• Missing column force_password_change added.
• Quoted text lines truncated after 50 characters (fixing #1020).

• Redirect to index.php when there's no query string (fixing #1000).
• Replaced shortened array syntax as of PHP 5.4.
• Workaround for corrupted serialized meta data. When database encoding changed from single to multibyte character set unserialize function fails for data with multibyte characters.
• Check banlists for addon.php.
• random_int function defined too late.
• Force password change option. Start of renovation of our password system. First step: New administrator option to force a password change for individual or all users via the control center. After reload a page or after logging-in
  the user lands directly on the (already existing) "change password" dialog in the control center. A message in a red box says "For security reasons, you are required to change your password.". The user can only move inside the control center until he changed the password. Every other link is redirected to the change password dialog.
• Filter link for IP address in user admin panel. Provides an IP address filter clickable link without opening "details". Provided by Scott Finegan.

• Changed some indents and removed comment to closed trac issue 213.
• Unnecessary closing div removed.
• Revision of emerald template.

• Convert $PHORUM = $GLOBALS['PHORUM'] to global $PHORUM (fixing #598)
• Fixing various invalid index warnings
• W3C validator: There is no attribute "onChange" (fixing #908)
• W3C validator: Value of attribute "method" cannot be "POST"
• Missing alt-attributes added
• Module Tidy Output is corrupting avatar images (fixing #911)
• Id and name attribute value mismatch (fixing #917)
• Fix character set for search title
• Multi byte safe word wrapping
• Do not substitute smileys in html entities (fixing #827)
• Replace nobr by css
• Create thumbnails as PNG (fixing #895)
• Fix Group Membership filtering
• Random Extension: Implements a PHP 5.x fallback for random_bytes and random_int functions
• Data validation enhanced (fixing #1001 partly)
• Set cookies with httponly (fixing #1001 partly)
• X-Frame-Options added
• Add posting token to login and register (fixing #1001 partly)
• Obsolete assignment by reference (&new) removed
• Replaced ENT_COMPAT by ENT_QUOTES
• Made admin interface XHTML 1.0 Transitional compliant
• Replace PHP short tags
• BBCode Module: New settings for stripping message bodies
• Event Logging Module: Support for for ipv6
• SMTP Module: Upgrade phpmailer

Fri Aug 24 15:20:02 2012 +0200: Thomas Seifert
* Correction phrase search in non-fulltext mode ( fixes #880 )

Fri Aug 24 15:08:24 2012 +0200: Thomas Seifert
* Removed TYPE= create table options. Default table types should be used wherever possible.

Fri Aug 24 14:37:09 2012 +0200: Thomas Seifert
* fixed possible XSS reported by High-Tech Bridge Security Research Lab

Fri May 25 08:57:17 2012 +0200: Thomas Seifert
* Fix moderator list retrieval

Performance improvements for moderator list (version for 5.2, by GroM)
Thu Mar 8 15:04:14 2012 +0100: GroM
* Performance fix for moderator list (exclude inactive) - DB

Mon Dec 19 14:59:53 2011 +0100: Thomas Seifert
* fixed a fatal error in moderation actions when the message cache is enabled (thanks for the patch to Jurij Kovacic)

Mon Dec 19 14:56:12 2011 +0100: Thomas Seifert
* fixed even logging logviewer

Fri Oct 7 16:28:33 2011 -0500: Brian Moon
* don't include PATH_INFO in the current URL.

Tue Oct 4 00:57:03 2011 +0200: Maurice Makaay
* Fixes for XSS issues in admin interface URLs.

Thu Aug 25 16:22:59 2011 +0200: Thomas Seifert
* fixed XSS reported by Russ McRee @ holisticinfosec

Sun Jul 31 12:46:18 2011 +0200: Maurice Makaay
* Fixed a Safari prompt() issue for the editor tools.

Fri Jul 8 15:15:16 2011 +0200: Thomas Seifert
* fixing thread title in first merge thread screen (thanks to vrtisworks, fixes #868)

Fri Jul 8 10:54:49 2011 +0200: Thomas Seifert
* first part of "Make Ajax calls without enabled cookies work". Server-side work is done with this commit. Now only the JS-part in the phorum ajax lib is missing (related to #816)

Fri Jul 8 10:22:10 2011 +0200: Thomas Seifert
* fixed "multibyte chop corruption" (fixes #865, thanks to Phorum user glen!)

Fri Jul 8 10:10:15 2011 +0200: Thomas Seifert
* fixed "Follow mode is not kept when quoting" (fixes #869, thanks to mariusmuja)

Tue Jul 5 12:17:27 2011 +0200: Thomas Seifert
* getting rid of warning when uploading zero sized file in controlcenter. Thanks to hsn! (fixes #859).

Tue Jul 5 12:12:50 2011 +0200: Thomas Seifert
* fixing "invalid" sql. Thanks to hsn. (fixes #858)

Tue Jul 5 11:58:27 2011 +0200: Thomas Seifert
* unified the webserver check in console scripts and added shebang-line. Thanks to glen! (fixing #866)

Tue Jul 5 11:42:59 2011 +0200: Thomas Seifert
* fixing invalid message but upon splitting threads. Thanks to rfc! (Fixing #870)

Tue Jul 5 11:38:55 2011 +0200: Thomas Seifert
* fixing php warning when Phorum is set to Read-Only. Thanks to rfc! (fixes #871)

Tue May 10 03:37:34 2011 +0000: brian
* if the current running script has defined PHORUM_ADMIN, we don't need to check file access permissions

Tue Apr 12 10:23:04 2011 +0000: ts77
* better message cache invalidation on moderation actions. now using the correct forum_id for messages moderated in a different forum than the current one and invalidation just once for each forum.

Sun Mar 13 10:10:47 2011 +0000: ts77
* added option to phorum_strip_body to skip stripping tags - and use that for the plain text quoting to avoid missing data in the quotes.

Tue Feb 8 05:05:47 2011 +0000: brian
* Adding a new hook to allow for alternate methods of retrieving private messages. e.g. for doing a module that pages the results.

Mon Jan 24 05:27:29 2011 +0000: mmakaay
* Added Brazillian Portuguese translation for Spam Hurdles.

