============================
2006/01/22: Version 2.2.4
============================
- Security fix: sanitizing $xoopsConfig["language"]: multiple files (phppp) 
- Fixed reference-related issue, partially: multiple files (phppp) 
- Fixed aged HTML tag errors: multiple files (phppp)(*)
- Fixed bug that not check verification password for user registration: ROOT/modules/profile/register.php (phppp/tester)
- Fixed Bug #1340925 - Mailing a selection doesn't work correctly (Mithrandir/pinchecl)
- Fixed Bug #1346904 - XMT theme - 404 message (Mithrandir/Peter777)
- Fixed profile field treatement error to allow XOBJ_DTYPE_URL clickable: ROOT/kernel/profilefield.php (phppp)
- Reduced file size for cached profile field data: ROOT/kernel/profilefield.php, profile.php (phppp) 
- Added missing time offset for calculating time: ROOT/language/english/local.php (phppp) 
- Changed rss time to take into account time zone: ROOT/language/english/local.php (phppp)
- Fixed bug that a user could read any message via message ID: ROOT/modules/pm/readmsg.php (phppp) 
- Fixed url error: ROOT/modules/pm/templates/pm_viewmsg.html (phppp) 
- Fixed bug that webmaster could not access inactive user info: ROOT/modules/profile/userinfo.php (phppp) 
- Fixed bug that user could not change email: ROOT/modules/profile/edituser.php (phppp) 
- Fixed bug that profile field value type couldn't be changed: ROOT/modules/profile/include/forms.php (phppp)
- Added rights for admin in user account check:  ROOT/modules/profile/include/functions.php (phppp)
- Changed sort for user from name to uname:  ROOT/modules/system/admin/groups/groups.php (phppp)
- Fixed bug for censor word update:  ROOT/modules/system/admin/preferences/main.php (phppp)
- Fixed bug for template paths:  ROOT/modules/system/admin/tplsets/main.php (phppp/wenmingpig)
- Added user profile default values update on system module update:  ROOT/modules/system/include/update.php (phppp)
- Changed CSS for font color for user name and text in footer:  theme default (phppp/Steven)
- Fixed url bug:  ROOT/modules/system/admin/templates/system_imagemanager2.html (phppp)
- Added single quote sanitizing: ROOT/pda.php (phppp)(*)
- Added charset setting: ROOT/header.php (phppp)
- Added URL sanitizing: ROOT/search.php (phppp)(*)
- Fixed error messages: ROOT/lostpass.php (phppp)
- Fixed user login redirect error: ROOT/user.php (phppp, reported by Anne)
- Forced disabling gzip_compression: ROOT/class/theme.php (phppp)
- Added sanitizing for meta footer: ROOT/class/theme.php (phppp)
- Added $xoopsModule check: ROOT/class/theme.php (phppp)
- Changed/Rolledback(partially) "makeclicable",changed censor string process : ROOT/class/module.textsanitizer.php (phppp)
- PHP 5 compatibility: ROOT/class/xml/saxparser.php (phppp)(*)
- Added meta data sanitizing in header: ROOT/include/functions.php (phppp)(*)
- Fixed typo for redirect time, added missing trimmaker for substr, changed userealname to false: ROOT/include/functions.php (phppp)(*)
(*): from XoopsCube

============================
2005/10/30: Version 2.2.3 Final
============================
- SECURITY: Fix to prevent mail headers injection (Skalpa/XOOPS Cube)
- SECURITY: Fix to prevent endless loop in PHPMailer (Skalpa/Minahito)
- SECURITY: Fix to prevent XSS in the textsanitizer (Skalpa/XOOPS Cube)
- SECURITY: Fix to prevent XSS in newbb and the comments system (Skalpa/Keigo Yamazaki of Little eArth Corporation Co., Ltd.)
- SECURITY: Vaporfix to prevent uploading of invalid images (Skalpa/XOOPS Cube)

