CVS commit: wip/serendipity

["Tonnerre" <tonnerre%users.sourceforge.net@localhost>]

Module name:    wip
Committed by:   tonnerre
Date:           Fri Jul 26 00:30:13 UTC 2013

Modified Files:
        wip/serendipity: Makefile PLIST distinfo

Log Message:
Update Serendipity to version 1.6.2, which is the last 1.6 version.

Changes since version 1.5.3:
 * Fix XSS in backend, thanks to High-Tech Bridge SA #HTB22595
 * Fix PHP 5.3.2 parse error in a file, thanks to fyremoon
 * Fix SQL query statement for deleting a category, which on some
   DB types (SQlite) might not return "true" and thus not really
   delete the category.
 * Include license output in plugin listing
 * Fix escaping when using ImageMagick to create PDF-thumbnail images
 * Add new template variable to feed*.tpl files to support new
   plugins like pubsubhubbub, so that plugins can embed data to the
   main XML element
 * Due to security issues in the bundled Xinha WYSIWYG,
   disabled the PHP-based plugins (which are not utilized by
   serendipity unless manually enabled), until a proper security
   fix is available
 * Fix XSS issue in karma-plugin admin interface and media manager
   interface, by Stefan Schurtz
 * Fix problem with autosave plugin used in conjunction with
   entryproperties
 * Removed browsercompatibility plugin due to its outdatedness. IE6
   is dead.
 * Fixed Spartauc SF.Net download location (Thanks to christian_boltz)
 * Added new event hook 'backend_loginfail' to track failed logins
   (serendipity_event_externalauth can make use of it for fail2ban)
 * Fixed a bug in synchronizing new files with the same basename
   but different extensions, where files with the same mimetype
   would not get added (garvinhicking)
 * Show subscription status of comments in frontend and backend
 * Added ability to report spam/ham to akismet (Black Warthog)
 * Added localization for {$WEBLOG} in trackbacks.tpl (LazyBadger)
 * Added "Options -MultiViews" to .htaccess to prevent IE9 trouble
 * Karma plugin: Added option to only track votings when users are
   logged in.
 * Bugfix: Adjust /admin permalink detection so that it does not listen
   on /adminbook for example. Thanks to Lux!
 * serendipity_event_mailer now also allows to use commas instead of
   spaces to seperate multiple mails. Use distinct email adresses
   (Thanks to evanslee)
 * Added new rewrite option for 1&1 specific servers, because a
   combined htaccess for both variants could not be find. The reason
   is the MultiViews option in certain apache configs.
 * Fix PDO::SQLite to properly fetch the requested row type
   (assoc/both/num), important for staticpage plugin
 * TPL fixes for upcoming Smarty3, thanks to timbalu
 * Experimental: Config-Groups for template and plugin options,
   currently mimics fold in/out of global configuration.
   Usage through "config_groups", examples are in config.inc.php of
   bulletproof and spamblock plugin. Needs documentation.
   (garvinhicking)
 * Added new parameter "empty" to {serendipity_showPlugin}. When
   no callable plugins were found, the string in the "empty" parameter
   will be shown instead, allowing users to get notified of a missing
   plugin
 * Bundle jquery by default and enable it in frontend and backend
   templates; overrides serendipity_event_jquery. If your template
   contains its own "jquery.js" file, the core will NOT use it.
 * Include API logic to allow the core to utilize event hooks with
   internal function calls (used for jquery output, for example)
 * Allow to moderate multiple selected comments
 * Allow to pass 'template' variable to serendipity_showPlugin
 * Make CSS permalink pattern compatible to 1&1 servers,
   thanks to lfrantzen
 * PDO-SQLite patches by nth
 * Fix newline before <?xml tag, thanks to deedw
 * Only do '*' parameter expansion on the first page of search
   results: http://board.s9y.org/viewtopic.php?f=10&t=14810
 * RSS feed timestamp properly calculates offset
 * (experimental) global theme options
   Inside template's config.inc.php you can enable a global
   navigation configuration feature
 * Implemented suggestion of removing boilerplate code in plugin API:
   Change hack protection, introduce unified language loading, see
   http://board.s9y.org/viewtopic.php?f=11&t=16921
   Thanks to mt2!
 * Fix karma rating plugin missing the text translation for a
   specific point area
 * Recent entry properties now recognizes multilingual titles
 * Include referrer in comment notification email
 * Added new 'fulltext' search option to sidebar plugin
 * Truncate suppressed referrer's query string to 255 characters
 * Fix "viewAuthor" URL detection routine if the path name of a
   domain begins with a number
 * Fix SQLite substring search to use % instead of * for secondary
   matches
 * Recent entries plugin can now fetch the associated categoryid,
   when a single entry is displayed
 * Stricter check for sqlite3 extension, only functional interface
   instead of OOP currently supported
 * Experimental: When sending quoted-printable notification mails,
   auto-split after 75 characters.
 * To support custom PHP sessions, s9y will only issue session_start,
   if no session exists yet
 * Use "Longtext" instead of "text" for new installations on blog entry
   body and extended body inside database tables.
 * Added ability to mark authorgroups as "hidden", so that members
   of such groups are excluded from common author listings.
 * Added option for SMF importer to also import tags
 * Added experimental global variable $i18n_filename_utf8 that can
   be set in a serendipity_config_local.inc.php or language include
   file, which will return Unicode-Permalinks
 * Added event hook backend_sendcomment for sending comments and
   being able to chang via plugin API
 * Improved escaping of backend plugin management for DB query
   and media selector output
 * Updated spamblock plugin to 1.78 & 1.79
   changed wordfilter to function to check with 'verify_once'
   to reject wordfilter signed spam comments before -
       added in 1.79 killswitch check and serendipity_db_bool()
 * fixed draft & future entries preview link in backend
 * Fixed some possible errors with pdo db_begin/end_transaction()
 * Fixed unneccessary preg_match notices in the statistics backend
 * Fixed a possible problem where template-specific variables would
   note be cleared in favor of the new global ones.
 * Fixed serendipity_fetchComments producing wrong SQL code. Please
   check your code if you did workarounds already and remove them.
 * Fix SQL injection for comment.php used in read-context.


To generate a diff of this commit:
cvs -z3 rdiff -u -r1.1.1.1 -r1.2 wip/serendipity/PLIST \
    wip/serendipity/distinfo
cvs -z3 rdiff -u -r1.2 -r1.3 wip/serendipity/Makefile

To view a diff of this commit:
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/serendipity/PLIST?r1=1.1.1.1&r2=1.2
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/serendipity/distinfo?r1=1.1.1.1&r2=1.2
http://pkgsrc-wip.cvs.sourceforge.net/pkgsrc-wip/wip/serendipity/Makefile?r1=1.2&r2=1.3

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
pkgsrc-wip-cvs mailing list
pkgsrc-wip-cvs%lists.sourceforge.net@localhost
https://lists.sourceforge.net/lists/listinfo/pkgsrc-wip-cvs