Quote
5.2.14 Announcement
Unfortunately this release also includes 3 template fixes which you might need to port to your custom template if you got them:
[trac.phorum.org] (a fix for the author's profile url in the unapproved messages panel)
[trac.phorum.org] (some fixes for the classic template, only needed you run a template derived from classic)
[trac.phorum.org] (fixes in the group membership panel so that users can actually join groups again)

2011-01-18 20:58 mmakaay

        * Upgraded the jQuery library from 1.4.2 to 1.4.4. 
          Note: when using the Embed Images module with the FancyBox viewer,
          then this module must be upgraded to version 1.1.3 or higher to be
          compatible with the new jQuery library.

2010-11-29 17:08  ts77
	* show the current controlcenter panel also in the breadcrumbs and
	  the page title

   2010-11-16 18:51  mmakaay
	* Load defaults.php file, so an unconfigured username restrictions
	  module will not trigger PHP warnings because of undefined
	  settings.

   2010-11-16 11:58  mmakaay
	* Added an API function phorum_api_user_get_active_user(), which can
	  be used to retrieve the data for the currently active (i.e. logged
	  in) Phorum user. When no user is logged in, then the function will
	  return NULL.

   2010-11-12 07:43  mmakaay
	* When passing $return_threads = TRUE to phorum_db_search() while
	  searching for messages posted by a given user ($match_type =
	  USER_ID), the function will now only return the thread starter
	  messages that were posted by the user that is being searched on.

   2010-11-06 22:57  ts77
	* added bbcode option to add nofollow only to external urls.

   2010-11-02 10:17  ts77
	* added new hook user_save_groups

   2010-10-28 21:14  mmakaay
	* Added overflow: hidden to the generic div, so floated content
	  inside these divs will be correctly wrapped by the div.

   2010-10-28 21:08  mmakaay
	* The Phorum JavaScript library (jQuery + the Phorum javascript
	  code) is now available from within the admin interface as well.
	  Template specific javascript code and javascript code that is
	  supplied by modules are not included in the package that is loaded
	  by the admin interface (to prevent loading code that might be
	  assuming to be run in the Phorum front end.)

   2010-10-26 13:58  mmakaay
	* Added a hook "after_post_redirect" that can be used to tweak the
	  redirect URL that is used for redirecting the user after posting a
	  forum message.

   2010-10-22 09:43  mmakaay
	* Implemented phorum_api_image_supported() and
	  phorum_api_http_get_supported() which can be used to check if the
	  hosting platform supports the respective Phorum API layers.

   2010-10-22 00:35  mmakaay
	* Changes in the BBcode callback handling, to provide callback
	  handlers with the message that is being parsed. This way, the
	  callback code can perform actions that need to be context-aware.
	  Also, deprecated the use of dl() calls in the http_get and image
	  APIs. This is done because of the following warning on the PHP
	  site: "This function has been removed from some SAPI's in PHP 5.3"

   2010-10-16 22:32  mmakaay
	* Modified placement of the #REPLY anchor in the templates (moved
	  from the start of posting.tpl to the end of read.tpl). This takes
	  care of letting the page jump down when the user click "Reply" and
	  the "Sorry, only registered users may post in this forum" message
	  is showing down there.

   2010-10-15 21:20  mmakaay
	* Feeds were not disabled when disabling them from the admin
	  interface settings. They were only hidden from the templates.
	  Therefore calling the feed script to load feed data still worked.
	  This bug is fixed by this release. When disabling the feed option,
	  the feed.php script will block access to the feeds too now.

   2010-10-15 16:09  mmakaay
	* Fixes to improve the Modified-Since handling for javascript and CSS caching.

   2010-10-14 23:56  mmakaay
	* Fixed a problem with CSS and JavaScript caching not automatically refreshing.
          Because the the cache key was not MD5'ed, the cache key could grow too large
          for the memcached caching layer.

   2010-10-11 23:44  mmakaay
	* Added a work-around for the Spam Hurdles ASCII art CAPTCHA in
	  combination with browsers in which the monospace font was set to a
	  proportional font. The font now is configured as Courier New and
	  Courier, before falling back to the monospace option that is
	  controlled by the browser.

   2010-10-11 23:28  mmakaay
	* Release Spam Hurdles version 2.0.2 as the default version for both
	  Phorum 5.2 and the Phorum development trunk.

   2010-07-16 12:02  ts77
	* added attachments as input to the send_email hook (thanks to
	  Oliver Riesen)

   2010-07-04 20:45  ts77
	* invalidate message cache on approval, thanks to Markus Fischer
	  (#961)

   2010-07-04 20:07  ts77
	* applied patches from Joe Curia for enhanced Edit User Panel

   2010-06-30 14:18  ts77
	* formatting and escaping announcements correctly now (closing a
	  possible security issue), thanks to Patrick Kaiser

   2010-06-30 14:00  ts77
	* checking correctly for jpeg support in php 5.3 too, thanks to
	  phorum user nedanko in #948 for the report.

   2010-06-30 13:52  ts77
	* New hooks: admin_forum_delete, posting_action_cancel_post,
	  posting_action_edit_post, thanks to Markus Fischer (closing #949)

   2010-06-30 13:43  ts77
	* added new admin menu hook, thanks for the thorough implementation
	  to Markus Fischer (#945)

   2010-06-30 13:27  ts77
	* User deletion - clearing recent message data, thanks to Markus
	  Fischer (closing #946)

   2010-06-30 13:24  ts77
	* event_logging: hook to intercept $loginfo, thanks to Markus
	  Fischer (closing #947)

   2010-06-30 13:20  ts77
	* Add "message" and "details" filter capability to mod
	  event_logging, thanks to Markus Fischer (closing #942)

   2010-06-30 13:15  ts77
	* phorum_cache_put() verify fopen() call, thanks to Markus Fischer
	  (closing #943)

   2010-06-10 13:16  mmakaay
	* Added the jQuery library to 5.2 and the $PJ compatbility wrapper
	  to prevent collissions with possible other js frameworks that
	  might be using $ already.

   2010-06-10 12:53  mmakaay
	* Fixing editor tools popups in a page that uses relative and/or
	  absolute CSS positioning for layout.

   2010-05-23 21:00  mmakaay
	* Fix for #952: Malformed javascript in form_objects.js.php

   2010-05-20 09:46  ts77
	* fixed timezone setting in forum settings panel. it got off with
	  dst enabled (closing #950, thanks to Phorum user Skye for the
	  notice)

   2010-04-23 22:45  mmakaay
	* Added extra hooks in the phorum_output() code to provide extra and
	  more fine grained control to modules that want to hook into the
	  output phase. New hooks: output_templates,
	  output_templates_<page>, start_output_<page>, after_header_<page>,
	  before_footer_<page>, end_output_<page>.