- Added fallback in Authfactory to use XOOPS auth in case of the selected method's class file is inaccessible (phppp)
- Changed quoteString() to put ' on all non-integers instead of just all strings (Mithrandir)
- Changed XTheme::display() to use caching correctly and set page title and module header from $xoopsOption (phppp)
- Fixed typo in XTheme::addCSS where <script> was used instead of <style> (phppp)
- Added explanatory comments in XTheme::loadTheme and fixed $xoopsRequestUri to the correct $_SERVER['REQUEST_URI'] (phppp)
- Added missing global declaration of $xoopsLogger in XTheme::checkCache() (phppp)
- Fixed typos in class/xml/xmlatomparser.php and modules/profile/search.php (phppp/ymbo @ Xoops China)
- Added patch #1267386 - Group perm form improvement (phppp/zollou)
- Added {LOGINNAME} to mailer string-replace routine (Mithrandir)
- Fixed bug #1285967 - bug with http://IP:PORT/ configured sites, XoopsSecurity::checkReferer now takes the port into consideration (phppp)
- Added global declaration of $xoopsTpl in footer.php (phppp)
- Changed include/checklogin.php to disallow everyone with a level below 1 instead of equalling zero (disabled users have level -1) (Mithrandir)
- Cosmetic changes in xoops_confirm() function in include/functions.php (phppp)
- Fixed bug/typo in include/functions.php function xoops_array_diff_assoc() (phppp)
- Fixed bug in system installation where login, main menu and user menu blocks were not created correctly (Mithrandir)
- Added pre-selected modules for the step of module selection and language files for the step of module installation (phppp)
- Block bid assignment added so both block and instance has the right value for bid in XoopsBlockInstanceHandler::getLinkedObjects() (phppp)
- Modified kernel/module.php regexp for page detection in getCurrentPage() (phppp)
- Changed order of error messages in module installation (phppp)
- Fixed bug in kernel/module.php where config unused options would not be removed if a config has no options any more (phppp)
- Fixed bug in kernel/object.php where whereclause is wrongly generated for multiple keyname (phppp)
- Fixed missing language definition for profile edit by adding multi-languge processing for profile fields in kernel/profilefield.php (phppp)
- Added missing process for forcing update profile data in kernel/profilefield.php "function loadFields" (phppp)
- Changed custom time computation in XoopsLocal class language/english/local.php (phppp)
- Fixed lostpass.php to properly set new password when clicking on e-mailed link (Mithrandir)
- Fixed bug #1276917 - 2.2.3: Edit User won't save Group change
- Fixed bug #1262813 - Add User, some fields are reset when error occur (Mithrandir/marook)
- Added password length check in modules/profile/register.php (phppp/Aries)
- Modified error message rendering in modules/profile/register.php (phppp)
- Fixed bug #1250347 - search in profiles doesnt work properly (Mithrandir/irmtfan)
- Fixed bug #1247398 - Error in modules/profile/search.php (Mithrandir/edomch)
- Added button to change password in user profile (phppp)
- Fixed bug in system/admin/banners/main.php where it was impossible to edit banner clients (Mithrandir/Peekay)
- Fixed bug #1253289 - Can't make blocks invisible (Mithrandir/barrycooper)
- Added safety in blocks administration for blocks that come from modules that no longer exist (database inconsistency) (Mithrandir)
- Added safety in template administration for templates that come from modules that no longer exist (database inconsistency) (Mithrandir)
- XHTML Fix in XMT theme (phppp)
- Added overflow treatment for xoopsCode/xoopsQuote (phppp)
- Added update procedure to System module update, where blocks and templates without corresponding modules will be removed (Mithrandir)
- Fixed deprecated variable ("name" => "uname") in system/blocks/system_blocks.php function b_system_info_show() (phppp)
- Added Patch #1281295 - wrong error_reporting in smilies administration (phppp/birdseed)
- Fixed bug in system/admin/modulesadmin/modulesadmin.php where configuration categories were not removed on module uninstallation (Mithrandir)
- Fixed bug in system/admin/modulesadmin/modulesadmin.php where block templates could remain in the database after module uninstall (Mithrandir)
- Interface improvements in module installation (phppp)
- Changed XoopsFormSelectUser constructor signature to follow convention from XOOPS 2.0.x (Mithrandir)
- Moved hidden fields from bottom of <form> tag to the top in XoopsThemeForm::render() for backwards compatibility and XHTML compliance (Mithrandir)
- Changed XOOPS_URL detection and checking during installation to require an absolute URI and not a relative one (Mithrandir)
- Fixed the mysql class quoteString() so it unconditionnally quotes the parameter again (back to 2.0.x behavior) (Skalpa)
- Fixed handling of array vars in XPOH insert and insertAll (Skalpa)
- Fixed bad references use in XoopsObject and XOPH classes (Skalpa)
- Fixed bad references use in sanitizer (Skalpa)
- Fixed bad references use in installer sanitizer (Skalpa)
- Fixed user search in Extended Profile module, when searching for values in select and radio type fields (Mithrandir/miscellone)
- Fixed Bug #1294569 - Magic Quote Issue when registering users, additional slashes were added (Mithrandir/Monique)
- Fixed bug where profiles would not be deleted on user deletion (Mithrandir)
- Added routine to System Module update to set default values for comments, timezone and theme fields to system values (phppp)
- Fixed Bug #1298674 - Block caching isn't running (Mithrandir/mcleines)
- Fixed Bug #1303864 - Delete user account frontside(Mithrandir/MarcoFr)
- Fixed Bug #1303810 - Main admin account deletion control 2.2.3RC2 (Mithrandir/MarcoFr)
- Fixed Bug #1262806 - 2.2.x: Default TZ is not used in Add User (Mithrandir/Marook)
- Fixed Bug #1306176 - 2.2.3RC2 - User update fails (Mithrandir/rlinfoot)
- Changed module installation and update routine so it now halts, when xoops_module_pre_xxx function fails (Mithrandir)
- Fixed security problem in Koivi editor (phppp/Marijuana)

