forked from dotclear/dotclear
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG
1414 lines (1305 loc) · 70.6 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Dotclear 2.27.3 - 2023-08-31
===========================================================
* Fix: Review password recovery procedure (link sent in email was buggy)
* Fix: Modules dependencies check
* Fix: Flat export workflow
* Fix: Install process
* Fix: Cope with inconsistent widget settings
Dotclear 2.27.2 - 2023-08-22
===========================================================
* Fix: Cope with new plugin installation
* Fix: Install (with or without wizard) was buggy
* Fix: Optionnal dependencies (modules)
* Fix: Category modification
* Fix: Comments actions
* Fix: Regression on .mjs extension (js module) loading
* Fix: Open/close HTML details management (admin)
* Fix: Cope "0", "", … as existing text for text property (Form)
* Fix: User options settings (super-admin on other users)
Dotclear 2.27.1 - 2023-08-14
===========================================================
* Fix: Production mode was not enabled on build
Dotclear 2.27 - 2023-08-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1/8.2 compliance
* 📣 Warning: Next major release (2.28) will require PHP 8.1
* Fix: Apply settings rename in global and local arrays
* Fix: Cope with antispam check without link to an entry
* Core: All admin/install/helper/db code is now PHP namespaced, public code will be on next release (2.28)
* Admin: Reduce threshold for wide screens (1920px to 1760px on 16px based browser)
* Admin: Add ability to lock a module (plugin/theme) update
* Admin: Theme editor UI reviewed
* Admin: CSS reviewed for badges
* Admin: XMLRPC is not more an entry point (functionality removed)
* Admin: Add an action to set as Never published/Already published a selection of entries (posts/pages)
* Admin: Do not float left fieldset/.fieldset h3/h4, keep it only for legend
* Admin: Don't show comment IP in backend if not blog admin or superadmin
* Admin: Add theme preview inside admin (paginated home only)
* Admin: Reduce scrolling animation if necessary (a11y) for admin Go-Top button
* Admin: Add optional columns settings for blogs, comments and users lists
* Admin: Optional columns are now sortable (JS only)
* Lib: Update jQuery to 3.7.0 (from 3.6.0), upgrade jQuery Migrate to 3.4.1 (from 3.3.2)
* i18n: Various translation have been added (using DeepL engine), they should be reviewed
* i18n: Add arabic and hebrew languages
* Public/Editors: Use CSS classes rather than inline style for media alignments (classes: media-left, media-center and media-right)
* Theme: Reduce scrolling animation if necessary (a11y) for Berlin Go-Top button
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.26.1 - 2023-06-04
===========================================================
* Fix: Rename of namespaces/workspaces (respectively for settings/preferences)
* Fix: Module search engine
* Fix: Actions on duplicate modules
* Fix: try…catch with chmod()/fileperms() which may be disabled
* Fix: Never loaded parent theme
* Fix: Type hint (theme management)
* Fix: File helper, do not initialize property if given file does not exist
* Fix: Restrict filters to current blog
* Fix: Check existence of opcache_get_status() and opcache_reset() before using them
* Fix: Move safe-mode notice under breadcrumb
* Fix: Remove redundant new keyword (preferences management)
* Fix: Remove unused behavior in maintenance plugin
* Fix: Comments search in backend
* Fix: Fix Berlin theme layout on large screens
* Fix: Clear server PHP cache after module update
Dotclear 2.26 - 2023-05-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1/8.2 compliance
* Fix: Remove pragma for correct caching behaviour (pragma header is deprecated)
* Fix: Ensure codemirror rendered area is readonly if textarea source is readonly too
* Fix: Allow dcLegacyEditor applied on excerpt or content textarea only
* Fix: Show format (syntax) label rather than format code in filter
* Core: Clearbricks library has been directly included in Dotclear
* Core: Update timezones from https://www.iana.org/time-zones
* Core: Disabled REST services during last phase of update
* Core: Clear file status cache to avoid running old code after update
* Core: Add php min in requires property in module define
* Admin: A media type has been added to media filter
* Admin: Add post type in breadcrumb if necessary
* Admin: Sort media thumb sizes in descending order (largest first)
* Admin: Add a constant to disable REST services (may be useful during debugging session)
* Admin: Avoid uploading of phar media
* Admin: Fix appearance of action buttons for blog themes
* Admin: Allow 3rd party plugin to use CKEditor to their own textarea on complex admin pages
* Admin: Allow 3rd party plugin to use CodeMirror to their own textarea on complex admin pages
* Admin: Harmonize fieldset (+legend/h3/h4) and CSS class .fieldset (h3/h4)
* Admin: Hide dependency information of module (in details/summary) in plugins management page
* a11y: Add lang attribute for each language select options or list
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.27) may require PHP 8.1 (announced in backend) or PHP 8.2
Dotclear 2.25.3 - 2023-02-25
===========================================================
* Fix: Check import/export module class before listing them (should have been in 2.25.1 but not)
* Fix: Ensure that maintenance task id is set
* Fix: Typo in import WP class/filename
* Core: Try to clear PHP OPcache to avoid running old code after update
Dotclear 2.25.2 - 2023-02-19
===========================================================
* Fix: Tags widget
* Fix: Breadcrumb
Dotclear 2.25.1 - 2023-02-18
===========================================================
* Fix: PHP 7.4 and default used in namespace, 'default' folder theme renamed to blowup (namespace too)
* Fix: Secondary admin pages for pages' actions
* Fix: Using a widget element in a theme template
Dotclear 2.25 - 2023-02-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1 compliance (and as far as we know PHP 8.2)
* Core: New plugin/theme code structure (using a brand new autoloader), old plugins/themes remain compatibles
* Core: Clearbricks is now included in Dotclear code, not more as a git sub-module
* Core: Update last step will not redirect to the safe-mode login page
* Core: No more need to add namespace (blog-settings) / workspace (user-preferences) before using them
* Core: Add possible using of external db driver (Experimental)
* Core: Add support of .mjs ECMAScript module files
* Core: Remove unnecessary and weak protection code
* Core: Move some legacy and proxy code in dcProxyV2 plugin
* a11y: Some aria attributes have been set in backend
* Theme: Merge default smilies and blog's smilies (the blog's smilies have a higher priority)
* Theme: Merge plugin blowupConfig into theme Blowup
* Admin: Some jQuery javascript scripts have been rewritten in pure ECMAScript
* Admin: Add Atkinson Hyperlegible font (used by default in admin, may be disabled in user pref)
* Admin: Add some shortcuts (CTRL+letter) to dcLegacyEditor toolbar