   2010-04-19 15:20  ts77
	* added two new template hooks: tpl_profile and tpl_cc_start in the
	  relevant templates

   2010-04-16 14:32  mmakaay
	* Added missing language strings to BBcode mod.

   2010-04-01 21:52  mmakaay
	* Fixed some hook documentation issues.

   2010-03-31 13:13  mmakaay
	* Bug fix: do not update the last_post_time of a forum in case a
	  message is approved that was posted before the active
	  last_post_time of that forum.

   2010-03-26 12:55  ts77
	* fixed pm_send_init hook, thanks to Charlie Brown (in #941)

   2010-03-18 12:20  mmakaay
	* Fix for #938: client.js.php steps on javascript Phorum object The
	  way in which existence of the Phorum object was checked was wrong
	  because of some legacy code in the Ajax js lib. This change should
	  fix the issue.

Quote
5.2.14 Announcement
Unfortunately this release also includes 3 template fixes which you might need to port to your custom template if you got them:
[trac.phorum.org] (a fix for the author's profile url in the unapproved messages panel)
[trac.phorum.org] (some fixes for the classic template, only needed you run a template derived from classic)
[trac.phorum.org] (fixes in the group membership panel so that users can actually join groups again)

2010-11-29 17:08  ts77
	* show the current controlcenter panel also in the breadcrumbs and
	  the page title

   2010-11-16 18:51  mmakaay
	* Load defaults.php file, so an unconfigured username restrictions
	  module will not trigger PHP warnings because of undefined
	  settings.

   2010-11-16 11:58  mmakaay
	* Added an API function phorum_api_user_get_active_user(), which can
	  be used to retrieve the data for the currently active (i.e. logged
	  in) Phorum user. When no user is logged in, then the function will
	  return NULL.

   2010-11-12 07:43  mmakaay
	* When passing $return_threads = TRUE to phorum_db_search() while
	  searching for messages posted by a given user ($match_type =
	  USER_ID), the function will now only return the thread starter
	  messages that were posted by the user that is being searched on.

   2010-11-06 22:57  ts77
	* added bbcode option to add nofollow only to external urls.

   2010-11-02 10:17  ts77
	* added new hook user_save_groups

   2010-10-28 21:14  mmakaay
	* Added overflow: hidden to the generic div, so floated content
	  inside these divs will be correctly wrapped by the div.

   2010-10-28 21:08  mmakaay
	* The Phorum JavaScript library (jQuery + the Phorum javascript
	  code) is now available from within the admin interface as well.
	  Template specific javascript code and javascript code that is
	  supplied by modules are not included in the package that is loaded
	  by the admin interface (to prevent loading code that might be
	  assuming to be run in the Phorum front end.)

   2010-10-26 13:58  mmakaay
	* Added a hook "after_post_redirect" that can be used to tweak the
	  redirect URL that is used for redirecting the user after posting a
	  forum message.

   2010-10-22 09:43  mmakaay
	* Implemented phorum_api_image_supported() and
	  phorum_api_http_get_supported() which can be used to check if the
	  hosting platform supports the respective Phorum API layers.

   2010-10-22 00:35  mmakaay
	* Changes in the BBcode callback handling, to provide callback
	  handlers with the message that is being parsed. This way, the
	  callback code can perform actions that need to be context-aware.
	  Also, deprecated the use of dl() calls in the http_get and image
	  APIs. This is done because of the following warning on the PHP
	  site: "This function has been removed from some SAPI's in PHP 5.3"

   2010-10-16 22:32  mmakaay
	* Modified placement of the #REPLY anchor in the templates (moved
	  from the start of posting.tpl to the end of read.tpl). This takes
	  care of letting the page jump down when the user click "Reply" and
	  the "Sorry, only registered users may post in this forum" message
	  is showing down there.

   2010-10-15 21:20  mmakaay
	* Feeds were not disabled when disabling them from the admin
	  interface settings. They were only hidden from the templates.
	  Therefore calling the feed script to load feed data still worked.
	  This bug is fixed by this release. When disabling the feed option,
	  the feed.php script will block access to the feeds too now.

   2010-10-15 16:09  mmakaay
	* Fixes to improve the Modified-Since handling for javascript and CSS caching.

 
   2010-10-14 23:56  mmakaay
	* Fixed a problem with CSS and JavaScript caching not automatically refreshing.
          Because the the cache key was not MD5'ed, the cache key could grow too large
          for the memcached caching layer.

   2010-10-11 23:44  mmakaay
	* Added a work-around for the Spam Hurdles ASCII art CAPTCHA in
	  combination with browsers in which the monospace font was set to a
	  proportional font. The font now is configured as Courier New and
	  Courier, before falling back to the monospace option that is
	  controlled by the browser.

   2010-10-11 23:28  mmakaay
	* Release Spam Hurdles version 2.0.2 as the default version for both
	  Phorum 5.2 and the Phorum development trunk.

   2010-07-16 12:02  ts77
	* added attachments as input to the send_email hook (thanks to
	  Oliver Riesen)

   2010-07-04 20:45  ts77
	* invalidate message cache on approval, thanks to Markus Fischer
	  (#961)

   2010-07-04 20:07  ts77
	* applied patches from Joe Curia for enhanced Edit User Panel

   2010-06-30 14:18  ts77
	* formatting and escaping announcements correctly now (closing a
	  possible security issue), thanks to Patrick Kaiser

   2010-06-30 14:00  ts77
	* checking correctly for jpeg support in php 5.3 too, thanks to
	  phorum user nedanko in #948 for the report.

   2010-06-30 13:52  ts77
	* New hooks: admin_forum_delete, posting_action_cancel_post,
	  posting_action_edit_post, thanks to Markus Fischer (closing #949)

   2010-06-30 13:43  ts77
	* added new admin menu hook, thanks for the thorough implementation
	  to Markus Fischer (#945)

   2010-06-30 13:27  ts77
	* User deletion - clearing recent message data, thanks to Markus
	  Fischer (closing #946)

   2010-06-30 13:24  ts77
	* event_logging: hook to intercept $loginfo, thanks to Markus
	  Fischer (closing #947)

   2010-06-30 13:20  ts77
	* Add "message" and "details" filter capability to mod
	  event_logging, thanks to Markus Fischer (closing #942)

   2010-06-30 13:15  ts77
	* phorum_cache_put() verify fopen() call, thanks to Markus Fischer
	  (closing #943)

   2010-06-10 13:16  mmakaay
	* Added the jQuery library to 5.2 and the $PJ compatbility wrapper
	  to prevent collissions with possible other js frameworks that
	  might be using $ already.

