diff options
| -rw-r--r-- | wikilib.d/PmWiki.ChangeLog | 10 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.EditVariables | 12 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.MarkupExpressions | 12 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.Passwords | 12 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.ReleaseNotes | 10 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.Security | 14 | ||||
| -rw-r--r-- | wikilib.d/PmWiki.Uploads | 14 | ||||
| -rw-r--r-- | wikilib.d/Site.UploadQuickReference | 12 |
8 files changed, 48 insertions, 48 deletions
diff --git a/wikilib.d/PmWiki.ChangeLog b/wikilib.d/PmWiki.ChangeLog index 0df084a2..48576f74 100644 --- a/wikilib.d/PmWiki.ChangeLog +++ b/wikilib.d/PmWiki.ChangeLog @@ -1,9 +1,9 @@ -version=pmwiki-2.2.67 ordered=1 urlencoded=1 +version=pmwiki-2.2.68 ordered=1 urlencoded=1 author=Petko charset=UTF-8 -csum=2.2.68 +csum= name=PmWiki.ChangeLog -rev=1182 +rev=1184 targets=Cookbook.RecentChanges,PmWiki.MailingLists,PITS.01350,PmWiki.WikiStyles,PITS.00860,PITS.01337,PITS.01112,PITS.01345,PITS.01346,PmWiki.MarkupExpressions,PmWiki.LinkSchemes,PmWiki.Forms,PITS.01278,PmWiki.PageDirectives,PITS.01319,PITS.01007,PITS.01259,PITS.01308,PITS.01304,PITS.00978,PITS.01292,PITS.01285,PITS.01282,PITS.01275,PITS.01271,PITS.01266,PITS.01262,PITS.01260,PITS.01263,PITS.01253,PITS.01255,PITS.01242,PITS.01213,PITS.01212,PITS.01188,PITS.01180,PITS.01201,PITS.01217,PITS.01198,PITS.01190,PITS.01192,PITS.01199,PITS.01191,PITS.01132,PITS.01202,PITS.01197,PITS.01184,PITS.01164,PITS.01121,PITS.01127,PITS.01152,PITS.00657,PITS.01157,PITS.00571,PITS.01106,PITS.00796,PITS.00535,PITS.01145,PITS.01098,PITS.00266,PITS.00779,PITS.01155,PITS.01156,PITS.01149,PITS.01150,PITS.01141,PmWiki.CustomMarkup,PITS.01125,PITS.00703,PITS.00088,PITS.00976,PITS.01146,PITS.00813,PITS.01126,PITS.01131,PITS.01071,PITS.00802,PITS.01102,PITS.00238,PITS.01114,PITS.01062,PITS.01103,PITS.01104,PITS.00915,PITS.01099,PITS.00396,PITS.01037,PITS.00836,PITS.00998,PITS.01073,PITS.00980,Cookbook.UTF-8,PmWiki.ReleaseNotes,PITS.00407,PITS.00919,PITS.01081,PITS.01066,PITS.00984,PITS.01030,PITS.00989,PITS.00988,PITS.00987,PmWiki.WikiFarms,SiteAdmin.SiteAdmin,Cookbook.LimitWikiGroups,PmWiki.Version,SiteAdmin.Status,SiteAdmin.AuthList,PmWiki.PageTextVariables,PmWiki.Links,PITS.00387,PmWiki.PageLists,PmWiki.PageListTemplates,PmWiki.FAQ,PITS.00935,PmWiki.Passwords,PmWiki.Skins,PmWiki.PageVariables,PITS.00755,PITS.00906,Site.PageListTemplates,PITS.00558,PmWiki.ConditionalMarkup,PITS.00878,PITS.00787,PmWiki.AuthUser,PmWiki.PagelistVariables,PITS.00875,PITS.00881,PITS.00850,PITS.00846,PITS.00853,PITS.00854,PmWiki.Robots,PmWiki.Uploads,PITS.00801,PITS.00410,PITS.00527,PITS.00595,PITS.00567,PITS.00327,PITS.00573,PITS.00708,PITS.00767,PITS.00753,PITS.00750,PITS.00749,PITS.00751,PITS.00530,PITS.00611,PITS.00671,PITS.00739,PITS.00723,PITS.00736,PITS.00709,PITS.00696,PITS.00713,PITS.00620,PITS.00702,PITS.00699,PmWiki.ChangeLogArchive -text=(:Summary: Log of changes made to PmWiki by [[Release(Notes)]]:)%0aSee [[Cookbook:RecentChanges | the cookbook recent changes page]] for additional updates and activity by other developers, or join the [[PmWiki (/) mailing lists]] to discuss feature development with us.%0a%0a(:comment Changes made to the [[PmWiki:Subversion | subversion pre-release ]] of PmWiki.:)%0a!!! Version 2.2.68 (2014-09-01) [[#v2268]]%0a* Add Skins: InterMap prefix.%0a* Add signature to EditQuickReference (PITS:01350).%0a* Allow $PostConfig entries to be launched after per-page customization, before other stdconfig.php inclusions if values%3c50.%0a* Add [[WikiStyles]] clear, min and max width and height (PITS:00860), fix [=%25p class=...%25=] with more than one space.%0a* Update documentation.%0a%0a!!! Version 2.2.67 (2014-08-02) [[#v2267]]%0a* Fix InputDefault/PageTextVariables inconsistency (PITS:01337).%0a* Update documentation.%0a%0a!!! Version 2.2.66 (2014-07-02) [[#v2266]]%0a* Fix Author in Notifcations when deleting pages (PITS:01112).%0a* Exclude "_" to be considered as a function name in various $*Patterns.%0a* Update documentation.%0a%0a!!! [[#v2265]] Version 2.2.65 (2014-06-07)%0a* Fix [={$$PseudoVars}=] containing [={*$PageVars}=] in Pagelist Templates.%0a* Fix wording in scripts/.htaccess (PITS:01345).%0a* Fix fixperms() if directory owner is root (PITS:01346).%0a* Update documentation.%0a%0a!!! [[#v2264]] Version 2.2.64 (2014-05-08)%0a* Add [={(mod)}=] [[PmWiki/MarkupExpressions | markup expression]].%0a* Add tel: and geo: [[PmWiki/LinkSchemes | URI schemes]].%0a* Add $SysMergePassthru to allow Merge() to use passthru() instead of popen().%0a* Update documentation.%0a%0a!!! [[#v2263]] Version 2.2.63 (2014-04-05)%0a* Allow [[PmWiki/Forms | form]] elements to have a dash in the attribute names.%0a* Strip magic slashes for pagelist/search request vars.%0a* Allow input attributes readonly, placeholder and autocomplete for HTML5 sites.%0a* Update documentation.%0a%0a!!! [[#v2262]] Version 2.2.62 (2014-02-28)%0a* Add $CallbackFnTemplates["return"].%0a* Add 4th argument to Markup_e() - $template.%0a* Add $EnableTableAutoValignTop.%0a* Update documentation.%0a%0a!!! [[#v2261]] Version 2.2.61 (2014-01-31)%0a* Add $TableCellAlignFmt.%0a* Remove unused snippet in prefs.php (reported by Oliver Betz).%0a* Remove unused calls to PSS() (reported by John Rankin).%0a* Update documentation.%0a%0a!!! [[#v2260]] Version 2.2.60 (2014-01-12)%0a* Revert to previous pmwiki.css file.%0a%0a!!! [[#v2259]] Version 2.2.59 (2014-01-11)%0a* Fix checking multiple posted fields in blocklist.php (reported by Randy Brown).%0a* Allow Markup_e() to accept a callback as well as code.%0a* Fix "+" shortcut for internal anchor links.%0a* Disable HTML cache if count($_GET)>1 not >2 (PITS:01278).%0a* Fix query string if a "?" is encoded to uppercase "%253F".%0a* Replace CSS font sizes from points (fixed) to percents (relative) for the default skin.%0a* Fix nested conditionals containing $pagename (reported by Benjamin Grassineau).%0a* Update documentation.%0a%0a!!! [[#v2258]] Version 2.2.58 (2013-12-25)%0a* Allow $LinkUpload to be usable in [=(:attachlist:)=].%0a* Enable customizations of [=(:input auth_form:)=].%0a* Remove unused variable $Block in FormatTableRow(), reported by Klonk.%0a* Fix $EnableBlocklistImmediate to check all posted fields for blocked terms.%0a* Add $GLOBALS['MarkupToHTML'] to pass parameters such as $pagename to markup calls.%0a* Update documentation.%0a%0a!!! [[#v2257]] Version 2.2.57 (2013-11-03)%0a* Encode international character used for detection of a recode function.%0a* Enable $IMapLinkFmt['Attach:'] to be used in [[PmWiki/PageDirectives#attachlist|[=(:attachlist:)=]]] links.%0a* Add $MakePageNameSplitPattern.%0a* Update documentation.%0a%0a!!! [[#v2256]] Version 2.2.56 (2013-09-30)%0a* Work in progress to remove the core dependency of the deprecated "eval" feature of the preg_replace() function (PITS:01319).%0a* Add functions PCCF(), PPRE(), PPRA(), Markup_e(), migrating all core calls to these functions.%0a* Fix detection of proper PageStore->recodefn.%0a* Update documentation.%0a%0a%0a!!! [[#v2255]] Version 2.2.55 (2013-09-16)%0a* Add $EnableDraftAtomicDiff (PITS:01007).%0a* Update documentation.%0a%0a!!! [[#v2254]] Version 2.2.54 (2013-08-13)%0a* Fix broken page history for draft pages, reported by ChuckG.%0a* Update documentation.%0a%0a!!! [[#v2253]] Version 2.2.53 (2013-07-08)%0a* Show a message when the post has been blocked because of too many unapproved links.%0a* Update documentation.%0a%0a!!! [[#v2252]] Version 2.2.52 (2013-06-08)%0a* Add docx, pptx, xlsx upload extentions.%0a* Hide E_DEPRECATED warnings for PHP 5.5.%0a* Update documentation.%0a%0a!!! [[#v2251]] Version 2.2.51 (2013-05-08)%0a* Update url to MoinMoin's blocklist.%0a* Comment-out blacklist.chongqed.org as the domain appears to have expired.%0a* Fix possible XSS vulnerability in prefs.php, discovered today.%0a* Fix access keys to be a single character.%0a* Fix $AuthorPage if there is a group named the same as the author (PITS:01259).%0a* Update documentation.%0a%0a!!! [[#v2250]] Version 2.2.50 (2013-04-08)%0a* Update documentation.%0a%0a!!! [[#v2249]] Version 2.2.49 (2013-03-09)%0a* Add $UploadBlacklist array.%0a* Update documentation.%0a%0a!!! [[#v2248]] Version 2.2.48 (2013-02-11)%0a* Fix bug introduced yesterday with some links, reported by Michael Weiner (PITS:01308).%0a%0a!!! [[#v2247]] Version 2.2.47 (2013-02-10)%0a* Enable tooltip titles for links to anchors on the same page.%0a* Update documentation.%0a%0a!!! [[#v2246]] Version 2.2.46 (2013-01-07)%0a* Add third parameter to fixperms() explicitly setting the permissions.%0a* Add $UploadPermAdd and $UploadPermSet variables.%0a* Update documentation.%0a%0a!!! [[#v2245]] Version 2.2.45 (2012-12-02)%0a* Cleanup some PHP notices (PITS:01304).%0a* Update documentation.%0a%0a!!! [[#v2244]] Version 2.2.44 (2012-10-21)%0a* Better display of whitespace in page histories.%0a* Fix definition for PageTextVariables containing a dash (PITS:00978).%0a* Update documentation.%0a%0a!!! [[#v2243]] Version 2.2.43 (2012-09-20)%0a* Allow for HTML attribute names to contain dashes, eg. data-transition, data-role etc.%0a* Remove warning when previewing Site.EditForm.%0a* Update documentation.%0a%0a!!! [[#v2242]] Version 2.2.42 (2012-08-20)%0a* Convert the line-endings in the docs/ directory to \r\n compatible with Windows.%0a* Modify PHSC() to call htmlspecialchars() with a single-byte encoding argument.%0a* Update documentation.%0a%0a!!! [[#v2241]] Version 2.2.41 (2012-08-12)%0a* Change $KeepToken to "\034\034" which is compatible with more encodings.%0a* Update documentation.%0a%0a!!! [[#v2240]] Version 2.2.40 (2012-07-21)%0a* Add PHSC() helper function as a replacement of htmlspecialchars() for PHP 5.4 (PITS:01292).%0a* Update documentation.%0a%0a!!! [[#v2239]] Version 2.2.39 (2012-06-25)%0a* Fix URL encoding of attachment links.%0a* Update documentation.%0a%0a!!! [[#v2238]] Version 2.2.38 (2012-05-21)%0a* Fix "Wrong parameter count for utf8_decode" warning, reported by Simon.%0a* Update documentation.%0a%0a!!! [[#v2237]] Version 2.2.37 (2012-05-01)%0a* Add page filename encoding functions.%0a* Better handling of dots in [@[[#anchor_1.2]]@] sections (PITS:01285).%0a* Expand PageVariables in PageList template defaults (PITS:01282).%0a* Add test for iconv() and mb_convert_encoding(), refactor recode().%0a* Update documentation.%0a%0a!!! [[#v2236]] Version 2.2.36 (2011-12-28)%0a* Add $EnableOldCharset variable and $page["=oldcharset"] entry.%0a* Refactor PageStore->recode() to recover Windows-1252 characters.%0a* Add exit line to xlpage-iso-8859-2.php (PITS:01275).%0a* Fix difference in defining and removing "invisible" PTVs.%0a* Update documentation.%0a%0a!!! [[#v2235]] Version 2.2.35 (2011-11-11)%0a* Fix critical PHP injection vulnerability (PITS:01271, reported by Egidio Romano).%0a* Important change: Disable script loading from XLPage().%0a* Move the processing of [@[[link|+]]@] inside LinkPage() and delete markup rule from stdmarkup.php.%0a* Modify MakeLink() to better handle link titles.%0a* Add optional $LinkTitleFunction allowing recipes to customize the link titles.%0a* Fix ReadTrail() to better handle links with titles.%0a* Add title attributes for the HTML templates in the @@ $LinkPage*Fmt @@ variables.%0a* Add upload extensions svg, xcf, ogg, flac, ogv, mp4, webm, odg, epub.%0a* Minor optimization for the MarkupExpressions for UTF-8 strings.%0a* Minor optimization of the rendering of page history.%0a%0a!!! [[#v2234]] Version 2.2.34 (2011-10-10)%0a* Add [[PmWiki/MarkupExpressions]] replacements for UTF-8.%0a* Reset timestamps of Site(Admin).AuthUser to 1000000000, used in upgrades.php.%0a* Update documentation.%0a%0a!!! [[#v2233]] Version 2.2.33 (2011-09-23)%0a* Fix locked states for Site and SiteAdmin GroupAttributes (reported by Brijesh Kothari).%0a* Fix intermap.txt entries PITS: and Wikipedia: to point to their current locations.%0a* Fix refcount.php to produce valid HTML (PITS:01266).%0a%0a!!! [[#v2232]] Version 2.2.32 (2011-09-18)%0a* Add required html xmlns attribute to the print skin template.%0a* Add PageStore->recode() function.%0a* Add $DefaultPageCharset array.%0a* Optimize for speed the inline diff for page history when too many lines were added or deleted.%0a* Update and convert to UTF-8 the documentation.%0a%0a%25note%25 Note: Due to a manipulation error, a version 2.2.31 was created before it was ready for a release.%0a%0a!!! [[#v2230]] Version 2.2.30 (2011-08-13)%0a* Fix $Charset definition in iso-8859-*.php files.%0a* Add $EnableRangeMatchUTF8, set it to 1 to enable range matches in UTF-8.%0a* Update documentation.%0a%0a!!! [[#v2229]] Version 2.2.29 (2011-07-24)%0a* Fix Attach links that were broken with the Path fix in 2.2.28.%0a* Add $IMapLocalPath array containing InterMap prefixes that should be treated as local.%0a%0a!!! [[#v2228]] Version 2.2.28 (2011-07-24)%0a* Fix potential XSS vulnerability in refcount.php (PITS:01262).%0a* Fix bug in Path: links (PITS:01260).%0a* Fix potential XSS vulnerability in custom SitePreferences (PITS:01263).%0a* Update documentation.%0a%0a!!! [[#v2227]] Version 2.2.27 (2011-06-19)%0a* Add block WikiStyle [=%25justify%25=] (PITS:01253).%0a* Remove unused %3cvspace> after a redirection (PITS:01255).%0a* Add ?nodiff=1 parameter for page history to disable diff rendering and show only restore links.%0a* Update documentation.%0a%0a!!! [[#v2226]] Version 2.2.26 (2011-05-21)%0a* Fix ReadTrail(), redundant replacing of hashes, already done in MakePageName().%0a* Update documentation.%0a%0a!!! [[#v2225]] Version 2.2.25 (2011-03-22)%0a* Update documentation.%0a%0a!!! [[#v2224]] Version 2.2.24 (2011-02-15)%0a* Add [@{$$PageTrailDepth}@] pseudovariable for pagelist templates.%0a* Fix PageVar(), add $authpage array for an authenticated page data, removed $EnablePageVarAuth.%0a* Update documentation.%0a%0a!!! [[#v2223]] Version 2.2.23 (2011-01-25)%0a* Default $EnablePageVarAuth to 0 until the resolution of PITS:01242.%0a%0a!!! [[#v2222]] Version 2.2.22 (2011-01-16)%0a* Add $EnableXLPageScriptLoad to XLPage() to prevent editors from changing the encoding.%0a* PageVariables now respect authentications (PITS:01213).%0a* Add $EnablePageVarAuth.%0a* Update documentation.%0a%0a!!! [[#v2221]] Version 2.2.21 (2010-12-14)%0a* Fix potential XSS vulnerability, reported by DFaure.%0a* Fix invalid HTML for simple table captions, reported by JL.%0a* Fix WikiStyles could work not properly if a value was empty like accesskey="".%0a%0a!!! [[#v2220]] Version 2.2.20 (2010-12-14)%0a* Fix Pagelist [={$$variable}=] didn't work in template none (PITS:01212).%0a* Fix interface access keys in browse mode (PITS:01188).%0a* Add PmL10n: intermap prefix for the Localization/ group on pmwiki.org (PITS:01180).%0a* Fix AuthUser excluding members didn't work (PITS:01201).%0a* Update documentation.%0a%0a!!! [[#v2219]] Version 2.2.19 (2010-11-10)%0a* Update documentation.%0a%0a!!! [[#v2218]] Version 2.2.18 (2010-09-04)%0a* Fix $SaveAttrPatterns to skip nested conditionals (reported by RandyB).%0a* Fix RecentChanges when an edit summary contains the dollar sign (PITS:01217).%0a* Fix RDF feed number of elements (PITS:01198).%0a* Update documentation.%0a%0a!!! [[#v2217]] Version 2.2.17 (2010-06-20)%0a* Add tabindex as a valid form attribute (PITS:01190).%0a* Collapse adjacent insertions in DiffRenderSource (PITS:01192).%0a* Fix HandleDownload to flush() output before exit (PITS:01199).%0a* Fix HandleDownload to respect $EnableIMSCaching (PITS:01191).%0a* Add $PostConfig functions and scripts, loaded after stdconfig.php (PITS:01132).%0a* Add $AuthUserPat variable for the regexp pattern in AuthUserId() (PITS:01202).%0a* Pass $authlist as last parameter to $AuthUserFunctions (PITS:01197).%0a* Fix "exists" conditional to work with old link markup.%0a* Update documentation.%0a%0a!!! [[#v2216]] Version 2.2.16 (2010-05-10)%0a* Allow "exists" conditional to accept wildcards (PITS:01184)%0a* Fix GUI button [=%25center%25=] which didn't work correctly.%0a* Fix incorrectly parsed quote in PQA(), possible script injection (discovered by Hanno Boeck).%0a%0a!!! [[#v2215]] Version 2.2.15 (2010-03-27)%0a* Add @@ (Auth|Edit)Form @@ to auto-translated titles.%0a* Fix [@ (:if auth LEVEL:) @] to respect $HandleAuth (PITS:01164).%0a* Skip loading of the second half of draft.php if $action!="edit".%0a* Fix bug with [@ (:template none:) @] introduced in 2.2.14, reported by Holger.%0a* Fix HandleDownload() to use binary file-read.%0a%0a!!! [[#v2214]] Version 2.2.14 (2010-02-27)%0a* Fix inline styles in WikiTrails (PITS:01121).%0a* Add a negation parameter to pagelist first/last templates (PITS:01127).%0a* Refactor FPLTemplateFormat(), move repeated code blocks into FPLExpandItemVars().%0a* Add $EnableUndefinedTemplateVars allowing to hide or show undefined template/include [={$$variables}=] (PITS:01152).%0a* Add "title" attribute to external links (PITS:00657).%0a* Add FmtPageTitle() to allow automatic i18n titles for RecentChanges and other technical pages (PITS:01157).%0a* Update documentation.%0a%0a!!! [[#v2213]] Version 2.2.13 (2010-02-21)%0a* Replace deprecated in PHP 5.3 function split() with explode().%0a* Add $WordDiffFunction default to PHPDiff().%0a* Use existing border colors as highlighting background.%0a* Refactor/optimize DiffRenderSource(), merge with DiffRenderInline().%0a* Change default history to show word-level highlighting.%0a* Fix bug with $DiffKeepNum which kept less revisions than it should.%0a* Fix RetrieveAuthPage() call from HandleDiff().%0a* Update documentation.%0a%0a!!! [[#v2212]] Version 2.2.12 (2010-02-17)%0a* Allow a custom $DiffHTMLFunction to skip the line rendering if it returns false.%0a* Add $EnableDiffInline, simple word-level diffs (PITS:00571).%0a* Update documentation.%0a%0a!!! [[#v2211]] Version 2.2.11 (2010-02-14)%0a* Break PrintDiff() into customizable functions (PITS:01106).%0a* Add anchors to individual diffs (PITS:00796).%0a* Remove unused $RecipeInfo definition in markupexpr.php (reported by P.Bowers).%0a* Add [=(:head:) and (:headnr:)=] table directives (PITS:00535).%0a* Fix $GroupPattern and $NamePattern in xlpage-utf-8.php.%0a* Update documentation.%0a%0a!!! [[#v229]] [[#v2210]] Version 2.2.9, 2.2.10 (2010-01-17)%0a* Fix i18n string in PasswdVar(), reported by SteP.%0a* Fix sample-config.php with correct information about $EnableWSPre (PITS:01145).%0a* Fix range searches for wikis in UTF-8 (reported by Maxim).%0a* Fix global variable $StringFolding in scripts/xlpage-utf-8.php.%0a* Fix markup for italics in creole.php.%0a* Fix previews for PTVs, Pagelist templates and included sections (PITS:01098).%0a* Add $DiffKeepNum - number of revisions kept, even if older than $DiffKeepDays.%0a* Add Yandex to robots.php.%0a* Change default $EnableRelativePageVars to 1 (PITS:01145).%0a* Add fifth parameter to SetProperty() : keep existing property.%0a* Add $EnablePageTitlePriority (PITS:00266, PITS:00779).%0a* Update documentation.%0a%0a!!! [[#v228]] Version 2.2.8 (2009-12-07)%0a* Fix apostrophes in Author field (PITS:01155).%0a* Fix Condition "exists" for PHP 5.3 (PITS:01156).%0a* Update documentation.%0a%0a!!! [[#v227]] Version 2.2.7 (2009-11-08)%0a* Fix GlobToPCRE() to work with !excl and -excl with PHP 5.3 (PITS:01149).%0a* Fix HandleDownload() correctly quote the filenames (PITS:01150).%0a* Fix SessionAuth() for PHP 5.3, the $_REQUEST array doesn't contain the $_COOKIE array (PITS:01141).%0a* Fix default timezone for PHP 5.3 (PITS:01141).%0a* Update documentation.%0a%0a!!! [[#v226]] Version 2.2.6 (2009-10-04)%0a* Escape apostrophes for multiline textarea/hidden form fields.%0a* Fix global unset of $MarkupRules in [[PmWiki/CustomMarkup|Markup()]] and DisableMarkup(), reported by D.Faure.%0a* Fix call to BuildMarkupRules() in MarkupToHTML(), suggested by Pm.%0a* Allow disabling of $PageListFilters and $FPLTemplateFunctions if set to -1 and thus allow replacing a core function with a custom one.%0a* Fix DRange() returned timestamps +1min or +1day when it shouldn't (PITS:01125).%0a* Add $MarkupWordwrapFunction to allow custom [@(:markup:)@] line width for multibyte wikis (PITS:00703).%0a* Add $MakeUploadNamePatterns to allow custom filename normalization for uploads.%0a* Add a fourth argument to PostRecentChanges() to allow this function to be called with a custom $RecentChangesFmt array.%0a* Add $RecentUploadsFmt, to allow logging of new uploads to the RecentChanges pages (PITS:00088).%0a* Fix Notify for some installations in safe_mode (PITS:00976).%0a* Add $HTMLHeaderFmt['guiedit'] variable in guiedit.php to allow customization (PITS:01146).%0a* Update documentation.%0a%0a!!! [[#v225]] Version 2.2.5 (2009-08-25)%0a* Add *.7z as accepted upload extension (PITS:00813).%0a* Fix global variable $HandleAttrFmt in HandleAttr (PITS:01126).%0a* Allow brackets in input element names (PITS:01131).%0a* Fix CSS class applied twice (PITS:01071).%0a* Fix Not-Modified headers could prevent caching (PITS:00802).%0a* Break FPLTemplate() into configurable sub-parts (PITS:01102).%0a* Add [@(:template none:)@] section for Pagelist templates.%0a* Fix attr-protected page could be deleted with edit permissions (PITS:00238).%0a* Update documentation.%0a%0a!!! [[#v224]] Version 2.2.4 (2009-07-16)%0a* Fix bug with page attributes, which somehow didn't make it in the 2.2.3 release.%0a* Fix bug with HTML entities in XLPages introduced earlier today in 2.2.3 (reverted, PITS:01114).%0a%0a!!! [[#v223]] Version 2.2.3 (2009-07-16)%0a* Fix action=logout could incorrectly set a session cookie (PITS:01062).%0a* Fix page history trim in vardoc.php (PITS:01103).%0a* Add $EnableUploadGroupAuth, use group password for downloads (PITS:01104).%0a* Fix recursive PTV loops, added $MaxPageTextVars (PITS:00915, PITS:01099).%0a* Fix mkdirp() messages for absolute paths (PITS:00396).%0a* Fix sample-config.php order for urlapprove.php (PITS:01037).%0a* Fix broken signature links on preview.%0a* Fix crypt.php (action=crypt) could malfunction for passwords with quotes or apostrophes.%0a* Fix @@ @_site_*@@ passwords to work in GroupAttributes (PITS:00836, PITS:00998).%0a* Fix possible XSS vulnerabilities, reported by Michael Engelke.%0a* Update documentation.%0a%0a!!! [[#v222]] Version 2.2.2 (2009-06-21)%0a* Fix class in pages not on the breadcrumbs trail, reported by Ed W.%0a* Fix @@tabindex@@ and @@onclick@@ to guiedit buttons.%0a* Fix $GroupPrintHeaderFmt in print.php (PITS:01073).%0a* Fix global vars in xlpage-utf-8.php (PITS:00980).%0a* Fix $txt in LinkPage (reported by Eemeli Aro).%0a* Add $EnableNotifySubjectEncode for international wikis (Cookbook:UTF-8).%0a* Fix international message in Abort().%0a* Fix security bug with AuthUser, reported by Eemeli Aro. See [[Release notes]].%0a* Fix $ActionTitleFmt for login and upload, reported by Eemeli Aro.%0a%0a!!! [[#v221]] Version 2.2.1 (2009-03-28)%0a* Fix $FPLTemplateMarkupFunction which somehow didn't get in the 2.2.0 archive.%0a* Fix wikitrails to work cross-group (PITS:00407).%0a* Add $EnableRedirectQuiet variable (PITS:00919).%0a* Fix [={$Title}=] could display global variables (reported by HansB).%0a* Fix reloaded form submissions could lose values (reported by DaveG).%0a* Fix preview while restoring a version from history (PITS:01081).%0a* Fix relative links with international characters (reported by G. Hermanowicz).%0a* Add in sample-config.php example call to xlpage-utf-8.php (PITS:01066).%0a* Update documentation.%0a* Fix guiedit.php to produce valid HTML.%0a%0a!! [[#v220]] Version 2.2.0 (2009-01-18)%0a* Convert beta series to official release series.%0a* Add $FPLTemplateMarkupFunction (PITS:00984, requested by John Rankin).%0a%0a!!! [[#beta68]] Version 2.2.0-beta68 (2008-08-14)%0a* Fix E_NOTICE errors reported by Dominique Faure.%0a* Enable [@(:redirect:)@] directives in pagelists.%0a%0a!!! [[#beta67]] Version 2.2.0-beta67 (2008-07-13)%0a* Add [={$LastModifiedTime}=] page variable.%0a* Add $EnableSessionPasswords variable to control session password usage.%0a* Add $SessionEncode and $SessionDecode variables to specify functions for encoding/decoding sensitive session data.%0a* Updated httpauth.php to use SessionAuth instead of poking in session guts directly.%0a%0a!!! [[#beta66]] Version 2.2.0-beta66 (2008-07-04)%0a* Add content-type/charset to Abort() output (suggested by Petko).%0a* Close minor XSS vulnerability (PITS:01030).%0a* Add "nested if" capability.%0a* Fix bug in $Transition handling that would enable all transitions if any were set (reported by John Rankin).%0a %0a%0a!!! [[#beta65]] Version 2.2.0-beta65 (2007-11-17)%0a* Fix SiteAdmin.AuthList so that it defaults to list=all (reported by Roman).%0a* Fix pmwiki skin to include xmlns= attribute in %3chtml> tag (PITS:00989, reported by Mateusz Czaplinski and Petko Yotov).%0a%0a!!! [[#beta64]] Version 2.2.0-beta64 (2007-11-13)%0a* Add times to PmWiki date parsing (e.g., 2007-08-09T12:22:04).%0a* Suppress warning from ini_set in diag.php (suggested by Petko).%0a* Fix handling of -> links in trails (reported by Eemeli Aro).%0a* Add .kml and .kmz as valid attachment types. %0a* Fix handling of [=&=] in markup (PITS:00988, reported by Stirling Westrup).%0a* Fix duplication of language markers in $XLLangs (PITS:00987, reported by Stirling Westrup).%0a* Correct typo in DRange() call in stdmarkup.php (reported by Stirling Westrup).%0a* Turn on error displays when diagnostics are enabled.%0a* Default PHP's pcre.backtrack_limit to at least 1000000.%0a%0a!!! [[#beta63]] Version 2.2.0-beta63 (2007-07-31)%0a* Added $SkinDirectivesPattern to allow adjustments to available skin directives (requested by Petko).%0a* Fix default permissions on Site.AuthUser and Site.AuthList (reported by Scott Connard).%0a* Add "monospace" to pmwiki.css default (reported by Joshua Timberman, with assistance from H. Fox)%0a* Fix problem with slashes in wildcards to name= and group= parameters (reported by Ian MacGregor).%0a%0a!!! Version 2.2.0-beta62 (2007-07-21)%0a* Fix bug in trails introduced by beta61 (reported by charlequin).%0a%0a!!! Version 2.2.0-beta61 (2007-07-19)%0a* Add ability to grab trails by section.%0a* Add an "ontrail" condition (from suggestions by charlequin).%0a%0a!!!Version 2.2.0-beta59, 2.2.0-beta60 (2007-07-18)%0a* Fix problem with upgrade.php on [[wiki farms]] (reported by Scott Connard).%0a* Fix problem with distributed version of Site.AuthUser (reported by Jon Haupt).%0a%0a!!!Version 2.2.0-beta58 (2007-07-17)%0a* Significant change: Site.AuthUser, Site.Blocklist, Site.ApprovedUrls, and Site.NotifyList now appear in the [[SiteAdmin]] group by default.%0a** Note: if you limit groups by setting $GroupPattern, you now need to include SiteAdmin (see [[Cookbook:LimitWikiGroups]])%0a* Abort if ldap: authentication requested and libraries aren't present.%0a* Added "upgrades.php" script to handle various migration issues.%0a* Current PmWiki [[version]] is now held in [[SiteAdmin.Status]] .%0a* Fix ?action=postupload to follow ?action=upload settings.%0a* Improvements to [[SiteAdmin.AuthList]] page (suggestions and fixes from Ian MacGregor).%0a* Allow leading underscores in attachment names (requested by Christophe David).%0a%0a!!!Version 2.2.0-beta57 (2007-06-15)%0a* Fix AsSpacedUTF8() to work like AsSpaced() (reported by Petko).%0a* Qualify page links that contain parentheses (reported by Petko).%0a* Fix bug in [@(:input default $:var ... :)@] (reported by Crisses).%0a%0a!!!Version 2.2.0-beta56 (2007-06-13)%0a* Fix AsSpaced() to not add spaces before leading digit, and treat hyphenated digits as complete numbers.%0a* Fix infinite recursion in self-referencing [[page text variables]] (PITS:00915).%0a* Fix bug introduced in beta55 not handling end [[links|anchors]] correctly (reported by Roman).%0a%0a!!!Version 2.2.0-beta55 (2007-06-11)%0a* Fix attributes to [@(:input e_form:)@] (PITS:00387, re-reported by Crisses).%0a* UpdatePage() now calls StopWatch() to record posting.%0a* Display stopwatch output as part of redirect.%0a* Fix [[wiki styles]] bug when $EnableLinkPageRelative is set (reported by Petko).%0a* Revise TextSection() code to hopefully avoid %25newwin%25[[http://pcre.org/|pcre]] limits (reported by Kathryn Andersen, Knut Alboldt).%0a* Add wrap=inline and wrap=none options to [[page list(s#pagelistwrap)]].%0a%0a!!!Version 2.2.0-beta53, 2.2.0-beta54 (2007-06-02)%0a* Improve error message reporting for markup rules (suggestion by Knut Alboldt).%0a* Clean up more E_NOTICE warnings (reported by Ian MacGregor).%0a* Add focus= option to [=(:=][[forms|input]]:) controls.%0a* Added CSS [@.faqtoc@] class, to be able to display only the questions coming from the #includefaq [[page list template(s)]].%0a* Changed [[PmWiki.FAQ]] to use .faqtoc class.%0a* Fix bug in TextSection (PITS:00935, reported by Jean-Fabrice).%0a* Fix bug in [[page list(s#pagelisttrail)]] caching of trails.%0a%0a!!!Version 2.2.0-beta52 (2007-05-26)%0a* Add per-PageStore attributes (from a suggestion by Tobias Thelen).%0a* Add [@{$PasswdRead}@], [@{$PasswdEdit}@], etc. to display page password settings.%0a* Add Site.AuthList to display all password permissions on a site.%0a* Reorder $PageListFilters slightly.%0a* Add "passwd=" option to [[page list(s#pagelistpasswd)]], to return only those pages that have some sort of [[password(s)]] attribute on them.%0a* Add line numbers to StopWatchHTML output.%0a* Clean up handling of $AuthCascade.%0a%0a!!!Version 2.2.0-beta51 (2007-05-23)%0a* Add fmt=count to [[page list(s#pagelistcount)]] (reminder from Hans).%0a* Ignore hidden files in [[skin(s)]] directories when searching for .tmpl (suggestion by Stephan Becker).%0a* Clean up queuing of pages to be updated in .pageindex .%0a* Reset $LinkTargets() at beginning of each UpdatePage() sequence.%0a%0a!!!Version 2.2.0-beta50 (2007-05-22)%0a* Fix HTML cache when drafts are enabled, or other recipes using CondAuth().%0a* Prevent [[page lists]] with protected pages from HTML cache.%0a%0a!!!Version 2.2.0-beta48, 2.2.0-beta49 (2007-05-21)%0a* Fix spurious value= attribute in <textarea> tag generated by [@(:input textarea ... :)@].%0a* Allow either [@(:input default ...:)@] or [@(:input defaults ...:)@].%0a* Fix problem with page text variable handling in [@(:input defaults:)@].%0a* Allow either [@(:template default:)@] or [@(:template defaults:)@] in [[page list templates]].%0a* Fix a bug handling dates with suffixes (reported by Crisses).%0a%0a!!!Version 2.2.0-beta47 (2007-05-20)%0a* Fix bug with quote handling in [@(:include:)@] options (reported by Hans).%0a%0a!!!Version 2.2.0-beta46 (2007-05-19)%0a* Moved $PageTextVarPatterns definition from scripts/stdmarkup.php to pmwiki.php.%0a* Ignore Markup() rules that have unresolved $when parameters.%0a* Fix issue in authuser.php when $auth array isn't set (contributed by Ben Stallings).%0a* The [@(:include:)@] directive now performs template argument processing on the included text.%0a* Optimized [@(:pagelist:)@] slightly when sorting on [[page variables]].%0a* Refactored [@(:input ... :)@] markups.%0a* Added HandleDispatch(), which allows action handlers to easily redispatch to other actions (and add messages).%0a* Added FmtTemplateVars(), to perform various template-substitutions.%0a%0a%0a!!!Version 2.2.0-beta45 (2007-05-02)%0a* Update pmwiki's date parsing to use a common routine, recognizing dates within strings and restricting range to 1900-2039.%0a* Add additional parameter to "date" conditional.%0a* Add if= option to [[page list(s#pagelistif)]] (suggested by Crisses).%0a* Refactor code to use TextSection() and RetrieveAuthSection() functions.%0a* The value= parameter to [@(:input textarea:)@] now works properly (including values loaded from $InputValues).%0a* The [@(:input default:)@] directive now allows loading input control defaults from another page via the [@source=@] parameter.%0a* Remove automatic call to FmtPageName() in $ROSPatterns. Add $ROEPatterns (from suggestions by JB and others).%0a* Fix minor variable bugs in scripts/crypt.php.%0a* Remove E_NOTICE errors (reported by Hans).%0a* Fix handling of page variables when pagename is empty or not provided.%0a* Add $EnableLinkPageRelative configuration option.%0a* Clean up handling of arguments to [@{(ftime ...)}@].%0a* Remove mailposts.php call in stdconfig.php (reported by Christophe David).%0a%0a!!!Version 2.2.0-beta44 (2007-04-16)%0a* Fix case conversion of U+027D and U+026B (reported by Petko).%0a* Add $FTimeFmt to set default formatting for [@{(ftime)}@].%0a* Add %25s conversion to [@{(ftime)}@] for systems that don't have it by default.%0a* Report an error if edit [[form(s)]] cannot be read (suggested by Hans).%0a* Don't report ?cannot acquire lockfile when simply browsing pages.%0a* Add $EnableReadOnly flag to signal when PmWiki is to be run in read-only mode.%0a%0a!!!Version 2.2.0-beta43 (2007-04-15)%0a* Update drafts code to add $EnablePublishAttr and change button labels when drafts are enabled (PITS:00755).%0a* Removed no-longer-needed 'compat1x.php' and 'mailposts.php' from distribution.%0a* Added $DraftRecentChangesFmt.%0a* Added "[[markup expressions]]" [@{(...)}@] into the core.%0a* Added charset= attribute to saved pages.%0a* Update pagelist.php and xlpage-utf-8.php to handle case-insensitive searches.%0a* Added some optimizations to phpdiff.php script to produce more useful history information.%0a%0a!!!Version 2.2.0-beta42 (2007-03-27)%0a* Fix a bug with order=title in pagelists (reported by Anno).%0a%0a!!!Version 2.2.0-beta41 (2007-03-26)%0a* Added $EnableWSPre option, which allows easy adjustment of the "leading space -> preformatted text" (or "whitespace") rule.%0a* Added a new "pre" wikistyle, to designate blocks that are to be treated as preformatted text.%0a%0a!!!Version 2.2.0-beta40 (2007-03-24)%0a* Fix bug with order=title in pagelists when using $Titlespaced (PITS:00906, reported by Feral).%0a* Report state of allow_url_fopen when downloads fail in blocklist.php.%0a%0a!!!Version 2.2.0-beta39 (2007-03-23)%0a* Allow page variable filters to appear as options in [@(:template defaults:)@] (reported by SteP).%0a* Updated [[Site.PageListTemplates]] to use [@(:template:)@] directives.%0a* Remove '#wikileft h1' and '#wikileft h5' from pmwiki default stylesheet.%0a%0a!!!Version 2.2.0-beta38 (2007-03-22)%0a* Strip control characters from $ChangeSummary.%0a* Fix problem with count=m..n where m..n is outside the range of available pages (reported by SteP).%0a* Allow [@(:template default ...:)@] to specify a class= option.%0a* [[PmWiki/PageDirectives#redirect|Redirect]] pagename can now include an anchor (PITS:00558)%0a%0a!!!Version 2.2.0-beta37 (2007-03-16)%0a* Allow an optional space after comma separators in wildcard patterns (reported by Han Baas).%0a%0a!!!Version 2.2.0-beta36 (2007-03-16)%0a* Allow nested [[page text variables]] to work, remove extraneous ENT_NOQUOTES parameter.%0a* Add new [@(:template ...:)@] directives for pagelist templates.%0a* Modify count= option to pagelists to allow for alternate ranges.%0a%0a!!!Version 2.2.0-beta35 (2007-03-05)%0a* Fix bug in [[conditional markup]] parsing (reported by Christophe David).%0a%0a!!!Version 2.2.0-beta33, 2.2.0-beta34 (2007-03-01)%0a* Refactor wildcard handling into its own GlobToPCRE function.%0a* Allow negated wildcards for page variable filters in pagelists (PITS:00878, reported by Jiri)%0a* Fix wildcards so that spaces no longer separate patterns (use commas).%0a* Fix handling of '&' prior to [@(:input:)@] and other directives (reported by Luigi).%0a* Adjust position of [@%25define=...%25@] [[wiki styles]] to occur after ampersands.%0a* Adjust copyright dates on many files.%0a* Allow spaces around text variable names in [[page text variable(s)]] markups.%0a%0a!!! [[#beta32]] Version 2.2.0-beta32 (2007-02-28)%0a* Fix erroneous $EnableCreole item in docs/sample-config.php (reported by Sigurd).%0a* Added [@(:elseif:)@] and [@(:else:)@] markups (PITS:00787).%0a* Fix global $Skin variable handling when using SetSkin from within markup.%0a* Make sure directives aren't treated like [[page text variables]] (reported by Petko).%0a* Remove call to ResolvePageName() from authuser.php .%0a* Simplify [[PmWiki/AuthUser#LDAP|LDAP]] authentication for Active Directory sites.%0a* Cache lowercase/uppercase patterns in AsSpacedUTF8().%0a%0a!!!Version 2.2.0-beta31 (2007-02-11)%0a* Fix bug with sorting on [[pagelist variables]] (reported by Kathryn Andersen).%0a%0a!!!Version 2.2.0-beta29, 2.2.0-beta30 (2007-02-09)%0a* MakePageName now uses the first matching entry of $PagePathFmt as the home page of groups without a home page.%0a* Add AsSpacedUTF8() to handle title spacing in utf-8 (PITS:00875, contributed by Petko, Celok)%0a* Fix $RequestedPage when running with utf-8.%0a* Add %3cmeta> content-type tag for utf-8.%0a* Add an experimental caching system for pagelists.%0a* Fix $SuffixPattern and link suffixes for utf-8 (PITS:00881, reported by ppip).%0a%0a!!!Version 2.2.0-beta28 (2007-02-03)%0a* Update blocklist.php so that all posted fields are checked for block values (PITS:00850).%0a%0a!!!Version 2.2.0-beta27 (2007-01-25)%0a* Fix markup processing sequence for [@(:input default:), (:input select:)@], etc. (problem noted by Marc).%0a* Fix default value of [@order=@] parameter to MakePageList().%0a%0a[[#v22026]]%0a!!!Version 2.2.0-beta26 (2007-01-23)%0a* Fix a bug where pagelist list= option had no effect when reading from trails (from an rss problem noted by Russ Fink).%0a%0a[[#v22024]][[#v22025]]%0a!!!Version 2.2.0-beta24, 2.2.0-beta25 (2007-01-22)%0a* Add a scripts/creole.php module for Creole markup (http://www.wikicreole.org/).%0a* Move WikiWords out of the core defaults -- can be enabled via $EnableWikiWords.%0a* Fix handling of WikiWords following & or #, as in [=Æ and #FFFF00=] (reported by Moni Kellermann).%0a* Adjust FormatTableRow() to support Creole-style tables (using single |'s).%0a* Update docs/sample-config.php with new configurations and options.%0a* Added code to allow Abort() to refer to additional information on pmwiki.org.%0a* Added $EnableSkinDiag, which checks templates for required %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives.%0a* Removed deprecated $BasicLayoutVars support from skins.php.%0a%0a[[#v22022]][[#v22023]]%0a!!!Version 2.2.0-beta22, 2.2.0-beta23 (2007-01-17)%0a* Added $EnableActions, to allow pmwiki.php to be included without generating output (from a suggestion by Wouter Groeneveld).%0a* Fix bug in "order=" option to [@(:pagelist:)@] (reported by Mike Bishop).%0a* Change DisplayStopWatch() function to StopWatchHTML().%0a* Allow multiple lines for markup:, wiki:, and page: template directives (reported by Marc)%0a%0a[[#v22021]]%0a!!!Version 2.2.0-beta21 (2007-01-12)%0a* Fix %3cvspace> bug in searchresults output (PITS:00846, reported by M. Czaplinski, marc, and others).%0a* Fix numerous E_NOTICE warnings and incorrect constants (PITS:00853, contributed by AndrewFyfe).%0a%0a[[#v22020]]%0a!!!Version 2.2.0-beta20 (2007-01-11)%0a* $FeedPageListOpt needs to be declared global in feeds.php.%0a* Add "404 Not Found" status code to ?invalid page name aborts (PITS:00854, suggested by Athan).%0a* Remove stale entries from $PageExistsCache when a new PageStore is added (reported by Hans).%0a%0a[[#v22019]]%0a!!!Version 2.2.0-beta19 (2006-12-29)%0a* Have blocklist check $_POST['text'] only when it is set (from a report by Simon).%0a%0a!!!Version 2.2.0-beta18 (2006-12-28)%0a* Change $pagename parameter in UpdatePage() to be passed by reference (suggestion by J. Meijer).%0a* Fix $EnableRobotsCloakActions so that it works again with page variables.%0a* Add "XML Sitemaps" to $RobotPattern.%0a* Change $MetaRobots to return "nofollow,noindex" for non-existent pages.%0a* Prefer "404 Not Found" to "403 Forbidden" for [[(PmWiki:)robots]] attempting to do invalid actions on non-existent pages.%0a* Add rel='nofollow' to "create attachment" links.%0a* Added class='inputbox' to select boxes (suggested by Hans).%0a* Added .odt, .ods, and .odp file extensions to allowed [[uploads]] (suggested by Algis Kabaila, Robin Sheat, and others).%0a* Clean up some error warnings (PITS:00801, contributed by psvo).%0a* Set $ScriptUrl to 'https:' when accessed via SSL link (suggestions from C. Ridderström, H. Fox, PITS:00410, PITS:00527, PITS:00595).%0a* Fix bug in link= and trail= options to [@(:pagelist:)@] (reported by C. Ridderström).%0a%0a!!!Version 2.2.0-beta17 (2006-12-13)%0a* Fix spurious hidden field in [@(:searchbox:)@] output (reported by Hans).%0a* Fix $CaseConversions array for \xc4\xb1 and \xc5\xbf (reported by Petko Yotov).%0a* Refactor [@(:input:)@] markup handling.%0a* Add [@(:input select ...:)@] markup (PITS:00567).