* Admin: Add a specific warning message on update page if necessary (breaking changes)
* Admin: Cope with no user TZ defined (use UTC in this case)
* Admin: Fix admin permission management for blogroll and pages plugins
* Admin: Cope with float/double values in about:config and user:pref
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.26) may require PHP 8.0 (announced in backend) or PHP 8.1
Dotclear 2.24.1 - 2023-01-18
===========================================================
* Fix: Permission management with no user logged (public)
* Fix: Clearbricks use of mixed type (PHP 8.0+ only)
* Fix: Unzip also _init.php if exists in zip archive during installation (new/update)
* Fix: Cope with dcRecord in context, should fix loopPosition() used for pagination
* Fix: Fix Ajax maintenance tasks
* Fix: Fix manual change a comment to spam (unknown filter)
* Fix: Cope with null content for column_default property (PostgreSQL)
* Fix: Cope with not categorized posts
* Fix: Cope with SQLite syntax for specific case (no where condition)
* Fix: Fix blogs list for non superadmins
* Fix: Do not HTML-escape search query string twice
* Fix: Cope with admin user locale for lexical sort function
* Fix: Blog inactivity to Sleep mode management
* 🐛 → Various bugs, a11y, l18n concerns and typos fixed
Dotclear 2.24 - 2022-12-24
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1 compliance
* 🗑 Remove XML/RPC system (keep only minimum for Pingbacks)
* New blog parameter to close comments/trackbacks after a period of inactivity on the blog
* Core: Large code review has been done, may break old code (3rd party plugins and themes)
* Admin UI: New default icons for media items
* Admin UI: Message look reviewed
* Admin UX: Preserve current dir and current view of media manager
* Admin UX: Password strength use an entropy indicator
* Admin UX: Improve navigation in about:config and user:preferences list
* Admin UX: Allow activation and de-activation of plugins in safe mode
* Admin UX: Allow update of disabled/activated plugins in safe mode/normal mode
* Admin UX: Add folding capability to widgets group
* Theme: Cope with theme defined widget container format
* Theme: Smilies are available for every theme (Blowup theme not more mandatory)
* Lib: Update CKEditor to 4.20.1
* Lib: Update Codemirror to 5.65.10
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.23.1 - 2022-08-13
===========================================================
* Fix: Adding a new comment was buggy (front/back)
Dotclear 2.23 - 2022-08-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1 compliance
* 🗑 Remove Iconset management
* Admin UI: Harmonize font size on different support (laptop, tablet, mobile)
* Admin UX: Group more logically buttons on CKEditor toolbar
* Core: New constant DC_DEFAULT_THEME, set to 'berlin'
* Core: Use predefined constants for post statuses (dcBlog::POST_*)
* Core: Use predefined constants for comment statuses (dcBlog::COMMENT_*)
* Core: Deprecated global $core (or $GLOBALS['core']), use dcCore::app() instead
* Core: Deprecated global $_ctx, use dcCore::app()->ctx instead
* Core: Deprecated global $_lang, use dcCore::app()->lang instead
* Core: Deprecated global $mod_files, use dcCore::app()->cache['mod_files'] instead
* Core: Deprecated global $mod_ts, use dcCore::app()->cache['mod_ts'] instead
* Core: Deprecated global $_menu, use dcCore::app()->menu instead
* Core: Deprecated global $__resources, use dcCore::app()->resources instead
* Core: REST server now accepts JSON format (experimental)
* Fix: Use relative URL for attachments as far as possible
* Fix: Remove select hiding mechanism when help is displayed
* Fix: Loading of modules (plugins/themes) in safe mode
* Fix: Message position on Quick entry submit (dashboard)
* Fix: Select appearance on Safari (webkit engine)
* Lib: Update CKEditor to 4.19.1
* Lib: Update Codemirror to 5.65.7
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Internet Explorer is not more officially supported (may still work weirdly)
Dotclear 2.22 - 2022-05-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0/8.1 compliance
* Remove anti-FLoC system
* Add a live preview button to standard Dotclear editor (wiki syntax)
* Use native Javascript in scripts shiped with Berlin and Ductile theme (no more need jQuery)
* Improve retrieval of origin metadata on Webmention or Pingback
* Add a "Reset to now" button near the publish datetime input field (post/page)
* Reduce number of CSS mediaqueries' breakpoints to 3 (mobile, tablet, laptop) for backend
* Add a sticky position to "quick access to section" menu for about:Config and user:Prefs
* Toolbar icons reviewed for standard Dotclear editor
* Lib: Update Codemirror to 5.65.2
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.21.3 - 2022-03-07
===========================================================
* Fix: Non admin users cannot create a new entry
* Fix: User settings error (via users list)
Dotclear 2.21.2 - 2022-02-26
===========================================================
* Revert some modifications done for PHP 8.1 compliance (strftime)
* Cleanup remaining currywurst folders (currywurst template removed since 2.20)
Dotclear 2.21.1 - 2022-02-19
===========================================================
* Fix: Cope with author TZ for posts and pages edition
* Fix: Avoid browser caching on page/post preview
* Fix: List of entries using a media
Dotclear 2.21 - 2022-02-13
===========================================================
* 🐘 PHP 7.4+ is required, PHP 8.0 compliance (should work with PHP 8.1 too but not guaranteed)
* Add an user option to preview edited entry in another tab (or window) rather than in a popup
* The detection of ad-blockers which may perturb backend has been improved
* The old JS/CSS datepicker has been removed
* A lot of old PNG icons have been replaced by SVG ones (dashboard, standard editor, …)
* The contrast of the light mode in backend has been enforced
* Lib: Update CKEditor from 4.16.2 to 4.17.1
* Lib: Update Codemirror 5.63.3 from to 5.65.0
* 🛡 Security: Avoid time measuring attack on login
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.20.1 - 2021-11-19
===========================================================
* Fix: Lost of context in media popup (editor media insertion)
* Fix: Active menuitem in favorites menu
* Fix: Avoid notice on unknown namespace (dcSettings)
* Fix: New user button had disappeared since the previous version
Dotclear 2.20 - 2021-11-13
===========================================================
* 🐘 PHP 7.3+ is required, PHP 8 compliance
* Js: switch to ES2016+ syntax, up to ES2021 (was ES2015 in 2.19), will require a "modern" browser
* Template: Refine tpl:block for pagination and archive (dotty templateset)
* Template: Add ".updated" class to republished posts (dotty templateset)
* Template: The {{tpl:CommentIfMe}} template item take care of author's alternative emails and URLs
* Admin UI: Enforce visibility of last action « button » on update
* Admin UI: Remove box and text shadows from CKEditor dotclear CSS styles
* Admin UI: Slightly review the look of theme's screenshots (blog appearance page)
* Admin UI: Move drag'n'drop button to right side on dashboard