   2010-06-10 12:53  mmakaay
	* Fixing editor tools popups in a page that uses relative and/or
	  absolute CSS positioning for layout.

   2010-05-23 21:00  mmakaay
	* Fix for #952: Malformed javascript in form_objects.js.php

   2010-05-20 09:46  ts77
	* fixed timezone setting in forum settings panel. it got off with
	  dst enabled (closing #950, thanks to Phorum user Skye for the
	  notice)

   2010-04-23 22:45  mmakaay
	* Added extra hooks in the phorum_output() code to provide extra and
	  more fine grained control to modules that want to hook into the
	  output phase. New hooks: output_templates,
	  output_templates_<page>, start_output_<page>, after_header_<page>,
	  before_footer_<page>, end_output_<page>.

   2010-04-19 15:20  ts77
	* added two new template hooks: tpl_profile and tpl_cc_start in the
	  relevant templates

   2010-04-16 14:32  mmakaay
	* Added missing language strings to BBcode mod.

   2010-04-01 21:52  mmakaay
	* Fixed some hook documentation issues.

   2010-03-31 13:13  mmakaay
	* Bug fix: do not update the last_post_time of a forum in case a
	  message is approved that was posted before the active
	  last_post_time of that forum.

   2010-03-26 12:55  ts77
	* fixed pm_send_init hook, thanks to Charlie Brown (in #941)

   2010-03-18 12:20  mmakaay
	* Fix for #938: client.js.php steps on javascript Phorum object The
	  way in which existence of the Phorum object was checked was wrong
	  because of some legacy code in the Ajax js lib. This change should
	  fix the issue.

Quote
5.2.14 Announcement
Unfortunately this release also includes 3 template fixes which you might need to port to your custom template if you got them. These are:
[trac.phorum.org] (a fix for the author's profile url in the unapproved messages panel)
[trac.phorum.org] (some fixes for the classic template, only needed you run a template derived from classic)
[trac.phorum.org] (fixes in the group membership panel so that users can actually join groups again)

   2010-03-26 12:55  ts77
	* fixed pm_send_init hook, thanks to Charlie Brown (in #941)

   2010-03-18 12:20  mmakaay
	* Fix for #938: client.js.php steps on javascript Phorum object The
	  way in which existence of the Phorum object was checked was wrong
	  because of some legacy code in the Ajax js lib. This change should
	  fix the issue.

   2010-03-17 12:50  ts77
	* added original message to after_edit / before_edit hooks (fixing
	  #803, thanks to Alexey Torkhov)

   2010-03-17 12:23  ts77
	* added message_id to the read hook (fixing #934, thanks to Markus
	  Fischer)

   2010-03-16 23:16  mmakaay
	* Fixed bug: when changing the password twice in a row from the
	  control center, the second password change triggered the CSRF
	  protection error ("Possible hack attempt detected. The posted form
	  data was rejected.")

   2010-03-16 22:51  mmakaay
	Various fixes for (minor) security related issues.

        * Fixed the possibility of bypassing the email address validation checks and
	  confirmation code via email for email address changes through the
	  control center.
          Risk: the user could change his own email address
	  to some fake address, because the email validation step was
	  skipped. (thanks to Carlos Ghan for pointing out this issue)

        * XSS issue for the email address change panel in the control center
	  fixed. The previous fix already prevents this, because the user
	  can no longer inject a false email address with HTML code in it.
	  The email settings panel prevents that. Still, we added an extra
	  layer of XSS protection to the control center code.
          Risk: the XSS issue was only triggered for the user himself, within his own
	  control center. The email address in the public user profile was
	  already XSS-protected. (thanks to Carlos Ghan for pointing out
	  this issue)
       * Fixed the possibility of bypassing the original
	  password check when changing the password through the control
	  center.
          Risk: this might be used by a malicious user to change the
	  password for a user that is logged into Phorum on a computer that
	  the malicious user has direct access to (e.g. a computer in a
	  library or internet cafe, where the user forgot to logout).

        * Fixed an XSS issue in the personal file management panel in the
	  control center. By uploading a file with a specially crafted
	  filename, HTML code could be injected in the file management page.
	  Risk: the XSS issue was only triggered for the user himself,
	  within his own control center.

   2010-02-26 18:48  ts77
	* fixed warning on logout in rare cases (fixing #920, thanks to
	  Markus Fischer, Regexp provided by Brian)

   2010-02-26 17:20  ts77
	* added setting define for number of search paging links shown (as
	  requested in #932, thanks to Thomas Subera)

   2010-02-22 15:57  ts77
	* use the correct variable in controlcenter/summary.php to allow
	  overriding for module developers. fixing #928, thanks to
	  Azumandias

   2010-02-22 15:52  ts77
	* avoid trying to retrieve users with user_id 0 in read.php with
	  some conditionals, saving on db calls, fixing #929, thanks to
	  Markus Fischer

   2010-02-16 19:22  brian
	* Fix for issue where fast running searches could report a database
	  error

   2010-02-16 16:01  ts77
	* added force_{okmsg|error} to hook_info in control.php to allow
	  overriding the messages without fully overriding the panel. Thanks
	  to Phorum user Phil Connolly for the idea.

   2010-02-12 15:36  ts77
	* added json2.js json parser for decoding json (could be used for
	  encoding too) as requested in #923 for added security and
	  performance (Firefox 3.5 and IE8 should have a native JSON parser
	  which is API compatible with this script and therefore
	  automatically used), added phorum_textarea and phorum_subject
	  manipulation javascript into core (see #914 for the reasoning,
	  thanks to "mrboson")

   2010-02-12 14:16  ts77
	* backported phorum_api_url_no_uri_auth to allow easier generation
	  of URLs without uri-authentication. (patch from Markus Fischer in
	  #921)

   2010-02-12 14:04  ts77
	* added left/right bbcode tags and editor tools

   2010-02-06 12:38  ts77
	* fixing css caching which could lead to mixed up css-caches like
	  including the css_print instead of the full one. (fixing #913)

   2010-02-06 12:32  ts77
	* adding new hook "admin_editforum_form_save_after_defaults" as
	  proposed in #916, thanks to Markus Fischer. ATTENTION: not added
	  in trunk (aka 5.3) as the whole handling has changed there.

