forked from Elgg/Elgg
/
CHANGES.txt
169 lines (145 loc) · 7.2 KB
/
CHANGES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
Version 1.7.4
(??? from http://code.elgg.org/branches/1.7)
Bugfixes:
* Upgrade Twitter Services to use oAuth so The Wire can post
to Twitter. (Requires special actions. See LINK TO BLOG POST.)
* WSOD fixed when viewing an invalid profile page.
* Checking for mismatched passwords earlier in registration to avoid
creating a user who can never log in and wasting a username/email.
* POST data in the web services API is correctly quoted on servers
with magic quotes enabled.
* WSOD fixed when trying to update an invalid entity.
* Group file widget only shows when Files are enabled for the group.
* Fixed misformatting of some group forum posts in the River.
* Fixed resizing tall non-square images.
* Non-English languages work when using memcache.
* User avatar menus work when switching filters on River Dashboard page.
* CSS is correctly cached for newly enabled plugins.
UI/UX Changes:
* Pages: Admin users can edit user-defined "Welcome page."
* Pages: Group "Welcome page" can be edited.
* User Validation: Added an admin section for unvalidated users. An
admin user can resend validation request, validate, or delete
unvalidated users.
API Changes:
* test_ip() removed.
* is_ip_in_range() removed.
* Read/write DB connections can use different credentials.
* Twitter services plugin allows other plugins to tweet
if the user authorizes them. See twitterservice/README.txt
Version 1.7.3
(September 2, 2010 from http://code.elgg.org/branches/1.7)
Security enhancements:
* Fixed a security flaw that allowed an SQL injection attack
using crafted POSTs. Thanks to Georg-Christian Pranschke of
www.sensepost.com for the bug report.
UI/UX Changes:
* Entering an invalid captcha now forwards to referring page.
Bugfixes:
* Multiple owners support fixed for legacy get_entity*() functions.
* "Edit details" and "Edit profile icon" only show up for user's own
profile.
* get_objects_in_group() works correctly.
Version 1.7.2
(August 18, 2010 from http://code.elgg.org/elgg/branches/1.7)
UI Changes:
* Group "widgets" have been standardized with new blog and bookmark widgets.
* New group member listing page.
* Group forum topics can be edited including title and status.
* Added a group creation river entry.
Bugfixes:
* Fixed preview and draft saving for blog plugin.
* Page titles are now editable.
* Fixed several bugs with the new elgg_get* and elgg_list* functions.
* Groups do not show up as personal friend collections anymore.
* Fixed an upgrade issue with utf8 usernames.
* Encoding of & in group forums is fixed.
API changes:
* Added elgg_list_entities_from_metadata().
* Added elgg_send_email().
* Added remove_from_river_by_id().
* Added remove_from_register() for removing menu items.
* Added elgg_get_excerpt().
* Added elgg_get_friendly_title() and elgg_get_friendly_time().
Version 1.7.1
(April 21, 2010 from http://code.elgg.org/elgg/branches/1.7)
UI changes:
* (Unused) tags field removed from external pages.
* Languages fixes in groups.
* Installation checks database settings before writing settings.php.
* Made the widgets more consistent in their UI.
Bugfixes:
* Pagination fixed.
* Profile icons fixed for PHP-CGI users who were seeing incorrect avatars.
* Tag search works in groups and members.
* Tag clouds correctly link to tag search.
* RSS views added to search.
* Wrapper function for get_entities() correctly rewrites container_guid to
owner_guid.
* output/url correctly appends http:// again.
* full_url() urlencode()'s ' and " to avoid a security problem in IE.
API changes:
* Moved admin flag to users_entity table and added ElggUser->isAdmin(),
->makeAdmin(), and ->removeAdmin() to replace the metadata.
* Plugin hook for reported content includes the report object.
* UTF8 upgrade checks server defaults before running to avoid
corrupted strings.
* Tags lib updated to elgg_get_*() interface.
* Can get entities based upon annotation/metadata owner_guid.
* Moved friendly time and friendly title into overridable views.
* Added unregister_notification_handler().
* Added remove_widget_type().
* Search supports container_guid.
Version 1.7.0
(March 2, 2010 from http://code.elgg.org/elgg/trunk/)
User-visible changes:
* UTF8 now saved correctly in database. #1151
* Unit tests added to System diagnostics.
* Debug values output to screen when enabled in admin settings.
* Users can now log in from multiple computers or browsers concurrently.
* Misconfigured plugins no longer break the site. #1454
* User display names cannot have HTML or be longer than 50 characters.
* New search system.
Bugfixes:
* Searching by tag with extended characters now works. #1151, #1231
* Searching for entities works properly with case-insensitive metadata. #1326
* Invalid views now default to 'default' view. #1161.
* Metadata cache now handles a 0 string. #1227
* ElggPlugin get() now works with 0. #1286
* Metadata __isset() now works for falsy values (except NULL). #1414
* clear_plugin_setting() now only clears a single setting.
* Submenu entries are correctly calculated after a simplecache refresh.
API changes:
* New plugin hook system:unit_test for adding files to unit tests.
* $is_admin global deprecated; use elgg_set_ignore_access() instead.
* Deprecated get_entities(). Use elgg_get_entities().
* Deprecated get_entities_from_metadata(). Use elgg_get_entities_from_metadata().
* Deprecated get_entities_from_relationship() and g_e_f_relationships_and_meta(). Use elgg_get_entities_from_relationship().
* Deprecated get_entities_from_access_id(). Use elgg_get_entities_from_access_id().
* Deprecated get_entities_from_annotations(). Use elgg_get_entities_from_annotations().
* Reorganized directory file path to rely on GUID instead of username.
* annotation_id column added to the river database table.
* remove_from_river_by_annotation() added.
* unregister_elgg_event_handler() and unregister_plugin_hook() added. #1465
* clear_all_plugin_settings() added.
* get_entity_relationships() supports inverse relationships. #1472.
* can_write_to_container() can be overridden with the container_permissions_check hook. #1164 (part 2).
* Deprecated search_for_*().
* Deprecated search_list*().
* Added elgg_deprecated_notice().
* ElggEntity::countEntitiesFromRelationship() supports inverse relationships. #1325
* delete_relationship() triggers the hook delete:relationship and passes the relationship object. #1213
* added ElggEntity::removeRelationship(). #1376.
* get_entity_dates() supports order by. #1406.
* Added elgg_http_add_url_query_elements().
* Added elgg_register_tag_metadata_name() and elgg_get_registered_tag_metadata_names();
* Added ElggEntity::getTags().
* Added elgg_add_action_tokens_to_url().
Services API:
* Separated user and api authenticate processing
* hmac signature encoding now compatible with OAuth
* New plugin hook api_key:use for keeping stats on key usage
* New plugin hook rest:init so plugins can configure authentication modules
* Moved auth.gettoken to POST for increased security
* Fixed REST POST bug #1114
* Fixed #881, #1214, #1215, #1216, #1217, #1218, #1219, #1220, #1298, #1364