* Admin UX: Add screenshots for disabled themes
* Admin UX: Add a badge with number of updates available on dashboard icon
* Admin UX: Add password strength meter on auth page (if password change is required)
* Admin UX: Generic filter controls refactored
* Admin UX: Cope with local .mediadef file (JSON format wich superseeds insertion defaults)
* Admin UX: Add message about next required PHP version on update page
* Theme: Remove left border for (aside) sidebar of Berlin theme
* Core: Add third-party repository option for modules (plugins and themes)
* Core: Asynchronous check store update on dashboard
* Core: Add constant (DC_STORE_NOT_UPDATE) to disable DotAddict updates check
* Core: Add constant (DC_ALLOW_REPOSITORIES) to disable third party repo
* Core: Open admin search page to other type (WIP)
* Core: Remove currywurst template set (never used)
* Core: Add color, email, number types for widget settings
* Core: Fix determination of « republished » state of post
* Core: Cope with IPv6 addresses
* Core: Create DC_TPL_CACHE directory if necessary
* Core: Add IP v6 antispam filter (only enabled if GMP or BC Math library is available)
* Core: Add standard nethttp timeout constant (DC_QUERY_TIMEOUT)
* Core: Add alternatives Emails and URLs for users in My Preferences and User Profile (super-admin only)
* Core: Set repositories store cache TTL to 12 hours rather than 30 minutes
* Fix: Cope with DotAddict server not responding
* Fix: Cope with isolated figcaption for remove_html and strip_tags tpl attributes
* Fix: Allow modification of "official" themes if they are not in distributed folder (themes) of Dotclear
* Fix: RSS style, fix css responsive + fix input
* Fix: Ensure theme's settings namespace exists
* Fix: Ensure DC_VAR constant exists before using it
* Fix: Fix favicon path in auth page
* Fix: Allow https protocol for trackbacks
* Fix: Fix IPv4 antispam filter for subnet mask > 32
* Fix: Fix plugins privileges on config file
* Fix: Uses the same font in the CKEditor editor as the rest of the administration
* Fix: CKEditor sometimes add a t parameter to a request URL (background sprite image), ignore it
* Lib: Update CKEditor from 4.16.1 to 4.16.2 (with local additional fixes in CKEditor jQuery adapter)
* Lib: Update Codemirror 5.62.0 from to 5.63.3
* Lib: Update jQuery UI (custom) from 1.12.1 to 1.13.0
* ClearBricks: Allow legitimate .. in media filenames
* ClearBricks: Allow legacy forms (array of key => value) for select and optgroup components in form class
* Clearbricks: Add HTML details block support in wiki syntax
* Clearbricks: Use mysqli_get_server_version() rather than mysqli_get_server_info() to get server version
* 🛡 Security: Add SECURITY.md document
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.21) will require PHP 7.4+
Dotclear 2.19 - 2021-08-13
===========================================================
* 🐘 PHP 7.3+ is required, PHP 8 compliance
* jQuery: Remove old jQuery biscuit plugin and replace it by "modern JS"
* jQuery: Remove old jQuery pwstrength plugin and replace it by "modern JS"
* Js: Use dotclear global object rather than global constants, var and methods (AFAP)
* Js: No more need of global dotclear_init const as dotclear global object is initialized before (prepend.js)
* Js: Rewrite metaEditor script
* Template: Add {{tpl:CategoryID}} template
* Template: Refine granularity of tpl:Blocks in dotty template set, will simplify inheritance and overload of themes
* Template: Add dc-home-first class to body tag if it is the first page (standard mode)
* Template: {{tpl:FeedLanguage}} consider lang in post context
* Admin UI: Remove some PNG fallback image when SVG are available as every modern browsers support SVG format
* Admin UI: Bye bye responsive font size, thanks for all the fish!
* Admin UI: Blog appearance, use details HTML5 element rather than div and JS to display theme details
* Admin UI: Add system-ui (cross-platform default user interface font) in 1st position of font-family
* Admin UX: Load themes in some admin popups as some configurable theme may use a link/post/page selector
* Admin UX: Load themes in media/media-item admin pages as some configurable theme may use a media selector
* Admin UX: Disable deletion and modification of officially distributed themes
* Admin UX: Remove Google Blog Search from pings URIs (service stopped) and fix pings global settings management
* Admin UX: Check themes dependencies (with core, plugins)
* Admin UX: Management of attachments, allow using media->postmedia property
* Admin UX: Use details HTML5 element rather than div and JS for authentication additional options
* Admin UX: Add Ad-blocker detection (may be disabled) as it may interfere with CKEditor (may be other features).
* a11y: Cope with mediaquery prefers-reduced-data (experimental)
* Public UX: Fix navigation widget to cope with static mode
* Public UX: Add language information (if any) in breadcrumb
* Public UX: Use localStorage rather than cookie to store comment's author info ("remember me" checkbox)
* Public UX: Subscribe widget and feeds handling language context
* Theme: Use <link rel… rather than <style @import… for CustomCSS theme
* Theme: Align right field's labels (single line fields only) of Berlin theme
* Theme: No need to load again util.js in _public.php as it's already loaded by dotty/_head.html
* Core: Add .svg in allowed var/plugin loaded files
* Core: Add .webp in allowed var/plugin loaded files and ope with wepb thumbnails
* Core: Remove mysql driver support, obsolete in PHP 7+
* Core: Forget about URL type = lang as it cannot be set as this by the URL handler
* Core: Add publicBeforeCommentRedir behavior - useful to add parameters on redir URL
* Core: Globally disable (Google) FLoC tracking by default
* Fix: Cope with original size when storing current media insertion settings
* Lib: Update jQuery from 3.5.1 to 3.6.0
* Lib: Update Codemirror 5.58.2 from to 5.62.0
* Lib: Update CKEditor from 4.16.0 to 4.16.1 (and fix CKEditor jQuery adapter warnings)
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.18.1 - 2021-02-13
===========================================================
* Fix: Adjust top and bottom border of textarea when dcLegacyEditor toolbar is set in bottom
* Fix: Add missing support for webp and svg image format for <tpl:EntryFirstImage>
* Fix: Switch from programmed to published status for an entry causes error notice
* Enforce robustness of workspaces/namespaces (settings/blog parameters) methods
Dotclear 2.18 - 2020-11-13
===========================================================
* IP is now displayed in backend only for admins
* Add footnote feature to CKEditor
* HTML format is now default syntax for new users/blogs
* Add cancel button (if relevant) to media manager
* Lib: Update CKEditor to 4.15.1
* Lib: Update Codemirror from 5.55.0 to 5.58.2
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.19) will require PHP 7.3+
Dotclear 2.17.2 - 2020-08-17
===========================================================
* Fix: Cope with Safari which does not handle addEventListener method on MediaQueryList object (dark/light OS preference).