   2010-02-06 12:25  ts77
	* added new hook "feed_sent" (fixing #917, thanks to Markus Fischer)

   2010-02-06 12:17  ts77
	* selecting only active users for subscription notifications (fixing
	  #919, thanks to Markus Fischer for the patch)

   2010-01-12 09:34  ts77
	* update the forum status on editing if the sort order of the thread
	  has been changed (fixing #911)

   2009-12-27 11:25  ts77
	* killing some warnings when calling moderation.php without
	  arguments (fixing #905, thanks to Markus Fischer)

   2009-12-09 14:05  ts77
	* added additional "raw_data" flag to phorum_api_user_get for usage
	  in saving to avoid storing html escaped versions of custom profile
	  fields. Thanks to Joe Curia for the report.

   2009-12-09 08:04  mmakaay
	* Fix for correctly blocking posts to closed topics, in case the
	  reply message was started before the topic was closed. Thanks to
	  Phorum user cactux for the problem report.

   2009-12-04 21:10  mmakaay
	* Added a new hook "pm_before_editor" to the PM script, as requested
	  by Phil Connolly.

   2009-11-30 09:13  mmakaay
	* Required changes in templates for Spam Hurdles v2.

   2009-11-30 01:41  mmakaay
	* Some new hooks and a template hook to make protecting the PM
	  interface with Spam Hurdles (version 2) possible.

   2009-11-20 08:52  mmakaay
	* Another try at fixing the vroot issue for root level RSS feeds.

   2009-11-18 14:57  ts77
	* fixed vroot feeds

   2009-10-18 10:26  ts77
	* fix profile url of the author in the unapproved message panel
	  (template change, fixing #897)

   2009-10-18 10:13  ts77
	* suppress notices from connect calls, as it would break redirection
	  to a down page and errors itself are handled later in the code
	  (thanks to CBill for noticing that issue)

   2009-10-17 11:02  ts77
	* fixing unsubscribe handling while replying (fixed #884, thanks to
	  Thomas Subera)

   2009-10-17 10:52  ts77
	* added two new admin hooks as provided by Markus Fischer in #895.
	  ATTENTION: no support in 5.3 for these as the handling in
	  newforum.php is totally different there!

   2009-10-17 10:38  ts77
	* rebuild search data only when "empty_search_table" is not set
	  (fixing #883, thanks to Markus Fischer)

   2009-10-17 10:30  ts77
	* using the default template when creating new folders (patch from
	  Markus Fischer in #886, thanks)

   2009-10-16 22:22  ts77
	* added ability to log user deletion to Event Logging through patch
	  from Markus Fischer (fixing #893)

   2009-10-16 22:11  ts77
	* only accepting css templates as arguments for css.php and check
	  for empty param (fixing #887)

   2009-10-14 13:52  ts77
	* turning TYPE=MyISAM into ENGINE=MyISAM to make Phorum compatible
	  with more recent MySQL versions. This effectively makes Phorum
	  incompatible with MySQL4 which is therefore stated in the install
	  docs.

   2009-10-03 12:32  ts77
	* #  fixing group membership panel (adding POST_VARS and fixing html)

   2009-09-29 22:39  mmakaay
	* MFT: # Fix for #891: version parsing problem in the modules API.

   2009-09-29 20:00  mmakaay
	* Added a sanity check to see if the version of PHP is 5.0.0 or
	  higher. When the version is lower, then a critical error is
	  returned. Effectively, people that are running PHP4 won't be able
	  to install Phorum anymore, unless they upgrade to PHP5.

   2009-09-29 06:41  mmakaay
	* Moved the hard-coded max message length to a definition in
	  constants.php.

   2009-09-13 10:20  mmakaay
	* Fixed bug: the recently added anti-XSS code for the font size
	  BBcode did not accept x-large and x-small as valid sizes. Thanks
	  to Robert Angle for the heads up!

   2009-08-25 23:03  ts77
	* fixed last-modified header for css.php/javascript.php (closing
	  #881, thanks to Markus Fischer)

   2009-08-25 19:38  mmakaay
	* Make sure that the doomed "magic_quotes_runtime" setting is
	  disabled in PHP. Otherwise, data that is retrieved from the
	  database could be crippled by the magic quote handling.

   2009-08-16 23:33  mmakaay
	* Added a "no longer bundled" list to the Modules API. Modules that
	  are no longer included in the Phorum distro can be registered in
	  this list. If Phorum finds an enabled module that is no longer
	  bundled with Phorum and that has a version that is lower than the
	  version as configured in the list, it will suggest the admin to
	  upgrade the module to the separately distributed version. This
	  feature was added for informing admins about the HTML module that
	  recently was removed from the distro.

   2009-08-16 23:31  mmakaay
	* Removed the HTML module from the core distribution. Administrators
	  that want to enable HTML code in the forum messages will have to
	  download the HTML module from now on. URL:
	  [www.phorum.org]

   2009-08-16 22:27  ts77
	* moved css.php and javascript.php to use the phorum_cache instead
	  of their own file-based approach (closing #878, thanks to Markus
	  Fischer for the notice)

   2009-08-16 15:38  ts77
	* added okmsg for the general settings page, still with reload to
	  reinit the settings (fixing #861, thanks to Markus Fischer)

   2009-08-15 22:22  mmakaay
	* Fixed a bug in the bbcode tokenizer code that could lead to
	  unexpected parsing results.

   2009-08-15 16:50  ts77
	* adding hooks for pm_delete, pm_delete_folder (fixing #871, thanks
	  to Markus Fischer)

   2009-08-15 16:33  ts77
	* fixing some warnings in stress_test script (fixing #872,#873,
	  thanks to Markus Fischer)

   2009-08-15 16:27  ts77
	* added name attribute to module settings links for better
	  testability (fixing #875, thanks to Markus Fischer)

   2009-08-01 11:03  mmakaay
	* Added a new event to the Event Logging module: User sends a
	  private message.

   2009-07-28 10:48  mmakaay
	* Fixed bug #865: Don't log errors if the silence operator @ is
	  used. Thanks to Markus for both the bug report and the patch that
	  fixes the issue.

