XOOPS Changelog
============================

12/14/2002: Version 1.3.7
===============================
- Security related fix in private messaging system (pmlite.php)
- Fixed javascript error in edit profile page (edituser.php)
- Fixed signature error in user profile page (userinfo.php)


12/4/2002: Version 1.3.6
===============================
Note: There may be some more changed that we have made other than those listed below.

 - modules/xoopspoll/class/xoopspollrenderer.php

*** 33,35 ****
  function XoopsPollRenderer(&$poll){
! $this->poll = $poll;
  }
--- 33,35 ----
  function XoopsPollRenderer(&$poll){
! $this->poll =& $poll;
  }
***************

- modules/news/article.php
  removed redundant calls to XoopsStory::uname() for optimization
  *** 77,80 ****
  ! if ( $article->uname() ) {
  ! $poster = "<a href='".XOOPS_URL."/userinfo.php?uid=".$article->uid()."'>".$article->uname()."</a>";
    } else {
    $poster = $xoopsConfig['anonymous'];
  --- 78,81 ----
  ! $poster_name = $article->uname();
  ! if ( $poster_name ) {
  ! $poster = "<a href='".XOOPS_URL."/userinfo.php?uid=".$article->uid()."'>".$poster_name."</a>";
    } else {
    $poster = $xoopsConfig['anonymous'];
  ***************
  *** 100,104 ****
  ! if ( $article->uname() ) {
    $boxstuff .= "<strong><big>&middot;</big></strong>&nbsp;<a href='".XOOPS_URL."/userinfo.php?uid=".$article->uid()."'>";
  ! $boxstuff .= sprintf(_NW_NEWSBY,$article->uname());
    $boxstuff .= "</a>";
    }
  --- 102,106 ----
  ! if ( $poster_name ) {
    $boxstuff .= "<strong><big>&middot;</big></strong>&nbsp;<a href='".XOOPS_URL."/userinfo.php?uid=".$article->uid()."'>";
  ! $boxstuff .= sprintf(_NW_NEWSBY,$poster_name);
    $boxstuff .= "</a>";
    }
  ***************

- modules/news/index.php
  removed the 2nd call to XoopsStory::uname() for optimization, since each call to uname() queries the users table

  *** 89,94 ****
    $storycount = NewsStory::countByTopic($xoopsOption['storytopic']);
    foreach ( $sarray as $story ) {
  ! if ( $story->uname() != false ) {
  ! $poster = "<a href='".XOOPS_URL."/userinfo.php?uid=".$story->uid()."'>".$story->uname()."</a>";
    } else {
    $poster = $xoopsConfig['anonymous'];
  --- 90,96 ----
    $storycount = NewsStory::countByTopic($xoopsOption['storytopic']);
    foreach ( $sarray as $story ) {
  ! $poster = $story->uname();
  ! if ( $poster != false ) {
  ! $poster = "<a href='".XOOPS_URL."/userinfo.php?uid=".$story->uid()."'>".$poster."</a>";
    } else {
    $poster = $xoopsConfig['anonymous'];
  ***************



- class/xoopsgroup.php (onokazu)
  *** 171 ****
  ! function getByUser($user, $asobject=false){
  --- 171 ----
  ! function getByUser(&$user, $asobject=false){
  ***************
  *** 263 ****
  ! function addMember($user){
  --- 263 ----
  ! function addMember(&$user){
  *************** 

- class/xoopsuser.php (onokazu)
  *** 272,276 ****
    function isAdmin($moduleid=0){
  ! $groups = $this->groups();
  ! if ( XoopsGroup::checkRight("module", $moduleid, $groups, "A") ) {
    return true;
    }
  --- 272,278 ----
    function isAdmin($moduleid=0){
  ! if ( empty($this->groups) ) {
  ! $this->groups =& $this->groups();
  ! }
  ! if ( XoopsGroup::checkRight("module", $moduleid, $this->groups, "A") ) {
    return true;
    }
  ***************
  *** 305,308 ****
  ! function groups(){
  ! $this->groups = XoopsGroup::getByUser($this);
  ! return $this->groups;
    }
  --- 305,307 ----
  ! function &groups(){
  ! return XoopsGroup::getByUser($this);
    }
  *************** 

- edituser.php (onokazu)
  Switched normal textarea to use DHTML in user signature field
  *** 108,110 ****
    $sig_tray = new XoopsFormElementTray(_US_SIGNATURE, "<br />");
  ! $sig_tarea = new XoopsFormTextArea("", "user_sig", $xoopsUser->getVar("user_sig", "E"));
    $sig_tray->addElement($sig_tarea);
  --- 108,111 ----
    $sig_tray = new XoopsFormElementTray(_US_SIGNATURE, "<br />");
  ! include_once("include/xoopscodes.php");
  ! $sig_tarea = new XoopsFormDhtmlTextArea("", "user_sig", $xoopsUser->getVar("user_sig", "E"));
    $sig_tray->addElement($sig_tarea);
  ***************