* Fix: Separate CSS background and background-color as some CSS rendering engine (Safari) does not cope with all in same declaration.
* i18n: Updated translations for occitan.
Dotclear 2.17.1 - 2020-08-15
===========================================================
* Fix: revert optional password fields (post/page) to text field to avoid unexpected behavior with Chrome
Dotclear 2.17 - 2020-08-13
===========================================================
* 🐘 PHP 5.6+ is required, PHP 7.4 compliance
* 🛡 Security: Password is now needed to export blog settings and contents (full/simple)
* Themes can now be cloned
* New helper button (show/hide) for password fields
* Enhancement of filter/sort usage for lists (posts, comments, …)
* 3rd automatic theme for backend theme (which follow OS setting)
* Authentication (backend) and password form (public for password protected entry) have been redesigned
* Add a Cancel button wherever relevant in backend
* PHP files can now be edited in Theme editor
* Plugins may now use SVG icon rather than JPG/PNG
* Black/White list names become Block/Allow list (antispam)
* Wiki: subscript syntax changed from _subscript_ to ,,subscript,,
* Wiki: add ;;span-content;; syntax
* Wiki: add §§attributes[|list attributes]§§ for blocks (at end of the 1st line of block)
* Wiki: add §attributes§ for inline elements (just before closing marker, warning: cannot be nested)
* Tpl: Add {{tpl:BlogNbEntriesFirstPage}} and {{tpl:BlogNbEntriesPerPage}}
* Tpl: Add optional even attribute to <tpl:EntryIfOdd>, <tpl:CommentIfOdd> and <tpl:PingIfOdd>
* Tpl: Add author="…" as attribute of <tpl:EntryIf>
* Sys: Add several behaviors, coreBeforeImageMetaCreate, themeBeforeClone and themeAfterClone
* a11y: Reduce motion if required in provided themes and backend
* Lib: Update jQuery to 3.5.1 (backend and public)
* Lib: Update Codemirror to 5.55.0
* Lib: CKEditor new color palette (configurable)
* Fix: Notification system refactored (now based on db rather than PHP Session)
* Fix: Missing confirmation before closing modified forms / unecessary confirmation asked before closing not modified forms
* i18n: Switch from Transifex to Crowdin for localisation purpose (https://dotclear.crowdin.com/)
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.16.9 - 2020-06-02
===========================================================
* Fix: Check password for export only if necessary
* Fix: Cope with mod_access_compat plugin inactive with Apache 2.4+
* Fix: Fix very large font size value (user prefs) with CKEditor
Dotclear 2.16.8 - 2020-05-27
===========================================================
* Fix: Clearbricks was not up to date in last release
Dotclear 2.16.7 - 2020-05-27
===========================================================
* 🛡 Security: Password is now needed to export blog settings and contents (full/simple)
* Fix: Remove absolute positionning of datepicker icon (media manager)
* Fix: Cope with SURBL DNS query blocked access (if too much requests from same source) - Antispam LinksLookup filter
* Fix: Remove wrapping p around figures (wiki)
* Fix: CKEditor use now same font-size as other UI standard elements
Dotclear 2.16.6 - 2020-05-22
===========================================================
* Fix: Remove executable bit on non-executable files
* Do not trim inside the content, only at the beginning and the end (dcLegacyEditor, XHTML mode only)
* Fix media description management in media-manager (main/popup)
* Fix insertion of figure (wiki / wysiwyg)
* Fix caret position after inserting image in dcLegacyEditor (wiki)
Dotclear 2.16.5 - 2020-05-14
===========================================================
* Fix: tpl:EntryContent and tpl:EntryIfContentCut when using full="1" attribute
* Fix: Take care of iframe content (used by wysiwyg/source dcLegacyEditor) for confirmation before closing modified forms
* Remove all automatic translations in simpleMenu plugin, feature which caused unanticipated behaviours
Dotclear 2.16.4 - 2020-04-24
===========================================================
* Fix: Remove <sub>content</sub> (_<content>_) from authorized element in wiki links. - missing from 2.16.3
Dotclear 2.16.3 - 2020-04-20
===========================================================
* Fix: Remove <sub>content</sub> (_<content>_) from authorized element in wiki links.
* Fix: Cope with default XHTML editor set to dcLegacyEditor and no format selected by default for new entries.
