# Version 1.7.8 (February 9th, 2014) ------------------------------------------------------------------------ * Fixed POST for db entry insert, caused by 1.7.6 security feature Version 1.7.7 (February 6th, 2014) ------------------------------------------------------------------------ * Fixed PHP parse error in templatechooser plugin. Blame garvin. :( Version 1.7.6 (February 6th, 2014) ------------------------------------------------------------------------ * Fixed backend security issues, thanks to Stefan Schurtz: - XSS of users realname in "Manage users" section (Backend, requires login) - XSS when creating an entry with bad id/timestamp values (Backend, requires login) - SQL-Injection for plugin installation parameter (Backend, requires admin login) * Templatechooser plugin uses "default" template as fallback, not "bulletproof". * Fixed nl2br non-working WYSIWYG treatment and added general markup behaviour notes * Fixed textile compat fix Version 1.7.5 (January 18th, 2014) ------------------------------------------------------------------------ * Fixed textile PHP 5.2 (namespace) compat issue * Added default value to spamblocks required_fields option [name,comment] Version 1.7.4 (January 11th, 2014) ------------------------------------------------------------------------ * Fixed emoticate plugin icon link to check for textile class * Upgrade textile plugin libs - lib3 extends to PHP >= 5.3. Please check for new options! * Fixed spamblocks Captcha imagecreate() with PHP > 5.3 versions * Smarty 3.1.16 bugfix release - please read bundled-libs/Smarty/change_log.txt about changes to versions 3.1.16 and 3.1.15. Please also see special bundled-libs/Smarty/3.1.16_RELEASE_NOTES.txt * Removed blogg.de filter from spamblock plugin, adapted htaccess IP block algorithm for race conditions. .htaccess can now contain multiple Deny From ranges to prevent parsing problems (DLange) * Fixed IP columns in spamblocklog, spamblock_htaccess, karmalog, visitors and shoutbox to varchar(45) for IPv6 - including tunneled IPv4 (39+6) * Fixed possible double includement of plugin_internal.inc.php * Fixed possible temporary caching errors, failing $eventData[0]['properties'] * Basic support for static blocks (includeentry plugin) in 2k11. * Added "backend_footer" event hook * Exclude "_vti_cnf" dirs and "thumbs.db" files in MediaLibrary, to exclude possible added servers frontpage extensions and MS-OS preview cache files * Fixed pagination when searching terms with fetchlimit lower 4 * Fixed deprecated /e modifier with PHP >= 5.5 in nl2br plugin restore method Version 1.7.3 (August 28th, 2013) ------------------------------------------------------------------------ * Trackback to https:// style URLs will use proper port 443 instead of 80. * Disabled htmlarea spellchecker module, http://osvdb.org/87395 Thanks for Henri Salo for pointing this out. CVE-2013-5670 Version 1.7.2 (July 26th 2013) ------------------------------------------------------------------------ * Fix a syntax error in the "mysql" deprecation code, thanks to Ian Version 1.7.1 (July 26th 2013) ------------------------------------------------------------------------ * Added new event hooks "backend_plugins_install", "backend_plugins_update" and "backend_templates_install". * Serendipity will switch to mysqli if PHP >= 5.5 is used (mysql is deprecated) * Smarty upgrade to 3.1.14 (read changeLog and the README for API changes since Smarty 2) * Upgrader will now remove/delete the browsercompatibility plugin * Fixed Media Library exclude path to not show/proceed ckeditor/kcfinders .thumbs dir * Fixed bulletproof->colorset GET mismatch with categorytemplates plugin config.inc.php [Line 29] * German translation for stable archives added (YL) * Fixed curl result bug in spartacus plugin * Create new migration task for propagate defaultBaseURL when currently empty (onli) * Fixed statistics sidebar querys ( & for PostgreSQL ) [242520b] and added some missing html end tags * Added missing current group name when editing usergroups Version 1.7 (May 11th 2013) ------------------------------------------------------------------------ * rc4: Get ready for CKEDITOR-wysiwyg Plugin mode * rc4: Fixed fetching javascript object (for nugget textareas) in non-wysiwyg-mode * rc4: Change .htaccess blocking mechanism by spamblock plugin to not fetch too many datarows, thanks to DLange from the forums. (The .htaccess feature is still considered experimental, use at your own risk ;)) * rc4: Fixed entryproperties backend 'cache now' link * rc3 + rc4: Media database: Escape more Cookie values to prevent storing possible XSS (http://board.s9y.org/viewtopic.php?f=3&t=19142). Escape hotlinked media filename. Escape importer host name error Thanks to GreenSun from the forums for bringing this to attention, originally reported by Dshellnoi Unix * rc2: Alter entries.tpl to add the line: {assign var="entry" value=$entry scope="parent"} for proper propagation of $entry to sub-templates. * rc2: Alter error reporting to only fail when 'debug' mode is enabled, so that "normal" blog installations will not fail on specific E_STRICT warnings that are not important. * rc2: temporary added empty $template_config_groups into templates with config, to avoid display troubles for template changes, if previous template had these set. Please check your template. * rc2: reflect POST submitted changes in Bulletproof template configs re-set situations * various PHP 5 compatibility fixes in core and plugins * Allow entryproperties plugin to define defaults for custom fields * Onyx, Net_URL classes: Remove PHP4 style constructor due to PHP5 error "Constructor already defined" * Improved RSS sidebarplugin to support Atom * Bundled simplepie * For Blogs running on a non-UTF-8 language, set a Smarty constant to indicate the actually used charset. * Added to use MyISAM handler for s9y tables (we do not use InnoDB features, but rely on MyISAM fulltext) * fixed defaultBaseURL did not show up installer. Thanks to onli. Follow up from c292bad * fixed draft & future entries preview link in backend * Improved karmarating plugin to be able to use AJAX calls (gregman) * Allow Smarty to fetch .tpl files from all directories so that s9y plugin can use the fetch() call for their .tpl files no matter which (symlinked) directory the plugin resides in. The Smarty security policy to us only serves as a restriction within .tpl files to not allow arbitrary PHP modifier/function calls. If in the future Smarty supports enforcing trustedDir checks on {include} calls seperately to smarty->fetch() calls, we'll also add that to .tpl files. (garvinhicking) * Patch by Markus Brükner: Properly handle files that have no extension in media database * Made Spartacus recognize github.com mirror (garvinhicking) * Add "Summary" output to title of summary archive pages, patch by hboeck * Set the smarty object by instance (ophian) It is often needed to access the Smarty object from anywhere in your code, e.g. in plugins We now ensure that there is only one instance of the object available. To obtain an instance of this class: $serendipity['smarty'] = Serendipity_Smarty::getInstance(); The first time this is called a new instance will be created. Thereafter, the same instance is handed back. To overwrite use $serendipity['smarty'] = new Serendipity_Smarty; to create a new instance. * Set a global Serendipity errorToExceptionHandler (ophian) changed some old smarty trigger_errors to PHPs native function * Updated spamblock plugin (ophian) changed wordfilter to function and Commenters moderation check verify_once to get checked via wordfilter to reject known spam comments before * Changed backend comment (error) messages (ophian) as now captured and styleable messages (newly added .serendipity_backend_msg_notice css class) * Updated nl2br plugin (ophian) added isolation tag using nl to br this also adds some NoBR buttons to backend entry forms * Smarty3 support (ophian) with this upgrade Serendipity / Smarty will at least need a webserver running the PHP 5.2 series. As of August 2011, all PHP users should note, that the PHP 5.2 series is NOT supported anymore by the PHP developers. All users are strongly encouraged to upgrade to PHP 5.3.8 and up. Please refer to your ISP about this. * Added new serendipity['defaultBaseURL'] variable that makes sure that the baseURL is not overriden when configuring serendipity with a possibly autodetected currentl URL. Patch by Manko10. Version 1.6.2 (May 16th, 2012) ------------------------------------------------------------------------ * Fix SQL injection for comment.php used in read-context. (Thanks to High-Tech Bridge SA Security Release Lab, Advisory HTB23092) Version 1.6.1 (May 8th, 2012) ------------------------------------------------------------------------ * Improved escaping of backend plugin management for DB query and media selector output (Stefan Schurtz) * Updated spamblock plugin to 1.78 & 1.79 (backport) changed wordfilter to function to check with 'verify_once' to reject wordfilter signed spam comments before - added in 1.79 killswitch check and serendipity_db_bool() * fixed draft & future entries preview link in backend (backport) * Fixed some possible errors with pdo db_begin/end_transaction() * Fixed unneccessary preg_match notices in the statistics backend * Fixed a possible problem where template-specific variables would not be cleared in favor of the new global ones. * Fixed serendipity_fetchComments producing wrong SQL code. Please check your code if you did workarounds already and remove them. Version 1.6 (October 27th 2011) ------------------------------------------------------------------------ * Fix XSS issue in mediadatabase and karma filtering, thanks to Stefan Schurtz * Fix problem with autosave plugin used in conjunction with entryproperties (chrisbra) * Removed browsercompatibilitty plugin because it's outdated and IE6 shall be dead. * Fixed Spartauc SF.Net download location (Thanks to christian_boltz) * Added new event hook 'backend_loginfail' to track failed logins (serendipity_event_externalauth can make use of it for fail2ban) * Fixed a bug in synchronizing new files with the same basename but different extensions, where files with the same mimetype would not get added (garvinhicking) * Show subscription status of comments in frontend and backend * Added ability to report spam/ham to akismet (Black Warthog) * Added localization for {$WEBLOG} in trackbacks.tpl (LazyBadger) * Added "Options -MultiViews" to .htaccess to prevent IE9 trouble * Karma plugin: Added option to only track votings when users are logged in. * Bugfix: Adjust /admin permalink detection so that it does not listen on /adminbook for example. Thanks to Lux! * serendipity_event_mailer now also allows to use commas instead of spaces to seperate multiple mails. Use distinct email adresses (Thanks to evanslee) * Added new rewrite option for 1&1 specific servers, because a combined htaccess for both variants could not be find. The reason is the MultiViews option in certain apache configs. * Fix PDO::SQLite to properly fetch the requested row type (assoc/both/num), important for staticpage plugin * TPL fixes for upcoming Smarty3, thanks to timbalu * Experimental: Config-Groups for template and plugin options, currently mimics fold in/out of global configuration. Usage through "config_groups", examples are in config.inc.php of bulletproof and spamblock plugin. Needs documentation. (garvinhicking) * Added new parameter "empty" to {serendipity_showPlugin}. When no callable plugins were found, the string in the "empty" parameter will be shown instead, allowing users to get notified of a missing plugin: {serendipity_showPlugin class="serendipity_plugin_twitter" empty="Twitter plugin not found!"} * Bundle jquery by default and enable it in frontend and backend templates; overrides serendipity_event_jquery. If your template contains its own "jquery.js" file, the core will NOT use it. (garvinhicking) * Include API logic to allow the core to utilize event hooks with internal function calls (used for jquery output, for example) (garvinhicking) * Allow to moderate multiple selected comments (garvinhicking) * Allow to pass 'template' variable to serendipity_showPlugin * Make CSS permalink pattern compatible to 1&1 servers, thanks to lfrantzen * PDO-SQLite patches by nth * Fix newline before true); serendipity_loadGlobalThemeOptions($template_config, $template_loaded_config, $template_global_config); More keys apart from "navigation" might get supported in the future. * Implemented suggestion of removing boilerplate code in plugin API: Change hack protection, introduce unified language loading, see http://board.s9y.org/viewtopic.php?f=11&t=16921 Thanks to mt2! * Fix karma rating plugin missing the text translation for a specific point area * Recent entry properties now recognizes multilingual titles * Include referrer in comment notification email (konus) * Added new 'fulltext' search option to sidebar plugin http://board.s9y.org/viewtopic.php?f=4&t=16051 * Truncate suppressed referrer's query string to 255 characters (ads) * Fix "viewAuthor" URL detection routine if the path name of a domain begins with a number. (garvinhicking) * Fix SQLite substring search to use % instead of * for secondary matches (SvOlli) * Recent entries plugin can now fetch the associated categoryid, when a single entry is displayed. (Garvinhicking) * Stricter check for sqlite3 extension, only functional interface instead of OOP currently supported (garvinhicking) * Experimental: When sending quoted-printable notification mails, auto-split after 75 characters. (Ref: http://board.s9y.org/viewtopic.php?f=3&t=16314) * To support custom PHP sessions, s9y will only issue session_start, if no session exists yet (garvinhicking) * Use "Longtext" instead of "text" for new installations on blog entry body and extended body inside database tables. (garvinhicking) * Added ability to mark authorgroups as "hidden", so that members of such groups are excluded from common author listings. (Ref http://board.s9y.org/viewtopic.php?f=11&t=16237) (garvinhicking) * Added option for SMF importer to also import tags * Added experimental global variable $i18n_filename_utf8 that can be set in a serendipity_config_local.inc.php or language include file, which will return Unicode-Permalinks. (http://board.s9y.org/viewtopic.php?f=11&t=15896) * Added event hook backend_sendcomment for sending comments and being able to chang via plugin API (onli) Version 1.5.5 (December 21st, 2010) ------------------------------------------------------------------------ * Due to security issues in the bundled Xinha WYSIWYG, disabled the PHP-based plugins (which are not utilized by serendipity unless manually enabled), until a proper security fix is available Version 1.5.4 (August 26th, 2010) ------------------------------------------------------------------------ * Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595 * Fix PHP 5.3.2 parse error in a file, thanks to fyremoon * Fix SQL query statement for deleting a category, which on some DB types (SQlite) might not return "true" and thus not really delete the category. (garvinhicking) * Include license output in plugin listing (onli) * Fix escaping when using ImageMagick to create PDF-thumbnail images (stm9x9) * Add new template variable to feed*.tpl files to support new plugins like pubsubhubbub, so that plugins can embed data to the main XML element (onli) Version 1.5.3 (May 10th, 2010) ------------------------------------------------------------------------ * Added workaround for dynamic configuration of Xinha plugins ExtendedFilemanager, ImageManager, InsertSnippet and Linker plugins to avoid remote code inclusion. (Stefan Esser) Version 1.5.2 (January 25th, 2010) ------------------------------------------------------------------------ * Fixed SQL upgrade path for SQLite. Version 1.5.1 (December 21st, 2009) ------------------------------------------------------------------------ * Fix bug with not showing "html" type configuration items. Version 1.5 (December 21st, 2009) ------------------------------------------------------------------------ * Show backend comment pagination in footer and header * Don't toggle the border of marked comments in the admin section to 2px, to avoid padding. Thanks to hboeck! * Added expermiantel PDO::SQLite transport, by nth * Disallow uploading any files with ".php." in the filename (garvinhicking) * Prevent password autocompletion for user passwords to prevent possible mismatch. In media manager popup, fix bug that did not properly forward to image selection after upload (onli) * Fix a bug in statistics output, when statistics for single-number months is created. (Andreas Bilke) * Always increase last_modified when an entry is saved to prevent stale entries in RSS feeds. Thanks to Cenic * Allow comment sidebar plugin to only show coments for entries that are allowed to be viewed by the current visitor. * Also use htmlspecialchars() for the Recent Entries sidebar plugin (Anson) * Do not send mails, if the "To:" address is empty, might happen if authors do not have a mail account entered in their profile. (nealk) * Fixed Spartacus download URLs for SF.Net mirror (christian_boltz) * Allow redirects when fetching remote images (garvinhicking) * Allow to define sort order for search-results (garvinhicking) * More PHP 5.3.0 compat (split(), ereg(), ereg_replace()). * PostgreSQL compatibility for the printArchives() function to gather only unique timestamps (cite) -- beta1 release * PHP 5.3.0 compatibility without E_WARNING triggers (garvinhicking) * Added 'orderby' parameter to plugin API hooks for the serendipity fulltext search function (garvinhicking) * Added new event hook frontend_sidebar_plugins to iterate through sidebar plugins and modify their output. $eventData is the array of their data. (garvinhicking) * Added ability to specify a custom Xinha config. Either supply a 'my_custom.js' file inside the template directory, or if omitted, the default htmlarea/my_custom.js is used. With this you can overwrite the plugins and buttons of all Xinha instances. See the mentioned default file for usage. (garvinhicking) * Removed "static" db layer typelist to prevent accidental over- writes of referenced return values (garvinhicking) * Upgrade to Smarty 2.6.26 * Removed inline styles of the s9y media insertion, they will now properly utilize CSS classes (defined in the new file style_fallback.css). Also added support for entering "ALT/TITLE" attributes to an tag, can be used as a media property if you add "ALT" and "TITLE" to the list of "Media properties" in the main configuration. (garvinhicking) * Filter entries only by authors that have written at least one article (garvinhicking) * Fix PDF imagemagick thumbnail generation to be properly displayed (http://board.s9y.org/viewtopic.php?f=3&t=15446) * Warn about non-writable "plugins" directory in installation * Added new optional parameter for plugin config type "text": rows. Added new optional parameter "input_type"="password" for plugin string type configuration (brockhaus) * pingbacks were not counted as entry trackbacks although added to entries. (brockhaus) * Added "exclude urls" to ip validation functionality in spam block plugin. identi.ca is sending pingbacks but fails the ip validation! (brockhaus) * no longer use htmlspecialchars() on the blog's title and sub- title, to allow for custom HTML code to appear and unify only letting Smarty do the escaping (garvinhicking,falk) * Plugin drag/drop now can scroll up/down/left/right when touching the borders. Thanks to onli! * Changed shoutbox plugin. Shoutbox input size is configurable now. Wrong description for dateformat fixed. (brockhaus) * Change mail entry plugin to be able to send mails without hyperlinks and images. (garvinhicking) * Change uriArgument parsing routine to allow "!" in URLs. Now we can have absolute serocracy. * Changed image upload workflow so that the upload results/errors are shown on top of the media library, allowing to go on immediately (onli) * Added new smarty variable $admin_vars.title to the admin/index.tpl template file to customize the title (onli) * Add new config option to base server time on UTC (http://board.s9y.org/viewtopic.php?f=2&t=15123) (Abdussamad) * Use a unique session name for each blog instance, so that multiple s9y installations can live on the same domain and having their own sessions (kleinerChemiker, DrNI) * Livejournal importer update by Anson now supports importing comments, see http://board.s9y.org/viewtopic.php?f=11&t=15141 * Enhance xhtml cleanup plugin to also work on tags and fix youtube html. (garvinhicking) * Changed bookmarklet to work with Chrome, thanks to Oliver Gassner & TextPattern :-) (garvinhicking) * Enhanced serendipity_printEntries() logic to bypass smarty parsing ($smarty_fetch) (garvinhicking) * Changed karma plugin to only track GET requests as visits, not POSTs. Thanks to Marcus Friedman * Enhanced nl2br plugin to also use