- class/xoopsform/formdhtmltextarea.php (onokazu)
  Added missing argument in constructor
  *** 28,33 ****
    class XoopsFormDhtmlTextArea extends XoopsFormTextArea {
  
  ! function XoopsFormDhtmlTextArea($caption, $name, $rows=5, $cols=50){
  ! $this->XoopsFormTextArea($caption, $name, $rows, $cols);
    }
  
  --- 28,33 ----
    class XoopsFormDhtmlTextArea extends XoopsFormTextArea {
  
  ! function XoopsFormDhtmlTextArea($caption, $name, $values, $rows=5, $cols=50){
  ! $this->XoopsFormTextArea($caption, $name, $values, $rows, $cols);
    }
  ***************

- modules/newbb/class/class.forumpost.php (onokazu)
  No more HTML allowed in user signature. Only xoops codes and smileys allowed.
  *** 500,502 ****
    if ( $allow_sig == 1 && $this->attachsig() != "" && $poster->attachsig() == 1 ) {
  ! $text .= "<p><br />_________________<br />". $poster->user_sig()."</p>";
    }
  --- 500,503 ----
    if ( $allow_sig == 1 && $this->attachsig() != "" && $poster->attachsig() == 1 ) {
  ! $myts =& MyTextSanitizer::getInstance();
  ! $text .= "<p><br />_________________<br />". $myts->makeTareData4Show($poster->getVar("user_sig", "N"),0,1,1)."</p>";
    }

- userinfo.php (onokazu)
  No more HTML allowed in user signature and bio. Only xoops codes and smileys allowed.
  *** 121,123 ****
    echo "</td></tr><tr valign='top' class='bg3'><td><b>"._US_EXTRAINFO.":</b></td><td>";
  ! echo $thisUser->getVar("bio");
    echo "</td></tr></table></td></tr></table></td>";
  --- 121,123 ----
    echo "</td></tr><tr valign='top' class='bg3'><td><b>"._US_EXTRAINFO.":</b></td><td>";
  ! echo $myts->makeTareaData4Show($thisUser->getVar("bio", "N"),0,1,1);
    echo "</td></tr></table></td></tr></table></td>";
  ***************
  *** 133,136 ****
    echo "<tr valign='top' class='bg1'><td><b>"._US_LASTLOGIN.":</b></td><td align='center'>".formatTimestamp($date,"m")."</td></tr>\n";
    }
  ! echo "</table></td></tr></table><br /><table border='0' cellpadding='0' cellspacing='0' align='center' valign='top' width='80%'><tr><td class='bg2'><table border='0' cellpadding='4' cellspacing='1' width='100%'><tr valign='top' class='bg1'><td colspan='2' align='center'><b>"._US_SIGNATURE."</b></td></tr><tr valign='top' class='bg3'><td>".$thisUser->getVar("user_sig")."</td></tr></table></td></tr></table></td></tr></table></div>";
    } else {
  --- 133,136 ----
    echo "<tr valign='top' class='bg1'><td><b>"._US_LASTLOGIN.":</b></td><td align='center'>".formatTimestamp($date,"m")."</td></tr>\n";
    }
  ! echo "</table></td></tr></table><br /><table border='0' cellpadding='0' cellspacing='0' align='center' valign='top' width='80%'><tr><td class='bg2'><table border='0' cellpadding='4' cellspacing='1' width='100%'><tr valign='top' class='bg1'><td colspan='2' align='center'><b>"._US_SIGNATURE."</b></td></tr><tr valign='top' class='bg3'><td>".$myts->makeTareaData4Show($thisUser->getVar("user_sig"),0,1,1)."</td></tr></table></td></tr></table></td></tr></table></div>";
    } else {
  ***************


- modules/newbb/viewtopic.php, modules/newbb/viewforum.php, modules/newbb/search.php (onokazu)
  Moved contents in include("page_header.php") to respective files

- class/module.textsanitizer.php (onokazu)
  *** 136,137 ****
  ! $patterns[] = "/\[email]([^\"]*)\[\/email\]/sU"; 
    $replacements[] = "<a href='mailto:\\1'>\\1</a>"; 
  --- 136,137 ----
  ! $patterns[] = "/\[email]([^\"']*)\[\/email\]/sU"; 
    $replacements[] = "<a href='mailto:\\1'>\\1</a>"; 
  ***************
  *** 146,148 ****
  ! $patterns[] = "/\[img align=(['\"]?)(left|right)\\1]([^\"\(\)\?\&]*)\[\/img\]/sU";
    $replacements[] = "<img src='\\3' align='\\2' alt'/' />";
  ! $patterns[] = "/\[img]([^\"\(\)\?\&]*)\[\/img\]/sU";
  --- 146,148 ----
  ! $patterns[] = "/\[img align=(['\"]?)(left|right)\\1]([^\"\(\)\?\&']*)\[\/img\]/sU";
    $replacements[] = "<img src='\\3' align='\\2' alt'/' />";
  ! $patterns[] = "/\[img]([^\"\(\)\?\&']*)\[\/img\]/sU";
  ***************