   2009-07-27 15:42  mmakaay
	* - Added a new logged event: User requests a new password. Thanks
	  to CBiLL for the idea. This feature requires a new hook that is
	  only available in Phorum 5.2.13 and up. - Modified the failed
	  login event: if the username that was used is known to Phorum,
	  then the user_id is set for the event. This way, failed login
	  events can be filtered by the username as long as an existing
	  username was used. Thanks to CBiLL for the idea. - Fixed a bug:
	  with event logging programmatically suspended, not all hooks
	  returned the correct data. This feature is not widely used (if at
	  all), so there is no real user impact.

   2009-07-27 14:24  mmakaay
	* Added a new hook (for logging purposes): password_reset.

   2009-07-27 10:39  mmakaay
	* Fixed #864: the HTML feed always showed "(-1 replies)" at the end
	  of the feed page.

   2009-07-22 17:54  ts77
	* fixed event logging download issue (fixing #862, thanks to Markus
	  Fischer)

   2009-07-22 17:44  mmakaay
	* Fixed #858: we now use a more forgiving match algorithm for
	  determining the running MySQL server version.

   2009-07-22 17:21  mmakaay
	* Fixed #863: Prevent a PHP NOTICE in when running a CLI script.
	  Thanks to Markus for the problem report.

   2009-07-22 11:58  ts77
	* added code to have the admin stylesheet external with a hook to
	  override the url (closing #860, though I don't see it as a final
	  solution yet with its relative image urls).

   2009-07-22 11:49  ts77
	* add E_USER_ERROR to error reporting in admin (fixing #859, thanks
	  to Markus Fischer)

   2009-07-20 11:46  ts77
	* Preliminary fix for XSS in size and color bbcode tags. Thanks to
	  Paolo Pinto from SYSDREAM

   2009-07-04 00:38  mmakaay
	* Work-around when there is no "&" in the php.ini
	  arg_separator.input option. It that happens, then PHP won't
	  correctly fill the $_GET array. E.g. "arg1=val1&arg2=val2" will
	  end up as array('arg1' => 'val1&arg2=val2').

   2009-07-03 11:45  mmakaay
	* A fix for hosting providers that manage to provide a SCRIPT_URI
	  that does not contain the actually requested HTTP_HOST, probably
	  due to some mass virtual hosting rewrite rules.

   2009-07-01 10:35  mmakaay
	* Fixed #853: A bbcode tag like [url=http://www.phorum.org \] (note
	  the space in front of the "]" character) caused the bbcode
	  formatting to trip. Thanks to Serdar for the bug report!

   2009-07-01 09:05  mmakaay
	* The event logging module is now used for logging blocked form
	  posts. Also, a bugfix was done on the iscramble code. In some
	  cases, there were duplicate id's in use for the blocks that hold
	  the scrambled js code, causing the js md5 signing feature to fail.

   2009-06-30 14:49  mmakaay
	* Fixed the forum picker list for the advanced search page in a
	  vroot environment. Before this change, the list of searchable
	  forums was empty.

   2009-06-09 06:22  brian
	* Added hook to allow overriding of the maximum upload file size.

   2009-05-29 17:29  mmakaay
	* Fixed a permission checking issue for the file.php script. Read
	  access for the forum in which the file is stored was not correctly
	  checked. Thanks to Phorum user "FF" for finding the bug.

       * Made allowed redirection URLs for the login a setting in general
	  settings (defaults to localhost and the phorum-url) and fixing
	  with it an "Arbitrary Redirection Vulnerability" reported by
	  Andrew Paterson

 
   2009-05-18 23:54  mmakaay
	* Logs can now be downloaded from the even viewer settings page
	  (thanks toe Joe Curia for providing the page). Logs are now
	  automatically cleaned up when the total number of logs exceeds the
	  configured maximum. This is done by mean of a garbage collector
	  that is run in 5% of the page requests.

   2009-05-15 12:21  mmakaay
	* Implemented a check to see if an unsafe attachment is downloaded
	  in MSIE6-. If this is the case, then anti-caching headers are
	  sent. This is done, because a quirck in MSIE6 (and maybe lower)
	  could interpret a file from cache, even if we send headers to
	  specifically force a download.

   2009-05-15 10:02  mmakaay
	* Updated the MIME sniffing code (for checking if a browser might
	  see a certain file as HTML code) to be more specific. This is done
	  to minimize the number of false positives that we see. For example
	  "<a" has been changed to "<a[ >]" to make it match either "<a>" or
	  "<a ".

   2009-05-12 10:51  ts77
	* added mime-type checking using fileinfo-extension

   2009-05-10 16:11  mmakaay
	* Fix for the Mime-Sniffing XSS security issue. This is a browser
	  security issue, for which this changeset implements a safety
	  measure on the server side: files that are not safe for viewing
	  (i.e. files that could be treated as HTML code, even if they are
	  uploaded as images or other file types) are not displayed in the
	  browser. Instead, for these files a download is enforced. For
	  extended information on the MIME-Sniffing issue, take a look at
	  [webblaze.cs.berkeley.edu] Thanks to
	  Jacques Copeau for noticing us about this issue.

   2009-04-22 09:12  ts77
	* additional CSRF protection in the admin. Now a new token is
	  generated when accessing the admin without a valid token in the
	  url. This token is timed out after 15 minutes and requires manual
	  click to continue.

   2009-04-21 09:19  mmakaay
	* Fix for #844: avoid the use of addslashes() for SQL escaping in
	  the Spam Hurdles module in favor of phorum_db_interact(), so other
	  database layers can be developed. Thanks to Radium Kolar for
	  noticing.

   2009-04-17 08:53  ts77
	* corrected message after posting in a moderatored forum, removing a
	  warning (fixing #845, thanks to Dready)

   2009-04-14 13:35  mmakaay
	* Fixed #843: No need to have images/* in the distro sanity check as
	  critical files, so I removed them from the file list. Thanks to
	  Mathias for the idea. While I was at it, I updated the distro
	  sanity check script to include new core distribution files in the
	  distro list.

   2009-04-13 23:03  mmakaay
	* Fix for #840: make database "charset" config parameter database
	  layer independant, by putting the check in the db layer sanity
	  check function instead of directly in the database sanity check
	  script. This makes it possible to ignore the charset configuration
	  parameter for database layers that do not require this parameter.

   2009-04-13 10:50  mmakaay
	* Fixed XSS issues from #841. Thanks to cicatriz for reporting them.

