# This program is distributed under the terms of the GNU General Public License.
# See the README & COPYING files for more information.
# Copyright (C) 2004-2009 Kevin L. Papendick <email@example.com>
### PolarBlog Changes ###
V1.11.1 - 09/12/09
* BUG FIX: Post via email body not being added to an entry without a ::MORE:: tag.
* Updated POP3 mail class.
V1.11.0 (Sundial) - 03/27/09
* BUG FIX: Calendar dates are not falling on the proper day of the week.
* BUG FIX: DB class wrapper not properly setting the port value when in MySLQi mode.
* BUG FIX: Topic selection in search bar isn't necessary and leads to inaccurate results!
* E_STRICT: Suppress warning in PbEntry::buildTrackbackRdf() from bad charset data.
* E_STRICT: Change declaration of static function FeedCreator::iTrunc to be "public static".
* E_STRICT: Change creation of current time variable from mktime() to time().
* Updated PHP5Akismet to v0.4
* Update phpMailer to v2.3
* Changed default RBL sbl-xbl.spamhaus.org to zen.spamhaus.org
* Changed entry time offset hours range from 24 to 168.
* New and improved navigation calendar.
* Added optional Archive Entry Calendar view.
* New calendar CSS setup. See css/left_nav.diff or css/standard.diff
* New configuration directive USE_ARCHIVE_CAL.
* New language tag ARCHIVE_LINK_CAL.
V1.10.2 - 11/23/07
* BUG FIX: Entries in deleted topics causing the entry index page to fatal.
* BUG FIX: Search results not being properly sorted, partially due to V1.9.1 changes.
* BUG FIX: New and updated entries that are post dated shouldn't ping Ping-O-Matic.
* SafeSQL*.class.php Added released NULL support and fixed PHP5 abstract method declaration error.
* Improved query topic indexing.
* Improved comment indexing.
* E_STRICT: Fix Call-time pass-by-reference errors.
* E_STRICT: You need to set your default timezone via date.timezone.
See http://us.php.net/datetime and http://us.php.net/manual/en/timezones.php
V1.10.1 - 09/27/07
* BUG FIX: Prevent hacking of input variables to eliviate potential path disclosures.
* BUG FIX: Prevent hacking of session cookie to eliviate potential path disclosures.
* BUG FIX: User IP detection could return a comma delimited list of addresses instead of just one.
* BUG FIX: RSS feed not updating when multiple entires entered with the TTL.
* BUG FIX: Entries in deleted topic cause fatal errors.
* Added support for auto blocking of Akismet flagged messages.
* Added additional protection against comment spam.
* New configuration directive RBL_AKISMET_AUTODEL.
V1.10.0 (Wolverine) - 2/10/07
* BUG FIX: Validation on some foreign characters in title, post_by and name.
* BUG FIX: Stray "]" left after auto linking text on every 4th autolink in an entry.
* BUG FIX: When using only images for prev/next, they are locked to 16x16.
* BUG FIX: Change RBL IP lookup to robtex.com because samspade.org disappeared!
* BUG FIX: Sometimes the session cookie appears to not set and actions after login fail.
* BUG FIX: Throwing undefined topics warning when DB connection fails.
* Added support for Akismet via PHP5Akismet. This requires a WP API key.
* Added support for autolinking to topics (in addtion to entry or comments).
* Add RBL Admin table entry counts.
* Added session for all visits and IP logging within session.
* New configuration directive RBL_AKISMET_KEY.
* New configuration directive COMMENT_MAIL_RESTRICT.
V1.9.1 - 01/06/07
* BUG FIX: RBL keyword check occassionally throws warning while searching.
* BUG FIX: Syntax error in config.php.dist due to missing comma!!!
* BUG FIX: New installs fail under PHP5 because of no topics.
* Added prevention of deleting topic when there is only one defined.
* Updated documentation to better explain $config['blogs'] section.
* Limit search to 50 matches.
V1.9.0 (Bloodhound) - 12/16/06
* BUG FIX: <p> tags being replaced with two <br /> tags! New .pb_body p CSS directive.
* BUG FIX: RBL was not checking comment text! New configuration directive RBL_TEXT_CHECK.