- module/newbb/page_tail.php (onokazu)
  removed the file
  removed codes accordingly from the following files:
    edit.php(96): 	include("page_tail.php");
    functions.php(276): 	 include("page_tail.php");
    index.php(226): include(XOOPS_ROOT_PATH."/modules/newbb/page_tail.php");
    newtopic.php(85): 	include("page_tail.php");
    post.php(97): 		include("page_tail.php");
    reply.php(110): 	include("page_tail.php");
    search.php(163): include('page_tail.php');
    topicmanager.php(258): include('page_tail.php');
    viewforum.php(288): include('page_tail.php');
    viewtopic.php(238): include("page_tail.php");
    admin/admin_forums.php(156): 	 include('page_tail.php');
    admin/admin_forums.php(840): include('../page_tail.php');
    admin/admin_priv_forums.php(335): include('../page_tail.php');
    admin/index.php(56): include('../page_tail.php');

- modules/newbb/functions.php (onokazu)
  removed unused functions. smile(), does_exist(), get_forum_name()

- modules/xoopsfaq/include/search.php (onokazu)
  Changed the search to return an empty array when user id is specified, so as to avoid error messages in the user profile page


- class/upload.class.php (Half-Dead)
  Broken avatar if non lowercase extension
  Note: Any files uploaded with upload.class now have lowercase extensions.

	line 453, changed:
    -------------------------------
	return $func($this->uploadFile, $this->uploadPath . "/" . $this->destinationFileName.".".$ext);
    -------------------------------

	to:
    -------------------------------
	return $func($this->uploadFile, $this->uploadPath . "/" . $this->destinationFileName.".".strtolower($ext));
    -------------------------------

- modules/quotes/blocks/quotes.php (onokazu)
  Removed <small> tags

- modules/news/archive.php (onokazu)
  Fixed bug where unpublished news get displayed when selecting current month
   After line 125, added
   $monthend = ($monthend > time()) ? time() : $monthend;

- modules/mylinks/admin/index.php (Half-Dead)
    Added a edit button to reported broken links & made the verification open in a new window instead of leaving the site.

function listBrokenLinks()

	line 366, changed:
    -------------------------------
	<td><b>" ._MD_IGNORE."</b></td>
    -------------------------------
	to:
	<td><b>" ._MD_IGNORE."</b></td>
	<td><b>" ._EDIT."</b></td>
    -------------------------------

	line 379, changed:
    -------------------------------
	echo "<tr><td bgcolor=$colorswitch><a href=$url>$title</a></td>";
    -------------------------------
	to:
    -------------------------------
	echo "<tr><td bgcolor=$colorswitch><a href=$url target='_blank'>$title</a></td>";
    -------------------------------

	line 390, changed:
    -------------------------------
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=ignoreBrokenLinks&lid=$lid" , "X");
	echo "</td>";
	echo "<td align='center' bgcolor='$colorswitch'>\n";
	echo myTextForm("index.php?op=delBrokenLinks&lid=$lid" , "X");
	echo "</td></tr>\n";
    -------------------------------
	to:
    -------------------------------
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=ignoreBrokenLinks&lid=$lid" , "X");
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=modLink&lid=$lid" , "X");
	echo "</td><td align='center' bgcolor='$colorswitch'>\n";
	echo myTextForm("index.php?op=delBrokenLinks&lid=$lid" , "X");
	echo "</td></tr>\n";
    -------------------------------


- modules/mydownloads/admin/index.php (Half-Dead)
    Added a edit button to reported broken links & made the verification open in a new window instead of leaving the site.

function listBrokenDownloads()

	line 388, changed:
    -------------------------------
	<td><b>" ._MD_IGNORE."</b></td>
    -------------------------------
	to:
    -------------------------------
	<td><b>" ._MD_IGNORE."</b></td>
	<td><b>" ._EDIT."</b></td>
    -------------------------------

	line 401, changed:
    -------------------------------
	echo "<tr><td bgcolor=$colorswitch><a href=$url>$title</a></td>";
    -------------------------------
	to:
    -------------------------------
	echo "<tr><td bgcolor=$colorswitch><a href=$url target='_blank'>$title</a></td>";
    -------------------------------

	line 413, changed:
    -------------------------------
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=ignoreBrokenDownloads&lid=$lid" , "X");
	echo "</td>";
	echo "<td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=delBrokenDownloads&lid=$lid" , "X");
	echo "</td></tr>\n";
    -------------------------------
	to:
    -------------------------------
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=ignoreBrokenDownloads&lid=$lid" , "X");
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=modDownload&lid=$lid" , "X");
	echo "</td><td bgcolor='$colorswitch' align='center'>\n";
	echo myTextForm("index.php?op=delBrokenDownloads&lid=$lid" , "X");
	echo "</td></tr>\n";