   2009-04-13 10:13  mmakaay
	* Fixed #842: make Spam Hurdles module database table name db layer
	  independent.

   2009-03-22 09:58  ts77
	* added support for custom headers to the mail functions and the
	  smtp-mail module, fixed message-id usage in smtp-mail module

   2009-03-20 11:51  mmakaay
	* Some fixes for doc generation.

   2009-03-15 11:13  ts77
	* fixed APC cache-layer (#782, thanks to hcgtv for the report)

   2009-03-14 05:01  brian
	* Added post form confirmation into message deletion process to
	  protect against CSRF attacks

   2009-03-14 01:44  ts77
	* Made allowed redirection URLs for the login a setting in general
	  settings (defaults to localhost and the phorum-url) and fixing
	  with it an "Arbitrary Redirection Vulnerability" reported by
	  Andrew Paterson

   2009-03-13 16:39  mmakaay
	* Implemented a new hook "css_filter" that can be used for
	  post-processing Phorum's CSS code (e.g. compression of the code).

   2009-03-11 01:14  mmakaay
	* Added a layer of protection against CSRF (Cross Site Request
	  Forgery) attacks. Thanks to WHK for notifying us about the
	  possible issues.

   2009-03-11 00:42  mmakaay
	* Fixed a possible XSS issue in the Spam Hurdles module. Thanks to
	  Andrew Paterson for notifying us about the issue.

   2009-03-10 00:03  mmakaay
	* Implemented a new hook "get_template_file", which can be used to
	  influence the phorum_get_template_file() function. The name of the
	  template to load can be updated (e.g. to change "index_new" to
	  "yourmod::index_new") and the template source file to use can be
	  returned (e.g. to tell Phorum that the "pm" template has to be
	  handled by a custom script named
	  "./mods/yourmod/pm_page_handler.php").

   2009-03-06 17:40  brian
	* Fixing XSS issue in control.php

   2009-02-18 17:08  ts77
	* added after_merge / after_split hooks for acting on thread
	  split/merge actions (fixing #828, thanks to so at
	  deluxe-design.at)

   2009-02-18 16:41  ts77
	* moved pm_message array out of the condition to have the data
	  available to the pm_sent hook in any case (fixing #827, thanks to
	  so at deluxe-design.at)

   2009-02-18 16:16  ts77
	* (re-)added storing the user_id for message attachments, fixing
	  #822

2009-04-22 09:12  ts77
	* additional CSRF protection in the admin. Now a new token is
	  generated when accessing the admin without a valid token in the
	  url. This token is timed out after 15 minutes and requires manual
	  click to continue.

   2009-04-21 09:19  mmakaay
	* Fix for #844: avoid the use of addslashes() for SQL escaping in
	  the Spam Hurdles module in favor of phorum_db_interact(), so other
	  database layers can be developed. Thanks to Radium Kolar for
	  noticing.

   2009-04-17 08:53  ts77
	* corrected message after posting in a moderatored forum, removing a
	  warning (fixing #845, thanks to Dready)

   2009-04-14 13:35  mmakaay
	* Fixed #843: No need to have images/* in the distro sanity check as
	  critical files, so I removed them from the file list. Thanks to
	  Mathias for the idea. While I was at it, I updated the distro
	  sanity check script to include new core distribution files in the
	  distro list.

   2009-04-13 23:03  mmakaay
	* Fix for #840: make database "charset" config parameter database
	  layer independant, by putting the check in the db layer sanity
	  check function instead of directly in the database sanity check
	  script. This makes it possible to ignore the charset configuration
	  parameter for database layers that do not require this parameter.

   2009-04-13 10:50  mmakaay
	* Fixed XSS issues from #841. Thanks to cicatriz for reporting them.

   2009-04-13 10:13  mmakaay
	* Fixed #842: make Spam Hurdles module database table name db layer
	  independent.

   2009-03-22 09:58  ts77
	* added support for custom headers to the mail functions and the
	  smtp-mail module, fixed message-id usage in smtp-mail module

   2009-03-20 11:51  mmakaay
	* Some fixes for doc generation.

   2009-03-15 11:13  ts77
	* fixed APC cache-layer (#782, thanks to hcgtv for the report)

   2009-03-14 05:01  brian
	* Added post form confirmation into message deletion process to
	  protect against CSRF attacks

   2009-03-14 01:44  ts77
	* Made allowed redirection URLs for the login a setting in general
	  settings (defaults to localhost and the phorum-url) and fixing
	  with it an "Arbitrary Redirection Vulnerability" reported by
	  Andrew Paterson

   2009-03-13 16:39  mmakaay
	* Implemented a new hook "css_filter" that can be used for
	  post-processing Phorum's CSS code (e.g. compression of the code).

   2009-03-11 01:14  mmakaay
	* Added a layer of protection against CSRF (Cross Site Request
	  Forgery) attacks. Thanks to WHK for notifying us about the
	  possible issues.

   2009-03-11 00:42  mmakaay
	* Fixed a possible XSS issue in the Spam Hurdles module. Thanks to
	  Andrew Paterson for notifying us about the issue.

   2009-03-10 00:03  mmakaay
	* Implemented a new hook "get_template_file", which can be used to
	  influence the phorum_get_template_file() function. The name of the
	  template to load can be updated (e.g. to change "index_new" to
	  "yourmod::index_new") and the template source file to use can be
	  returned (e.g. to tell Phorum that the "pm" template has to be
	  handled by a custom script named
	  "./mods/yourmod/pm_page_handler.php").

   2009-03-06 17:40  brian
	* Fixing XSS issue in control.php

   2009-02-18 17:08  ts77
	* added after_merge / after_split hooks for acting on thread
	  split/merge actions (fixing #828, thanks to so at
	  deluxe-design.at)

   2009-02-18 16:41  ts77
	* moved pm_message array out of the condition to have the data
	  available to the pm_sent hook in any case (fixing #827, thanks to
	  so at deluxe-design.at)

   2009-02-18 16:16  ts77
	* (re-)added storing the user_id for message attachments, fixing
	  #822

   2009-02-01 19:30  mmakaay
	* Fix for #892: mb_substr() replacement function contained a typo.
	  No big impact. The replacement function was not yet in use in core
	  code. Only the smtp_mail module calls mb_substr(). Thanks to
	  r.wetzlmayr for reporting the error!

