug #166 - security loophole in htmlarea2 - Fixed bug #177 - table width issue in frontpage 03-Apr-2004 Ron Bakker - Fixed bug #184 - Unchecked path in com_media 03-Apr-2004 Emir Sakic - Fixed bug with paging functionality when limit exceeds total on second page - Fixed security bug with gaining frontpage admin access on sites with magic quotes turned off - Patched ACL so superadministrators gain access to special sections 01-Apr-2004 Andrew Eddie - Fixed bug #83 - Removed date manipulation code for last visit field in admin users list - Fixed bug #119 - Fixed bug relating to quotes in metakeys - Fixed bug #156 - Fixed overwrite of publish down time on save - Fixed bug #163 - Fixed error message stuffing headers when downloading sql dump 31-Mar-2004 Robert Castley - Fixed bug #162 - Typo in menu class suffix - class_suffix -> class_sfx - Fixed bug #166 - Typo in content.html.php - mossection -> mosSection - Fixed bug #154 - Problem with long template names ------------------- 4.5 Stable 1.0.5 Released ---------------------- 28-Mar-2004 Robert Castley - Fixed bug #96 - editing templates failed to save correctly - Fixed all occurances of mosgetParam with mosGetParam - Fixed bug #128 - problem saving edited language file(s) 25-Mar-2004 Robert Castley - Fixed bug #101 - poll alignment problem in Opera - Fixed bug #100 - problem saving content in frontend when using RTE editor - Fixed bug #103 - return Itemid on content save in frontend 25-Mar-2004 Emir Sakic - Fixed xss bug with login module - Fixed a bug with Mambo not returning to origin address after login ------------------- 4.5 Stable 1.0.4 Released ---------------------- 23-Mar-2004 Robert Castley - Fixed bug #79 - https support in banners 23-Mar-2004 Emir Sakic - Cosmetics on search page 20-Mar-2004 Robert Castley - Fixed bug #54 - Fixed installer to not give a blank page if db details provided are incorrect. 18-Mar-2004 Robert Castley - Fixed #39 - template chooser bug 16-Mar-2004 Andrew Eddie - Altered mosGetParam function to reduce the risk of XSS security attacks The function by default trims and strips html tags - Fixed a number of XSS bugs relating to the $return variable 15-Mar-2004 Robert Castley - Fixed bug [32] - RSS image problem - Prevented use of HTML in Name field in registration 15-Mar-2004 Phil Taylor - fixed security bug when intval($ID) not used in pathway 12-Mar-2004 Robert Castley - Fixed problem with e-mail icon alignment in content - Fixed bug [18] - wrong date ordering in mod_archive.php 08-Mar-2004 Robert Castley - Fixed bug [0000861] - Duplicate checked box - Fixed bug [0000863] - problem if Home menu item is deleted 05-Mar-2004 Andrew Eddie - Fixed bug [0000849] - Fixed corrupt content category menu link 01-Mar-2004 Emir Sakic - Fixed bug [0000841] - wrong time zone in user administration, last visit date 29-Feb-2004 Robert Castley - Fixed bug [0000836] - problems with HTML in newsflash 29-Feb-2004 Emir Sakic - Fixed infinite loop bug caused by trick with administrator index - Removed some redunant code in logout session handling 28-Feb-2004 Robert Castley - Fixed bug [0000828] - Fixed textarea width issue when not using WYSIWYG editor - Fixed bug [0000827] - When using submit news from user_menu cancel does not take you back to frontpage - added Itemid=0 on to end of link - Changed RTE to not use compressed version ------------------- 4.5 Stable 1.0.3 Released ---------------------- 26-Feb-2004 Tim Broeker - Fixed problem with wysiwygpro editor - Fixed problem with RTE editor (rcastley) 26-Feb-2004 Emir Sakic - Fixed bug [0000781] - support for system locale setting in archive module - Fixed bug [0000810] - support for system locale setting in search component 26-Feb-2004 Robert Castley - Fixed bug [0000750] - missing colspan issue in content.html.php 26-Feb-2004 Andrew Eddie - Fixed bug [0000764] - Failure searching for sublevels in main menu manager - Fixed bug [0000802] - Menu: Edit content category; category is not selected - Fixed js error when rte editor included from non-typed modules - Fixed incorrect front_html path 25-Feb-2004 Robert Castley - Fixed bug [0000812] - removed hardcoded center in frontpage.html.php - Fixed bug [0000814] - $row->title appearing in submitted weblink e-mail 25-Feb-2004 Emir Sakic - Fixed security issue that affected users with SEF turned ON 22-Feb-2004 Robert Castley - Fixed bug [0000806] - reserved word in MySQL 5.x - Fixed bug [0000801] - removed publish icon in edit categories 20-Feb-2004 Emir Sakic - Fixed a bug in frontpage content edit page 20-Feb-2004 Robert Castley - Fixed bug [0000794] - Text alignment issue in peeklime in Opera 7.x - Added RTE editor to source 19-Feb-2004 Ron Bakker - Fixed bug [0000778] - Error on imageselect when directory empty - Fixed bug [0000767] - Media extensions can not be captitals - Fixed bug [0000788] - HTMLArea3 focus problem with {mosimage} and {mospagebreak} 18-Feb-2004 Ron Bakker - Modified editor functionality - Added support for RTE, xStandard and Wysiwyg Pro editors 13-Feb-2004 Phil Taylor - Fixed bug [000773] - Metadata tags only shown if site metadata