%0a* Add [@(:input default ...:)@] markup -- may change before 2.2.0 release.%0a* Add ability to set defaults for radio/checkbox/select controls.%0a%0a%0a!!!Version 2.2.0-beta16 (2006-11-10)%0a* Fix problem with [@(:e_preview:)@] directive when viewing an edit form (reported by Dominique Faure).%0a* Fix out-of-memory problem in scripts/compat1x.php when dealing with large pages to be converted (contributed by Donald Gordon).%0a* Fix problem of Variable: lines immediately followed by newline (reported by Hans).%0a* Fix uninitialized variable errors in FormatTableRow() (reported by Bob Sanders).%0a* Fix second argument of MakeBaseName() (provided by Stirling Westrup).%0a%0a!!!Version 2.2.0-beta15 (2006-10-16)%0a* Fix bug with displaying multi-line [@(:var:value:)@] [[page text variables]] (reported by Pico).%0a* Improve PageStore ls() method slightly, to restrict pagename searches to directories of a given depth (based on an issue reported by Chris Cox).%0a* Added $IsBlocked status variable to scripts/blocklist.php.%0a* Added $UnapprovedLink array to report unapproved links.%0a* Added $TimeISOFmt, $TimeISOZFmt, and $CurrentTimeISO variables.%0a* Switched scripts/feeds.php to use $TimeISOZFmt instead of $ISOTimeFmt.%0a* Added [@request=@] option to [@(:pagelist:)@], switched pagelist to default to not use url/form parameters.%0a* Fixed bug with array [@{$$options}@] in pagelist.%0a%0a!!!Version 2.2.0-beta14 (2006-10-06)%0a* Fix problem with extra parameter to mail when $NotifyParameters is empty (reported by Tom Lederer).%0a* Improve configurability of $SearchPatterns (from suggestions by Stirling Westrup).%0a* Add ability for $WikiWordCount to disable wikiword spacing (PITS:00327).%0a%0a!!!Version 2.2.0-beta13 (2006-10-04)%0a* Fix handling of angle brackets (and potential XSS) in pagelists combined with page text variables (noted by Pico).%0a%0a!!!Version 2.2.0-beta12 (2006-10-03)%0a* Added the UpdatePage() function into the core. %0a%0a!!!Version 2.2.0-beta11 (2006-10-03)%0a* Added ability to automatically create targets.%0a* Added sample code to docs/sample-config.php for automatic generation of Category.* pages.%0a* Fixed character escapes in pagelist [@{$$option}@] variables.%0a%0a!!!Version 2.2.0-beta10 (2006-10-02)%0a* Added [@{$$option}@] variables to get option values from [@(:pagelist:)@] (based on a recipe from Martin Fick).%0a* Changed [@{$PageCount}, {$GroupPageCount}, and {$GroupCount}@] to be [@{$$PageCount}, {$$GroupPageCount}, and {$$GroupCount}@].%0a* Added [@{$BaseName}@] page variable and $BaseNamePatterns.%0a%0a!!!Version 2.2.0-beta9 (2006-10-01)%0a* Fix bug with $EnablePageListProtect (reported by Brent Zupp).%0a* Added ability to select based on page variables in [@(:pagelist:)@].%0a%0a!!!Version 2.2.0-beta8 (2006-09-30)%0a* Update scripts/blocklist.php to check only $_POST['text'] instead of entire markup text.%0a* Fix bug in pagelist.php that wouldn't return correctly formatted array in certain circumstances (noted by Florian Fischer and JDem).%0a%0a!!!Version 2.2.0-beta7 (2006-09-30)%0a* Added scripts/blocklist.php to core.%0a* Updated handling of $PageTextVarPatterns.%0a* Eliminated need for extra flush() steps in notify.php, pagelist.php.%0a%0a!!!Version 2.2.0-beta6 (2006-09-27)%0a* Fix bug with initialization of $FeedPageListOpt in scripts/feeds.php (reported by Roman).%0a* Fix bug with over-eager [@(:textvar:value:)@] markup (from a bug reported by Chris Cox).%0a%0a!!!Version 2.2.0-beta4, 2.2.0-beta5 (2006-09-27)%0a* Fix bug with name= option in pagelist (reported by Ben Wilson).%0a* Fix bug with array_merge under PHP 5 (reported by Kathryn Andersen).%0a%0a!!!Version 2.2.0-beta3 (2006-09-26)%0a* Remove extra %3c!----> comment at end of table directives (noted by Ben Stallings).%0a* Fix directive form of page text variables (reported by Kathryn Andersen).%0a* Add first version of new modular pagelist code.%0a%0a!!!Version 2.2.0-beta2 (2006-09-25)%0a* Add support for [@{$:var}@] page text variables, and [@(:var:...:)@] markup.%0a* Fix default setting of $EnableRelativePageVars in docs/sample-config.php .%0a%0a!!!Version 2.2.0-beta1 (2006-09-25)%0a* Added [@{*$var}@] page variables (always the currently browsed page).%0a* Convert link and page variable handling in [=(:include:)=] to be relative to the included page.%0a* Added $EnableRelativePageVars and $EnableRelativePageLinks variables, as well as transition options.%0a* Added basepage= option to [=(:include:)=].%0a* Updated $GroupHeaderFmt and $GroupFooterFmt to use basepage= option.%0a* Adjusted $MakePageNamePatterns to automatically strip any #... or ?... from the end of a pagename input string (solution to a problem reported by J. Meijer).%0a%0a!!!Version 2.1.27 (2006-12-11)%0a* Backport in bug fix for TableRowFormat (from 2.2.0-beta16).%0a* Add support for [@{*$Variable}@] syntax (from 2.2.0 page variables).%0a%0a!!!Version 2.1.26 (2006-09-11)%0a* Fix a bug with variable referencing that caused feeds.php to get a confused PCache (reported by Helge Larsen).%0a%0a!!!Version 2.1.25 (2006-09-08)%0a* Fixed a bug in authuser.php that would fail if $AuthUser isn't defined (reported by Hans Huijgen).%0a* Added %3c!--XMLHeader--> and %3c!--XMLFooter--> aliases to %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives in skin templates (suggested by John Rankin).%0a* Added $PageExistsCache (suggested by John Rankin).%0a%0a!!!Version 2.1.24 (2006-09-06)%0a* Fixed a bug in authuser.php that had trouble dealing with non-array entries in $AuthUser (reported by Udo).%0a* Can now specify authorization groups using $AuthUser['@group'] entries.%0a* Can now specify an Apache .htgroup-formatted file for authorization groups via $AuthUser['htgroup'].%0a%0a!!!Versions 2.1.21, 2.1.22, 2.1.23 (2006-09-05, 2006-09-06)%0a* Close a potential security hole with $FarmD when register_globals is set "On".%0a* Correct a syntax error in feeds.php (noted by Ben Wilson).%0a* Fix a bug that prevented PmWiki from reading page files generated by versions prior to 0.5.6 (discovered by Milan Avramovic).%0a%0a!!!Version 2.1.20 (2006-09-04)%0a* Fixed a bug in [[PageDirectives#attachlist| [@(:attachlist:)@] ]] when passed a wikiword argument (reported by Kathryn Andersen).%0a* Changed $HTMLStylesFmt['markup'] to honor config.php setting (reported by Hans).%0a%0a!!!Version 2.1.19 (2006-08-30)%0a* Corrected a bug in the pageindex code that was causing the .pageindex to not update as quickly as it should.%0a* Slightly changed the handling of 'width' and 'height' in wikistyles.php, so that they can be be applied as attributes to %3cobject> and %3cembed> tags.%0a* Updated the Keep() function to recognize closing block tags as being in the 'B' block pool.%0a* Fixed a bug with wikistyles and form tags.%0a%0a!!!Version 2.1.18 (2006-08-28)%0a* Closed a potential cross-site scripting vulnerability in table markups (reported by JB).%0a* Added [@(:input image:)@] markup (requested by JB).%0a* Fixed problem with ?action=print failing to set [@{$Action}@] (reported by Bart).%0a%0a!!!Version 2.1.17 (2006-08-26)%0a* Added some improvements to IMS caching to better handle logout and authorization actions (PITS:00573, reported by floozy and Henrik Bechmann).%0a%0a!!!Version 2.1.16 (2006-08-26)%0a* Added $SkinLibDirs variable, to select filesystem and url locations where skins may be found (resolves PITS:00708, as reported by Hagan Fox, with additional suggestions from Ben Wilson).%0a* Changed [@%3c!--HeaderText-->@] to [@%3c!--HTMLHeader-->@] in skin templates, and added an optional [@%3c!--HTMLFooter-->@] directive (PITS:00767).%0a* Adjusted the pmwiki and print skins to use the new directives.%0a%0a!!!Version 2.1.15 (2006-08-25)%0a* Fixed issue dealing with order of [@@_site_*@] passwords (reported by Jean-Fabrice and others).%0a* Added $LocalDir variable (requested by John Rankin).%0a* Removed an unnecessary setting of $DefaultPage in ''scripts/pgcust.php'' (it's now handled by ResolvePageName() ).%0a* Added some variables and changes in wikistyles.php to better support wikipublisher (contributed by John Rankin).%0a* RetrieveAuthPage (PmWikiAuth) now recognizes a $level of 'ALWAYS' as indicating that access should always be allowed, regardless of current passwords or identities.%0a* Added filter specifier for AuthUser LDAP authentication (contributed by Balu).%0a%0a!!!Version 2.1.13, 2.1.14 (2006-08-15, 2006-08-16)%0a* Updated scripts/authuser.php to allow ldaps://... authentications (contributed by Michael Brenner).%0a* Fixed problem with numeric passwords introduced in 2.1.beta20 (reported by Christophe David and Dirk Blaas).%0a%0a!!!Version 2.1.12 (2006-08-07)%0a* Corrected typo in Site.SideBar file (reported by Judith Zacharie).%0a* Suppressed warning message for search on sites without a wikilib.d/ directory.%0a* Added capability for nested divs.%0a* Use $Transition['nodivnest'] to restore previous non-nesting div/table behavior.%0a* Including authuser.php now automatically resolves pagename.%0a* Added [@(:noaction:)@] directive to turn off actions.%0a* Fixed bug in wikistyles prior to image blocks.%0a* Added white-space as allowed wikistyle (suggested by C. Ridderström).%0a* Allow colons, hyphens, and dots in id= tags.%0a%0a!!!Version 2.1.11 (2006-06-09)%0a* Fixed generation of empty paragraphs around [@%25define=...%25@] wikistyles (PITS:00753).%0a%0a!!!Version 2.1.10 (2006-06-04)%0a* Added a %3cspan> around the RecentChanges link in the pmwiki skin (PITS:00750, suggested by Hagan Fox).%0a* Changed the $Action variable to $ActionTitle (PITS:00749, reported by Hagan Fox).%0a* Changed $FPLTemplatePageFmt to be an array of pages to be searched for page templates, enabled searching of current page and Site.LocalTemplates page.%0a* Updated .vspace margin in sidebar for pmwiki skin (PITS:00751, by Hagan Fox).%0a%0a%0a!!!Version 2.1.9 (2006-06-02)%0a* Fixed a bug with [@[[~Author]]@] links (PITS:00530 reported by Klonk, PITS:00611 reported by weijang, PITS:00671 reported by Stirling Westrup, and helpful clues provided by Clayton Curtis).%0a%0a!!!Version 2.1.8 (2006-06-01)%0a* Added ability to specify notification entries from ''local/config.php'' as well as Site.Notify (suggested by Christophe David).%0a* Fixed $Transition['vspace'] from 2.1.7.%0a%0a!!!Version 2.1.7 (2006-05-31)%0a* Adjusted width of edit form for IE browsers (contributed by Roman and H. Fox).%0a* Suppress authentication failure error from LDAP (PITS:00739).%0a* Fixed problem with invalid page names resulting in redirect loop (PITS:00723, reported by jojoo).%0a* Added "Group." and "Group/" page name syntax, resolving PITS:00736 (from a suggestion by Pico).%0a* Changed handling of "vspace" paragraphs.%0a* Fixed some XSS vulnerabilities in uploads.php and url links (reported by Moritz Naumann, http://moritz-naumann.com).%0a* Added notify.php script, allowing finer control of email notifications.%0a%0a!!!Version 2.1.6 (2006-05-22)%0a* Optimized performance of urlapprove.php.%0a* Added [@(:if auth xyz PageName:)@] syntax.%0a* Corrected XSS bug in trails.php.%0a* Slightly improved performance of free links.%0a* Restore ability to use hyphens in InterMap links (reported by Henrik Bechmann).%0a%0a!!!Version 2.1.4, 2.1.5 (2006-03-29)%0a* Fixed problem with pagelist-based feeds (PITS:00709, reported by Jon Haupt).%0a* Added [@{$Action}@] page variable. (PITS:00696, reported by Sebastian Pipping).%0a* Added stripmagic() around variables submitted to authuser.php.%0a* Fixed problem with multi-term searches containing special characters (PITS:00713, reported by Leo).%0a* Switched [[PageDirectives#attachlist| [@(:attachlist:)@] ]] to use a natural case sort (suggested by H. Fox).%0a%0a!!!Version 2.1.3 (2006-03-17)%0a* Re-fixed problem with PHP 5.1.1 and lines= option to [@(:include:)@] (PITS:00620).%0a* Fixed empty LDAP password issue (reported by Thomas Lederer).%0a%0a!!!Version 2.1.2 (2006-03-16)%0a* Fixed %3ch1>/%3ch2> tag mismatches (PITS:00702, reported by Martin Hason).%0a* Fixed bug with $AllowPassword and "nopass" (reported by M. Weiner and bram brambring).%0a* Improved the speed of RSS and other web feeds when $EnablePageListProtect is not set.%0a%0a!!!Version 2.1.1 (2006-03-13)%0a* Fixed a bug with multiple authorization groups as a password (PITS:00699, reported by Ari Epstein).%0a* Updated the authorization code to be a bit more liberal with password/group settings.%0a* Updated PmWiki.FAQ page to be able to grab FAQ items from other pages in the documentation.%0a%0a!!Version 2.1.0 (2006-03-12)%0a* Many many documentation updates (special thanks to many authors).%0a* Allow trailing underscores in upload names (requested by Hans).%0a* Fixed 'ak_print' problem causing accesskey='a' for print (noted by Pico).%0a* Added code to make sure each anchor is generated only once per page (for XHTML validity).%0a* Added a $BlockPattern variable to recognize block HTML tags.%0a* Made an adjustment to Keep() so that it places strings with block HTML into the 'B' pool.%0a* Adjusted stdmarkup.php to not produce paragraphs for keep blocks in the 'B' pool.%0a* Corrected a variety of i18n phrases.%0a* Added class='escaped' to distinguish [=@@...@@=] from [=[@...@]=] (from a comment by Hans).%0a* Slightly changed styling of .faq divs.%0a* Made the edit textarea a couple of rows smaller to better fit on smaller displays (suggested by H. Fox).%0a----%0a[[(PmWiki:)ChangeLog Archive]] - changes prior to version 2.1.0. -time=1409602731 +text=(:Summary: Log of changes made to PmWiki by [[Release(Notes)]]:)%0aSee [[Cookbook:RecentChanges | the cookbook recent changes page]] for additional updates and activity by other developers, or join the [[PmWiki (/) mailing lists]] to discuss feature development with us.%0a%0a(:comment Changes made to the [[PmWiki:Subversion | subversion pre-release ]] of PmWiki.:)%0a%0a!!! Version 2.2.69 (2014-10-13) [[#v2269]]%0a* Fix DRange() for ISO-8601 dates +/- X days.%0a* Update documentation.%0a%0a!!! Version 2.2.68 (2014-09-01) [[#v2268]]%0a* Add Skins: InterMap prefix.%0a* Add signature to EditQuickReference (PITS:01350).%0a* Allow $PostConfig entries to be launched after per-page customization, before other stdconfig.php inclusions if values%3c50.%0a* Add [[WikiStyles]] clear, min and max width and height (PITS:00860), fix [=%25p class=...%25=] with more than one space.%0a* Update documentation.%0a%0a!!! Version 2.2.67 (2014-08-02) [[#v2267]]%0a* Fix InputDefault/PageTextVariables inconsistency (PITS:01337).%0a* Update documentation.%0a%0a!!! Version 2.2.66 (2014-07-02) [[#v2266]]%0a* Fix Author in Notifcations when deleting pages (PITS:01112).%0a* Exclude "_" to be considered as a function name in various $*Patterns.%0a* Update documentation.%0a%0a!!! [[#v2265]] Version 2.2.65 (2014-06-07)%0a* Fix [={$$PseudoVars}=] containing [={*$PageVars}=] in Pagelist Templates.%0a* Fix wording in scripts/.htaccess (PITS:01345).%0a* Fix fixperms() if directory owner is root (PITS:01346).%0a* Update documentation.%0a%0a!!! [[#v2264]] Version 2.2.64 (2014-05-08)%0a* Add [={(mod)}=] [[PmWiki/MarkupExpressions | markup expression]].%0a* Add tel: and geo: [[PmWiki/LinkSchemes | URI schemes]].%0a* Add $SysMergePassthru to allow Merge() to use passthru() instead of popen().%0a* Update documentation.%0a%0a!!! [[#v2263]] Version 2.2.63 (2014-04-05)%0a* Allow [[PmWiki/Forms | form]] elements to have a dash in the attribute names.%0a* Strip magic slashes for pagelist/search request vars.%0a* Allow input attributes readonly, placeholder and autocomplete for HTML5 sites.%0a* Update documentation.%0a%0a!!! [[#v2262]] Version 2.2.62 (2014-02-28)%0a* Add $CallbackFnTemplates["return"].%0a* Add 4th argument to Markup_e() - $template.%0a* Add $EnableTableAutoValignTop.%0a* Update documentation.%0a%0a!!! [[#v2261]] Version 2.2.61 (2014-01-31)%0a* Add $TableCellAlignFmt.%0a* Remove unused snippet in prefs.php (reported by Oliver Betz).%0a* Remove unused calls to PSS() (reported by John Rankin).%0a* Update documentation.%0a%0a!!! [[#v2260]] Version 2.2.60 (2014-01-12)%0a* Revert to previous pmwiki.css file.%0a%0a!!! [[#v2259]] Version 2.2.59 (2014-01-11)%0a* Fix checking multiple posted fields in blocklist.php (reported by Randy Brown).%0a* Allow Markup_e() to accept a callback as well as code.%0a* Fix "+" shortcut for internal anchor links.%0a* Disable HTML cache if count($_GET)>1 not >2 (PITS:01278).%0a* Fix query string if a "?" is encoded to uppercase "%253F".%0a* Replace CSS font sizes from points (fixed) to percents (relative) for the default skin.%0a* Fix nested conditionals containing $pagename (reported by Benjamin Grassineau).%0a* Update documentation.%0a%0a!!! [[#v2258]] Version 2.2.58 (2013-12-25)%0a* Allow $LinkUpload to be usable in [=(:attachlist:)=].%0a* Enable customizations of [=(:input auth_form:)=].%0a* Remove unused variable $Block in FormatTableRow(), reported by Klonk.%0a* Fix $EnableBlocklistImmediate to check all posted fields for blocked terms.%0a* Add $GLOBALS['MarkupToHTML'] to pass parameters such as $pagename to markup calls.%0a* Update documentation.%0a%0a!!! [[#v2257]] Version 2.2.57 (2013-11-03)%0a* Encode international character used for detection of a recode function.%0a* Enable $IMapLinkFmt['Attach:'] to be used in [[PmWiki/PageDirectives#attachlist|[=(:attachlist:)=]]] links.%0a* Add $MakePageNameSplitPattern.%0a* Update documentation.%0a%0a!!! [[#v2256]] Version 2.2.56 (2013-09-30)%0a* Work in progress to remove the core dependency of the deprecated "eval" feature of the preg_replace() function (PITS:01319).%0a* Add functions PCCF(), PPRE(), PPRA(), Markup_e(), migrating all core calls to these functions.%0a* Fix detection of proper PageStore->recodefn.%0a* Update documentation.%0a%0a%0a!!! [[#v2255]] Version 2.2.55 (2013-09-16)%0a* Add $EnableDraftAtomicDiff (PITS:01007).%0a* Update documentation.%0a%0a!!! [[#v2254]] Version 2.2.54 (2013-08-13)%0a* Fix broken page history for draft pages, reported by ChuckG.%0a* Update documentation.%0a%0a!!! [[#v2253]] Version 2.2.53 (2013-07-08)%0a* Show a message when the post has been blocked because of too many unapproved links.%0a* Update documentation.%0a%0a!!! [[#v2252]] Version 2.2.52 (2013-06-08)%0a* Add docx, pptx, xlsx upload extentions.%0a* Hide E_DEPRECATED warnings for PHP 5.5.%0a* Update documentation.%0a%0a!!! [[#v2251]] Version 2.2.51 (2013-05-08)%0a* Update url to MoinMoin's blocklist.%0a* Comment-out blacklist.chongqed.org as the domain appears to have expired.%0a* Fix possible XSS vulnerability in prefs.php, discovered today.%0a* Fix access keys to be a single character.%0a* Fix $AuthorPage if there is a group named the same as the author (PITS:01259).%0a* Update documentation.%0a%0a!!! [[#v2250]] Version 2.2.50 (2013-04-08)%0a* Update documentation.%0a%0a!!! [[#v2249]] Version 2.2.49 (2013-03-09)%0a* Add $UploadBlacklist array.%0a* Update documentation.%0a%0a!!! [[#v2248]] Version 2.2.48 (2013-02-11)%0a* Fix bug introduced yesterday with some links, reported by Michael Weiner (PITS:01308).%0a%0a!!! [[#v2247]] Version 2.2.47 (2013-02-10)%0a* Enable tooltip titles for links to anchors on the same page.%0a* Update documentation.%0a%0a!!! [[#v2246]] Version 2.2.46 (2013-01-07)%0a* Add third parameter to fixperms() explicitly setting the permissions.%0a* Add $UploadPermAdd and $UploadPermSet variables.%0a* Update documentation.%0a%0a!!! [[#v2245]] Version 2.2.45 (2012-12-02)%0a* Cleanup some PHP notices (PITS:01304).%0a* Update documentation.%0a%0a!!! [[#v2244]] Version 2.2.44 (2012-10-21)%0a* Better display of whitespace in page histories.%0a* Fix definition for PageTextVariables containing a dash (PITS:00978).%0a* Update documentation.%0a%0a!!! [[#v2243]] Version 2.2.43 (2012-09-20)%0a* Allow for HTML attribute names to contain dashes, eg. data-transition, data-role etc.%0a* Remove warning when previewing Site.EditForm.%0a* Update documentation.%0a%0a!!! [[#v2242]] Version 2.2.42 (2012-08-20)%0a* Convert the line-endings in the docs/ directory to \r\n compatible with Windows.%0a* Modify PHSC() to call htmlspecialchars() with a single-byte encoding argument.%0a* Update documentation.%0a%0a!!! [[#v2241]] Version 2.2.41 (2012-08-12)%0a* Change $KeepToken to "\034\034" which is compatible with more encodings.%0a* Update documentation.%0a%0a!!! [[#v2240]] Version 2.2.40 (2012-07-21)%0a* Add PHSC() helper function as a replacement of htmlspecialchars() for PHP 5.4 (PITS:01292).%0a* Update documentation.%0a%0a!!! [[#v2239]] Version 2.2.39 (2012-06-25)%0a* Fix URL encoding of attachment links.%0a* Update documentation.%0a%0a!!! [[#v2238]] Version 2.2.38 (2012-05-21)%0a* Fix "Wrong parameter count for utf8_decode" warning, reported by Simon.%0a* Update documentation.%0a%0a!!! [[#v2237]] Version 2.2.37 (2012-05-01)%0a* Add page filename encoding functions.%0a* Better handling of dots in [@[[#anchor_1.2]]@] sections (PITS:01285).%0a* Expand PageVariables in PageList template defaults (PITS:01282).%0a* Add test for iconv() and mb_convert_encoding(), refactor recode().%0a* Update documentation.%0a%0a!!! [[#v2236]] Version 2.2.36 (2011-12-28)%0a* Add $EnableOldCharset variable and $page["=oldcharset"] entry.%0a* Refactor PageStore->recode() to recover Windows-1252 characters.%0a* Add exit line to xlpage-iso-8859-2.php (PITS:01275).%0a* Fix difference in defining and removing "invisible" PTVs.%0a* Update documentation.%0a%0a!!! [[#v2235]] Version 2.2.35 (2011-11-11)%0a* Fix critical PHP injection vulnerability (PITS:01271, reported by Egidio Romano).%0a* Important change: Disable script loading from XLPage().%0a* Move the processing of [@[[link|+]]@] inside LinkPage() and delete markup rule from stdmarkup.php.%0a* Modify MakeLink() to better handle link titles.%0a* Add optional $LinkTitleFunction allowing recipes to customize the link titles.%0a* Fix ReadTrail() to better handle links with titles.%0a* Add title attributes for the HTML templates in the @@ $LinkPage*Fmt @@ variables.%0a* Add upload extensions svg, xcf, ogg, flac, ogv, mp4, webm, odg, epub.%0a* Minor optimization for the MarkupExpressions for UTF-8 strings.%0a* Minor optimization of the rendering of page history.%0a%0a!!! [[#v2234]] Version 2.2.34 (2011-10-10)%0a* Add [[PmWiki/MarkupExpressions]] replacements for UTF-8.%0a* Reset timestamps of Site(Admin).AuthUser to 1000000000, used in upgrades.php.%0a* Update documentation.%0a%0a!!! [[#v2233]] Version 2.2.33 (2011-09-23)%0a* Fix locked states for Site and SiteAdmin GroupAttributes (reported by Brijesh Kothari).%0a* Fix intermap.txt entries PITS: and Wikipedia: to point to their current locations.%0a* Fix refcount.php to produce valid HTML (PITS:01266).%0a%0a!!! [[#v2232]] Version 2.2.32 (2011-09-18)%0a* Add required html xmlns attribute to the print skin template.%0a* Add PageStore->recode() function.%0a* Add $DefaultPageCharset array.%0a* Optimize for speed the inline diff for page history when too many lines were added or deleted.%0a* Update and convert to UTF-8 the documentation.%0a%0a%25note%25 Note: Due to a manipulation error, a version 2.2.31 was created before it was ready for a release.%0a%0a!!! [[#v2230]] Version 2.2.30 (2011-08-13)%0a* Fix $Charset definition in iso-8859-*.php files.%0a* Add $EnableRangeMatchUTF8, set it to 1 to enable range matches in UTF-8.%0a* Update documentation.%0a%0a!!! [[#v2229]] Version 2.2.29 (2011-07-24)%0a* Fix Attach links that were broken with the Path fix in 2.2.28.%0a* Add $IMapLocalPath array containing InterMap prefixes that should be treated as local.%0a%0a!!! [[#v2228]] Version 2.2.28 (2011-07-24)%0a* Fix potential XSS vulnerability in refcount.php (PITS:01262).%0a* Fix bug in Path: links (PITS:01260).%0a* Fix potential XSS vulnerability in custom SitePreferences (PITS:01263).%0a* Update documentation.%0a%0a!!! [[#v2227]] Version 2.2.27 (2011-06-19)%0a* Add block WikiStyle [=%25justify%25=] (PITS:01253).%0a* Remove unused %3cvspace> after a redirection (PITS:01255).%0a* Add ?nodiff=1 parameter for page history to disable diff rendering and show only restore links.%0a* Update documentation.%0a%0a!!! [[#v2226]] Version 2.2.26 (2011-05-21)%0a* Fix ReadTrail(), redundant replacing of hashes, already done in MakePageName().%0a* Update documentation.%0a%0a!!! [[#v2225]] Version 2.2.25 (2011-03-22)%0a* Update documentation.%0a%0a!!! [[#v2224]] Version 2.2.24 (2011-02-15)%0a* Add [@{$$PageTrailDepth}@] pseudovariable for pagelist templates.%0a* Fix PageVar(), add $authpage array for an authenticated page data, removed $EnablePageVarAuth.%0a* Update documentation.%0a%0a!!! [[#v2223]] Version 2.2.23 (2011-01-25)%0a* Default $EnablePageVarAuth to 0 until the resolution of PITS:01242.%0a%0a!!! [[#v2222]] Version 2.2.22 (2011-01-16)%0a* Add $EnableXLPageScriptLoad to XLPage() to prevent editors from changing the encoding.%0a* PageVariables now respect authentications (PITS:01213).%0a* Add $EnablePageVarAuth.%0a* Update documentation.%0a%0a!!! [[#v2221]] Version 2.2.21 (2010-12-14)%0a* Fix potential XSS vulnerability, reported by DFaure.%0a* Fix invalid HTML for simple table captions, reported by JL.%0a* Fix WikiStyles could work not properly if a value was empty like accesskey="".%0a%0a!!! [[#v2220]] Version 2.2.20 (2010-12-14)%0a* Fix Pagelist [={$$variable}=] didn't work in template none (PITS:01212).%0a* Fix interface access keys in browse mode (PITS:01188).%0a* Add PmL10n: intermap prefix for the Localization/ group on pmwiki.org (PITS:01180).%0a* Fix AuthUser excluding members didn't work (PITS:01201).%0a* Update documentation.%0a%0a!!! [[#v2219]] Version 2.2.19 (2010-11-10)%0a* Update documentation.%0a%0a!!! [[#v2218]] Version 2.2.18 (2010-09-04)%0a* Fix $SaveAttrPatterns to skip nested conditionals (reported by RandyB).%0a* Fix RecentChanges when an edit summary contains the dollar sign (PITS:01217).%0a* Fix RDF feed number of elements (PITS:01198).%0a* Update documentation.%0a%0a!!! [[#v2217]] Version 2.2.17 (2010-06-20)%0a* Add tabindex as a valid form attribute (PITS:01190).%0a* Collapse adjacent insertions in DiffRenderSource (PITS:01192).%0a* Fix HandleDownload to flush() output before exit (PITS:01199).%0a* Fix HandleDownload to respect $EnableIMSCaching (PITS:01191).%0a* Add $PostConfig functions and scripts, loaded after stdconfig.php (PITS:01132).%0a* Add $AuthUserPat variable for the regexp pattern in AuthUserId() (PITS:01202).%0a* Pass $authlist as last parameter to $AuthUserFunctions (PITS:01197).%0a* Fix "exists" conditional to work with old link markup.%0a* Update documentation.%0a%0a!!! [[#v2216]] Version 2.2.16 (2010-05-10)%0a* Allow "exists" conditional to accept wildcards (PITS:01184)%0a* Fix GUI button [=%25center%25=] which didn't work correctly.%0a* Fix incorrectly parsed quote in PQA(), possible script injection (discovered by Hanno Boeck).%0a%0a!!! [[#v2215]] Version 2.2.15 (2010-03-27)%0a* Add @@ (Auth|Edit)Form @@ to auto-translated titles.%0a* Fix [@ (:if auth LEVEL:) @] to respect $HandleAuth (PITS:01164).%0a* Skip loading of the second half of draft.php if $action!="edit".%0a* Fix bug with [@ (:template none:) @] introduced in 2.2.14, reported by Holger.%0a* Fix HandleDownload() to use binary file-read.%0a%0a!!! [[#v2214]] Version 2.2.14 (2010-02-27)%0a* Fix inline styles in WikiTrails (PITS:01121).%0a* Add a negation parameter to pagelist first/last templates (PITS:01127).%0a* Refactor FPLTemplateFormat(), move repeated code blocks into FPLExpandItemVars().%0a* Add $EnableUndefinedTemplateVars allowing to hide or show undefined template/include [={$$variables}=] (PITS:01152).%0a* Add "title" attribute to external links (PITS:00657).%0a* Add FmtPageTitle() to allow automatic i18n titles for RecentChanges and other technical pages (PITS:01157).%0a* Update documentation.%0a%0a!!! [[#v2213]] Version 2.2.13 (2010-02-21)%0a* Replace deprecated in PHP 5.3 function split() with explode().%0a* Add $WordDiffFunction default to PHPDiff().%0a* Use existing border colors as highlighting background.%0a* Refactor/optimize DiffRenderSource(), merge with DiffRenderInline().%0a* Change default history to show word-level highlighting.%0a* Fix bug with $DiffKeepNum which kept less revisions than it should.%0a* Fix RetrieveAuthPage() call from HandleDiff().%0a* Update documentation.%0a%0a!!! [[#v2212]] Version 2.2.12 (2010-02-17)%0a* Allow a custom $DiffHTMLFunction to skip the line rendering if it returns false.%0a* Add $EnableDiffInline, simple word-level diffs (PITS:00571).%0a* Update documentation.%0a%0a!!! [[#v2211]] Version 2.2.11 (2010-02-14)%0a* Break PrintDiff() into customizable functions (PITS:01106).%0a* Add anchors to individual diffs (PITS:00796).%0a* Remove unused $RecipeInfo definition in markupexpr.php (reported by P.Bowers).%0a* Add [=(:head:) and (:headnr:)=] table directives (PITS:00535).%0a* Fix $GroupPattern and $NamePattern in xlpage-utf-8.php.%0a* Update documentation.%0a%0a!!! [[#v229]] [[#v2210]] Version 2.2.9, 2.2.10 (2010-01-17)%0a* Fix i18n string in PasswdVar(), reported by SteP.%0a* Fix sample-config.php with correct information about $EnableWSPre (PITS:01145).%0a* Fix range searches for wikis in UTF-8 (reported by Maxim).%0a* Fix global variable $StringFolding in scripts/xlpage-utf-8.php.%0a* Fix markup for italics in creole.php.%0a* Fix previews for PTVs, Pagelist templates and included sections (PITS:01098).%0a* Add $DiffKeepNum - number of revisions kept, even if older than $DiffKeepDays.%0a* Add Yandex to robots.php.%0a* Change default $EnableRelativePageVars to 1 (PITS:01145).%0a* Add fifth parameter to SetProperty() : keep existing property.%0a* Add $EnablePageTitlePriority (PITS:00266, PITS:00779).%0a* Update documentation.%0a%0a!!! [[#v228]] Version 2.2.8 (2009-12-07)%0a* Fix apostrophes in Author field (PITS:01155).%0a* Fix Condition "exists" for PHP 5.3 (PITS:01156).%0a* Update documentation.%0a%0a!!! [[#v227]] Version 2.2.7 (2009-11-08)%0a* Fix GlobToPCRE() to work with !excl and -excl with PHP 5.3 (PITS:01149).%0a* Fix HandleDownload() correctly quote the filenames (PITS:01150).%0a* Fix SessionAuth() for PHP 5.3, the $_REQUEST array doesn't contain the $_COOKIE array (PITS:01141).%0a* Fix default timezone for PHP 5.3 (PITS:01141).%0a* Update documentation.%0a%0a!!! [[#v226]] Version 2.2.6 (2009-10-04)%0a* Escape apostrophes for multiline textarea/hidden form fields.%0a* Fix global unset of $MarkupRules in [[PmWiki/CustomMarkup|Markup()]] and DisableMarkup(), reported by D.Faure.%0a* Fix call to BuildMarkupRules() in MarkupToHTML(), suggested by Pm.%0a* Allow disabling of $PageListFilters and $FPLTemplateFunctions if set to -1 and thus allow replacing a core function with a custom one.%0a* Fix DRange() returned timestamps +1min or +1day when it shouldn't (PITS:01125).%0a* Add $MarkupWordwrapFunction to allow custom [@(:markup:)@] line width for multibyte wikis (PITS:00703).%0a* Add $MakeUploadNamePatterns to allow custom filename normalization for uploads.%0a* Add a fourth argument to PostRecentChanges() to allow this function to be called with a custom $RecentChangesFmt array.%0a* Add $RecentUploadsFmt, to allow logging of new uploads to the RecentChanges pages (PITS:00088).%0a* Fix Notify for some installations in safe_mode (PITS:00976).%0a* Add $HTMLHeaderFmt['guiedit'] variable in guiedit.php to allow customization (PITS:01146).%0a* Update documentation.%0a%0a!!! [[#v225]] Version 2.2.5 (2009-08-25)%0a* Add *.7z as accepted upload extension (PITS:00813).%0a* Fix global variable $HandleAttrFmt in HandleAttr (PITS:01126).%0a* Allow brackets in input element names (PITS:01131).%0a* Fix CSS class applied twice (PITS:01071).%0a* Fix Not-Modified headers could prevent caching (PITS:00802).%0a* Break FPLTemplate() into configurable sub-parts (PITS:01102).%0a* Add [@(:template none:)@] section for Pagelist templates.%0a* Fix attr-protected page could be deleted with edit permissions (PITS:00238).%0a* Update documentation.%0a%0a!!! [[#v224]] Version 2.2.4 (2009-07-16)%0a* Fix bug with page attributes, which somehow didn't make it in the 2.2.3 release.%0a* Fix bug with HTML entities in XLPages introduced earlier today in 2.2.3 (reverted, PITS:01114).%0a%0a!!! [[#v223]] Version 2.2.3 (2009-07-16)%0a* Fix action=logout could incorrectly set a session cookie (PITS:01062).%0a* Fix page history trim in vardoc.php (PITS:01103).%0a* Add $EnableUploadGroupAuth, use group password for downloads (PITS:01104).%0a* Fix recursive PTV loops, added $MaxPageTextVars (PITS:00915, PITS:01099).%0a* Fix mkdirp() messages for absolute paths (PITS:00396).%0a* Fix sample-config.php order for urlapprove.php (PITS:01037).%0a* Fix broken signature links on preview.%0a* Fix crypt.php (action=crypt) could malfunction for passwords with quotes or apostrophes.%0a* Fix @@ @_site_*@@ passwords to work in GroupAttributes (PITS:00836, PITS:00998).%0a* Fix possible XSS vulnerabilities, reported by Michael Engelke.%0a* Update documentation.%0a%0a!!! [[#v222]] Version 2.2.2 (2009-06-21)%0a* Fix class in pages not on the breadcrumbs trail, reported by Ed W.%0a* Fix @@tabindex@@ and @@onclick@@ to guiedit buttons.%0a* Fix $GroupPrintHeaderFmt in print.php (PITS:01073).%0a* Fix global vars in xlpage-utf-8.php (PITS:00980).%0a* Fix $txt in LinkPage (reported by Eemeli Aro).%0a* Add $EnableNotifySubjectEncode for international wikis (Cookbook:UTF-8).%0a* Fix international message in Abort().%0a* Fix security bug with AuthUser, reported by Eemeli Aro. See [[Release notes]].%0a* Fix $ActionTitleFmt for login and upload, reported by Eemeli Aro.%0a%0a!!! [[#v221]] Version 2.2.1 (2009-03-28)%0a* Fix $FPLTemplateMarkupFunction which somehow didn't get in the 2.2.0 archive.%0a* Fix wikitrails to work cross-group (PITS:00407).%0a* Add $EnableRedirectQuiet variable (PITS:00919).%0a* Fix [={$Title}=] could display global variables (reported by HansB).%0a* Fix reloaded form submissions could lose values (reported by DaveG).%0a* Fix preview while restoring a version from history (PITS:01081).%0a* Fix relative links with international characters (reported by G. Hermanowicz).%0a* Add in sample-config.php example call to xlpage-utf-8.php (PITS:01066).%0a* Update documentation.%0a* Fix guiedit.php to produce valid HTML.%0a%0a!! [[#v220]] Version 2.2.0 (2009-01-18)%0a* Convert beta series to official release series.%0a* Add $FPLTemplateMarkupFunction (PITS:00984, requested by John Rankin).%0a%0a!!! [[#beta68]] Version 2.2.0-beta68 (2008-08-14)%0a* Fix E_NOTICE errors reported by Dominique Faure.%0a* Enable [@(:redirect:)@] directives in pagelists.%0a%0a!!! [[#beta67]] Version 2.2.0-beta67 (2008-07-13)%0a* Add [={$LastModifiedTime}=] page variable.%0a* Add $EnableSessionPasswords variable to control session password usage.%0a* Add $SessionEncode and $SessionDecode variables to specify functions for encoding/decoding sensitive session data.%0a* Updated httpauth.php to use SessionAuth instead of poking in session guts directly.%0a%0a!!! [[#beta66]] Version 2.2.0-beta66 (2008-07-04)%0a* Add content-type/charset to Abort() output (suggested by Petko).%0a* Close minor XSS vulnerability (PITS:01030).%0a* Add "nested if" capability.%0a* Fix bug in $Transition handling that would enable all transitions if any were set (reported by John Rankin).%0a %0a%0a!!! [[#beta65]] Version 2.2.0-beta65 (2007-11-17)%0a* Fix SiteAdmin.AuthList so that it defaults to list=all (reported by Roman).%0a* Fix pmwiki skin to include xmlns= attribute in %3chtml> tag (PITS:00989, reported by Mateusz Czaplinski and Petko Yotov).%0a%0a!!! [[#beta64]] Version 2.2.0-beta64 (2007-11-13)%0a* Add times to PmWiki date parsing (e.g., 2007-08-09T12:22:04).%0a* Suppress warning from ini_set in diag.php (suggested by Petko).%0a* Fix handling of -> links in trails (reported by Eemeli Aro).%0a* Add .kml and .kmz as valid attachment types. %0a* Fix handling of [=&=] in markup (PITS:00988, reported by Stirling Westrup).%0a* Fix duplication of language markers in $XLLangs (PITS:00987, reported by Stirling Westrup).%0a* Correct typo in DRange() call in stdmarkup.php (reported by Stirling Westrup).%0a* Turn on error displays when diagnostics are enabled.%0a* Default PHP's pcre.backtrack_limit to at least 1000000.%0a%0a!!! [[#beta63]] Version 2.2.0-beta63 (2007-07-31)%0a* Added $SkinDirectivesPattern to allow adjustments to available skin directives (requested by Petko).%0a* Fix default permissions on Site.AuthUser and Site.AuthList (reported by Scott Connard).%0a* Add "monospace" to pmwiki.css default (reported by Joshua Timberman, with assistance from H. Fox)%0a* Fix problem with slashes in wildcards to name= and group= parameters (reported by Ian MacGregor).%0a%0a!!! Version 2.2.0-beta62 (2007-07-21)%0a* Fix bug in trails introduced by beta61 (reported by charlequin).%0a%0a!!! Version 2.2.0-beta61 (2007-07-19)%0a* Add ability to grab trails by section.%0a* Add an "ontrail" condition (from suggestions by charlequin).%0a%0a!!!Version 2.2.0-beta59, 2.2.0-beta60 (2007-07-18)%0a* Fix problem with upgrade.php on [[wiki farms]] (reported by Scott Connard).%0a* Fix problem with distributed version of Site.AuthUser (reported by Jon Haupt).%0a%0a!!!Version 2.2.0-beta58 (2007-07-17)%0a* Significant change: Site.AuthUser, Site.Blocklist, Site.ApprovedUrls, and Site.NotifyList now appear in the [[SiteAdmin]] group by default.%0a** Note: if you limit groups by setting $GroupPattern, you now need to include SiteAdmin (see [[Cookbook:LimitWikiGroups]])%0a* Abort if ldap: authentication requested and libraries aren't present.%0a* Added "upgrades.php" script to handle various migration issues.%0a* Current PmWiki [[version]] is now held in [[SiteAdmin.Status]] .%0a* Fix ?action=postupload to follow ?action=upload settings.%0a* Improvements to [[SiteAdmin.AuthList]] page (suggestions and fixes from Ian MacGregor).%0a* Allow leading underscores in attachment names (requested by Christophe David).%0a%0a!!!Version 2.2.0-beta57 (2007-06-15)%0a* Fix AsSpacedUTF8() to work like AsSpaced() (reported by Petko).%0a* Qualify page links that contain parentheses (reported by Petko).%0a* Fix bug in [@(:input default $:var ... :)@] (reported by Crisses).%0a%0a!!!Version 2.2.0-beta56 (2007-06-13)%0a* Fix AsSpaced() to not add spaces before leading digit, and treat hyphenated digits as complete numbers.%0a* Fix infinite recursion in self-referencing [[page text variables]] (PITS:00915).%0a* Fix bug introduced in beta55 not handling end [[links|anchors]] correctly (reported by Roman).%0a%0a!!!Version 2.2.0-beta55 (2007-06-11)%0a* Fix attributes to [@(:input e_form:)@] (PITS:00387, re-reported by Crisses).%0a* UpdatePage() now calls StopWatch() to record posting.%0a* Display stopwatch output as part of redirect.%0a* Fix [[wiki styles]] bug when $EnableLinkPageRelative is set (reported by Petko).%0a* Revise TextSection() code to hopefully avoid %25newwin%25[[http://pcre.org/|pcre]] limits (reported by Kathryn Andersen, Knut Alboldt).%0a* Add wrap=inline and wrap=none options to [[page list(s#pagelistwrap)]].%0a%0a!!!Version 2.2.0-beta53, 2.2.0-beta54 (2007-06-02)%0a* Improve error message reporting for markup rules (suggestion by Knut Alboldt).%0a* Clean up more E_NOTICE warnings (reported by Ian MacGregor).%0a* Add focus= option to [=(:=][[forms|input]]:) controls.%0a* Added CSS [@.faqtoc@] class, to be able to display only the questions coming from the #includefaq [[page list template(s)]].%0a* Changed [[PmWiki.FAQ]] to use .faqtoc class.%0a* Fix bug in TextSection (PITS:00935, reported by Jean-Fabrice).%0a* Fix bug in [[page list(s#pagelisttrail)]] caching of trails.%0a%0a!!!Version 2.2.0-beta52 (2007-05-26)%0a* Add per-PageStore attributes (from a suggestion by Tobias Thelen).%0a* Add [@{$PasswdRead}@], [@{$PasswdEdit}@], etc. to display page password settings.%0a* Add Site.AuthList to display all password permissions on a site.%0a* Reorder $PageListFilters slightly.%0a* Add "passwd=" option to [[page list(s#pagelistpasswd)]], to return only those pages that have some sort of [[password(s)]] attribute on them.%0a* Add line numbers to StopWatchHTML output.%0a* Clean up handling of $AuthCascade.%0a%0a!!!Version 2.2.0-beta51 (2007-05-23)%0a* Add fmt=count to [[page list(s#pagelistcount)]] (reminder from Hans).%0a* Ignore hidden files in [[skin(s)]] directories when searching for .tmpl (suggestion by Stephan Becker).%0a* Clean up queuing of pages to be updated in .pageindex .%0a* Reset $LinkTargets() at beginning of each UpdatePage() sequence.%0a%0a!!!Version 2.2.0-beta50 (2007-05-22)%0a* Fix HTML cache when drafts are enabled, or other recipes using CondAuth().%0a* Prevent [[page lists]] with protected pages from HTML cache.%0a%0a!!!Version 2.2.0-beta48, 2.2.0-beta49 (2007-05-21)%0a* Fix spurious value= attribute in <textarea> tag generated by [@(:input textarea ... :)@].