- include/xoopscodes.php (onokazu)
    renamed validate() and added codes to disable submit button once pressed
    -------------------------------
    function xoopsValidate(subjectId, textareaId, submitId) {
	var maxchars = 65535;
	var subjectDom = xoopsGetElementById(subjectId);
	var textareaDom = xoopsGetElementById(textareaId);
	var submitDom = xoopsGetElementById(submitId);
	if (textareaDom.value == "" || subjectDom.value == "") {
		alert("<?php echo _PLZCOMPLETE;?>");
		return false;
	}
	if (maxchars != 0) {
		if (textareaDom.value.length > maxchars) {
			alert("<?php echo _MESSAGETOOLONG;?>\n\n<?php echo _ALLOWEDCHAR;?>" + maxchars + "\n<?php echo _CURRCHAR;?>" + textareaDom.value.length + "");
			textareaDom.focus();
			return false;
		} else {
			submitDom.disabled = true;
			return true; 
		}
	} else {
		submitDom.disabled = true;
		return true;
	}
    }
    -------------------------------

- include/commentform.php (onokazu)
    changed line 27
    -------------------------------
    echo "<table><tr><td><form action='postcomment.php' method='post' id='commentform' onsubmit='return validate(\"subject\", \"message\");'><br /><br /><b>". _YOURNAME .":</b>&nbsp;";
    -------------------------------
    to:
    -------------------------------
    echo "<table><tr><td><form action='postcomment.php' method='post' id='commentform' onsubmit='return xoopsValidate(\"subject\", \"message\", \"comment_submit\");'><br /><br /><b>". _YOURNAME .":</b>&nbsp;";
    -------------------------------

    changed line 94
    -------------------------------
    <input type='submit' value='". _GO ."' />
    -------------------------------
    to:
    -------------------------------
    <input type='submit' value='". _GO ."' id='comment_submit'/>
    -------------------------------

- modules/news/storyform.php (onokazu)
    changed line 26
    -------------------------------
    <form action='<?php echo $submit_page;?>' method='post' id='storyform' onsubmit='return validate("subject", "message");'>
    -------------------------------
    to:
    -------------------------------
    <form action='<?php echo $submit_page;?>' method='post' id='storyform' onsubmit='return xoopsValidate("subject", "message", "news_submit");'>
    -------------------------------

    changed line 79
    -------------------------------
    echo "<input type='submit' value='"._NW_GO."' />\n";
    -------------------------------
    to:
    -------------------------------
    echo "<input type='submit' value='"._NW_GO."' id='news_submit' />\n";
    -------------------------------

- modules/newbb/include/forumform.inc.php (onokazu)
    changed line 15
    -------------------------------
    echo "</tr><tr class='bg1' align='left'><form action='post.php' method='post' name='forumform' id='forumform' onsubmit='return validate(\"subject\", \"message\");'><td width='25%' valign='top' style='white-space: nowrap;'><b>". _MD_YOURNAME ."</b></td><td>";
    -------------------------------
    to:
    -------------------------------
    echo "</tr><tr class='bg1' align='left'><form action='post.php' method='post' name='forumform' id='forumform' onsubmit='return xoopsValidate(\"subject\", \"message\", \"contents_submit\");'><td width='25%' valign='top' style='white-space: nowrap;'><b>". _MD_YOURNAME ."</b></td><td>";
    -------------------------------

- modules/newbb/post.php (onokazu)
  Changed preview/submit selection box to separate buttons
    changed line 75
    -------------------------------
    if ( $HTTP_POST_VARS['op'] == "preview" ) {
    -------------------------------
    to:
    -------------------------------
    if ( !empty($HTTP_POST_VARS['contents_preview']) ) {
    -------------------------------

- modules/newbb/include/forumform.inc.php (onokazu)
  Changed preview/submit selection box to separate buttons
    changed line 145-150
    -------------------------------
    <select name='op'>
<option value='preview' selected='selected'>". _MD_PREVIEW ."</option>
<option value='post'>". _MD_POST ."</option>
</select>
<input type='submit' value='". _MD_SUBMIT ."' id='sumitbutton' />&nbsp;";
echo "<input type='button' onclick='location=\"";
    -------------------------------
    to:
    -------------------------------
    <input type='submit' name='contents_preview' value='"._PREVIEW."' />&nbsp;<input type='submit' name='contents_submit' value='"._SUBMIT."' />
    -------------------------------

- modules/ephemerides/blocks/ephemerides.php (onokazu)
  Fixed "One Day like Today..." message always showing up

- modules/ephemerides/admin/index.php (onokazu)
  Fixed wrong link to deleting ephemerides
    changed line 109
    -------------------------------
    echo myTextForm("index.php?op=Ephemeridsedit&eid=$eid&did=$did&mid=$mid",_AM_DELETE);
    -------------------------------
    to:
    -------------------------------
    echo myTextForm("index.php?op=Ephemeridsdel&eid=$eid&did=$did&mid=$mid",_AM_DELETE);
    -------------------------------




9/26/2002: Version 1.0 RC3.0.5
=============================
- modules/news/submit.php
- modules/news/postcomment.php
- modules/xoopspoll/postcomment.php
- modules/system/admin/preferences/preferences.php
- modules/system/admin/preferences/main.php
- class/xoopsobject.php
- class/xoopscomment.php
  added security and possible bug fixes to always disable html input by users