* BUG FIX: Comment URL links to SSL sites (https://) were being converted to non-SSL.
* BUG FIX: Comment URL disallowing URL's with parameters (?, &).
* BUG FIX: Comment editing not replacing <br /> tags as they should.
* BUG FIX: Entries via POP3 are inserted repeatedly because they aren't deleted after insert.
* BUG FIX: Disabling comment on an individual entry still allows replies to existing comments.
* BUG FIX: When adding new entry default display was being shown instead of just new entry.
* BUG FIX: Various display issues in RBL Admin interface.
* BUG FIX: V1.8.0 documentation references "USE_COMMENT_RBL" when it should be "USE_RBL".
* Deprecated ENTRY_LINK and ARCHIVE_LINK, now lang file entries.
* Made display of ENTRY_LINK and ARCHIVE_LINK more consistent with other look and feel.
* Comment JS validation now uses language file to support localization.
* Added entry trackback support. (FINALLY! :)
* Added basic user management (password hints/change).
* Added individual topic RSS feeds.
* Added "Display Disabled" notice to comment/trackback emails.
* Added Entry insert/update status message after action.
* Only load PHP Mailer at point it's required for notifications.
* Added custom X-Tracker to email header in notifier and POP3 poster.
* Added CHARSET to POP3 entry poster.
* Changed RBL Admin Listed IP's URL link text so table better fits in window.
* Added Comment Display Disabled listing to RBL Admin.
* RBL blocked comment replies no longer mailed to commenter.
* Added IP whois lookup to RBL Admin and comment admin view display.
* Future dated entries now show future dated display disabled.
* Updated XMLRPC class.
* The MAIL_TYPE configuration directive now defaults to FALSE to disable all mail functions.
* New configuration directives RBL_TEXT_CHECK, TB_STRIP_TAGS, TB_EXCERPT_LENGTH
USE_TRACKBACK, TB_AUTO_DISCOVERY, USE_RSS, USE_RSS_TOPICS
* New language tags: PASSWORD_HINT_LINK, PASSWORD_HINT_MSG, PASSWORD_HINT_BUTTON,
PASSWORD_EMAIL_TEXT, PASSWORD_EMAIL_SENT, PASSWORD_EMAIL_FAIL,
PASSWORD_UPDATE, PASSWORD_NEW, PASSWORD_CONFIRM, PASSWORD_MISMATCH,
PASSWORD_UPDATED, PASSWORD_UPDATE_FAIL, FORM_ALL_FIELDS, VIEW,
NONE, ENTRY_ID, URL, TRACKBACK, TB_READ, TB_PERMALINK, TB_REPLY,
TB_INVALID_DATA, TB_DISABLED, TB_IP_BLOCK, TB_RBL_IP, TB_RBL_URL,
TB_RBL_EXCERPT, TB_SAVE_REVIEW, TB_DB_ERROR, TB_DISPLAY_ON,
TB_DISPLAY_OFF, TB_DELETE, TB_CONFIRM_DELETE, TB_LINK_TEXT,
TB_SEND_ERROR, TB_NO_EDIT, ENTRY_LINK, ARCHIVE_LINK, ENTRY_STATUS,
MAIL_TB_INTRO, RSS_FEED, RBL_IP_LOOKUP, COMMENT_DISABLED, DISPLAY,
POSTED, FROM, EXCERPT, COMMENT_VIEW_FULL, COMMENTS_NO_DISABLED
COMMENT_NO_NAME, COMMENT_NO_TEXT, DISPLAY_DISABLED_FUTURE
* Updated language tags: FAIL_DISPLAY_MSG
V1.8.0 (Swainson's Hawk) - 9/5/06
* Added support for MySQLi extension (requires PHP5 & MySQL >= 4.1)
* Added automatic detection and (limited) support for PHP5 SPL.
* Calendar and right column CSS changes. See css/left_nav.diff or css/standard.diff
* BUG FIX: Installer does not have error messages defined for all upgrades.
* BUG FIX: Editing comments resets the timestamp to the current time.
* BUG FIX: Editing user resets the timestamp to the current time.