%0a* Allow either [@(:input default ...:)@] or [@(:input defaults ...:)@].%0a* Fix problem with page text variable handling in [@(:input defaults:)@].%0a* Allow either [@(:template default:)@] or [@(:template defaults:)@] in [[page list templates]].%0a* Fix a bug handling dates with suffixes (reported by Crisses).%0a%0a!!!Version 2.2.0-beta47 (2007-05-20)%0a* Fix bug with quote handling in [@(:include:)@] options (reported by Hans).%0a%0a!!!Version 2.2.0-beta46 (2007-05-19)%0a* Moved $PageTextVarPatterns definition from scripts/stdmarkup.php to pmwiki.php.%0a* Ignore Markup() rules that have unresolved $when parameters.%0a* Fix issue in authuser.php when $auth array isn't set (contributed by Ben Stallings).%0a* The [@(:include:)@] directive now performs template argument processing on the included text.%0a* Optimized [@(:pagelist:)@] slightly when sorting on [[page variables]].%0a* Refactored [@(:input ... :)@] markups.%0a* Added HandleDispatch(), which allows action handlers to easily redispatch to other actions (and add messages).%0a* Added FmtTemplateVars(), to perform various template-substitutions.%0a%0a%0a!!!Version 2.2.0-beta45 (2007-05-02)%0a* Update pmwiki's date parsing to use a common routine, recognizing dates within strings and restricting range to 1900-2039.%0a* Add additional parameter to "date" conditional.%0a* Add if= option to [[page list(s#pagelistif)]] (suggested by Crisses).%0a* Refactor code to use TextSection() and RetrieveAuthSection() functions.%0a* The value= parameter to [@(:input textarea:)@] now works properly (including values loaded from $InputValues).%0a* The [@(:input default:)@] directive now allows loading input control defaults from another page via the [@source=@] parameter.%0a* Remove automatic call to FmtPageName() in $ROSPatterns. Add $ROEPatterns (from suggestions by JB and others).%0a* Fix minor variable bugs in scripts/crypt.php.%0a* Remove E_NOTICE errors (reported by Hans).%0a* Fix handling of page variables when pagename is empty or not provided.%0a* Add $EnableLinkPageRelative configuration option.%0a* Clean up handling of arguments to [@{(ftime ...)}@].%0a* Remove mailposts.php call in stdconfig.php (reported by Christophe David).%0a%0a!!!Version 2.2.0-beta44 (2007-04-16)%0a* Fix case conversion of U+027D and U+026B (reported by Petko).%0a* Add $FTimeFmt to set default formatting for [@{(ftime)}@].%0a* Add %25s conversion to [@{(ftime)}@] for systems that don't have it by default.%0a* Report an error if edit [[form(s)]] cannot be read (suggested by Hans).%0a* Don't report ?cannot acquire lockfile when simply browsing pages.%0a* Add $EnableReadOnly flag to signal when PmWiki is to be run in read-only mode.%0a%0a!!!Version 2.2.0-beta43 (2007-04-15)%0a* Update drafts code to add $EnablePublishAttr and change button labels when drafts are enabled (PITS:00755).%0a* Removed no-longer-needed 'compat1x.php' and 'mailposts.php' from distribution.%0a* Added $DraftRecentChangesFmt.%0a* Added "[[markup expressions]]" [@{(...)}@] into the core.%0a* Added charset= attribute to saved pages.%0a* Update pagelist.php and xlpage-utf-8.php to handle case-insensitive searches.%0a* Added some optimizations to phpdiff.php script to produce more useful history information.%0a%0a!!!Version 2.2.0-beta42 (2007-03-27)%0a* Fix a bug with order=title in pagelists (reported by Anno).%0a%0a!!!Version 2.2.0-beta41 (2007-03-26)%0a* Added $EnableWSPre option, which allows easy adjustment of the "leading space -> preformatted text" (or "whitespace") rule.%0a* Added a new "pre" wikistyle, to designate blocks that are to be treated as preformatted text.%0a%0a!!!Version 2.2.0-beta40 (2007-03-24)%0a* Fix bug with order=title in pagelists when using $Titlespaced (PITS:00906, reported by Feral).%0a* Report state of allow_url_fopen when downloads fail in blocklist.php.%0a%0a!!!Version 2.2.0-beta39 (2007-03-23)%0a* Allow page variable filters to appear as options in [@(:template defaults:)@] (reported by SteP).%0a* Updated [[Site.PageListTemplates]] to use [@(:template:)@] directives.%0a* Remove '#wikileft h1' and '#wikileft h5' from pmwiki default stylesheet.%0a%0a!!!Version 2.2.0-beta38 (2007-03-22)%0a* Strip control characters from $ChangeSummary.%0a* Fix problem with count=m..n where m..n is outside the range of available pages (reported by SteP).%0a* Allow [@(:template default ...:)@] to specify a class= option.%0a* [[PmWiki/PageDirectives#redirect|Redirect]] pagename can now include an anchor (PITS:00558)%0a%0a!!!Version 2.2.0-beta37 (2007-03-16)%0a* Allow an optional space after comma separators in wildcard patterns (reported by Han Baas).%0a%0a!!!Version 2.2.0-beta36 (2007-03-16)%0a* Allow nested [[page text variables]] to work, remove extraneous ENT_NOQUOTES parameter.%0a* Add new [@(:template ...:)@] directives for pagelist templates.%0a* Modify count= option to pagelists to allow for alternate ranges.%0a%0a!!!Version 2.2.0-beta35 (2007-03-05)%0a* Fix bug in [[conditional markup]] parsing (reported by Christophe David).%0a%0a!!!Version 2.2.0-beta33, 2.2.0-beta34 (2007-03-01)%0a* Refactor wildcard handling into its own GlobToPCRE function.%0a* Allow negated wildcards for page variable filters in pagelists (PITS:00878, reported by Jiri)%0a* Fix wildcards so that spaces no longer separate patterns (use commas).%0a* Fix handling of '&' prior to [@(:input:)@] and other directives (reported by Luigi).%0a* Adjust position of [@%25define=...%25@] [[wiki styles]] to occur after ampersands.%0a* Adjust copyright dates on many files.%0a* Allow spaces around text variable names in [[page text variable(s)]] markups.%0a%0a!!! [[#beta32]] Version 2.2.0-beta32 (2007-02-28)%0a* Fix erroneous $EnableCreole item in docs/sample-config.php (reported by Sigurd).%0a* Added [@(:elseif:)@] and [@(:else:)@] markups (PITS:00787).%0a* Fix global $Skin variable handling when using SetSkin from within markup.%0a* Make sure directives aren't treated like [[page text variables]] (reported by Petko).%0a* Remove call to ResolvePageName() from authuser.php .%0a* Simplify [[PmWiki/AuthUser#LDAP|LDAP]] authentication for Active Directory sites.%0a* Cache lowercase/uppercase patterns in AsSpacedUTF8().%0a%0a!!!Version 2.2.0-beta31 (2007-02-11)%0a* Fix bug with sorting on [[pagelist variables]] (reported by Kathryn Andersen).%0a%0a!!!Version 2.2.0-beta29, 2.2.0-beta30 (2007-02-09)%0a* MakePageName now uses the first matching entry of $PagePathFmt as the home page of groups without a home page.%0a* Add AsSpacedUTF8() to handle title spacing in utf-8 (PITS:00875, contributed by Petko, Celok)%0a* Fix $RequestedPage when running with utf-8.%0a* Add %3cmeta> content-type tag for utf-8.%0a* Add an experimental caching system for pagelists.%0a* Fix $SuffixPattern and link suffixes for utf-8 (PITS:00881, reported by ppip).%0a%0a!!!Version 2.2.0-beta28 (2007-02-03)%0a* Update blocklist.php so that all posted fields are checked for block values (PITS:00850).%0a%0a!!!Version 2.2.0-beta27 (2007-01-25)%0a* Fix markup processing sequence for [@(:input default:), (:input select:)@], etc. (problem noted by Marc).%0a* Fix default value of [@order=@] parameter to MakePageList().%0a%0a[[#v22026]]%0a!!!Version 2.2.0-beta26 (2007-01-23)%0a* Fix a bug where pagelist list= option had no effect when reading from trails (from an rss problem noted by Russ Fink).%0a%0a[[#v22024]][[#v22025]]%0a!!!Version 2.2.0-beta24, 2.2.0-beta25 (2007-01-22)%0a* Add a scripts/creole.php module for Creole markup (http://www.wikicreole.org/).%0a* Move WikiWords out of the core defaults -- can be enabled via $EnableWikiWords.%0a* Fix handling of WikiWords following & or #, as in [=Æ and #FFFF00=] (reported by Moni Kellermann).%0a* Adjust FormatTableRow() to support Creole-style tables (using single |'s).%0a* Update docs/sample-config.php with new configurations and options.%0a* Added code to allow Abort() to refer to additional information on pmwiki.org.%0a* Added $EnableSkinDiag, which checks templates for required %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives.%0a* Removed deprecated $BasicLayoutVars support from skins.php.%0a%0a[[#v22022]][[#v22023]]%0a!!!Version 2.2.0-beta22, 2.2.0-beta23 (2007-01-17)%0a* Added $EnableActions, to allow pmwiki.php to be included without generating output (from a suggestion by Wouter Groeneveld).%0a* Fix bug in "order=" option to [@(:pagelist:)@] (reported by Mike Bishop).%0a* Change DisplayStopWatch() function to StopWatchHTML().%0a* Allow multiple lines for markup:, wiki:, and page: template directives (reported by Marc)%0a%0a[[#v22021]]%0a!!!Version 2.2.0-beta21 (2007-01-12)%0a* Fix %3cvspace> bug in searchresults output (PITS:00846, reported by M. Czaplinski, marc, and others).%0a* Fix numerous E_NOTICE warnings and incorrect constants (PITS:00853, contributed by AndrewFyfe).%0a%0a[[#v22020]]%0a!!!Version 2.2.0-beta20 (2007-01-11)%0a* $FeedPageListOpt needs to be declared global in feeds.php.%0a* Add "404 Not Found" status code to ?invalid page name aborts (PITS:00854, suggested by Athan).%0a* Remove stale entries from $PageExistsCache when a new PageStore is added (reported by Hans).%0a%0a[[#v22019]]%0a!!!Version 2.2.0-beta19 (2006-12-29)%0a* Have blocklist check $_POST['text'] only when it is set (from a report by Simon).%0a%0a!!!Version 2.2.0-beta18 (2006-12-28)%0a* Change $pagename parameter in UpdatePage() to be passed by reference (suggestion by J. Meijer).%0a* Fix $EnableRobotsCloakActions so that it works again with page variables.%0a* Add "XML Sitemaps" to $RobotPattern.%0a* Change $MetaRobots to return "nofollow,noindex" for non-existent pages.%0a* Prefer "404 Not Found" to "403 Forbidden" for [[(PmWiki:)robots]] attempting to do invalid actions on non-existent pages.%0a* Add rel='nofollow' to "create attachment" links.%0a* Added class='inputbox' to select boxes (suggested by Hans).%0a* Added .odt, .ods, and .odp file extensions to allowed [[uploads]] (suggested by Algis Kabaila, Robin Sheat, and others).%0a* Clean up some error warnings (PITS:00801, contributed by psvo).%0a* Set $ScriptUrl to 'https:' when accessed via SSL link (suggestions from C. Ridderström, H. Fox, PITS:00410, PITS:00527, PITS:00595).%0a* Fix bug in link= and trail= options to [@(:pagelist:)@] (reported by C. Ridderström).%0a%0a!!!Version 2.2.0-beta17 (2006-12-13)%0a* Fix spurious hidden field in [@(:searchbox:)@] output (reported by Hans).%0a* Fix $CaseConversions array for \xc4\xb1 and \xc5\xbf (reported by Petko Yotov).%0a* Refactor [@(:input:)@] markup handling.%0a* Add [@(:input select ...:)@] markup (PITS:00567).%0a* Add [@(:input default ...:)@] markup -- may change before 2.2.0 release.%0a* Add ability to set defaults for radio/checkbox/select controls.%0a%0a%0a!!!Version 2.2.0-beta16 (2006-11-10)%0a* Fix problem with [@(:e_preview:)@] directive when viewing an edit form (reported by Dominique Faure).%0a* Fix out-of-memory problem in scripts/compat1x.php when dealing with large pages to be converted (contributed by Donald Gordon).%0a* Fix problem of Variable: lines immediately followed by newline (reported by Hans).%0a* Fix uninitialized variable errors in FormatTableRow() (reported by Bob Sanders).%0a* Fix second argument of MakeBaseName() (provided by Stirling Westrup).%0a%0a!!!Version 2.2.0-beta15 (2006-10-16)%0a* Fix bug with displaying multi-line [@(:var:value:)@] [[page text variables]] (reported by Pico).%0a* Improve PageStore ls() method slightly, to restrict pagename searches to directories of a given depth (based on an issue reported by Chris Cox).%0a* Added $IsBlocked status variable to scripts/blocklist.php.%0a* Added $UnapprovedLink array to report unapproved links.%0a* Added $TimeISOFmt, $TimeISOZFmt, and $CurrentTimeISO variables.%0a* Switched scripts/feeds.php to use $TimeISOZFmt instead of $ISOTimeFmt.%0a* Added [@request=@] option to [@(:pagelist:)@], switched pagelist to default to not use url/form parameters.%0a* Fixed bug with array [@{$$options}@] in pagelist.%0a%0a!!!Version 2.2.0-beta14 (2006-10-06)%0a* Fix problem with extra parameter to mail when $NotifyParameters is empty (reported by Tom Lederer).%0a* Improve configurability of $SearchPatterns (from suggestions by Stirling Westrup).%0a* Add ability for $WikiWordCount to disable wikiword spacing (PITS:00327).%0a%0a!!!Version 2.2.0-beta13 (2006-10-04)%0a* Fix handling of angle brackets (and potential XSS) in pagelists combined with page text variables (noted by Pico).%0a%0a!!!Version 2.2.0-beta12 (2006-10-03)%0a* Added the UpdatePage() function into the core. %0a%0a!!!Version 2.2.0-beta11 (2006-10-03)%0a* Added ability to automatically create targets.%0a* Added sample code to docs/sample-config.php for automatic generation of Category.* pages.%0a* Fixed character escapes in pagelist [@{$$option}@] variables.%0a%0a!!!Version 2.2.0-beta10 (2006-10-02)%0a* Added [@{$$option}@] variables to get option values from [@(:pagelist:)@] (based on a recipe from Martin Fick).%0a* Changed [@{$PageCount}, {$GroupPageCount}, and {$GroupCount}@] to be [@{$$PageCount}, {$$GroupPageCount}, and {$$GroupCount}@].%0a* Added [@{$BaseName}@] page variable and $BaseNamePatterns.%0a%0a!!!Version 2.2.0-beta9 (2006-10-01)%0a* Fix bug with $EnablePageListProtect (reported by Brent Zupp).%0a* Added ability to select based on page variables in [@(:pagelist:)@].%0a%0a!!!Version 2.2.0-beta8 (2006-09-30)%0a* Update scripts/blocklist.php to check only $_POST['text'] instead of entire markup text.%0a* Fix bug in pagelist.php that wouldn't return correctly formatted array in certain circumstances (noted by Florian Fischer and JDem).%0a%0a!!!Version 2.2.0-beta7 (2006-09-30)%0a* Added scripts/blocklist.php to core.%0a* Updated handling of $PageTextVarPatterns.%0a* Eliminated need for extra flush() steps in notify.php, pagelist.php.%0a%0a!!!Version 2.2.0-beta6 (2006-09-27)%0a* Fix bug with initialization of $FeedPageListOpt in scripts/feeds.php (reported by Roman).%0a* Fix bug with over-eager [@(:textvar:value:)@] markup (from a bug reported by Chris Cox).%0a%0a!!!Version 2.2.0-beta4, 2.2.0-beta5 (2006-09-27)%0a* Fix bug with name= option in pagelist (reported by Ben Wilson).%0a* Fix bug with array_merge under PHP 5 (reported by Kathryn Andersen).%0a%0a!!!Version 2.2.0-beta3 (2006-09-26)%0a* Remove extra %3c!----> comment at end of table directives (noted by Ben Stallings).%0a* Fix directive form of page text variables (reported by Kathryn Andersen).%0a* Add first version of new modular pagelist code.%0a%0a!!!Version 2.2.0-beta2 (2006-09-25)%0a* Add support for [@{$:var}@] page text variables, and [@(:var:...:)@] markup.%0a* Fix default setting of $EnableRelativePageVars in docs/sample-config.php .%0a%0a!!!Version 2.2.0-beta1 (2006-09-25)%0a* Added [@{*$var}@] page variables (always the currently browsed page).%0a* Convert link and page variable handling in [=(:include:)=] to be relative to the included page.%0a* Added $EnableRelativePageVars and $EnableRelativePageLinks variables, as well as transition options.%0a* Added basepage= option to [=(:include:)=].%0a* Updated $GroupHeaderFmt and $GroupFooterFmt to use basepage= option.%0a* Adjusted $MakePageNamePatterns to automatically strip any #... or ?... from the end of a pagename input string (solution to a problem reported by J. Meijer).%0a%0a!!!Version 2.1.27 (2006-12-11)%0a* Backport in bug fix for TableRowFormat (from 2.2.0-beta16).%0a* Add support for [@{*$Variable}@] syntax (from 2.2.0 page variables).%0a%0a!!!Version 2.1.26 (2006-09-11)%0a* Fix a bug with variable referencing that caused feeds.php to get a confused PCache (reported by Helge Larsen).%0a%0a!!!Version 2.1.25 (2006-09-08)%0a* Fixed a bug in authuser.php that would fail if $AuthUser isn't defined (reported by Hans Huijgen).%0a* Added %3c!--XMLHeader--> and %3c!--XMLFooter--> aliases to %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives in skin templates (suggested by John Rankin).%0a* Added $PageExistsCache (suggested by John Rankin).%0a%0a!!!Version 2.1.24 (2006-09-06)%0a* Fixed a bug in authuser.php that had trouble dealing with non-array entries in $AuthUser (reported by Udo).%0a* Can now specify authorization groups using $AuthUser['@group'] entries.%0a* Can now specify an Apache .htgroup-formatted file for authorization groups via $AuthUser['htgroup'].%0a%0a!!!Versions 2.1.21, 2.1.22, 2.1.23 (2006-09-05, 2006-09-06)%0a* Close a potential security hole with $FarmD when register_globals is set "On".%0a* Correct a syntax error in feeds.php (noted by Ben Wilson).%0a* Fix a bug that prevented PmWiki from reading page files generated by versions prior to 0.5.6 (discovered by Milan Avramovic).%0a%0a!!!Version 2.1.20 (2006-09-04)%0a* Fixed a bug in [[PageDirectives#attachlist| [@(:attachlist:)@] ]] when passed a wikiword argument (reported by Kathryn Andersen).%0a* Changed $HTMLStylesFmt['markup'] to honor config.php setting (reported by Hans).%0a%0a!!!Version 2.1.19 (2006-08-30)%0a* Corrected a bug in the pageindex code that was causing the .pageindex to not update as quickly as it should.%0a* Slightly changed the handling of 'width' and 'height' in wikistyles.php, so that they can be be applied as attributes to %3cobject> and %3cembed> tags.%0a* Updated the Keep() function to recognize closing block tags as being in the 'B' block pool.%0a* Fixed a bug with wikistyles and form tags.%0a%0a!!!Version 2.1.18 (2006-08-28)%0a* Closed a potential cross-site scripting vulnerability in table markups (reported by JB).%0a* Added [@(:input image:)@] markup (requested by JB).%0a* Fixed problem with ?action=print failing to set [@{$Action}@] (reported by Bart).%0a%0a!!!Version 2.1.17 (2006-08-26)%0a* Added some improvements to IMS caching to better handle logout and authorization actions (PITS:00573, reported by floozy and Henrik Bechmann).%0a%0a!!!Version 2.1.16 (2006-08-26)%0a* Added $SkinLibDirs variable, to select filesystem and url locations where skins may be found (resolves PITS:00708, as reported by Hagan Fox, with additional suggestions from Ben Wilson).%0a* Changed [@%3c!--HeaderText-->@] to [@%3c!--HTMLHeader-->@] in skin templates, and added an optional [@%3c!--HTMLFooter-->@] directive (PITS:00767).%0a* Adjusted the pmwiki and print skins to use the new directives.%0a%0a!!!Version 2.1.15 (2006-08-25)%0a* Fixed issue dealing with order of [@@_site_*@] passwords (reported by Jean-Fabrice and others).%0a* Added $LocalDir variable (requested by John Rankin).%0a* Removed an unnecessary setting of $DefaultPage in ''scripts/pgcust.php'' (it's now handled by ResolvePageName() ).%0a* Added some variables and changes in wikistyles.php to better support wikipublisher (contributed by John Rankin).%0a* RetrieveAuthPage (PmWikiAuth) now recognizes a $level of 'ALWAYS' as indicating that access should always be allowed, regardless of current passwords or identities.%0a* Added filter specifier for AuthUser LDAP authentication (contributed by Balu).%0a%0a!!!Version 2.1.13, 2.1.14 (2006-08-15, 2006-08-16)%0a* Updated scripts/authuser.php to allow ldaps://... authentications (contributed by Michael Brenner).%0a* Fixed problem with numeric passwords introduced in 2.1.beta20 (reported by Christophe David and Dirk Blaas).%0a%0a!!!Version 2.1.12 (2006-08-07)%0a* Corrected typo in Site.SideBar file (reported by Judith Zacharie).%0a* Suppressed warning message for search on sites without a wikilib.d/ directory.%0a* Added capability for nested divs.%0a* Use $Transition['nodivnest'] to restore previous non-nesting div/table behavior.%0a* Including authuser.php now automatically resolves pagename.%0a* Added [@(:noaction:)@] directive to turn off actions.%0a* Fixed bug in wikistyles prior to image blocks.%0a* Added white-space as allowed wikistyle (suggested by C. Ridderström).%0a* Allow colons, hyphens, and dots in id= tags.%0a%0a!!!Version 2.1.11 (2006-06-09)%0a* Fixed generation of empty paragraphs around [@%25define=...%25@] wikistyles (PITS:00753).%0a%0a!!!Version 2.1.10 (2006-06-04)%0a* Added a %3cspan> around the RecentChanges link in the pmwiki skin (PITS:00750, suggested by Hagan Fox).%0a* Changed the $Action variable to $ActionTitle (PITS:00749, reported by Hagan Fox).%0a* Changed $FPLTemplatePageFmt to be an array of pages to be searched for page templates, enabled searching of current page and Site.LocalTemplates page.%0a* Updated .vspace margin in sidebar for pmwiki skin (PITS:00751, by Hagan Fox).%0a%0a%0a!!!Version 2.1.9 (2006-06-02)%0a* Fixed a bug with [@[[~Author]]@] links (PITS:00530 reported by Klonk, PITS:00611 reported by weijang, PITS:00671 reported by Stirling Westrup, and helpful clues provided by Clayton Curtis).%0a%0a!!!Version 2.1.8 (2006-06-01)%0a* Added ability to specify notification entries from ''local/config.php'' as well as Site.Notify (suggested by Christophe David).%0a* Fixed $Transition['vspace'] from 2.1.7.%0a%0a!!!Version 2.1.7 (2006-05-31)%0a* Adjusted width of edit form for IE browsers (contributed by Roman and H. Fox).%0a* Suppress authentication failure error from LDAP (PITS:00739).%0a* Fixed problem with invalid page names resulting in redirect loop (PITS:00723, reported by jojoo).%0a* Added "Group." and "Group/" page name syntax, resolving PITS:00736 (from a suggestion by Pico).%0a* Changed handling of "vspace" paragraphs.%0a* Fixed some XSS vulnerabilities in uploads.php and url links (reported by Moritz Naumann, http://moritz-naumann.com).%0a* Added notify.php script, allowing finer control of email notifications.%0a%0a!!!Version 2.1.6 (2006-05-22)%0a* Optimized performance of urlapprove.php.%0a* Added [@(:if auth xyz PageName:)@] syntax.%0a* Corrected XSS bug in trails.php.%0a* Slightly improved performance of free links.%0a* Restore ability to use hyphens in InterMap links (reported by Henrik Bechmann).%0a%0a!!!Version 2.1.4, 2.1.5 (2006-03-29)%0a* Fixed problem with pagelist-based feeds (PITS:00709, reported by Jon Haupt).%0a* Added [@{$Action}@] page variable. (PITS:00696, reported by Sebastian Pipping).%0a* Added stripmagic() around variables submitted to authuser.php.%0a* Fixed problem with multi-term searches containing special characters (PITS:00713, reported by Leo).%0a* Switched [[PageDirectives#attachlist| [@(:attachlist:)@] ]] to use a natural case sort (suggested by H. Fox).%0a%0a!!!Version 2.1.3 (2006-03-17)%0a* Re-fixed problem with PHP 5.1.1 and lines= option to [@(:include:)@] (PITS:00620).%0a* Fixed empty LDAP password issue (reported by Thomas Lederer).%0a%0a!!!Version 2.1.2 (2006-03-16)%0a* Fixed %3ch1>/%3ch2> tag mismatches (PITS:00702, reported by Martin Hason).%0a* Fixed bug with $AllowPassword and "nopass" (reported by M. Weiner and bram brambring).%0a* Improved the speed of RSS and other web feeds when $EnablePageListProtect is not set.%0a%0a!!!Version 2.1.1 (2006-03-13)%0a* Fixed a bug with multiple authorization groups as a password (PITS:00699, reported by Ari Epstein).%0a* Updated the authorization code to be a bit more liberal with password/group settings.%0a* Updated PmWiki.FAQ page to be able to grab FAQ items from other pages in the documentation.%0a%0a!!Version 2.1.0 (2006-03-12)%0a* Many many documentation updates (special thanks to many authors).%0a* Allow trailing underscores in upload names (requested by Hans).%0a* Fixed 'ak_print' problem causing accesskey='a' for print (noted by Pico).%0a* Added code to make sure each anchor is generated only once per page (for XHTML validity).%0a* Added a $BlockPattern variable to recognize block HTML tags.%0a* Made an adjustment to Keep() so that it places strings with block HTML into the 'B' pool.%0a* Adjusted stdmarkup.php to not produce paragraphs for keep blocks in the 'B' pool.%0a* Corrected a variety of i18n phrases.%0a* Added class='escaped' to distinguish [=@@...@@=] from [=[@...@]=] (from a comment by Hans).%0a* Slightly changed styling of .faq divs.%0a* Made the edit textarea a couple of rows smaller to better fit on smaller displays (suggested by H. Fox).%0a----%0a[[(PmWiki:)ChangeLog Archive]] - changes prior to version 2.1.0. +time=1413217177 diff --git a/wikilib.d/PmWiki.EditVariables b/wikilib.d/PmWiki.EditVariables index 0756ea97..e144e892 100644 --- a/wikilib.d/PmWiki.EditVariables +++ b/wikilib.d/PmWiki.EditVariables @@ -1,9 +1,9 @@ -version=pmwiki-2.2.61 ordered=1 urlencoded=1 -author=XES +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=Peter Bowers charset=UTF-8 -csum= +csum=add reference to $GUIButtons name=PmWiki.EditVariables -rev=74 +rev=75 targets=Cookbook.EditTemplates,PmWiki.Drafts,Cookbook.ROEPatterns,Cookbook.ROSPatterns,Category.PmWikiDeveloper -text=(:Summary:variables used when editing pages:)%0aTo set many of the variables below specify them in @@config.php@@.%0a%0a:$AutoCreate:Used in conjunction with the AutoCreateTargets edit function, this array records any sets of pages which should be created automatically if they don't exist. The syntax is %0a-> [@$AutoCreate[REGEXP] = PAGE_PARAMETERS;@]%0a-> where @@REGEXP@@ is a regular expression which will identify the pages to be autocreated, and @@PAGE_PARAMETERS@@ is an array of attributes for the page to be created. For example, %0a-> [@$AutoCreate['/^Category\\./'] = array('ctime' => $Now);@]%0a-> will create a blank page with a current creation time for any missing Category page.%0a%0a:$DefaultPageTextFmt:The text that should be displayed when browsing non-existent pages. As default PmWiki uses the contents of Site.PageNotFound %0a-> [@$DefaultPageTextFmt = '(:include $[{$SiteGroup}.PageNotFound]:)';@] %0a%0a:$DeleteKeyPattern:The pattern used to determine if a page should be deleted. The default is to remove pages that contain only the single word "delete" (and optional spaces).%0a-> # change delete word to "remove"%0a-> $DeleteKeyPattern = "^\\s*remove\\s*$";%0a-> # delete any page with no visible text, i.e., empty%0a-> $DeleteKeyPattern = "^\\s*$";%0a%0a:$DiffKeepDays:The $DiffKeepDays variable sets the minimum length of time that a page's revision history is kept. By default it is set to 3650 days, or a little less than ten years. You can change this value in a customization file to be something smaller, e.g.:%0a-> $DiffKeepDays = 30; # keep revisions at least 30 days%0a: :Note that a specific page revision isn't removed from the page until the first edit after the time specified by $DiffKeepDays has elapsed. Thus, it's still possible for some pages to have revisions older than $DiffKeepDays -- such revisions will be removed the next time those pages are edited.%0a%0a:$DiffKeepNum:This variable contains the minimum number of changes to be kept in the page history, even if some of them are older than the limit defined by $DiffKeepDays. It prevents lost history of pages that are older, but have few changes.%0a-> $DiffKeepNum = 50; # keep at least 50 revisions (default is 20)%0a%0a:$DraftSuffix:The suffix to use for draft versions of pages (default "-Draft").%0a%0a:$EditFunctions: This array contains the sequence of functions that are called when a page is edited. It can be customized to provide additional functions to be called as part of the editing process. The standard setting is:%0a-> [@$EditFunctions = array('EditTemplate', 'RestorePage', 'ReplaceOnSave',%0a 'SaveAttributes', 'PostPage', 'PostRecentChanges', 'AutoCreateTargets', 'PreviewPage'); @]%0a%0a:$EditRedirectFmt: The page to which an author is sent after pressing "Save" or "Cancel" from an edit form. Defaults to "$FullName", which sends the author to the page just edited, but can be changed to specify another page.%0a-> [@# redirect to Main.HomePage%0a$EditRedirectFmt = 'Main.HomePage'; %0a# redirect to HomePage of current group%0a$EditRedirectFmt = '{$Group}.HomePage';%0a@]%0a%0a:$EditTemplatesFmt:Name of the page (or an array of names) to be used as the default text for any newly created pages.%0a-> [@# Use 'Main.NewPageTemplate' as default text of all new pages%0a$EditTemplatesFmt = 'Main.NewPageTemplate';%0a# Use 'Template' in the current group for new pages%0a$EditTemplatesFmt = '$Group.Template';%0a# Use 'Template' in the current group if it exists, otherwise%0a# use 'Main.NewPageTemplate'%0a$EditTemplatesFmt = array('$Group.Template', 'Main.NewPageTemplate');@]%0a-> See [[Cookbook:EditTemplates]] for more information.%0a%0a%0a:$EnableDrafts:When set to '1', enables the "Save draft" button and built-in handling of "draft" versions of pages, where: %0a## initial "Save draft" of an existing page ("PageName") saves changes to a new name ("PageName-Draft")%0a## subsequent attempts to edit PageName causes PageName-Draft to be edited%0a## subsequent selections of "Save draft" cause PageName-Draft to be saved%0a## pressing "Publish" causes PageName-Draft to be posted to PageName, and deleted.%0a-> # turn on draft edits%0a-> $EnableDrafts = 1;%0a%0a->A related variable, $EnablePublishAttr, adds a new "publish" authorization level to distinguish editing of drafts from publishing them.%0a%0a:$EnableDraftAtomicDiff:When set to 1, "publishing" a draft version will clear the "draft" history, leaving a single "diff" between the latest and the previous "published" versions. Note that this will delete the author names, dates and contributions of the intermediate, unpublished versions. ([[Drafts]] need to be enabled, see $EnableDrafts.)%0a%0a:$EnableGUIButtons:When set to '1', turns on the graphical buttons in the "Edit Page" form.%0a-> # turn on graphical edit buttons%0a-> $EnableGUIButtons = 1;%0a%0a:$EnablePostAuthorRequired:When set to '1', posting of pages requires the author to provide an author name. Otherwise, authors can post without a name.%0a-> # require authors to provide a name%0a-> $EnablePostAuthorRequired = 1; %0a%0a:$HandleEditFmt: Like $HandleBrowseFmt, this specifies the entire output format for ?action=edit for a page.%0a%0a:$IsPagePosted: Set to a true value if the page is actually saved (e.g., this is used to tell the RecentChanges handlers if they need to update).%0a %0a:$PageEditFmt: By default, this is the HTML to be displayed for an edit form.%0a%0a:$PageEditForm: Specifies the edit form for ?action=edit. Defaults to '$SiteGroup.EditForm'.%0a%0a:$ROEPatterns: With this array you can add a pattern as ''key'' and set a text ''value'' which replace it on every edit request, using preg_replace function. Specifically it is replaced when the page is loaded into the editform, whenever a preview is done, and when the page is saved (from PmWiki 2.2.0beta45). See Cookbook:ROEPatterns for examples.%0a%0a:$ROSPatterns: With this array you can add patterns as ''key'' and set a text ''value'' which will replace it when the edited page is posted (as signaled by $EnablePost). It is not replaced when the page is loaded into the editform nor when a preview is done, but it is replaced only when the page is saved. See Cookbook:ROSPatterns for examples.%0a%0aCategories: [[!PmWiki Developer]] -time=1391716307 +text=(:Summary:variables used when editing pages:)%0aTo set many of the variables below specify them in @@config.php@@.%0a%0a:$AutoCreate:Used in conjunction with the AutoCreateTargets edit function, this array records any sets of pages which should be created automatically if they don't exist. The syntax is %0a-> [@$AutoCreate[REGEXP] = PAGE_PARAMETERS;@]%0a-> where @@REGEXP@@ is a regular expression which will identify the pages to be autocreated, and @@PAGE_PARAMETERS@@ is an array of attributes for the page to be created. For example, %0a-> [@$AutoCreate['/^Category\\./'] = array('ctime' => $Now);@]%0a-> will create a blank page with a current creation time for any missing Category page.%0a%0a:$DefaultPageTextFmt:The text that should be displayed when browsing non-existent pages. As default PmWiki uses the contents of Site.PageNotFound %0a-> [@$DefaultPageTextFmt = '(:include $[{$SiteGroup}.PageNotFound]:)';@] %0a%0a:$DeleteKeyPattern:The pattern used to determine if a page should be deleted. The default is to remove pages that contain only the single word "delete" (and optional spaces).%0a-> # change delete word to "remove"%0a-> $DeleteKeyPattern = "^\\s*remove\\s*$";%0a-> # delete any page with no visible text, i.e., empty%0a-> $DeleteKeyPattern = "^\\s*$";%0a%0a:$DiffKeepDays:The $DiffKeepDays variable sets the minimum length of time that a page's revision history is kept. By default it is set to 3650 days, or a little less than ten years. You can change this value in a customization file to be something smaller, e.g.:%0a-> $DiffKeepDays = 30; # keep revisions at least 30 days%0a: :Note that a specific page revision isn't removed from the page until the first edit after the time specified by $DiffKeepDays has elapsed. Thus, it's still possible for some pages to have revisions older than $DiffKeepDays -- such revisions will be removed the next time those pages are edited.%0a%0a:$DiffKeepNum:This variable contains the minimum number of changes to be kept in the page history, even if some of them are older than the limit defined by $DiffKeepDays. It prevents lost history of pages that are older, but have few changes.%0a-> $DiffKeepNum = 50; # keep at least 50 revisions (default is 20)%0a%0a:$DraftSuffix:The suffix to use for draft versions of pages (default "-Draft").%0a%0a:$EditFunctions: This array contains the sequence of functions that are called when a page is edited. It can be customized to provide additional functions to be called as part of the editing process. The standard setting is:%0a-> [@$EditFunctions = array('EditTemplate', 'RestorePage', 'ReplaceOnSave',%0a 'SaveAttributes', 'PostPage', 'PostRecentChanges', 'AutoCreateTargets', 'PreviewPage'); @]%0a%0a:$EditRedirectFmt: The page to which an author is sent after pressing "Save" or "Cancel" from an edit form. Defaults to "$FullName", which sends the author to the page just edited, but can be changed to specify another page.%0a-> [@# redirect to Main.HomePage%0a$EditRedirectFmt = 'Main.HomePage'; %0a# redirect to HomePage of current group%0a$EditRedirectFmt = '{$Group}.HomePage';%0a@]%0a%0a:$EditTemplatesFmt:Name of the page (or an array of names) to be used as the default text for any newly created pages.%0a-> [@# Use 'Main.NewPageTemplate' as default text of all new pages%0a$EditTemplatesFmt = 'Main.NewPageTemplate';%0a# Use 'Template' in the current group for new pages%0a$EditTemplatesFmt = '$Group.Template';%0a# Use 'Template' in the current group if it exists, otherwise%0a# use 'Main.NewPageTemplate'%0a$EditTemplatesFmt = array('$Group.Template', 'Main.NewPageTemplate');@]%0a-> See [[Cookbook:EditTemplates]] for more information.%0a%0a%0a:$EnableDrafts:When set to '1', enables the "Save draft" button and built-in handling of "draft" versions of pages, where: %0a## initial "Save draft" of an existing page ("PageName") saves changes to a new name ("PageName-Draft")%0a## subsequent attempts to edit PageName causes PageName-Draft to be edited%0a## subsequent selections of "Save draft" cause PageName-Draft to be saved%0a## pressing "Publish" causes PageName-Draft to be posted to PageName, and deleted.%0a-> # turn on draft edits%0a-> $EnableDrafts = 1;%0a%0a->A related variable, $EnablePublishAttr, adds a new "publish" authorization level to distinguish editing of drafts from publishing them.%0a%0a:$EnableDraftAtomicDiff:When set to 1, "publishing" a draft version will clear the "draft" history, leaving a single "diff" between the latest and the previous "published" versions. Note that this will delete the author names, dates and contributions of the intermediate, unpublished versions. ([[Drafts]] need to be enabled, see $EnableDrafts.)%0a%0a:$EnableGUIButtons:When set to '1', turns on the graphical buttons in the "Edit Page" form.%0a-> # turn on graphical edit buttons%0a-> $EnableGUIButtons = 1;%0a%0a:$EnablePostAuthorRequired:When set to '1', posting of pages requires the author to provide an author name. Otherwise, authors can post without a name.%0a-> # require authors to provide a name%0a-> $EnablePostAuthorRequired = 1; %0a%0a:$GUIButtons:Allows the configuration of the buttons which appear at the top of the text area when editing a page. See scripts/guiedit.php for the default definition. Note that the 5th element can be HTML code rather than just the url of a gif - this allows more flexibility in defining the related javascript.%0a%0a:$HandleEditFmt: Like $HandleBrowseFmt, this specifies the entire output format for ?action=edit for a page.%0a%0a:$IsPagePosted: Set to a true value if the page is actually saved (e.g., this is used to tell the RecentChanges handlers if they need to update).%0a %0a:$PageEditFmt: By default, this is the HTML to be displayed for an edit form.%0a%0a:$PageEditForm: Specifies the edit form for ?action=edit. Defaults to '$SiteGroup.EditForm'.%0a%0a:$ROEPatterns: With this array you can add a pattern as ''key'' and set a text ''value'' which replace it on every edit request, using preg_replace function. Specifically it is replaced when the page is loaded into the editform, whenever a preview is done, and when the page is saved (from PmWiki 2.2.0beta45). See Cookbook:ROEPatterns for examples.%0a%0a:$ROSPatterns: With this array you can add patterns as ''key'' and set a text ''value'' which will replace it when the edited page is posted (as signaled by $EnablePost). It is not replaced when the page is loaded into the editform nor when a preview is done, but it is replaced only when the page is saved. See Cookbook:ROSPatterns for examples.%0a%0aCategories: [[!PmWiki Developer]] +time=1411232403 diff --git a/wikilib.d/PmWiki.MarkupExpressions b/wikilib.d/PmWiki.MarkupExpressions index c962e3eb..2248d52b 100644 --- a/wikilib.d/PmWiki.MarkupExpressions +++ b/wikilib.d/PmWiki.MarkupExpressions @@ -1,10 +1,10 @@ -version=pmwiki-2.2.63 ordered=1 urlencoded=1 -author=Petko +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=simon charset=UTF-8 -csum= +csum=nesting ctime=1176718061 name=PmWiki.MarkupExpressions -rev=78 +rev=80 targets=PmWiki.PageListTemplates,PmWiki.PageLists,PmWiki.WikiStyles,PmWiki.ConditionalMarkup,PmWiki.PageVariables,PmWiki.PageTextVariables,Cookbook.MarkupExpressionSamples,Cookbook.MarkupExprPlus -text=(:Summary:String and formatting operations:)%0a(:Audience: authors (advanced) :)%0a%0aThe [@{(...)}@] "expression markup" allows for a variety of string and formatting operations to be performed from within markup. Operations defined by this recipe include ''[[#substr|substr]]'', ''[[#ftime|ftime]]'', ''[[#strlen|strlen]]'', ''[[#rand|rand]]'', ''[[#mod|mod]]'', ''[[#to|toupper / tolower]]'', ''[[#ucfirst|ucfirst]]'', ''[[#ucwords|ucwords]]'', ''[[#pagename|pagename]]'' and ''[[#asspaced|asspaced]]''.%0a%0a[[#substr]]%0a!! ''substr''%0a%0aThe "substr" expression extracts portions of a string. The arguments are%0a# the string to be processed. Always quote the string to be processed.%0a# the initial position of the substring. Note that the initial position argument is zero-based (i.e., the first character is referenced via a "0").%0a# the number of characters to extract%0a(:markup class="horiz":)%0a {(substr "PmWiki" 2 3)}%0a {(substr "PmWiki" 2)}%0a {(substr "PmWiki" 0 1)}%0a {(substr "PmWiki" 0 -3)}%0a {(substr "PmWiki" -3)}%0a(:markupend:)%0a%0aTo obtain the last n characters of a string use [@{(substr "string" -n)}@]%0a[[%3c%3c]]%0aTo truncate the last n characters of a string use [@(substr "string" 0 -n)}@]%0a%0a[[#ftime]]%0a!! ''ftime''%0a%0a"Ftime" expressions are used for date and time formatting. The generic form is%0a%0a->[@{(ftime "fmt" "when")}@]%0a->[@{(ftime fmt="fmt" when="when")}@]%0a%0awhere ''fmt'' is a formatting string and ''when'' is the time to be formatted. The arguments can be in either order and may use the optional "fmt=" and "when=" labels.%0a%0aExamples:%0a(:markup class="horiz":)%0a {(ftime)}%0a {(ftime fmt="%25F %25H:%25M")}%0a {(ftime %25Y)}%0a {(ftime fmt=%25T)}%0a {(ftime when=tomorrow)}%0a {(ftime fmt="%25Y-%25m-%25d" yesterday)}%0a {(ftime "+1 week" %25F)}%0a {(ftime fmt=%25D "+1 month")}%0a {(ftime fmt="%25a%25e %25b" when="next week")}%0a(:markupend:)%0a%0aThe ''fmt'' parameter is whatever is given by "fmt=", the first parameter containing a '%25', or else the site's default. The formatting codes are described at %25newwin%25 http://php.net/strftime. In addition to those, [='%25F'=] produces ISO-8601 dates, and '%25s' produces Unix timestamps.