tags, by onli * Added possibility for templates to register a central function serendipity_plugin_api_event_hook() and serendipity_plugin_api_pre_event_hook() that can be used to use plugin API interaction WITHOUT actual plugins. So special plugins can be bundled within a template, without the need to seperately install them. The "pre" function is called BEFORE all normal plugins are executed, the normal function is called AFTER plugin execution. (garvinhicking) * Change javascript non-wysiwyg insertion methods to propery return to scrollposition, patch by onli * Enhance TrackExits plugin to also support link redirection for future german law/access blocking :) (garvinhicking) * Enhance quicksearch by performing a wildcard-search for the searchterms, when less than 4 matches are found. (onli) * Updated czech translation, by Vlada Ajgl * Use a space instead of comma to seperate DENY rules in spamblock plugin, patch by brielle * Added ability to use strftime variables in the spamblock.log filename. (kleinerchemiker) * Added improved Blogger.com importer using the API, thanks to jaa * Change password hashing from plain md5 to salted SHA1. Logins should continue to work and are migrated to SHA1 keys upon first login. MD5-logins will only work successfully once. This mechanism will expire 6 months after the upgrade has been executed. EXPERIMENTAL! (http://blog.s9y.org/archives/205-hash.html) (garvinhicking) * Allow admins to also approve comments awaiting user-confirmation (garvinhicking) * Fix statistics sidebar plugin to properly count weekly visitors (garvinhicking) * Allow javascript inside Xinha WYSIWYG textarea (garvinhicking) * Allow anonymized submission to Typepad/Akismet to attribute possible federal laws for data protection (garvinhicking) (RFE #2517320) * Change antispam plugin to also support Typepad as an alternative to Akismet. (judebert) Version 1.4.2 () ------------------------------------------------------------------------ * Changed spamblock plugin for text filtering to ignore trailing or prepending spaces in blacklists (garvinhicking) * Change syndication plugin to also support new feeds2.feedburner.com style URLs (garvinhicking) * Fix bad link in Remote RSS sidebar plugin (#2521122) (garvinhicking) Version 1.4.1 (January 16th, 2009) ------------------------------------------------------------------------ * Fix missing index key creation for statistics tables in the statistics plugin (isotopp) * Change "Allow duplicate content" in spamblock plugin to not operate on (empty) pingbacks (garvinhicking) * Upgrade to Smarty 2.6.22 to fix a PCRE bug * Remove warning message when checking for plugin documentation files on open_basedir servers (garvinhicking) Version 1.4 (December 29th 2008) ------------------------------------------------------------------------ * Added new event hooks for future support of WYSIWYG button modifications (judebert) [1.4-beta2] * Added ability to rename "feeds" in the syndication plugin and add a big image on top (onli) [1.4-beta2] * Added more parameters to {serendipity_printComments} function: "block" (smarty block variable name), "template" (smarty template file to render) [1.4-beta2] * Fixed not remembering entryproperties when re-editing an entry, introduced with 1.4-beta1 [1.4-beta2] * Added SMF importer [1.4-beta2] * Fix setting cookies for 30 Days, not only ~43 Minutes. Thanks to konus! [1.4-beta2] * Adjust getting the right URL for karmavoting and shoutbox plugins [1.4-beta2] * Added %parentname% permalink property to category structure, so that a full category name path can be used instead of only %name%. (garvinhicking) [1.4-beta2] * Made entrypropertie's password plugin form use "autocomplete=off" to prevent inserting badly stored passwords. Thanks to sbauer! [1.4-beta2] * Added full plugin name and links to documentation/changelog for plugins on installation and configuration [1.4-beta2]: You can provide Documentation for your plugins by supplying a local file called documentation_XX.html inside the plugin directory, which Serendipity will automatically detect. You can also (additionally) add a property bag attribute "website" inside your plugin's introspect() method: $propbag->add('website', 'http://anypage.com/'); To provide a version history, you can add a file "ChangeLog" (mind the exact spelling) to your plugin directory. All three possible links are shown on the Serendipity interface when configuring or installing a plugin. (garvinhicking) * Fix not properly counting trackbacks or resetting comment/tb counter when editing an entry [1.4-beta2] (garvinhicking) * Added experimental Serendipity importer (for merging installations, fore example). (Garvinhicking) * Use "autocomplete=off" for the default database password in the installer, to workaround stupid Firefox password autocompletion inserting the author password at this place. * Also recreate custom permalinks without using URL rewriting (garvinhicking) * Fix WYSIWYG media insertion when being called on pages with multiple HTML portions/nuggets, and also the staticpage plugin (garvinhicking) * Prefix possibly missing http:// of commenting authors URLs in recent comments sidebar plugin and admin interface. (garvinhicking) * Recount trackbacks/comments when a new comment is made, instead of carrying over an incrementing/decreminting counter for entries, that might get off. (garvinhicking) * Add new global config option to support OptIn confirmation for comment subscriptions (garvinhicking) * Allow spamblock plugin to use approval mechanism for comments, so that commenting users first need to approve their comment via email ("once" or "always" as options). * Replace htmlarea with XINHA. Thanks to abdussamad! (Experimental! Needs testing on shared installations. Might need browser cache refresh!) * Add link to preview entries by an author into the usermanagement (garvinhicking) * Add memory_limit output to s9y installation, 8MB for 32bit and 16MB for 64bit OSes * Add support for postgreSQL ts_vector fulltext search, thanks to genesis. * Bulletproof: Added support for custom, randomized header image. If you enter a path (relative to the domain root, like '/blog/uploads/'), any of the contained images will be rotated. (garvinhicking) * Added header('Status:...') calls so that some CGI installations of apache emit proper headers (garvinhicking) * Add a "Configure this plugin" link to the frontend output for every sidebar plugin, not only HTML nuggets. (garvinhicking) * Enhance entryproperties plugin to use sequencing widget: Allows you to configure which fields you want to see in the 'Edit Entry' panel for "Advanced Options". (garvinhicking) * Propagate a 'article_count' smarty variable for each category in the category sidebar plugin, when article counting is enabled. (garvinhicking) * Trackbacks are no longer sent when an entry shall be published in the future. You can force them by editing and re-saving an entry, once it is published. TODO: A plugin/cronjob to automatically execute those trackbacks? (garvinhicking) * Allow 'sequence' widget to enable/disable each config item, if the property "checkable" is added to the introspect method. (garvinhicking) * Do not show title of entries marked as public/private when viewed without permissions. Patch thanks to Anthem * Make cookie deletion routine use the same host like cookie insertion, thanks to JPhilip * Added optional token insertion for comment notification (moderation) e-mails, which you can click without the need for authentication. This is a convenience feature, note that if someone can access your mails, he does not need to authenticate for deleting/approving a comment with the contained link. (Rob A) * Fix showing wrong metadata (00:00:00" for uploaded metadata. (garvinhicking) * RFE #2006182: Make search highlight plugin also honour serendipity's search terms. (garvinhicking) * Improved "Remote RSS" plugin's templating output to select custom template files. Add demo "Nasa Image of the Day" plugin by Grigory F. (garvinhicking) * Fix Generic RSS import to not always assume WPXRSS feed. (garvinhicking) * Fix bug in category sidebar plugin, which showed categories that should have been hidden when the option "Hide parents of selected sub-tree" was selected and Smarty templating was enabled. (garvinhicking) * Change option to allow subscriptions to comments so that fulltext comments can be mailed to subscribers. (garvinhicking) * Default .htaccess now contains a conditional rewrite pattern for fallback *.html generation. Thanks to absynth. (TODO: Regenerate .htaccess on update, maybe make this condition optional) * Update to Spartacus to support custom mirrors (garvinhicking) * Added possibility to access more SQL query parts of fetchEntries through plugin API. New indexes of $eventData: - 'single_group', 'single_having', 'single_orderby' for serendipity_fetchEntry (through hook 'frontend_fetchentry') - 'group', 'having' for serendipity_fetchEntries (through hook 'frontend_fetchentries') (judebert&garvinhicking) * Added RewriteRule to ensure that admin panel can be called, thanks to rich4647 from the forums. * Added file checksums to be able to verify integral structure of a s9y release (judebert) * Use semantically better HTML output by sidebar plugins (ordererd lists, less
s, ...) (YellowLED) * Add new configuration option to allow rescaling thumbnails with height/width/maximum size constraints. (judebert) * Allow to override $serendipity['languages'] array, do not issue s9y version number in RSS feed if 'expose_s9y' is disabled. * Add new config option to entryproperties plugin to not use extensive joins to save performance in cases where no ACLs need to be evaluated. (garvinhicking) Version 1.3.1 () ------------------------------------------------------------------------ * Add XSS security checks for installer, even though very hypothetical application :) (Hanno B�ck) * Add {serendipity_getImageSize} smarty function (judebert) * Add escaping to "Top Referrers" plugin and honor local configuration of "Show links" option, thanks to Hanno B�ck * Fix some PostgreSQL implicit casts for SQL queries (changed LIKE to =). (Devrim G�nd�z) Version 1.3 (March 18th, 2008) ------------------------------------------------------------------------ * Fix possible XSS injection for published trackbacks, thanks to Peter H�we! * Added "Google Reader" option to syndication plugin, by Adam Charnock * Updated recent_entries plugin to show/hide on overview, detailed entry, or all pages (don chambers). * Updated statistics plugin to contain per week/day visitors. (roti) * Updated hungarian language * Allow to submit comments to future entries, when showing future entries is enabled (garvinhicking) Version 1.3-beta1 (February 25th, 2008) ------------------------------------------------------------------------ * Fix sidebar plugin for the author's list to not include counting drafted articles (garvinhicking) * Add option "template" to smarty function call {serendipity_ printSidebar} (garvinhicking) * Upgrade to Smarty 2.6.19 (garvinhicking) * Fixed bug #1893108: Missing 'xmlns' attribute in templates for tag. (garvinhicking) * Updated karma ranking plugin to use nice graphics (judebert,gregman) * Added phpNuke importer (garvinhicking) * Add ability to plugins to check uploaded media files for invalid file extensions. Added more escaping to user- and groupnames for untrusted author environments, thanks to Hanno Boeck. (garvinhicking) * Added czech translation to bulletproof templates and bundled plugins, by Vlada Ajgl * Sidebar plugin comments: URLs of writers now are shown for all entries not only for trackbacks. You may configure if they should be shown for all, none, normal writers or trackback/pingbacks. (brockhaus) * Pingback/Trackback textfetching: HTML Entities are now converted to characters. (brockhaus) * For Pingback it is now possible to define the maximum amount of characters while fetching text of the remote site. Add $serendipity['pingbackFetchPageMaxLength'] = 200 to your serendipity_config_local.php. (brockhaus) * Add ability to set comments as "pending" again, even when already approved in the comment-moderation backend panel. (garvinhicking) * Insert "serendipity_image_center", "serendipity_image_left" and "serendipity_image_right" CSS classes to the image tag, when inserting an image from the mediadatabase (garvinhicking) * Fix displaying entry title in the backend section exactly like in the frontend, thanks to Alex (garvinhicking) * Added hooks to trackback listing in order to let plugins change it (the avatar plugin in example) (brockhaus) * Add more verbose CSS classes to remote RSS sidebar plugin, also only encapsulate the first XML-Item as link. All following items are only encapsulated in s. Also add possible plugin_remoterss.tpl smarty output template to this plugin. (garvinhicking) * Make browser compatibility plugin bail out for IE7. Thanks to Freudi from the forums. * Add possibility to spartacus to upload files via FTP. This can bypass Safe_mode restrictions on your server to make Spartacus work for you. (VladaAjgl) * Add spartacus remote management versioning information subpage. (garvinhicking) * Allow the "send mail" plugin to send mails to all registered authors (garvinhicking) * New spam blocking method for trackbacks: ip validation. The senders ip is compared with the ip of the host, the trackback is set to. If they don't match, the trackback is rejected/moderated. This should reject most of the trackback spam bots. (brockhaus) * Updated karma plugin to not track clicks of registered users (brockhaus) * Made short-urls index.php?serendipity[id]=X or index.php?p=X properly show a single entry view (garvinhicking) * Added new parameter "joinown" and "entryprops" to {serendipity_ fetchPrintEntries} smarty function, to be able to fetch entries according to their entryprops or other custom SQL. (garvinhicking) * New plugin API method "parseTemplate($filename)" to allow a sidebar- or event-plugin to fetch+display a smarty template. (garvinhicking) * The archive sidebar plugin shiped with s9y now displays numbers of articles correctly for month, catergories and so on, even if multicategory articles are used. (brockhaus) * Added LifeType importer (garvinhicking) * The recent entries sidebar plugin shiped with s9y listed entries not accessable by the current user because of right restrictions. (brockhaus) * Patch popup-HTML-code insertion javascript to better inter- operate with tinymce, xinha or fckeditor. Thanks to Assen Tchorbadjiev. * Add experimental DB layer for "SQLRelay" database proxy extension, by Dante Mason * On the fly update of the media database: Not only images are added but video and audio, too. (brockhaus) * Trackbacks to links without a RDF-description now get properly evaluated. Mostly WordPress-specific. (brockhaus) * Pingback receiving is working now with internal functionality in comment.php Smarty trackback loader now loads trackbacks and pingbacks (brockhaus) * Extended spam blocking plugin to handle pingbacks like trackbacks. (brockhaus) * Full pingback support, fallback trackback method for WordPress blogs. (brockhaus) Version 1.2.1 (December 8th, 2007) ------------------------------------------------------------------------ * Updated Textile library to 2.0, by Lars Strojny * Fix wrong entry timestamp used in comment feeds (garvinhicking) * Highlighting searched words in entries now uses str_replace instead of slower and possibly insecure preg_replace(). Thanks to Dietrich Raisin! * Updated WordPress imported to be able to import from a 2.3 structure (experimental). Also added WPXRSS import to the generic RSS importer. (garvinhicking) * Fix proper encoding of '%' sign when used in post titles (garvinhicking) * Encode RSS feed links, Patch by Hanno Boeck * Fix spartacus filter listing showing event plugin groups in the sidebar listing. * Patch PEAR.php for better detection, if already included. Thanks to Assen Tchorbadjiev. * Fix admin entry list when no entries exist or meet filter criteria. (Don Chambers) * Fix PHP notice about session_start() * Bulletproof template can now include custom user stylesheets (*_style.css) in the dropdown of a colorset. (garvinhicking) Version 1.2 (August 26th, 2007) ------------------------------------------------------------------------ * Added bulletproof template by http://s9y-bulletproof.com * (beta4) Fix comment-RSS feeds * (beta4) serendipity_plugin_comments now also supports Favatars and Pavatars in combination with serendipity_event_gravatar instead of Gravatars only. (brockhaus) * (beta4) Fix wrong event hook for entry manager to display toolbar for the main body area. * (beta4) Stronger autologin cookie encryption, prevent mixup with template options (which could make foreign users delete your configured template option keys). Also use new serendpity_db_implode() function for a safer API on image handling. All hail Stefan Esser. :) * (beta4) Backend templating changes to insert more classes to input fields etc (Don Chambers) * (beta4) Fix invalid pingback XML code, by Slim * (beta2) Fix when saving personal configuration the userlevel and "no_create" flags where not properly saved, thanks to PHPaws! (garvinhicking) * When a category or entry does not exist, emit HTTP 404 message template instead of "No entries to print" and HTTP 200 status. (garvinhicking) * Fix URL permalink lookup in some cases (garvinhicking, beta2) * Add admin backend templates for main area and the entry editor. Falls back to default PHP output if Smarty cannot be utilized. (garvinhicking) * Fix properly reinstantiating sessions and properly deleting cookies when requested (garvinhicking) * Add support for sqlite3 (http://php-sqlite3.sourceforge.net/), by geekmug * Change database types for IP addresses to varchar(64) to support IPv6 (garvinhicking) * Make statistics, karma and spamblock plugin only log 255 characters of HTTP User-Agent and Referrer strings to the database, as the fields are only varchar(255). Thanks to jemm4jemm! * Fix bug in conjunction with PHP 5.2.1 changed variable-by-reference handling that could result in no groups being listed for author accounts (garvinhicking) * Fix redundant space when inserting links through the non-WYSIWYG editor panel. Fix "null" insertion. Thanks to Alp Uckan. * Fix RSS fullfeed "let client decide" option typo. Previously this always enforced a fullfeed to show, regardless of what the client indicated. Thanks to stm9x9 (garvinhicking) * Add proper charset to CSS stylesheet. Thanks to SADtg (garvinhicking) * Strip tags from comments also in RSS-Feeds for comments, thanks to tmix from the forums (garvinhicking) * Patch #1697590: Proper directory name of SQLite DB-error messages, thanks to Thijs Kinkhorst * Enabled setting cache-control headers by default. * Fix wrong next/previous page links when using wrapper.php indexFile option. (garvinhicking) * Prevent cookie-based session fixation by regenerationg server-side session ID. Major thanks to David Vieira-Kurz. * Display theme's preview_fullsize.jpg image when existing. Added screenshots by williamts99. * Upgrade bundled Smarty to 2.6.18 (garvinhicking) * Make plugins be able to emit their own RSS-Feeds using $eventData['template_file'] on the 'frontend_rss' event hook (garvinhicking) * Fix missing %username% permalink pattern in single entry view. Patch by cress_cc * Allow to specify non-default port when using MySQLi (garvinhicking) * Show current captcha look in the plugin configuration menu (garvinhicking) * Add new category property to hide blog postings made into sub- categories from the frontend view, per category. Thanks to netmorix from the forums! (garvinhicking) * Move possible hazardous personal configuration options ("Rights: Publishing entries", "Forbid creating entries", "Access level"; "Group memberships") to the user management section. (garvinhicking) * Fix track exit url ids off by one when being used in conjunction with caching plugin (garvinhicking) * Fix permalink patterns for some cases to properly detect pagination variables instead of interpreting search words as those. (garvinhicking) * Improve performance of displaying the complete archive. Instead of year*months SQL queries, only one query is now used. (garvinhicking) * Improve installation on hosts where fsockopen() is disabled (garvinhicking) * Improve memory usage of WordPress importer, add debug output (garvinhicking) * EXPERIMENTAL: Modify session language fetch function to allow earlier plugin API calls (Rob Richards) * No longer accept trackbacks to draft entries.Thanks to j_b_poquelin (garvinhicking) * Do not store an unnecessary config value for check_password and password user properties. Thanks to jenzo from the forums! (garvinhicking) * Update spamblock plugin to update a .htaccess file with DENY rules based on recent spammer IPs. EXPERIMENTAL. * Support shared http/https sessions. Performing admin actions will only be allowed (through tokens) on the protocol that was used for login. Patch by Rob Richards (http://board.s9y.org/viewtopic.php?p=49276) * Added PDO:PostgreSQL support (Theo Schlossnagle) * Dutch translation update with many fixes by Sam Geeraerts * Improve Livesearch-Plugin to abort search on outside-of-box click, fetch proper "not found" message on zero results (Lars Strojny) * Change bbCode plugin to use "white-space: pre". Thanks to jtb! * Moved drag+drop and YahooUI library into templates/default/ to be used in shared installation environments (garvinhicking) * Improve WP importer by only fetching real posts (attachments/static only optional) and splitting a post into extended/normal entry. Thanks to jtb! * Update Spartacus plugin to allow configuring whether to fetch Themes or Plugins, or only one/none of them (garvinhicking) * Remove "View" option for drafted entries in the "Edit entries" section and replace with a "Preview" option. (garvinhicking) * Make spamblock plugin be more verbose in moderation-queue emails. RFE #1626712 (garvinhicking) * BBCode plugin improvement: Proper DIV-tag nesting, modify CSS code to use scrollbars (Jez Hancock) * Stricter mbstring-extension check for special charsets like czech, thanks to mila * Upgraded DB-scheme to allow longer author usernames * Improved Spamblock plugin to allow filtering email addresses (Boris) * Improved Spartacus' detection of firewalling/network connection issues (judebert) * Introduce '%lowertitle%' permalink attribute to use lowercase permalinks. (garvinhicking) * Allow to call permalinks that end with a "/" the same as if not ending with a "/" (garvinhicking) Version 1.1.4 (August 8th, 2007) ------------------------------------------------------------------------ * Fix being able to set entryproperties values via POST-Request (and being able to bypass password-protection of an entry, when the Entryproperties plugin is installed). Thanks to Erich Schubert Version 1.1.3 (June 17th, 2007) ------------------------------------------------------------------------ * Fix SQL injection through 'commentMode' variable. Thanks to Dr. Neal Krawetz * Fix missing %username% permalink pattern in single entry view. Patch by cress_cc Version 1.1.2 (March 1st, 2007) ----------------------------------------------------------------------- * Fix showing SQL error message when an empty category is selected for viewing. Fixes an issue reported by Samenspender that was falsely declard as SQL injection. In fact, no invalid SQL code can be injected. (garvinhicking) * Better checks to see if the local PEAR inclusion is required (garvinhicking) Version 1.1.1 (February 22nd, 2007) ------------------------------------------------------------------------ * Patch plugin permissionship management to properly indicate forbidden plugins/hooks, even if the admin user is not contained within the configured group. Thanks to ICE! (http://board.s9y.org/viewtopic.php?t=8773) (garvinhicking) * Patch pingback receiving function to use proper Regexp, thanks to dhaun from the forums * Make categories sidebar plugin properly return evaluated categories list to plugin_categories.tpl template. Currently, a hidden structure would only be displayed when not using custom template. (garvinhicking) * Change order of trackback execution flow (again) to preserve references for plugins like Track Exits, when used in conjunction with the entryproperties cache (garvinhicking) * Fixed a bug that prevented some entryproperty-plugins to execute on the entry detail pane. (garvinhicking, Dragonblast) * Fix a bug in sending the right login session cookies on Windows IIS servers. Major thanks to Shadowin from the forums! Version 1.1 (December 28th, 2006) ------------------------------------------------------------------------ * Fix better installer warning messages when directories have no write privileges and already exist. Thanks to wagwag! * Small bugfixes: Allow to use different login credentials than the current HTTP Basic-Auth, if used. Order categories by name in single entry view (garvinhicking) * Added bookmarklet to Serendipity core, added to the "Further links" welcome screen. Thanks to stm999999999! (garvinhicking) * Fixed a bug in lowercased DB key names in the plugin API table, which prevented postgresql for properly printing a plugin list in some setups (garvinhicking) * Huge SQL improvement by "caching" the current timestamp for 5 minutes, so that an SQL string for the central logic will stay the same for a 5 minute window, thus relying on the DB-Server to cache query results more efficiently. Major thanks to Matthew Groeninger. * Enhanced nl2br plugin so that it will NOT put breaks into pre- defined tags like