============================
2005/08/12: Version 2.2.2
============================
- SECURITY: Fixed several path disclosure issues (Mithrandir/ajaxbr+Dave_l)
- Fixed bug #1253433 - Outbox to-link wrong (Mithrandir/Dave_l)
- Fixed bug #1256352 - insertConfigCategories (Mithrandir/Pnooka)
- Fixed bug #1255004 - malformed uri in class/theme.php (Mithrandir/Frankblack)
- Fixed bug #1252898 - SMTP, SMTPAuth Fsockopen error (Mithrandir/fatalsaint)
- Fixed wrong call to loginUser() with uname instead of loginname (Mithrandir/ef11cornell)
- Fixed bug #1249880 - Change Email function can't be disabled (Mithrandir/Dave_l)
- Added "font styles" to language files in xoopseditor/koivi (phppp)
- Added empty $text check for encoding conversion in languages/english/local.php  (phppp)
- Removed language files other than English (phppp)

============================
2005/08/08: Version 2.2.1
============================
- Manually applied the PHPMailer 1.73 SMTP fix to prevent potential issues (skalpa)
- Fixed a bug in the installer that could prevent mainfile.php to be created correctly on PHP5 (skalpa)
- Moved module-admin item to the top of the admin menu (phppp)
- Fixed a typo for constant variable check in error.php (phppp)
- Commented out the "showrblock" from functions.php (phppp)
- Added error message for user not found in auth service (phppp)
- Corrected Header set Charset in installer (phppp)
- Moved auth language defination to its right place (phppp)
- Fixed typo in XoopsLogger->addblock (phppp)
- Minor fix on reference usage in textsanitizer (phppp)
- Changed default config for use-realname to false (phppp)
- Fixed loginUserMd5() typo in member handler (phppp)
- Changed reference to make it work when calling another module's install on a module's update  (phppp)
- Rolled back system-info block (phppp)
- Dix for icon url in comment block (phppp)
- Add new PM prompt to user-menu block (phppp)
- Changed user name (which is not always available and not much infomative) to user uname in userselect (phppp)
- Added install function for inserting PM link to existing users' profile (phppp)
- Ensure to use username and not real name in PM composer (phppp)
- PM module: Bugfix for setting message as "read" (phppp)
- PM module: Bugfix for icon url (phppp)
- Fix to display profile items with value only in userinfo page (phppp)
- Fix where language file was not included in profile activation page (phppp)
- Fix for error message in changemail (phppp)
- Fixed problems with Admin right in edituser.php (phppp)
- Added possibility for admin to change users email (phppp)

============================
2005/07/27: Version 2.2
============================

???

============================
2005/07/21: Version 2.2 RC2
============================
- Fixed registration issues with dynamic user profile fields (Mithrandir)
- Added login name property for a user, so login name and displayed username is now (potentially) differerent (Mithrandir)
- Refinements in PM module (phppp)
- Refinements in Profile module (Mithrandir)
- Refinements in XoopsForm classes (phppp)
- Fixed bug where comments would not show if the user had no settings for mode and order (Mithrandir/Rowdie)
- Fixed bug in LDAP authentication where configuration values were not fetched correctly (Mithrandir)

Language constant changes:
- _PROFILE_MA_REALNAME added to modules/profile/language/english/main.php
- _PM_RUSUREEMPTY and _PM_RUSUREDELETE added to modules/pm/language/english/main.php
- _INSTALL_L37 and _INSTALL_L167 added to install/language/english/install.php
- {X_UNAME} changed to {LOGINNAME} in language/english/mail_template/lostpass2.tpl
============================
2005/07/14: Version 2.2 RC
============================
- Fixed security hole in XML-RPC for both magic_quotes_gpc on and off (Mithrandir/James@Gulftech, Onokazu)
- Fixed sanitation in Criteria class for both magic_quotes_gpc on and off (Mithrandir/Onokazu)
- Fixed sanitation bug in include/checklogin.php (Mithrandir)
- Fixed bug in comments, where editing a comment would post a new one
- Removed PHP parsing in Saxparser's handleProcessingInstruction() method (Thanks to GIJOE)
- Fixed parse error in modules/newbb/post.php
- Fixed sanitation bug in include/comment_form.php and include/comment_post.php (Mithrandir/James@Gulftech)
- Fixed sanitation bug in class/xml/rpc/xmlrpcapi.php and class/criteria.php (Mithrandir/James@Gulftech/XOOPS JP)
- Changed admin.php to fetch news from xoops.org via Snoopy (Mithrandir/XOOPS JP)
- Fixed possible XSS hole in redirect_header (Mithrandir/XOOPS JP)
- Security fixes in pda.php and misc.php (Mithrandir/XOOPS JP)
- Fixed typos in kernel/object.php (Mithrandir/brandycoke)
- Fixed bug where lostpass.php would not accept emails and send new password (Ackbarr)
- Fixed bug where search result links would be wrong if the item was in another module than the searched one (Ackbarr)
- Fixed bug in groups admin where it was impossible to add users to a group if the site had 200+ users (Ackbarr)
- Fixed bug with uploading smilies (Ackbarr)

Other Additions:
- PM Module functionality expanded (phppp)