Dotclear 2.16.2 - 2020-04-17
===========================================================
* Fix: Alert missing about existing modification in administration (post edition, …) with CKEditor
* Merge old and new color palette for CKEditor text/background buttons
Dotclear 2.16.1 - 2020-04-15
===========================================================
* Fix: False alert about non existing modification in administration (post edition, …)
* Fix: Test the existence of directory backup before update
* Fix: Do not load "remember me" javascript script when comment are closed
* Fix: Show admin session expired message if necessary rather than wrong user/pwd
* Fix: wiki2xhtml, i, code, del, ins, mark, sup and sub elements are now allowed inside an a (link) element
* Fix: util.js utilities function script is now load on every page (will be improved in further release)
* Fix: In Ductile theme, load jQuery only if required
* Fix: Detection of mandatory input field content to enable submit button
* Add a behavior to setup htmlFilter options (keep aria, keep data, keep js)
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.16 - 2020-03-13
===========================================================
* 🐘 PHP 5.6+ is required, PHP 7.4 compliance
* 🛡 Security: all requests from/to Dotclear and DotAddict servers use now HTTPS
* jQuery upgraded to 3.4.1, older version will be removed, jQuery not anymore requested for "Remember me" feature
* New "static" mode for home page
* Media description may now be updated
* Add <i [lang="…"]>…</i> support to Dotclear wiki, syntax: ££text[|lang]££
* Lib: Update Codemirror to 5.52.0
* Lib: Update CKEditor to 4.14.0
* Lib: Clearbricks now supports MySQL 8+
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.15.3 - 2019-11-28
===========================================================
* Fix: Avoid weird side-effect of JS minifier
* Fix: insertion of default type media (non image/audio/video) in XHTML entries
* Fix: Cope with old themes for 'remember me' string defined in JS
Dotclear 2.15.2 - 2019-10-01
===========================================================
* Fix: Ajax saving of files in theme editor when using codemirror
* Fix: Video insertion with CKEditor or LegacyEditor
* Fix: Badge position for dashboard modules counters
Dotclear 2.15.1 - 2019-08-29
===========================================================
* Fix: SQL request for CSP unsafe-inline setting
* Fix: CKEditor configuration for foreign language (unabled to save post modifications)
Dotclear 2.15 - 2019-08-13
===========================================================
* 🐘 PHP 5.6+ is required, PHP 7.3 compliance
* Add drag'n'drop sorting system for dashboard blocks
* Backend context is preserved on switching blog (as far as possible, depending on user's grants)
* No more inline javascript, default/install CSP directive modified accordingly
* Add settings (in maintenance plugin) for CSP system
* Set correct lang attribute (useful for browser/editor spelling) for content (post/page) depending on entry setting, and CK editor UI in user language
* Add spellcheck="true" attribute on input/textarea
* Refactoring of notices/messages system on backend
* Add undo/redo buttons to CKEditor toolbar
* Add title/legend reminder on media popup insertion (1st tab)
* Add font loading capabilities for ?pf= system - plugin are now able to load css fonts
* Add WebP image format support to Dotclear (may depends on your server PHP capabilities)
* Add <sub>…</sub> support in Dotclear wiki, syntax : _indice_
* Template system: Allow ?sub for category/categories attributes of tpl:EntryIf, and for url/urls attributes of tpl:CategoryIf
* Responsive tables/lists (posts, pages, users, …)
* Spams preview (administrative board) now shows HTML code rather than interpreted content
* Fix: port used behind reverse proxy (Clearbricks)
* Lib: Update Codemirror to 5.48.0
* Lib: Update CKEditor to 4.12.0
* 🗑 → No more flash players (flv,mp3)
* 🐛 → Various bugs, a11y concerns and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.14.3 - 2018-09-26
===========================================================
* 🛡 Security: Avoid XML upload in media manager
* Fix: Upgrade modification for media_exclusion default setting
* Fix: cope with PHP.ini setting memory_limit set to -1 (unlimited)
Dotclear 2.14.2 - 2018-09-04
===========================================================
* 🛡 Security: Authenticated cross-site scripting (XSS) was possible due to the .ahtml (or .bhtml, .chtml, …) file extension being allowed in the media manager. Thank's Josiah Pierce for report (CVE-2018-16358)
* 🛡 Security: Unregister phar wrapper in order to avoid PHP Phar extension vulerability
* Fix: Enter key in some input fields were not redirect to the parent form
* Fix: Unable to save modified theme's files in theme editor, when Codemirror is used
* Fix: Back to the original global_filters() template function (will be rewritten in the next 2.15)
Dotclear 2.14.1 - 2018-08-17
===========================================================
* 🐘 PHP 5.6+ is required - PHP 5.5 is buggy with the 2.14 release
* Fix: install wizzard was broken
* Fix: smallest admin font size was set when saving user prefs
* Fix: minifying JS scripts may cause problems with regular expressions
* Fix: empty JS var was set for syntax coloration if disabled
Dotclear 2.14 - 2018-08-13
===========================================================
* 🛡 Security: Fix potential reflective XSS, thank's Zekvan Arslan for report (via Daniel Bishtawi from https://www.netsparker.com/)
* 🐘 PHP 7.2 compliance
* Use specialized fields whenever it's possible (email, …)
* Add definition list capabilities (dl, dt, dd) to wiki (= <term>, : <definition>)
* Add <sup>…</sup> support in wiki, syntax : ^exponant^
* Add syntax property/method to dblayer driver
* Replace some js oriented background fading by CSS3 animation
* Enhance some visual focus indicators
* Enhance key event management in popup (Esc, Enter, …)
* Template filters may now be extended (or modified) by 3rd party plugins (via behaviors)
* PSR-2 code formatting as far as possible (work in progress)
* Add two new ways to order tags (by oldest or newest associated post publication date)
* Update Codemirror to 5.38.0
* Update CKEditor to 4.9.2
* Update jQuery migrate plugin to 1.4.1
* Update jQuery UI (custom) 1.12.1
* Add a dark mode (via user preferences) for administration, CSS refactoring
* Animate some counters on dashboard icons (nb of comments, spam comments and posts)
* 🐛 → Various bugs and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.13.1 - 2018-01-27
===========================================================
* Fix: Weird behaviour of theme editor when typing any of "t", "r", "u" and "e" characters
* Fix: Unable to save an entry with dcLegacyEditor in XHTML mode, visual pane
Dotclear 2.13 - 2018-01-13
===========================================================
* 🐘 PHP 5.5+ is required
* 🛡 Security: New password management system (including silent migration)
* 🛡 Security: Add Referrer-Policy header in admin pages
* 🛡 Security: Fix potential XSS - thank's Trí Chim Trích for report
* Dotclear news are now displayed in async way by js
* Dotclear core update check is now done by async js - a forced check may still be done on <admin>/update.php page
* Add utf8mb4 driver (MySQL server 5.7.7+)
* Add target="blank" option in simpleMenu
* Update CKEditor from 4.6.2 to 4.7.3
* Update CodeMirror from 5.25.1 to 5.32.1
* Add required attribute for mandatory fields
* Fix: Avoid horizontal scrolling table when longest comment's usernames in list of comments
* Fix: Cope with MySQLi connection via socket
* Fix: Error messages markup and styling
* Fix: Set caret at the end of the inserted thing (img, url, blockquote, …) in Legacy editor if current selection is empty
* Fix: Cope with query part only in SimpleMenu URLs
* 🐛 → Various bugs and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.12.2 - merged in 2.13
===========================================================
* Fix: lang attribute was missing on entry alone contexts for currywurst and dotty templatesets
* Fix: Add http:// protocol before media.dotaddict.org for csp_admin_img
* Fix: tpl:sysIf blog_lang generated code
* Fix: Duplicate auto-generated URI (entries)
* Fix: Do not use border and background on select to use the system aspect of them in Firefox.