,  etc. Not enabled by default.
      Thanks to Brendon K from the forums!

    * Portuguese translation update by Angel

    * Added functionality to reply to comments in the admin interface
      (garvinhicking)

    * Enhance spamblock plugin with session hash check, to prevent
      automatted comment posting. Also prevents possible CSRF for
      tricking you into submitting comments to your own blog. Thanks
      to Stefan Esser! (garvinhicking)

    * Support to delete multiple entries at once via checkboxes in the
      entry admin panel, fix admin entry pagination to not show
      next pages, if that next page were empty. (garvinhicking)

Version 1.1-beta5 (October 18th, 2006)
------------------------------------------------------------------------

    * Added new plugin hooks:
        backend_templates_configuration_top
        backend_templates_configuration_bottom
        backend_templates_configuration_none
      for the theme configuration (garvinhicking)

    * Allow to set $serendipity['CacheControl'] to make serendipity emit
      Cache-Control: HTTP headers. Thanks to annonymous from the forums!

    * Use seperate PHP session ID when using HTTPS login. Set 'secure'
      cookie parameters when using HTTPS. Thanks to lynoure!

    * Added possibility for templates to define the sidebars they use.
      The template specifies this via the $template_config array in
      the config.inc.php file of a template. It looks like this:
       $template_config = array(
         array(
           'var'     => 'sidebars',
           'title'   => 'Sidebars',
           'type'    => 'string',
           'default' => 'left,hide,right'
         )
       );
      Note some things: Seperate the sidebar keys with a "," only -
      do not use spaces. Also never use more than 6 characters for
      the descriptors.
      If you do not want to make it configurable, you can also use
      the $serendipity['sidebars'] array to define the sidebars
      that are available.

    * Made category-recursion show orphaned categories because of
      permission restrictions (garvinhicking)

    * Fix some markup functions in textile plugin (Matthias Leisi)

    * Add Smarty function to show commentform (garvinhicking)

    * Group management now allows to disallow certain plugins or even
      specific plugin hooks per usergroup (garvinhicking)

Version 1.1-beta3 ()
------------------------------------------------------------------------

    * Change permalinks to allow "%" in URLS. Fix templatedropdown
      plugin to remove double "//". Fix bad htmlspecialchars of the
      RDF ident link. (garvinhicking)

    * Allow to apply current permissions of a directory to all sub-
      directories (Matthew Groeninger)

    * Fix a bug in the HTTP 304 Conditional GET RSS-Feed caching when
      the server timezone offset was not set to zero. Thanks to dand!

    * Added ability to use HTTP Authentication to the blog. Can be
      triggered by submitting HTTP Auth credentials [only supported when
      the server runs with mod_php, not as CGI]. Authentication can be
      forced URLs with the "?http_auth=true" parameter, which
      will then send a "401 Unauthorized" header.
      If your server does not support mod_php, you can submit REQUEST
      variables: ?http_auth_user=XXX&http_auth_pw=YYY.
      Note that specifying username and password in the URI will lead
      to password disclosure in HTTP logfiles.
      This feature is most importantly meant for RSS-feeds, to make
      RSS readers able to submit login credentials. (garvinhicking)

Version 1.1-beta1 (August 14th, 2006)
------------------------------------------------------------------------

    * Fix multiple loading of $serendipity['smarty'] theme options when
      calling serendipity_smarty_init() more than once. Many thanks to
      Sven Ediger for reporting this. (garvinhicking)

    * Properly sort media directories (garvinhicking)

    * Better use of "return by references" in some vital areas.
      Improves performance. Might introduce glitches. Keep an eye on this!
      (garvinhicking)

    * Add new template 'comments_by_author' which show comments made
      by authors. New permalink structure:
       "/comments/[AUTHORNAME]/comments|trackbacks|comments_and_trackbacks/P[PAGENUMBER]/FROM [YYYY-MM-DD]/TO [YYYY-MM-DD]"
      Instead of /FROM and /TO you can also use /F and /T.
      Instead of /FROM and /TO you can also specify /last_X, where X
      is the amount of past days to show comments for.
      (garvinhicking)

    * Add "Comments and Trackbacks" feed feature (stm99..)

    * Add LiveJournal XML importer (garvinhicking)

    * Fix not fetching allow_comments/moderate_comments value when
      inside search function. Thanks to stm! (garvinhicking)

    * Add new links to check for upgradable SPARTACUS plugins
      (garvinhicking)

    * Add new frontend view "Archive by Authors": /archive/Axx.html to
      view the archive listing for specific authors only (like viewing
      archive by specific categories only via /archive/Cxx.html etc.)
      (garvinhicking)

    * Templating: Add new {$entry.html_title} variable that holds
      unescaped HTML code of the Entry's title (garvinhicking)

    * BC-Break / Plugin API change: The serendipity_getTemplate() file
      now no longer returns FALSE when a file is not found, but instead
      the filename without a path. This is required so that the smarty-
      created error message contains the missing filename instead of an
      empty '' string.
      Plugins based on this function need to make sure that they will
      now properly use a file_exists() check on the returned function,
      if they want to probe different locations of a file.
      All template files containing the string "plugin" will still return
      FALSE for the function call, to circumvent problems with spartacus
      plugins.
      Bottom line: Plugins that use "*plugin*.tpl" filenames or check
      via file_exists() on the returned variable are safe.
      (garvinhicking)

    * Added arabic (sa) language by Way

    * Add patch to allow entryproperties plugin to define passwords for
      specific entries (Falk D�ring)

    * Made smarty function "serendipity_printComments" accept to new
      parameters: "order" (ASC/DESC) and "limit" (garvinhicking)

    * Comment moderation panel, usability improvement: Blocking authors/
      URLs will lead to the originating page. Thanks to Tanel Raja!
      (garvinhicking)

    * Patch mb-functions to better work on foreign/japanese charsets
      (thanks to deminy!)

    * Replaced core smarty assign() calls to assign_by_ref() where
      appropriate. (Falk D�ring, garvinhicking)
      TODO: This might introduce oddities! Check thoroughly.

    * Fixed not showing entries in the quicksearch that have the
      "no frontpage" entryproperty set (garvinhicking)

    * Fixed sidebar category plugin to show proper category listing
      for permission-based restrictions, when "current autho" mode
      is selected (garvinhicking)

    * Added experimental XML-engine, for XSLT templating support
      (garvinhicking)

    * Added experimental PHP-engine templating support, bypassing
      Smarty. Work in progress, mostly proof-of-concept. Might
      be changed completely. Read instructions in the
      include/template_api.inc.php file. Dedicated to Davey. ;)
      (garvinhicking)

    * Support to crop images from within the media database. Pick a
      picture in the MDB, go to the property section of that image
      and click on the "EDIT" link. (garvinhicking)

        TODO:
            - Operate also on PNG, TIFF etc. (currently only JPEG!)
            - Support image magick (currently ony gdlib!)
            - Currently backup files are scattered around, fix this.
            - Interface cleanup
            - Add options to only affect the images thumbnail instead
              of always saving the whole picture.
            - Internationalization!

    * Move the DB charset option to serendipity_config_local.inc.php to
      issue propper DB connections instantly. (garvinhicking)

Version 1.1-alpha6()
------------------------------------------------------------------------

    * Use possibly existing local PEAR by default. Patch by Davey
      (garvinhicking)

    * Add missing indices for the statistics visitor DB tables
      (garvinhicking)

    * Add new "custom" property bag type, which can emit any kind of
      custom HTML/JS values. Current property bag value can be referenced
      by DOM GetElementById('config_plugin_XXX') if you want to emit
      specific JavaScript. Can also be used by template configurator for
      heavily customized output. (garvinhicking)

    * Fix bug #1494653: Non-Unique index constraint for 'exits' table.
      Thanks to Markus Brueckner! (garvinhicking)

Version 1.1-alpha5()
------------------------------------------------------------------------

   * Implemented Drag and Drop based plugin configuration panel for
     re-ordering plugin layout. Uses JavaScript - works like old
     manager when having JS disabled! (garvinhicking)

   * Changed "Auto-Login" via Cookie behaviour to only issue single-
     time valid cookies to users and no longer put username/pw into
     serialized cookie data. Many thanks to Yasuo Ohgaki for giving
     a helping hand! (garvinhicking)

   * Added possibility to hide/temporarily disable Event plugins
     (garvinhicking)

   * Added "plugin_api_extension" class, which contains some helper
     methods for future use, like re-ordering DB items or checking
     valid emails. (Falk D�ring)

   * Fix multiple occurences of the string "--" in the entry title to
     not mess up HTML display because of weird Firefox interpretation
     (Bug #1474290) (garvinhicking)

   * Made "fullfeed" syndication option also support "let the client
     decide", via $_GET['fullFeed'] = true/false. (garvinhicking)

   * Added new configuration option to that lets you toggle whether to
     comply with RFC2616 on Conditional GET. (Garvinhicking)

   * Support template/theme/style-specific options via "config.inc.php"
     file in template directory. Allows values like "background-color",
     "header" etc. to be made configurable in the admin screen.
     (garvinhicking)

   * Make media manager able to store media properties and many other
     enhancements:

     DETAILS:
         - Smarty templates for all media-related output
         - New DHTML widget for tree navigation
         - Store+Retrieve EXIF/XMP/ITPC/ID3 metadata for uploaded files
           [new database table]
         - Manage custom keywords for media items
         - Option for enabling the toolbar in the popup media window
         - Plugin API hooks for fetching media metadata (like via
           getID3() plugin)
         - Make media chooser also return the media ID
         - Detect if a file is video, audio, image, document, archive,
           binary. Unify image fetching functionality.
         - Allow to create directories from the popup media window
         - Optionally increase filename (1, 2, 4, 5, ...) when file
           already exists
         - Restrict file upload by size/dimensions via configuration
           options
         - Sort media files by all custom property fields
         - Search/Filter for specific properties/keywords.
         - Enhanced media filter for keywords
         - Use entered comments in the "You choose..." picking page
         - Integrate new page for viewing images with media properties
           through serendipity_admin_image_selector.php?serendipity[image]=X
         - Integrate imageselectorplus plugin options for giving a target
           to links
         - New option for image_Selector to save a specific sized version
           (?serendipity[image]=X&serendipity[step]=showItem
            &serendipity[resizeWidth]=X&serendipity[resizeHeight]=Y
         - Track referrers by image selector and show them on detail
           page
         - Allow to move directories with files and updating all links
           in your entries to those moved items. (MySQL only!)
         - Allow to move single images.
     (garvinhicking)

   * Create a new index on the plugin DB table, optimize fetching config
     values for plugins. Load language file when permissions could not
     allow reading the config file. (garvinhicking)

   * Fix blocking site during file requests by writing session data to
     disk. Thanks to jgoerzen! (garvinhicking)

   * Make categories sidebar plugin able to only show categories
     readable for logged in user (garvinhicking)

   * Fix getting multiple images for directories that were put into
     the Acccess List (garvinhicking)

   * Allow to create new groups from existing ones, by editing them
     and clicking on "Create new group". (garvinhicking)

   * Statistic plugin update by Shrikee: Graphically display visitors,
     bot banning.