============================
2005/05/21: Version 2.1.1
============================
- Fixed bug #970474 - class/zipdownloader.php (Mithrandir/AC-Ibu)
- Fixed bug #1087786 - Can't assign to $this in PHP5 (Mithrandir)
- Fixed bug #1156510 - Typo Fixes in XoopsObject (Mithrandir/NS Tai, Brandycoke)
- Fixed bug #962025 - Word Censoring Options (Mithrandir/Tom Hayakawa)
- Fixed bug #1168850 - activateUser method is not used in admin panel (Mithrandir/Andrey)
- Fixed bug #1167596 - Hardcoded texts in XoopsObject (Mithrandir/hthouzard)
- Fixed bug #1166354 - image.php - undefined constant (Mithrandir/dave_l)
- Fixed bug #1164226 - improvement in function xoops_refcheck (Mithrandir/sudhaker)
- Fixed bug #1163599 - Big sessions error (Mithrandir)
- Fixed bug #1162290 - The xoops_config (config_id field) reaches its max (Mithrandir)
- Fixed bug #1151930 - index.php - use "require" instead of "include" (Mithrandir/dave_l)
- Fixed bug #1144690 - XoopsFormHidden does not conform HTML rule (Mithrandir/suin)
- Fixed bug #1122854 - cannot be set up version 2.05 of module (Mithrandir/ohwada)
- Fixed bug #1122253 - show notice message when post comment (Mithrandir/ohwada)
- Fixed bug #1120729 - xoops_footer not in default theme (Mithrandir/dave_l)
- Fixed bug #1118908 - 1 html-bug in xoopscodes.php (Mithrandir/frankblack)
- Fixed bug #1098445 - problem with clickable links (dave_l/hthouzard)
- Fixed bug #1083928 - XoopsErrorHandler_HandleError - regex usage (Mithrandir/dave_l)
- Fixed bug #1082042 - Error in parsing date in calendar.js (Mithrandir/puff_daweed)
- Fixed bug #1059216 - gzip compression & php debugging Conflict  (Mithrandir/Liquid, WF)
- Fixed bug #1054221 - xoops_module_header can not be cached (Mithrandir/phppp)
- Fixed bug #1020494 - Uninformative error message if admin passwords differ (Mithrandir)
- Fixed bug #1014438 - Admin popup menu when mouse over (Mithrandir)
- Fixed bug #1014408 - XoopsGroupPermForm forms req. sys admin rights to use (Mithrandir/jegelstaff)
- Fixed bug #1011296 - include/checklogin.php calculates a wrong url (Mithrandir/puntoexe)
- Fixed bug #980100 - Variable substitution in db password  (dave_l/dcinege)
- Fixed bug #973918 - showImgSelected - Proposed change (Mithrandir)
- Fixed bug #972552 - stopping install without error message (PHP without mysql) (Mithrandir/snagai)
- Fixed bug #894799 - [fix] No JS validation of required fields in PM (Mithrandir/masi)
- Fixed bug - Don't show preferences link to users without permission (Mithrandir)
- Fixed bug #1174230 - wrong formatTimestamp() syntax in formtextdateselect.php (Mithrandir/ZPC)
- Fixed bug #967076 - xoops_version and templates! (Mithrandir/w4z004)
- Fixed bug #1174626 - phpkaox style sheet (Mithrandir/wardick)
- Fixed bug #1196034 - getSmileys (Mithrandir/phppp)

- Added patch #1162913 - xoops_getLinkedUnameFromId (Mithrandir/hthouzard)
- Added patch #1124749 - Module cache and one-column full-screen display (Mithrandir/phppp)
- Added patch #1105492 - CSS for backend.php (system_rss.html) (Mithrandir/ajaksu2)
- Added patch #1099086 - who's online popup (Mithrandir/banned)
- Added patch #1096514 - Activation of new user (Mithrandir/gibaphp)
- Added patch #1090132 - functions.php, redirect_header (Mithrandir/banned)
- Added patch #1065669 - Slight enhancement to XoopsPageNav::renderImageNav() (Mithrandir)
- Added patch #1052866 - language detection in install.php (Mithrandir/phppp)
- Added patch #989376 - Use REQUEST_URI instead of PHP_SELF generally (Mithrandir/mrmx)
- Added patch #944710 - Extra Cookie for the newbb (Mithrandir/Predator)
- Added patch #912823 - Saving one query per request (Mithrandir/sudhaker)
- Added patch #963071 - Random password generator (Mithrandir/dave_l)
- Added patch #1056514 - SQL Generation Time (Mithrandir/bd_csms)
- Added patch #920059 - XOOPS reports why people can't login (Mithrandir/Herko)
- Added patch #1181607 - Update jsCalendar to 1.0 (Mithrandir/reddshack)
- Added patch #1181328 - Getting rid of negative information on search results page (Mithrandir/frankblack)
- Added patch #1077123 - Make YYYY-mm-dd default for dateboxes when no date passed (Mithrandir/jegelstaff)
- Added patch #1194690 - Show all required fields in every forms (Mithrandir/hthouzard)
- Added patch #919353 - Permanent selectable theme (Mithrandir/frankblack)
- Added patch #1019464 - Extended renderldap function in class criteria (Mithrandir/pemen)

Other fixes:
- Search block now defaults to searching in current module (Mithrandir)
- XoopsPersistableObjectHandler added, making it much easier making database access classes (Mithrandir)
- Fixed rare case, where search results that gave full path would have XOOPS_URL."/modules/dirname" prepended - Only relevant for modules that search other modules (Mithrandir)