7/9/2002: Version 1.0 RC3.0.4
=============================
- modules/system/admin/users/main.php
  fixed obscure inclusion path
    change line 5
    -------------------------------
    include_once("admin/users/users.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/users/users.php");
    -------------------------------

- modules/system/admin/userrank/main.php
  fixed obscure inclusion path
    change line 5
    -------------------------------
    include_once("admin/userrank/userrank.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/userrank/userrank.php");
    -------------------------------

- modules/system/admin/smilies/main.php
  fixed obscure inclusion path
    change line 2
    -------------------------------
    include_once("admin/smilies/smilies.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/smilies/smilies.php");
    -------------------------------

- modules/system/admin/modulesadmin/main.php
  fixed obscure inclusion path
    change line 5
    -------------------------------
    include_once("admin/modulesadmin/modulesadmin.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/modulesadmin/modulesadmin.php");
    -------------------------------

- modules/system/admin/metafooter/main.php
  fixed obscure inclusion path
    change line 5
    -------------------------------
    include_once("admin/metafooter/metafooter.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/metafooter/metafooter.php");
    -------------------------------

- modules/system/admin/mailusers/main.php
  fixed obscure inclusion path
    change line 2
    -------------------------------
    include_once("admin/mailusers/mailusers.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/mailusers/mailusers.php");
    -------------------------------

- modules/system/admin/groups/main.php
  fixed obscure inclusion path
    change line 5
    -------------------------------
    include_once("admin/groups/groups.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/groups/groups.php");
    -------------------------------

- modules/system/admin/filter/main.php
  fixed obscure inclusion path
    change line 2
    -------------------------------
    include ("admin/filter/filter.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/filter/filter.php");
    -------------------------------

- modules/system/admin/blocksadmin/main.php
  fixed obscure inclusion path
    change line 3
    -------------------------------
    include ("admin/blocksadmin/blocksadmin.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/blocksadmin/blocksadmin.php");
    -------------------------------

- modules/system/admin/banners/main.php
  fixed obscure inclusion path
    change line 3
    -------------------------------
    include ("admin/banners/banners.php");
    -------------------------------
    to
    -------------------------------
    include_once(XOOPS_ROOT_PATH."/modules/system/admin/banners/banners.php");
    -------------------------------

- modules/system/admin/preferences/main.php
  fixed obscure inclusion path
    change line 6
    -------------------------------
    include ("admin/preferences/preferences.php");
    -------------------------------
    to
    -------------------------------
    include (XOOPS_ROOT_PATH."/modules/system/admin/preferences/preferences.php");
    -------------------------------

- modules/xoopsfaq/admin/index.php
  fixed bug where form submit button not displayed in category list page
    change $count to $faq_count on line 71, 76
    change colspan='3' to colspan='4' on line 81
    change COUNT(*) to COUNT(f.category_id) on line 69

- modules/news/article.php
    change line 26
    -------------------------------
    $story_id = (!empty($story_id)) ? intval($story_id) : 0;
    -------------------------------
    to
    -------------------------------
    $storyid = (!empty($storyid)) ? intval($storyid) : 0;
    -------------------------------

- modules/xoopsfaq/include/search.inc.php
    change line 34
    -------------------------------
    $sql .= "ORDER BY contents_id DESC";
    -------------------------------
    to
    -------------------------------
    $sql .= " ORDER BY contents_id DESC";
    -------------------------------

- register.php
    change line 134
    -------------------------------
    <input type='hidden' name='timezone_offset' value='".settype($timezone_offset, "double")."' />
    -------------------------------
    to
    -------------------------------
    <input type='hidden' name='timezone_offset' value='".(float)$timezone_offset."' />
    -------------------------------

    change line 124
    -------------------------------
    $url = formatURL($url);
    -------------------------------
    to
    -------------------------------
    $url = formatURL($myts->makeTboxData4Preview($url));
    -------------------------------

- modules/mydownloads/brokenfile.php
   change line 35
    -------------------------------
    $lid = intval($HTTP_POST_VARS['lid'];
    -------------------------------
    to
    -------------------------------
    $lid = intval($HTTP_POST_VARS['lid']);
    -------------------------------

- class/xoopslists.php
   lines 44, 64
   remove the following codes
    -------------------------------
    $dirname = str_replace(".", "", $dirname);
    -------------------------------


6/29/2002: Version 1.0 RC3.0.3
=============================
- Security related fixes

- class/module.textsanitizer.php
  - removed all $text = preg_replace("/&amp;/i", "&", $text); and added $text = str_replace("&amp;", "&", $text); under function oopsHtmlSpecialChars()

- modules/system/admin/users/main.php
  - fixed bug where user password was encrypted twice when adding user from the user admin page (thanks to MaxIT)
    remove line 81
    -------------------------------
    $pass = md5($pass);
    -------------------------------

