File Release Notes and Changelog
Release Name: v1.5
Notes:
File: README.txt
Date: 2005 Feb. 16
Subject: Welcome to QwikiWiki v1.5!
Thanks for giving QwikiWiki v1.5 a shot.
QwikiWiki comes now with a four-level access control system:
1) Unauthenticated users are given 'guest' privileges, as defined by the
'guestAccount' parameters. By setting ['guestAccount']['read'] to
true, for example, all users will be able to read any page.
2) Users can optionally create individual user accounts. "Authenticated"
users (those who are "logged-in") have individual permissions, which
override the guest permissions. The default permissions assigned to new
accounts are specified in the ['defaultAccount'] settings.
3) In the '/data/_adminData.php' file (in which all the account data is
stored), there is also an 'overridePageArray'. With this array, you can
override the read/write permissions for guest and authenticated users on a
per-page basis. By default, the page named "Home" is overridden to be
readable by everyone, regardless of other permissions.
4) Finally, there is an 'adminAccount' that overrides all other permissions.
When logged in as the administrator, you can access the 'Admin' interface,
in which you can change permissions assigned to individual users.
This release comes with three pre-arranged access control settings. Pick the
one that best describes what you want to do, and adjust from there:
- Public: All users are given read/write access to all pages. This is the
least secure, most permissive of the settings. In the spirit of
openness, this is the default setting.
- Protected: Guest users are allowed to read all pages, but only
authenticated users (ie, those who create an account and log in)
are allowed to edit.
- Private: Guest users are allowed to view the home page, but none others.
Authenticated users can view all pages, but not edit. Only you,
or authenticated users you individually select, can edit.
NOTE: QwikiWiki stores its data "in the clear" in the /data
subdirectory. Thus you must configure your Web-browser
to disallow access from the /data directory in order to
prevent users from bypassing QwikiWiki security and
accessing the files directly. If you are using an Apache
server configured to allow .htaccess, you can accomplish
this by creating a file named ".htaccess" in your /data
directory containing this single line:
Deny from all
Qwikiwiki comes with a "Site Map" and "Page Index" features.
"Site Map" generates a page with the hierarchical structures of the site,
while "Page Index" list all available Qwikiwiki pages.
Also, the encoding of the HTML pages are configurable through a parameter.
This will help users using QwikiWiki in other languages that requires special
character encodings to display the text in the browsers using the correct encodings.
There are several fixes and enhancements.
One of them is the fix that hides the email addresses subscribed to mailinglists.
Also, some little fixes was made to make the generated HTML code more standard compliant.
To install QwikiWiki, simply:
1) Unzip this ZIP file into a PHP-enabled, Web-accessible folder
Note: Feel free to overwrite a previous installation with
the new version and it should automatically pick up
your existing data files. However, you will need
to re-configure _config.php as the old settings will
be overwritten and lost.
2) Open a Web browser and visit 'install.php'
3) Follow the step-by-step instructions to test your environment
Note: If you are installing QwikiWiki on a Unix machine, you
will likely need to create and grant write-access to
your Web server to the subdirectories:
data/
backups/
Note: QwikiWiki stores its data "in the clear" in the /data
subdirectory. Thus you must configure your Web-browser
to disallow access from the /data directory in order to
prevent users from bypassing QwikiWiki security and
accessing the files directly. If you are using an Apache
server configured to allow .htaccess, you can accomplish
this by creating a file named ".htaccess" in your /data
directory containing this single line:
Deny from all
4) Edit '_config.php' to customize to set your admin password and
customize to your liking
5) Drop us a line at qwiki@qwikiwiki.com
Thanks again checking QwikiWiki out, and I look forward to your candid feedback.
qwiki@qwikiwiki.com
Changes:
This file is merely a scratchpad for things that I did (or didn't) do in this release.
To Do:
Done in v1.5
- (2005/2/8) Feature - Implement a security/authetication mechanism
- (2005/2/8) Feature - Implement Page Indexes where all available qwikiwiki pages are displayed
- (2005/2/8) Feature - Implement Site Map functionality
- (2005/2/8) High - .mail files can not read anymore through browser
- (2005/2/8) Medium - add missing <HTML> tag at the begining and end of the html pages and cleanup the html code
- (2005/2/8) Low - encoding can be configured
- (2005/2/8) Medium - Send html mail from mailinglist if it was requested
Done in v1.4.2
- (2005/1/17) Critical - Fix directory traversal vulnerability
- (2005/1/17) Critical - Sanitize the page parameter in order to avoid injection of HTML tags or scripts by an attacker
- (2005/1/17) Medium - Fixed edit problem without login. Actually, after logout the lock file was not deleted, allowing to others from the same machine to edit the page.
- (2005/1/17) Medium - Fixed email address validation.
- (2005/1/17) Medium - Fix: replace the underscore in page name with blank everywhere the page name is displayed.