Additions:
- Dynamic User Profiles (Mithrandir/Ackbarr)
- Administration area themeable + new theme (Ralf57)
- Error page when referer is blocked and the user attempts to change content in the database (Mithrandir)
- Configuration categories - modules can now categorise their configuration items (Mithrandir/Malanciault)
- XoopsUser::uname is now used solely for login purposes, real name is used for display on screen (Mithrandir)
- PM functionality moved into a module instead of in the core (Mithrandir/Wanikoo)


============================
2005/04/23: Version 2.0.10
============================
- Fixed typo in newbb/post.php

============================
2005/04/03: Version 2.0.10 RC
============================
- Implemented new token system for validating form origination and increased protection against CSRF (Mithrandir/Onokazu)
- Security fix to avoid the usage of fopen and unlink when previewing (Onokazu)
- Fixed bug - Missing </a> in news/templates/blocks/news_block_bigstory.html (Mithrandir/blacKurd)
- Fixed bug in header.php ?assign $xoops_lblocks (Mithrandir/phppp)
- Fixed bug #1087786 Can"t assign to $this in PHP5 (Mithrandir)
- Included 2.0.9.3 fixes in 2.0.10 patch for easy upgrade from 2.0.9.2 (Mithrandir/rowd)
- Fixed bug #1157029 - Bug in include/checklogin.php (Onokazu/sudhaker)
- Fixed bug #1060061 - renderValidationJS showing htmlentities instead of intended characters (Onokazu/theCat)

2005/03/20: Version 2.0.9.3
===============================
- Security fix to prevent uploading of executable files (pokleyzz, GIJOE and the JP XOOPS community)

2004/12/30: Version 2.0.9.2
===============================
- Security fix to prevent session hijacking (thanks goes to GIJOE and the JP XOOPS community)
- Fixed duplicated blocks bug on module update
- phpmailer back to the version included in 2.0.7.3, as it is more stable (onokazu)


2004/12/25: Version 2.0.9
===============================
- Security fix in the newbb module for PHP version < 4.3.10 (GIJOE & onokazu)
- Security fix in the newbb module to prevent XSS attacks (minahito)
- Fixed various problems related to XoopsUser::isAdmin() and $xoops_isadmin patch in 2.0.7.1 (bugs #1014203/#1014403) (onokazu)
- Fixed incorrect parameters being passed to CriteriaCompo in modulesadmin.php (onokazu)
- Fixed incorrect parameters being passed to XoopsXmlRpcStruct::add() in BloggerApi::getUserInfo() (onokazu)
- Fixed Bug #1023022 - XoopsFormDhtmlTextArea and array_push() error (Mithrandir)
- Fixed Bug #1013989 - Inbox title shoud be plural "Private Messages" (Mithrandir)
- Fixed Bug #1004998 - readpmsg.php typo:</th> html tag of subject is nothing (Mithrandir)
- Fixed Bug #1035707 - Enable array type options in blocks (Mithrandir)
- Fixed a typo in include/comment_form.php, patch #1041993 (Dave_l)
- Fixed Bug #1044957 - xoopsmultimailer.php Username typo when SMTP-Auth (Mithrandir)
- Fixed RFE #900348 - Sort user list alphabetically in System -> Groups. Also changed the way it fetches the users in the group so it fetches all of them with 2 queries instead of 1 + (1 per user in the group) (Mithrandir
)
- Added patch #1048384 - mysql_field_name and others, added (Mithrandir)
- Fixed bug #1049017 - Blocks sharing a template are cached wrong (Mithrandir)
- Added patch #1048382 - Module onUpdate function (Mithrandir)
- Fixed bug #989462 - Handler object caching not working (Mithrandir)
- Added RFE #900345 - View/Edit group membership in Admin -> System -> Edit User (Mithrandir)
- Fixed Bug #1055901 - group.php(IN phrase is used ,query) (Mithrandir)
- Fixed bug #1052403 - block update in module update (Mithrandir)
- More fixes for register_globals off in the top 10 page of mylinks/mydownloads modules
- Fixed a typo in modules/xoopsheadline/admin/index.php (onokazu)
- Fixed bug where 2 headline forms were using the same form name/id, causing JS error (onokazu)
- Fixed some html problems in mylinks/mydownloads admin page (onokazu)
- Secured mainfile.dist.php from disclosing paths (Mithrandir)
- Fixed bug #1073029 (onokazu)
- Fixed bug #1073532 (onokazu)
- Fixed bug #1080791 (onokazu)
- Fixed lang phrase _NOT_ACTIVENOTIFICATIONS not being assing to template (onokazu)
- Some PHP5 fixes (Mithrandir)
- Updated Smarty to version 2.6.5
- Updated PHPMailer to version 1.72


2004/09/11: Version 2.0.7.3
===============================
!! SECURITY FIX !! fixed more bugs that allowed session hijacking under a certain circumstance (onokazu)


2004/09/10: Version 2.0.7.2
===============================
!! SECURITY FIX !! fixed bugs that allowed session hijacking under a certain circumstance (onokazu)