   * Deleting a comment that has replies will replace that comment with
     a "Comment deleted" reference. Deleting such a comment again will
     completely remove it. (garvinhicking, Jabrwock)

   * Added "further links" infobox to Admin interface (garvinhicking)

   * Media manager gallery will use (user-specified)
     "admin/img/mime_XXX-YYY.png" images of a template for non-image
     mimetypes. (garvinhicking)

   * Allow entryproperties plugin to define which markup plugins are
     applied per-entry (garvinhicking)

   * Added links to view an entry in reasonable places (comments / entry
     overview) (garvinhicking)

   * Added on-the-fly synchronizing of the Serendipity media database
     with the file system (Marty, garvinhicking)

   * Introduce permission setup for media directories (garvinhicking)

   * Added config option for specifying number of entries in the RSS
     feed (garvinhicking)

   * Added option whether to issue the "SET NAMES" mysql command
     (garvinhicking)

   * Removed config option "XHTML11 compliance" and enabled by default
     now (garvinhicking)

Version 1.0.4 (December 1st, 2006)
------------------------------------------------------------------------

   * Fix local file inclusion bug on systems with two conditions:
     register_globals=on AND missing .htaccess for restricting access to
     .inc.php files. (garvinhicking)

   * Fixed problem in trackbacks using a formatted link (like through
     trackexits plugin) to trackback to instead of the real one

Version 1.0.3 (November 7th, 2006)
------------------------------------------------------------------------

   * Fix PHP 5.2.0 compatibility issue. (garvinhicking)

   * Add testsuite (nohn)

   * Some minor 1.1 bug backports:

     - Fix a problem where spartacus did not properly assign configured
       permissions to downloaded directories, thanks to danilo from
       the forums! (garvinhicking)

     - "View Article" in "Save Entry" dialog (nohn)

     - Fix possible integer wraparound in comment count leading to
      a gazillion counter state. Also now show links to the entries
      within the administration comment panel. Thanks to Julian Finn!

     - Fix bug with using %username% in author permalinks, thanks to oeli
      from the forums! (garvinhicking)

     - Fix a problem where spartacus did not properly assign configured
      permissions to downloaded directories, thanks to danilo from
      the forums!

     - Move trackback sending logic to the end when saving an entry.
      Should get rid of event plugins not operating when trackbacks
      painfully fail. Thanks to isotopp (garvinhicking)

     - Fixed bug that prevented native imports from other blog system
      to recode ISO-charsets into UTF-8. Major thanks to Jan of
      blog.salid.de. (garvinhicking)

     - Added $serendipity['expose_s9y'] variable to optionall prevent s9y
       from emitting any s9y-specific HTTP headers (garvinhicking)

Version 1.0.2 (October 18th, 2006)
------------------------------------------------------------------------

   * Fix a security issue with XSS on the admin backend for registered
     authors. Many thanks to Stefan Esser! (garvinhicking)

Version 1.0.1 (August 14th, 2006)
------------------------------------------------------------------------

   * Fix problem on newer Firefox versions, where insertion of images
     in the WYSIWYG editor did not work. It might be necessary to
     purge your browsers cache for this to properly work. (Jay Bertrandt)

   * Fix utf8 iconv conversion failing on some older PHP setups.
     Thanks to Matthias Leisi!

   * Fix multi-authors view only showing first author (garvinhicking)

   * Fix bug sending comment-notification mails to subscribed users
     without an email address (garvinhicking)

   * Fixed icelandic language bug preventing upgrade (garvinhicking)

Version 1.0 (June 15th, 2006)
------------------------------------------------------------------------

   * Insert logic for saving an entry that prevents the iframe for
     trackbacks/xml-rpc pings to save an entry multiple times upon
     failure. Many thanks to tharos from the Forums! (garvinhicking)

   * Add smarty parameter $view which can be used to detect what kind
     of page is being displayed. One of: archives, entry, feed, admin,
     archives, plugin, categories, authors, search, css, start, 404
     (garvinhicking)

   * Change Spartacus plugin to use new SourceForge URLs (garvinhicking)

   * Added polish language translation by CoSTa

   * Fix another (minor) XSRF for entry manager, thanks to Geoff Johnson
     (garvinhicking)

   * Support "Force Feedburner" option to the syndication plugin to
     let rss.php only be accessible to feedburner and no clients.
     (garvinhicking)

   * Add Akismet antispam support (garvinhicking)

   * Saving special crafterd configuration data as Admin superuser
     could lead to arbitrary PHP code inclusion from
     serendipity_config_local.inc.php. Since admins usually already have
     superuser rights over their files, this is not considered a
     "real-life" security issue. (garvinhicking)

   * Added Pivot importer (garvinhicking)

   * The spamblock plugin now continues to check any comment/trackback
     set to MODERATE if maybe other rules override the status to
     REJECTED. This should reduce the amount of moderation mails that
     definitely are spam. (Bug #1467707) (garvinhicking)

   * Fix UTF-8 encoding of $i18n_filename_* variables for building
     permalinks (Bug #1461754, Thanks to Kim Sullivan) (garvinhicking)

   * Fix messing up comment count when deleting a trackback from admin
     panel (garvinhicking)

   * Fix missing UTF-8 encoding of date locales on Windows setups
     (garvinhicking)

   * Fix imagepng() function call for PHP 5.1.0 versions
     (Sebastian Mordziol)

   * Fix WYSIWYG javascript referencing so that plugins can access their
     objects (like emoticonchooser). Also replace  with  and
      with . (Jay Bertrandt)


Version 1.0-beta2 (March 13th, 2006)
------------------------------------------------------------------------

   * Fixed chief-editor not being able to create editors (garvinhicking)

   * Added turkish language by Ahmet Usal

   * Fix also deleting thumbnail when removing an image (garvinhicking)

   * Added new competition theme winner by Carl Galloway

   * Enable Spamblock plugin to allow registered authors to not enter
     captchas and other spamchecks (garvinhicking)

   * Fixed spartacus DB error on postgreSQL installations, thanks to
     volkris! (garvinhicking)

   * Added partial Tamil translation by Selva

   * Fix Text_Wiki problems with UTF-8 charsets (garvinhicking)

   * Added PHP 5.1.3 filter awareness (Tobias Schlitt)

   * Properly sort template listings alphabetically, if using themes
     in subdirectories (garvinhicking)

   * Add new plugin API method "performConfig" for performing expensive
     configuration options that shall not impact the usual blog
     performance. Enhance mailentry plugin to send mails depending
     on the associated category of an entry (garvinhicking)

   * Add ability to "preload" specific plugins and SQL entries into
     Serendipity. Just create a plugins/preload.txt file containing
     the plugins to load (one plugin per line, indicate plugin type
     like "serendipity_event_spartacus:event"). Preloaded SQL data
     can be put into sql/preload.sql and may only contain INSERT
     statements. (garvinhicking, judebert)

   * When the "no_create" privilege is set, deny users access to any
     external admin plugins (garvinhicking)

   * Made categories plugin default HTML output more XHTML compliant.
     (garvinhicking)

   * Added option "stronger captchas" in spamblock plugin.

   * Transcode incoming trackbacks from the given charset to your blog's
     charset. Reliably only works with the two most common formats,
     ISO-8859-1 <-> UTF-8. (garvinhicking)

   * Change karma plugin and search results to output more HTML span
     classes for better styling (garvinhicking)

   * Modified plugin API to allow deactivating the output of plugin
     sidebars (garvinhicking)

   * Adjust the function serendipity_currentURL() to properly return
     path components without doubling any of them (garvinhicking)

   * Fix serendipity_event_mailer plugin to also work when being called
     from posting plugins like XMLRPC, popfetcher etc. (garvinhicking)

   * Make templatechooser plugin store the selected template in a cookie
     (garvinhicking)

   * Added new hook "backend_header" for plugins to emit output in the
     header section of the admin interface. (garvinhicking)

   * Added experimental MySQL5 "SET NAMES" support. Needs to be enabled
     by setting $serendipity['dbNames'] = true somehwere (like
     serendipity_config_local.inc.php) (garvinhicking)

   * Patch bundled PEAR.php so that it does not try to declare a PEAR
     class a second time. (garvinhicking)

   * RSS feeds use the permalink URL to link to extended entry, not the
     RSS guid element. (garvinhicking)

   * Remove duplicate path file name in serendipity_currentURL function,
     preventing the right "is frontpage?" detection routine from working.
     (garvinhicking)

   * Use mysql_real_escape_string when available (garvinhicking)

   * Atom feeds now use proper appliaction-mime type header, thanks to
     Boris

   * MoveableType importer no longer chokes on "FM/EM" timestamps
     (garvinhicking)

   * Fix undefined function call to "is_defined".

   * Added translation helper tool plugin_lang.php to detect untranslated
     plugin constants (garvinhicking)

   * Updated french translation by Sebastian Mordziol

   * Updated icelandic translation by �rn Arnarson

   * Updated chinese plugin translation, by Demin Yin

Version 1.0-beta1 (January 23rd, 2006)
------------------------------------------------------------------------

   * Apply changes to shared installation directory detection so that
     it also works with Apache's mod_userdir (elf2000)

   * Fix some problems with sending UTF-8 emails on some systems. Allow
     Plugin API to handle the whole mailflow optionally.
     (garvinhicking)

   * Fixed Safari Browser issue with formatting and inserting media
     items (garvinhicking)

   * RFE #1387997 - Show amount of entries per archive period (archive
     sidebar plugin). Side-effect are some new additions to the
     serendipity_fetchEntries() function call for further abstraction.
     (garvinhicking)

   * Add new plugin hook "backend_http_request" which passes PEAR
     HTTP_Request options to plugins for modification. $addData contains
     the source of where a request is being made (garvinhicking)

   * Make WordPress importer not fail on the missing "user_level" column
     for WordPress 2.0 (garvinhicking)

   * Add new option to spamblock plugin to forbid trackbacks from URLs that
     don't have our URL in them. (garvinhicking)

   * Recognize "multiselect" as new plugin item type. Calls to get_config()
     will return a string, that needs exploding to convert it into the
     array of multi-selected input values.
     For the property bag object, you can set a new item "select_preselected"
     to indicate which (if any) values shall be preselected. The item "select_size"
     indicates the multi-select size.
     (garvinhicking)

   * Make spartacus plugin be able to filter comment bodies
     (garvinhicking)

   * Fixed bug which broke thumbnail generation with Imagemagick when
     safe-mode was ON (tomsommer)

   * New Smarty template preview_iframe.tpl for creating the entry's
     preview in the backend panel (garvinhicking)

   * Entry mail plugin can now send mails to multiple recipients, and
     define the list of recipients per-entry (garvinhicking)

   * Trackback now uses PEAR HTTP::Request class to send trackbacks.
     This allows to use HTTP redirects of trackbacks, which seem to
     get more common nowadays (garvinhicking)

   * Fix Bug #1377095 - Not counting correct number of entries on the
     /archives page. The page was counting entries belonging to more
     then one categories multiple times. (garvinhicking)

   * Fix MoveableType importer to better import comments (garvinhicking)

   * Allow category sidebar plugin to hide the parent category, if
     the plugin is configured to only show a leaf of a category tree
     (garvinhicking)

   * Allow to restrict not showing entries from special category via
     $serendipity['GET']['hide_category']. (garvinhicking)

   * Allow to edit a HTML nugget with a frontend link (garvinhicking)

   * Added sidebar plugin to show statistical data (garvinhicking)

   * Changed detection of "last_modified" timestamp, so that the date
     only gets bumped in case of real updates. Thanks to Ivan Cenov!

   * Changed interface language autodetection so that multilingual plugin
     can override it (garvinhicking)

   * Added option to turn off referrer tracking (garvinhicking)

   * Improved Smarty Plugin API so that a new function
     serendipity_fetchPrintEntries() can be used within a template to
     print more entries, and abstracted _fetchEntries()/_printEntries()
     calls a bit more so that future plugins can easier modify the
     global $entries array and control smarty/plugin execution
     (garvinhicking)

   * Inserted phpDoc code documentation for all Serendipity functions
     (garvinhicking)

   * Made remote RSS plugin be able to emit debug messages, enhance
     bbcode plugin with new [strike] command, thanks to comdoxx!

   * Fix wrong URL permalink detection when categories contain "." or "_"
     characters (garvinhicking)

   * Spamblock plugin can block comments when they only contain the
     entry title (garvinhicking)

   * Make RSS feeds templatable with Smarty .tpl files (feed_*.tpl), so
     that you can easily customize your feeds layouts, inject nagging
     ads and so on (garvinhicking)

   * Fix certain plugins to correctly behave when using entry-
     properties caching, by re-executing plugins that were not executed
     because they "scramble" the true content. (garvinhicking)

   * Introduced CUSTOM_ADMIN_INTERFACE that tells the user if the
     template author also made a stylesheet for the admin interface
     when selecting a theme (flotsam)

Version 0.9.2 ()
------------------------------------------------------------------------

   * Fix server locale order to always first use the charset locale
     instead of a generic locale. Fixes bug #1384978 (garvinhicking)

   * Fix entry quicksearch on postgresql, where it returned the same
     entry multiple times if it was contained in multiple categories.
     Fix by Robert Treat, many thanks!

   * Make templatechooser plugin emit a non-cached version of the
     stylesheet, so that user-changes will be visible without manually
     purging the cache (garvinhicking)

   * Fix personal configuration no more able to lock you out of all
     user groups (garvinhicking)

   * File CSS stylesheets occasionally not returning the right path
     (garvinhicking)

   * Fix not being able to create users of the same userlevel when
     being admin [workaround was to first create user with lower userlevel
     and then edit the user account, which lead to propper permission
     checks]

   * Include a template's "config.inc.php" also when previewing an entry,
     so that custom functions can be called (garvinhicking)

   * Media uploader remembers last used upload directory (garvinhicking)

   * Add "Precedence: Bulk" headers to sent mails (garvinhicking)

    * Fix bug #1371893: Category write permissions are not properly
      evaluated when writing into a category that a user has no
      access to. Thanks to cydvicious! (garvinhicking)

    * Fix bug #1371630: Write permissions to category are stored with
      input data of the 'Read permissions' author listing.