* Fix: For select element, target Safari to cope with font-size select/option problem.
* Fix: Error messages styling
Dotclear 2.12.1 - 2017-08-13
===========================================================
* Fix: 3rd party filters for template tags (std filters are not more modifiable)
* Fix: Media filename are now used without modification for media title on upload (advanced mode)
Dotclear 2.12 - 2017-07-27
===========================================================
* 🛡 Security: Fix potential XSS
* 🛡 Security: Enforce uniqness of the recovery key
* 🛡 Security: Switch hash method from sha1 to sha512 (new installation only)
* Two new values for base font size (37.5% and 87.5%)
* Adaptive admin font size is now optional
* Reduce base font size on very small devices
* Refactor some functions to closures
* No CSP directives in safe mode
* Add current blog domain for script and style CSP directives
* Backlinks:
* Retrieving ping URLs, let trackback first, then pingback, then finally webmention
* Get source post content to compose webmention excerpt and retrieve title
* Use source post title as blog name if this one is unknown (Anonymous blog is used if neither title nor blog name are known)
* Datepicker's look refreshed
* Allow 3rd party additional headers (URL handler)
* Dublin core metadata removed
* Using theme\<theme_name> namespace for _public.php and _prepend.php, in order to simplify theme copy and hack
* Temporary password will have to be changed at first login (after resetting password)
* Add ukrainian language
* French help updated for theme editor
* Add an option to disable Dotclear updates check (super-admin only)
* Fix: Blogs’ admin (ie not super-admin) got back their blogs’ list but only super-admin may do actions
* Fix: Post/page edition layout on different screen sizes
* Fix: x-frame-options URL in admin
* Fix: Cope with several copies of a same smiley in content
* Fix: Allow 3rd party filters for template tags
* Fix: Use getURLFor instead of old getBase function for breadcrumb
* Fix: Give mysql/mysqli driver choice for DC 1.2 import
* Clearbricks lib update from 0.9 to 1.0
* jQuery lib update from 2.2.0 to 2.2.4 (last release of jQuery 2.n branch)
* CKEditor lib update from 4.6.1 to 4.6.2
* CodeMirror lib update from 5.15.3 to 5.25.1
* 🐛 → Various bugs and typos fixed
* 🌼 → Some locales and cosmetic adjustments
* 📣 Warning: Next major release (2.13) will require PHP 5.5+
Dotclear 2.11.2 - 2016-12-29
===========================================================
* Fix: Ensure compatibility with old version of PHP (5.3, 5.4)
* Fix: New path of CSP report for maintenance deletion task
* Fix: Broken entry preview
* Fix: Avoid outgoing link on images in media manager
* 🌼 → Do not include empty div as it disrupts CSS flexbox system
Dotclear 2.11.1 - 2016-12-28
===========================================================
* Fix: admin menu not visible and some plugin admin not accessible with PHP < 5.5
Dotclear 2.11 - 2016-12-28
===========================================================
* 🐘 PHP 5.3+ is required
* 🛡 Security : Prevents XSS injection in media title, thanks smarterbitbybit for report
* Cope with locale for sorting order if possible (work in progress)
* Rich-text-editor (xhtml) may be disabled for Blog/Category description, widget's textareas, …
* Add direct access to module's settings from plugins management page (depends on _define.php of modules)
* Menus (except favorites) are now lexically sorted (except "new post" item)
* Add Entry date as sort order in comments list
* Switch admin CSS to Sass/Compass (work in progress)
* Add 'l' and 'm' accesskey for editor toolbars, respectively for 'insert link' and 'select media' buttons
* Add new categories attribute to EntryIf template tag
* Remove Dublin-core metadata from <head> in template-sets
* ToolMan (js) not more used, thank's Tim Taylor for all this years together!
* Soft redesign of administration pages using responsive font-size and OS system fonts (IE 10+)
* Add a user preference to hide additional/secondary information
* Add actions on blog list, new sort order: blog status
* Update CKEditor to 4.6.1
* Open trackbacks with behaviors and add basic Webmention support
* Add First Publication mecanism and an option to auto-ping when fired
* Berlin theme is now based on Dotty template-set
* Move advanced and plugins blog’s prefs in two separate foldable sections
* Add legend and title insertion option for image insertion in entry
* Some notices and messages may be hidden
* Add urls attribute to CategoryIf template tag
* CSP: Move admin CSP admin/csp_report.txt to DC_VAR/csp/csp_report.json
* CSP: Violations are now stored only once in report if repeated
* a11y: Remove empty link (href=#) from admin
* Fix: Proxies may use standard HTTP(S) ports and SSL may now run through a proxy
* Fix: Prevents precondition failed during activated theme update
* 🐛 → Various bugs and typos fixed
* 🌼 → A lot of locales and cosmetic adjustments
* 🚽 → Housecleaning of no more used scripts, images, resources, IE 9- :-)
Dotclear 2.10.4 - 2016-11-02
===========================================================
* PostgreSQL < 9.1 fix
Dotclear 2.10.3 - 2016-11-01
===========================================================
* Security: Fix CVE-2016-7903: Password Reset Address Spoof — Thank's Hongkun Zeng for report
* Security: Fix CVE-2016-7902: Media Manager, unrestricted File Upload — Thank's Hongkun Zeng for report
* CSP: Cope with external sources used in editor's iframe to preview public external content
* Fix: Cope with post.post_position field during flat import
* Fix: Prevents precondition failed during currently activated theme update
* Fix: Remove unecessary header (cope by dotclear) in page plugin
* Fix: Let some proxies playing with standard http and https ports
* Fix: Let SSL runs through a proxy, it may be ok, sometimes
* 🐛 → Various bugs and typos fixed
Dotclear 2.10.2 - 2016-08-17
===========================================================
* Update fails with PostgreSQL db support → fixed
Dotclear 2.10.1 - 2016-08-15
===========================================================
* CSP (Content-Security-Policies) :
* Fix default directive for new installation
* Cope with media public URL for media manager
* Cope with blog public URL for post/page preview
* Codemirror lib is now packed as the other Javascript lib are
Dotclear 2.10 - 2016-08-13
===========================================================
* Security: Prevents .htaccess upload, thanks wiswat
* Security: Prevents download of a zip media folder outside root media folder, thanks wiswat