2004/08/21: Version 2.0.7.1
===============================
Fixed bug #1006511 about $xoops_isadmin misuse (skalpa/the jp.xoops.org community):
- Changed XoopsUser::isAdmin() behavior to prevent problems with modules that misuse this function
- Fixed permission checking in user profile page, to only show admin links to people who are supposed to see them
- Fixed permission checking in the comments system, to only show admin links to people who are supposed to see them
Fixed incorrect escaping of configuration values in 2.0.7 (skalpa)
Changed db proxy class error message from "Action not allowed" to "Database update not allowed during a GET request" (skalpa)
Fixed bug #964084: if comment title is long multi-byte character.last byte loss (Mithrandir/domifara)
Fixed bug #977360: Wrong icon in comment bloc (Mithrandir/zoullou)
Fixed bug #976534: modules incompatibilities in 2.0.7 (Mithrandir/gijoe_peak)
Fixed bug #975803: Typo in class/pagenav.php (Mithrandir/Dave_l)
Fixed bug #974655: slogan variable with Xoops 2.0.7 (Mithrandir/brashquido)
Fixed bug #987171: typo in edituser.php (Mithrandir)
Applied patch #928503: Search results for modules with granted permissions optimised (Mithrandir/malanciault)
Applied patch #988715: cp_header.php language (Mithrandir/phppp)
Fixed MyTextSanitizer PHP notices (Mithrandir)
Fixed XoopsForm PHP Notices about an unset _extra property (Mithrandir)


2004/06/14: Version 2.0.7
===============================
!! SECURITY FIX !! preventing code injection in media uploader (skalpa)
!! SECURITY FIX !! preventing execution of external scripts in shared environments (skalpa/ackbarr)

Fixed bug #963937: Typo in modules/system/admin/findusers/main.php (mithrandir/tom_g3x)
Fixed typo in x2t theme css colteaser class definition (w4z004)
Set formButton class to Xoops popups buttons (w4z004)
Fixed bug #960970: Incorrect display of the graphical pagenav (w4z004)
Modified the Word Censoring fix (#962025) for MySQL 4.x compat (skalpa + quick thx 2 hervet 4 help)
Ensured page title and slogan are escaped for HTML (onokazu)
Fixed bug #961565: Search form keywords not checked by JS (mithrandir/tom_g3x)
Fixed bug #961118 in XoopsFormElementTray::getElements() (mithrandir/luckec)
Fixed bug #961311: Incorrect definition of headers var in XoopsMailer class (mithrandir/tom_g3x)
XoopsForm::assign() now indexes elements by name if possible (mithrandir/kerkness)
Fixed bug #963197: xoopsHiddenText is hardcoded in formdhtmlarea (mithrandir/tom_g3x)
Fixed bug #963301: XoopsMediaUploader checkMaxHeight() doesn't work (skalpa/onokazu)
Fixed bug #963327: XoopsImageHandler delete() keeps rows in imagebody table (skalpa/tom_g3x)
Fixed bug #962025: Word censoring can mess db config options up (skalpa/tom_g3x)
Fixed bug #961313: XoopsMailer custom headers are duplicated (skalpa/tom_g3x)
Fixed bug #960683: [code] wrong translation (skalpa/ryuji+gi_joe)
Fixed snoopy bug due to language specific characters (onokazu)
Fixed a bug preventing deletion of users from the admin user search results (onokazu)
Fixed a bug preventing deletion of admin users (onokazu)
Fixed bug #915976: module onInstall feature doesn't display module messages correctly (skalpa/feugy+dave_l)
Fixed bug #898776: Xoops module resolution for www.host.com and host.com (wulff_dk)
Fixed bug #906282: XoopsGroupPermForm::render() - throws Undefined variable (mithrandir)
Fixed bug #946621: Comments system extra_param not working with register_globals off (mithrandir/gstarrett)
Fixed bug #932200: Admin > Edit user shows wrong username :-(mithrandir)
Fixed bug #936753: $xoops_module_header not in all themes (w4z004)
Fixed bug #921930: SQL queries with leading whitespace don't work (mithrandir)
Fixed bug #920480: xoops_substr always adds three dots (skalpa)
Fixed bug #921448: Undefined variable in xoopscodes.php (skalpa/dave_l)
Applied patch #953063: js Calendar first popup date bug fix (mithrandir/venezia)
Applied patch #953060: xoopstree.php selbox - subcategories not ordered (mithrandir/venezia)
Applied patch #928503: Only show search results for modules with granted permissions (mithrandir/malanciault)
Fixed bug #922152 preventing notifications to work with some Windows configurations (skalpa/robekras)
Fixed bug #930351 preventing XoopsThemeForm::insertBreak() to work
Corrected the content of $xoopsRequestUri on IIS fixing bug #895984 (skalpa)