%0aSome common formatting strings:%0a%0a [= %25F =] # ISO-8601 dates "{(ftime %25F)}"%0a [= %25s =] # Unix timestamp "{(ftime %25s)}"%0a [= %25H:%25M:%25S =] # time as hh:mm:ss "{(ftime %25H:%25M:%25S)}"%0a [= %25m/%25d/%25Y =] # date as mm/dd/yyyy "{(ftime %25m/%25d/%25Y)}"%0a [= "%25A, %25B %25d, %25Y" =] # in words "{(ftime "%25A, %25B %25d, %25Y")}"%0a%0aThe ''when'' parameter understands many different date %25newwin%25[[http://php.net/manual/en/datetime.formats.php|formats]]. The when parameter is whatever is given by "when=", or whatever parameter remains after determining the format parameter. Some examples:%0a%0a 2007-04-11 # ISO-8601 dates%0a 20070411 # dates without hyphens, slashes, or dots%0a 2007-03 # months%0a @1176304315 # Unix timestamps (seconds since 1-Jan-1970 00:00 UTC)%0a now # the current time%0a today # today @ 00:00:00%0a yesterday # yesterday @ 00:00:00%0a "next Monday" # relative dates%0a "last Thursday" # relative dates%0a "-3 days" # three days ago%0a "+2 weeks" # two weeks from now%0a%0a'''Note:''' If you want to convert a Unix timestamp you '''must''' prefix with the @. Thus, [@"{(ftime "%25A, %25B %25d, %25Y" @1231116927)}"@].%0a%0aThe ''when'' parameter uses PHP's %25newwin%25[[(http://www.php.net/)strtotime]] function to convert date strings according to the GNU [[http://www.gnu.org/software/tar/manual/html_node/Date-input-formats.html|date input formats]]; as of this writing it only understands English phrases in date specifications.%0a%0aThe variable $FTimeFmt can be used to override the default date format used by the "ftime" function. The default $FTimeFmt is $TimeFmt.%0a%0a[[#strlen]]%0a!! ''strlen''%0a%0aThe "strlen" expression returns the length of a string. The first argument is the string to be measured.%0a%0a(:markup class="horiz":)%0a {(strlen "{$:Summary}")}%0a(:markupend:)%0a%0a[[#rand]]%0a!! ''rand''%0a%0aThe "rand" expression returns a random integer. The first argument is the minimum number to be returned and the second argument is the maximum number to be returned. If called without the optional min, max arguments rand() returns a pseudo-random integer between 0 and RAND_MAX. If you want a random number between 5 and 15 (inclusive), for example, use (rand 5 15).%0a%0a(:markup class="horiz":)%0a {(rand)}%0a {(rand 1 99)}%0a(:markupend:)%0a%0a[[#mod]]%0a!! ''mod''%0a%0aThe advanced "mod" expression returns the modulo (remainder) of the division of two numbers. It may be used in advanced [[PageList templates]] together with [@{$$PageCount}@] to insert markup every (modulo) entries, for example to create alternate styled "zebra" table rows, or to insert a line/row break. (See also [[PageLists]], [[WikiStyles]] and [[ConditionalMarkup]].)%0a%0a(:markup class="horiz":)[@%0a>>comment%3c%3c%0a%25define=bg1 item bgcolor=#f88%25%0a%25define=bg2 item bgcolor=#ff8%25%0a%25define=bg0 item bgcolor=#8f8%25%0a[[#altrows]]%0a* %25bg{(mod {$$PageCount} 3)}%25 {=$Name} ({$$PageCount})%0a[[#altrowsend]]%0a>>%3c%3c%0a(:pagelist fmt=#altrows group=PmWiki count=10:)%0a@]%0a%0a[[#to]]%0a!! ''toupper'' / ''tolower''%0a%0aThe "toupper" and "tolower" expressions convert a string into uppercase or lowercase. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(toupper "{$:Summary}")}%0a {(tolower "{$:Summary}")}%0a(:markupend:)%0a%0a[[#ucfirst]][[#ucwords]]%0a!!''ucfirst'' / ''ucwords''%0a%0aThe "ucfirst" expression converts to uppercase the first character of the string, and "ucwords", the first character of each word. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(ucfirst "{$:Summary}")}%0a {(ucwords "{$:Summary}")}%0a(:markupend:)%0a%0a%0a[[#pagename]]%0a!! ''pagename''%0a%0aThe "pagename" expression builds a pagename from a string. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(pagename "{$:Summary}")}%0a(:markupend:)%0a%0a[[#asspaced]]%0a!! ''asspaced''%0a%0aThe "asspaced" expression formats wikiwords. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(asspaced "{$FullName}")}%0a(:markupend:)%0a%0a[[#nesting]]%0a!! Nesting expressions%0a%0aMarkup expressions can be nested. Omit the curly braces for the inner expressions:%0a%0a(:markup class="horiz":)%0a {(tolower (substr "Hello World" 2))}%0a(:markupend:)%0a%0a[[#notes]] %0a!! Notes%0a%0a* For PmWikis version 2.2.33 or older, the string-processing expressions may not work properly on multibyte UTF-8 characters. Newer versions should work fine.%0a%0a!! See also%0a* [[Page variables]], [[Page text variables]]%0a* [[Conditional markup]]%0a* Cookbook:MarkupExpressionSamples — '-custom markup expression samples-'%0a* Cookbook:MarkupExprPlus -time=1399576954 +text=(:Summary:String and formatting operations:)%0a(:Audience: authors (advanced) :)%0a%0aThe [@{(...)}@] "expression markup" allows for a variety of string and formatting operations to be performed from within markup. Operations defined by this recipe include ''[[#substr|substr]]'', ''[[#ftime|ftime]]'', ''[[#strlen|strlen]]'', ''[[#rand|rand]]'', ''[[#mod|mod]]'', ''[[#to|toupper / tolower]]'', ''[[#ucfirst|ucfirst]]'', ''[[#ucwords|ucwords]]'', ''[[#pagename|pagename]]'' and ''[[#asspaced|asspaced]]''.%0aMarkup expressions can be [[#nesting|nested]], using the markup [@{(...(...)...)}@].%0a%0a[[#substr]]%0a!! ''substr''%0a%0aThe "substr" expression extracts portions of a string. The arguments are%0a# the string to be processed. Always quote the string to be processed.%0a# the initial position of the substring. Note that the initial position argument is zero-based (i.e., the first character is referenced via a "0").%0a# the number of characters to extract%0a(:markup class="horiz":)%0a {(substr "PmWiki" 2 3)}%0a {(substr "PmWiki" 2)}%0a {(substr "PmWiki" 0 1)}%0a {(substr "PmWiki" 0 -3)}%0a {(substr "PmWiki" -3)}%0a(:markupend:)%0a%0aTo obtain the last n characters of a string use [@{(substr "string" -n)}@]%0a[[%3c%3c]]%0aTo truncate the last n characters of a string use [@(substr "string" 0 -n)}@]%0a%0a[[#ftime]]%0a!! ''ftime''%0a%0a"Ftime" expressions are used for date and time formatting. The generic form is%0a%0a->[@{(ftime "fmt" "when")}@]%0a->[@{(ftime fmt="fmt" when="when")}@]%0a%0awhere ''fmt'' is a formatting string and ''when'' is the time to be formatted. The arguments can be in either order and may use the optional "fmt=" and "when=" labels.%0a%0aExamples:%0a(:markup class="horiz":)%0a {(ftime)}%0a {(ftime fmt="%25F %25H:%25M")}%0a {(ftime %25Y)}%0a {(ftime fmt=%25T)}%0a {(ftime when=tomorrow)}%0a {(ftime fmt="%25Y-%25m-%25d" yesterday)}%0a {(ftime "+1 week" %25F)}%0a {(ftime fmt=%25D "+1 month")}%0a {(ftime fmt="%25a%25e %25b" when="next week")}%0a(:markupend:)%0a%0aThe ''fmt'' parameter is whatever is given by "fmt=", the first parameter containing a '%25', or else the site's default. The formatting codes are described at %25newwin%25 http://php.net/strftime. In addition to those, [='%25F'=] produces ISO-8601 dates, and '%25s' produces Unix timestamps.%0aSome common formatting strings:%0a%0a [= %25F =] # ISO-8601 dates "{(ftime %25F)}"%0a [= %25s =] # Unix timestamp "{(ftime %25s)}"%0a [= %25H:%25M:%25S =] # time as hh:mm:ss "{(ftime %25H:%25M:%25S)}"%0a [= %25m/%25d/%25Y =] # date as mm/dd/yyyy "{(ftime %25m/%25d/%25Y)}"%0a [= "%25A, %25B %25d, %25Y" =] # in words "{(ftime "%25A, %25B %25d, %25Y")}"%0a%0aThe ''when'' parameter understands many different date %25newwin%25[[http://php.net/manual/en/datetime.formats.php|formats]]. The when parameter is whatever is given by "when=", or whatever parameter remains after determining the format parameter. Some examples:%0a%0a 2007-04-11 # ISO-8601 dates%0a 20070411 # dates without hyphens, slashes, or dots%0a 2007-03 # months%0a @1176304315 # Unix timestamps (seconds since 1-Jan-1970 00:00 UTC)%0a now # the current time%0a today # today @ 00:00:00%0a yesterday # yesterday @ 00:00:00%0a "next Monday" # relative dates%0a "last Thursday" # relative dates%0a "-3 days" # three days ago%0a "+2 weeks" # two weeks from now%0a%0a'''Note:''' If you want to convert a Unix timestamp you '''must''' prefix with the @. Thus, [@"{(ftime "%25A, %25B %25d, %25Y" @1231116927)}"@].%0a%0aThe ''when'' parameter uses PHP's %25newwin%25[[(http://www.php.net/)strtotime]] function to convert date strings according to the GNU [[http://www.gnu.org/software/tar/manual/html_node/Date-input-formats.html|date input formats]]; as of this writing it only understands English phrases in date specifications.%0a%0aThe variable $FTimeFmt can be used to override the default date format used by the "ftime" function. The default $FTimeFmt is $TimeFmt.%0a%0a[[#strlen]]%0a!! ''strlen''%0a%0aThe "strlen" expression returns the length of a string. The first argument is the string to be measured.%0a%0a(:markup class="horiz":)%0a {(strlen "{$:Summary}")}%0a(:markupend:)%0a%0a[[#rand]]%0a!! ''rand''%0a%0aThe "rand" expression returns a random integer. The first argument is the minimum number to be returned and the second argument is the maximum number to be returned. If called without the optional min, max arguments rand() returns a pseudo-random integer between 0 and RAND_MAX. If you want a random number between 5 and 15 (inclusive), for example, use (rand 5 15).%0a%0a(:markup class="horiz":)%0a {(rand)}%0a {(rand 1 99)}%0a(:markupend:)%0a%0a[[#mod]]%0a!! ''mod''%0a%0aThe advanced "mod" expression returns the modulo (remainder) of the division of two numbers. It may be used in advanced [[PageList templates]] together with [@{$$PageCount}@] to insert markup every (modulo) entries, for example to create alternate styled "zebra" table rows, or to insert a line/row break. (See also [[PageLists]], [[WikiStyles]] and [[ConditionalMarkup]].)%0a%0a(:markup class="horiz":)[@%0a>>comment%3c%3c%0a%25define=bg1 item bgcolor=#f88%25%0a%25define=bg2 item bgcolor=#ff8%25%0a%25define=bg0 item bgcolor=#8f8%25%0a[[#altrows]]%0a* %25bg{(mod {$$PageCount} 3)}%25 {=$Name} ({$$PageCount})%0a[[#altrowsend]]%0a>>%3c%3c%0a(:pagelist fmt=#altrows group=PmWiki count=10:)%0a@]%0a%0a[[#to]]%0a!! ''toupper'' / ''tolower''%0a%0aThe "toupper" and "tolower" expressions convert a string into uppercase or lowercase. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(toupper "{$:Summary}")}%0a {(tolower "{$:Summary}")}%0a(:markupend:)%0a%0a[[#ucfirst]][[#ucwords]]%0a!!''ucfirst'' / ''ucwords''%0a%0aThe "ucfirst" expression converts to uppercase the first character of the string, and "ucwords", the first character of each word. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(ucfirst "{$:Summary}")}%0a {(ucwords "{$:Summary}")}%0a(:markupend:)%0a%0a%0a[[#pagename]]%0a!! ''pagename''%0a%0aThe "pagename" expression builds a pagename from a string. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(pagename "{$:Summary}")}%0a(:markupend:)%0a%0a[[#asspaced]]%0a!! ''asspaced''%0a%0aThe "asspaced" expression formats wikiwords. The first argument is the string to be processed.%0a%0a(:markup class="horiz":)%0a {(asspaced "{$FullName}")}%0a(:markupend:)%0a%0a[[#nesting]]%0a!! Nesting expressions%0a%0aMarkup expressions can be nested. Omit the curly braces for the inner expressions:%0a%0a(:markup class="horiz":)%0a {(tolower (substr "Hello World" 2))}%0a(:markupend:)%0a%0a[[#notes]] %0a!! Notes%0a%0a* For PmWikis version 2.2.33 or older, the string-processing expressions may not work properly on multibyte UTF-8 characters. Newer versions should work fine.%0a%0a!! See also%0a* [[Page variables]], [[Page text variables]]%0a* [[Conditional markup]]%0a* Cookbook:MarkupExpressionSamples — '-custom markup expression samples-'%0a* Cookbook:MarkupExprPlus +time=1409816555 diff --git a/wikilib.d/PmWiki.Passwords b/wikilib.d/PmWiki.Passwords index 6051735b..018146d8 100644 --- a/wikilib.d/PmWiki.Passwords +++ b/wikilib.d/PmWiki.Passwords @@ -1,11 +1,11 @@ -version=pmwiki-2.2.42 ordered=1 urlencoded=1 -author=Peter Bowers +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=simon charset=UTF-8 -csum=add anchor for "which password wins" (#priority) +csum=layout description=General use of passwords and login name=PmWiki.Passwords post= Save -rev=225 +rev=230 targets=PmWiki.PasswordsAdmin,Category.Spam,PmWiki.PmWiki,PmWiki.WikiGroup,PmWiki.Security,PmWiki.AvailableActions,PmWiki.SpecialPages,PmWiki.GroupAttributes,PmWiki.Uploads,SiteAdmin.AuthList,PmWiki.AuthUser,PmWiki.ConditionalMarkup -text=(:Summary:General use of passwords and login:)(:Audience: authors :)(:Description General use of passwords and login:)%0a>>rframe font-size:smaller%3c%3c%0a!!!! Table of contents%0a* [[#pageattr|Protect an individual page]]%0a* [[#groupattr|Protect a group of pages]]%0a* [[#siteattr|Protect the site]]%0a>>%3c%3c%0a[[PmWiki]] has built-in support for password-protecting various areas of the wiki site. Authors generally want to be able to apply passwords to individual pages or to [[wiki group]]s. Wiki Administrators can apply passwords to individual pages, to wiki groups, or to the [[PasswordsAdmin#settingsitewidepasswords|entire site]]. Setting an edit password on a [[#pageattr|page]] or [[#groupattr|group]] (or [[#siteattr|the entire site]]) is one of the most common ways to stop [[!spam]]. As with any access control system, the password protection mechanisms described here are only a small part of overall system and wiki [[security]].%0a%0a!! As an author editing pages...%0a%0aAn author will generally set 3 types of passwords:%0a# to control who can see a page or group, use @@read@@ passwords%0a# to control who can edit a page or group, use @@edit@@ passwords%0a# to control who can alter the passwords used to protect a page or group, use @@attr@@ passwords%0a%0aIf required most [[AvailableActions|page actions]] can be password protected.%0a%0a[[#pageattr]]%0a!!! Protect an individual page%0aTo set a password on an individual wiki page, add the [[AvailableActions|page action]]%0a%0a->@@?action=attr@@ %0a%0ato the page's URL (address) to access its attributes. Using the form on the attributes page, you can set or clear the @@read@@, @@edit@@, or @@attr@@ passwords on the page. In the form you enter the passwords as cleartext; PmWiki encrypts them for you automatically when it stores them. %0a%0a%0aAdditional options:%0a%0a* Leaving a field blank will leave the attribute unchanged. %0a* To remove a password from a page (''reverting back'' to the group's or site's default), enter %0a%0a-> @@ clear @@%0a%0a* To indicate that the page can be edited ''even if a group or site password is set'', enter %0a%0a-> @@ @nopass @@%0a%0a* To lock a page for everybody but the admin, enter %0a%0a-> @@ @lock @@%0a%0a* To assign the site's site-wide passwords to the @@read@@, @@edit@@, or @@attr@@ password for the page, enter %0a%0a-> @@ @_site_edit, @_site_read or @_site_upload @@%0a%0a[[#groupattr]]%0a!!! Protect a wiki group of pages%0aTo set a password on a [[wiki group]] is slightly more difficult -- you just set the passwords on a [[special page(s)]] in each group called %0a%0a->[[GroupAttributes]]%0a%0aFirst, you can get to the attributes page for `GroupAttributes by entering a URL (address) like %0a%0a->[@http://example.com/pmwiki/pmwiki.php?n=GroupName.GroupAttributes?action=attr@]%0a%0aReplace example.com with your domain name, and GroupName with the name of the group%0a%0aThen, using the form on the attributes page, you can set or clear the @@read@@, @@edit@@, or @@attr@@ passwords for the entire group. In the form you enter the passwords as cleartext; PmWiki encrypts them for you automatically.%0a%0aAdditional options:%0a%0a* To remove a password from a group (''reverting back'' to the site's default), enter %0a%0a->clear%0a%0a* To indicate that the group can be edited ''even if a site password is set'', enter %0a%0a->@nopass%0a%0a* To lock a group for everybody but the admin, enter %0a%0a->@lock%0a%0a* (Beginning with Ver 2.2.3) To assign the site's site-wide passwords to the @@read@@, @@edit@@, or @@attr@@ password for the group, enter %0a%0a-> @@ @_site_edit, @_site_read or @_site_upload @@%0a%0a%0a!! Passwords%0aPasswords may consist of any combination of characters, except double "quotes" or 'apostrophes'.%0aPasswords with spaces or colons must be entered using quotes, eg "foo bar" or "foo:bar".%0aObviously longer is [[http://www.microsoft.com/protect/fraud/passwords/create.aspx|better]], and on some systems passwords need to have 4 or more characters.%0a%0a!! Multiple passwords%0aMultiple passwords for a page, group or site are allowed. %0aSimply enter multiple passwords separated by a space. This allows you to have a read password, a write password, and have the write password allow read/write access. In other words, if the read password is %0a%0a->alpha%0a%0aand the edit password is %0a%0a->beta%0a%0athen enter%0a%0a-> [@%0aSet new read password: alpha beta%0aSet new edit password: beta%0a@]%0a%0aThis says that either %0a%0a->alpha%0a%0aor %0a%0a->beta%0a%0acan be used to read pages, but only %0a%0a->beta%0a%0amay edit. Since PmWiki checks the passwords you've entered since the browser has been opened, entering a read password that is also a write password allows both reading and writing.%0a%0a[[#siteattr]]%0a!!! Protect the site%0aPasswords can be applied to the entire wiki website in ''config.php''.%0aSee [[PasswordsAdmin#settingsitewidepasswords|passwords]] administration for details.%0a%0a%0a%25audience%25 administrator%0a%0a[[#administrators]]%0a!! As an administrator ...%0a%0aYou can set passwords on pages and groups exactly as described above for authors. You can also:%0a# set site-wide passwords for pages and groups that do not have passwords%0a# use @@attr@@ passwords to control who is able to set passwords on pages%0a# use @@upload@@ passwords to control access to the file [[upload(s)]] capabilities (if uploads are enabled)%0a# use an @@admin@@ password to override the passwords set for any individual page or group%0a# use [[SiteAdmin.AuthList]] to view the permissions settings for pages that have permissions set. %0aFor more information on password options available to administrators, see [[PasswordsAdmin]].%0a%0a!! [[#priority]]Which password wins?%0a%0aIn PmWiki, page passwords override group passwords, group passwords override the ''default'' passwords, and the @@admin@@ password overrides all passwords. This gives a great deal of flexibility in controlling access to wiki pages in PmWiki. %0a%0aThe [[special page(s)]] [[SiteAdmin.AuthList]] is a page list of all pages with access permissions set.%0a%0a!! Opening access to pages in protected groups/sites%0a%0aSometimes we want to "unprotect" pages in a group or site that is otherwise protected. In these cases, the special password %0a%0a->@nopass%0a%0ais used to indicate that access should be allowed to a page without requiring a password. %0a%0aFor example, suppose `Main.GroupAttributes has an edit password set, thus restricting the editing of all pages in Main. Now we want `Main.WikiSandbox to be editable without a password. Using %0a%0a->clear%0a%0afor the edit password for `Main.WikiSandbox ''doesn't unprotect the page'', because the password is being set by the group. Instead, we set the edit password for `Main.WikiSandbox to the special value %0a%0a->@nopass%0a%0awhich tells PmWiki to ignore any site-wide or group-level passwords for that page.%0a%0a%0a>>faq%3c%3c [[#faq]]%0a%0a[[#site]]%0aQ: How can I password protect all the pages and groups on my site? Do I really have to set passwords page by page, or group by group?%0a%0aA: Administrators can set passwords for the entire site by editing the config.php file; they don't have to set passwords for each page or group. For example, to set the entire site to be editable only by those who know an "edit" password, an administrator can add a line like the following to local/config.php:%0a%0a $DefaultPasswords['edit'] = crypt('edit_password');%0a%0aFor more information about the password options that are available only to administrators, see [[PasswordsAdmin]].%0a%0aQ: I get http error 500 "Internal Server Error" when I try to log in. What's wrong?%0a%0aA: This can happen if the encrypted passwords are not created on the web server that hosts the PmWiki.\\%0aThe crypt function changed during the PHP development, e.g. a password encrypted with PHP 5.2 can not be decrypted in PHP 5.1, but PHP 5.2 can decrypt passwords created by PHP 5.1.\\%0aThis situation normally happens if you prepare everything on your local machine with the latest PHP version and you upload the passwords to a webserver which is running an older version.\\%0aThe same error occurs when you add encrypted passwords to local/config.php.%0a%0aSolution: Create the passwords on the system with the oldest PHP version and use them on all other systems.%0a%0aQ: How can I create private groups for users, so that each user can edit pages in their group, but no one else (other than the admin) can?%0a%0aA: Modify the edit attribute for each group to id:username, e.g. set the edit attribute in JaneDoe.GroupAttributes to id:JaneDoe.%0a%0aThere is a more automatic solution, but it's probably not a good idea for most wikis. Administrators can use the [[(PmWiki:)AuthUser]] recipe and add the following few lines to their local/config.php file to set this up:%0a%0a $group = FmtPageName('$Group', $pagename); \\%0a $DefaultPasswords['edit'] = 'id:'.$group; \\%0a include_once("$FarmD/scripts/authuser.php");%0a%0aThis automatically gives edit rights to a group to every user who has the same user name as the group name. Unfortunately it also gives edit rights to such a user who is visiting a same-named group not just for pages in that group, but for any page on the wiki that relies on the site's default edit password. This can create security holes.%0a%0aQ: [[#farm]] How come when I switch to another wiki within a farm, I keep my same authorization?%0a%0aA: PmWiki uses PHP sessions to keep track of authentication/authorization information, and by default PHP sets things up such that all interactions with the same server are considered part of the same session.%0a%0aAn easy way to fix this is to make sure each wiki is using a different cookie name for its session identifier. Near the top of one of the wiki's local/config.php files, before calling authuser or any other recipes, add a line like:%0a%0a session_name('XYZSESSID');%0a%0aYou can pick any alphanumeric name for XYZSESSID; for example, for the cs559-1 wiki you might choose%0a%0a session_name('CS559SESSID');%0a%0aThis will keep the two wikis' sessions independent of each other.%0a%0aQ: Is it possible to test the password level for display and/or if condition? Example: [= * (:if WriterPassword:) (display Edit link) (:ifend:) =]%0a%0aA: You can use [@(:if auth edit:)@]. See [[ConditionalMarkup]]. -time=1346998465 +text=(:Summary:General use of passwords and login:)(:Audience: authors :)(:Description General use of passwords and login:)%0a>>rframe font-size:smaller%3c%3c%0a!!!! Table of contents%0a* [[#pageattr|Protect an individual page]]%0a* [[#groupattr|Protect a group of pages]]%0a* [[#siteattr|Protect the site]]%0a>>%3c%3c%0a[[PmWiki]] has built-in support for password-protecting various areas of the wiki site. Authors generally want to be able to apply passwords to individual pages or to [[wiki group]]s. Wiki Administrators can apply passwords to individual pages, to wiki groups, or to the [[PasswordsAdmin#settingsitewidepasswords|entire site]]. Setting an edit password on a [[#pageattr|page]] or [[#groupattr|group]] (or [[#siteattr|the entire site]]) is one of the most common ways to stop [[!spam]]. As with any access control system, the password protection mechanisms described here are only a small part of overall system and wiki [[security]].%0a%0a!! As an author editing pages...%0aAn author will generally set 3 types of passwords:%0a# to control who can see a page or group, use @@read@@ passwords%0a# to control who can edit a page or group, use @@edit@@ passwords%0a# to control who can alter the passwords used to protect a page or group, use @@attr@@ passwords%0a%0aIf required most [[AvailableActions|page actions]] can be password protected.%0a%0a[[#pageattr]]%0a!!! Protect an individual page%0aTo set a password on an individual wiki page, add the [[AvailableActions|page action]]%0a->@@?action=attr@@ %0ato the page's URL (address) to access its attributes. Using the form on the attributes page, you can set or clear the @@read@@, @@edit@@, or @@attr@@ passwords on the page. In the form you enter the passwords as cleartext; PmWiki encrypts them for you automatically when it stores them. %0a%0aAdditional options:%0a* Leaving a field blank will leave the attribute unchanged. %0a* To remove a password from a page (''reverting back'' to the group's or site's default), enter %0a--> @@ clear @@%0a* To indicate that the page can be edited ''even if a group or site password is set'', enter %0a--> @@ @nopass @@%0a* To lock a page for everybody but the admin, enter %0a--> @@ @lock @@%0a* To assign the site's site-wide passwords to the @@read@@, @@edit@@, or @@attr@@ password for the page, enter %0a--> @@ @_site_edit, @_site_read or @_site_upload @@%0a%0a[[#groupattr]]%0a!!! Protect a wiki group of pages%0aTo set a password on a [[wiki group]] is slightly more difficult -- you just set the passwords on a [[special page(s)]] in each group called %0a->[[GroupAttributes]]%0a%0aFirst, you can get to the attributes page for `GroupAttributes by entering a URL (address) like %0a->[@http://example.com/pmwiki/pmwiki.php?n=GroupName.GroupAttributes?action=attr@]%0aReplace example.com with your domain name, and GroupName with the name of the group%0a%0aThen, using the form on the attributes page, you can set or clear the @@read@@, @@edit@@, or @@attr@@ passwords for the entire group. In the form you enter the passwords as cleartext; PmWiki encrypts them for you automatically.%0a%0aAdditional options:%0a* To remove a password from a group (''reverting back'' to the site's default), enter %0a-->@@clear@@%0a* To indicate that the group can be edited ''even if a site password is set'', enter %0a-->@@@nopass@@%0a* To lock a group for everybody but the admin, enter %0a-->@@@lock@@%0a* (Beginning with Ver 2.2.3) To assign the site's site-wide passwords to the @@read@@, @@edit@@, or @@attr@@ password for the group, enter %0a--> @@ @_site_edit, @_site_read or @_site_upload @@%0a%0a%0a!! Passwords%0aPasswords may consist of any combination of characters, except double "quotes" or 'apostrophes'.%0aPasswords with spaces or colons must be entered using quotes, eg "foo bar" or "foo:bar".%0aObviously longer is [[http://www.microsoft.com/protect/fraud/passwords/create.aspx|better]], and on some systems passwords need to have 4 or more characters.%0a%0a!! Multiple passwords%0aMultiple passwords for a page, group or site are allowed. %0aSimply enter multiple passwords separated by a space. This allows you to have a read password, a write password, and have the write password allow read/write access. In other words, if the read password is %0a->alpha%0aand the edit password is %0a->beta%0athen enter%0a-> [@Set new read password: alpha beta%0aSet new edit password: beta@]%0a%0aThis says that either %0a->alpha%0aor %0a->beta%0acan be used to read pages, but only %0a->beta%0amay edit. Since PmWiki checks the passwords you've entered since the browser has been opened, entering a read password that is also a write password allows both reading and writing.%0a%0a[[#siteattr]]%0a!!! Protect the site%0aPasswords can be applied to the entire wiki website in ''config.php''.%0aSee [[PasswordsAdmin#settingsitewidepasswords|passwords]] administration for details.%0a%0a%0a%25audience%25 administrator%0a%0a[[#administrators]]%0a!! As an administrator ...%0a%0aYou can set passwords on pages and groups exactly as described above for authors. You can also:%0a# set site-wide passwords for pages and groups that do not have passwords%0a# use @@attr@@ passwords to control who is able to set passwords on pages%0a# use @@upload@@ passwords to control access to the file [[upload(s)]] capabilities (if uploads are enabled)%0a# use an @@admin@@ password to override the passwords set for any individual page or group%0a# use [[SiteAdmin.AuthList]] to view the permissions settings for pages that have permissions set. %0aFor more information on password options available to administrators, see [[PasswordsAdmin]].%0a%0a!! [[#priority]]Which password wins?%0aIn PmWiki, page passwords override group passwords, group passwords override the ''default'' passwords, and the @@admin@@ password overrides all passwords. This gives a great deal of flexibility in controlling access to wiki pages in PmWiki. %0a%0aThe [[special page(s)]] [[SiteAdmin.AuthList]] is a page list of all pages with access permissions set.%0a%0a!! Opening access to pages in protected groups/sites%0aSometimes we want to "unprotect" pages in a group or site that is otherwise protected. In these cases, the special password %0a->@@ @nopass @@%0ais used to indicate that access should be allowed to a page without requiring a password. %0a%0aFor example, suppose `Main.GroupAttributes has an edit password set, thus restricting the editing of all pages in Main. Now we want `Main.WikiSandbox to be editable without a password. Using %0a->@@clear@@%0afor the edit password for `Main.WikiSandbox ''doesn't unprotect the page'', because the password is being set by the group. Instead, we set the edit password for `Main.WikiSandbox to the special value %0a->@@ @nopass @@%0awhich tells PmWiki to ignore any site-wide or group-level passwords for that page.%0a%0a%0a>>faq%3c%3c [[#faq]]%0a%0a[[#site]]%0aQ: How can I password protect all the pages and groups on my site? Do I really have to set passwords page by page, or group by group?%0a%0aA: Administrators can set passwords for the entire site by editing the config.php file; they don't have to set passwords for each page or group. For example, to set the entire site to be editable only by those who know an "edit" password, an administrator can add a line like the following to local/config.php:%0a%0a-> @@ $DefaultPasswords['edit'] = crypt('edit_password'); @@%0a%0aFor more information about the password options that are available only to administrators, see [[PasswordsAdmin]].%0a%0aQ: I get http error 500 "Internal Server Error" when I try to log in. What's wrong?%0a%0aA: This can happen if the encrypted passwords are not created on the web server that hosts the PmWiki.\\%0aThe crypt function changed during the PHP development, e.g. a password encrypted with PHP 5.2 can not be decrypted in PHP 5.1, but PHP 5.2 can decrypt passwords created by PHP 5.1.\\%0aThis situation normally happens if you prepare everything on your local machine with the latest PHP version and you upload the passwords to a webserver which is running an older version.\\%0aThe same error occurs when you add encrypted passwords to local/config.php.%0a%0aSolution: Create the passwords on the system with the oldest PHP version and use them on all other systems.%0a%0aQ: How can I create private groups for users, so that each user can edit pages in their group, but no one else (other than the admin) can?%0a%0aA: Modify the edit attribute for each group to id:username, e.g. set the edit attribute in JaneDoe.GroupAttributes to id:JaneDoe.%0a%0aThere is a more automatic solution, but it's probably not a good idea for most wikis. Administrators can use the [[(PmWiki:)AuthUser]] recipe and add the following few lines to their local/config.php file to set this up:%0a->[@$group = FmtPageName('$Group', $pagename);%0a$DefaultPasswords['edit'] = 'id:'.$group;%0ainclude_once("$FarmD/scripts/authuser.php"); @]%0aThis automatically gives edit rights to a group to every user who has the same user name as the group name. Unfortunately it also gives edit rights to such a user who is visiting a same-named group not just for pages in that group, but for any page on the wiki that relies on the site's default edit password. This can create security holes.%0a%0aQ: [[#farm]] How come when I switch to another wiki within a farm, I keep my same authorization?%0a%0aA: PmWiki uses PHP sessions to keep track of authentication/authorization information, and by default PHP sets things up such that all interactions with the same server are considered part of the same session.%0a%0aAn easy way to fix this is to make sure each wiki is using a different cookie name for its session identifier. Near the top of one of the wiki's local/config.php files, before calling authuser or any other recipes, add a line like:%0a-> session_name('XYZSESSID');%0aYou can pick any alphanumeric name for XYZSESSID; for example, for the cs559-1 wiki you might choose%0a-> session_name('CS559SESSID');%0aThis will keep the two wikis' sessions independent of each other.%0a%0aQ: Is it possible to test the password level for display and/or if condition? Example: [= * (:if WriterPassword:) (display Edit link) (:ifend:) =]%0a%0aA: You can use [@(:if auth edit:)@]. See [[ConditionalMarkup]]. +time=1412459294 diff --git a/wikilib.d/PmWiki.ReleaseNotes b/wikilib.d/PmWiki.ReleaseNotes index f1fa4ed1..7b8f5ba3 100644 --- a/wikilib.d/PmWiki.ReleaseNotes +++ b/wikilib.d/PmWiki.ReleaseNotes @@ -1,10 +1,10 @@ -version=pmwiki-2.2.67 ordered=1 urlencoded=1 +version=pmwiki-2.2.68 ordered=1 urlencoded=1 author=Petko charset=UTF-8 -csum=2.2.68 +csum= name=PmWiki.ReleaseNotes -rev=556 +rev=557 targets=PmWiki.Upgrades,PmWiki.ChangeLog,PmWiki.RoadMap,PmWiki.PageDirectives,PmWiki.PageHistory,PmWiki.Uploads,PmWiki.Passwords,PmWiki.SiteAnalyzer,PmWiki.WikiTrails,Site.Site,SiteAdmin.SiteAdmin,PITS.00961,Site.PageActions,Site.EditForm,Site.PageNotFound,PmWiki.PageLists,PmWiki.Drafts,PmWiki.Blocklist,SiteAdmin.AuthList,Cookbook.Cookbook,Cookbook.DebuggingForCookbookAuthors,PmWiki.SkinTemplates,PmWiki.AuthUser,Site.AuthUser,Cookbook.Flash,PITS.00573,PmWiki.WikiFarms,PmWiki.MailPosts,PmWiki.Notify,PmWiki.LocalCustomizations,Site.PageListTemplates,Site.SideBar,PmWiki.PageVariables,PmWiki.WebFeeds,PmWiki.InterMap,PITS.00563,PmWiki.WikiStyles,PITS.00560,Cookbook.SharedPages,PITS.00459,PITS.00590,PmWiki.ConditionalMarkup,PITS.00566,PITS.00588,PmWiki.Subversion,PmWiki.ReleaseNotesArchive -text=(:title Release Notes:)(:Summary: Notes about new versions, important for upgrades:)%0aSee also: [[Upgrades]], [[Change log]] and [[(PmWiki:)Road map]].%0a%0a!! Version 2.2.68 (2014-09-01) [[#v2268]]%0aThis version adds a Skins: InterMap prefix pointing to the Skins section on PmWiki.org, a "signature" markup in the edit quick reference, new WikiStyles clear, min-width and max-width and the documentation was updated.%0a%0a!! Version 2.2.67 (2014-08-02) [[#v2267]]%0aThis version fixes an inconsistency with input forms when values are taken from PageTextVariables. The documentation was updated to the latest state on pmwiki.org.%0a%0a!! Version 2.2.66 (2014-07-02) [[#v2266]]%0aThis version fixes a minor longstanding bug in the default Notification format when a page is deleted. In custom patterns, the "_" character will no longer be considered a function name. The documentation was updated.%0a%0a!! Version 2.2.65 (2014-06-07)%0aThis version fixes Pagelist handling of [@{$$PseudoVars}@] when they contain page variables. File permissions handling was improved when the current directory is owned by "root". The documentation was updated.%0a%0a!! Version 2.2.64 (2014-05-08)%0aThis version adds the [="{(mod)}"=] markup expression for modulo/remainder calculations, and the "tel:" and "geo:" URI schemes which, on compatible devices like smartphones, allow the creation of links to dial telephone numbers and open map/location applications. %0a%0aThe $SysMergePassthru switch was added, if enabled, it allows the "Simultaneous Edits" conflict resolution to use the passthru() function instead of popen().%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.63 (2014-04-05) [[#rel2.2.63]]%0aThis version allows for form elements to have custom attributes containing a dash in the attribute names and enables the attributes 'required', 'placeholder' and 'autocomplete' for HTML5 forms. A minor bug with pagelist [={$$RequestVariables}=] appearing on some installations was fixed. The documentation was updated.%0a%0a!! Version 2.2.62 (2014-02-28) [[#rel2.2.62]]%0aThis version adds the variable $EnableTableAutoValignTop which allows to make advanced tables compatible with HTML5. For developers, a fourth argument $template was added to the Markup_e() function, and a callback template 'return' was added. The documentation was updated.%0a%0a!! Version 2.2.61 (2014-01-31) [[#rel2.2.61]]%0aThis version removes unnecessary snippets of code and adds the variable $TableCellAlignFmt which allows to make simple tables compatible with HTML5. The documentation was updated.%0a%0a!! Version 2.2.60 (2014-01-12) [[#rel2.2.60]]%0aThis version reverts the changes to the pmwiki.css file made in 2.2.59. %0a%0a!! Version 2.2.59 (2014-01-11) [[#rel2.2.59]]%0aThis version has an improvement for Blocklist when multiple text fields are posted. A bug with some nested markup conditionals was fixed. The default skin switched font sizes from points (fixed) to percents (relative). A couple of other minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.58 (2013-12-25)%0aThis version enables customization of [=(:input auth_form:)=], and fixes a couple of minor bugs. The documentation was updated.%0a%0a!! Version 2.2.57 (2013-11-03)%0aThis version enables the use of the Attach: link format in the [[PmWiki/PageDirectives#attachlist|[=(:attachlist:)=]]] directive. The documentation was updated.%0a%0a!! Version 2.2.56 (2013-09-30)%0aThis version aims to fix a PHP 5.5 compatibility issue with a deprecated feature of the preg_replace() function. The PageStore() class now detects and works around a bug with the iconv() function, and the documentation was updated.%0a%0a!! Version 2.2.55 (2013-09-16)%0aThis version adds the variable $EnableDraftAtomicDiff. If enabled, publishing from a draft version will clear the history of intermediate draft edits, and the published version will contain a single combined diff from the previous published version. The documentation was updated.%0a%0a!! Version 2.2.54 (2013-08-13)%0aThis version fixes a bug when old versions are restored from draft pages. The documentation was updated.%0a%0a!! Version 2.2.53 (2013-07-08)%0aThis version enables a message to be shown when a post is blocked because of too many unapproved links. The documentation was updated.%0a%0a!! Version 2.2.52 (2013-06-08)%0aThis version hides warnings about a deprecated feature in PHP 5.5 installations (preg_replace with /e eval flag). Three new upload extensions were added: docx, pptx and xlsx produced by recent versions of some office suites. The documentation was updated.%0a%0a!! Version 2.2.51 (2013-05-08)%0aThis version updates the addresses for the remote blocklists. A minor XSS vulnerability for open wikis, which was discovered today, was fixed. The documentation was updated.%0a%0a!! Version 2.2.50 (2013-04-08)%0aThis release only updates the documentation to the latest state on pmwiki.org.%0a%0a!! Version 2.2.49 (2013-03-09)%0aThis version adds an array $UploadBlacklist containing forbidden strings of an uploaded filename (case insensitive). Some Apache installations try to execute a file which has ".php", ".pl" or ".cgi" anywhere in the filename, for example, "test.php.txt" may be executed. To disallow such files to be uploaded via the PmWiki interface, add to config.php such a line:%0a%0a $UploadBlacklist = array('.php', '.pl', '.cgi', '.py', '.shtm', '.phtm', '.pcgi', '.asp', '.jsp', '.sh');%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.48 (2013-02-11)%0aThis version fixes a bug introduced yesterday with some links. %0a%0a!! Version 2.2.47 (2013-02-10)%0aThis version enables tooltip titles in links to anchors in the same page, and the documentation was updated.%0a%0a!! Version 2.2.46 (2013-01-07)%0aThis version adds $UploadPermAdd and $UploadPermSet variables, and the documentation was updated.%0a%0aIf your wiki has uploads enabled, it is recommended to set the variable $UploadPermAdd to 0. %0a%0aThe $UploadPermAdd variable sets additional unix permissions applied to newly uploaded files, and should be 0 (recommended as of 2013). If uploaded files cannot be downloaded and displayed on the website, for example with the error 403 Forbidden, set this value to 0444 (core setting, default since 2004). %0a $UploadPermAdd = 0; # recommended%0a%0aThe $UploadPermSet variable unconditionally sets the file permissions on newly uploaded files. Only advanced administrators should use it.%0a%0a%0a!! Version 2.2.45 (2012-12-02)%0aThis version fixes some PHP notices appearing on some installations. The documentation was updated.%0a%0a!! Version 2.2.44 (2012-10-21)%0aThis version improves the display of consecutive whitespaces in page histories, and fixes the definition of PageTextVariables containing a dash. The documentation was updated.