* Security: Prevents sort of SSRF/XSPA vulnerability in feed import, thanks wiswat
* Security: Prevents reflected XSS in meda manager, thanks Chen Ruiqi
* Security: Fix somes vulnerabilities in blogroll plugin, thanks Onur Yılmaz - Netsparker (https://www.netsparker.com)
* Fix mix-content preview
* Pure CSS3 sticky footer for admin pages (aka « footer de merde »)
* Add missing breadcrumb styles for blowup theme
* Currently logged super-admin may now change it's id wihtout loosing access at next login
* The favorites icons may now be hidden from dashboard in user preferences
* Number of posts/pages/comments are now displayed at top of lists, including quick filters depending on their status
* Search widget has now a placeholder option (HTML5 only)
* Add Apache 2.4+ directives in .htaccess
* New favorites media folders (displayed at the top of recent folder list) in media manager
* New pure HTML5 template set named dotty cloned from currywurst templateset
* Codemirror lib updated (2.35.0 → 5.15.2) and moved to core:
* 40+ Codemirror themes are available — set in user preferences
* Fullscreen mode has been added (F11 switching key)
* 3rd party plugins may now load and run it with dcPage::jsLoadCodeMirror() and dcPage::jsRunCodeMirror(), see themeEditor plugin for example
* New mark button for legacy editor (HTML5 only)
* New with_category attribute for tpl:Entries
* Add a /var directory:
* Set with DC_VAR constant in inc/config.php
* Admin URL of a var file should be retrieve with dcPage::getVF()
* Public URL of a var file should be retrieve with dcBlog::getVF()
* 3rd party plugins should create their own folder inside /var (aka DC_VAR) to keep it correctly organized
* Emails and web site have been added to the comments filters' list
* Some columns for posts and pages lists are now optional — set in user preferences
* Add Post URL sample in blog parameters
* CKEditor lib update (4.5.8 → 4.6.0)
* Wiki syntax: new ") <text>" mark to generate aside blocks
* CSP (Content Security Policies) have been implemented on admin pages:
* settings may be adjusted in system settings / about:config → system (see csp_admin… values)
* violation reports will be stored in admin/csp_report.txt (PHP 5.4+ only)
* new behaviour adminPageHTTPHeaderCSP may be used by 3rd party to adjust CSP directives
* New behaviour adminPageHTTPheaders
* New "Go Top" button displayed for long admin pages
* 🐛 → Various bugs and typos fixed
* 🌼 → Some locales and cosmetic adjustments
Dotclear 2.9.1 - 2016-03-27
===========================================================
* Security: Add shtml extension to default media exclusion extension control, thanks Nitin Venkatesh for report
* Changing theme is now allowed even with read-only theme folder
* Audio media are not more preloaded in media manager pages
* Array settings/prefs are stored with 'array' type rather than 'string'
* 🐛 → Various bug fixes
* 🌼 → Some cosmetic adjustments
Dotclear 2.9 - 2016-02-29
===========================================================
* Additionnal menu items are now lexically sorted (default items and favorites order will be preserved)
* Wiki syntax : Added ""marked text"" support (HTML5 only)
* Session TTL are now adjustable (set DC_SESSION_TTL in inc/config.php)
* Add behaviors for posts/pages/comments/users lists' columns → let 3rd party plugin playing with them
* Blog and user lists are now lexically sorted
* Some new filters have been added for post lists
* Add a search engine in media manager (looking in filename, title and description metadata)
* Add recent folders direct access mechanism for the media manager (setting in user prefs)
* Add a another display mode (list) to the media manager
* Details about currently selected thumbnail in media manager are now displayed
* Shortcut access to the upload file form is now displayed on top on media page
* Default insertion size (width and height) may now be defined for video media
* Flash player fallback insertion is now optional for audio and video media
* Modules may have dependencies on Dotclear core version too (using 'core' as module name)
* Avoid mixed content (http vs https) for post/page preview: will open preview in another window if necessary
* Finnish translation has been added
* Content-length header is not more sent in HTTP response (should fix very long delays on some servers)
* Template engine : add tpl:EntryAuthorEmailMD5 and tpl:EntryCategoryDescription tags
* A new pref/setting array type is now available (JSON encoded in db)
* Cope with sort of "un-attached" media → allows new features as "featured media" plugin
* CKEditor library updated from 4.5.1 to 4.5.8
* Update jQuery from 1.11.3 to 2.2.0, jQuery-migrate from 1.2.1 to 1.3.0, jQuery-ui-custom from 1.11.2 to 1.11.4
* Provide jQuery 2.2.0 for public use (themes/plugins) - 1.4.2 (default) and 1.11.3 still provided
* Some locales added or updated
* PHP 7 compliance, PHP 5.3 min
* Fix : Cope with "unknown" scheme in url (ie nor http: neither https: is defined in origin url)
* Fix : Let select another theme even if theme folder is read-only
* Fix : XML-RPC media uploaded are not more twice Base64 decoded
* And plenty of other 🐛 🔫, various 🌼 adjustments, and also lot of 🍻 drunk
Dotclear 2.8.2 - 2015-10-25
===========================================================
* Security fix : Fixed potential XSS on comments management page
* Security fix : Enforce media exclusion control
* Php 5.5 leaves NULL chars in unpack ==> add trim, fixed
* Media title (in standard mode) is now taken into account on upload
* Some 🐛 🔫
Dotclear 2.8.1 - 2015-09-23
===========================================================
* Fix admin pager parameters escaping - thanks Keiko Yashiki from JPCERT/CC for reporting this XSS
* Error on changing post author in entries' lists: fixed
* Cope with unknown URL scheme in X-Frame-Options
* One ot two of 🍻 drunk
Dotclear 2.8 - 2015-08-13
===========================================================
* New module dependencies system (plugins)
* Theme editor: Cope with css theme sub-folder
* extension/heritage system applied to mustek templateset
* installation wizard now allows SQLite engine
* Legacy editor toolbar may now be displayed below textarea
* Breadcrumb plugin added to the distribution, included in mustek/currywurst templatesets
* Allow a fifth parameter (optional) for image to insert a legend using figure/figcaption tags (wiki)
* XHTML validator removed from legacy editor
* Update jQuery from 1.11.2 to 1.11.3
* Add a blog parameter to disable internal search
* Add some sort orders and filters criteria for posts and comments