2/6/2004: Version 2.0.6
===============================
- Removed calls to XoopsHandlerRegistry class (onokazu)
- Fixed loop problem after retrieving a lost password (onokazu)
- Changed all include() calls to include_once() for xoopscodes.php (onokazu)
- Added routines to remove users from the online member list when a user is deleted (onokazu)
- Added parameters to the Critreria class constructor to allow the use of DB functions in SQL criteria (skalpa)
- Added fetchBoth() method to the XoopsDatabase class (skalpa)
- Fixed typos in class/smarty/plugins/resource.db.php (skalpa)
- Refactoring in /class/xoopsform/form.php (skalpa)
- Added some methods to /class/xoopsform/formelement.php to allow the use of accesskey and class attributes in form element tags (skalpa)
- Fixed extra HTML tags not being displayed when using the XoopsThemeForm::insertBreak() method (Catzwolf)
- Changed the default HTTP method of the search form to GET (onokazu)
- Fixed notification constants not being included during installation (onokazu)
- Fixed session data not being properly escaped before inserting to the database (onokazu)
- Some useful changes to the group permission form (onokazu)
- Fixed the block cachetime selection being reset after preview (onokazu)
- Fixed invalid regex patterns used for username filtering, also added fix to allow the safe use of multi-byte characters in username (contributed by GIJOE)
- Fixed bug where some blocks were not being displayed in block admin page on certain occasions (onokazu)
- Fixed the problem of system admin icon disappearing on certain occasions (onokazu)
- Fixed the errorhandler class to check the current error_reporting level before handleing errors (onokazu)
- Re-activated the errorhandler class (onokazu)
- Updated class/Snoopy.php to the latest version, v1.01 (onokazu)
- Fixed a typo in kernel/online.php (onokazu)
- Added some useful functions to include/xoops.js (skalpa)
- Fix for Opera in include/xoops.js (onokazu)
- Fixed user bio and signature values causing corruption in the edit profile form on certain occasions (onokazu)
- Fixed the module name being reset to the default value after module update (onokazu)
- Fixed invalid regex patterns in xoopslists.php (onokazu)
- Fixed a few issues with register_globals setting
- Fix for the auto-login feature (not activated)
- Fixed image categories not being displayed in the order set by admin (onokazu)- Fixed a typo in kernel/config.php (onokazu)
- Fixed comments not being displayed in the order as requested (onokazu)
- Fixed the mailer class not setting some header values (onokazu)
- Fixed chmod problem in class/uploader.php
- Fixed magic_quotes related problems in class/uploader.php
- Fixed notification routines causing a fatal error while trying to notify non-existent users (onokazu)
- Added fix to convert &amp; to & within mail messages (onokazu)
- Fixed html special characters causing problem when submitting a new module name (onokazu)
- Fixed javascript error in mailuser form (onokazu)
- Fixed javascript error in calendar date select form
- Added a new Smarty function <{xoops_link}> (skalpa)
- Added check to prevent webmaster user/group from being removed completely (contributed by Ryuji)

newbb
- Security fix in modules/newbb/viewtopic.php (onokazu)
- Security fix in modules/newbb/viewforum.php (onokazu)
- Added register_globals related fix to topicmanager.php (onokazu)
- Fixed topic moderation icons not being displayed for moderators in templates/newbb_thread.html (onokazu)
- Fixed topic time not being displayed in recent posts block on certain occasions in blocks/newbb_new.php (onokazu)
- Added fix to correctly navigate to the requested post even when the post is not on the first page of flat view (contrib by GIJOE in class/forumpost.php, viewtopic.php, viewforum.php)

sections
- Added missing global variable declarations to index.php (onokazu)

mydownloads
- Added register_globals related fix to modfile.php (onokazu)

news
- Added fix to always display published date in each article (onokazu)
- Added missing ?> at the end of file in xoops_version.php (onokazu)
- Some fixes in admin/index.php

xoopspolls
- Fixed color bar selections not working when creating/editing a new poll (onokazu)

xoopsmembers
- Fixed 'more than X posts' not working when set to 0 (onokazu)
- Added a new language constant to language/english/main.php (Catzwolf)
- Removed invalid HTML tags in templates/xoopsmembers_searchresults.html (Catzwolf)


1/5/2004: Version 2.0.5.2
===============================
- Security fix in modules/mylinks/myheader.php
- Security fix in modules/mylinks/visit.php
- Security fix in modules/mylinks/admin/index.php


11/22/2003: Version 2.0.5.1
===============================
- Added $option parameter to xoops_gethandler function (skalpa)
- Security fix in banners.php (onokazu)
- Security fix in modules/newss/include/forumform.inc.php (onokazu)
- Security fix in include/common.php (onokazu)
- Temporarily disabled XoopsErrorHandler class (onokazu)
- Security fix in include/functions.php (onokazu)
- Removed XoopsHandlerRegistry class (onokazu)
- Added fix for preventing users entering infinite loop when recovering a lost password (onokazu)


10/8/2003: Version 2.0.5
===============================
- Fixed template files not being updated even when the 'allow update from themes directory' option was enabled in preferences
- Fixed RSS channel title being cutoff at special characters
- Minor bug fix in pagenav.php
- Fixed blocks disappearing from the block admin page on certain occasion
- Additional fixes to work with register_globals off
- Fixed problem with XoopsCode Img button not working on certain occasion
- Added missing SQL query in kernel/avatar.php
- Fixed problem with the newbb module where users could post without a thread title on certain occasion
- Fixed problem in banner admin page where banner edit form not being displayed on certain occasion
- Fixed group selection option in the blocks admin page not being selected on certain occasion
- Fixed poll option textbox forms not displaying the correct values
- Fixed show all link in user profile page not working in 2.0.5RC
- Additional phrases in language/english/global.php(_NOTITLE), language/english/search.php(_SR_IGNOREDWORDS), install/language/english/install.php(_INSTALL_L128, _INSTALL_L200)
- Added check in install/index.php to read $HTTP_ACCEPT_LANGUAGE on initial load