Done in v1.4.1
- (2004/3/6) - Medium: Add error that attachment was blocked for having the wrong extension
- (2004/3/6) High: Hyphens and underscores in filenames aren't detected
- (2004/3/6) Medium - Fixed broken email address in .php files
- (2004/3/6) Medium - Make mailing list send raw text in broadcast
- (2004/3/6) Medium - Change default mailing list behavior to send on Done
- (2004/3/6) High - Don't overwrite files when copying to data directory
- (2004/3/6) High - Overhaul formatting detection to use lookahead/lookbehind assertions
- (2004/3/6) High - Correctly format underscore text (#RELEASE_NOTES.txt#)
- (2004/3/6) Medium - Eliminate empty formatting blocks (##, **, //)
- (2004/3/6) High - Correctly detect hyphens in email (such as blah@blah-blah.de)
- (2004/3/6) High - Correctly ignore the trailing period in www.sourceforge.net/projects/qwikiwiki.
- (2004/3/6) High - Correctly detect email TLDs
- (2004/3/6) Critical - Fix fopen() in locking function to open for writing
- (2004/3/6) Medium - Add "Where did you learn of Qwiki" to registration
Done in v1.4
- (2004/2/21) High - Delete on Edit page opens in new browser
- (2004/2/21) High - Cookies on multiple installations on the same server conflict
- (2004/2/21) Critical - Writing to file followed by read of file doesn't always produce same results
- (2004/2/21) Low - Replace guitterm style (Paul Fox)
- (2004/2/21) High - Disable new page links when unauthenticated
- (2004/2/20) High - Add mailing-list links
- (2004/2/20) High - Match # in URLs (Melle)
- (2004/2/20) High - Detect non-TLD links in hyperlinks
- (2004/2/20) High - Make <HTML> tag matching case insensitive (Rudy)
- (2004/2/20) Critical - Unlock page on global edit lock doesn't work
- (2004/2/15) Critical - Run installer text through spellchecker
- (2004/2/15) Low - Instructions for shortcutting the install process / manual installation (Paul Fox)
- (2004/2/15) High - Run external text through spellchecker
- (2004/2/15) High - Show valid file extensions in upload help
- (2004/2/15) High - Update QwikiSyntax page
- (2004/2/15) High - Add #code# formatting
- (2004/2/15) Critical - Test on different PHP versions
- (2004/2/15) Medium - Add /italics/ (Paul Fox)
- (2004/2/15) High - Add <table><tr><td> to acceptable tags (Rudy Taraschi)
- (2004/2/15) High - Detect ~ and - in URLs (Melle Koning)
- (2004/2/15) High - Test for Win platform using "php_uname" (Paul Fox)
- (2004/2/15) High - Test new text edit entities form
- (2004/2/15) Critical - Test attachment on Unix
- (2004/2/11) Completely new model for mixing Wiki and HTML code
- (2004/2/11) Medium - Explain where the uploaded file will go (Igor Nikolic)
- (2004/2/11) Medium - Expand discourse on permissions (Igor Nikolic)
- (2004/2/11) Medium - Allow control over which data sent with registration (Igor Nikolic)
- (2004/2/11) High - Remove Daniel from license (Igor Nikolic)
- (2004/2/11) High - Fix <HTML> inserted into QwikiSyntax (Jesse Chisolm)
- (2004/2/11) High - Inline HTML pattern disabling (Rudy Taraschi)
- (2004/2/11) Medium - Make logo GIF configurable (Paul Fox)
- (2004/2/11) High - Update style to work with Mozilla (change titlebox height)
- (2004/2/7) Critical - Test global lock
- (2004/2/7) Critical - Update _config.php text
- (2004/2/7) High - Note when page is already being edited
- (2004/2/7) High - Prevent orphan page creation
- (2004/2/7) High - Update seed data files
- (2004/2/7) High - Allow page-change mailing list disabling
- (2004/2/7) High - Seed data directory with Web privileges
- (2004/2/7) Medium - Add anti-pattern array (items to never qwiki-link)
- (2004/2/7) Medium - Verify mailing list before offering to send
- (2004/2/7) High - Figure out why login/logout no longer works (always logged in)
- (2004/2/7) High - Create recently changed page
- (2004/2/7) Medium - Open external links in other windows; QwikiSyntax in Edit help
- (2004/2/7) High - Show acceptable tags in Edit help
- (2004/2/7) High - Strip disallowed HTML from input
- (2004/2/7) High - Fixed QwikiTags appearing in underscore link
- (2004/2/5) High - Make filenames not be recognized as domain names
- (2004/2/5) High - Allow disabling of HTML email
- (2004/2/4) High - Message templates
- (2004/2/4) High - Finish HTML email
- (2004/2/4) High - Move email templates into separate files
- (2004/2/4) High - Add mass-mailing patterns into messages
- (2004/2/2) High - Put global $QW_ variables into a $QW array
- (2004/2/2) High - Add admin option to password-protect page in edit.php
- (2004/2/2) High - Redo passwords to have a global edit password, and .pass just signals protection