set 12-Feb-2004 Robert Castley - Fixed bug [0000771] - safe mode bug in media manager - Fixed bug [0000752] - strip html tags from newsflash title 12-Feb-2004 Emir Sakic - Fixed security issue with inserting HTML in user details - Improved session cookie handling by setting a longer cookie time 09-Feb-2004 Phil Taylor - Added mosConfig_editor to configuration.php config during install 09-Feb-2004 Robert Castley - Added page gen. time into admin - Fixed bug [0000760] - incorrect form link in section archive 08-Feb-2004 Emir Sakic - Fixed undefined variable bugs in javascript loading - Changed base href to load only when SEF is ON - Fixed bug [0000735] - OS_WINDOWS faulty performance due to typos - Fixed bug [0000734] - saveRegistration admin email notifications - Fixed bug [0000715] - Ignore files (*.ignore.php) show in Global as Language choice 08-Feb-2004 Robert Castley - Changed ALL template to only load editor if logged in 07-Feb-2004 Robert Castley - Fixed bug when using htmlarea3 under sections/categories 06-Feb-2004 Robert Castley - Only show js scripts in frontend if logged in - Fixed bug [0000753] - archive link bug - Fixed bug [0000716] - bug in pathway with blog sections/categories 05-Feb-2004 Robert Castley - Fixed bug [0000748] - no height set in textarea 05-Feb-2004 Emir Sakic - Improved global login and cookie management - Implemented "Remember me" feature to frontend - Decreased default session time to 15 minutes - Added possibility for linked titles to be used along with Read more - Fixed undefined variables bugs in admin logout and other places - Fixed bug [0000726] - More... Links on Frontpage do not have correct Itemid 29-Jan-2004 Robert Castley - Fixed bug [0000731] - time offset bug in newsfeeds - Fixed bug [0000727] - not passing %d to _VALID_AZ09 - Fixed bug [0000721] - Authors can not edit in view item - Fixed bug [0000745] - typo in admin menus typed class ------------------- 4.5 Stable 1.0.2 Released ---------------------- 16-Jan-2004 Robert Castley - Increased available chars in weblinks from 100 > 250 - Fixed security issue in mod_mainmenu.php - Added robots.txt 15-Jan-2004 Andrew Eddie - Fixed bug that prevent Email Submissions option from showing when editting a user 15-Jan-2004 Emir Sakic - Changed session default time back to 1800 seconds 13-Jan-2004 Ron Bakker - Fixed bug [0000585] - Media Manager - preview images do not refresh after upload - Fixed bug [0000643] - Media Manager - 'Page has expired'-warning after upload - Fixed bug [0000670] - Media Manager - "is_file()" is blocking the upload process - Fixed bug [0000597] - URL Link in "new window without browser navigation" redirects site to frontpage 13-Jan-2004 Robert Castley - Fixed bug [0000635] - online users show all users in red - Fixed bug [0000663] - missing quotes in some table definitions 13-Jan-2004 Andrew Eddie - Fixed bug [0000656] - Checks in module and template installer are in the wrong place - Fixed bug [0000642] - Bug in includes/HTML_toolbar.php cancel - Fixed bug [0000636] - Undefined constant error when deleting component - Fixed bug [0000632] - Bug in More Components links - Fixed bug [0000631] - Double quotes in alt tag breaks html - Fixed bug [0000601] - Custom Code Banners will not display with bmp's - Removed redundant saveUploadNew function in admin banner component - Improved eregi filter of banner file types (could allow xxx.gif.exe through) 07-Jan-2004 Emir Sakic - Changed template chooser to support GET method too 06-Jan-2004 Phil Taylor - Fixed bug [0000587] - Error with uploaded backupfile path - Fixed bug [0000618] - Editing Menus list all menutypes - Fixed bug [0000590] - Ordering of RSS items linked to frontpage settings - Fixed Bug [0000626] - & to & for XHTML Vailidation - Removed index.php check for installation dir again until next release :-) ------------------- 4.5 Stable 1.0.1 Released ---------------------- 03-Jan-2004 Emir Sakic - Fixed a bug with not beeing able to delete typed modules 29-Dec-2003 Robert Castley - Fixed bug [0000589] - Fixed spelling errors 27-Dec-2003 Emir Sakic - Fixed a database bug in sample_data.sql (incorrect componentid for FAQ in main menu) 26-Dec-2003 Phil Taylor - Implemented DevWish [0000442] - Additional Support added to menu when components menu is very long - Added Add or Edit User text condition when creating/editing a user - Removed hard coded background color in favor of CSS when editing banner client - Added intelligent ADD or EDIT text to titles in contact component admin - Fixed Bug [0000569] - Email sends $row->title instead of value - Fixed Bug [0000576] - Search in menu manager doesn't work for all cases - Fixed Bug [0000571] - Cookie timeouts not working correctly - Fixed Bug [0000571] - change the directories combo not updating 25-Dec-2003 Phil Taylor - Added return var to login form module to redirect to where user logs in instead of index.php 2. Copyright and disclaimer --------------------------- This application is opensource software released under the GPL. Please see source code and the LICENSE file for more details. All Rights Reserved.