9/30/2003: Version 2.0.5 RC
===============================
- Fixed email checking bug mentioned in http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=12288&forum=2 (mvandam)
- Fixed a number of bugs in blocks admin page (onokazu)
- More usability fix in blocks admin page (onokazu)
- Fixed forum topic links to correctly use the # feature in url (onokazu)
- Fixed password checking bug mentioned in http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=12301&post_id=49369&order=0&viewmode=flat&pid=49203&forum=21#forumpost49369
- Fixed database connection error when creating database during install (onokazu)
- Fixed mb_output_handler causing problems in backend.php/image.php/downloader (onokazu)
- Fixed search feature to use GET requests for prev/next/showall links (onokazu)
- Register_globals related fix in /include/comment_post.php (contrib by gstarrett)
- Added $xoopsUserIsAdmin global variable (onokazu)
- Added xoops_getLinkedUnameById function to /include/functions.php (Catzwolf)
- Fixed invalid Smarty tags in /modules/system/templates/system_siteclosed.html, /modules/system/templates/system_redirect.html, /modules/system/templates/system_imagemanager2.html (onokazu)


9/19/2003: Version 2.0.4
===============================
- XOOPS_CACHE_PATH, XOOPS_UPLOAD_PATH, XOOPS_THEME_PATH", XOOPS_COMPILE_PATH, XOOPS_THEME_URL, XOOPS_UPLOAD_URL are now set in include/common.php (onokazu)
- Added [siteurl][/siteurl] tag to XoopsCode (mvandam)
- Fixed a typo in class/uploader.php (onokazu)
- Fixed some redirect problems after login (onokazu)
- registre_globals fix in include/comment_view.php (onokazu)
- Xoops.org news is disabled by default in the admin section (onokazu)
- Added a new error handler class (class/errorhandler.php) (mvandam)
- Fixed XoopsGroupPermHandler returning duplicate permissions (onokazu)
- Fixed block-disappearing problem in blocks admin (onokazu)
- Fixed typo in kernel/notification.php (mvandam)
- Added XoopsGuestUser class in kernel/user.php (onokazu)
- Fixed newbb module to correctly use the # feature in URL (onokazu)
- Improved usability in blocks admin section
- Reduced number of users to display in group/edituser page to max 200 users (onokazu)
- Fixed bug where admins could add users with a existing username (onokazu)
- Added files for module developers to easily add group permisson feature (modules/system/groupperm.php, class/xoopsform/groupperm.php) (onokazu)
- Fixed typo in register.php (onokazu)


6/17/2003: Version 2.0.3
===============================
- fixed CSS related bug in global search page
- register_globals bug fix in comments
- Smarty updated to 2.5.0
- fixed typo in kernel/object.php
- fixed group permission bug
- fixed bug where image categories were deleted after group permission update
- fixed bug where user votes could not be deleted in the mylinks module
- fixed some language typos
- changed XoopsGroupPermHandler::getItemIds to accept an array fot the second parameter (gperm_groupid), which was required in certain places..
- removed avatar image files


4/25/2003: Version 2.0.2
===============================
- security fix to prevent malicious cross site scripting attacks (onokazu)
- fixed character encoding problem for some languages when using the mailer class (onokazu)
- fixed some major bugs in the xoopsheadline module (onokazu)
- fixed some cookie related problems in the forums module (mvandam)


4/18/2003: Version 2.0.1
===============================
- fixed bug where notification feature could not be turned on
- fixed character encoding problem for some languages when using the mailer class (onokazu)
- fixed the theme selection block to work again
- fixed typo in kernel/module.php
- fixed incorrect table name in xoops_version.php of the new headline module
- changed max limit size of some columns in the configoption table
- fixed image manager bug when using db store method
- xoops.org can now be disabled by adding nonews=1


4/16/2003: Version 2.0.0
===============================
- xoopsheadlines module replaced with xoopsheadline module to fix character encoding problems
- numerous bug fixes


3/19/2003: Version 2.0.0 RC3
===============================
- a major change in the handling of theme files, the detail of which you can read in this [url=http://www.xoops.org/modules/news/article.php?storyid=677]article[/url] (onokazu)
- a new global notification feature that can easily be incorporated into modules (that use Smarty) by only modifying xoops_version.php and template files (mvandam)
- SMTP support using phpMailer (bunny)
- group permission tables merged into one table (onokazu)
- code refactoring


2/9/2003: Version 2.0.0 RC2
===============================
A bug fix release..
- avatar upload bug
- themeset image upload bug
- register_globals fix
- recommend us block error
- error message displayed upon submit of news article
- page navigation bug in some modules
- blank page bug on some servers
- SQL displayed in blocks admin


1/31/2003: Version 2.0.0 RC1
===============================
The first public release of 2.0 series.
For new features that have been added from 1.3.x, please refer to
the articles listed below:
http://www.xoops.org/modules/news/article.php?storyid=486
http://www.xoops.org/modules/news/article.php?storyid=549
http://www.xoops.org/modules/xoopsdocs/index.php?cat_id=6