* BUG FIX: WHEN USE_COMMENTS is disabled, existing comments don't display.
* BUG FIX: Added .?,'"~!@#$%^&*()_+-:;| to the auto-link optional link name text field.
* BUG FIX: Various database class bug fixes and enhancements. (see the file)
* BUG FIX: Topics without an icon displays broken image.
* BUG FIX: Word count on entries and comments is not correct.
* BUG FIX: htmlentities() doesn't respect character set encoding.
* BUG FIX: The comment email feature does not currently respect the blog's
I18N_CHARSET value. All email is sent as ISO-8859-1.
* BUG FIX: RSS feed not untilizing correct feed encoding or using correct contentType.
Added $config['rss']['required']['contentType'] to config.
Upgrade FeedCreator class to V1.7.2c.
* Changed RSS $config['rss']['feed']['encoding'] to use I18N_CHARSET by default
so you don't have to change it in two places.
* Added $config['rss']['entry_count'] to set RSS feed entry count. Falls back to DEFAULT_DISPLAY_CNT.
* Added pb_topic_icon_image CSS class to control topic icon display. Default now
sets this to (float) display on the right.
pb_title margin should be changed from 0px to -10px also.
* A number of minor tweaks were done to the CSS files plus the addition of the RBL Admin CSS.
See css/standard.diff or css/left_nav.diff for more information.
* New configuration directives USE_COMMENT_RBL, RBL_REFERER_CHECK, RBL_URL_CHECK
RBL_BLOCK_KEYWORD, RBL_SAVE_BLOCKED and $rbl_services
* New language tags: CONFIRM_COMMENT_BL, CONFIRM_COMMENT_WL, CONFIRM_DELETE_COMMENT,
CONFIRM_DELETE_ENTRY, DUPLICATE_ENTRY_MSG, RBL_BLOCKED_SAVED,
RBL_BLOCKED_DEL, LISTED_IPS, IP_ADDRESS, LAST_VISIT, VISITS,
RBLS, REFERRER, REF_FROM, WHITELISTED, ACTION, DELETE,
BLACKLIST_IP, WHITELIST_IP, RBL_ADMIN_HDR, KEYWORD, OCCURRENCES,
LISTED_KEYWORDS, ADD, EXIT_RBL
* Added data validation for all input variables that weren't already being validated.
* Improved security checking by validating logged in users.
* Added additional entry table index to improve performance.
V1.7.3 - 2/2/06
* BUG FIX: Missing post by mail code!
V1.7.2 - 1/15/06
* BUG FIX: RSS feed erroneously inserting blank XSL stylesheet.
* BUG FIX: Installation routine using the database username/password as the default administrator.
Database class upgrade.
V1.7.1 (Blind Squirrel) - 11/30/05
* Added the new installer that is required for V1.7.0!!!
V1.7.0 (Homing Pigeon) - - 11/29/05
* Added blog posting via email!
* Major rewrite of the installer/upgrade utility.
* Added Multi-Section "Other Blogs" support.
* Added Ping-O-Matic! checkbox to entry add/update (if USE_PINGER enabled).
* Additional validation of input data for improved security.
* Addition of English and Spanish translation in UTF-8 character sets.
* New pb_input_text CSS replaces pb_title in most places.
pb_title = Entry Title and Entry Index Date
pb_input_text = Edit input field text
* Database performance improvements to entry selection.
* BUG FIX: FULLTEXT entry search may have not been created in past upgrade. This is now
checked and corrected in the upgrade process.
* BUG FIX: Undefined variable $display in PolarBlog::buildComment() issuing a PHP Notice.
* BUG FIX: Edit topic or user cancel button returns to main page. While editing a topic
or user when you cancel it now returns to the section selection menu.
V1.6.2 (Fungus Gnat) - 10/10/05
* BUG FIX: Deleting a deletes all top level comments! This was being cause by a bug in
MySqlDb::stripArray() where nested arrays were not being handled properly.
* BUG FIX: The auto-linebreak option on comments does not work. This has been corrected.
V1.6.1 (Wild Turkey) - 09/06/05
* BUG FIX: Regeneration of the RSS feed failing if the file existed, but was out of date
or a new entry had been added.
