ChangeLog

PunBB 1.4.4
2015-10-14 13:00:00
====================

 * Fixed validation of the LinkedIn field in profile.
 * Removed deprecated function calls.
 * Fixed validation for unclosed tag in BBCode parser.
 * Other minor bug fixes.


PunBB 1.4.3
2015-06-15 18:30:00
====================

 * The default Oxygen theme now supports responsive design.
 * Added the OpenSearch plugin.
 * Added the check for versions of dependent extensions.
 * Added processing AJAX requests.
 * Blocked password reset for Administrator.
 * Added the check for max length of email subjects.
 * Constants have been put into a separate file.
 * Updated LABjs to version 2.0.3.
 * Fixed redeclared clean_conf_names.
 * Fixed interaction with the extension repository.
 * Fixed hardcoded max_subject_length.
 * Fixed the possibility to insert incorrect social network addresses into profiles.
 * Fixed some function calls incompatible with new PHP versions.
 * Fixed some misprints.
 * Added some hooks.


PunBB 1.4.2
2012-02-09 20:36:00
====================

 * Oxygen style is updated.
 * Errors are translatable.
 * The link from the last part of breadcrumbs is removed.
 * "Last edited message" is moved to the post header.
 * Flash messages is automatically disabled in the case of a redirect with delay > 0.
 * Fixed non-updated info block of the last registered user.
 * Fixed redirect of a post to the previous one after its deleting. Fix #53.
 * Fixed upload of avatars in open_basedir cases.
 * Fixed censoring functions. Thanks to Gargaj for helping.
 * Fixed all known "Full-path disclosure" errors.
 * Fixed extension of  an updated subsystem - broken in 1.4.0.
 * Fixed broken update in SQLite.
 * Auto-suggest username from the email inserted in the registration form.
 * New function to start a session - forum_session_start().


PunBB 1.4.1
2011-10-27 20:29:00
====================

 * fixed XSS vulnerability in profile.php (reported by Secunia)
 * fixed javascript errors on Internet Explorer 6 and 7 (reported by hklown)


PunBB 1.4
2011-10-30 10:25:00
====================

 * support internationalized domain name in posts (must be enabled in config)
 * better censors function for Unicode
 * support InnoDB Mysql engines
 * support SQLite3 engines
 * faster select in large topics and forums (ported from FluxBB)
 * much faster database query for update users online status
 * worked "has posted" feature for SQLite engines
 * optimized and updated Oxygen style
 * HTML5 Doctype
 * HTML5 form API
 * simplified forms — login, register, search
 * autodetect timezone on register (used JavaScript)
 * CSS and JavaScript files minificated for faster loading
 * new dynamic loading system for JavaScript, based on LABjs
 * JavaScript files moved to page footer for faster page loading
 * new profile fields — facebook, twitter, skype, linkedin
 * redirect page now disabled by default. We use new system called Flash Messenger
 * dropped support PHP 4. Now minimum required version is PHP 5.0
 * feature: Ctrl+Enter submit handler to post forms
 * feature: settings for enable or disable moderators list on forum main page
 * feature: don't mask passwords
 * feature: forum subscriptions
 * feature: addDOMReadyEvent in punbb.common.js
 * many small improvements in Oxygen style and html markup
 * added functions for extension developers
 * added last visited time to user profile and remove it from main page
 * added hooks


PunBB 1.3.6
2011-09-18 11:15:51
====================

* fixed XSS vulnerabilities
* fixed error in bans on admin/bans.php and profile.php
* fixed invalid closing tag on profile.php


PunBB 1.3.5
2011-03-21 15:30:27
====================

 * a lot of bugs fixed (CSS & markup, correct path and alerts on install, fixed typos and more)
 * added missing lang entries on language files
 * hidden guest email
 * increased visit timeout
 * deleting non-activated users on registering
 * correct deprecated function calls
 * added paginal navigation on pages admin users and bans
 * added validation timezone and report length
 * added hooks


PunBB 1.3.4
====================
2009-05-20 13:29:29

The main change since 1.3.3 is the fix of the possible XSS vulnerability in profile.php
on password and e-mail change (reported by Richard Sammet).
As usual, the hotfix for older versions is released as well, which resolves the same security issue.
If, for the reason of possible incompatibility of styles and extensions, you have not upgraded
to 1.3.3 yet, you may also get along without upgrading to 1.3.4


PunBB 1.3.3
====================
2009-04-17 16:34:41

 * a lot of bugs fixed (CSS & markup, defects in language files, hook rearrangements, parsing posts in feeds)
 * correct response header placement upon errors
 * correct language pack detection during the final stage of the install process
 * contains fixes of security flaws (which were fixed by hotfixes in previous versions)
 * it is now possible to limit searches to topic subjects or message bodies
 * users are not allowed to change their e-mails without entering their passwords first


PunBB 1.3.2
====================
2008-12-08 18:31:21

Apart from minor bugs, the following security flaws have been resolved (reported by Stefan Esser):
 * an XSS vulnerability in login.php
 * a possible SQL-injection in the the admin settings page with permission config values
 * a possible SQL-injection in the the admin users page


PunBB 1.3.1
====================
2008-11-26 19:18:02

 * XSS vulnerability via topic subjects in moderate.php is fixed (reported by PHPLizardo)
 * Markup issues are fixed, language files are reviewed (thanks to PunBB translators)
 * Both outdated and obscure notifications are modified