- modules/xoopspoll/xoopspolllog.php
  - fixed bug where users with same IP cannot vote (thanks to Dr.Cheap)
    change lines 97-100
    -------------------------------
    $sql = "SELECT COUNT(*) FROM ".$db->prefix("xoopspoll_log")." WHERE poll_id=".$poll_id." AND (ip='".$ip."'";
    if ( !empty($user_id) ) {
        $sql .= " OR user_id=".$user_id."";
    }
    -------------------------------
    to
    -------------------------------
    $sql = "SELECT COUNT(*) FROM ".$db->prefix("xoopspoll_log")." WHERE
poll_id=".$poll_id." AND";
    if ( !empty($user_id) ) {
        $sql .= " user_id=".$user_id."";
    } else {
        $sql .= " ip='".$ip."'";
    }
    -------------------------------

- register.php
  - 2nd argument "float" in settype() supported only above 4.2.0.
    change line 134
    -------------------------------
    <input type='hidden' name='timezone_offset' value='".settype($timezone_offset, "float")."' />
    -------------------------------
    to
    -------------------------------
    <input type='hidden' name='timezone_offset' value='".$myts->makeTboxData4PreviewInForm($timezone_offset)."' />
    -------------------------------

- modules/mylinks/viewcat.php
  - fixed bug where page nav not showing when the number of items are 10,20,..
    delete lines 122-124
    -------------------------------
    if ($numrows % $show == 0) {
       $linkpages = $linkpages-1;
    }
    -------------------------------

- modules/mydownloads/viewcat.php
  - fixed bug where page nav not showing when the number of items are 10,20,..
    delete lines 129-131
    -------------------------------
    if ($numrows % $show == 0) {
       $downloadpages = $downloadpages - 1;
    }
    -------------------------------


6/25/2002: Version 1.0 RC3.0.2
==============================
- Many bug fixes! ;-)

- modules/newbb/config.php
 fixed lastvisit cookie in forums not being set correctly
 --------------------------------
 $bbCookie['domain'] = "";
 $bbCookie['path'] = str_replace(basename($GLOBALS['PHP_SELF']),"",$GLOBALS['PHP_SELF']);
 --------------------------------

- class/xoopscomments.php line 244
 fixed missing "From" text in poster info of comments block
 changed
 --------------------------------
 $user_from = $poster->getVar("user_from");
 --------------------------------
 to
 --------------------------------
 $user_from .= $poster->getVar("user_from");
 --------------------------------

- modules/news/submit.php lines 89-90
 changed
 --------------------------------
 $story->store();
 if ($xoops_newsConfig['notifysubmit']) {
 --------------------------------
 to
 --------------------------------
 $result = $story->store();
 if ($result && $xoops_newsConfig['notifysubmit'] == 1) {
 --------------------------------

- class/xoopsstory.php line 167
 added
 --------------------------------
 return true;
 --------------------------------

- modules/system/admin/groups/groups.php
 modified codes in modifyGroup() for faster loading of page
 added textsanitizer in modifyGroup()

- modules/system/admin.php line 26
 changed
 --------------------------------
 $fct = isset($HTTP_POST_VARS['fct']) ? $HTTP_POST_VARS['fct'] : $HTTP_GET_VARS['fct'];
 --------------------------------
 to
 --------------------------------
 if (isset($HTTP_POST_VARS['fct'])) {
    $fct = $HTTP_POST_VARS['fct'];
 }
 if (isset($HTTP_GET_VARS['fct'])) {
    $fct = $HTTP_GET_VARS['fct'];
 }
 --------------------------------

- edituser.php lines 241,242,247,248
 removed
 --------------------------------
 241 $upload_hidden = new XoopsFormHidden("uploadFileName[0]", "avatarfile");
 242 $counter_hidden = new XoopsFormHidden("fieldCounter", 1);
 247 $form->addElement($upload_hidden);
 248 $form->addElement($counter_hidden);
 --------------------------------

- class/xoopsform/formfile.php line 42
 changed
 --------------------------------
 return "<input type='hidden' name='MAX_FILE_SIZE' value='".$this->getMaxFileSize()."' /><input type='file' name='".$this->getName()."' id='".$this->getName()."'".$this->getExtra()." />";
 --------------------------------
 to
 --------------------------------
 return "<input type='hidden' name='MAX_FILE_SIZE' value='".$this->getMaxFileSize()."' /><input type='file' name='".$this->getName()."' id='".$this->getName()."'".$this->getExtra()." /><input type='hidden' name='xoops_upload_file[]' id='xoops_upload_file[]' value='".$this->getName()."' />";
 --------------------------------

- edituser.php line 266
 changed
 --------------------------------
 $field = $GLOBALS['uploadFileName'][0];
 --------------------------------
 to
 --------------------------------
 $field = $GLOBALS['xoops_upload_file'][0];
 --------------------------------

- edituser.php line 275
 added
 --------------------------------
 $upload->setUploadFileNamesArrName("xoops_upload_file");
 --------------------------------

- class/upload.class.php
 made some changes to function doUpload()

- class/upload.class.php
 added
 --------------------------------
 function setUploadFileNamesArrName($value){
      $this->uploadFileNamesArrName = trim($value);
 }
 --------------------------------