V1.6.0 (Hitchhiker) - 08/24/05
* Backed out V1.5.0 change that displayed topic before the entry name on the Index Page.
I've decided this looks really sucky and if you just hover over the link for a second
it tells all you should need to know.
* Updated the Recent Entries, Topics and Other Blogs list via CSS. See the development
blog entry http://www.polarlava.com/blog/?eid=242 for details.
* Upgrade to MySqlDb class to V1.6.0.
* Upgraded PHPMailer to V1.73
* Disabled DB class debug messages. Never should have been on in the first place!
* Addition of UTF-8 German translation.
* Addition of French translation in ISO-8859-1 and UTF-8 character sets.
* Added DISPLAY_DISABLED text to disabled comments. Similar to what is done on disabled
* Previously the RSS feed would regenerate if it did not exist (obviously) and it the TTL
had expired. It has now been substantial reworked to account for new entries as well as
support HTTP Conditional GET's and return a 304 header if the feed is still current.
* Added "//setlocale(); //see documentation for usage" to the the config.php.dist file's
localization section. There have been some users that have needed this to make their
localization work properly.
* BUG FIX: Changed the RSS feed alternate link tag from the text rss20.xml to rss,php
the dynamic feed generator. If you are not using the default index.php page, but
are rather using your own custom or integrated page, you may want to check/update
this setting on your installation.
* BUG FIX: Removed colon from German NO_SEARCH_RESULT translation. This was resulting in
a double colon because there is already one in the coded output.
* BUG FIX: Using TOPIC_ICON_WIDTH not working properly and failing validation because of
* BUG FIX: Failing XHTML validator on comments anchor. This has been fixed by wrapping
this is in a div tag.
* BUG FIX: Fixed typo error that was causing space entities ( ) to appear in comment
* BUG FIX: Edit Comment displays "Display Entry" checkbox always checked even when the comment
is disabled. This now respects the display flag on the comment as it should.
* BUG FIX: Suppress Ping-O-Matic RPC call failure. When the Ping-O-Matic service was failing
to respond, a PHP error was being displayed (if enabled). This error has now been
suppressed so it does not display. Improved error handling will be implemented
in the future.
V1.5.2 (Groundhog) - 02/02/05
* Added new MAIL_SUBJECT_COMMENT and MAIL_SUBJECT_REPLY language tags to better support
non-english users needs.
* BUG FIX: Deleting a single comment destroying all root level comments! A serious
array data mishandling issue in the DB class has been corrected. Nested
arrays are now handled properly.
* BUG FIX: Non-English versions are unable to delete users or topics. This has been
corrected. Any hackers should be aware this required a change in polarblog.php
* BUG FIX: Comments will now respect USE_WORD_COUNT option added in V1.3.0.
* BUG FIX: Comment date format is incorrect. Updated default COMMENT_DATE_FORMAT
in config.php.dist. This value is also used to format the Created date
when editing users.
* BUG FIX: The query problem with SafeSQL error when attempting to add/edit users
has been resolved. The query is again running under SafeSQL.
* BUG FIX: The BASE_URL was missing from entry auto-links and has now been added.
V1.5.1 - 01/27/05
* BUG FIX: Unable to add/edit users! There is a bug in SafeSQL that causes it to
trip up on the DATE_FORMAT in the query string. This query has been
converted back to a standard query until this can be resolved.
* BUG FIX: The Entry Preview is not localized. This has been corrected and
the language file has been updated.
* BUG_FIX: In some browsers the calendar display is too small. Changed the calendar
to be 100% of the width of the right navigation panel.
* BUG_FIX: Changed "Read more..." horizontal ellipsis entity from 8230 to hellip.
This was reported as not displaying in Konqueror on Linux with German.
This may or may not correct this problem.
V1.5.0 - 01/24/05
* Rewrote all queries to use SafeSQL to assure proper escaping of data to prevent
potential SQL injection attacks. This was a precautionary change as there are no
know issue of this type with PolarBlog.
* Added entry [E:<eid>:link text] and comment [C:<cid>:link text] auto linking when
posting an entry. Leaving off the link text will use the entry title.