%0a%0a%0a!! Version 2.2.43 (2012-09-20)%0aThis version makes it possible to use HTML attribute names that contain dashes, and removes a warning when editing and previewing Site.EditForm. The documentation was updated.%0a%0a!! Version 2.2.42 (2012-08-20)%0aThis version provides a workaround for cases when a wiki page contains a character nonexistent in the active encoding. The documentation was updated.%0a%0a!! Version 2.2.41 (2012-08-12)%0aThis version changes the internal $KeepToken separator to be compatible with more encodings. The documentation was updated.%0a%0a!! Version 2.2.40 (2012-07-21)%0aThis version provides a helper function replacing htmlspecialchars() and compatible with PHP 5.4. The documentation was updated.%0a%0a!! Version 2.2.39 (2012-06-25)%0aThis version provides a fix for links to attachments containing international characters. The documentation was updated.%0a%0a!! Version 2.2.38 (2012-05-21)%0aThis version fixes a "parameter count" warning which appeared on some websites.%0a%0a!! Version 2.2.37 (2012-05-01)%0aThis version provides a workaround for installations with broken iconv() function, while optimizing the recode function. This should fix the "Unable to retrieve edit form" problem in some wikis. Dots in [[#anchor_1.2]] sections are now better supported, PageVariables are expanded in PageList template defaults, and the documentation is updated.%0a%0a!! Version 2.2.36 (2011-12-28)%0aThis version fixes the recode function to try to recover Windows-1252 characters in ISO-8859-1 files. A new variable $EnableOldCharset enables the $page["=oldcharset"] entry which will be used in the future. A couple of minor bugs were fixed and the documentation was updated.%0a%0a!! [[#v2235]] Version 2.2.35 (2011-11-11)%0aThis release fixes a critical PHP injection vulnerability, reported today by Egidio Romano. PmWiki versions 2.2.X, 2.1.X, 2.0.X and 2.0.beta33 and newer are vulnerable. When you upgrade, please read carefully the Release notes for all PmWiki versions since yours.%0a%0aIf you cannot upgrade, it is recommended to disable Searches at the earliest opportunity (even if your wiki skin doesn't have a search form). Add to config.php such a line:%0a if ($action == 'search') $action = 'browse';%0a%0aIf your old version wiki allows editing by not entirely trusted visitors, even on limited pages like a WikiSandbox, you should also disable PageLists. Add to config.php this line:%0a $EnablePageList = 0;%0a%0aThis version has an important change for international wikis: the XLPage() function no longer loads encoding scripts such as xlpage-utf-8.php. When you upgrade, you need to include those scripts from config.php, before calling XLPage():%0a%0a include_once("scripts/xlpage-utf-8.php"); # if your wiki uses UTF-8%0a XLPage('bg','PmWikiBg.XLPage');%0a%0aAll links can now have tooltip titles. Previously, only images and external links could have tooltip titles, now this feature is enabled for internal links. To set a tooltip title, add it in quotes after the link address:%0a[@%0a [[Main.HomePage"This is a tooltip title"]]%0a [[Main.HomePage"This is a tooltip title"|Home]]%0a [[http://www.pmwiki.org"Home of PmWiki"]]%0a Attach:image.jpg"Tooltip title of the image"%0a@]%0a%0aThe following new upload extensions were added: svg, xcf, ogg, flac, ogv, mp4, webm, odg, epub. A couple of minor optimizations were added (MarkupExpressions and rendering of page history) and the documentation was updated.%0a%0a!! Version 2.2.34 (2011-10-10)%0aThis version resets the timestamps of the default pages Site(Admin).AuthUser which are expected in case of upgrades from the versions 2.1.*. Core MarkupExpressions which manipulate strings should now work better with international characters. The documentation was updated to its latest state from pmwiki.org.%0a%0a!! Version 2.2.33 (2011-09-23)%0aThis version fixes a security bug introduced in 2.2.32 which left the groups Site and SiteAdmin open for reading and editing because the pages Site.GroupAttributes and SiteAdmin.GroupAttributes didn't have all necessary attributes. %0a%0aAll wikis running 2.2.32 should upgrade. If you cannot immediately upgrade, you can set the attributes from your wiki:%0a* open the attributes page [=[[SiteAdmin.GroupAttributes?action=attr]]=] and set a "read" and an "edit" password, @@ @lock @@ is recommended.%0a* open the attributes page [=[[Site.GroupAttributes?action=attr]]=] and set an "edit" password, @@ @lock @@ is recommended. Do not set a "read" password here.%0a%0aThe release also fixes the refcount.php script to produce valid HTML, and updates intermap.txt entries PITS: and Wikipedia: to point to their current locations.%0a%0a!! Version 2.2.32 (2011-09-18)%0aThis is the first version shipping with the core documentation in the UTF-8 encoding. PmWiki will automatically convert it on the fly for wikis using an older encoding.%0a%0aIt is recommended that all '''new''' PmWiki installations enable UTF-8. Migration of ''existing'' wikis from an older encoding to UTF-8 shouldn't be rushed: it is not trivial and will be documented in the future.%0a%0aA required HTML xmlns attribute was added to the print skin template. The history rendering is now faster when many lines are added or removed.%0a%0a%25note%25 Note: Due to a manipulation error, a version 2.2.31 was created before it was ready for a release.%0a%0a!! Version 2.2.30 (2011-08-13)%0aThis version fixes a $Charset definition in international iso-8859-*.php files. This will help for a future transition to UTF-8. %0a%0aA variable $EnableRangeMatchUTF8 was added, set it to 1 to enable range matches of pagenames in UTF-8 like [A-D]. Previously the range matches were always enabled in UTF-8, but we found out that on some installations this feature breaks all pagelists, even those without range matches. In case the feature worked for you, you can re-enable it.%0a%0a!! Version 2.2.29 (2011-07-24)%0aThis release fixes Attach links that were broken with the Path fix in 2.2.28 earlier today.%0a%0a!! Version 2.2.28 (2011-07-24)%0aThis release fixes 2 potential XSS vulnerabilities and a bug with Path: links.%0a%0a!! Version 2.2.27 (2011-06-19)%0aThis release fixes a validation bug on pages after a redirection. A new block WikiStyle [@%25justify%25@] was added, allowing left and right aligned text. The page history now accepts a URL parameter @@?nodiff=1@@ which hides the rendering of edit differences, showing only timestamps, authors, summaries and "Restore" links; it allows to restore a vandalized page with a huge contents or history which otherwise would break the memory or time limits of the server.%0a%0a!! Version 2.2.26 (2011-05-21)%0aThis release fixes a redundant removal of link hashes from WikiTrails, and updates the documentation to the most recent version from PmWiki.org.%0a%0a!! Version 2.2.25 (2011-03-22)%0aThis release only updates the documentation to the latest state on pmwiki.org.%0a%0a!! Version 2.2.24 (2011-02-15)%0aThis version reverts the way existing PageVariables are processed, like version 2.2.21 or earlier, but it adds a special variable $authpage which can be used in PageVar definitions. It is the same as the $page array, but exists only if the visitor has read permissions. For example, an administrator can set to config.php:%0a%0a $FmtPV['$LastModifiedSummary'] = '@$authpage["csum"]'; # instead of '@$page["csum"]'%0a%0aThen, the edit summary metadata will only be available if the user has read permissions.%0a%0a!! Version 2.2.23 (2011-01-25)%0aThis version sets the default value of $EnablePageVarAuth to 0 until we investigate a reported problem with authentication.%0a%0a!! Version 2.2.22 (2011-01-16)%0aThis version adds the variable $EnableXLPageScriptLoad which, if set to 0, will prevent authors to load scripts from XLPage and to accidentally change the encoding of the wiki. If you use it, make sure you include the required files, eg. xlpage-utf-8.php from local config files.%0a%0aPageVariables should now respect authentications: without read permissions, the title, description, change summary, author of a protected page are unavailable. PageVariables that are computed without reading the page are still available (eg. $Group, $Namespaced, $Version etc.). Administrators can revert the previous behavior by adding to config.php such a line:%0a%0a@@ $EnablePageVarAuth = 0; @@%0a%0a!! Version 2.2.21 (2010-12-14)%0aDue to a mis-configuration of a local svn repository, some of the changes intended for 2.2.20 didn't make it in the correct branch. This release corrects this.%0a%0a!! Version 2.2.20 (2010-12-14)%0aThis version fixes a potential XSS vulnerability, reported today. An AuthUser bug with excluding users from authgroups was fixed. A new InterMap prefix PmL10n: was added, it leads to the Localization section on PmWiki.org and should help the work of translators. A couple of other minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.19 (2010-11-10)%0aThis is a documentation-update release.%0a%0a!! Version 2.2.18 (2010-09-04)%0aThis version fixes 3 minor bugs, and updates the documentation.%0a%0a!! Version 2.2.17 (2010-06-20)%0aThis version adds a variable $PostConfig containing functions and scripts to be loaded after stdconfig.php. Tabindex was added as a valid form field attribute. Protected downloads now respect existing browser caches. AuthUser now allows more flexible cookbook recipe integration. A couple of bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.16 (2010-05-10)%0aThis version fixes a bug with parsing html attributes which could allow XSS injection. Wikis allowing unprotected editing are encouraged to upgrade.%0a%0aA bug with the "center" button of the GUI edit toolbar was corrected.%0a%0aThe "exists" conditional now accepts wildcards, for example:%0a [@(:if exists Main.*:)There are pages in the Main group (:if:)@]%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.15 (2010-03-27)%0aThis version adds some minor bugfixes and optimizations notably a bug with @@[=(:template none:)=]@@ introduced in the last version 2.2.14.%0a%0a!! Version 2.2.14 (2010-02-27)%0aThis release corrects inline styles for WikiTrail links. Undefined include/template @@ [={$$variables}=] @@ are now removed from the included section, like Page(Text)Variables, and can be used in conditional expressions. If needed, this change can be reverted by adding to config.php such a line:%0a%0a[@%0a $EnableUndefinedTemplateVars = 1; # keep and display unset {$$variables}%0a@]%0a%0aPageList templates now accept the sections @@ !first @@ and @@ !last @@ for markup to appear for every page in list ''except'' the first or last one.%0a%0a"Title" attributes were added to external links. You can have tooltip titles on external links, including InterMap and attachments, by adding the link title in double quotes after the URL:%0a [=[[http://www.pmwiki.org"Home of PmWiki"| External link]]=]%0a%0aFor international wikis, PmWiki now automatically translates the titles of technical pages like GroupAttributes or RecentChanges -- just define these strings as usual in XLPage, for example, in French:%0a 'AllRecentChanges' => 'Tous les changements récents',%0a%0aSome minor optimizations were done and the documentation was updated.%0a%0a!! Version 2.2.13 (2010-02-21)%0aThis release fixes a bug with $DiffKeepNum introduced in 2.2.10 -- the count of revisions was incorrect and a page could drop more revisions than it should.%0a%0aThe [[page history]] layout was modified with a rough consensus in the community. The history now defaults to "source" view with word-level highlighting of the differences. Authors can see the changes in rendered output by clicking on the link "Show changes to output". Admins can switch back the default by adding such a line to config.php:%0a%0a $DiffShow['source'] = (@$_REQUEST['source']=='y')?'y':'n';%0a%0aTo disable word-level highlighting and show plain text changes:%0a%0a $EnableDiffInline = 0;%0a%0aIn the page history rendering, a few minor bugs were fixed and the code was slightly optimized.%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.12 (2010-02-17)%0aThis release adds simple word-level highlighting of differences in the page history, when "Show changes to markup" is selected. To enable the feature, add to config.php such a line:%0a $EnableDiffInline = 1;%0a%0aThis feature is like what the InlineDiff recipe provides, but not exactly the same, and the implementation is simpler. It is enabled on PmWiki.org and can be improved -- your comments are welcome.%0a%0a!! Version 2.2.11 (2010-02-14)%0aThis release adds two new table directives for header cells, [=(:head:) and (:headnr:)=]. They work the same way as [=(:cell:) and (:cellnr:)=] except that create %3cth> instead of %3ctd> html tags.%0a%0aThe pagerev.php script was refactored into separate functions to allow easier integration of recipes displaying the page history.%0a%0aA couple of minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.9, 2.2.10 (2010-01-17)%0aMost important in this release is the official change of $EnableRelativePageVars to 1. The change is about how [={$Variable}=] in included pages is understood by PmWiki.%0a* When $EnableRelativePageVars is set to 0, [={$Name}=] displays the name of the currently browsed page. Even if [={$Name}=] is in an included page, it will display the name of the browsed page.%0a* When $EnableRelativePageVars is set to 1, [={$Name}=] displays the name of the physical page where it written. If [={$Name}=] is in an included page, it will display the name of the included page.%0a* [={*$Name}=] always displays the name of the currently browsed page, regardless of $EnableRelativePageVars.%0a%0aSo, if your wiki relies on page variables from included pages, and doesn't have $EnableRelativePageVars set to 1, after upgrading to 2.2.9, you can revert to the previous behavior by adding to config.php such a line:%0a $EnableRelativePageVars = 0;%0a%0aMore information about page variables can be found at:%0a http://www.pmwiki.org/wiki/PmWiki/PageVariables%0a%0aThis release adds a new variable $EnablePageTitlePriority which defines how to treat multiple [=(:title..:)=] directives. If set to 1, the first title directive will be used, and if a page defines a title, directives from included pages cannot override it. PmWiki default is 0, for years, the last title directive was used (it could come from an included page or GroupFooter).%0a%0aThis release also adds a new variable $DiffKeepNum, specifying the minimum number (default 20) of edits that will be kept even if some of them are older than the limit of $DiffKeepDays.%0a%0aA number of bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.8 (2009-12-07)%0aThis release fixes another PHP 5.3 compatibility issue with conditional markup. The Author field now handles apostrophes correctly. The documentation was updated.%0a%0a!! Version 2.2.7 (2009-11-08)%0aThis release fixes most PHP 5.3 compatibility issues. Unfortunately some specific builds for Windows may still have problems, which are unrelated to PmWiki. Notably, on Windows, all passwords need to be 4 characters or longer.%0a%0aUpload names with spaces are now correctly quoted. The documentation was updated.%0a%0a!! Version 2.2.6 (2009-10-04)%0aWith this release it is now possible to display recently uploaded files to the RecentChanges pages -- if you have been using the RecentUploadsLog recipe, please uninstall it and follow the instructions at http://www.pmwiki.org/wiki/Cookbook/RecentUploadsLog.%0a%0aThe release also introduces $MakeUploadNamePatterns to allow custom filename normalization for attachements. It is now possible to replace $PageListFilters and $FPLTemplateFunctions with custom functions. Notify should now work in safe_mode. Some bugs were fixed, among which one with conditional markup with dates. The documentation was updated.%0a%0a!! Version 2.2.5 (2009-08-25)%0aThis release adds a new markup for Pagelist templates, [@(:template none:)@] which allows a message to be set when the search found no pages. The FPLTemplate() function was broken into configurable sub-parts to allow development hooks. A number of bugs were fixed, and the documentation was updated.%0a%0a!! Version 2.2.4 (2009-07-16)%0aThis release fixes a bug introduced earlier today with HTML entities in XLPages.%0a%0a!! Version 2.2.3 (2009-07-16)%0aThis release fixes six potential XSS vulnerabilities, reported by Michael Engelke. The vulnerabilities may affect wikis open for editing and may allow the injection of external JavaScripts in their pages. Public open wikis should upgrade.%0a%0aA new variable $EnableUploadGroupAuth was added; if set to 1, it allows password-protected [[uploads]] to be checked against the Group password. %0a%0aIt is now possible to use @@ @_site_edit, @_site_read, @_site_admin@@ or @@ @_site_upload @@ global [[passwords]] in GroupAttributes pages.%0a%0aA number of other small bugs were fixed, and the documentation was updated.%0a%0a!! Version 2.2.2 (2009-06-21)%0aThe major news in this release is a fix of an AuthUser vulnerability.%0a%0aThe vulnerability affects only wikis that (1) rely on the AuthUser core module %0afor User:Password authentication, -AND- (2) where the PHP installation runs %0awith the variable "magic_quotes_gpc" disabled.%0a%0aAll PmWiki 2.1.x versions from pmwiki-2.1.beta6 on, all 2.2.betaX, 2.2.0, and %0a2.2.1 are affected.%0a%0aThe PmWiki [[SiteAnalyzer]] can detect if your wiki needs to upgrade:%0a http://www.pmwiki.org/wiki/PmWiki/SiteAnalyzer%0a%0aIf your wiki is vulnerable, you should do one of the following at the earliest %0aopportunity:%0a%0a* Upgrade to a version of PmWiki at least 2.2.2 or greater.%0a* Turn on magic_quotes_gpc in the php.ini file or in a .htaccess file.%0a%0aAlternatively, you can temporarily disable AuthUser until you upgrade.%0a%0aNote that even if your wiki does not have the AuthUser vulnerability at the %0amoment, you are strongly encouraged to upgrade to PmWiki version 2.2.2 or %0alater, as some future configuration of your hosting server might put you at %0arisk.%0a%0aThis release also comes with minor updates in the local documentation; fixes %0awere applied for international wikis - notably global variables in %0axlpage-utf-8.php and a new variable $EnableNotifySubjectEncode, which allows %0ae-mail clients to correctly display the Subject header; and a number of other %0asmall bugs were fixed.%0a%0a!! Version 2.2.1 (2009-03-28)%0aThis release comes with an updated local documentation; [[wiki trails]] now work cross-group; guiedit.php now produces valid HTML, and other small bugs were fixed. We also added $EnableRedirectQuiet, which allows redirects to take place without any mention of "redirected from page ....".%0a%0a[[#v220]]%0a!! Version 2.2.0 (2009-01-18)%0a%0aThis is a summary of changes from 2.1.x to 2.2.0.%0a%0a* Several pages that were formerly in the [[Site]].* group are now in a separate [[SiteAdmin]].* group, which is read-restricted by default. The affected pages include Site.AuthUser, Site.AuthList, Site.NotifyList, Site.Blocklist, and Site.ApprovedUrls . If upgrading from an earlier version of PmWiki, PmWiki will prompt to automatically copy these pages to their new location if needed. If a site wishes to continue using the old Site.* group for these pages, simply set%0a%0a-> $SiteAdminGroup = $SiteGroup;%0a%0a-> when carrying out this upgrade inspect your config files for lines such as%0a--> $BlocklistDownload['Site.Blocklist-PmWiki'] = array('format' => 'pmwiki');%0a->as you may wish to fix then, eg%0a--> $BlocklistDownload[$SiteAdminGroup . '.Blocklist-PmWiki'] = array('format' => 'pmwiki');%0a%0a* Important Change in Passwords in PmWiki 2.2 indicating that the group can be edited even if a site password is set will be done by @@"@nopass"@@ prior it was done by @@"nopass"@@%0a-> When migrating a wiki you will have to manually modify the permission or by a script replace in all the page concerned @@passwdread=nopass:@@ by @@passwdread=@nopass@@ (see PITS:00961) --isidor%0a%0a* PmWiki now ships with WikiWords entirely disabled by default. To re-enable them, set either $LinkWikiWords or $EnableWikiWords to 1. To get the 2.1 behavior where WikiWords are spaced and parsed but don't form links, use the following:%0a-> $EnableWikiWords = 1;%0a-> $LinkWikiWords = 0;%0a%0a* It's now easy to disable the rule that causes lines with leading spaces to be treated as preformatted text -- simply set $EnableWSPre=0; to disable this rule.%0a%0a--> '''Important:''' There is ongoing discussion that the leading whitespace rule may be disabled ''by default'' in a future versions of PmWiki. If you want to make sure that the rule will continue to work in future upgrades, set $EnableWSPre=1; in ''local/config.php''.%0a%0a* The $ROSPatterns variable has changed somewhat -- replacement strings are no longer automatically passed through FmtPageName() prior to substitution (i.e., it must now be done explicitly).%0a%0a* Page variables and page links inside of [@(:include:)@] pages are now treated as relative to the included page, instead of the currently browsed page. In short, the idea is that links and page variables should be evaluated with respect to the page in which they are written, as opposed to the page in which they appear. This seems to be more in line with what authors expect. There are a number of important ramifications of this change:%0a%0a[[#relativeurls]]%0a** We now have a new [@{*$var}@] form of page variable, which always refers to "the currently displayed page". Pages such as Site.PageActions and Site.EditForm that are designed to work on "the currently browsed page" should generally switch to using [@{*$FullName}@] instead of [@{$FullName}@].%0a%0a** The $EnableRelativePageLinks and $EnableRelativePageVars settings control the treatment of links and page variables in included pages. However, to minimize disruption to existing sites, $EnableRelativePageVars defaults to '''disabled'''. This will give existing sites an opportunity to convert any absolute [@{$var}@] references to be [@{*$var}@] instead.%0a%0a** Eventually $EnableRelativePageVars will be enabled by default, so we highly recommend setting [@$EnableRelativePageVars = 1;@] in ''local/config.php'' to see how a site will react to the new interpretation. Administrators should especially check any customized versions of the following:%0a---> [[Site.PageActions]]%0a---> [[Site.EditForm]]%0a---> [[Site.PageNotFound]]%0a---> SideBar pages with ?action= links for the current page%0a---> $GroupHeaderFmt, $GroupFooterFmt%0a---> [[Page lists]] that refer to the current group or page, etc in sidebars, headers, and footers%0a%0a** The [@(:include:)@] directive now has a [@basepage=@] option whereby an author can explicitly specify the page upon which relative links and page variables should be based. If no basepage= option is specified, the included page is assumed to be the base.%0a%0a* Sites that want to retain the pre-2.2 behavior of [@(:include:)@] and other items can set [@$Transition['version'] = 2001900;@] to automatically retain the 2.1.x defaults.%0a%0a* Text inserted via [@(:include:)@] can contain "immediate substitutions" of the form [@{$$option}@] -- these are substituted with the value of any options provided to the include directive.%0a%0a* PmWiki now recognizes when it is being accessed via "https:" and switches its internal links appropriately. This can be overridden by explicitly setting $ScriptUrl and $PubDirUrl.%0a%0a* A new $EnableLinkPageRelative option allows PmWiki to generate relative urls for page links instead of absolute urls.%0a%0a* Draft handling capabilities have been greatly improved. When $EnableDrafts is set, then the "Save" button is relabeled to "Publish" and a "Save draft" button appears. In addition, an $EnablePublishAttr configuration variable adds a new "publish" authorization level to distinguish editing from publishing. See [[PmWiki:Drafts]] for more details.%0a%0a[[#ptvstart]]%0a* There is a new [@{$:var}@] "page text variable" available that is able to grab text excerpts out of markup content. For example, [@{SomePage$:Xyz}@] will be replaced by a definition of "Xyz" in SomePage. Page text variables can be defined using definition markup, a line beginning with the variable name and a colon, or a special directive form (that doesn't display anything on output):%0a%0a-->[@%0a:Xyz: some value # definition list form%0aXyz: some value # colon form%0a(:Xyz: some value:) # directive form%0a@]%0a[[#ptvend]]%0a%0a* The [@(:pagelist:)@] command can now filter pages based on the contents of page variables and/or page text variables. For example, the following directive displays only those pages that have an "Xyz" page text variable with "some value":%0a%0a-->[@(:pagelist $:Xyz="some value":)@]%0a%0a Wildcards also work here, thus the following pagelist command lists pages where the page's title starts with the letter "a":%0a%0a-->[@(:pagelist $Title=A* :)@]%0a%0a* The if= option to [@(:pagelist)@] can be used to filter pages based on conditional markup:%0a%0a-->[@(:pagelist if="auth upload {=$FullName}":)@] pages with upload permission%0a-->[@(:pagelist if="date today.. {=$Name}":)@] pages with names that are dates later than today%0a%0a* Spaces no longer separate wildcard patterns -- use commas. (Most people have been doing this already.)%0a%0a* Because page variables are now "relative", the [@{$PageCount}, {$GroupCount}, {$GroupPageCount}@] variables used in pagelist templates are now [@{$$PageCount}, {$$GroupCount}, {$$GroupPageCount}@].%0a%0a* One can now use [@{$$option}@] in a pagelist template to obtain the value of any 'option=' provided to the [@(:pagelist:)@] command.%0a%0a* The [@(:pagelist:)@] directive no longer accepts parameters from urls or forms by default. In order to have it accept such parameters (which was the default in 2.1 and earlier), add a [@request=1@] option to the [@(:pagelist:)@] directive.%0a%0a* The [@count=@] option to pagelists now accepts negative values to count from the end of the list. Thus [@count=5@] returns the the first five pages in the list, and [@count=-5@] returns the last five pages in the list. In addition, ranges of pages may be specified, as in [@count=10..19@] or [@count=-10..-5@].%0a%0a* Pagelist templates may have special [@(:template first ...:)@] and [@(:template last ...:)@] sections to specify output for the first or last page in the list or a group. There's also a [@(:template defaults ...:)@] to allow a template to specify default options.%0a%0a* PmWiki comes with an ability to cache the results of certain [@(:pagelist:)@] directives, to speed up processing on subsequent visits to the page. To enable this feature, set $PageListCacheDir to the name of a writable directory (e.g., ''work.d/'').%0a%0a* [[#elseifelse]]The [@(:if ...:)@] conditional markup now also understands [@(:elseif ...:)@] and [@(:else:)@]. In addition, markup can nest conditionals by placing digits after if/elseif/else, as in [@(:if1 ...)@], [@(:elseif1 ...:)@], [@(:else1:)@], etc.%0a%0a* The [@(:if date ...:)@] conditional markup can now perform date comparisons for dates other than the current date and time.%0a%0a* [[WikiTrails]] can now specify #anchor identifiers to use only sections of pages as a trail.%0a%0a* A new [@(:if ontrail ...:)@] condition allows testing if a page is listed on a trail.%0a%0a* The extensions .odt, .ods, and .odp (from OpenOffice.org) are now recognized as valid attachment types by default.%0a%0a* A new [[blocklist]] capability has been added to the core distribution. It allows blocking of posts based on IP address, phrase, or regular expression, and can also make use of publicly available standard blocklists. See [[PmWiki.Blocklist]] for details.%0a%0a* There is a new [[SiteAdmin.AuthList]] page that can display a summary of all password and permissions settings for pages on a site. This page is restricted to administrators by default.%0a%0a* There are new [@{$PasswdRead}@], [@{$PasswdEdit}@], etc. variables that display the current password settings for a page (assuming the browser has attr permissions or whatever permissions are set in $PasswdVarAuth).%0a%0a* Forms creation via the [@(:input:)@] markup has been internally refactored somewhat (and may still undergo some changes prior to 2.2.0 release). The new [@(:input select ...:)@] markup can be used to create select boxes, and [@(:input default ...:)@] can be used to set default control values, including for radio buttons and checkboxes.%0a%0a* The [@(:input textarea:)@] markup now can take values from other sources, including page text variables from other pages.%0a%0a* Specifying [@focus=1@] on an [@(:input:)@] control causes that control to receive the input focus when a page is loaded. If a page has multiple controls requesting the focus, then the first control with the lowest value of [@focus=@] "wins".%0a%0a* PmWiki now provides a ''scripts/creole.php'' module to enable Creole standard markup. To enable this, add [@include_once('scripts/creole.php')@] to a local customization file.%0a%0a* PmWiki adds a new [@{(...)}@] ''markup expression'' capability, which allows various simple string and data processing (e.g., formatting of dates and times). This is extensible so that recipe authors and system administrators can easily add custom expression operators.%0a%0a* It's now possible to configure PmWiki to automatically create Category pages whenever a page is saved with category links and the corresponding category doesn't already exist. Pages are created only if the author has appropriate write permissions into the group. To enable this behavior, add the following to ''local/config.php'':%0a%0a-->[@$AutoCreate['/^Category\\./'] = array('ctime' => $Now);@]%0a%0a* Sites with wikiwords enabled can now set $WikiWordCount['WikiWord'] to -1 to indicate that 'WikiWord' should not be spaced according to $SpaceWikiWords.%0a%0a* WikiWords that follow # or & are no longer treated as WikiWords.%0a%0a* Links to non-existent group home pages (e.g., [@[[Group.]]@] and [@[[Group/]]@]) will now go to the first valid entry of $PagePathFmt, instead of being hardcoded to "Group.Group". For example, to set PmWiki to default group home pages to [@$DefaultName@], use%0a%0a-->[@$PagePathFmt = array('{$Group}.$1', '$1.{$DefaultName}', '$1.$1');@]%0a%0a* PmWiki now provides a $CurrentTimeISO and $TimeISOFmt variables, for specifying dates in ISO format.%0a%0a* [[(Cookbook:)Cookbook]] authors can use the internal PmWiki function UpdatePage (temporarily documented at [[(Cookbook:)DebuggingForCookbookAuthors]]) to change page text while preserving history/diff information, updating page revision numbers, updating RecentChanges pages, sending email notifications, etc.%0a%0a* [[Skin templates]] are now required to have %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives. Setting $EnableSkinDiag causes PmWiki to return an error if this isn't the case for a loaded skin. Skins that explicitly do not want HTMLHeader or HTMLFooter sections can use %3c!--NoHTMLHeader--> and %3c!--NoHTMLFooter--> to suppress the warning.%0a%0a* Added a new "pre" wikistyle for preformatted text blocks.%0a%0a* The xlpage-utf-8.php script now understands how to space UTF-8 wikiwords. %0a%0a* Searches on utf-8 site are now case-insensitive for utf-8 characters.%0a%0a* Many Abort() calls now provide a link to pages on pmwiki.org that can explain the problem in more detail and provide troubleshooting assistance.%0a%0a* PmWiki no longer reports "?cannot acquire lockfile" if the visitor is simply browsing pages or performing other read-only actions.%0a%0a* The $EnableReadOnly configuration variable can be set to signal PmWiki that it is to run in "read-only" mode (e.g., for distribution on read-only media). Attempts to perform actions that write to the disk are either ignored or raise an error via Abort().%0a%0a* Including authuser.php no longer automatically calls ResolvePageName().%0a%0a* Authentication using Active Directory is now simplified. In Site.AuthUser or the $AuthUser variable, set "ldap://name.of.ad.server/" with no additional path information (see PmWiki.AuthUser for more details).%0a%0a* Pages are now saved with a "charset=" attribute to identify the character set in effect when the page was saved.%0a%0a* The phpdiff.php algorithm has been optimized to be smarter about finding smaller diffs.%0a%0a* Removed the (deprecated) "#wikileft h1" and "#wikileft h5" styles from the pmwiki default skin.%0a%0a* The mailposts.php and compat1x.php scripts have been removed from the distribution.%0a%0a!! Version 2.1.27 (2006-12-11)%0a%0aThis version backports from 2.2.0-beta a bugfix for $TableRowIndexMax and also support for the [@{*$Variable}@] markup.%0a%0a!! Version 2.1.26 (2006-09-11)%0a%0aThis version fixes a bug in feeds.php that would cause feed entries to be mixed up.%0a%0a!! Version 2.1.25 (2006-09-08)%0a%0aThis release fixes a bug in authuser.php introduced by the 2.1.24 release.%0a%0aThe skin template code has also been extended to allow [@%3c!--XMLHeader-->@] and [@%3c!--XMLFooter-->@] as aliases for [@%3c!--HTMLHeader-->@] and [@%3c!--HTMLFooter-->@].%0a%0a!! Version 2.1.24 (2006-09-06)%0a%0aThis release makes some improvements and fixes to the [[AuthUser]]%0acapability.%0a%0aA bug in authuser.php that had trouble dealing with non-array values in $AuthUser has been fixed.%0a%0aIt is now possible to specify group memberships from ''local/config.php'' (remember that such entries must come ''before'' including the ''authuser.php'' script):%0a%0a # alice and bob's passwords%0a $AuthUser['alice'] = crypt('alicepassword');%0a $AuthUser['bob'] = crypt('bobpassword');%0a%0a # members of the @writers and @admins groups%0a $AuthUser['@writers'] = array('alice', 'bob');%0a $AuthUser['@admins'] = array('alice', 'dave');%0a%0a # carol is a member of @editors and @writers%0a $AuthUser['carol'] = array('@editors', '@writers');%0a%0aAuthUser can now read from Apache-formatted .htgroup files. The location of the .htgroup file can be done either in ''local/config.php'' or [[Site.AuthUser]]%0a%0a # local/config.php:%0a $AuthUser['htgroup'] = '/path/to/.htgroup';%0a%0a # Site.AuthUser%0a htgroup: /path/to/.htgroup%0a%0a%0a!! Versions 2.1.21, 2.1.22, 2.1.23 (2006-09-05, 2006-09-06)%0a%0aThis release closes a potential security vulnerability for sites %0athat are running with 'register_globals' set to on. Details of%0athe vulnerability will be forthcoming on the mailing list%0aand site.%0a%0aSites that are running with PHP 'register_globals' and 'allow_url_fopen'%0aset to 'On' should upgrade to this release at the earliest%0aopportunity. If upgrading isn't an option, contact Pm for%0aa patch to older versions.%0a%0aThere is now a tool available to analyze PmWiki sites for security%0aand other configuration settings, see [[PmWiki:SiteAnalyzer]].%0a%0aVersion 2.1.23 also corrects a bug that prevented PmWiki from being%0aable to read pagefiles created by versions of PmWiki before 0.5.6.%0a%0a!! Version 2.1.20 (2006-09-04)%0a%0aMore minor bugfixes:%0a* Corrected a bug with WikiWord references appearing in the [@(:attachlist:)@] markup.%0a* Restore ability to remove/override PmWiki's default CSS settings.%0a%0a!! Version 2.1.19 (2006-08-30)%0a%0aThis release provides a number of very minor bugfixes and%0aenhancements:%0a%0a* Fixed a bug in the pageindex code that was causing it to not regenerate as quickly as it should.%0a* Fixed image/object/embed handling in wikistyles to better support the [[Cookbook:Flash]] recipe.%0a* Fixed a bug with wikistyles and input form tags.%0a%0aThe next release(s) may have a number of substantial code%0aenhancements and changes, so this release simply closes out%0aa few items before introducing those changes.%0a%0a%0a!! Version 2.1.18 (2006-08-28)%0a%0aThis release closes a potential cross-site scripting vulnerability%0athat could allow authors to inject Javascript code through the%0avarious table markups.%0a%0aThe release also adds a new [@(:input image:)@] markup to generate%0aimage input tags in forms.%0a%0aFinally, this release corrects a problem with [@?action=print@]%0afailing to properly set the [@{$Action}@] page variable.%0a%0a!! Version 2.1.17 (2006-08-26)%0a%0aThis release fixes a long-standing bug with $EnableIMSCaching%0a(PITS:00573), whereby login/logout operations wouldn't invalidate %0abrowser caches, causing some people to see versions of a page prior%0ato the login/logout taking place. %0a%0aThe new IMS caching code maintains a "imstime" cookie in the %0avisitor's browser that keeps track of the time of last login, %0alogout, author name change, or site modification. This cookie%0ais then used to determine the proper response to browser requests%0acontaining If-Modified-Since headers. (Previously only the%0atime of the last site modification was available.) %0a%0aBrowsers which do not accept cookies will effectively act as%0athough IMS caching is disabled.%0a%0a%0a!! Version 2.1.16 (2006-08-26) [[#v2116]]%0a%0aThis release makes some improvements to skin handling -- primarily%0athis improves the capability of relocating skin files to other%0alocations, and to provide the ability for recipes to insert items%0aat the ''end'' of HTML output.%0a%0aThis release introduces a [@%3c!--HTMLFooter-->@] directive into%0a[[skin templates]], which allows recipes and local%0acustomizations to insert output near the end of a document %0ausing a $HTMLFooterFmt array from PHP.%0a%0aAlso, the [@%3c!--HeaderText-->@] directive, which inserts the%0acontents of $HTMLHeaderFmt into the output, has now been%0arenamed to [@%3c!--HTMLHeader-->@]. PmWiki will continue to%0arecognize [@%3c!--HeaderText-->@] to preserve compatibility with%0aexisting skins, but [@%3c!--HTMLHeader-->@] is preferred.%0a%0aA new $SkinLibDirs array has been introduced which allows%0athe source locations and urls for skins to be specified from%0aa customization file. By default $SkinLibDirs is set as%0a%0a $SkinLibDirs = array("./pub/skins/\$Skin" => "$PubDirUrl/skins/\$Skin",%0a "$FarmD/pub/skins/\$Skin" => "$FarmPubDirUrl/skins/\$Skin");%0a%0aThe keys (on the left) indicate the places to look for a "skin .tmpl %0afile" in the filesystem, while the values (on the right) indicate the%0aurl location of the "skin css file". Modifying the value of %0a$SkinLibDirs allows a skin .tmpl file to be located anywhere on the %0afilesystem.%0a%0aAs far as I can see, none of the changes introduced by this%0arelease should have any sort of negative impact on existing%0asites, so it should be safe to upgrade. (If I'm wrong, please%0alet me know.)%0a%0a%0a!! Version 2.1.15 (2006-08-25)%0a%0aThis release includes a number of feature enhancements and code cleanups%0aas reported or requested by administrators.%0a%0aFirst, AuthUser's LDAP authentication system now allows the use of%0aa [@?filter@] parameter, consistent with urls used for mod_auth_ldap%0aauthorization in Apache. See the newly updated LDAP section of the%0a[[AuthUser]] documentation for more details.%0a%0aA chicken-and-egg problem with the [@@_site_*@] authorization groups%0ahas been resolved. It's now possible to have a page's read authorization%0arefer to things such as [@_site_edit@].%0a%0aAlso, the RetrieveAuthPage() function -- used for retrieving pages only%0aif the visitor is authorized to do so -- now recognizes a special%0alevel parameter of 'ALWAYS', which means to always authorize access%0aregardless of the browser or visitors current permissions. This%0amay be useful for allowing certain operations to take place from%0awithin trusted scripts without having to grant full authorization%0ato the browser.%0a%0aHardcoded instances of the ''local/'' directory now use a%0acustomizable $LocalDir variable. This variable controls where%0aPmWiki looks for ''local/config.php'' and per-group customization %0afiles. It may be useful for some [[Wiki Farm(s)]] contexts. Note that%0athis does not change or affect the location of %0a''$FarmD/local/farmconfig.php''.%0a%0aSome minor internal changes have been made to %0a''scripts/wikistyles.php'' to better accommodate the %0awikipublisher recipe. It's probably better if we don't try%0ato explain them. :-)%0a%0a%0a!! Version 2.1.13, 2.1.14 (2006-08-15, 2006-08-16)%0a%0aThis release fixes a bug in handling numeric passwords, and also%0aallows ldaps:// authentication sources.%0a%0a!! Version 2.1.12 (2006-08-07)%0a%0aThis version introduces the ability to nest divs and tables.