Version 0.9.1 (November 23rd, 2005)
------------------------------------------------------------------------

    * Fix renaming authors and categories to also properly update permalinks
      that have no %id% column (garvinhicking)

    * Fix configuration for non-admins to not properly store values like
      blog Title (garvinhicking)

    * Fix RSS import's timezone detection for ISO-8601 dates
      (garvinhicking)

    * Fix htmlarea when using UTF-8 charset on a ISO-8859-1 language
      (garvinhicking)

    * Statistics plugin now contains entries per author. Patch #1347639
      by SvOlli

    * Fix thumbnail generation for imageMagick when target image is
      smaller than the target size, it should not be blown up
      (garvinhicking)

    * Fix spartacus plugin to not properly indicate updatable versions
      of plugins (garvinhicking)

    * Fix multi-media upload in Safari browser (jhermanns)

    * Make calendar plugin also accept links to external events
      (garvinhicking)

    * Fix mod_rewrite rules to not differentiate on case-sensitivity for
      authors, archives and category URLs (garvinhicking)

    * Fix a bug in the serendipity_currentURL function when Serendipity
      is installed in your HTTP root. This bug only effects the plugins karma,
      entrysplit and multilingual on these installations.
      Thanks to Richard Davey for spotting this! (garvinhicking)

    * Fix showing preview image of hotlinked images. Thanks to Thomas
      and RobA from the forums! (garvinhicking)

    * Make Onyx RSS parser interpret HTTP redirecty. (Kristian K�hntopp)

    * Added blogger.com importer by Jawish Hameed

    * Fix visitor tracking in statistics plugin (garvinhicking)

    * Fix incorrect entry count in categories sidebar plugin (was also
      counting drafts)

    * Set the correct reply-to name when sending comment mails, thanks
      to RobA from the forums (garvinhicking)

Version 0.9 (October 28th, 2005)
------------------------------------------------------------------------

    * Spamblock plugin can now check domains against the blogg.de
      blacklist (http://spam.blogg.de/blacklist.txt). Deactivated by
      default, the blacklist will be cached for 60 minutes before
      being queried again. Thanks to the guys of blogg.de for notifying
      us about their service! (garvinhicking)

    * Fix categories plugin to properly work on pgsql installations.
      Thanks to CaptainCrunch!

    * Make serendipity_makeFilename function be UTF-8 aware.

    * Fix syndication plugin not allowing to configure Atom 1.0 feed.
      Thanks to Boris from the forums!

    * Fix an issue of privilege escalation for non-admins (garvinhicking)

    * Fix a parse error in the Importer, introduced in beta3
      (garvinhicking)

    * Show installed plugin versions in plugin overview (garvinhicking)

Version 0.9-beta3 (October 21st, 2005)
------------------------------------------------------------------------

    * Syndication plugin: Do not show E-Mail adress in RSS feed by default
      (garvinhicking)

    * Fix Bug where siteConfiguration was not available to chief
      editors. Thanks to Jannis! :) (garvinhicking)

    * Fix Bug with category/author RSS feeds not properly recognize
      their content when URL rewriting is off (garvinhicking)

    * Enhanced entryproperties plugin to support entering custom field-
      names (RFE #1328773) (garvinhicking)

    * Also fetch and display entryproperties in the results of a search.
      Fixes bug #1329379 (garvinhicking)

    * Fix some dreaded "only variables can be returned by referenced"
      PHP 4.4 notices on some minor occasions (garvinhicking)

    * Fix problem with b2evo importer when db was not in the same db
      as serendipity. Thanks to Judebert from the forums! (garvinhicking)

Version 0.9-beta2 (October 13th, 2005)
------------------------------------------------------------------------

    * Fix "easy installation" leading to an error with language charsets.
      Thanks to Heddesheimer from the forums for spotting this!
      (garvinhicking)

    * Improve Spamblock plugin to allow configuring author/url filters
      straight from the "Comments" interface. (garvinhicking)

    * Fix a bug in the fetchEntry() function which can lead to wrong
      author/authorid settings when editing an existing entry. Thanks to
      Martin Eichenberg! (garvinhicking)

    * The output of the category plugin can now be styled via Smarty
      templating (plugin_categories.tpl). Also you can now enable showing
      the number of entries per category. (garvinhicking)

    * Admin entry overview: Show pagination on bottom of the list and
      allow filtering for showing drafts/publishs (garvinhicking)

    * Fix spartacus plugin to be able to upgrade plugins (garvinhicking)

    * Fix track exits plugin to redirect to the right URL when no URL-ID
      was found. (garvinhicking)

    * "Recent comments" plugin can be configured whether to show
       trackbacks, comments or both. (garvinhicking)

    * Spartacus can be configured to set file owner/permissions of
      downloaded files via chown/chmod. Also fix UTF-8 problems in
      non-UTF-8 environments. (garvinhicking)

    * Allow per-author XML feeds, added bundled sidebar plugin to show
      (multiple) authors. (jtate)

    * Enhance entryproperties plugin so that single entries can hide
      their content from the RSS feeds. (garvinhicking)

    * Fix using the "realname" of the author in entry preview instead of
      username. Also fix printing category info when no category was
      assigned. Thanks to Manuel Charisius! (garvinhicking)

Version 0.9-beta1 (September 29th, 2005)
------------------------------------------------------------------------

    * Change Onyx RSS parser and xml_parser_* functions to already specify
      the source charset, so that PHP functions can do the recoding on
      their own. Functionality differed on PHP4 and PHP5, this has now
      been unified. Thanks a lot to W-Mark Kubacki!

    * Enhance XHTML Cleanup plugin to recode double-encoded UTF-8 HTML
      entities on NON-UTF8 blogs. Patch thanks to W-Mark Kubacki!

    * Fix not showing thumbnail images in media database when thumbSuffix
      is empty. Thanks to Brian J. France!

    * Spamblock plugin can now define required comment fields. Also fix
      parameter order in mt_rand() call, thanks to Jens Kubieziel
      (garvinhicking)

    * Plugin API now allows to validate config options via a "validate"
      method, used by the plugin configuration panel. Need to set "validate"
      and "validate_error" property bag attributes in your custom
      introspect_config_item() calls, documented on
      http://www.s9y.org/index.php?node=43#A13 (garvinhicking)

    * Read/Write permissions for user-groups for specific categories.
      (garvinhicking)

    * Reduce memory usage by splitting up function files, optimizing
      spartacus parsing. New files:
        include/functions_rss.inc.php
        include/functions_entries_admin.inc.php
      (garvinhicking)

    * Inserting links via the Serendipity Toolbar over the entry area
      now also asks for a link tooltip/title.

    * Plugin API no longer queries the filename of a plugin if it is internal
      (increases performance because of less SQL queries) (garvinhicking)

    * Onyx RSS parser now uses PEAR::HTTP_Request instead of fopen wrappers
      to work on allow_url_fopen disabled hosts. Plugins like remoterss and
      aggregator can now properly fetch RSS feeds on those hosts.
      (garvinhicking)

    * Make "/archive" view also recognize selected category. Sidebar
      archive and calendar plugins also pay strict attention to which
      category is selected. Helps "semi-multiple" blogs based on categories
      a lot. (garvinhicking)

    * Make media insertion dialog remember settings (via Cookies) and
      insert return of the media database on cursor position.
      (garvinhicking)

    * Admin comment panels shows comments with their content and escaped HTML
      instead of stripping all HTML. Only summary, if longer than 200 characters
      will have stripped HTML because of otherwise invalid markup. (garvinhicking)

    * Updated statistics plugin to track seperate visitor/referrer statistics.
      Patch by Fredrik Sandberg, thanks a lot! (garvinhicking)

    * Make category selector be nicer to Opera. Load the handling functions
      only after the DOM load is completed. Add new "addLoadEvent"
      functionality for future use to stack onload events. (garvinhicking)

    * New Plugin API Hook "frontend_calendar" which allows to hook into
      sidebar calendar creation. Needs to be enabled in the calendar
      plugin configuration and needs a patch to the plugin_calendar.tpl
      file which is done in all bundled themes. (Anthem)

    * Atom 1.0 feed support (garvinhicking)

    * MoveableType importer now also recognizes comments and trackbacks.
      Tested with MT 3.17. (garvinhicking)

    * Make template directory allow to contain subdirectories with more
      templates. This allows you to symbolically link the "additional_themes"
      CVS directory within your templates path, just like you can do
      with the "additional_plugins" directory already (garvinhicking)

    * Allow UTF-8 recoding using mb_* functions (Tadashi Jokagi)

    * Allow to switch charsets ("Native" / "UTF-8"). (garvinhicking)

    * Permissions: The permission "adminImagesViewOthers" now controls
      whether an author is allowed to view images or not. In older Serendipity
      versions, any author could always view any images, but only modify those
      belonging to him. (garvinhicking)

    * Plugin API: Added plugin hooks for category properties, made smarty
      init function accept plugin values. See the plugin "Properties for
      Categories" for example usage. The plugin allows to create sub-blogs
      based on categories (garvinhicking)

    * Categories plugin can be configured to only show specific sub-
      categories and hide other categories when descending the tree
      (garvinhicking)

    * "Edit entries" panel can now delete entries and returns to the
      originating panel. Also it now utilizes Cookies (via JS) to remember
      the last used settings (sortorder, filters) (garvinhicking)

    * Added WordPress-PostgreSQL importer, by Devrim Gunduz

    * RFE #1231423: Allow to change the author of an entry with the
      "entryproperties" plugin. (garvinhicking)

    * Templates can now be handled via Spartacus (garvinhicking)

    * Plugin Manager: Improve Spartacus interface and include plugin
      categories (garvinhicking)

    * Support different WYSIWYG editors via new plugin hooks. TinyMCE
      plugin available. (garvinhicking)

    * Allow language files to define $i18n_filename_from and _to array
      so that each language can individually rewrite URL characters.
      Only the Russian language currently makes use of this.
      (garvinhicking)

    * fixed serendipity_traversePath() -  PHP5 issue with array_merge()
      Thanks to jdhawk for the fix (flotsam)

    * fixed wrong display of "found X entries matching your search" in
      genpage.inc.php (flotsam)

    * Added fix for wrong language in permission groups (were created in the
      language that the browser of the installing user has (flotsam)

    * Added Voodoo Wiki/XML importer, hooks into static page plugin.
      (Tim Putnam)

    * Make comment deletion return to the originating page, allow to
      display trackbacks and normal comments at once (new default).
      Bugs #1226440, #1226439 (garvinhicking)

    * Fix multi-category selector for Konqueror (garvinhicking)

    * Support use of Boolean search mode in MySQL. Is activated when using
      special characters like "()~*+-<>. Syntax see
      http://dev.mysql.com/doc/mysql/en/fulltext-boolean.html.
      (garvinhicking)

    * Apply patch to allow usage of Feedburner RSS feeds, by Anders Clerwall

    * Fixed using "_" instead of "-" in the approve trackback/comments
      URLs. (garvinhicking)

    * Introduce permission groups with customizable permission sets.
      (garvinhicking)

    * Make bblog importer recognize trackbacks. Thanks to Hanno!

    * Spartacus plugin can now properly handle plugins which contain both
      sidebar and event plugins in one directory (garvinhicking)

    * TEMPLATES: Added div.serendipity_section_(comments|trackbacks|commentform)
      containers inside the Default Template's entries.tpl file to be
      able to customize certain containers via CSS.
      Solves RFE #1210889 (garvinhicking)

    * TEMPLATES: Added div.serendipity_search_* wrapping elements to be
      able to style the search result messages specifically. Added new
      Smarty variables $searchresult_* (default/content.tpl).
      Solves RFE #1210676 (garvinhicking)

    * Fix editing a draft article to be properly displayed as draft
      in PostgreSQL setups. Thanks to Penny Leach! (garvinhicking)

    * Localized the string "Reply" which occured inside some templates.
      (s/Reply/{$CONST.REPLY}/) (garvinhicking)

    * Added swedish translation by Torbj�rn Hedberg, Added european
      portugues translation by Joao Palhoto Matos, Added hungarian
      translation by Posz Marton

    * New configuration item: Gregorian or Jalali Calendar output.
      Patch by Omid Mottaghi

    * New personal configuration item: "Forbid creating entries" to
      allow authors to be logged in, but not create any entries. Meant
      to be used in conjunction with serendipity_plugin_adduser for
      user self-registration where you want to allow posting comments
      to registered users only. (garvinhicking)

    * Added Custom Permalink URL days, months, years, etc. to the
      Serendipity Configuration ("Paths") panel.
      If you use the external plugin serendipity_plugin_authors or
      serendipity_event_linktoolbar, you need to update those to
      their latest versions to work with the new changes.
      (garvinhicking, tomsommer)

    * Importers can now properly import data if the source database is
      not the same as the target database (garvinhicking)

    * Use $smarty.const. to access constants instead of $CONST within
      Smarty templates; this is replaced using a Smarty prefilter, so
      that within templates you can still use the $CONST shortcut
      (garvinhicking)

    * Added new event hook to the trackback sending facility so that
      plugins like serendipity_event_trackback (additional_plugins)
      can send trackbacks to Blogs without RDF-metadata (garvinhicking)

    * Allow to view and fetch multiple categories. Categories plugin
      can allow viewers to select multiple categories to view.
      (garvinhicking)

    * Added hooks into the image selector admin popup for plugins to
      support additional options. serendipity_event_imageselectorplus
      accesses those hooks already. (garvinhicking)

    * Categories plugin now offers to sort by category name, description
      or creation date. (garvinhicking)

    * Give HTML Nugget the option for a second "description" attribute
      that is used in the Plugin Configuration section, so that HTML
      nuggets with an empty title still display additional information
      to distinct multiple nuggets from another (garvinhicking)

    * New entryproperties plugin option: Hide an entry from the frontpage
      (garvinhicking)

    * Media manager: Allow to upload as many files as you want via
      JavaScript interaction and "add more images" button. (garvinhicking)

    * "Comments" Sidebar plugin can now have a custom title
      (garvinhicking)

Version 0.8.5 (September 29th, 2005)
------------------------------------------------------------------------

    * More Security: When changing the password in your personal preferences,
      you need to insert the old password. Secure backend forms with extra
      token checks to bypass XSRF attacks. Thanks to Nenad Jovanovic for
      contacting me about this issue! (garvinhicking)

    * Fix JS errors in admin comment overview for IE6 (garvinhicking)

    * Fix showing any entry-id related sidebar plugins, when a selected
      entry is not visible (permissions/drafts/...) by unsetting the
      global $serendipity['GET']['id'] in that case. (garvinhicking)

    * Fix "DATA_TRACKBACK_APPROVED" showing of constants when approving
      trackbacks/comments instead of the properly formatted message.
      (Would've required a template change for a "pretty solution", but
       the current fix is a BC-compatible fix by defining constants a bit
       differently) (garvinhicking)

    * Default Admin Stylesheet no longer uses direct height: assignment,
      but padding instead. This should get rid of occasional overlapping
      of menu items. Thanks a lot to Ognyan Kulev for the solution to this!

    * Fix putting sticky entry on the last page in postgreSQL setups.
      Thanks to Nate Johnston for working this out! (garvinhicking)

    * Fix file upload bug which limited upload filesize to 3 million bytes
      (2.86MB) regardless of PHP configuration. Maximum upload filesize
      should now be properly bound by PHP configuration settings.
      (wesley)

    * Fix cosmetic warning message about missing S9Y_PEAR_PATH when
      installing. (garvinhicking)

Version 0.8.4 (August 19th, 2005)
------------------------------------------------------------------------

    * Add HTML information about calendar arrows image size to bypass
      large sizing in Internet Explorer. Thanks to frodeste from the
      Forums!

    * Hide title of an entry in the frontend, if entry is draft and not
      displayed. Fixes Bug #1260667 (garvinhicking)

    * Unbundle Serendipity XML-RPC functions from the bundled distribution.
      You will now need to install the additional plugin "Post via XML-RPC"
      (serendipity_event_xmlrpc) to make entry posts via this interface.
      The ongoing security issues with this interface and the little usage
      of this functionality by the broad public have forced this move.
      After installing this plugin you can use the same URL and nothing
      will change for XML-RPC users. (garvinhicking)

   * Optionally allow using a local PEAR installation. Set
     $serendipity['use_PEAR'] = true
     in your serendipity_config_local.inc.php or serendipity_config.inc.php
     file. The required packages can be found in the
     bundled-libs/.current_version file. (garvinhicking)

   * Append the comment id to the mail that is sent to subscribers of
     an entry, so that they can jump to the submitted comment immediately.
     (garvinhicking)

Version 0.8.3 (August 4th, 2004)
------------------------------------------------------------------------

   * Upgraded bundled libs:
     Cache_Lite   to 1.5.1
     HTTP_Request to 1.2.4
     Net_CheckIP  to 1.1
     Net_Socket   to 1.0.6
     Net_URL      to 1.0.14
     PEAR         to 1.3.5
     Text_Wiki    to 0.25.0
     XML_RPC      to 1.3.3
     Fixing several bugs and vulnerabilities. (nohn)

   * Make categories sidebar plugin show categories' description, not the
     name on mouse over (garvinhicking)

   * Added new config option "blogMail" that specifies the blog's used
     From: E-Mail address. If not given, falls back to not specifying
     From: field and using mailserver default ("wwwrun", "nobody", ...)
     (garvinhicking)

   * Fix possible exploit that sends comments to the blog owner and others
     with arbitrary mailheaders and a link to invalid entries. Thanks to
     Sebastian Raible! (garvinhicking)

   * Allow plugins to contain more than one HTML nuggets which can be
     WYSIWYGized. (garvinhicking)

   * Fix editing a draft article to be properly displayed as draft
     in PostgreSQL setups. Thanks to Penny Leach! (garvinhicking)

   * Fixed possible XSS in comment input validation, thanks to
     Ilia  Alshanetsky

   * Full Korean language support available! Translations done for:
      - main language file
      - all core plugins
      - Kubrick template
     (wesley)

   * TEMPLATES: New core hook "frontend_footer" is introduced and is
     added to index.tpl:
      {serendipity_hookPlugin hook="frontend_footer"}
     (wesley)

   * TEMPLATES: Added plugin hooks "entries_header" and "entries_footer"
     to the files entries_archives.tpl and entries_summary.tpl:
      {serendipity_hookPlugin hook="entries_header"}
      
     (wesley)

Version 0.8.2 (June 29th, 2005)
------------------------------------------------------------------------

    * fixed remote code execution vulnerability. Thanks to Gulftech
      Research for pointing out that bug and Stefan Esser for helping
      fix it (nohn)

    * Updated Spartacus to most recent version (nohn)

    * fixed serendipity_traversePath() -  PHP5 issue with array_merge()
      Thanks to jdhawk for the fix (flotsam)

    * CSS does no longer emit cache-restricting headers, so that the
      stylesheets can be cached by the browser for followup-requests
      Thanks to Sencer for pointing this out! (garvinhicking)

    * Patch/Bug #1209410 by swiesinger: When using shortcut admin URL,
      use https:// when specified by user

    * Fix deleting categories when having privileges but not being
      administrator (Patch #1205347, many thanks to Penny Leach)

    * Increased level of output message from the Spartacus plugin
      (garvinhicking)

    * Patched XML-RPC functions, thanks to Tim Putnam. This should enable
      XML-RPC services to properly fetch existing articles and edit them.