* Added the commentor/replyor's name to the email notifications so you know who it
was that posted the message without having to visit the page.
* Added support for Mozilla Live Bookmarks:
This entailed addding a link to the index.php head section.
* Comment Double-Space - Added HTML non-breaking space entity replacement on
comment double space when adding or editing.
* Changed Entry Index to display topic before name.
* BUG FIX: Entry preview is not using the I18N_DATE_FORMAT even when defined. This
has been corrected so the deprecated DATE_FORMAT is only used as a fallback.
* BUG FIX: Entry comment count includes comments that have the display set to off.
The query in PbEntry::setCommentCnt() has been corrected.
V1.4.0 - 01/03/05
* Added "Display Disabled" to entry header (as appropriate).
* Added Topics link navigation.
* Added comment IP logging & blocking.
* Added ability to remove topic icon image size locking.
* Added optional GzContent class for GZip output compression.
* New configuration directive TOPIC_ICON_WIDTH.
* New configuration directive TOPIC_ICON_HEIGHT.
* New configuration directive USE_GZ_OUTPUT.
* New configuration directive GZ_LEVEL.
* New configuration directive GZ_DEBUG.
* New configuration directive COMMENT_BLOCK_FILE.
* New configuration directive USE_TOPIC_LINKS.
* BUG FIX: Updated entries display the creation date for the updated date. This
was a bug introduced during the V1.3.0 I18N work and has been corrected.
V1.3.0 - 12/20/04
* Added internationalization/localization support.
* Added Localization class.
* New RSS configuration directive $config['rss']['feed']['encoding']
* New configuration directive I18N_LANG.
* New configuration directive I18N_CHARSET.
* New configuration directive I18N_DATE_SEPARATOR_FORMAT.
* New configuration directive I18N_DATE_FORMAT.
* New configuration directive USE_GOOGLE_LINK.
* New configuration directive USE_WORD_COUNT.
* Deprecated configuration directive DATE_SEPARATOR_FORMAT.
* Deprecated configuration directive DATE_FORMAT.
* BUG FIX: Comment email notification not always being sent. This was related
to the V1.2.2 comment infinite loop fix.
* BUG FIX: Comment emails not being sent, but replies work. A bad query has been
fixed. Also removed the SUB_HEADER from the email footer.
* BUG FIX: Comment sometimes appear out of order. This has been corrected by
ordering their retrieval in order by their time of entry.
* BUG FIX: Search results are displayed oldest to newest. Not a bug per se,
but it does make more sense to order them newest to oldest. Done.
* BUG FIX: After searching all results are displayed, but the "Next" navigation
button is displayed. When clicked you get recent entries. I've
disabled the navigation when searching. This is a temporary fix
until I can fix the search results to page properly. For the time
being you get all of the results on one page.
* BUG FIX: Double slashes in URL when PolarBlog is the servers root page. Previously
a trailing slash was added to the derived directory name. But when
PolarBlog is the root page this is not necessary. This has been corrected.
V1.2.3 - 12/07/04
* BUG FIX: Unable to add comments after V1.2.2 upgrade. Comment link functions
the same as Permalink. Fixed to allow comment link to function again.
* BUG FIX: Problems with change in V1.2.2 regarding html entities in entries.
This change has been backed out until I can explore it further.
V1.2.2 - 12/06/04
* BUG FIX: When saving an existing entry if you use the back button to edit
again, when you save it you get a duplicate entry error message.
The duplicate entry detection has been fixed to only operate on
new entries. Doing this allows the browser's back button to
function without causing problems. This is acceptable as an entry
ID is defined when editing an existing entry.
* BUG FIX: When editing entries, html entities that are defined are being
stripped. This editing problem has been corrected.
* BUG FIX: Fixed the RSS feed generator to properly cache the file and return
* BUG FIX: Fixed the RSS feed generator to include full entries (body and more fields)
instead of just the body field.
* BUG FIX: Comment retrieval and display occasionally enters an infinite loop.
This problem was generally only seen by new users because of a
conflict between entry and comment ID's. Users who had upgraded
likely wouldn't see this problem as the're current entry ID's would
be numbered much higher than the new comment ID's. This nightmare
has now been resolved!