- edituser.php line 235
 removed duplicate include() calls to class xoopsforloader.php
 removed
 --------------------------------
 include_once("class/xoopsformloader.php");
 --------------------------------

- include/registerform.php line 29
 fixed bug blank.gif not being the default avatar image for new users
 changed
 --------------------------------
 $user_avatar = isset($HTTP_POST_VARS['user_avatar']) ? $HTTP_POST_VARS['user_avatar'] : "";
 --------------------------------
 to
 --------------------------------
 $user_avatar = isset($HTTP_POST_VARS['user_avatar']) ? $HTTP_POST_VARS['user_avatar'] : "blank.gif";
 --------------------------------

- class/xoopsmailer.php line 187
 changed
 --------------------------------
 $this->body = str_replace("\r", $this->LE, $this->body);
 --------------------------------
 to
 --------------------------------
 $this->body = str_replace("\n", $this->LE, $this->body);
 --------------------------------

- modules/news/postcomment.php line 32
 fixed bug where registered users could not edit comments
 changed
 --------------------------------
 if ( $artcomment->getVar("uid") != $xoopsUser->getVar("uid") ) {
 --------------------------------
 to
 --------------------------------
 if ( $artcomment->getVar("user_id") != $xoopsUser->getVar("uid") ) {
 --------------------------------


6/17/2002: Version 1.0 RC3.0.1
=======================
- modules/system/admin/filter.php line31
  fixed include path for filterform.php

- modules/newbb/class/class.forumposts.php line 453
  function is_topic()
  changed
  $this->db->query($sql);
  to
  $r = $this->db->query($sql);

- modules/system/admin/users/user.php line 85
  changed
  $timezone_value = $user->getVar("timezone");
  to
  $timezone_value = $user->getVar("timezone_offset");

- modules/system/admin.php
  fixed some include paths

- modules/system/admin/groups/main.php line 47
- modules/system/admin/groups/groups.php line 138
  fixed bug where group created message appears when it actually fails

- search.php line 68
  fixed some ambiguous codes

- modules\news\language\english\admin.php:
  fixed typo in define("_AM_STORYID","Stoty ID");

- modules/system/language/english/admin/mailusers.php
  added define("_AM_SENDTOUSERS2","Send to:");
- modules/system/admin/mailusers/mailform.php line 13
  changed
  _AM_SENDTOUSERS
  to
  _AM_SENDTOUSERS2

- class/xoopsmailer.php
  added missing properties
  cleaned up some codes

- modules/news/print.php
  removed call to notes() method
  added $xoopsModule global declaration

- modules/sections/index.php
  added $xoopsTheme global declaration

- class/xoopsuser.php line 227
- register.php line 174,175
  fixed bug default comment order and comment mode not set upon new user registration

- userinfo.php
  cleaned up some codes

- edituser.php line 192-194
  fixed bug where users could not delete website URL

- include/cp_functions.php
  fixed some HTML tags in xoops_cp_header()

- modules/headlines/admin/index.php
- modules/headlines/blocks/headlines.php
  codes cleanup

- class/xoopsgroups.php line 126,137-139 -- commented out
  fixed bug making a query to a table that does not exist in RC3

- modules/mydownloads/admin/index.php line 623
  changed
  ----------------------------------------
  <input type=hidden name=cid value=$cid>
  ----------------------------------------
  to
  ----------------------------------------
  <br />"._MD_PARENT."&nbsp;";
  $mytree->makeMySelBox("title", "title", $pid, 1, "pid");
  echo "<input type='hidden' name='cid' value='$cid'>
  ----------------------------------------

  changed
  ----------------------------------------
  $xoopsDB->query("UPDATE ".$xoopsDB->prefix("mydownloads_cat")." SET title='$title', imgurl='$imgurl' where cid=$cid") or $eh->show("0013");
  ----------------------------------------
  to
  ----------------------------------------
  $xoopsDB->query("UPDATE ".$xoopsDB->prefix("mydownloads_cat")." SET title='$title', imgurl='$imgurl', pid='$sid' where cid=$cid") or $eh->show("0013");
  ----------------------------------------
  for adding parent category selection box

- modules/mydownloads/admin/index.php line 604
  changed
  ----------------------------------------
  $mytree->makeMySelBox("title", "title", $pid, 1, pid);
  ----------------------------------------
  to
  ----------------------------------------
  $mytree->makeMySelBox("title", "title", $pid, 1, "pid");
  ----------------------------------------


6/1/2002: Version 1.0 RC3.0.0
=======================

Sorry, there were actually more changes than listed below. ;-)

Preferences
 - Added option to change all users' theme (onokazu)
 - Added custom avatar settings (onokazu)


Forums
 - Each forum will have its own forum options (allow html, posts per page, etc). (Goghs)
 - Database optimization (Goghs)
 - Each thread in the forum will have its own last view timestamp saved in cookies (onokazu)