    * Fix Plugin API call performing too many unneeded SQL queries
      (garvinhicking)

    * Fix missing authorname when previewing entry. Thanks to winkiller,
      aquatic, thomas, wurstprinz and hansi for fixing this!

Version 0.8.1 (May 17th, 2005)
------------------------------------------------------------------------

    * Fix missing PDF thumbnail creation (imagemagick only)
      (garvinhicking)

    * Fix possible arbitrary media file upload for editors
      (garvinhicking, sesser, nohn)

    * Fix possible XSS when using the templatedropdown or shoutbox
      plugins (garvinhicking)

    * Fix pagination of "Entries by Author" (garvinhicking)

    * Fix RSS 1.0 missing top-level namespace (garvinhicking)

    * Deactivated gzip compression by default, as in certain server
      setups it creates problem with double-encoding or missing
      ob_gzhandlers. (garvinhicking)

    * Allow the serendipity_event_trackback additional trackbacks plugin
      to send trackbacks even if your entry did not contain at least one
      link. Also fix not sending trackbacks containing "#" fragments
      (garvinhicking)

    * Do not display Sidebar titles if they are not set for the bundled
      default, kubrick and wp templates (sidebar.tpl) (garvinhicking)

    * Fix error "Warning: ob_start(): output handler 'ob_gzhandler'
      cannot be used after 'URL-Rewriter'" which can occur on installations
      where session.use_trans_sid is activated and Serendipity's gzip
      compression is used. (garvinhicking)

    * Adjusted checking for "convert" binary in installation for
      Windows servers. Thanks to BobRock! (garvinhicking)

    * BBCode plugin: Allow =, ~ and ! URL characters (garvinhicking)

    * Added romanian translation by Alexandru Szasz

    * Some IIS webserver compatibility for $_SERVER variables. This should
      ensure most basic operations. (garvinhicking)

    * RSS feed does no longer initialize a session and thus now causes
      proper cachability for Conditional Get (garvinhicking)

    * Fix issues on Windows installations: %T strftime-Option not known
      when saving a plugin and emitting timestamp (was empty),
      redirecting to a wrong URL for installation with '\' instead of
      '/' path indicators. Thanks to Hendy Irawan! (garvinhicking)

Version 0.8 (April, 15th 2005)
------------------------------------------------------------------------

    * Added icelandic translation by �rn Arnarson

    * Fixed a possible SQL injection issue in Tracking methods. Also
      fixed possible XSS exploit in BBCode markup, if enabled for
      comments. Thanks to ADZ Security Team for detecting this. Next
      time please give us more time to respond to your public announced
      exploits. ;) (garvinhicking)

    * Reverted more JavaScript-patches introduced in beta5 to make
      the extended body text visible when using WYSIWYG editor
      (garvinhicking)

    * Fix SQLite bug when fetching authorname in quicksearch. Thanks to
      Sven Oliver Moll!

Version 0.8-beta6 (April 8th, 2005)
------------------------------------------------------------------------

    * Remove unique constraint for url_idx on the referrer suppress table
      and replaced it by a simple index. Fixes fatal errors on postgresql
      (garvinhicking)

    * Fix inserting media manager items: Non-images were not properly
      detected (garvinhicking)

    * Fix broken SQL for inserting comments which showed in SQLite/PGSql
      and got introduced in beta5. (garvinhicking)

    * Reverted JavaScript-patches from nohn introduced in beta5 to make
      IE6 again show the category and extended entry toggle buttons
      (garvinhicking)

Version 0.8-beta5 (April 1st, 2005)
------------------------------------------------------------------------

    * Fix XMLRPC problems for getting existing posts. Thanks a lot to
      TimothyP from the forums! (garvinhicking)

    * Fix directory creation error; the mode 1777 failed on several setups,
      so we use 0777 again (garvinhicking)

    * Fix installer not being able to go above page 2 on special setups
      with register_globals On (garvinhicking)

    * Fixed buggy referrer tracking for MySQL (Bug #1170251)

    * Upgrade Smarty to v2.6.9 (tomsommer)

    * Added 'Cache-Control: no-cache' header to our CSS file; this may
      fix IE bugs where CSS was only loaded after 1-2 reloads.
      (TomSommer)

    * Fixed a XMLRPC problem for metaWeblog_newMediaObject() to properly
      save a binary file. Thanks to marco from the forums! (garvinhicking)

    * Fixed possible SQL-Injection in Pingbacks (nohn; reported by Stefan
      Esser)

    * Kubrick template: Fix comments always printed as 'Anonymous',
      put entry/extended parts not together (garvinhicking)

    * Fix installer: Serendipity does not run with magic_quotes_runtime
      set to on. Emit warning and try to switch off the directive.
      (garvinhicking)

    * Updated chinese language files, thanks to Andrew Huang

Version 0.8-beta3/4 (March 15th, 2005)
------------------------------------------------------------------------

    * Drop SQL index on comment's body. This was not used in our code,
      and caused trouble with large comments on pgsql and MySQL.
      (garvinhicking)

    * Monthly entry summary shows correct date header (garvinhicking)

    * RSS / Syndication plugin now offers to hide E-Mail adresses from
      XML feeds (garvinhicking)

    * After installing a plugin you will be either redirected to
      plugin config or to plugin overview, so that an accidental
      browser refresh does not install the plugin twice
      (garvinhicking)

    * Fixed wrong date format in portuguese and czech languages
      (garvinhicking)

    * Fix buggy wordfiltering of spamblock plugin (garvinhicking)

    * Fixed variable name for all markup plugins. They previously used
      localized versions like 'Extended entry' and now use a proper
      language independent string. The upgrader takes care of replacing
      the variables so that no options will get lost (garvinhicking)

    * Fixed bug with Markup plugins not getting their right settings
      under certain circumstances (only for autologin cookie users)
      (garvinhicking)

    * Correctly detect 500 Internal Server Error when installing
      (garvinhicking)

    * Emitting language headers only if no headers were sent yet.
      This fixes problems with embedded serendipity installations.
      (garvinhicking)

    * Fix postgresql query problem, when using the entryproperties
      plugin and browsing the calendar with category restriction(s).
      Thanks to Larry Rosenman for helping out with this!
      (garvinhicking)

    * Introduce "div.container_X" CSS class for sidebar plugin items.
      X is substituted with the plugin classname, like
      "serendipity_plugin_categories". This class is contained in the
      'default' template and all templates based on the sidebar.tpl
      file. (garvinhicking)

    * Fixed broken category pagination for "Newspaper" template
      (garvinhicking)

    * Bundle Tom Sommer's port of the Kubrick template

    * Fix hardcoded "templates" directory reference inside the admin
      style selector.

    * Updated czech language files, thanks to Josef Klimosz

    * Updated persian language files, thanks to Omid Mottaghi

    * Do not display rotation/resize image manipulation methods for
      hotlinked images (garvinhicking)

    * Do not use "layout.php" in Default template for upgrading users
      who did not delete that file from their directory (because the
      upgrade may not have sufficient write privileges to remove the
      file) (garvinhicking)

    * Make RSS import parse ISO-8601 dates (like
      '2004-11-24T22:43:08-05:00'), as PHPs strtotime() does not parse
      that. (garvinhicking)

Version 0.8-beta2 (March 5th, 2005)
------------------------------------------------------------------------

    * Show "create entry" toolbar for plugins like the Emoticon Chooser
      also when WYSIWYG editor is enabled (garvinhicking)

    * Do not display template engines in the template selector
      (tomsommer)

    * Fix HTML escaping of special characters for comments
      (garvinhicking)

    * Fix wrong username displayed in RSS comment feeds (garvinhicking)

    * Fixed bug that may occur on few plugins executing other plugins,
      like serendipity_event_entrypaging [this is the only bundled or
      internal plugin affected by the issue] (garvinhicking)

Version 0.8-beta1 (March 4th, 2005)
------------------------------------------------------------------------

    * Added Persian language and template for RTL-Languages by Omid
      Mottaghi

    * Fixed Windows path problems when synching with media manager.
      Thanks to Thomas Klinger for helping!
      (garvinhicking)

    * Media files can now be hotlinked to foreign servers and thus not
      using bandwidth from your own server. Media files can now also
      be searched by name. Thanks to Chris Chan for this feature!

    * Added ability to define a real name for each author. This is the
      name seen by readers of the blog. The username is now only used for
      logging into the administration suite (tomsommer)

    * Added ability to toggle the amounts of comments per page within
      a dropdown instead of needing to edit a Serendipity core file.
      (garvinhicking)

    * New configuration directive to tell Serendipity if the baseURL
      shall be autodetected. This can be useful if you use multiple
      domainnames listening on one blog installation. (Note: This auto-
      detection was previously already enabled if using 'embedded mode')
      (garvinhicking)

    * Fixed bug for postgreSQL: Comments for entries within multiple
      categories showed up as many times as the entry was within multiple
      categories. Thanks to rickmans from the forums for detecting this.
      (garvinhicking)

    * Added configuration directive to allow visitor language negotiation
      via browser language. (garvinhicking)

    * Added native importers to migrate entries, comments,
      categories and authors for:
      - geeklog 1.3.11
      - sunlog 0.4.4
      - b2Evolution "Paris"
      - boastMachine 3.0
      - Textpattern 1.0rc1
      - pMachine Pro 2.4
      - bBlog 0.7.4
      - Nucleus 3.15
      - WordPress 1.5 / 1.2
      - phpBB
      (garvinhicking)

    * Remember last state of media library (sort order, files per page,
      directory, sortfield), via JavaScript+Cookies (garvinhicking)

    * The config option 'extCSS' has been removed. It is now re-
      commended to set external stylesheets in the template's index.tpl
      file, or to @import it within the templates style.css file.
      (garvinhicking)

    * Personal Configuration allows to set defaults for creating new
      entries (allow comments, moderate comments, publish/draft)
      (garvinhicking)

    * When deleting a comment with nested comments, move nested ones
      to the parent of the deleted comment (fixes Bug #1079349)
      (garvinhicking)

    * Spamblock plugin allows to moderate/reject comments made via APIs
      like wfw:commentApi or trackbacks, but still allow normal comments
      (garvinhicking)

    * Fixed SQL index key creation on fresh installation (garvinhicking)

    * Upgraded htmlarea WYSIWYG editor to latest version. Entering
      links now properly works, as finally does Copy+Paste from Mozilla!
      (garvinhicking)

    * New pretty URLs "/blog/serendipity.css" and
      "/blog/serendipity_admin.css" as links to the Stylesheets.
      (garvinhicking)

    * Chief users are not allowed to hide plugins installed by other
      users. (garvinhicking)

    * Forbid uploading of active content files (.php, .shtml, ...) as
      user without Administrator privileges (garvinhicking)

    * Allow searching of the blog with pretty URLs, allow pagination
      of searched entries (garvinhicking)

    * Added handling of CONVERT BREAKS-directive in MT-Importer. Do the
      whole importing process in a transaction to ensure either all or
      no entires are imported. (pilif)

    * Added hook for external authentication. First implementation draft
      of LDAP auth added to additional_plugins CVS (garvinhicking)

    * Added an extended property to disable nl2br() for specific
      entries (pilif)

    * Added korean language by Erich Iseli (garvinhicking)

    * Change RSS feed's  element to contain isPermaLink=false.
      Only the link of the  element should be used as Permalink.
      This fixes problems with copying links to send a trackback to from
      RSS readers/clients that used the  element as Permalink.
      (garvinhicking)

    * Fixed flaw in the function used to validate path-names.
      Thanks to raperu2000 from the forums! (garvinhicking)

    * Added Finnish language by Mauri Sahlberg (garvinhicking)

    * Added Japanese language by Tadashi Jokagi (garvinhicking)

    * Add ability to see all entries made by a single user (tomsommer)

    * The "edit entry" overview will now highlight entries to be
      published in the future (garvinhicking)

    * Allow authors to easier reset the time for each entry, by clicking
      an icon (tomsommer)

    * Added new plugin, enabled by default, to enforce maximum browser
      compatibility. The only thing which 'serendipity_event_browsercompatibility'
      currently does is to add the transparent PNG Behaviour for IE.
      (garvinhicking)

    * 'Track Exits' plugin will no longer be enabled by default, as
      requested and discussed on the Mailinglist. (garvinhicking)

    * Added Simplified Chinese (GB2312, UTF-8) and Traditional Chinese
      (Big5, UTF-8) languages, thanks to skyroam!

    * Split up the configuration and the installer. Add a diagnostic
      page to the installer. Allow for simple or expert installation
      (tomsommer)

    * Fix problem in Imagemagick detection when checking the apache PATH,
      added /usr/local/bin to possible locations of Imagemagick
      (tomsommer)

    * Spam Protector can now log failed comments to either plaintext-
      file or database. Dedicated to all those trigger-happy logfile-
      statistic-hunters out there... (garvinhicking)

    * When using ImageMagick, create a thumbnail of a PDF for media
      browsing (nohn, garvinhicking)

    * More than one plugin cannow be saved per plugin/ subdirectory,
      event + sidebar plugins can be put together in one directory.
      Names of subdirectores are irrelevant now, but the filenames
      need to match 'serendipity_(event|plugin)_*.php'. (garvinhicking)

    * When entering a comment, the referring URL to the blog is saved
      (garvinhicking)

    * Use mbstring extension where available to correctly utilize PHPs
      string functions for multibyte chars. This is needed for UTF-8
      only languages like Chinese (garvinhicking)

    * Move the page where you change your details out of the
      configuration and into its own menuitem and page (tomsommer)

    * Allow the usage of persistent database connections (tomsommer)

    * New configuration directive to let user choose if entries in the
      future are hidden (default) or displayed. (garvinhicking)

    * Add ability to gzip compress pages (tomsommer)

    * Separate administration CSS layout from the rest of the blog
      (tomsommer)

    * Merge Administration and Author suite into one (tomsommer)

    * Allow $plugin->get_config([var]) to return the default value from
      introspect_config_item() if no value is found (tomsommer)

    * Preview/Saving entries now utilizes iframe techniques to faster
      send visual feedback and properly be able to style the entry
      preview independent from the Admin CSS code. [For older browsers,
      this can be turned of in serendipity_config.inc.php]
      (garvinhicking)

    * Allow sending trackbacks and tracking links of https URLs. Fix
      "Entry's Links" plugin to properly display trackable links.
      (garvinhicking)

    * Spamblock plugin can be configured to hide E-Mail adresses when
      displaying comments. (garvinhicking)

    * FIX: CSS classes in the comment manager was always set to uneven
      (tomsommer)

    * When a document does not exist and Serendipity has no idea how
      to create it, a 404 (not found) is sent instead of a 200 (OK)
      (tadpole9)

    * serendipity_config_local.inc.php can now contain user-defined
      variables, which are not overwritten when changing Configuration.
      (garvinhicking)

    * Improved overall performance of Plugin API, code improvements,
      query optimizing. Added with the entryproperties caching plugin,
      this boosts performance by about 15-30%. You are also adwised
      to use opcode-caches, if available [APC, Zend Cache, Turck, ...]
      (garvinhicking)

    * Entries can be cached by the 'entryproperties' plugins. This
      caching interacts with other plugins: When cacheable plugins are
      added, the cache is updated, as well as when an entry is modified.
      When the plugin is first installed, it creates the cache for the
      latest 15 entries; you can create a cache of all entries using
      the admin interface. (garvinhicking)

    * New CSS classes for distinction of authors within entries/comments:
      .serendipity_entry_(author|comment)_USERNAME, applied to each
      entry container, where USERNAME is replaced with the name of the
      author.
      .serendipity_entry_author_self, applied to the entry container if
      the currently logged in user is the author of an entry
      .serendipity_comment_author_self, applied if the commenting user-
      name matches the owner of the entry.
      (garvinhicking)

    * Rewrote importer to use import modules and class framework
      (tomsommer)

    * New language: Traditional Chinese (Big5). Thanks to Andrew Huang!