%0aThe standard [@(:table:)@] and [@(:div:)@] markups are still%0aavailable, except that a [@(:div:)@] may contain a [@(:table:)@]%0aand vice-versa. %0a%0aAs in previous versions of PmWiki, the [@(:div:)@] markup%0aautomatically closes any previous [@(:div:)@]. However, there%0aare now [@(:div1:)@], [@(:div2:)@], etc. markups (and the%0acorresponding [@(:div1end:)@], [@(:div2end:)@], ...) which can be%0aused to uniquely distinguish divs for nesting purposes.%0a%0aTo restore PmWiki's previous "non-nested" div behavior, set%0a$Transition['nodivnest'] = 1; in a local customization file.%0a%0aOther changes in this release:%0a* Add a [@(:noaction:)@] directive to suppress display of page actions.%0a* Allow anchor tags to contain colons, hyphens, and dots.%0a* Add "white-space" as an allowed wikistyle.%0a* Other minor bug fixes and typographical corrections.%0a%0a%0a!! Version 2.1.11 (2006-06-09)%0a%0aThis is a minor update that prevents [@%25define=%25@] wikistyles%0afrom generating empty paragraphs in the HTML output. Prior to%0athis release, markup lines containing only wikistyle definitions%0awould often generate empty paragraphs (%3cp>%3c/p>), this release%0achanges things so that a markup line beginning with [@%25define=@]%0aand containing only wikistyle definitions will not initiate%0aa new paragraph.%0a%0a%0a!! Version 2.1.10 (2006-06-03)%0a%0aVersion 2.1.4 introduced an [@{$Action}@] page variable that would%0acontain the current [@?action=@] value. Unfortunately, this page%0avariable conflicted with a pre-existing [@$Action@] global variable%0athat was being used by skins to display a human-friendly form of%0athe current action. Since there's not really a clean way to resolve%0athis, I've decided to keep [@{$Action}@] as a page variable%0awith the current action value (as introduced in 2.1.4), and change %0athe global for skins to be $ActionTitle. This will require updating%0askins to use $ActionTitle instead of $Action. I apologize for the%0aconflict.%0a%0aThis release adds a Site.LocalTemplates page for the [@fmt=#xyz@]%0aoption in pagelist and search results. The list of pages to be%0asearched can be customized via the $FPLTemplatePageFmt variable.%0aThe [@fmt=#xyz@] option will now also search the current page for%0aa matching template before searching Site.LocalTemplates%0aand Site.PageListTemplates.%0a%0aThe 'pmwiki' skin now places a %3cspan> around the "Recent Changes"%0alink in the header to make it somewhat easier to style.%0a%0a!! Version 2.1.9 (2006-06-02)%0a%0aThis release fixes a long-standing and difficult-to-find bug with%0athe handling of [@[[~Author]]@] links.%0a%0a!! Version 2.1.8 (2006-06-01)%0a%0aThis release simply changes the $NotifyListFmt variable to be%0a$NotifyListPageFmt (more descriptive), and adds a $NotifyList%0aarray that can be used to specify notification entries from%0aa configuration file.%0a%0a!! Version 2.1.7 (2006-05-31)%0a%0aThis release introduces a variety of improvements and bugfixes.%0a%0a'''Vspace paragraphs are now divs:'''%0aVersion 2.1.7 changes the way that PmWiki handles vertical%0aspace in output (the infamous [@%3cp class='vspace>%3c/p>@] sequence).%0aInstead of using paragraphs, PmWiki now generates %0a[@%3cdiv class='vspace'>%3c/div>@] for vertical space sequences.%0aIn addition, PmWiki is able to collapse the vspace %3cdiv> with%0aany subsequent paragraph tags, such that a sequence like%0a%0a %3cdiv class='vspace>%3c/div>%3cp>...paragraph text...%3c/p>%0a%0ais automatically converted to%0a%0a %3cp class='vspace'>...paragraph text...%3c/p>%0a%0aThis allows for better control over paragraph spacing. It is%0aexpected that this change in vspace handling will not have%0aany detrimental effects on existing sites. Sites that have%0aset custom values for $HTMLVSpace will continue to use the%0acustom value. A site that wants to restore PmWiki's earlier%0ahandling of vspace can do so by adding the following to%0a''local/config.php'':%0a%0a $HTMLVSpace = "%3cp class='vspace'>%3c/p>";%0a%0a'''Improved email notifications of changes:''' Version 2.1.7%0aincorporates a ''notify.php'' script that provides improved%0acapabilities for sending email notifications in response to%0apage changes. This script is intended to replace the previous%0a[[(PmWiki:)MailPosts]] capability, which is now deprecated (but will%0acontinue to be supported in PmWiki 2.1.x). Details and %0ainstructions for using notify.php are in the [[PmWiki.Notify]] page.%0a%0a'''Added 'group home page' syntax:''' A group name followed%0aby only a dot or slash is automatically treated as a reference%0ato the group's home page, whatever it happens to be. This simplifies%0asome pagelist templates as well as a number of other items. %0aIn particular, group links in pagelist output now points to the%0acorrect locations (instead of being a page in the current group).%0a%0aSeveral bugs and vulnerabilities have been fixed:%0a* The default width of edit forms is now more appropriate for Internet Explorer.%0a* Authentication failure messages from LDAP are now suppressed.%0a* Some cross-site scripting vulnerabilities in uploads and page links have been corrected (courtesy Moritz Naumann, http://moritz-naumann.com).%0a* A problem with invalid pagenames resulting in redirect loops has been corrected.%0a%0a!! Version 2.1.6 (2006-05-22)%0a%0aThe primary improvement in this release is the addition of %0aa pagename argument to the [@(:if auth:)@] conditional markup.%0aThus one can display markup based on a visitor's authorization%0ato a page other than the current one. For example, to test%0afor edit privileges to `Main.WikiSandbox, one would use%0a[@(:if auth edit Main.WikiSandbox:)@]. As before, if the%0apagename is omitted the directive tests authorization to%0athe current page.%0a%0aThis release also restores the ability to have hyphens in%0aInterMap link names.%0a%0aLastly, the release closes a potential cross-site scripting%0avulnerability in the WikiTrail markup, and provides some small%0aperformance improvements.%0a%0a!! Version 2.1.4, 2.1.5 (2006-03-29)%0a%0aThis release fixes a few more bugs:%0a* Pagelist-based feeds using ?action=rss work again.%0a* Multi-term searches with special characters is fixed.%0a%0aThe release also adds a couple of items:%0a* There is now an [@{$Action}@] page variable.%0a* Usernames and passwords submitted to authuser.php can contain quotes.%0a* The [@(:attachlist:)@] command now uses a natural case sort.%0a%0a!! Version 2.1.3 (2006-03-17)%0a%0aThis release fixes a bug that prevents the [@lines=@] option from%0aworking on sites running PHP 5.1.1 or later. It also re-fixes%0aa bug involving empty passwords and LDAP authentication.%0a%0a!! Version 2.1.2 (2006-03-16)%0a%0aThis release fixes a bug with handling "nopass" passwords. It also%0amakes some speed improvements to large web feeds, and fixes a couple%0aof minor HTML tag mismatches.%0a%0a!! Version 2.1.1 (2006-03-13)%0a%0aThis release primarily fixes a bug with passwords containing%0amultiple authorization groups, and in the process slightly liberalized%0athe formatting of "@group" and "id:name" handling. This release also %0aadds a new mechanism for managing and displaying FAQ pages.%0a%0a!! Version 2.1.0 (2006-03-12)%0a%0aThis set of release notes is fairly lengthy, as it chronicles all of the changes since 2.0.13 (four months of development). A lot remains the same, but some changes warrant extra care when upgrading from a 2.0.x version to 2.1.0 (thus the major revision number change). As always, questions and issues can be mailed to the pmwiki-users mailing list.%0a%0aHere's the list:%0a%0a* WikiWords are now disabled by default. To enable them, set "$LinkWikiWords = 1;" in a [[local customization(s)]] file. As of 2.1.beta2, you can now leave WikiWords enabled but have links to non-existent pages display without decoration -- to do this, place the following lines in ''pub/css/local.css'':%0a%0a span.wikiword a.createlink { display:none; }%0a span.wikiword a.createlinktext %0a { border-bottom:none; text-decoration:none; color:inherit; }%0a%0a* The [@(:pagelist:)@] code has been substantially revised. Pagelist formatting can now be specified using markup, and several defaults are available from [[Site.PageListTemplates]]. Also, several built-in pagelist formatting functions (FPLSimple, FPLByGroup, FPLGroup) are now removed in favor of the template code. The FPLByGroup function can be restored by setting $Transition['fplbygroup']=1; . '''Remark:''' Check to see if your page [[Site.PageListTemplates]] is not passwordprotected for viewing, otherwise the resulting pagelist will not be shown. %0a%0a* [@(:pagelist:)@] now also understands wildcards in @@group=@@ and @@name=@@ arguments, as well as excluding specific names and groups.%0a%0a* [@(:pagelist:)@] now has an "order=random" option.%0a%0a* [@(:searchbox:)@] now accepts "group=", "link=", "list=", etc. options to be passed along to the search results. It also accepts a "target=" option that identifies the page on which to send the search query.%0a%0a* [@?action=search@] will display the contents of the current page if it contains a [@(:@][@searchresults:)@] directive, otherwise it uses the content of the page identified by $PageSearchForm (default is the search page for the current language translation). %0a%0a* PmWiki no longer maintains a ".linkindex" file -- it now has a ".pageindex" file that contains not only a table of links, but also words used in each page (to speed up term searches). The maintenance of the .pageindex file can be disabled by setting $PageIndexFile=''; %0a %0a* The $EnablePageListProtect variable now defaults to true, so that read-only pages appear in pagelists only if the visitor has read authorization. Note that this can also slow down some [@(:pagelist:)@] and search commands, so if the site doesn't have any read-only pages or if you aren't worried with cloaking read-only pages from searchlists, it might be worth setting $EnablePageListProtect=0; .%0a%0a* Whitespace indentation rules now exist and are enabled by default. Any line that begins with whitespace and aligns with a previous list item is considered to be "within" that list item. Text folds and wraps as normal, and the [@(:linebreaks:)@] directive is honored. To turn off whitespace indentation, use [@DisableMarkup('^ws');@].%0a%0a* A single blank line after a [@!!Heading@] is silently ignored.%0a%0a* The [@(:redirect:)@] directive is now a true markup, and can be embedded inside conditional markups or includes. It also allows redirecting to an anchor in a page, such as [@(:redirect PageName#anchor:)@]. A new [@from=@] option allows the redirect to take place only from pages that match the given wildcard specification. The [@status=@] option allows a 301, 302, 303, or 307 HTTP status code to be returned.%0a%0a* The built-in authorization function has gone through some substantial internal changes, however these changes should be fully backward compatible so that it doesn't impact any existing sites. (If it ''does'' cause a problem, please let me know so I can investigate why!) The password prompts are now specified by an admin-customizable Site.AuthForm page. In addition, the authorization function no longer creates PHP sessions for visitors that aren't being authenticated.%0a%0a* The authuser.php has likewise been substantially updated. The new version should have complete backwards compatibility with previous authuser.php settings, but this version also offers the ability to configure authentication resources and authorization groups through the [[Site.AuthUser]] page. Note that by default the Site.AuthUser page can only be edited using the admin password.%0a%0a* The $EnableSessionPasswords variable can be used to control whether passwords are held in PHP sessions. (This does not affect user authentication via [[AuthUser]], however.)%0a%0a* The $Author variable now defaults to $AuthId if not otherwise set by a script or cookie.%0a%0a* The [[Site.SideBar]] page now defaults its edit password to the sitewide edit password (in $DefaultPasswords['edit']).%0a%0a* PmWiki now supports a "draft edit" mode, enabled by $EnableDrafts = 1. This creates a "Save as draft" button that will save a page under a "-Draft" suffix, for intermediate edits.%0a%0a* There is now an ?action=login action available.%0a%0a* A potential security vulnerability for sites running PHP 5 with register_globals enabled has been fixed.%0a%0a* The [@[[PageName |+]]@] markup is now available by default; this creates a link to `PageName and uses that page's title as the link text.%0a%0a* What used to be "markup variables" are now "[[page variables]]". These are always specified using the @@{$''variable''}@@ syntax, and can be used in markup and in $...Fmt strings. In addition, one can request a value for a specific page by placing the pagename in front of the variable, as in @@{''pagename''$''variable''}@@.%0a%0a* The ''scripts/rss.php'' script is now ''scripts/feeds.php'', and is a complete redesign for [[web feed(s)]] generation. The new version supports UTF-8 and other encodings, can generate Atom 1.0 ([@?action=atom@]), Dublin Core Metadata ([@?action=dc@]) output, and enclosures for podcasting. It also allows feeds to be generated from trails, groups, categories, and backlinks, and provides options (same as pagelists) for sorting and filtering the contents of the feed. Most sites can simply switch to using [@include_once("scripts/feeds.php");@] instead of the previous ''rss.php'' include. The ''rss.php'' file has been removed from the distribution (but still works with PmWiki 2.1 for those sites that wish to continue using it).%0a%0a* [[PmWiki/InterMap]] entries can now come from a `Site.InterMap page as well as the ''local/localmap.txt'' and ''local/farmmap.txt'' files. The format of these files has changed slightly, in that the InterMap name should now have a colon after it (previously the colon was omitted).%0a%0a* We can now provide better control of robot (webcrawler) interactions with a site to reduce server load and bandwidth. The $RobotPattern variable is used to detect robots based on the user-agent string, and any actions not listed in the $RobotActions array will return a 403 Forbidden response to robots. In addition, setting $EnableRobotCloakActions will eliminate any forbidden ?action= values from page links returned to robots, which will reduce bandwidth loads from robots even further (PITS:00563).%0a%0a* Non-existent page handling has been improved; whenever a browser hits a non-existent page, PmWiki returns the contents of Site.PageNotFound and a 404 ("Not Found") status code.%0a%0a* Page links that have "?action=" in their query arguments are now treated as "existing page" links even if the page does not exist.%0a%0a* The PmWiki default skin now adds rel='nofollow' to various action links.%0a%0a* Some of the CSS styles in the PmWiki default skin have been changed for better presentation.%0a%0a* The gui edit buttons have transparent (instead of white) borders so they integrate better into skins.%0a%0a* The $EnableIMSCaching variable is now much smarter, it can detect changes in local customization files as well as pages.%0a%0a* [[PmWiki/WikiStyles]] can now make percentage specifications by using "pct" to mean "%25".%0a%0a* Class attributes in [[WikiStyle(s)]] shortcuts are now cumulative, so that [@%25class1 class2%25@] results in [@class='class1 class2'@] instead of just [@class='class2'@] in the output.%0a%0a* A problem with the [@(:include PageName#from#:)@] markup not working has been fixed (PITS:00560).%0a%0a* Viewing a GroupHeader or GroupFooter page no longer displays the contents twice.%0a%0a* It's now easier to share pages among multiple sites (e.g., [[WikiFarms]]), see Cookbook:SharedPages (PITS:00459).%0a%0a* A problem with nested apostrophe markups has been fixed (PITS:00590).%0a%0a* PmWiki is now smarter about not surrounding block HTML tags with %3cp>...%3c/p> tags.%0a%0a* If an [@[[#anchor]]@] is used more than once in a page, only the first generates an actual anchor (to preserve XHTML validity).%0a%0a* There are now [@(:if equal ...:)@] and [@(:if exists pagename:)@] [[conditional markup]]s.%0a%0a* Compound conditional markup expressions are now possible -- e.g. [@(:if [ group PmWiki && ! name PmWiki ] :)@] .%0a%0a* Added an $InputValues array that can supply default values for certain form controls (PITS:00566).%0a%0a* The default setting of $UploadUrlFmt is now based on $PubDirUrl instead of $ScriptUrl.%0a%0a* The $text global variable has been removed (use $_GET['text'], $_POST['text'], or $_REQUEST['text']).%0a%0a* A possible problem with url-encoding of attachments with non-ASCII characters has been addressed (PITS:00588).%0a%0a* Page actions in non-existent pages no longer display with non-existent link decorations.%0a%0a* A README.txt file has been added, and several documentation files are now available through the docs/ directory.%0a %0a* PmWiki is no longer available through CVS on sourceforge.net. It is now available via SVN on pmwiki.org, at svn://pmwiki.org/pmwiki/tags/latest . For more details, see PmWiki:Subversion.%0a%0a* The $NewlineXXX variable (deprecated in 2.0.0) has been removed.%0a%0a* There is experimental support for server-side caching of pages that take a long time to render; this is currently an unsupported feature and may be removed in future releases.%0a%0a%25red%25Wiki administrators should note that from this release on PmWiki defaults to having WikiWords disabled.%0a%0aTo make sure WikiWords are enabled, use [@$LinkWikiWords = 1;@] in%0athe ''local/config.php'' file.%0a%0a----%0aBugs and other requests can be reported to the PmWiki Issue Tracking %0aSystem at http://www.pmwiki.org/wiki/PITS/PITS. Any help%0ain testing, development, and/or documentation is greatly appreciated..%0a%0a[[(PmWiki:)Release Notes archive]] - notes for versions older than 2.1.0.%0a%0a%0a%0a%0a%0a%0a%0a%0a%0a -time=1409603042 +text=(:title Release Notes:)(:Summary: Notes about new versions, important for upgrades:)%0aSee also: [[Upgrades]], [[Change log]] and [[(PmWiki:)Road map]].%0a%0a!! Version 2.2.69 (2014-10-13) [[#v2269]]%0aThis version fixes a bug when dates are defined as relative to other dates, eg. "2014-10-13 -3 days". The documentation was updated.%0a%0a!! Version 2.2.68 (2014-09-01) [[#v2268]]%0aThis version adds a Skins: InterMap prefix pointing to the Skins section on PmWiki.org, a "signature" markup in the edit quick reference, new WikiStyles clear, min-width and max-width and the documentation was updated.%0a%0a!! Version 2.2.67 (2014-08-02) [[#v2267]]%0aThis version fixes an inconsistency with input forms when values are taken from PageTextVariables. The documentation was updated to the latest state on pmwiki.org.%0a%0a!! Version 2.2.66 (2014-07-02) [[#v2266]]%0aThis version fixes a minor longstanding bug in the default Notification format when a page is deleted. In custom patterns, the "_" character will no longer be considered a function name. The documentation was updated.%0a%0a!! Version 2.2.65 (2014-06-07)%0aThis version fixes Pagelist handling of [@{$$PseudoVars}@] when they contain page variables. File permissions handling was improved when the current directory is owned by "root". The documentation was updated.%0a%0a!! Version 2.2.64 (2014-05-08)%0aThis version adds the [="{(mod)}"=] markup expression for modulo/remainder calculations, and the "tel:" and "geo:" URI schemes which, on compatible devices like smartphones, allow the creation of links to dial telephone numbers and open map/location applications. %0a%0aThe $SysMergePassthru switch was added, if enabled, it allows the "Simultaneous Edits" conflict resolution to use the passthru() function instead of popen().%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.63 (2014-04-05) [[#rel2.2.63]]%0aThis version allows for form elements to have custom attributes containing a dash in the attribute names and enables the attributes 'required', 'placeholder' and 'autocomplete' for HTML5 forms. A minor bug with pagelist [={$$RequestVariables}=] appearing on some installations was fixed. The documentation was updated.%0a%0a!! Version 2.2.62 (2014-02-28) [[#rel2.2.62]]%0aThis version adds the variable $EnableTableAutoValignTop which allows to make advanced tables compatible with HTML5. For developers, a fourth argument $template was added to the Markup_e() function, and a callback template 'return' was added. The documentation was updated.%0a%0a!! Version 2.2.61 (2014-01-31) [[#rel2.2.61]]%0aThis version removes unnecessary snippets of code and adds the variable $TableCellAlignFmt which allows to make simple tables compatible with HTML5. The documentation was updated.%0a%0a!! Version 2.2.60 (2014-01-12) [[#rel2.2.60]]%0aThis version reverts the changes to the pmwiki.css file made in 2.2.59. %0a%0a!! Version 2.2.59 (2014-01-11) [[#rel2.2.59]]%0aThis version has an improvement for Blocklist when multiple text fields are posted. A bug with some nested markup conditionals was fixed. The default skin switched font sizes from points (fixed) to percents (relative). A couple of other minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.58 (2013-12-25)%0aThis version enables customization of [=(:input auth_form:)=], and fixes a couple of minor bugs. The documentation was updated.%0a%0a!! Version 2.2.57 (2013-11-03)%0aThis version enables the use of the Attach: link format in the [[PmWiki/PageDirectives#attachlist|[=(:attachlist:)=]]] directive. The documentation was updated.%0a%0a!! Version 2.2.56 (2013-09-30)%0aThis version aims to fix a PHP 5.5 compatibility issue with a deprecated feature of the preg_replace() function. The PageStore() class now detects and works around a bug with the iconv() function, and the documentation was updated.%0a%0a!! Version 2.2.55 (2013-09-16)%0aThis version adds the variable $EnableDraftAtomicDiff. If enabled, publishing from a draft version will clear the history of intermediate draft edits, and the published version will contain a single combined diff from the previous published version. The documentation was updated.%0a%0a!! Version 2.2.54 (2013-08-13)%0aThis version fixes a bug when old versions are restored from draft pages. The documentation was updated.%0a%0a!! Version 2.2.53 (2013-07-08)%0aThis version enables a message to be shown when a post is blocked because of too many unapproved links. The documentation was updated.%0a%0a!! Version 2.2.52 (2013-06-08)%0aThis version hides warnings about a deprecated feature in PHP 5.5 installations (preg_replace with /e eval flag). Three new upload extensions were added: docx, pptx and xlsx produced by recent versions of some office suites. The documentation was updated.%0a%0a!! Version 2.2.51 (2013-05-08)%0aThis version updates the addresses for the remote blocklists. A minor XSS vulnerability for open wikis, which was discovered today, was fixed. The documentation was updated.%0a%0a!! Version 2.2.50 (2013-04-08)%0aThis release only updates the documentation to the latest state on pmwiki.org.%0a%0a!! Version 2.2.49 (2013-03-09)%0aThis version adds an array $UploadBlacklist containing forbidden strings of an uploaded filename (case insensitive). Some Apache installations try to execute a file which has ".php", ".pl" or ".cgi" anywhere in the filename, for example, "test.php.txt" may be executed. To disallow such files to be uploaded via the PmWiki interface, add to config.php such a line:%0a%0a $UploadBlacklist = array('.php', '.pl', '.cgi', '.py', '.shtm', '.phtm', '.pcgi', '.asp', '.jsp', '.sh');%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.48 (2013-02-11)%0aThis version fixes a bug introduced yesterday with some links. %0a%0a!! Version 2.2.47 (2013-02-10)%0aThis version enables tooltip titles in links to anchors in the same page, and the documentation was updated.%0a%0a!! Version 2.2.46 (2013-01-07)%0aThis version adds $UploadPermAdd and $UploadPermSet variables, and the documentation was updated.%0a%0aIf your wiki has uploads enabled, it is recommended to set the variable $UploadPermAdd to 0. %0a%0aThe $UploadPermAdd variable sets additional unix permissions applied to newly uploaded files, and should be 0 (recommended as of 2013). If uploaded files cannot be downloaded and displayed on the website, for example with the error 403 Forbidden, set this value to 0444 (core setting, default since 2004). %0a $UploadPermAdd = 0; # recommended%0a%0aThe $UploadPermSet variable unconditionally sets the file permissions on newly uploaded files. Only advanced administrators should use it.%0a%0a%0a!! Version 2.2.45 (2012-12-02)%0aThis version fixes some PHP notices appearing on some installations. The documentation was updated.%0a%0a!! Version 2.2.44 (2012-10-21)%0aThis version improves the display of consecutive whitespaces in page histories, and fixes the definition of PageTextVariables containing a dash. The documentation was updated.%0a%0a%0a!! Version 2.2.43 (2012-09-20)%0aThis version makes it possible to use HTML attribute names that contain dashes, and removes a warning when editing and previewing Site.EditForm. The documentation was updated.%0a%0a!! Version 2.2.42 (2012-08-20)%0aThis version provides a workaround for cases when a wiki page contains a character nonexistent in the active encoding. The documentation was updated.%0a%0a!! Version 2.2.41 (2012-08-12)%0aThis version changes the internal $KeepToken separator to be compatible with more encodings. The documentation was updated.%0a%0a!! Version 2.2.40 (2012-07-21)%0aThis version provides a helper function replacing htmlspecialchars() and compatible with PHP 5.4. The documentation was updated.%0a%0a!! Version 2.2.39 (2012-06-25)%0aThis version provides a fix for links to attachments containing international characters. The documentation was updated.%0a%0a!! Version 2.2.38 (2012-05-21)%0aThis version fixes a "parameter count" warning which appeared on some websites.%0a%0a!! Version 2.2.37 (2012-05-01)%0aThis version provides a workaround for installations with broken iconv() function, while optimizing the recode function. This should fix the "Unable to retrieve edit form" problem in some wikis. Dots in [[#anchor_1.2]] sections are now better supported, PageVariables are expanded in PageList template defaults, and the documentation is updated.%0a%0a!! Version 2.2.36 (2011-12-28)%0aThis version fixes the recode function to try to recover Windows-1252 characters in ISO-8859-1 files. A new variable $EnableOldCharset enables the $page["=oldcharset"] entry which will be used in the future. A couple of minor bugs were fixed and the documentation was updated.%0a%0a!! [[#v2235]] Version 2.2.35 (2011-11-11)%0aThis release fixes a critical PHP injection vulnerability, reported today by Egidio Romano. PmWiki versions 2.2.X, 2.1.X, 2.0.X and 2.0.beta33 and newer are vulnerable. When you upgrade, please read carefully the Release notes for all PmWiki versions since yours.%0a%0aIf you cannot upgrade, it is recommended to disable Searches at the earliest opportunity (even if your wiki skin doesn't have a search form). Add to config.php such a line:%0a if ($action == 'search') $action = 'browse';%0a%0aIf your old version wiki allows editing by not entirely trusted visitors, even on limited pages like a WikiSandbox, you should also disable PageLists. Add to config.php this line:%0a $EnablePageList = 0;%0a%0aThis version has an important change for international wikis: the XLPage() function no longer loads encoding scripts such as xlpage-utf-8.php. When you upgrade, you need to include those scripts from config.php, before calling XLPage():%0a%0a include_once("scripts/xlpage-utf-8.php"); # if your wiki uses UTF-8%0a XLPage('bg','PmWikiBg.XLPage');%0a%0aAll links can now have tooltip titles. Previously, only images and external links could have tooltip titles, now this feature is enabled for internal links. To set a tooltip title, add it in quotes after the link address:%0a[@%0a [[Main.HomePage"This is a tooltip title"]]%0a [[Main.HomePage"This is a tooltip title"|Home]]%0a [[http://www.pmwiki.org"Home of PmWiki"]]%0a Attach:image.jpg"Tooltip title of the image"%0a@]%0a%0aThe following new upload extensions were added: svg, xcf, ogg, flac, ogv, mp4, webm, odg, epub. A couple of minor optimizations were added (MarkupExpressions and rendering of page history) and the documentation was updated.%0a%0a!! Version 2.2.34 (2011-10-10)%0aThis version resets the timestamps of the default pages Site(Admin).AuthUser which are expected in case of upgrades from the versions 2.1.*. Core MarkupExpressions which manipulate strings should now work better with international characters. The documentation was updated to its latest state from pmwiki.org.%0a%0a!! Version 2.2.33 (2011-09-23)%0aThis version fixes a security bug introduced in 2.2.32 which left the groups Site and SiteAdmin open for reading and editing because the pages Site.GroupAttributes and SiteAdmin.GroupAttributes didn't have all necessary attributes. %0a%0aAll wikis running 2.2.32 should upgrade. If you cannot immediately upgrade, you can set the attributes from your wiki:%0a* open the attributes page [=[[SiteAdmin.GroupAttributes?action=attr]]=] and set a "read" and an "edit" password, @@ @lock @@ is recommended.%0a* open the attributes page [=[[Site.GroupAttributes?action=attr]]=] and set an "edit" password, @@ @lock @@ is recommended. Do not set a "read" password here.%0a%0aThe release also fixes the refcount.php script to produce valid HTML, and updates intermap.txt entries PITS: and Wikipedia: to point to their current locations.%0a%0a!! Version 2.2.32 (2011-09-18)%0aThis is the first version shipping with the core documentation in the UTF-8 encoding. PmWiki will automatically convert it on the fly for wikis using an older encoding.%0a%0aIt is recommended that all '''new''' PmWiki installations enable UTF-8. Migration of ''existing'' wikis from an older encoding to UTF-8 shouldn't be rushed: it is not trivial and will be documented in the future.%0a%0aA required HTML xmlns attribute was added to the print skin template. The history rendering is now faster when many lines are added or removed.%0a%0a%25note%25 Note: Due to a manipulation error, a version 2.2.31 was created before it was ready for a release.%0a%0a!! Version 2.2.30 (2011-08-13)%0aThis version fixes a $Charset definition in international iso-8859-*.php files. This will help for a future transition to UTF-8. %0a%0aA variable $EnableRangeMatchUTF8 was added, set it to 1 to enable range matches of pagenames in UTF-8 like [A-D]. Previously the range matches were always enabled in UTF-8, but we found out that on some installations this feature breaks all pagelists, even those without range matches. In case the feature worked for you, you can re-enable it.%0a%0a!! Version 2.2.29 (2011-07-24)%0aThis release fixes Attach links that were broken with the Path fix in 2.2.28 earlier today.%0a%0a!! Version 2.2.28 (2011-07-24)%0aThis release fixes 2 potential XSS vulnerabilities and a bug with Path: links.%0a%0a!! Version 2.2.27 (2011-06-19)%0aThis release fixes a validation bug on pages after a redirection. A new block WikiStyle [@%25justify%25@] was added, allowing left and right aligned text. The page history now accepts a URL parameter @@?nodiff=1@@ which hides the rendering of edit differences, showing only timestamps, authors, summaries and "Restore" links; it allows to restore a vandalized page with a huge contents or history which otherwise would break the memory or time limits of the server.%0a%0a!! Version 2.2.26 (2011-05-21)%0aThis release fixes a redundant removal of link hashes from WikiTrails, and updates the documentation to the most recent version from PmWiki.org.%0a%0a!! Version 2.2.25 (2011-03-22)%0aThis release only updates the documentation to the latest state on pmwiki.org.%0a%0a!! Version 2.2.24 (2011-02-15)%0aThis version reverts the way existing PageVariables are processed, like version 2.2.21 or earlier, but it adds a special variable $authpage which can be used in PageVar definitions. It is the same as the $page array, but exists only if the visitor has read permissions. For example, an administrator can set to config.php:%0a%0a $FmtPV['$LastModifiedSummary'] = '@$authpage["csum"]'; # instead of '@$page["csum"]'%0a%0aThen, the edit summary metadata will only be available if the user has read permissions.%0a%0a!! Version 2.2.23 (2011-01-25)%0aThis version sets the default value of $EnablePageVarAuth to 0 until we investigate a reported problem with authentication.%0a%0a!! Version 2.2.22 (2011-01-16)%0aThis version adds the variable $EnableXLPageScriptLoad which, if set to 0, will prevent authors to load scripts from XLPage and to accidentally change the encoding of the wiki. If you use it, make sure you include the required files, eg. xlpage-utf-8.php from local config files.%0a%0aPageVariables should now respect authentications: without read permissions, the title, description, change summary, author of a protected page are unavailable. PageVariables that are computed without reading the page are still available (eg. $Group, $Namespaced, $Version etc.). Administrators can revert the previous behavior by adding to config.php such a line:%0a%0a@@ $EnablePageVarAuth = 0; @@%0a%0a!! Version 2.2.21 (2010-12-14)%0aDue to a mis-configuration of a local svn repository, some of the changes intended for 2.2.20 didn't make it in the correct branch. This release corrects this.%0a%0a!! Version 2.2.20 (2010-12-14)%0aThis version fixes a potential XSS vulnerability, reported today. An AuthUser bug with excluding users from authgroups was fixed. A new InterMap prefix PmL10n: was added, it leads to the Localization section on PmWiki.org and should help the work of translators. A couple of other minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.19 (2010-11-10)%0aThis is a documentation-update release.%0a%0a!! Version 2.2.18 (2010-09-04)%0aThis version fixes 3 minor bugs, and updates the documentation.%0a%0a!! Version 2.2.17 (2010-06-20)%0aThis version adds a variable $PostConfig containing functions and scripts to be loaded after stdconfig.php. Tabindex was added as a valid form field attribute. Protected downloads now respect existing browser caches. AuthUser now allows more flexible cookbook recipe integration. A couple of bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.16 (2010-05-10)%0aThis version fixes a bug with parsing html attributes which could allow XSS injection. Wikis allowing unprotected editing are encouraged to upgrade.%0a%0aA bug with the "center" button of the GUI edit toolbar was corrected.%0a%0aThe "exists" conditional now accepts wildcards, for example:%0a [@(:if exists Main.*:)There are pages in the Main group (:if:)@]%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.15 (2010-03-27)%0aThis version adds some minor bugfixes and optimizations notably a bug with @@[=(:template none:)=]@@ introduced in the last version 2.2.14.%0a%0a!! Version 2.2.14 (2010-02-27)%0aThis release corrects inline styles for WikiTrail links. Undefined include/template @@ [={$$variables}=] @@ are now removed from the included section, like Page(Text)Variables, and can be used in conditional expressions. If needed, this change can be reverted by adding to config.php such a line:%0a%0a[@%0a $EnableUndefinedTemplateVars = 1; # keep and display unset {$$variables}%0a@]%0a%0aPageList templates now accept the sections @@ !first @@ and @@ !last @@ for markup to appear for every page in list ''except'' the first or last one.%0a%0a"Title" attributes were added to external links. You can have tooltip titles on external links, including InterMap and attachments, by adding the link title in double quotes after the URL:%0a [=[[http://www.pmwiki.org"Home of PmWiki"| External link]]=]%0a%0aFor international wikis, PmWiki now automatically translates the titles of technical pages like GroupAttributes or RecentChanges -- just define these strings as usual in XLPage, for example, in French:%0a 'AllRecentChanges' => 'Tous les changements récents',%0a%0aSome minor optimizations were done and the documentation was updated.%0a%0a!! Version 2.2.13 (2010-02-21)%0aThis release fixes a bug with $DiffKeepNum introduced in 2.2.10 -- the count of revisions was incorrect and a page could drop more revisions than it should.%0a%0aThe [[page history]] layout was modified with a rough consensus in the community. The history now defaults to "source" view with word-level highlighting of the differences. Authors can see the changes in rendered output by clicking on the link "Show changes to output". Admins can switch back the default by adding such a line to config.php:%0a%0a $DiffShow['source'] = (@$_REQUEST['source']=='y')?'y':'n';%0a%0aTo disable word-level highlighting and show plain text changes:%0a%0a $EnableDiffInline = 0;%0a%0aIn the page history rendering, a few minor bugs were fixed and the code was slightly optimized.%0a%0aThe documentation was updated.%0a%0a!! Version 2.2.12 (2010-02-17)%0aThis release adds simple word-level highlighting of differences in the page history, when "Show changes to markup" is selected. To enable the feature, add to config.php such a line:%0a $EnableDiffInline = 1;%0a%0aThis feature is like what the InlineDiff recipe provides, but not exactly the same, and the implementation is simpler. It is enabled on PmWiki.org and can be improved -- your comments are welcome.%0a%0a!! Version 2.2.11 (2010-02-14)%0aThis release adds two new table directives for header cells, [=(:head:) and (:headnr:)=]. They work the same way as [=(:cell:) and (:cellnr:)=] except that create %3cth> instead of %3ctd> html tags.%0a%0aThe pagerev.php script was refactored into separate functions to allow easier integration of recipes displaying the page history.%0a%0aA couple of minor bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.9, 2.2.10 (2010-01-17)%0aMost important in this release is the official change of $EnableRelativePageVars to 1. The change is about how [={$Variable}=] in included pages is understood by PmWiki.%0a* When $EnableRelativePageVars is set to 0, [={$Name}=] displays the name of the currently browsed page. Even if [={$Name}=] is in an included page, it will display the name of the browsed page.%0a* When $EnableRelativePageVars is set to 1, [={$Name}=] displays the name of the physical page where it written. If [={$Name}=] is in an included page, it will display the name of the included page.%0a* [={*$Name}=] always displays the name of the currently browsed page, regardless of $EnableRelativePageVars.%0a%0aSo, if your wiki relies on page variables from included pages, and doesn't have $EnableRelativePageVars set to 1, after upgrading to 2.2.9, you can revert to the previous behavior by adding to config.php such a line:%0a $EnableRelativePageVars = 0;%0a%0aMore information about page variables can be found at:%0a http://www.pmwiki.org/wiki/PmWiki/PageVariables%0a%0aThis release adds a new variable $EnablePageTitlePriority which defines how to treat multiple [=(:title..:)=] directives. If set to 1, the first title directive will be used, and if a page defines a title, directives from included pages cannot override it. PmWiki default is 0, for years, the last title directive was used (it could come from an included page or GroupFooter).%0a%0aThis release also adds a new variable $DiffKeepNum, specifying the minimum number (default 20) of edits that will be kept even if some of them are older than the limit of $DiffKeepDays.%0a%0aA number of bugs were fixed and the documentation was updated.%0a%0a!! Version 2.2.8 (2009-12-07)%0aThis release fixes another PHP 5.3 compatibility issue with conditional markup. The Author field now handles apostrophes correctly. The documentation was updated.%0a%0a!! Version 2.2.7 (2009-11-08)%0aThis release fixes most PHP 5.3 compatibility issues. Unfortunately some specific builds for Windows may still have problems, which are unrelated to PmWiki. Notably, on Windows, all passwords need to be 4 characters or longer.%0a%0aUpload names with spaces are now correctly quoted. The documentation was updated.%0a%0a!! Version 2.2.6 (2009-10-04)%0aWith this release it is now possible to display recently uploaded files to the RecentChanges pages -- if you have been using the RecentUploadsLog recipe, please uninstall it and follow the instructions at http://www.pmwiki.org/wiki/Cookbook/RecentUploadsLog.%0a%0aThe release also introduces $MakeUploadNamePatterns to allow custom filename normalization for attachements. It is now possible to replace $PageListFilters and $FPLTemplateFunctions with custom functions. Notify should now work in safe_mode. Some bugs were fixed, among which one with conditional markup with dates. The documentation was updated.