Visitors2
 - Removed many variables in config file of module visitor 2 and use standard XOOPS core variables instead.  (Goghs)
 - modules/visitor2/include/header.inc.php and footer.inc.php removed.  (Goghs)
 - Deleted modules/visitor2/include/db/ directory and db_mysql.php under it. We use XOOPS own database layer now which makes it obsoletely and useless.(Goghs)

Avatars
 - Custom avatars (onokazu)
 - Sub directories can be created under images/avatar/, which may be useful for categorizing avatar images. There will be a separate avatar popup window for each directories. (onokazu)


Module Administration
 - Redesigned for better usability (onokazu)
 - Modules now installed from phpMyAdmin sql dump file (onokazu)
 - Module deletion will delete its module tables (onokazu)
 - Activate/deactivate modules will not delete record from modules table
from now on..only isactive flag will be turned on/off (onokazu)
 - Modules in the main menu can be now reordered with a click! (onokazu)
 - Added XoopsModule::moduleExists() method to check if a certain module is already installed (onokazu)

Block Administration
 - Redesigned for better usability (onokazu)

Group Administration
 - Added blocks permission for each user group (onokazu)

Database
 - Changed field names to more readbale name (ex. tid in comments table to comment_id) (onokazu)
 - Added more index for faster query execution (onokazu)

Miscellaneous
 - Removed getenv() functions due to some servers not properly returning env variables (onokazu)
 - $xoopsDB and $myts(now a global variable) now instantiated through Database::getInstance() and MyTextSanitizer::getInstance() methods respectively. (onokazu)
 - Removed unnecessary inclusion of textsanitizer class file and instantiation thereof (onokazu)
 - Fixed bugs and added more methods in class/xoopslists.php (onokazu)
 - Revamped the admin section (onokazu)
 - Redesigned many HTML form pages using XoopsForm class library (register.php, edituser.php, etc). The XoopsHtmlForm class is deprecated. (onokazu)
 - XoopsUser::rank(true) now returns rank id in addition to rank title and image (onokazu)
 - Added xoops_header() and xoops_footer() functions (onokazu)
 - Added xoops_cp_header() and xoops_cp_footer() functions for admin sections (onokazu)
 - Created include/cp_functions.php which contains various functions used in admin sections (onokazu)
 - Added a new admin module, Mailusers module, with which you can send message via email and/or PM to selected users. The users can be selected by certain criteria, for example, send message to only inactive users, last login was more than 10 days ago, etc. (onokazu)
 - Added a new class XoopsMailer, used in the Mailusers module under system module (onokazu)
 - Added a new class XoopsPM, which will handle all operations on private messages (onokazu)
 - mails sent upon registration or lost pwd request, and recommend to friend mail are now customizable by editing the template files used for each mail  (onokazu)
 - Moved Last seen module into Whos online module.  (onokazu)
 - Removed 'users_status' table, and its fields combined with the 'users' table. (onokazu)
 - Added userTimeToServerTime() function to functions.php, which calculates the value of server timestamp from user timezone timestamp (onokazu)
 - Any time format (used in php date() function ) can now be supplied to formatTimestamp() function as 2nd argument (onokazu)
 - added html special characters handling function in MyTextSanitizer::makeTareaData4PreviewInForm() for proper space character processing (onokazu)
 - Added xoopsCheckAll() function in xoopsjs.php, removed checkAll() and checkCheckAll() functions from viewpmsg.php (onokazu)


2/9/2002: Version 1.0 RC2.0.1
=======================
- Fixed memberslist module paging error
- Fixed nav bar in forums not displayed after posting
- Forum moderators can now edit/delete posts
- Fixed first selection of polls not displayed
- Fixed sections module query error
- Fixed visitors module admin section cannot export data


February 2002: Version 1.0 RC2
=======================
- CSS (Cross Site Script) attack patches (JM)
- Admins can hide/display news topic images for each story, and select their display position (right or left).
- XOOPS codes (similar to bbcodes) are now introduced. All HTML tags in user posts should now be disabled so as to enhance security.
- Notes field for each news story depricated
- Some cosmetic fixes in forums module
- Deletion of each forum post is now enabled
- Shows "online" status of each poster in forum posts, comments
- "New posts", reply links in forums are now not displayed to those that dont have the appropirate right
- IP address of each poster is now displayed to the admins/moderators by moving the mouse over IP icons
- Recent Discussions block can be displayed in a smaller size so as to fit inside sideblocks
- In Stats module, xoops db layer is now used instead of the original Visituers db layer
- Split the news/polls comments sections into small files
- Comments now have completely the same look as forum posts, using same functions
- $xoopsTheme variables are now replaced with CSS class
- Themeindex() and themearticle() merged to themenews()
- Added themesidebox_right() for right blocks (if this function does not exist in theme.php, themesidebox() will be used)
- When activating a module, admin/access rights are granted automatically to admin groups to which the admin who has activated the module belongs
- Fixed mydownloads/mylinks general settings not saved bug
- Install script will attempt to create database if it does not exist
- DB optimization
- Some javascript codes updated to use DOM level 2
-
- Many more bug fixes (install bugs, downloads module path bugs, etc)