V1.2.1 - 10/31/04
* BUG FIX: Fix comment word count display to match the entry word count display.
V1.2.0 - 10/29/04
* Added XML-RPC class. http://keithdevens.com/software/xmlrpc
* New configuration directive BLOG_NAME.
* New configuration directive USE_PINGER for pinging Web-O-Matic!
* Changed comment email subject to use BLOG_NAME instead of TOP_HEADER.
* Entry Index reworked to display entries monthly in reverse chronological order.
* DEFAULT_ARCHIVE_CNT changed from 20 to 100.
* Added duplicate entry detection and prevention.
* Added entry preview mode.
* New configuration directive PREVIEW_WIDTH.
* New configuration directive PREVIEW_HEIGHT.
V1.1.1 - 10/15/04
* BUG FIX: When USE_SPELLER is set to FALSE, the Check Spelling button still displays.
This has been corrected.
V1.10 - 10/12/04
* BUG FIX: When canceling topic or entry, display reverts to active topic.
This has been corrected to default to the current entries.
* BUG FIX: MySqlDb::safeQuery() had inverted object existence check.
* BUG FIX: Entries that are postdated entries (i.e. + Timestamp Adjust value)
displaying regardless of the current system time. These entries now
do not display until the post time passes.
* BUG FIX: Resetting the create timestamp causing entries to appear as updated.
This now functions as expected by resetting the create and update timestamps.
* BUG FIX: Fixed no word entries to not display a "There are X words in this entry"
This was done to support photoblog entries that may not have any text.
* BUG FIX: The calendar function rolls back to the current year when navigating to
to January of the next year. This has been corrected.
* BUG FIX: An error occurs when attempting to search. This was caused by the use
of boolean searches which requires MySQL >= 4.01. A new configuration
directive BOOLEAN_SEARCH with a default of FALSE has been added. If
you are running with MySQL >= 4.01 then your are recommended to set this
directive to TRUE.
* BUG FIX: Logging out when not actually logged in generates a session error. A
check is now made to determine if the user is logged in before attempting
to log them out.
* Changed "Display Recent Entries" from POST to GET to avoid page reload prompting.
* Added fully nested commenting system!
* Added SafeSQL class. http://www.phpinsider.com/php/code/SafeSQL/
* Upgrade to MySqlDb class to V1.3.2.
* Upgrade FeedCreator class to V1.7.2.
* Added phpmailer and smtp classes. http://phpmailer.sourceforge.net/
* New configuration directive JS_URL.
* New configuration directive BOOLEAN_SEARCH.
* New configuration directive DISPLAY_ENTRY_DEFAULT.
* New configuration directive USE_COMMENTS.
* New configuration directive COMMENT_DATE_FORMAT.
* New configuration directive COMMENT_ROWS.
* New configuration directive COMMENT_COLS.
* New configuration directive COMMENT_INDENT.
* New configuration directive COMMENT_INDENT_INCREMENT.
* New configuration directive COMMENT_TAGS.
* New configuration directive COMMENT_MAIL.
* New configuration directive MAIL_TYPE.
* New configuration directive MAIL_HOST.
* New configuration directive MAIL_FROM.
* New configuration directive MAIL_FROM_NAME.
* New configuration directive MAIL_BCC_REPLY.
* New configuration directive MAIL_DEBUG.
V1.02 - 8/20/04
* New configuration directive PAGE_TITLE.
* Documentation updated.
* MySqlDb class updated to V1.3
V1.01 - 8/19/04
* New configuration directive DOCTYPE.
* New configuration directive USE_LOGIN_LINK.
* Documentation updated.
V1.00 - 08/16/04
* Added this CHANGES file to log version changes.
* Added a README file.
* Added documentation to project.
* Added topic name to Recent Entries link title.
* Moved the Adminstration menu above Recent Entries in the control panel.
* Added the DEFAULT_ARCHIVE_CNT configuration option.
* Added delete confirmation to Topic Edit screen.
* Added delete confirmation to User Edit screen.
V0.9 - 08/04/04
* Initial public release.