    * Recent Entries plugin: New configuration directive to not display
      items already shown on frontpage. Thanks to Sebastian Raible!
      (garvinhicking)

    * Articles per page (default 15) can now be set within Configuration
      (garvinhicking)

    * Plugin API: Event plugins using the 'entry_display' hook to set
      an entries page to not render (via 'clean_page') now need to use
      the new hook 'entries_header' for their output; the 'clean_page'
      variable still needs to be set within the hook 'entry_display'
      though. (garvinhicking)

    * Support for adding timezone offsets in configuration
      (garvinhicking)

    * Serendipity cannow be used with "JustBlogIt" extension. Just use
      this URL:
      http://yourblog/serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]=%TITLE%&serendipity[body]=%TEXT%&serendipity[url]=%URL%
      (garvinhicking)

    * Plugin serendipity_event_spamblock: Added SURBL
      (http://www.surbl.org/) Support. Will now reject any comment that
      contains a blacklisted URL, if enabled. (nohn)

    * Do not allow to view extended article when item is set to "publish"
      but timestamp is in the future (garvinhicking)

    * RSS Export orders entries in reverse ID order for easier
      importing (garvinhicking)

    * Cleaned up directory structure, created new subdirectories,
      split up functions file. See docs/CHANGED_FILES for details if
      you have external dependencies on removed files (like custom
      plugins, themes, or special embedded usage) (garvinhicking)

    * "Recent Entries" Plugin can now have userdefined title and only
      show entries of a specific category (+ subcategories).
      (garvinhicking)

    * Media browser now allows to immediately upload a file from the
      entry creation screen and use that file/image easily
      (garvinhicking)

    * exit.php redirection will emit a 301 Moved Permanently header for
      the new location. (garvinhicking)

    * Reworked plugin manager for easier plugin installation (tomsommer)

    * Karma plugin works with enabled entryproperties plugin and can
      be configured to only show Hit-statistics for an entry without
      the voting ability (garvinhicking)

    * Routine for autodetecting links within an entry will now also
      allow images to be used as description. (garvinhicking)

    * Implement plugin install() and uninstall() methods that are called
      on installation and removal of a plugin (tomsommer)

    * Improve overall rewrite path syntax (tomsommer)

    * Allow the display of month, weeks and days in archive sidebar
      (tomsommer)

    * Add ability to display entries based on week (tomsommer)

    * Use rewrite paths in the syndication plugin (tomsommer)

    * Added import tool for Movable Type data files and WordPress
      databases. (tadpole9)

    * Syndication plugin offers to show full feed including extended
      entry (garvinhicking)

    * serendipity_event_entryproperties now supports entry caching to
      pregenerate the full article and display that instead of
      assigning event plugins time and again (garvinhicking)

    * New plugin serendipity_event_entryproperties: You can now define
      any property to an entry and query it. Currently implemented
      are "sticky posts" and "private/public/members-only" entries.
      (garvinhicking)                  [DB Layout change - > 0.8-alpha2]

    * Fixed bug #1031059 - Trackbacks to a link will not be sent more
      than once (garvinhicking)

    * Added "Ping-o-Matic!" to weblogping plugin (garvinhicking)

    * RSS Feed export will not contain rewritten URLs using event
      plugins (garvinhicking)

    * Updated upgrader to use MySQL as fallback when looking for
      appropriate database updates and none was found for the selected
      database type (tomsommer)

    * Added support for Smarty Templating. (garvinhicking, tomsommer)

Version 0.7.1 (December 2nd, 2004)
------------------------------------------------------------------------

    * Fixed captcha string variation on some setups by explicitly seeding
      the randomness (garvinhicking)

    * Fixed cross site scripting vulnerability. Thanks to Stefan Esser
      for reporting this issue. (nohn, garvinhicking)

    * Do not show entries of the future when entering their direct URL
      (garvinhicking)

Version 0.7 (November 8th, 2004)
------------------------------------------------------------------------

    * Fixed concatenation syntax on PostgreSQL, only used by plugin
      "Entrylinks". (garvinhicking)

    * SQLite database name was not saved properly and could get set to
      a wrong value when updating configuration (garvinhicking)

    * Better detection if Apache ErrorDocument can be used
      (garvinhicking)

    * Fixed PostgreSQL index key names (names are now unique, and
      combined indizes on the entries text-columns are no longer set)
      (jtate, garvinhicking)

    * Fixed bug with MySQL 3.x where the category was not properly set
      when editing (garvinhicking)

    * Fixed karma plugin to not track clicks when previewing an entry
      (garvinhicking)

    * Fixed some counting problems in statistics plugin (garvinhicking)

    * Fixed comment counter for deleting non-approved comments
      (tomsommer, griffinn)

Version 0.7-rc1 (October 20th, 2004)
------------------------------------------------------------------------

    * Fixed possible HTTP Response Splitting security issue. Thanks to
      ChaoticEvil for reporting! (jannis, garvinhicking)

Version 0.7-beta4 (October 14th, 2004)
------------------------------------------------------------------------

    * Bug #1016342 - Fixed RSS UTF8 decoding for remote RSS plugin.
      (garvinhicking)

    * Fixed some wrong calculations in the statistics plugin, thanks
      to David DeLauro! (garvinhicking)

    * Fixed entry count and category association bugs using SQLite
      (garvinhicking)

    * Fixed some error notices for installation with postgreSQL regarding
      field index names (garvinhicking)

    * Fixed wrong mod_rewrite rules to properly redirect to pages.
      (garvinhicking)

    * Trackback moderation support in admin panel, make captcha plugin
      only work for comments (garvinhicking)

    * Bug #1037122: BlogPDF plugin will me less strict in file inclusion
      (garvinhicking)

    * Fixed wrong entry id displayed in RSS comment feed. Thanks to
      romulus! (garvinhicking)

    * Fixed file permission checks when removing images inside media
      manager. Thanks to Thomas from the forums! (garvinhicking)

    * RSS Import: New option 'full body only', so that imported RSS
      contents can be forced to only show up in the full body. Fixed
      buggy substr() logic which may cause nasty splitting from entry
      body to extended entry. (garvinhicking)

    * Extend filter in commment moderation to allow the user to select
      which types of comments he wants displayed "All", "Only approved",
      "Need approval" (tomsommer)

    * Upgraded Spam Protector event plugin. Optionally:
      - use Captchas - images with string sequences which a
        user has to enter before his comment is accepted.
      - restrict captchas to entries older than X days
      - auto-moderate comments to entries older than X days
      - auto-moderate comments depending on their amount of
        contained links.
      - reject comments depending on their amount of
        contained links.
      - able to log rejected/moderated comments to a plaintext file
      - fallback method for non-gdlib-enabled hosts
      (garvinhicking)

    * Fixed wrong implode() arguments for error reporting in installer
      (garvinhicking)

    * Fixed windows detection for stripping backslashes out of
      uploaded files. Thanks to Thomas! (garvinhicking)

Version 0.7-beta3 (September 21st, 2004)
------------------------------------------------------------------------

    * Bug #1031444 - Fixed postgreSQL error (for older versions of
      pgsql) when creating categories (garvinhicking)

    * Fixed wrong XHTML entities in remoterss and shoutbox plugin. Thanks
      to Stephan van Beerschoten! (garvinhicking)

    * Fixed bug #1030581: Category sidebar plugin now properly displays
      only categories of selected author (garvinhicking)

    * Fixed XML RPC API to set categories when posting via BlogJet
      or other interfaces (garvinhicking)

    * Fixed invalid standard-SQL 'CURRENT_DATE' to use a real date
      string. Fixes Exit-Tracking with SQLite. (garvinhicking)

    * Fixed footer printing wrong amount of entries when entry was
      assigned to more than one category. Thanks to Kris/weigon for
      helping. (garvinhicking)

    * Use htmlspecialchars/strip_tags for escaping user input on comment
      moderation/viewing. (garvinhicking)

    * Fixed warning message from emoticon plugin when emoticons.inc.php
      does not exist (garvinhicking)

    * Fixed entries pagination for special cases where quickump calendar
      was displayed on the left sidebar (garvinhicking)

Version 0.7-beta2 (September 15th, 2004)
------------------------------------------------------------------------

    * Fixed entries pagination for special cases where quickump calendar
      was displayed on the left sidebar (garvinhicking)

    * Added Italian translations, thanks to Alessandro Pellizzari

    * Fixed missing CSS-class for BBCode Event-Plugin (Jez Hancock)

    * Fixed possible SQL injections. Thanks to aCiDBiTS!

    * Fixed postgreSQL quicksearch, thanks to Mauri Sahlberg!

    * Added Norwegian translations, thanks to Jo Christian

    * Fixed postgreSQL bugs for viewing comment moderation panel
      (garvinhicking)

    * Fixed postgresql bug for fetching the last entry id. Will fix bug
      with comment counter always reporting zero and trouble with
      assigning multiple categories. (garvinhicking)

    * Fixed  "no entry to display" bug when previewing entry
      (garvinhicking)

    * Fix several postgreSQL update errors. Thanks to daFool from the
      forums! (garvinhicking)

Version 0.7-beta1 (September 6th, 2004)
------------------------------------------------------------------------

    * Disable the use of popups by default (tomsommer)

    * BBCode plugin can now pretty print code/php style blocks.
      (Jez Hancock, garvinhicking)

    * Threaded/Linear view of comments can be toggled by the
      visitor. (garvinhicking, tomsommer)

    * Plugin serendipity_event_spamblock: Will reject any double
      comments, if enabled. Stub for enhancing other spam-protections
      (kaptchas, spamassassin-integration, IP-Blacklists, whatever)
      (garvinhicking)

    * When using mod_rewrite, make use of RewriteBase for correct
      subdirectory matching. Thanks to Martin Roell! (garvinhicking)

    * Don't use the title of an entry in the RSS feed  tags
      (tomsommer)

    * Use '-' as separator for IDs and words in our "nice" URLs, so
      Google and others can recognize 'a-nifty-word' as 'a nifty word'.
      Previously this was indexed as one single word.
      (tomsommer, garvinhicking)

    * Pagination now properly works for browsing months and categories.
      Previously paging worked through all entries and not a filter
      by date/category. [Bug #1009715] (garvinhicking)

    * Remote RSS feed can now contain a bullet image, skip blank head-
      lines and toggle the display of the date. Thanks to Joseph Guhlin!
      (garvinhicking)

    * Karma-Plugin disallows clicking from Googlebots following java-
      script links (garvinhicking)

    * Improved link detection routine for sending trackbacks, fixes
      problems with bbcode-transformed URLs (garvinhicking)

    * Fixed missing image display for rescaling images, when file was
      outside of parent upload directory [Bug #1007003] (garvinhicking)

    * Fixed some postgreSQL-issues, thanks to Ilya A. Volynets-Evenbakh!

    * Improved and fixed XHTML-Cleanup Event plugin (garvinhicking)

    * Fixed .htaccess update/creation errors for shared installation
      (garvinhicking)

    * RFE #832040 - Allow for easier handling of Calendar CSS classes
      and remove hardcoded attributes for "today" (tomsommer)

    * Add detection for support of php_value directives in .htaccess
      files (tomsommer)

    * Installation will report an error, if the needed db-extension for
      a specific database-type are not available within PHP
      (garvinhicking)

    * Added bulgariang language, thanks to Bogomil Shopov

    * Fix calendar bug to not show entries available for the 1st day
      of a month if on the first day on the next month an entry was
      posted (garvinhicking)

    * UTF-8 Encoding (for RSS-feeds) will make use of iconv-library, if
      available (garvinhicking)

    * Quicksearch no longer shows results for entries in the future
      (garvinhicking)

    * Removed {dbPrefix}css table, since it was not used for anything
      (tomsommer)                          [DB Layout change - > 0.6.11]

    * Redesign entry list (tomsommer)

    * Display subtitle (usually blogname) in  tags (tomsommer)

    * Don't embed comments, trackbacks and comment-form in entry CSS
      class (tomsommer)

    * RFE #996320: Added https-option to login sidebar-plugin
      (garvinhicking)

    * Removed full plaintext URI from trackback section and replaced it
      with a link to that URI (tomsommer, garvinhicking)

    * Several German spelling mistakes corrected (thanks to Timbalu)

    * Show trackbacks on the full-entry page if popups are disabled
      (tomsommer)

    * If popups are disabled, link to the full-page entry, with comments
      and trackbacks as page-anchors (tomsommer)

    * Use DIV tags for trackback layout, just like comments (tomsommer)

    * Make sure that the file/image manager can never remove the upload
      directory, but all files in it (garvinhicking)

    * Changed database key 'mime' to varchar(255) instead of varchar(15)
      (garvinhicking)                       [DB Layout change - > 0.6.9]

    * New CSS classes 'serendipity_msg_notice' and
      'serendipity_msg_important'. (garvinhicking)

    * Added a new theme, "Idea" (tadpole9)

    * Changed 'View extended entry' to 'Continue reading "[title]"'
      (tomsommer)

    * Make the non-WYSIWYG link-insertion and text-formatters work in
      the extended entry textarea (tomsommer)

    * Allow authors to toggle the extended entry textarea in the entry
      composer when using the non-WYSIWYG editor (tomsommer)

    * Better handling of unsubscriptions from entries, only show message
      if the user was indeed unsubscribed (tomsommer)

    * Added ability to moderate comments and trackbacks:
        * Moderate by email
        * Moderate and view comments from within Authoring Suite
        * Mass delete of comments from administration
      (tomsommer)                           [DB Layout change - > 0.6.7]

    * An entries' LastModified timestamp will get updated if a comment
      is made to it, but only if the article is newer than 7 days.
      Make the conditional Get RSS-feed a lot more usable because old
      entries no longer come up again. The limit of days can be set
      within serendipity_config.inc.php. (garvinhicking)

    * Plugins can register the event-hook 'external_plugin' to spawn
      individual content outside of the blog layout (garvinhicking)

    * Fixed link insertion in non-WYSIWYG-mode for Internet Explorer
      (garvinhicking)

    * Fixed retrieving multiple stored categories for Internet Explorer
      when editing existing entry (garvinhicking)

    * Added Bitflux Livesearch Javascript as plugin
      (serendipity_event_livesearch). It will immediately search your
      articlebase and offer an autocomplete dropdown to the quicksearch
      box. Users with the embedded mode need to add the call to the
      .js file manually into their headers. (chregu, garvinhicking)

    * Added new versions of mt-clean, mt-georgiablue, mt-gettysburg,
      mt-plainjane, and mt-rusty and activated them.

    * RSS Import: Allow toggling of draft/publish import, category
      association, more description. (garvinhicking)

    * Allow HTML nugget to be displayable on extended article only, over-
      view only or both (default) (garvinhicking)

    * New plugin 'serendipity_event_blogpdf'. Will export your blog
      as PDF file. Proof-of-concept, no nice formatting, no images yet.
      If you're using 'mod_rewrite' you need to update your .htaccess
      file. (garvinhicking)

    * Fixed bug causing the .htaccess file to never get updated when
      changing rewrite method (tomsommer)

    * Track Exits plugin: Now only uses the link id for link referral.
      Reduces URI length and makes random exit.php calling useless for
      spammers, as no URL is tracked, which the author didn't refer to
      (garvinhicking, isotopp)

    * Actually log the IP of users who submit comments and blogs which
      trackback (tomsommer)

    * Plugin hook 'backend_publish' now executed on entries saved as
      draft first and after that as a public. Fixes weblogpings not sent
      to those entries. (garvinhicking)

    * Added the ability to toggle the display of the Serendipity logo and
      text in the "Powered by" plugin (tomsommer)

    * Fixed problem with booleans not checking the correct radiobuttons in
      the plugin manager (tomsommer)

    * Fixed bug #983242: Missing entity encoding for blogtitle/subtitle
      for RSS feeds, thanks to Christian Wenz!

    * Added dutch and Portuguese language. Thanks to Paul de Bruyne and
      Ranulfo Netto!

