Openads for PostgreSQL (phpPgAds)

File Release Notes and Changelog

Release Name: phpPgAds 2.0.8

Notes:
CRITICAL BUGFIX RELEASE

phpPgAds 2.0.8 was released to fix multiple vulnerabilities that were recently
discovered. The major changes and fixes are:

- Fixed HTML injection and XSS in the login form and banner delivery;
- Updated the documentation adding PDF bookmarks and a new licensing model;
- Many other phpPgAds-only fixes.

Every user is urged to upgrade!

The release contains also some other bug fixes and improvements: see the
changelog for more details.


Changes:
+ Misc changes
  - 2006-01-24:  Added support for MySQL 4.1+ and 5+ running ANSI or strict
                 modes, by explicitly setting the SQL mode  (Matteo)
  - 2006-03-26:  Updated documentation licence and added PDF bookmarks for
                 easier navigation (Niels, Matteo)

+ Misc bugfixes
  * 2005-11-16:  SQL stored banners didn't correctly work with plain remote
                 because wrongly truncated  (Matteo)
  * 2005-11-16:  Reports didn't correctly display the dates  (Matteo)
  * 2005-11-16:  Distribution by size misc stats were broken if a banner area
                 was too big for a smallint  (Matteo)
  * 2005-11-20:  MySQL compatibility functions were not 7.1 compatible and
                 weren't correctly created  (Matteo, thanks to kajetan)
  * 2005-11-20:  The status field in banner-edit.php was wrongly called
                 bannertext and didn't work  (Matteo, thanks to narrator)
  * 2005-11-20:  Advanced zone properties were not working with
                 register_globals off  (Matteo, thanks to Ubqtous)
  - 2005-11-20:  Views and clicks for non exiisting banners were wrongly
                 assigned to an unnamed hidden campaign  (Matteo, thanks to
		 C. Viebrock)
  - 2005-11-20:  Fixed some incompatibilities in SWF converter because of a
                 missing NULL byte  (Matteo)
  - 2005-12-07:  Geotargeting wasn't correctly working when using local
                 invocation inside a PHP function - bug #1374437  (Matteo,
		 thanks to D. Kraft)
  - 2005-12-23:  Fixed possible HTML injection and XSS vulnerability in
                 lib-history.inc.php - bug #1386287  (Matteo)
  - 2006-01-22:  Fixed possible HTML injection and XSS vulnerability in the
                 login form  (Matteo, thanks to V. Khera)
  - 2006-01-23:  Fixed problems in adview.php and lib-view-main.inc.php when
                 no user agent was supplied - bugs #1404174/#1406092  (Matteo)
  - 2006-01-23:  Fixed a bug in the SYSVSHM delivery cache module which
                 prevented it from correctly working - bug #1388635  (Matteo)
  - 2006-03-13:  MySQL 5 compatibility mode wasn't correctly activated during
                 install or upgrade  (Matteo)
  - 2006-03-22:  Duplicating SQL stored banners wasn't duplicating the image -
                 bug #1450612  (Matteo, thanks to B. Franz)
  - 2006-03-22:  Last month/year selections didn't include the last day of the
                 period in the stats screens - bug #1441150  (Matteo)
  - 2006-03-23:  XML-RPC invocation didn't correctly work if the library was
                 included inside a function - bug #1456409  (Matteo)