- (2004/2/2) High - Fix broken lock file handling
- (2004/2/2) High - Move global lock into the data directory
- (2004/2/1) Critical - Test mailing lists
- (2004/1/31) Medium - Use error box everywhere necessary
- (2004/1/31) Critical - Test working with disabled file uploading
- (2004/1/31) High - Forgets password on second refresh of index (appears to be related to caching)
- (2004/1/31) High - Search page titles
- (2004/1/31) High - Get rid of '(none)' command list in search page
- (2004/1/31) High - Fix bold on Home page
- (2004/1/30) High - Add (?) to help, and (!) to warning
- (2004/1/30) High - Ignore some.comment
- (2004/1/30) High - Ignore trailing period of implicit WWW pattern
- (2004/1/30) High - Make all block patterns match the EOL
- (2004/1/30) High - Redo bold pattern
- (2004/1/28) High - Make help setting persist across all links
- (2004/1/28) Medium - Add sizes to file manager
- (2004/1/28) High - Create another theme / style
- (2004/1/28) Critical - Make "Blah Blah" page in globalNav create "Blah_Blah.qwiki"
- (2004/1/28) High - Replace command list with rendered list
- (2004/1/28) High - Reenable recent changes and recently viewed
- (2004/1/25) Medium - Use variable functions to simplify template
- (2004/1/25) Medium - Create global nomenclature for QwikiWiki functions
- (2004/1/24) Medium - Regularize wiki styles
- (2004/1/24) High - Remove _config.php
- (2004/1/24) High - Remove _fontLib.php
- (2004/1/24) High - Fix body font to depend on config? Remove config from style?
- (2004/1/24) High - Rearchitect backup -- only backup changes
- (2004/1/24) High - Inheret new directory permissions from parent
- (2004/1/24) High - Work with disabled file uploading
- (2004/1/24) High - Verify lock files
- (2004/1/24) High - Add first run walkthrough / registration
- (2004/1/24) High - Create installation page (version, ACLs, etc.)
- (2004/1/22) Medium - Add link to QwikiSyntax on edit page
- (2004/1/22) Medium - Allow disabling of file attachments
- (2004/1/22) High - Detect email with '-' inside (test-one-two@some.domain)
- (2004/1/22) High - Make work in SAFE_MODE
- (2004/1/22) Medium - Add error box
- (2004/1/22) High - Add help toggle
- (2004/1/22) High - Page change mailing list
- (2004/1/21) High - Search
- (2004/1/20) High - Recreate password inheritance using $FROMPAGE
- (2004/1/20) High - Use template for all screens
- (2004/1/18) Critical - Test edit direct link while unauthenticated
- (2004/1/18) High - CSS for theme specification
- (2004/1/18) High - Add delete page by erasing all content
- (2004/1/18) High - Add Preview button (Save/Done buttons)
- (2004/1/18) High - Reimplement file attachments
- (2004/1/18) High - Split into index / edit / search / etc. specialized pages
- (2004/1/18) High - Make 100% always (Currently only as wide as widest line)
- (2004/1/18) Medium - Make title strip underscores using wikiCleanPageName
- (2004/1/17) Critical - Review user email for showstoppers and requests
- (2004/1/17) High - Protect against invalid HTTP_COOKIE_VARS index
- (2004/1/17) Medium - Add variable page width ('pageWidth' property in _config.php)
- (2004/1/17) High - Stripped slashes from cookies
- (2004/1/17) Cleaned up cookie clearing
- (2004/1/17) Cleaned up print_array to handle invalid arrays
- (2004/1/17) High - Eliminate reliance on undefined variables
Won't Do in v1.4
- Create admin interface
- Choose admin password in installation
- Detect incorrect HTML in edit text?
- Cut short QwikiPage names in recently edited page list
- Add blogging feature?
- Combine _wikiLib.php and _render.php
- Use asserts throughout to improve quality
- Trap all file errors and prettify
- Revisit caching
- Replace all tabs with spaces
- Web statistics service
- Simplify embedded HTML by putting into big strings
- International locales (*früh*, ä, ö, ü,)
- Link to other QwikiWikis
- Document design principles and nomenclature rules
- Encrypted mail files (to obscure email addresses)
- Add draft/production divide
- Add user accounts like Paul Fox
- Add user-selectable skins
- Create wikiTest.php (to test patterns automatically)
- Move library files into separate subdirectory
- Move resource files into separate subdirectory
- Add "Undo" button to recover from backup
- Test HTML email in installer
- Add default/configurable favicon (Paul Fox)
- Allow a single install to power multiple virtual hosts
- Smooth upgrade that keeps existing configuration
- Show list of files attached to the page
About SourceForge
Develop Software
Community
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