%0a%0a!! Version 2.2.5 (2009-08-25)%0aThis release adds a new markup for Pagelist templates, [@(:template none:)@] which allows a message to be set when the search found no pages. The FPLTemplate() function was broken into configurable sub-parts to allow development hooks. A number of bugs were fixed, and the documentation was updated.%0a%0a!! Version 2.2.4 (2009-07-16)%0aThis release fixes a bug introduced earlier today with HTML entities in XLPages.%0a%0a!! Version 2.2.3 (2009-07-16)%0aThis release fixes six potential XSS vulnerabilities, reported by Michael Engelke. The vulnerabilities may affect wikis open for editing and may allow the injection of external JavaScripts in their pages. Public open wikis should upgrade.%0a%0aA new variable $EnableUploadGroupAuth was added; if set to 1, it allows password-protected [[uploads]] to be checked against the Group password. %0a%0aIt is now possible to use @@ @_site_edit, @_site_read, @_site_admin@@ or @@ @_site_upload @@ global [[passwords]] in GroupAttributes pages.%0a%0aA number of other small bugs were fixed, and the documentation was updated.%0a%0a!! Version 2.2.2 (2009-06-21)%0aThe major news in this release is a fix of an AuthUser vulnerability.%0a%0aThe vulnerability affects only wikis that (1) rely on the AuthUser core module %0afor User:Password authentication, -AND- (2) where the PHP installation runs %0awith the variable "magic_quotes_gpc" disabled.%0a%0aAll PmWiki 2.1.x versions from pmwiki-2.1.beta6 on, all 2.2.betaX, 2.2.0, and %0a2.2.1 are affected.%0a%0aThe PmWiki [[SiteAnalyzer]] can detect if your wiki needs to upgrade:%0a http://www.pmwiki.org/wiki/PmWiki/SiteAnalyzer%0a%0aIf your wiki is vulnerable, you should do one of the following at the earliest %0aopportunity:%0a%0a* Upgrade to a version of PmWiki at least 2.2.2 or greater.%0a* Turn on magic_quotes_gpc in the php.ini file or in a .htaccess file.%0a%0aAlternatively, you can temporarily disable AuthUser until you upgrade.%0a%0aNote that even if your wiki does not have the AuthUser vulnerability at the %0amoment, you are strongly encouraged to upgrade to PmWiki version 2.2.2 or %0alater, as some future configuration of your hosting server might put you at %0arisk.%0a%0aThis release also comes with minor updates in the local documentation; fixes %0awere applied for international wikis - notably global variables in %0axlpage-utf-8.php and a new variable $EnableNotifySubjectEncode, which allows %0ae-mail clients to correctly display the Subject header; and a number of other %0asmall bugs were fixed.%0a%0a!! Version 2.2.1 (2009-03-28)%0aThis release comes with an updated local documentation; [[wiki trails]] now work cross-group; guiedit.php now produces valid HTML, and other small bugs were fixed. We also added $EnableRedirectQuiet, which allows redirects to take place without any mention of "redirected from page ....".%0a%0a[[#v220]]%0a!! Version 2.2.0 (2009-01-18)%0a%0aThis is a summary of changes from 2.1.x to 2.2.0.%0a%0a* Several pages that were formerly in the [[Site]].* group are now in a separate [[SiteAdmin]].* group, which is read-restricted by default. The affected pages include Site.AuthUser, Site.AuthList, Site.NotifyList, Site.Blocklist, and Site.ApprovedUrls . If upgrading from an earlier version of PmWiki, PmWiki will prompt to automatically copy these pages to their new location if needed. If a site wishes to continue using the old Site.* group for these pages, simply set%0a%0a-> $SiteAdminGroup = $SiteGroup;%0a%0a-> when carrying out this upgrade inspect your config files for lines such as%0a--> $BlocklistDownload['Site.Blocklist-PmWiki'] = array('format' => 'pmwiki');%0a->as you may wish to fix then, eg%0a--> $BlocklistDownload[$SiteAdminGroup . '.Blocklist-PmWiki'] = array('format' => 'pmwiki');%0a%0a* Important Change in Passwords in PmWiki 2.2 indicating that the group can be edited even if a site password is set will be done by @@"@nopass"@@ prior it was done by @@"nopass"@@%0a-> When migrating a wiki you will have to manually modify the permission or by a script replace in all the page concerned @@passwdread=nopass:@@ by @@passwdread=@nopass@@ (see PITS:00961) --isidor%0a%0a* PmWiki now ships with WikiWords entirely disabled by default. To re-enable them, set either $LinkWikiWords or $EnableWikiWords to 1. To get the 2.1 behavior where WikiWords are spaced and parsed but don't form links, use the following:%0a-> $EnableWikiWords = 1;%0a-> $LinkWikiWords = 0;%0a%0a* It's now easy to disable the rule that causes lines with leading spaces to be treated as preformatted text -- simply set $EnableWSPre=0; to disable this rule.%0a%0a--> '''Important:''' There is ongoing discussion that the leading whitespace rule may be disabled ''by default'' in a future versions of PmWiki. If you want to make sure that the rule will continue to work in future upgrades, set $EnableWSPre=1; in ''local/config.php''.%0a%0a* The $ROSPatterns variable has changed somewhat -- replacement strings are no longer automatically passed through FmtPageName() prior to substitution (i.e., it must now be done explicitly).%0a%0a* Page variables and page links inside of [@(:include:)@] pages are now treated as relative to the included page, instead of the currently browsed page. In short, the idea is that links and page variables should be evaluated with respect to the page in which they are written, as opposed to the page in which they appear. This seems to be more in line with what authors expect. There are a number of important ramifications of this change:%0a%0a[[#relativeurls]]%0a** We now have a new [@{*$var}@] form of page variable, which always refers to "the currently displayed page". Pages such as Site.PageActions and Site.EditForm that are designed to work on "the currently browsed page" should generally switch to using [@{*$FullName}@] instead of [@{$FullName}@].%0a%0a** The $EnableRelativePageLinks and $EnableRelativePageVars settings control the treatment of links and page variables in included pages. However, to minimize disruption to existing sites, $EnableRelativePageVars defaults to '''disabled'''. This will give existing sites an opportunity to convert any absolute [@{$var}@] references to be [@{*$var}@] instead.%0a%0a** Eventually $EnableRelativePageVars will be enabled by default, so we highly recommend setting [@$EnableRelativePageVars = 1;@] in ''local/config.php'' to see how a site will react to the new interpretation. Administrators should especially check any customized versions of the following:%0a---> [[Site.PageActions]]%0a---> [[Site.EditForm]]%0a---> [[Site.PageNotFound]]%0a---> SideBar pages with ?action= links for the current page%0a---> $GroupHeaderFmt, $GroupFooterFmt%0a---> [[Page lists]] that refer to the current group or page, etc in sidebars, headers, and footers%0a%0a** The [@(:include:)@] directive now has a [@basepage=@] option whereby an author can explicitly specify the page upon which relative links and page variables should be based. If no basepage= option is specified, the included page is assumed to be the base.%0a%0a* Sites that want to retain the pre-2.2 behavior of [@(:include:)@] and other items can set [@$Transition['version'] = 2001900;@] to automatically retain the 2.1.x defaults.%0a%0a* Text inserted via [@(:include:)@] can contain "immediate substitutions" of the form [@{$$option}@] -- these are substituted with the value of any options provided to the include directive.%0a%0a* PmWiki now recognizes when it is being accessed via "https:" and switches its internal links appropriately. This can be overridden by explicitly setting $ScriptUrl and $PubDirUrl.%0a%0a* A new $EnableLinkPageRelative option allows PmWiki to generate relative urls for page links instead of absolute urls.%0a%0a* Draft handling capabilities have been greatly improved. When $EnableDrafts is set, then the "Save" button is relabeled to "Publish" and a "Save draft" button appears. In addition, an $EnablePublishAttr configuration variable adds a new "publish" authorization level to distinguish editing from publishing. See [[PmWiki:Drafts]] for more details.%0a%0a[[#ptvstart]]%0a* There is a new [@{$:var}@] "page text variable" available that is able to grab text excerpts out of markup content. For example, [@{SomePage$:Xyz}@] will be replaced by a definition of "Xyz" in SomePage. Page text variables can be defined using definition markup, a line beginning with the variable name and a colon, or a special directive form (that doesn't display anything on output):%0a%0a-->[@%0a:Xyz: some value # definition list form%0aXyz: some value # colon form%0a(:Xyz: some value:) # directive form%0a@]%0a[[#ptvend]]%0a%0a* The [@(:pagelist:)@] command can now filter pages based on the contents of page variables and/or page text variables. For example, the following directive displays only those pages that have an "Xyz" page text variable with "some value":%0a%0a-->[@(:pagelist $:Xyz="some value":)@]%0a%0a Wildcards also work here, thus the following pagelist command lists pages where the page's title starts with the letter "a":%0a%0a-->[@(:pagelist $Title=A* :)@]%0a%0a* The if= option to [@(:pagelist)@] can be used to filter pages based on conditional markup:%0a%0a-->[@(:pagelist if="auth upload {=$FullName}":)@] pages with upload permission%0a-->[@(:pagelist if="date today.. {=$Name}":)@] pages with names that are dates later than today%0a%0a* Spaces no longer separate wildcard patterns -- use commas. (Most people have been doing this already.)%0a%0a* Because page variables are now "relative", the [@{$PageCount}, {$GroupCount}, {$GroupPageCount}@] variables used in pagelist templates are now [@{$$PageCount}, {$$GroupCount}, {$$GroupPageCount}@].%0a%0a* One can now use [@{$$option}@] in a pagelist template to obtain the value of any 'option=' provided to the [@(:pagelist:)@] command.%0a%0a* The [@(:pagelist:)@] directive no longer accepts parameters from urls or forms by default. In order to have it accept such parameters (which was the default in 2.1 and earlier), add a [@request=1@] option to the [@(:pagelist:)@] directive.%0a%0a* The [@count=@] option to pagelists now accepts negative values to count from the end of the list. Thus [@count=5@] returns the the first five pages in the list, and [@count=-5@] returns the last five pages in the list. In addition, ranges of pages may be specified, as in [@count=10..19@] or [@count=-10..-5@].%0a%0a* Pagelist templates may have special [@(:template first ...:)@] and [@(:template last ...:)@] sections to specify output for the first or last page in the list or a group. There's also a [@(:template defaults ...:)@] to allow a template to specify default options.%0a%0a* PmWiki comes with an ability to cache the results of certain [@(:pagelist:)@] directives, to speed up processing on subsequent visits to the page. To enable this feature, set $PageListCacheDir to the name of a writable directory (e.g., ''work.d/'').%0a%0a* [[#elseifelse]]The [@(:if ...:)@] conditional markup now also understands [@(:elseif ...:)@] and [@(:else:)@]. In addition, markup can nest conditionals by placing digits after if/elseif/else, as in [@(:if1 ...)@], [@(:elseif1 ...:)@], [@(:else1:)@], etc.%0a%0a* The [@(:if date ...:)@] conditional markup can now perform date comparisons for dates other than the current date and time.%0a%0a* [[WikiTrails]] can now specify #anchor identifiers to use only sections of pages as a trail.%0a%0a* A new [@(:if ontrail ...:)@] condition allows testing if a page is listed on a trail.%0a%0a* The extensions .odt, .ods, and .odp (from OpenOffice.org) are now recognized as valid attachment types by default.%0a%0a* A new [[blocklist]] capability has been added to the core distribution. It allows blocking of posts based on IP address, phrase, or regular expression, and can also make use of publicly available standard blocklists. See [[PmWiki.Blocklist]] for details.%0a%0a* There is a new [[SiteAdmin.AuthList]] page that can display a summary of all password and permissions settings for pages on a site. This page is restricted to administrators by default.%0a%0a* There are new [@{$PasswdRead}@], [@{$PasswdEdit}@], etc. variables that display the current password settings for a page (assuming the browser has attr permissions or whatever permissions are set in $PasswdVarAuth).%0a%0a* Forms creation via the [@(:input:)@] markup has been internally refactored somewhat (and may still undergo some changes prior to 2.2.0 release). The new [@(:input select ...:)@] markup can be used to create select boxes, and [@(:input default ...:)@] can be used to set default control values, including for radio buttons and checkboxes.%0a%0a* The [@(:input textarea:)@] markup now can take values from other sources, including page text variables from other pages.%0a%0a* Specifying [@focus=1@] on an [@(:input:)@] control causes that control to receive the input focus when a page is loaded. If a page has multiple controls requesting the focus, then the first control with the lowest value of [@focus=@] "wins".%0a%0a* PmWiki now provides a ''scripts/creole.php'' module to enable Creole standard markup. To enable this, add [@include_once('scripts/creole.php')@] to a local customization file.%0a%0a* PmWiki adds a new [@{(...)}@] ''markup expression'' capability, which allows various simple string and data processing (e.g., formatting of dates and times). This is extensible so that recipe authors and system administrators can easily add custom expression operators.%0a%0a* It's now possible to configure PmWiki to automatically create Category pages whenever a page is saved with category links and the corresponding category doesn't already exist. Pages are created only if the author has appropriate write permissions into the group. To enable this behavior, add the following to ''local/config.php'':%0a%0a-->[@$AutoCreate['/^Category\\./'] = array('ctime' => $Now);@]%0a%0a* Sites with wikiwords enabled can now set $WikiWordCount['WikiWord'] to -1 to indicate that 'WikiWord' should not be spaced according to $SpaceWikiWords.%0a%0a* WikiWords that follow # or & are no longer treated as WikiWords.%0a%0a* Links to non-existent group home pages (e.g., [@[[Group.]]@] and [@[[Group/]]@]) will now go to the first valid entry of $PagePathFmt, instead of being hardcoded to "Group.Group". For example, to set PmWiki to default group home pages to [@$DefaultName@], use%0a%0a-->[@$PagePathFmt = array('{$Group}.$1', '$1.{$DefaultName}', '$1.$1');@]%0a%0a* PmWiki now provides a $CurrentTimeISO and $TimeISOFmt variables, for specifying dates in ISO format.%0a%0a* [[(Cookbook:)Cookbook]] authors can use the internal PmWiki function UpdatePage (temporarily documented at [[(Cookbook:)DebuggingForCookbookAuthors]]) to change page text while preserving history/diff information, updating page revision numbers, updating RecentChanges pages, sending email notifications, etc.%0a%0a* [[Skin templates]] are now required to have %3c!--HTMLHeader--> and %3c!--HTMLFooter--> directives. Setting $EnableSkinDiag causes PmWiki to return an error if this isn't the case for a loaded skin. Skins that explicitly do not want HTMLHeader or HTMLFooter sections can use %3c!--NoHTMLHeader--> and %3c!--NoHTMLFooter--> to suppress the warning.%0a%0a* Added a new "pre" wikistyle for preformatted text blocks.%0a%0a* The xlpage-utf-8.php script now understands how to space UTF-8 wikiwords. %0a%0a* Searches on utf-8 site are now case-insensitive for utf-8 characters.%0a%0a* Many Abort() calls now provide a link to pages on pmwiki.org that can explain the problem in more detail and provide troubleshooting assistance.%0a%0a* PmWiki no longer reports "?cannot acquire lockfile" if the visitor is simply browsing pages or performing other read-only actions.%0a%0a* The $EnableReadOnly configuration variable can be set to signal PmWiki that it is to run in "read-only" mode (e.g., for distribution on read-only media). Attempts to perform actions that write to the disk are either ignored or raise an error via Abort().%0a%0a* Including authuser.php no longer automatically calls ResolvePageName().%0a%0a* Authentication using Active Directory is now simplified. In Site.AuthUser or the $AuthUser variable, set "ldap://name.of.ad.server/" with no additional path information (see PmWiki.AuthUser for more details).%0a%0a* Pages are now saved with a "charset=" attribute to identify the character set in effect when the page was saved.%0a%0a* The phpdiff.php algorithm has been optimized to be smarter about finding smaller diffs.%0a%0a* Removed the (deprecated) "#wikileft h1" and "#wikileft h5" styles from the pmwiki default skin.%0a%0a* The mailposts.php and compat1x.php scripts have been removed from the distribution.%0a%0a!! Version 2.1.27 (2006-12-11)%0a%0aThis version backports from 2.2.0-beta a bugfix for $TableRowIndexMax and also support for the [@{*$Variable}@] markup.%0a%0a!! Version 2.1.26 (2006-09-11)%0a%0aThis version fixes a bug in feeds.php that would cause feed entries to be mixed up.%0a%0a!! Version 2.1.25 (2006-09-08)%0a%0aThis release fixes a bug in authuser.php introduced by the 2.1.24 release.%0a%0aThe skin template code has also been extended to allow [@%3c!--XMLHeader-->@] and [@%3c!--XMLFooter-->@] as aliases for [@%3c!--HTMLHeader-->@] and [@%3c!--HTMLFooter-->@].%0a%0a!! Version 2.1.24 (2006-09-06)%0a%0aThis release makes some improvements and fixes to the [[AuthUser]]%0acapability.%0a%0aA bug in authuser.php that had trouble dealing with non-array values in $AuthUser has been fixed.%0a%0aIt is now possible to specify group memberships from ''local/config.php'' (remember that such entries must come ''before'' including the ''authuser.php'' script):%0a%0a # alice and bob's passwords%0a $AuthUser['alice'] = crypt('alicepassword');%0a $AuthUser['bob'] = crypt('bobpassword');%0a%0a # members of the @writers and @admins groups%0a $AuthUser['@writers'] = array('alice', 'bob');%0a $AuthUser['@admins'] = array('alice', 'dave');%0a%0a # carol is a member of @editors and @writers%0a $AuthUser['carol'] = array('@editors', '@writers');%0a%0aAuthUser can now read from Apache-formatted .htgroup files. The location of the .htgroup file can be done either in ''local/config.php'' or [[Site.AuthUser]]%0a%0a # local/config.php:%0a $AuthUser['htgroup'] = '/path/to/.htgroup';%0a%0a # Site.AuthUser%0a htgroup: /path/to/.htgroup%0a%0a%0a!! Versions 2.1.21, 2.1.22, 2.1.23 (2006-09-05, 2006-09-06)%0a%0aThis release closes a potential security vulnerability for sites %0athat are running with 'register_globals' set to on. Details of%0athe vulnerability will be forthcoming on the mailing list%0aand site.%0a%0aSites that are running with PHP 'register_globals' and 'allow_url_fopen'%0aset to 'On' should upgrade to this release at the earliest%0aopportunity. If upgrading isn't an option, contact Pm for%0aa patch to older versions.%0a%0aThere is now a tool available to analyze PmWiki sites for security%0aand other configuration settings, see [[PmWiki:SiteAnalyzer]].%0a%0aVersion 2.1.23 also corrects a bug that prevented PmWiki from being%0aable to read pagefiles created by versions of PmWiki before 0.5.6.%0a%0a!! Version 2.1.20 (2006-09-04)%0a%0aMore minor bugfixes:%0a* Corrected a bug with WikiWord references appearing in the [@(:attachlist:)@] markup.%0a* Restore ability to remove/override PmWiki's default CSS settings.%0a%0a!! Version 2.1.19 (2006-08-30)%0a%0aThis release provides a number of very minor bugfixes and%0aenhancements:%0a%0a* Fixed a bug in the pageindex code that was causing it to not regenerate as quickly as it should.%0a* Fixed image/object/embed handling in wikistyles to better support the [[Cookbook:Flash]] recipe.%0a* Fixed a bug with wikistyles and input form tags.%0a%0aThe next release(s) may have a number of substantial code%0aenhancements and changes, so this release simply closes out%0aa few items before introducing those changes.%0a%0a%0a!! Version 2.1.18 (2006-08-28)%0a%0aThis release closes a potential cross-site scripting vulnerability%0athat could allow authors to inject Javascript code through the%0avarious table markups.%0a%0aThe release also adds a new [@(:input image:)@] markup to generate%0aimage input tags in forms.%0a%0aFinally, this release corrects a problem with [@?action=print@]%0afailing to properly set the [@{$Action}@] page variable.%0a%0a!! Version 2.1.17 (2006-08-26)%0a%0aThis release fixes a long-standing bug with $EnableIMSCaching%0a(PITS:00573), whereby login/logout operations wouldn't invalidate %0abrowser caches, causing some people to see versions of a page prior%0ato the login/logout taking place. %0a%0aThe new IMS caching code maintains a "imstime" cookie in the %0avisitor's browser that keeps track of the time of last login, %0alogout, author name change, or site modification. This cookie%0ais then used to determine the proper response to browser requests%0acontaining If-Modified-Since headers. (Previously only the%0atime of the last site modification was available.) %0a%0aBrowsers which do not accept cookies will effectively act as%0athough IMS caching is disabled.%0a%0a%0a!! Version 2.1.16 (2006-08-26) [[#v2116]]%0a%0aThis release makes some improvements to skin handling -- primarily%0athis improves the capability of relocating skin files to other%0alocations, and to provide the ability for recipes to insert items%0aat the ''end'' of HTML output.%0a%0aThis release introduces a [@%3c!--HTMLFooter-->@] directive into%0a[[skin templates]], which allows recipes and local%0acustomizations to insert output near the end of a document %0ausing a $HTMLFooterFmt array from PHP.%0a%0aAlso, the [@%3c!--HeaderText-->@] directive, which inserts the%0acontents of $HTMLHeaderFmt into the output, has now been%0arenamed to [@%3c!--HTMLHeader-->@]. PmWiki will continue to%0arecognize [@%3c!--HeaderText-->@] to preserve compatibility with%0aexisting skins, but [@%3c!--HTMLHeader-->@] is preferred.%0a%0aA new $SkinLibDirs array has been introduced which allows%0athe source locations and urls for skins to be specified from%0aa customization file. By default $SkinLibDirs is set as%0a%0a $SkinLibDirs = array("./pub/skins/\$Skin" => "$PubDirUrl/skins/\$Skin",%0a "$FarmD/pub/skins/\$Skin" => "$FarmPubDirUrl/skins/\$Skin");%0a%0aThe keys (on the left) indicate the places to look for a "skin .tmpl %0afile" in the filesystem, while the values (on the right) indicate the%0aurl location of the "skin css file". Modifying the value of %0a$SkinLibDirs allows a skin .tmpl file to be located anywhere on the %0afilesystem.%0a%0aAs far as I can see, none of the changes introduced by this%0arelease should have any sort of negative impact on existing%0asites, so it should be safe to upgrade. (If I'm wrong, please%0alet me know.)%0a%0a%0a!! Version 2.1.15 (2006-08-25)%0a%0aThis release includes a number of feature enhancements and code cleanups%0aas reported or requested by administrators.%0a%0aFirst, AuthUser's LDAP authentication system now allows the use of%0aa [@?filter@] parameter, consistent with urls used for mod_auth_ldap%0aauthorization in Apache. See the newly updated LDAP section of the%0a[[AuthUser]] documentation for more details.%0a%0aA chicken-and-egg problem with the [@@_site_*@] authorization groups%0ahas been resolved. It's now possible to have a page's read authorization%0arefer to things such as [@_site_edit@].%0a%0aAlso, the RetrieveAuthPage() function -- used for retrieving pages only%0aif the visitor is authorized to do so -- now recognizes a special%0alevel parameter of 'ALWAYS', which means to always authorize access%0aregardless of the browser or visitors current permissions. This%0amay be useful for allowing certain operations to take place from%0awithin trusted scripts without having to grant full authorization%0ato the browser.%0a%0aHardcoded instances of the ''local/'' directory now use a%0acustomizable $LocalDir variable. This variable controls where%0aPmWiki looks for ''local/config.php'' and per-group customization %0afiles. It may be useful for some [[Wiki Farm(s)]] contexts. Note that%0athis does not change or affect the location of %0a''$FarmD/local/farmconfig.php''.%0a%0aSome minor internal changes have been made to %0a''scripts/wikistyles.php'' to better accommodate the %0awikipublisher recipe. It's probably better if we don't try%0ato explain them. :-)%0a%0a%0a!! Version 2.1.13, 2.1.14 (2006-08-15, 2006-08-16)%0a%0aThis release fixes a bug in handling numeric passwords, and also%0aallows ldaps:// authentication sources.%0a%0a!! Version 2.1.12 (2006-08-07)%0a%0aThis version introduces the ability to nest divs and tables.%0aThe standard [@(:table:)@] and [@(:div:)@] markups are still%0aavailable, except that a [@(:div:)@] may contain a [@(:table:)@]%0aand vice-versa. %0a%0aAs in previous versions of PmWiki, the [@(:div:)@] markup%0aautomatically closes any previous [@(:div:)@]. However, there%0aare now [@(:div1:)@], [@(:div2:)@], etc. markups (and the%0acorresponding [@(:div1end:)@], [@(:div2end:)@], ...) which can be%0aused to uniquely distinguish divs for nesting purposes.%0a%0aTo restore PmWiki's previous "non-nested" div behavior, set%0a$Transition['nodivnest'] = 1; in a local customization file.%0a%0aOther changes in this release:%0a* Add a [@(:noaction:)@] directive to suppress display of page actions.%0a* Allow anchor tags to contain colons, hyphens, and dots.%0a* Add "white-space" as an allowed wikistyle.%0a* Other minor bug fixes and typographical corrections.%0a%0a%0a!! Version 2.1.11 (2006-06-09)%0a%0aThis is a minor update that prevents [@%25define=%25@] wikistyles%0afrom generating empty paragraphs in the HTML output. Prior to%0athis release, markup lines containing only wikistyle definitions%0awould often generate empty paragraphs (%3cp>%3c/p>), this release%0achanges things so that a markup line beginning with [@%25define=@]%0aand containing only wikistyle definitions will not initiate%0aa new paragraph.%0a%0a%0a!! Version 2.1.10 (2006-06-03)%0a%0aVersion 2.1.4 introduced an [@{$Action}@] page variable that would%0acontain the current [@?action=@] value. Unfortunately, this page%0avariable conflicted with a pre-existing [@$Action@] global variable%0athat was being used by skins to display a human-friendly form of%0athe current action. Since there's not really a clean way to resolve%0athis, I've decided to keep [@{$Action}@] as a page variable%0awith the current action value (as introduced in 2.1.4), and change %0athe global for skins to be $ActionTitle. This will require updating%0askins to use $ActionTitle instead of $Action. I apologize for the%0aconflict.%0a%0aThis release adds a Site.LocalTemplates page for the [@fmt=#xyz@]%0aoption in pagelist and search results. The list of pages to be%0asearched can be customized via the $FPLTemplatePageFmt variable.%0aThe [@fmt=#xyz@] option will now also search the current page for%0aa matching template before searching Site.LocalTemplates%0aand Site.PageListTemplates.%0a%0aThe 'pmwiki' skin now places a %3cspan> around the "Recent Changes"%0alink in the header to make it somewhat easier to style.%0a%0a!! Version 2.1.9 (2006-06-02)%0a%0aThis release fixes a long-standing and difficult-to-find bug with%0athe handling of [@[[~Author]]@] links.%0a%0a!! Version 2.1.8 (2006-06-01)%0a%0aThis release simply changes the $NotifyListFmt variable to be%0a$NotifyListPageFmt (more descriptive), and adds a $NotifyList%0aarray that can be used to specify notification entries from%0aa configuration file.%0a%0a!! Version 2.1.7 (2006-05-31)%0a%0aThis release introduces a variety of improvements and bugfixes.%0a%0a'''Vspace paragraphs are now divs:'''%0aVersion 2.1.7 changes the way that PmWiki handles vertical%0aspace in output (the infamous [@%3cp class='vspace>%3c/p>@] sequence).%0aInstead of using paragraphs, PmWiki now generates %0a[@%3cdiv class='vspace'>%3c/div>@] for vertical space sequences.%0aIn addition, PmWiki is able to collapse the vspace %3cdiv> with%0aany subsequent paragraph tags, such that a sequence like%0a%0a %3cdiv class='vspace>%3c/div>%3cp>...paragraph text...%3c/p>%0a%0ais automatically converted to%0a%0a %3cp class='vspace'>...paragraph text...%3c/p>%0a%0aThis allows for better control over paragraph spacing. It is%0aexpected that this change in vspace handling will not have%0aany detrimental effects on existing sites. Sites that have%0aset custom values for $HTMLVSpace will continue to use the%0acustom value. A site that wants to restore PmWiki's earlier%0ahandling of vspace can do so by adding the following to%0a''local/config.php'':%0a%0a $HTMLVSpace = "%3cp class='vspace'>%3c/p>";%0a%0a'''Improved email notifications of changes:''' Version 2.1.7%0aincorporates a ''notify.php'' script that provides improved%0acapabilities for sending email notifications in response to%0apage changes. This script is intended to replace the previous%0a[[(PmWiki:)MailPosts]] capability, which is now deprecated (but will%0acontinue to be supported in PmWiki 2.1.x). Details and %0ainstructions for using notify.php are in the [[PmWiki.Notify]] page.%0a%0a'''Added 'group home page' syntax:''' A group name followed%0aby only a dot or slash is automatically treated as a reference%0ato the group's home page, whatever it happens to be. This simplifies%0asome pagelist templates as well as a number of other items. %0aIn particular, group links in pagelist output now points to the%0acorrect locations (instead of being a page in the current group).%0a%0aSeveral bugs and vulnerabilities have been fixed:%0a* The default width of edit forms is now more appropriate for Internet Explorer.%0a* Authentication failure messages from LDAP are now suppressed.%0a* Some cross-site scripting vulnerabilities in uploads and page links have been corrected (courtesy Moritz Naumann, http://moritz-naumann.com).%0a* A problem with invalid pagenames resulting in redirect loops has been corrected.%0a%0a!! Version 2.1.6 (2006-05-22)%0a%0aThe primary improvement in this release is the addition of %0aa pagename argument to the [@(:if auth:)@] conditional markup.%0aThus one can display markup based on a visitor's authorization%0ato a page other than the current one. For example, to test%0afor edit privileges to `Main.WikiSandbox, one would use%0a[@(:if auth edit Main.WikiSandbox:)@]. As before, if the%0apagename is omitted the directive tests authorization to%0athe current page.%0a%0aThis release also restores the ability to have hyphens in%0aInterMap link names.%0a%0aLastly, the release closes a potential cross-site scripting%0avulnerability in the WikiTrail markup, and provides some small%0aperformance improvements.%0a%0a!! Version 2.1.4, 2.1.5 (2006-03-29)%0a%0aThis release fixes a few more bugs:%0a* Pagelist-based feeds using ?action=rss work again.%0a* Multi-term searches with special characters is fixed.%0a%0aThe release also adds a couple of items:%0a* There is now an [@{$Action}@] page variable.%0a* Usernames and passwords submitted to authuser.php can contain quotes.%0a* The [@(:attachlist:)@] command now uses a natural case sort.%0a%0a!! Version 2.1.3 (2006-03-17)%0a%0aThis release fixes a bug that prevents the [@lines=@] option from%0aworking on sites running PHP 5.1.1 or later. It also re-fixes%0aa bug involving empty passwords and LDAP authentication.%0a%0a!! Version 2.1.2 (2006-03-16)%0a%0aThis release fixes a bug with handling "nopass" passwords. It also%0amakes some speed improvements to large web feeds, and fixes a couple%0aof minor HTML tag mismatches.%0a%0a!! Version 2.1.1 (2006-03-13)%0a%0aThis release primarily fixes a bug with passwords containing%0amultiple authorization groups, and in the process slightly liberalized%0athe formatting of "@group" and "id:name" handling. This release also %0aadds a new mechanism for managing and displaying FAQ pages.%0a%0a!! Version 2.1.0 (2006-03-12)%0a%0aThis set of release notes is fairly lengthy, as it chronicles all of the changes since 2.0.13 (four months of development). A lot remains the same, but some changes warrant extra care when upgrading from a 2.0.x version to 2.1.0 (thus the major revision number change). As always, questions and issues can be mailed to the pmwiki-users mailing list.%0a%0aHere's the list:%0a%0a* WikiWords are now disabled by default. To enable them, set "$LinkWikiWords = 1;" in a [[local customization(s)]] file. As of 2.1.beta2, you can now leave WikiWords enabled but have links to non-existent pages display without decoration -- to do this, place the following lines in ''pub/css/local.css'':%0a%0a span.wikiword a.createlink { display:none; }%0a span.wikiword a.createlinktext %0a { border-bottom:none; text-decoration:none; color:inherit; }%0a%0a* The [@(:pagelist:)@] code has been substantially revised. Pagelist formatting can now be specified using markup, and several defaults are available from [[Site.PageListTemplates]]. Also, several built-in pagelist formatting functions (FPLSimple, FPLByGroup, FPLGroup) are now removed in favor of the template code. The FPLByGroup function can be restored by setting $Transition['fplbygroup']=1; . '''Remark:''' Check to see if your page [[Site.PageListTemplates]] is not passwordprotected for viewing, otherwise the resulting pagelist will not be shown. %0a%0a* [@(:pagelist:)@] now also understands wildcards in @@group=@@ and @@name=@@ arguments, as well as excluding specific names and groups.%0a%0a* [@(:pagelist:)@] now has an "order=random" option.%0a%0a* [@(:searchbox:)@] now accepts "group=", "link=", "list=", etc. options to be passed along to the search results. It also accepts a "target=" option that identifies the page on which to send the search query.%0a%0a* [@?action=search@] will display the contents of the current page if it contains a [@(:@][@searchresults:)@] directive, otherwise it uses the content of the page identified by $PageSearchForm (default is the search page for the current language translation). %0a%0a* PmWiki no longer maintains a ".linkindex" file -- it now has a ".pageindex" file that contains not only a table of links, but also words used in each page (to speed up term searches). The maintenance of the .pageindex file can be disabled by setting $PageIndexFile=''; %0a %0a* The $EnablePageListProtect variable now defaults to true, so that read-only pages appear in pagelists only if the visitor has read authorization. Note that this can also slow down some [@(:pagelist:)@] and search commands, so if the site doesn't have any read-only pages or if you aren't worried with cloaking read-only pages from searchlists, it might be worth setting $EnablePageListProtect=0; .%0a%0a* Whitespace indentation rules now exist and are enabled by default. Any line that begins with whitespace and aligns with a previous list item is considered to be "within" that list item. Text folds and wraps as normal, and the [@(:linebreaks:)@] directive is honored. To turn off whitespace indentation, use [@DisableMarkup('^ws');@].%0a%0a* A single blank line after a [@!!Heading@] is silently ignored.%0a%0a* The [@(:redirect:)@] directive is now a true markup, and can be embedded inside conditional markups or includes. It also allows redirecting to an anchor in a page, such as [@(:redirect PageName#anchor:)@]. A new [@from=@] option allows the redirect to take place only from pages that match the given wildcard specification. The [@status=@] option allows a 301, 302, 303, or 307 HTTP status code to be returned.%0a%0a* The built-in authorization function has gone through some substantial internal changes, however these changes should be fully backward compatible so that it doesn't impact any existing sites. (If it ''does'' cause a problem, please let me know so I can investigate why!) The password prompts are now specified by an admin-customizable Site.AuthForm page. In addition, the authorization function no longer creates PHP sessions for visitors that aren't being authenticated.%0a%0a* The authuser.php has likewise been substantially updated. The new version should have complete backwards compatibility with previous authuser.php settings, but this version also offers the ability to configure authentication resources and authorization groups through the [[Site.AuthUser]] page. Note that by default the Site.AuthUser page can only be edited using the admin password.%0a%0a* The $EnableSessionPasswords variable can be used to control whether passwords are held in PHP sessions. (This does not affect user authentication via [[AuthUser]], however.)%0a%0a* The $Author variable now defaults to $AuthId if not otherwise set by a script or cookie.%0a%0a* The [[Site.SideBar]] page now defaults its edit password to the sitewide edit password (in $DefaultPasswords['edit']).%0a%0a* PmWiki now supports a "draft edit" mode, enabled by $EnableDrafts = 1. This creates a "Save as draft" button that will save a page under a "-Draft" suffix, for intermediate edits.%0a%0a* There is now an ?action=login action available.%0a%0a* A potential security vulnerability for sites running PHP 5 with register_globals enabled has been fixed.%0a%0a* The [@[[PageName |+]]@] markup is now available by default; this creates a link to `PageName and uses that page's title as the link text.%0a%0a* What used to be "markup variables" are now "[[page variables]]". These are always specified using the @@{$''variable''}@@ syntax, and can be used in markup and in $...Fmt strings. In addition, one can request a value for a specific page by placing the pagename in front of the variable, as in @@{''pagename''$''variable''}@@.%0a%0a* The ''scripts/rss.php'' script is now ''scripts/feeds.php'', and is a complete redesign for [[web feed(s)]] generation. The new version supports UTF-8 and other encodings, can generate Atom 1.0 ([@?action=atom@]), Dublin Core Metadata ([@?action=dc@]) output, and enclosures for podcasting. It also allows feeds to be generated from trails, groups, categories, and backlinks, and provides options (same as pagelists) for sorting and filtering the contents of the feed. Most sites can simply switch to using [@include_once("scripts/feeds.php");@] instead of the previous ''rss.php'' include. The ''rss.php'' file has been removed from the distribution (but still works with PmWiki 2.1 for those sites that wish to continue using it).%0a%0a* [[PmWiki/InterMap]] entries can now come from a `Site.InterMap page as well as the ''local/localmap.txt'' and ''local/farmmap.txt'' files. The format of these files has changed slightly, in that the InterMap name should now have a colon after it (previously the colon was omitted).%0a%0a* We can now provide better control of robot (webcrawler) interactions with a site to reduce server load and bandwidth. The $RobotPattern variable is used to detect robots based on the user-agent string, and any actions not listed in the $RobotActions array will return a 403 Forbidden response to robots. In addition, setting $EnableRobotCloakActions will eliminate any forbidden ?action= values from page links returned to robots, which will reduce bandwidth loads from robots even further (PITS:00563).%0a%0a* Non-existent page handling has been improved; whenever a browser hits a non-existent page, PmWiki returns the contents of Site.PageNotFound and a 404 ("Not Found") status code.%0a%0a* Page links that have "?action=" in their query arguments are now treated as "existing page" links even if the page does not exist.%0a%0a* The PmWiki default skin now adds rel='nofollow' to various action links.%0a%0a* Some of the CSS styles in the PmWiki default skin have been changed for better presentation.%0a%0a* The gui edit buttons have transparent (instead of white) borders so they integrate better into skins.%0a%0a* The $EnableIMSCaching variable is now much smarter, it can detect changes in local customization files as well as pages.%0a%0a* [[PmWiki/WikiStyles]] can now make percentage specifications by using "pct" to mean "%25".%0a%0a* Class attributes in [[WikiStyle(s)]] shortcuts are now cumulative, so that [@%25class1 class2%25@] results in [@class='class1 class2'@] instead of just [@class='class2'@] in the output.%0a%0a* A problem with the [@(:include PageName#from#:)@] markup not working has been fixed (PITS:00560).%0a%0a* Viewing a GroupHeader or GroupFooter page no longer displays the contents twice.%0a%0a* It's now easier to share pages among multiple sites (e.g., [[WikiFarms]]), see Cookbook:SharedPages (PITS:00459).%0a%0a* A problem with nested apostrophe markups has been fixed (PITS:00590).%0a%0a* PmWiki is now smarter about not surrounding block HTML tags with %3cp>...%3c/p> tags.%0a%0a* If an [@[[#anchor]]@] is used more than once in a page, only the first generates an actual anchor (to preserve XHTML validity).