    * Multi User: Fixed bug #977695 where simple editors couldn't re-edit
      their entries (garvinhicking)

    * Auto-Trackback from serendipity will now only fetch links smaller
      than 150kb. Use socket connections instead of URL wrappers for
      better control. (garvinhicking)

    * Fixed HTTP requests from installer and htmlvalidator plugin to
      send "\r\n" headers instead of only "\n". IIS-Servers didn't
      respond to the latter (garvinhicking)

    * Updated plugins to show default values in plugin configuration
      immediately. New bag property 'default' introduced to Plugin API,
      backwards compatible. (garvinhicking)

    * Remaining XHTML 1.1 issues fixed:
      - Use <div> instead of <span> for entry's contents.
      - Removed obsolete javascript-function for comments
      - Removed 'align' attribute from <div> tags, replaced with new
        CSS class 'serendipity_align'
      - Show the pingback-link element in the HEAD area. Embedded blogs
        need to do that on their own.
      - New plugin 'serendipity_event_xhtmlcleanup' to correct most
        common XHTML errors (unclosed single tags, missing 'alt'
        attribute, unescaped ampersands)
        (garvinhicking)

    * SQLite support now works. (garvinhicking)

    * Fixed Bug #963248 - Calendar cannot calculate LastRow CSS class if
      there are more than 4 rows (tomsommer)

    * Use the right HTML code for trackback-link detection when using
      markup plugins like Text_Wiki (garvinhicking)

    * Display information when sending/searching for trackbacks
      (garvinhicking)

    * Add support for MySQLi (tadpole9)

    * Alphabetically sort list of plugins (tadpole9)

    * Tweaks to plugin configuration design (tomsommer)

    * Added small comments to serendipity_functions.inc.php on how
      to enable the spellchecker module of the WYSIWYG editor.
      (Suggestion by Randall)

    * Plugin API: Now each sidebar plugin item will get a CSS class
      name added to the default "serendipitySideBarContent" one, which
      is called 'sidebar_wrap_', 'sidebar_title_', 'sidebar_content_'
      and then the original class name of the plugin appended. I.e.:
      'sidebar_wrap_serendipity_html_nugget_plugin'. This allows special
      customization of any individual sidebar item. (garvinhicking)

    * Finally a OPML-based blogroll importing feature added to
      the serendipity_plugin_remoterss plugin (Richard Harrison,
      garvinhicking)

    * Simple OPML 1.0 outline feed (Richard Harrison, garvinhicking)

    * Fixed variable namespace problems in Textile Event plugin
      (Reimer Behrends, garvinhicking)

    * Implemented "visitor/hits" counter for karma-plugin. Hook into
      Statistics plugin for showing additional data of karmavotes
      (garvinhicking)

    * Fixed receiving trackbacks of an intermediate s9y CVS release,
      which submitted wrong variables. Allow logging of incoming
      trackbacks to a file (for developers) (garvinhicking)

    * Post to multiple categories and subcategories implemented.
      (Evan Nemerson, garvinhicking)

    * Threaded comments.
      (Evan Nemerson)                       [DB Layout change - > 0.6.5]

    * Minor https fixes, when https is used as links from commenting
      users or in referring/exit links. Fix for RPC-ping function submitting
      double http://http:// URLs. (garvinhicking)

    * New sidebar plugin "eventlinks". Displays all links to the
      currently viewed article (only on full article view).
      (garvinhicking)

    * Plugin API: The method 'generate_content' of a sidebar plugin
      can now return false to instruct the plugin API to NOT display
      the sidebar. Allows optional sidebar plugins to be only shown
      on specific parameters (garvinhicking)

    * Updated upgrade.sh script for better checks (Jez Hancock)

    * Fixed javascript error when submitting comments with "remember me"
      checkbox. (garvinhicking)

    * XML-RPC methods updated to includer blogger.getRecentPosts and
      blogger.getPost (Till Adam)

    * Upgraded karma-plugin to allow logging (IP/User-Agent) of votes
     (garvinhicking)

    * User manager: New user right 'publish' which controls whether a
      user is allowed to publish entries or only drafts.
      (garvinhicking)                        [DB Layout change -> 0.6.4]

    * Added new plugin "serendipity_event_karma": Allows karma voting
      for each article with a flexible voting period. (garvinhicking)

    * Added event hook-variable for displaying an article footer.
      Enhanced Plugin API to allow passing a second array of data to the
      hook_event() function (backwards-compatible). Added hook for
      embedding CSS data from within a event plugin. (garvinhicking)

    * When sending trackbacks, the excerpt will now be stripped of HTML
      code BEFORE selecting the 255 characters to be sent.
      (garvinhicking)

    * Upgraded image manager to now also accept files (pdf, doc, ...)
      and manage/upload to/sync/browse subdirectories. Improved SQL-
      query for fetching list of images.
      (garvinhicking)                        [DB Layout change -> 0.6.3]

    * PHP pre-4.3.0 compatibility: Define PATH_SEPARATOR if not available
      (garvinhicking)

    * Upgraded PEAR::Text_Wiki and serendipity_event_textwiki plugin.
      Configuration options for wiki rules, options to use wiki/freelinks.
      (Tobias Schlitt)

    * Made RSS-feed compatible to sites running with UTF8-charset.
      (garvinhicking)

    * Fixed wrong proportions when resizing small images (tomsommer)

    * Fixed bug #940239 - Wrong message printed when deleting a category
      without any entries (tomsommer)

    * Bugfix for serendipity_plugin_remoterss: Wrong caching.
      (Richard Thomas Harrison)

    * Added new CSS class .serendipity_comments for the comments block
      on full article view (garvinhicking)

    * Added new CSS class .serendipity_admin_filters for the redesigned
      editing entries interface (tomsommer, garvinhicking)

    * Plugin API: Introduced function 'is_event_plugin' for easier
      integration (Jonathan Arkell)

    * New event hook 'entry_display' inside of serendipity_printEntries().
      Can be used to force entries not being shown by setting the
      $eventData['clean_page'] variable to 'true'. (Jonathan Arkell)

    * Don't show "expand"/"toggle all" buttons if there is only one section
      availiable (tomsommer)

    * Redesigned admin interface for editing entries: Adjust items per
      page, sort order, filter mode, combined EDIT+DELETE interface into
      one. Introduced new css classes "serendipity_admin_list_item_even"
      and "serendipity_admin_list_item_uneven" for displaying entries.
      Can now search for entries in admin panel, can edit entries with
      empty titles. (garvinhicking)

    * Fixed image comment manager's "center" alignment mode and use
      image width/height from the image manager to format the <img>-Tag,
      with regards to Lewe.
      (garvinhicking)

    * Plugin 'serendipity_event_weblogping' now takes manually defined
      pinging service as parameter. (garvinhicking)

    * Modified plugin 'serendipity_event_trackexits': New config
      directive to deflect any links from commenting users using a
      HTTP redirect. This destroys common search engine ranking and
      will not benefit comment spammers. Notice that it also disables
      the common linking to non-spammer authors, so use with caution.
      (garvinhicking)

    * New plugin 'serendipity_plugin_remoterss' - Can display a foreign
      remote feed. Results are cached for a custom period of time.
      Contributed by Udo Gerhards. (garvinhicking)

    * Fixed Bug #941922 - strftime %e does not work on windows platform
      (tomsommer)

    * Fix template chooser plugin to reflect new location of template
      variable (tadpole9)

    * Image upload now strips all characters not suggested for filename
      use (garvinhicking)

    * Categories can now have a fixed image which is embedded for
      every article. Can be styled via CSS (.serendipity_entryIcon).
      Integrated with s9y image manager.
      (Evan Nemerson, garvinhicking)         [DB Layout change -> 0.6.2]

    * Published entries from the future will only be displayed on the
      frontend when not in the future. They will get automagically
      displayed as soon as the publish time is effectively reached.
      #RFE 939867 (garvinhicking)

    * Exit/Referrer plugin can now limit the number of elements
      (garvinhicking)

    * Added possibility to embed a comment to an image when inserting
      it via the s9y image manager (garvinhicking)

    * Added czech language (ISO-8859-2 and Win-1250), translated by
      Josef Klimosz.

    * Added french language, translated by Renaud Lavigne.

    * Fixed some issues on windows servers. Patch by Richard Thomas
      Harrison

    * Improvements for multi-user interface:
       - Configuration is stored per-user (language, WYSIWYG-preference,
         and possibly others)
       - passwords/usernames/E-Mail adresses can be changed
       - introduction of userlevels (admin, chief, editor)
       - public/private categories
       - plugins are stored per-user. Admin-created plugins cannot be
         removed by chiefs/users, protected plugins (HTML nuggets) can
         only be configured by the owner or admin users
       - manage/create users
       - entries are stored per-user and can only be changed by the
         author or chief/admin users. Comments can only be toggled on/
         off and removed by the author or chief/admin users.
       - public/private images
       (garvinhicking)                       [DB Layout change -> 0.6.1]

    * Configuration is now language-dependant. (garvinhicking)

Version 0.6-pl3 (June 20th, 2004)
------------------------------------------------------------------------

    * WYSIWYG-Editor: Links were prefixed with '/' wrongly (IE only).
      Now all entered links will be put to an absolute URL consistently.
      Fix always inserting extended body with empty '<br />'
      (garvinhicking)

    * Fix bug during installation, which can cause an endless loop
      of connections (tomsommer)

    * Removed german blogbot pinging service, it was shut down (nohn)

    * Allow pinging of blogbot.dk (tomsommer)

Version 0.6-pl2 (May 24th, 2004)
------------------------------------------------------------------------

    * Fixed security vulnerability on servers with Register_Globals On.
      (garvinhicking, gschlossnagle, tomsommer)

Version 0.6-pl1 (May 15th, 2004)
------------------------------------------------------------------------

    * Fixed trackbacks not associated to the right entry id (garvinhicking)

    * Fixed typo in Creative Common Plugin (Jonathan Arkell)

Version 0.6 (May 12th, 2004)
------------------------------------------------------------------------

    [changes since 0.6-rc2]
    * Creative Commons plugin bugfix (wrong 'non-commercial' case)
      (garvinhicking)

    * Fixed wrong doctype header (garvinhicking)

    * Fix %e date issue on windows systems. (garvinhicking, tomsommer)

    * Fix serendipity_makefilename() to replace some more foreign
      characters (garvinhicking)

    * Shoutbox plugin bugfix (errors using '%' in shouts) (garvinhicking)

    * Error with non-absolute image paths in RSS feed (garvinhicking)

    * Fixed installer problems timeouting (garvinhicking)

    * Removed possible error message about session_start for categories
      admin page (garvinhicking)

    * Fixed postgresql limit error when browsing pages (garvinhicking)

    [changes before 0.6-rc2]
    * Image upload now strips all characters not suggested for filename
      use (garvinhicking)

    * Language Charset Header are now used throughout s9y which make it
      completely foreign-language compatible (garvinhicking)

    * German translation fix (garvinhicking)

    * Upgrader kills the current session for possible changes inside
      session data on upgrade (garvinhicking)

    * Fixed wrong comparison operator - bug reported by tom, where nl2br
      plugin has "reversed" logic. (garvinhicking)

    * Fixed textile plugin not enabled by default after adding it as a
      plugin (garvinhicking)

    * Comments plugin now correctly wordwraps (garvinhicking)

    * Fixed wrong HTML links for WYSIWYG-editor in Internet Explorer
      (garvinhicking)

    * Fixed htmlentites acceptance for foreign language entry titles
      (garvinhicking)

    * Relaxed dependency on WIKI plugin, if the inclusion fails.
      (garvinhicking)

    * PostgreSQL SQL update files (jtate)

    * Better detection of serendipityPath variable (garvinhicking)

    * Adjustable WYSIWYG-language for foreign languages (garvinhicking)

    * Fixed special characters for WYSIWYG-htmlarea.css file
      (garvinhicking)

    * Fixed WYSIWYG-editing error for HTML Nugget plugin (garvinhicking)

    * newline fixes inside the files (cosmetic issues) (isotopp)

    * Fixed losing commenting user details when previewing a comment
     (garvinhicking)

    * Added plugin for usage of CreativeCommons (creativecommons.org)
      license for the blog's contents (Evan Nemerson)

    * Templates with an "inactive.txt" or no "info.txt" inside their
      directory are not selectable for s9y. Usable for "work in progress"
      templates. (garvinhicking)

    * Fixed $su link for users with no URL rewriting (garvinhicking)

    * Fixed invalid XML for RDF trackback:ping (garvinhicking)

    * Added plugin 'serendipity_event_statistics'. Hooks into the
      admin entry-panel. (garvinhicking)

    * Do some "common XHTML-mistakes" fixing for output of RSS feeds
      (jalcorn)

    * Updated WYSIWYG-Editor (htmlarea) to latest version. Integrated
      s9y image manager in htmlarea window. Template file 'htmlarea.css'
      can be used to adjust the editor's look to your template.
      (garvinhicking)

    * Templates: New CSS classes for better customization
      - 'serendipity_entry_body_folded' for the entry body on the
         weblog index page
      - 'serendipity_entry_body_unfolded' for the entry body on
         article page
      - 'serendipity_entry_extended' for the extended body on article
         page
      (garvinhicking)

    * Image upload: Can now specify alternate file name. Renamed
      input field to not cause confusion with COOKIE-variable
      (garvinhicking, isotopp)

    * Image manager popup-window now resizable and with scrollbars
      (garvinhicking)

    * Serendipity can now be used in shared environments and act as a
      library for VirtualHost'ed Blogs. See README. (garvinhicking)

    * Fixed installer on hosts with non-standard (80) HTTP ports
      (garvinhicking)

    * Relaxed umask/chmod file and directory creation
      (garvinhicking)

    * Abstract archives/URL locations and regex-patterns in a central
      place for easier maintenance (zem)

    * Optimized db indizes on 'entries' (zem)

    * Added shoutbox plugin (Matthias Lange, garvinhicking)

    * Renamed "0.5.1" to "0.6" because of changes. Updated upgrade-
      script (garvinhicking)

    * Added home-link in templates for the header/subheader
      (garvinhicking)

    * Bugfix: With mod_rewrite redirection parameters to browse pages/
      calendar was not working in non-embedded blogs
      (garvinhicking)

    * Added many new templates (several MoveableType imitations,
      moz-modern) (sebastianbergmann, tomsommer, garvinhicking)

    * Added backwards-compatible CSS ids to admin panel for better CSS
      customization (garvinhicking)

    * Moved smilies/xml buttons to template directory (img/) to be
      customized per-template (garvinhicking)

    * Added plugin to switch themes on the frontend (Evan Nemerson,
      garvinhicking)

    * Allow (multiple) dependencies for plugin API to allow pairing of
      event/ sidebar plugins (garvinhicking)

    * Added an upgrade-script to allow for easier upgrade of an existing
      s9y installation (tomsommer)

    * Redesigned the plugin manager (tomsommer)

    * Added RFE #827945 - Allow for custom selection of calendar
      beginning on week (tomsommer)

    * Markup can be applied individually from a list of available
      transformations: BBCode, Wiki, Textile, s9y markup, Emoticons,
      nl2br. Multiple transformations are possible. (Colin Viebrock,
      garvinhicking)

    * Allow for each language to have its own charset (tomsommer)

    * Now able to preview comments. (garvinhicking)

    * Fixed bug that removed admin-cookie when you didn't check the
      "remember comment" box on submitting comments to your own blog
      (garvinhicking)

    * Conditional GET logic for RSS feeds using HTTP caching methods.
      See README for instructions, needs database schema update
      [db_update-0.5-0.5.1.sql] (garvinhicking)

    * Small XHTML-compliance fixes. (garvinhicking)

    * Image manager: Allow sorting by date/file attributes, changing
      sort order and choosing items displayed per page (garvinhicking)

    * Fixed wrong link to entry when not using any rewrite rule
      (tomsommer & AlfaTeK)

    * Changed type of DB password to 'protected' to avoid it being
      displayed as plaintext (tomsommer)

    * Added danish language file (tomsommer & Jeppe Lund)

    * Added notice when using a wrong username or password to gain
      access to admin/author suites (tomsommer)

    * Added date & time translation using strftime() and setlocale()
      (tomsommer)

    * HTML Validator event plugin. Can be used to validate your entry
      upon preview (garvinhicking)

    * Create example events: mailer, weblogping, contentrewrite,
      eventwrapper (garvinhicking)

    * Created event plugin API to hook on certain serendipity actions
      (garvinhicking)

    * Redesigned image manager. (tomsommer)

    * Added image syncronization with database. IMPORTANT: Click on
      "rebuild thumbs" to re-import your file-based images! (tomsommer)

    * Now able to use CommentAPI to post entries to an RSS/Atom feed,
      like from RSS Bandit (garvinhicking)

    * Renamed "sebastian's weblog" theme to "blue" (sebastianbergmann)

(Older NEWS see file NEWS_OLD)