* Update CKEditor from 4.4.8 to 4.5.2
* Add IP and antispam filter columns when displaying spams
* Add actions to directly blacklist IP from comments list
* Lexical sort order for tags and widgets
* Use HTML5 audio tag for MP3 attachments
* Bye the 🐈, welcome the 🐸
* Lot of 🐛 🔫
* Various 🌼 adjustments
* Full of 🍻 drunk
Dotclear 2.7.4 - 2015-02-13
===========================================================
* Berlin theme: resources usage has been optimized
* currywurst templateset: head-linkrel block name fixed
* Current editor syntax: now displayed near edited field (post/page/quick entry)
* Some admin URLs were malformed: fixed
* Post/page preview: anti-clickjacking system fixed
* The cat is valid now
Dotclear 2.7.3 - 2015-01-13
===========================================================
* Restore advanced edition of category description (as in 2.6)
* Various bug fixes
* Some cosmetic adjustments
Dotclear 2.7.2 - 2014-12-25
===========================================================
* Dotclear wiki could not be used by standard user: fixed
Dotclear 2.7.1 - 2014-12-25
===========================================================
* Various bug fixes
* Some cosmetic adjustments
Dotclear 2.7 - 2014-12-13
===========================================================
* Security : protection against clickjacking may be activated (see blog parameters)
* Switch to HTML5 : backend, templatesets and themes
* ARIA roles in da place (a11y)
* Multiple templatesets : mustek (legacy) and currywurst
* Themes may use extension/heritage template mechanisms
* New theme (Berlin) based on currywurst templateset
* New WYSIWYG editor (CKEditor)
* Dotclear Wiki now produces HTML5 compatible markup
* Video and audio HTML5 tags are now used (with fallback to flash if possible)
* Copying default theme to user-defined theme folder is not more necessary
* Preview of comment may be optional (see blog parameters)
* Widgets may be put offline without deleting them
* jQuery version may be choosen between 1.4.2 (default) and 1.11.1 (see blog parameters)
* Number of posts listed on home page may be different than other pages (see blog parameters)
* Hidden folders are now hidden in media manager (set DC_SHOW_HIDDEN_DIRS to true in config.php to display them)
* User-defined template files may be reset (deleted) in theme editor
* Drag'n'drop now enabled on touch screens
* Alternative syntax may be set for comments by third-party plugins
* A lot of bug fixes
* Much more cosmetic adjustements and enhancements
Dotclear 2.6.4 - 2014-08-18
===========================================================
* Security fix: Sanitize search request. Thanks to Takayuki Uchiyama
* Security fix: Strenghened xmlrpc (see http://www.breaksec.com/?p=6362)
Dotclear 2.6.3 - 2014-05-16
===========================================================
* Security fix: Strengthened xmlrpc auth. Thanks to Egidio Romano
* Security fix: Strengthened categories ordering. Thanks to Egidio Romano
Dotclear 2.6.2 - 2014-01-20
===========================================================
* Security fix: Fixed potential code injection on password protected post/page. Thanks to Charlie Briggs
* Bugfix: cope with numeric module (plugin/theme) id
* Bugfix: Bad SQL syntax when using SQLite
* Bugfix: BlogParentThemeURL template value is back
* Various bug fixes
Dotclear 2.6.1 - 2013-11-22
===========================================================
* Bugfix: trackbacks/pingbacks post URL
* Bugfix: short/full list of tags (post edition)
* Bugfix: Toolbar not drawn on new comment form (administration)
* Various bug fixes
* Some cosmetic adjustments
Dotclear 2.6 - 2013-11-13
===========================================================
* Various bug fixes
* Various cosmetic adjustments
Dotclear 2.6-RC - 2013-10-18
===========================================================
* PHP 5.2 required
* jQuery upgraded to 1.10.2 (including jQuery migrate plugin 1.2.1)
* mySQLi support (now proposed by default rather than mySQL)
* Administration revamped, relooked, redesigned, new icons, new ergonomic's behaviours
* Administration is now responsive (easier to cope with it on small devices)
* Administration menu re-organized
* a11y (accessibility) everywhere, with and whithout Js
* Success, notice and warning messages have been harmonized
* daInstaller has been dispatched in core (in plugins and blog themes management)
* Global help is now available, contextual help is available on every page
* Media manager enhanced
* Maintenance plugin revamped and enhanced (now includes export features)
* Categories management enhanced
* Plugins and themes management revamped
* New “Plumetis” variation for Blowup theme
* Jasmine is now used for unit testing of js components
* A lot of bug fixes
* A lot of cosmetics adjustments
* A lot of enhancements
Dotclear 2.5.3 - 2013-09-13
===========================================================
* Bugfix: l10n Clearbricks library
* Bugfix: post's comments and trackbacks counters
* Check public and cache directories (existence and permissions)
* Avoid Categorie's identical URL as far as possible
* Cope with alpha layers in PNG images for thumbnails generation
* Add password strength indicators
* Fix permission form (checkboxes management)
* Better management of antispam filters
* Minor enhancements
* Various bug fixes
* Various cosmetic adjustments
Dotclear 2.5.2 - 2013-08-14
===========================================================
* Security fix: Fixed potential XSS
* Bugfix: l10n Clearbricks library
* <tpl:LoopPosition> now works <tpl:Attachments>
* Dotclear update check may now be forced (ignoring cache)
* Enforce integration of daInstaller plugin
* Tags link button is now available on page editor
* Default cache age is now 1 week instead of 2 hours
* Quick entry dashboard module is not activated by default on new installation
* New template {{tpl:BlogParentThemeURL}} (return URL of parent theme of blog's theme if any, URL of blog's theme otherwise)
* Fix post comments number on comments deletion
* Fix order of backup files
* Minor enhancements
* Various bug fixes
* Various cosmetic adjustments
Dotclear 2.5.1 - 2013-07-20
===========================================================
* Security fix: Replacement of swfupload.swf by a jQuery plugin
* Security enhancement: Strenghened lists display
* Thumbnails quality improved
* Minor enhancements
* Various bug fixes
* Various cosmetic adjustments
Dotclear 2.5.0 - 2013-03-12
===========================================================
* Security fix: XSS vulnerabilities in swfupload.swf (media enhanced uploader)