%0a%0a* There are now [@(:if equal ...:)@] and [@(:if exists pagename:)@] [[conditional markup]]s.%0a%0a* Compound conditional markup expressions are now possible -- e.g. [@(:if [ group PmWiki && ! name PmWiki ] :)@] .%0a%0a* Added an $InputValues array that can supply default values for certain form controls (PITS:00566).%0a%0a* The default setting of $UploadUrlFmt is now based on $PubDirUrl instead of $ScriptUrl.%0a%0a* The $text global variable has been removed (use $_GET['text'], $_POST['text'], or $_REQUEST['text']).%0a%0a* A possible problem with url-encoding of attachments with non-ASCII characters has been addressed (PITS:00588).%0a%0a* Page actions in non-existent pages no longer display with non-existent link decorations.%0a%0a* A README.txt file has been added, and several documentation files are now available through the docs/ directory.%0a %0a* PmWiki is no longer available through CVS on sourceforge.net. It is now available via SVN on pmwiki.org, at svn://pmwiki.org/pmwiki/tags/latest . For more details, see PmWiki:Subversion.%0a%0a* The $NewlineXXX variable (deprecated in 2.0.0) has been removed.%0a%0a* There is experimental support for server-side caching of pages that take a long time to render; this is currently an unsupported feature and may be removed in future releases.%0a%0a%25red%25Wiki administrators should note that from this release on PmWiki defaults to having WikiWords disabled.%0a%0aTo make sure WikiWords are enabled, use [@$LinkWikiWords = 1;@] in%0athe ''local/config.php'' file.%0a%0a----%0aBugs and other requests can be reported to the PmWiki Issue Tracking %0aSystem at http://www.pmwiki.org/wiki/PITS/PITS. Any help%0ain testing, development, and/or documentation is greatly appreciated..%0a%0a[[(PmWiki:)Release Notes archive]] - notes for versions older than 2.1.0.%0a%0a%0a%0a%0a%0a%0a%0a%0a%0a +time=1413217329 title=Release Notes diff --git a/wikilib.d/PmWiki.Security b/wikilib.d/PmWiki.Security index 0480a7a2..041b527d 100644 --- a/wikilib.d/PmWiki.Security +++ b/wikilib.d/PmWiki.Security @@ -1,9 +1,9 @@ -version=pmwiki-2.2.61 ordered=1 urlencoded=1 -author=XES +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=simon charset=UTF-8 -csum=Add handleauth source mention +csum=add recipe check name=PmWiki.Security -rev=101 -targets=PmWiki.Passwords,PmWiki.PasswordsAdmin,PmWiki.AuthUser,PmWiki.UrlApprovals,PmWiki.AnalyzeResults,PmWiki.SiteAnalyzer,PmWiki.Blocklist,PmWiki.Notify,PmWiki.SecurityVariables,Cookbook.Security,Cookbook.HtpasswdForm,Cookbook.SecureAttachments,Cookbook.WebServerSecurity,Cookbook.FarmSecurity,Cookbook.DeObMail,Cookbook.SpamFilters,Cookbook.AuditImages,Cookbook.PrivateGroups,Cookbook.OnlyOneLogin,Cookbook.SessionGuard,Cookbook.TrackChanges,PmWiki.ContactUs,PITS.PITS,Category.Spam,PmWiki.DeletingPages,PmWiki.AvailableActions,Cookbook.DeleteAction,Cookbook.Captchas,Cookbook.Captcha,Site.AuthForm,Cookbook.LimitWikiGroups,Cookbook.LimitNewPagesInWikiGroups,Cookbook.AuthDNS,Cookbook.PersistentLogin,PmWiki.Drafts,PmWiki.Uploads,PmWiki.UploadsAdmin -text=(:Summary: Resources for securing your PmWiki installation:)%0aAspects of PmWiki security are found on the following pages:%0a%0aPages distributed in a PmWiki release:%0a* [[PmWiki/Passwords]] {PmWiki/Passwords$:Summary}%0a* [[PmWiki/Passwords Admin]] {PmWiki/PasswordsAdmin$:Summary}%0a* [[PmWiki/AuthUser]] {PmWiki/AuthUser$:Summary}%0a* [[PmWiki/Url Approvals]] {PmWiki/UrlApprovals$:Summary}%0a* [[(PmWiki:)Site Analyzer]] {PmWiki/SiteAnalyzer$:Summary}%0a* [[PmWiki/Blocklist]] {PmWiki/Blocklist$:Summary}%0a* [[PmWiki/Notify]] {PmWiki/Notify$:Summary}%0a* [[PmWiki/Security variables]] {PmWiki/SecurityVariables$:Summary}%0a%0a[[Cookbook(:/)]] Pages%0a%0a* [[Cookbook:Security | Security recipes]] from the Cookbook%0a* [[Cookbook:HtpasswdForm]] Form based management of users and passwords using .htpasswd/.htgroup files%0a* [[Cookbook:Secure attachments]] Protecting uploaded attachments%0a* [[Cookbook:Web server security]] Making the server more secure with .htaccess%0a* [[Cookbook:Farm security]] Making Farm installations secure%0a* [[Cookbook:DeObMail]] Hide e-mail address%0a* [[Cookbook:Spam filters]] Automatic blocking of some spambots%0a* [[Cookbook:Audit images]] Check to see what images have been uploaded to your wiki.%0a* [[Cookbook:Private groups]] Create and secure private groups on a public wiki%0a* [[Cookbook:Only one login]] Only allow 1 login at the same time for a username%0a* [[Cookbook:Session guard]] Protects against Session Theft%0a* [[Cookbook:TrackChanges]] Ways to more easily detect and verify all recent edits%0a%0a>>faq%3c%3c [[#faq]]%0a%0aQ: How do I report a possible security vulnerability of PmWiki?%0a%0aA: [[http://www.pmichaud.com|Pm]] wrote about this in [[http://pmichaud.com/pipermail/pmwiki-users/2006-September/031793.html | a post to pmwiki-users from September 2006]]. In a nutshell he differentiates two cases:%0a## The possible vulnerability isn't already known publicly: In this case please [[contact us]] by private mail.%0a## The possible vulnerability is already known publicly: In this case feel free to discuss the vulnerability in public (e.g. on [[http://www.pmichaud.com/mailman/listinfo/pmwiki-users | pmwiki-users]] or in the [[(PITS:)PITS]]).%0aSee [[http://pmichaud.com/pipermail/pmwiki-users/2006-September/031793.html | his post mentioned above]] for details and rationals.%0a%0aQ: What about the botnet security advisory at %25newwin%25[[http://isc.sans.org/diary.php?storyid=1672]]?%0a%0aA: Sites that are running with PHP's ''register_globals'' setting set to "On" and versions of PmWiki prior to 2.1.21 may be vulnerable to a botnet exploit that is taking advantage of a bug in PHP. The vulnerability can be closed by turning ''register_globals'' off, upgrading to PmWiki 2.1.21 or later, or upgrading to PHP versions 4.4.3 or 5.1.4. [[%3c%3c]]In addition, there is a test at [[PmWiki:SiteAnalyzer]] that can be used to determine if your site is vulnerable.%0a%0a[[#wikivandalism]]%0a!! Wiki Vandalism and [[!Spam]]%0a:Assumptions: you are using a [[PmWiki/Blocklist]] and [[PmWiki/Url approvals]].%0a: :You don't want to resort to [[PmWiki/password(s)]] protecting the entire wiki, that's not the point after all.%0a: :Ideally these protections will be invoked in @@config.php@@%0a%0a%0aQ: How do I stop pages being [[PmWiki/DeletingPages|deleted]], eg password protect a page from deletion?%0aA: Use Cookbook:DeleteAction and password protect the page deletion [[(available) action(s)]] by adding [@$DefaultPasswords['delete'] = '*';@] to @@config.php@@ or password protect the action with @@$HandleAuth['delete'] = 'edit';@@%0a->or @@$HandleAuth['delete'] = 'admin';@@ to require the edit or admin password respectively.%0a%0aQ: How do I stop pages being replaced with an empty (all spaces) page?%0aA: Add [@block: /^\s*$/@] to your [[PmWiki/blocklist]].%0a%0aQ: how do I stop pages being completely replaced by an inane comment such as ''excellent site'', ''great information'', where the content cannot be blocked?%0aA: Try using the newer [[PmWiki/Blocklist#automaticblocklists | automatic blocklists]] that pull information and IP addresses about known wiki defacers.%0a%0aA: (OR) Try using [[Cookbook:Captchas]] or [[Cookbook:Captcha]] (note these are different).%0a%0aA: (OR) Set an edit password, but make it publicly available on the [[{$SiteGroup}.AuthForm]] template.%0a%0aQ: How do I password protect the creation of new groups?%0aA: See [[Cookbook:Limit Wiki Groups]] {Cookbook.LimitWikiGroups$:Summary}%0a%0aQ: How do I password protect the creation of new pages?%0aA: See [[Cookbook:Limit new pages in Wiki Groups]] {Cookbook.LimitNewPagesInWikiGroups$:Summary}%0a%0aQ: How do I take a whitelist approach where users from known or trusted IP addresses can edit, and others require a password?%0aA: Put these lines to local/config.php:%0a[@%0a## Allow passwordless editing from own turf, pass for others.%0aif ($action=='edit'%0a && !preg_match("/^90\\.68\\./", $_SERVER['REMOTE_ADDR']) ) %0a { $DefaultPasswords['edit'] = crypt('foobar'); }%0a@]%0aReplace 90.68. with the preferred network prefix and foobar with the default password for others.%0a%0aFor a single IP, you may use %0a[@%0aif($_SERVER['REMOTE_ADDR'] == '127.0.0.1') { # your IP address here%0a $_POST['authpw'] = 'xxx'; # the admin password%0a}%0a@]%0a%0aPlease note the security issues : this means that you have your admin passwords in clear in config.php and someone with access to the filesystem can read them (for example a technician of your hosting provider) ; your IP address may change from time to time (unless you have a fixed IP contract with your ISP). When that happens, someone with your old IP address will be logged in automatically as admin on your wiki. It is extremely unlikely to become a problem, but you should know it is possible ; if you are behind a router, all other devices which pass through that router will have the same IP address for PmWiki - your wifi phone, your wife's netbook, a neighbour using your wifi connection, etc. All these people become admins of your wiki. Again, you should evaluate if this is a security risk ; In some cases, your ISP will route your traffic through the same proxy as other people. In such a case, thousands of people may have the same IP address.%0a%0aA: See also Cookbook:AuthDNS & Cookbook:PersistentLogin%0a%0aQ: How do I password protect [[PmWiki/AvailableActions|page actions]]?%0aA: See [[PmWiki/Passwords]] for setting in config.php %0a-> @@$HandleAuth['[==]''pageactionname''[==]'] = 'pageactionname'; # along with :@@%0a-> @@$DefaultPasswords['[==]''pageactionname''[==]'] = crypt('secret phrase');@@%0aA: or %0a-> @@$HandleAuth['[==]''pageactionname''[==]'] = 'anotherpageactionname';@@%0a%0aQ: How do I moderate all postings?%0aA: Enable [[PmWiki.Drafts]]%0a* Set $EnableDrafts, this relabels the "Save" button to "Publish" and a "Save draft" button appears. %0a* Set $EnablePublishAttr, this adds a new "publish" authorization level to distinguish editing from publishing.%0a%0aQ: How do I make a read only wiki?%0aA: In config.php [[PmWiki/PasswordsAdmin | set]] an "edit" password.%0a%0aQ: How do I restrict access to [[PmWiki/Uploads|uploaded attachments]]?%0aA: See%0a* [[PmWiki/UploadsAdmin#direct_download|instructions]] for denying public access to the uploads directory%0a* see [[Cookbook:Secure attachments]] {Cookbook.SecureAttachments$:Summary}%0a%0aQ: How do I hide the IP addresses in the "diff" pages?%0aA: If the user fills an author name, the IP address is not displayed. To require an author name, set in config.php such a line:%0a%0a $EnablePostAuthorRequired = 1;%0a%0aA: The IP address can also be seen in a tooltip title when the mouse cursor is over the author name. To disable the tooltip, set in config.php:%0a[@%0a$DiffStartFmt = %0a "%3cdiv class='diffbox'>%3cdiv class='difftime'>%3ca name='diff\$DiffGMT' href='#diff\$DiffGMT'>\$DiffTime%3c/a>%0a \$[by] %3cspan class='diffauthor'>\$DiffAuthor%3c/span> - \$DiffChangeSum%3c/div>";%0a@]%0a%0aQ: How do I stop some Apache installations executing a file which has ".php", ".pl" or ".cgi" anywhere in the filename%0aA: Use $UploadBlacklist%0a%0aQ: How do I stop random people from viewing the ?action=source (wiki markup) of my pages? I have [@(:if auth edit:)@] text that I don't want the world to see.%0aA: [@$HandleAuth['source'] = 'edit';@] or [@$HandleAuth['source'] = 'admin';@] -time=1391777958 +rev=102 +targets=Category.Security,PmWiki.Passwords,PmWiki.PasswordsAdmin,PmWiki.AuthUser,PmWiki.UrlApprovals,PmWiki.AnalyzeResults,PmWiki.SiteAnalyzer,PmWiki.Blocklist,PmWiki.Notify,PmWiki.SecurityVariables,Cookbook.Security,Cookbook.HtpasswdForm,Cookbook.SecureAttachments,Cookbook.WebServerSecurity,Cookbook.FarmSecurity,Cookbook.DeObMail,Cookbook.SpamFilters,Cookbook.AuditImages,Cookbook.PrivateGroups,Cookbook.OnlyOneLogin,Cookbook.RecipeCheck,Cookbook.SessionGuard,Cookbook.TrackChanges,PmWiki.ContactUs,PITS.PITS,Category.Spam,PmWiki.DeletingPages,PmWiki.AvailableActions,Cookbook.DeleteAction,Cookbook.Captchas,Cookbook.Captcha,Site.AuthForm,Cookbook.LimitWikiGroups,Cookbook.LimitNewPagesInWikiGroups,Cookbook.AuthDNS,Cookbook.PersistentLogin,PmWiki.Drafts,PmWiki.Uploads,PmWiki.UploadsAdmin +text=(:Summary: Resources for securing your PmWiki installation:)%0aAspects of PmWiki [[!security]] are found on the following pages:%0a%0aPages distributed in a PmWiki release:%0a* [[PmWiki/Passwords]] {PmWiki/Passwords$:Summary}%0a* [[PmWiki/Passwords Admin]] {PmWiki/PasswordsAdmin$:Summary}%0a* [[PmWiki/AuthUser]] {PmWiki/AuthUser$:Summary}%0a* [[PmWiki/Url Approvals]] {PmWiki/UrlApprovals$:Summary}%0a* [[(PmWiki:)Site Analyzer]] {PmWiki/SiteAnalyzer$:Summary}%0a* [[PmWiki/Blocklist]] {PmWiki/Blocklist$:Summary}%0a* [[PmWiki/Notify]] {PmWiki/Notify$:Summary}%0a* [[PmWiki/Security variables]] {PmWiki/SecurityVariables$:Summary}%0a%0a[[Cookbook(:/)]] pages%0a%0a* [[Cookbook:Security | Security recipes]] from the Cookbook%0a* [[Cookbook:HtpasswdForm]] Form based management of users and passwords using .htpasswd/.htgroup files%0a* [[Cookbook:Secure attachments]] Protecting uploaded attachments%0a* [[Cookbook:Web server security]] Making the server more secure with .htaccess%0a* [[Cookbook:Farm security]] Making Farm installations secure%0a* [[Cookbook:DeObMail]] Hide e-mail address%0a* [[Cookbook:Spam filters]] Automatic blocking of some spambots%0a* [[Cookbook:Audit images]] Check to see what images have been uploaded to your wiki.%0a* [[Cookbook:Private groups]] Create and secure private groups on a public wiki%0a* [[Cookbook:Only one login]] Only allow 1 login at the same time for a username%0a* [[Cookbook:Recipe check]] Check for new versions of recipes on pmwiki.org%0a* [[Cookbook:Session guard]] Protects against Session Theft%0a* [[Cookbook:TrackChanges]] Ways to more easily detect and verify all recent edits%0a%0a>>faq%3c%3c [[#faq]]%0a%0aQ: How do I report a possible security vulnerability of PmWiki?%0a%0aA: [[http://www.pmichaud.com|Pm]] wrote about this in [[http://pmichaud.com/pipermail/pmwiki-users/2006-September/031793.html | a post to pmwiki-users from September 2006]]. In a nutshell he differentiates two cases:%0a## The possible vulnerability isn't already known publicly: In this case please [[contact us]] by private mail.%0a## The possible vulnerability is already known publicly: In this case feel free to discuss the vulnerability in public (e.g. on [[http://www.pmichaud.com/mailman/listinfo/pmwiki-users | pmwiki-users]] or in the [[(PITS:)PITS]]).%0aSee [[http://pmichaud.com/pipermail/pmwiki-users/2006-September/031793.html | his post mentioned above]] for details and rationals.%0a%0aQ: What about the botnet security advisory at %25newwin%25[[http://isc.sans.org/diary.php?storyid=1672]]?%0a%0aA: Sites that are running with PHP's ''register_globals'' setting set to "On" and versions of PmWiki prior to 2.1.21 may be vulnerable to a botnet exploit that is taking advantage of a bug in PHP. The vulnerability can be closed by turning ''register_globals'' off, upgrading to PmWiki 2.1.21 or later, or upgrading to PHP versions 4.4.3 or 5.1.4. [[%3c%3c]]In addition, there is a test at [[PmWiki:SiteAnalyzer]] that can be used to determine if your site is vulnerable.%0a%0a[[#wikivandalism]]%0a!! Wiki Vandalism and [[!Spam]]%0a:Assumptions: you are using a [[PmWiki/Blocklist]] and [[PmWiki/Url approvals]].%0a: :You don't want to resort to [[PmWiki/password(s)]] protecting the entire wiki, that's not the point after all.%0a: :Ideally these protections will be invoked in @@config.php@@%0a%0a%0aQ: How do I stop pages being [[PmWiki/DeletingPages|deleted]], eg password protect a page from deletion?%0aA: Use Cookbook:DeleteAction and password protect the page deletion [[(available) action(s)]] by adding [@$DefaultPasswords['delete'] = '*';@] to @@config.php@@ or password protect the action with @@$HandleAuth['delete'] = 'edit';@@%0a->or @@$HandleAuth['delete'] = 'admin';@@ to require the edit or admin password respectively.%0a%0aQ: How do I stop pages being replaced with an empty (all spaces) page?%0aA: Add [@block: /^\s*$/@] to your [[PmWiki/blocklist]].%0a%0aQ: how do I stop pages being completely replaced by an inane comment such as ''excellent site'', ''great information'', where the content cannot be blocked?%0aA: Try using the newer [[PmWiki/Blocklist#automaticblocklists | automatic blocklists]] that pull information and IP addresses about known wiki defacers.%0a%0aA: (OR) Try using [[Cookbook:Captchas]] or [[Cookbook:Captcha]] (note these are different).%0a%0aA: (OR) Set an edit password, but make it publicly available on the [[{$SiteGroup}.AuthForm]] template.%0a%0aQ: How do I password protect the creation of new groups?%0aA: See [[Cookbook:Limit Wiki Groups]] {Cookbook.LimitWikiGroups$:Summary}%0a%0aQ: How do I password protect the creation of new pages?%0aA: See [[Cookbook:Limit new pages in Wiki Groups]] {Cookbook.LimitNewPagesInWikiGroups$:Summary}%0a%0aQ: How do I take a whitelist approach where users from known or trusted IP addresses can edit, and others require a password?%0aA: Put these lines to local/config.php:%0a[@%0a## Allow passwordless editing from own turf, pass for others.%0aif ($action=='edit'%0a && !preg_match("/^90\\.68\\./", $_SERVER['REMOTE_ADDR']) ) %0a { $DefaultPasswords['edit'] = crypt('foobar'); }%0a@]%0aReplace 90.68. with the preferred network prefix and foobar with the default password for others.%0a%0aFor a single IP, you may use %0a[@%0aif($_SERVER['REMOTE_ADDR'] == '127.0.0.1') { # your IP address here%0a $_POST['authpw'] = 'xxx'; # the admin password%0a}%0a@]%0a%0aPlease note the security issues : this means that you have your admin passwords in clear in config.php and someone with access to the filesystem can read them (for example a technician of your hosting provider) ; your IP address may change from time to time (unless you have a fixed IP contract with your ISP). When that happens, someone with your old IP address will be logged in automatically as admin on your wiki. It is extremely unlikely to become a problem, but you should know it is possible ; if you are behind a router, all other devices which pass through that router will have the same IP address for PmWiki - your wifi phone, your wife's netbook, a neighbour using your wifi connection, etc. All these people become admins of your wiki. Again, you should evaluate if this is a security risk ; In some cases, your ISP will route your traffic through the same proxy as other people. In such a case, thousands of people may have the same IP address.%0a%0aA: See also Cookbook:AuthDNS & Cookbook:PersistentLogin%0a%0aQ: How do I password protect [[PmWiki/AvailableActions|page actions]]?%0aA: See [[PmWiki/Passwords]] for setting in config.php %0a-> @@$HandleAuth['[==]''pageactionname''[==]'] = 'pageactionname'; # along with :@@%0a-> @@$DefaultPasswords['[==]''pageactionname''[==]'] = crypt('secret phrase');@@%0aA: or %0a-> @@$HandleAuth['[==]''pageactionname''[==]'] = 'anotherpageactionname';@@%0a%0aQ: How do I moderate all postings?%0aA: Enable [[PmWiki.Drafts]]%0a* Set $EnableDrafts, this relabels the "Save" button to "Publish" and a "Save draft" button appears. %0a* Set $EnablePublishAttr, this adds a new "publish" authorization level to distinguish editing from publishing.%0a%0aQ: How do I make a read only wiki?%0aA: In config.php [[PmWiki/PasswordsAdmin | set]] an "edit" password.%0a%0aQ: How do I restrict access to [[PmWiki/Uploads|uploaded attachments]]?%0aA: See%0a* [[PmWiki/UploadsAdmin#direct_download|instructions]] for denying public access to the uploads directory%0a* see [[Cookbook:Secure attachments]] {Cookbook.SecureAttachments$:Summary}%0a%0aQ: How do I hide the IP addresses in the "diff" pages?%0aA: If the user fills an author name, the IP address is not displayed. To require an author name, set in config.php such a line:%0a%0a $EnablePostAuthorRequired = 1;%0a%0aA: The IP address can also be seen in a tooltip title when the mouse cursor is over the author name. To disable the tooltip, set in config.php:%0a[@%0a$DiffStartFmt = %0a "%3cdiv class='diffbox'>%3cdiv class='difftime'>%3ca name='diff\$DiffGMT' href='#diff\$DiffGMT'>\$DiffTime%3c/a>%0a \$[by] %3cspan class='diffauthor'>\$DiffAuthor%3c/span> - \$DiffChangeSum%3c/div>";%0a@]%0a%0aQ: How do I stop some Apache installations executing a file which has ".php", ".pl" or ".cgi" anywhere in the filename%0aA: Use $UploadBlacklist%0a%0aQ: How do I stop random people from viewing the ?action=source (wiki markup) of my pages? I have [@(:if auth edit:)@] text that I don't want the world to see.%0aA: [@$HandleAuth['source'] = 'edit';@] or [@$HandleAuth['source'] = 'admin';@] +time=1411274655 diff --git a/wikilib.d/PmWiki.Uploads b/wikilib.d/PmWiki.Uploads index 0d51f21d..4b30a6c4 100644 --- a/wikilib.d/PmWiki.Uploads +++ b/wikilib.d/PmWiki.Uploads @@ -1,9 +1,9 @@ -version=pmwiki-2.2.40 ordered=1 urlencoded=1 -author=pokeeffe +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=simon charset=UTF-8 -csum=removed entry 'tar' since strike-through isn't parsed +csum=display correct extension name=PmWiki.Uploads -rev=127 -targets=PmWiki.PmWiki,PmWiki.Images,PmWiki.UploadsAdmin,PmWiki.WikiGroup,PmWiki.PageDirectives,PmWiki.WikiAdministrator,PmWiki.Passwords,PmWiki.PasswordsAdmin,Cookbook.Attachtable,Cookbook.AttachLinks,Site.PageActions,PmWiki.AvailableActions,Cookbook.UploadTypes,Cookbook.PreventHotlinking -text=(:Summary:Allow authors to upload files, also known as page attachments:)%0a(:Audience: authors (intermediate) :)%0a[[PmWiki]] can be configured to allow authors to upload and store files and [[images]] (known as attaching them).%0aThese attachments may then be referenced from any page. %0a%0a-> ''Note'': ''[[PmWiki]] is distributed with uploads disabled by default. See [[Uploads Admin]] for information about how to enable and configure the upload feature.''%0a%0a-> ''Note2'': ''Uploads can be configured site-wide, by-group, or by-page; see [[Uploads Admin]] for details. This determines whether all uploads go in one directory for the site, an individual directory for each group, or an individual directory for each page. The default is to organize uploads by [[WikiGroup | group]].''%0a%0a!! [@Attach:@] Syntax%0aTo add or link to an attachment, an author edits a page to include the markup "@@Attach:@@" followed by a name of an attachment (e.g., "@@[=Attach:resume.pdf=]@@"). When the page is displayed, the @@Attach:@@ markup becomes one of the following:%0a%0a* A link to the named attachment (if uploaded, ie already in the upload directory)%0a* A link to a form whereby the author can specify a file to be uploaded and used as the new attachment (if not yet uploaded, ie not in the upload directory)%0a* If the attachment is an [[image(s)]] file with an extension such as .gif, .jpeg, or .png, it is displayed as an [[image(s)]].%0a%0aThe behaviour of links can be modified to%0a* prevent an image attachment from displaying as an image, place it in double brackets (e.g., [@[[Attach:image.jpg]]@]).%0a* have a link to an attachment appear without the "[@Attach:@]" at the beginning of the link, use [@[[(Attach:)file.ext]]@].%0a%0a!! Attachments on other pages and groups%0aTo link to an uploaded attachment (image or file) from another group, you simply refer the group itself (make sure "Groupname" has the dot in it).%0a->[@Attach:Groupname./file_name.ext@] (note the dot after the groupname)%0aIf PmWiki is configured with an individual directory per page use%0a->[@Attach:Pagename/file_name.ext@] (Pagename is in the same WikiGroup)%0a->[@Attach:Groupname.Pagename/file_name.ext@]%0a%0a!! Names with spaces%0aTo link to a filename with spaces in it use the bracket link notation, eg%0a->[@[[Attach:a filename with spaces.txt]]@]%0a%0a"Embedding in the page" an image with spaces is not supported: just upload the images with names without spaces, and use the markup [@Attach:image.jpg@].%0a%0aThe following workaround is possible, but is unsupported and not recommended:%0a->[@[[#blank | Attach:image space.jpeg]]@]%0a%0a!! International characters in file names%0aSee [[UploadsAdmin]] and $UploadNameChars.%0a%0a!! Listing Uploaded Files On A Page%0aTo list files that have been uploaded, use the markup:%0a[[PmWiki/PageDirectives#attachlist | [@(:attachlist:)@] ]]%0a%0aThis will list attachments to the current group or page, depending whether attachments are organised per group or per page; each instance includes a link to the attachment for viewing or downloading. A list of attachments is also shown as part of the uploads page form.%0a%0a!!!Upload Form / Upload Replacement%0aOne can go directly to the upload form by appending "?action=upload" to the URI for any page that has file uploads enabled by the [[Wiki Administrator]]. Replace a file by simply uploading a new version of the file with the same name. %0a* Be sure to clear your browser cache after replacing an upload. Otherwise, it may appear that the original upload is still on the server. %0aIf you put @@$EnableUploadVersions=1;@@ in your @@local/config.php@@, the old versions of the same files are renamed and not removed.%0a%0a%0a!!!Type and Size Restrictions%0aFor security reasons, the upload feature is disabled when PmWiki is first installed.%0aWhen enabled uploads are restricted as to the types and sizes of files that may be uploaded to the server (see [[UploadsAdmin]]). PmWiki's default configuration limits file sizes to 50 kilobytes and file extensions to common types such as ".gif", ".jpeg", ".doc", ".txt", and ".pdf". %0a%0aIn addition, the administrator can configure the system to require an @@upload@@ password--see [[Passwords]] and [[PasswordsAdmin]].%0a%0aBy default the upload allows the following extensions. Note that by default, no file extension is required.%0a%0a[[#imagetypes]] %0a->[@'gif','jpg','jpeg','png','bmp','ico','wbmp','svg','xcf' # images%0a@]%0a[[#imagetypesend]]%0a->[@'mp3','au','wav','ogg','flac', # audio%0a'ogv','mp4','webm','mpg','mpeg','wmf','mov','qt','avi', # video%0a'zip','7z','gz','tgz','rpm','hqx','sit', # archives%0a'doc','ppt','xls','mdb', # MSOffice%0a'exe', # executables%0a'pdf','psd', 'ps','ai','eps', # Adobe%0a'htm','html','css','fla','swf', # web stuff%0a'txt','rtf','tex','dvi', # text files%0a'odt','ods','odp','odg', # OpenOffice.org %0a'epub','kml','kmz','' # misc@]%0a%0a!!!Removal%0aAt present uploaded files can only be deleted from the server by the [[wiki administrator]]. Any uploads-authorized user may over-write an existing file by uploading another of the same name and extension to the same location.%0a%0aThe administrator may remove an uploaded file by accessing the server via ftp (or via a control panel, if the host offers such a feature). The recipe Cookbook:Attachtable allows the deletion of the files from the wiki.%0a%0a>>faq%3c%3c [[#faq]]%0a%0aQ: When I upload a file, how do I make the link look like "file.doc" instead of "Attach:file.doc"?%0aA: Use parentheses, as in [@[[(Attach:)file.doc]]@]. There is also a configuration change that can eliminate the [@Attach:@] -- see [[Cookbook:AttachLinks]].%0a%0aQ: Why can't I upload files of size more than 50kB to my newly installed PmWiki?%0aA: Out of the box PmWiki limits the size of files to be uploaded to 50kB. Add%0a->@@$UploadMaxSize = 1000000; # limit upload file size to 1 megabyte@@%0a->to your ''config.php'' to increase limit to 1MB (for example). See [[UploadsAdmin]] for how to further customize limits. Note that both PHP and webservers also place their own limits on the size of uploaded files.%0a%0aQ: Why does my upload exit unexpectedly with "Incomplete file received"?%0aA: You may be running out of space in a 'scratch' area, used either by PmWiki or by PHP. On *nix, check that you have sufficient free space in /tmp and /var/tmp.%0a%0aQ: How do I make it so that the upload link still allows one to make another upload (if someone wants to replace the old version of a file with a newer version, for example). Currently you only get the upload link when there is no file in the upload directory.%0aA: Use the Attach [[Site/page action(s)]], and click on the delta symbol %25blue%25(Δ)%25%25 shown against each of files listed. If you can't see the attach action either uploads are not enabled, you are not authorized to upload, or the attach action has been commented out or is missing. See also [[PmWiki/available actions]].%0a%0aQ: How do I hide the "[=Attach:=]" for all attachments%0aA: See Cookbook:AttachLinks, note that this does not currently work for [@ [[Attach:my file.ext]] @].%0a%0aQ: How can I link a file that have a 4-letter file extension such like 'abc.pptx'?%0aA: See [[Cookbook:Upload Types]]%0a%0aQ: How can I prevent others from using the url's of my images on their site%0aA: See [[Cookbook:Prevent Hotlinking]] {Cookbook.PreventHotlinking$:Summary}%0a%0a -time=1344549207 +rev=128 +targets=PmWiki.PmWiki,PmWiki.Images,PmWiki.UploadsAdmin,PmWiki.WikiGroup,PmWiki.PageDirectives,PmWiki.WikiAdministrator,PmWiki.Passwords,PmWiki.PasswordsAdmin,Cookbook.Attachtable,Cookbook.AttachLinks,Site.PageActions,PmWiki.AvailableActions,Cookbook.UploadTypes,Cookbook.PreventHotlinking,Cookbook.LinkIcons +text=(:Summary:Allow authors to upload files, also known as page attachments:)%0a(:Audience: authors (intermediate) :)%0a[[PmWiki]] can be configured to allow authors to upload and store files and [[images]] (known as attaching them).%0aThese attachments may then be referenced from any page. %0a%0a-> ''Note'': ''[[PmWiki]] is distributed with uploads disabled by default. See [[Uploads Admin]] for information about how to enable and configure the upload feature.''%0a%0a-> ''Note2'': ''Uploads can be configured site-wide, by-group, or by-page; see [[Uploads Admin]] for details. This determines whether all uploads go in one directory for the site, an individual directory for each group, or an individual directory for each page. The default is to organize uploads by [[WikiGroup | group]].''%0a%0a!! [@Attach:@] Syntax%0aTo add or link to an attachment, an author edits a page to include the markup "@@Attach:@@" followed by a name of an attachment (e.g., "@@[=Attach:resume.pdf=]@@"). When the page is displayed, the @@Attach:@@ markup becomes one of the following:%0a%0a* A link to the named attachment (if uploaded, ie already in the upload directory)%0a* A link to a form whereby the author can specify a file to be uploaded and used as the new attachment (if not yet uploaded, ie not in the upload directory)%0a* If the attachment is an [[image(s)]] file with an extension such as .gif, .jpeg, or .png, it is displayed as an [[image(s)]].%0a%0aThe behaviour of links can be modified to%0a* prevent an image attachment from displaying as an image, place it in double brackets (e.g., [@[[Attach:image.jpg]]@]).%0a* have a link to an attachment appear without the "[@Attach:@]" at the beginning of the link, use [@[[(Attach:)file.ext]]@].%0a%0a!! Attachments on other pages and groups%0aTo link to an uploaded attachment (image or file) from another group, you simply refer the group itself (make sure "Groupname" has the dot in it).%0a->[@Attach:Groupname./file_name.ext@] (note the dot after the groupname)%0aIf PmWiki is configured with an individual directory per page use%0a->[@Attach:Pagename/file_name.ext@] (Pagename is in the same WikiGroup)%0a->[@Attach:Groupname.Pagename/file_name.ext@]%0a%0a!! Names with spaces%0aTo link to a filename with spaces in it use the bracket link notation, eg%0a->[@[[Attach:a filename with spaces.txt]]@]%0a%0a"Embedding in the page" an image with spaces is not supported: just upload the images with names without spaces, and use the markup [@Attach:image.jpg@].%0a%0aThe following workaround is possible, but is unsupported and not recommended:%0a->[@[[#blank | Attach:image space.jpeg]]@]%0a%0a!! International characters in file names%0aSee [[UploadsAdmin]] and $UploadNameChars.%0a%0a!! Listing Uploaded Files On A Page%0aTo list files that have been uploaded, use the markup:%0a[[PmWiki/PageDirectives#attachlist | [@(:attachlist:)@] ]]%0a%0aThis will list attachments to the current group or page, depending whether attachments are organised per group or per page; each instance includes a link to the attachment for viewing or downloading. A list of attachments is also shown as part of the uploads page form.%0a%0a!!!Upload Form / Upload Replacement%0aOne can go directly to the upload form by appending "?action=upload" to the URI for any page that has file uploads enabled by the [[Wiki Administrator]]. Replace a file by simply uploading a new version of the file with the same name. %0a* Be sure to clear your browser cache after replacing an upload. Otherwise, it may appear that the original upload is still on the server. %0aIf you put @@$EnableUploadVersions=1;@@ in your @@local/config.php@@, the old versions of the same files are renamed and not removed.%0a%0a%0a!!!Type and Size Restrictions%0aFor security reasons, the upload feature is disabled when PmWiki is first installed.%0aWhen enabled uploads are restricted as to the types and sizes of files that may be uploaded to the server (see [[UploadsAdmin]]). PmWiki's default configuration limits file sizes to 50 kilobytes and file extensions to common types such as ".gif", ".jpeg", ".doc", ".txt", and ".pdf". %0a%0aIn addition, the administrator can configure the system to require an @@upload@@ password--see [[Passwords]] and [[PasswordsAdmin]].%0a%0aBy default the upload allows the following extensions. Note that by default, no file extension is required.%0a%0a[[#imagetypes]] %0a->[@'gif','jpg','jpeg','png','bmp','ico','wbmp','svg','xcf' # images%0a@]%0a[[#imagetypesend]]%0a->[@'mp3','au','wav','ogg','flac', # audio%0a'ogv','mp4','webm','mpg','mpeg','wmf','mov','qt','avi', # video%0a'zip','7z','gz','tgz','rpm','hqx','sit', # archives%0a'doc','ppt','xls','mdb', # MSOffice%0a'exe', # executables%0a'pdf','psd', 'ps','ai','eps', # Adobe%0a'htm','html','css','fla','swf', # web stuff%0a'txt','rtf','tex','dvi', # text files%0a'odt','ods','odp','odg', # OpenOffice.org %0a'epub','kml','kmz','' # misc@]%0a%0a!!!Removal%0aAt present uploaded files can only be deleted from the server by the [[wiki administrator]]. Any uploads-authorized user may over-write an existing file by uploading another of the same name and extension to the same location.%0a%0aThe administrator may remove an uploaded file by accessing the server via ftp (or via a control panel, if the host offers such a feature). The recipe Cookbook:Attachtable allows the deletion of the files from the wiki.%0a%0a>>faq%3c%3c [[#faq]]%0a%0aQ: When I upload a file, how do I make the link look like "file.doc" instead of "Attach:file.doc"?%0aA: Use parentheses, as in [@[[(Attach:)file.doc]]@]. There is also a configuration change that can eliminate the [@Attach:@] -- see [[Cookbook:AttachLinks]].%0a%0aQ: Why can't I upload files of size more than 50kB to my newly installed PmWiki?%0aA: Out of the box PmWiki limits the size of files to be uploaded to 50kB. Add%0a->@@$UploadMaxSize = 1000000; # limit upload file size to 1 megabyte@@%0a->to your ''config.php'' to increase limit to 1MB (for example). See [[UploadsAdmin]] for how to further customize limits. Note that both PHP and webservers also place their own limits on the size of uploaded files.%0a%0aQ: Why does my upload exit unexpectedly with "Incomplete file received"?%0aA: You may be running out of space in a 'scratch' area, used either by PmWiki or by PHP. On *nix, check that you have sufficient free space in /tmp and /var/tmp.%0a%0aQ: How do I make it so that the upload link still allows one to make another upload (if someone wants to replace the old version of a file with a newer version, for example). Currently you only get the upload link when there is no file in the upload directory.%0aA: Use the Attach [[Site/page action(s)]], and click on the delta symbol %25blue%25(Δ)%25%25 shown against each of files listed. If you can't see the attach action either uploads are not enabled, you are not authorized to upload, or the attach action has been commented out or is missing. See also [[PmWiki/available actions]].%0a%0aQ: How do I hide the "[=Attach:=]" for all attachments%0aA: See Cookbook:AttachLinks, note that this does not currently work for [@ [[Attach:my file.ext]] @].%0a%0aQ: How can I link a file that have a 4-letter file extension such like 'abc.pptx'?%0aA: See [[Cookbook:Upload Types]]%0a%0aQ: How can I prevent others from using the url's of my images on their site%0aA: See [[Cookbook:Prevent Hotlinking]] {Cookbook.PreventHotlinking$:Summary}%0a%0aQ: How can I display a file that lacks a correct extension? [-(e.g. you are using Cookbook:LinkIcons)-]%0aA: A file can be displayed by addition of a "false" extension to the URL. For example, if the url is @@http://example.com/dox/mydoc@@, add a fake query string on the end with the desired extension (e.g., @@http://example.com/dox/mydoc?format=.docx@@). If query strings are unsuitable, a fragment identifier should work, e.g. @@http://example.com/dox/mydoc#.docx@@.%0a%0a +time=1410129589 diff --git a/wikilib.d/Site.UploadQuickReference b/wikilib.d/Site.UploadQuickReference index 2d4fc11f..f2116fbd 100644 --- a/wikilib.d/Site.UploadQuickReference +++ b/wikilib.d/Site.UploadQuickReference @@ -1,9 +1,9 @@ -version=pmwiki-2.2.42 ordered=1 urlencoded=1 -author=Dfaure +version=pmwiki-2.2.68 ordered=1 urlencoded=1 +author=Petko charset=UTF-8 -csum=Removed extraneous line break +csum=Use the button above name=Site.UploadQuickReference -rev=27 +rev=28 targets=Site.RecentUploads,PmWiki.Uploads,Site.UploadQuickReference -text=(:Summary:quick reference for [[PmWiki/uploads|uploading]] pages:)%0a[[#quickreference]]%0a>>color:#000000 bgcolor:#f9f9f9 font-family:'Arial,sans-serif' font-size:12px padding:2px border:'1px solid #cccccc' class='quickref'%3c%3c%0a(:if exists {*$Group}.RecentUploads:)%0a%25rfloat newwin%25[[{*$Group}.RecentUploads|Recent uploads]] to {*$Group} `WikiGroup%0a(:ifend:)%0a'''%25newwin%25[[PmWiki/Uploads]]'''%0a%0a# Use the "Browse" button above to find the "File to upload" on your local computer.%0a%0a# For the "Name attachment as:" field, enter the name you prefer the file to have once it has been uploaded to the site.\\%0aThis can be the same as its filename on your source disk ''or it can be different'', but %25bgcolor:yellow%25'''make sure it has the correct file extension'''%25%25.%0a%0a# Press "$[Upload]" to upload the file.%0a%0a# To refer to an attachment within a wiki page in this {$Group} `WikiGroup, simply enter @@[=Attach:=]''filename.ext''@@ in the page text.%0a%0a# After uploading, you can %0a** %25item rel=nofollow class=browse%25 [[{*$FullName}?action=browse | $[View] the {*$Name} page]] or%0a** %25item rel=nofollow class=edit%25 [[{*$FullName}?action=edit | $[Edit] the {*$Name} page]] or%0a** Scroll down to view the list of files that have been uploaded to the {*$Group} wiki group.%0a>>%3c%3c%0a[[#quickreferenceend]]%0a%0a----%0a%0a!! Existing uploads%0a>>font-size:smaller%3c%3c%0a(:attachlist:)%0a>>%3c%3c -time=1348089347 +text=(:Summary:Quick reference for [[PmWiki/uploads|uploading]] pages:)%0a[[#quickreference]]%0a>>color:#000000 bgcolor:#f9f9f9 font-family:'Arial,sans-serif' font-size:12px padding:2px border:'1px solid #cccccc' class='quickref'%3c%3c%0a(:if exists {*$Group}.RecentUploads:)%0a%25rfloat newwin%25[[{*$Group}.RecentUploads|Recent uploads]] to {*$Group} `WikiGroup%0a(:ifend:)%0a'''%25newwin%25[[PmWiki/Uploads]]'''%0a%0a# Use the button above to find the "File to upload" on your local computer.%0a%0a# For the "Name attachment as:" field, enter the name you prefer the file to have once it has been uploaded to the site.\\%0aThis can be the same as its filename on your source disk ''or it can be different'', but %25bgcolor:yellow%25'''make sure it has the correct file extension'''%25%25.%0a%0a# Press "$[Upload]" to upload the file.%0a%0a# To refer to an attachment within a wiki page in this {$Group} `WikiGroup, simply enter @@[=Attach:=]''filename.ext''@@ in the page text.%0a%0a# After uploading, you can %0a** %25item rel=nofollow class=browse%25 [[{*$FullName}?action=browse | $[View] the {*$Name} page]] or%0a** %25item rel=nofollow class=edit%25 [[{*$FullName}?action=edit | $[Edit] the {*$Name} page]] or%0a** Scroll down to view the list of files that have been uploaded to the {*$Group} wiki group.%0a>>%3c%3c%0a[[#quickreferenceend]]%0a%0a----%0a%0a!! Existing uploads%0a>>font-size:smaller%3c%3c%0a(:attachlist:)%0a>>%3c%3c +time=1411027969 |