   2009-01-28 19:41  mmakaay
	* Fixed the BBcode parser for some old PHP systems. A problem in PHP
	  caused the parser to not parse any BBcode tags. # The PHP problem
	  was that the "\0" in a string was seen as a filled # character
	  position. E.g. with $a="b", isset($a[1]) would yield TRUE. # This
	  threw of the bbcode parse tree generator.

2008-12-09 08:52  ts77
	* added experimental attachment support to the smtp-mail module

   2008-12-06 10:56  mmakaay
	* Close the database connection explicitly at the end of the Phorum
	  script, to prevent lingering MySQL connections from overloading
	  the MySQL server.

   2008-11-26 14:51  mmakaay
	* Oops...I fixed it again.

   2008-11-26 14:48  mmakaay
	* Straightened out the moderation thread hooks. The hook "hide" is
	  now called "hide_thread" to be in harmony with the other thread
	  moderation hooks. Thanks to Joe Curia for noting the
	  inconsistency.

   2008-11-23 23:50  brian
	* Attempted fix for #802, <hr> tag was not having newlines trimmed
	  after it

   2008-11-23 23:22  brian
	* Fix for #808, rebuild script not rebuilding all the threads

   2008-11-23 19:04  brian
	* Fixes for ticket #791, phorum 3 upgrade issues with character set

   2008-11-23 15:55  brian
	* Fix for ticket #766, Group moderation bug

   2008-11-19 15:05  mmakaay
	* Improved the JSON handling using the PEAR library on systems that
	  do not implement json_encode() and/or json_decode(). Thanks to
	  Phorum user "rasta" for the coding idea.

   2008-11-13 09:05  mmakaay
	* Reverted [3700]: allow_email_notify is a per-forum setting and not
	  a global settin. Therefore, the control center should not hide the
	  "follow+mail" option if email_notify is not enabled when loading
	  the control center page.

   2008-11-13 08:59  mmakaay
	* Hide the "follow + email" option from default follow mode
	  configuration in the user control center when email notifications
	  are disabled by the admin.

   2008-11-12 19:26  mmakaay
	* Removed content-type header from the smileys javascript code. It
	  is no longer needed now the javascript is incorporated from
	  javascript.php.

   2008-11-12 16:35  mmakaay
	* Suppress possible warnings from a file_exists() call in the Spam
	  Hurdles module.

   2008-11-07 12:39  ts77
	* ignore some more settings on inheritance (fixing #809, thanks to
	  _noe_ ) ...

   2008-11-07 12:29  ts77
	* fixed db-upgrade scripts for replicated setups (fixing #813,
	  thanks to Mathias)

   2008-11-07 12:23  ts77
	* added masterquery-flags to event-logging module (fixing #814,
	  thanks to Mathias for reporting and providing a patch)

   2008-11-07 12:03  ts77
	* removed the message about the closed thread in the read page in
	  case "reply on separate page" and added an error message in the
	  posting form instead of just redirecting (closing #817)

   2008-11-07 00:54  mmakaay
	* Obfuscate mail addresses that are displayed by the bbcode module.

   2008-11-06 21:50  mmakaay
	* Fixed the fallback-to-pear-json option in the JSON API code.

   2008-11-03 05:50  brian
	* Fix for #805

   2008-10-31 19:33  mmakaay
	* Fixed the PHP json extension detection code in case the json API
	  code was loaded from within a function. The fallback PEAR JSON
	  library would not be triggered if the json extension was missing
	  in the PHP setup.

   2008-10-26 16:08  brian
	* Added ability to add a user from the admin. Thanks to Azumandias
	  for the initial patch

   2008-10-14 07:40  mmakaay
	* Fixed a problem in the phorum_api_file_store() function call,
	  which could cause storing a file with a message or user to fail.
	  This had no effect on the existing core Phorum code by sheer luck,
	  but when using the API call, things might go wrong, depending on
	  the order in which the file info fields were stored in the $file
	  argument.

   2008-10-06 10:13  ts77
	* removed "SET CHARACTER SET" query to solve some mysteries in
	  charset support (thanks to Chris who brought this up
	  [www.phorum.org] )

   2008-10-06 10:03  mmakaay
	* Fixed #806: possible XSS leak plugged. This was reported as a
	  security vulnerability, however we were never able to produce
	  anything more than broken HTML code. Since broken HTML code is not
	  good and because we are rather safe than sorry, this fix was
	  implemented.

   2008-10-04 08:55  mmakaay
	* Fixed "AND" based queries for
	  phorum_api_user_search_custom_profile_field(). Thanks to Phorum
	  user jjarvis98 for noticing the bug and to Azumandias for
	  providing the fix.

   2008-09-21 10:10  ts77
	* transferring template-arg through the urls (fixing #792), doesn't
	  work with search - essentially breaks search and needs checking
	  therefore

   2008-09-21 09:56  ts77
	* give a message about this being a moderated forum before
	  redirecting after posting (fixing #775)

   2008-09-02 12:13  mmakaay
	* Fixed the new release detection code. In the admin interface, new
	  releases were not detected by the "Check For New Version"
	  function.

   2008-09-01 09:55  mmakaay
	* Fixed #797: Undefined offset: 0 in api.php in case the message
	  started with a stale BBcode close tag. Thanks to Alexey Torkhov
	  for the problem report.

   2008-09-01 09:37  mmakaay
	* Fixed #796: Undefined index "mod_bbcode_tags" in BBcode module.
	  Thanks to Alexey Torkhov for the heads up.

   2008-09-01 07:41  mmakaay
	* Fixed the classic index style (directory browsing mode) for the
	  classic 0.4 template. It did not yet reflect a change in the
	  datastructures that we use for the index page in Phorum 5.2,
	  causing folders to not show up in that view.

   2008-09-01 06:33  mmakaay
	* Fix for #795: BBcode module needs to explicitly include api.php to
	  define the constants that are used in the settings page. Thanks to
	  Alexey Torkhov for the heads up.

   2008-08-27 12:57  ts77
	* building the list of forums to move a thread to in the same way as
	  the list of forums in the search form (fixing #729, thx to Oliver
	  Riesen)

   2008-08-27 10:09  mmakaay
	* Fixed #784: missing terminating ] for character class in
	  http_get.php.

   2008-08-23 18:31  mmakaay
	* Fixed #776: phorum_api_user_save() sets the password to "*NO
	  PASSWORD SET*" when calling the function twice (first time to
	  create a user, second time to update, both calls without using a
	  password in the user data). Thanks to Alexey Torkhov for finding
	  and reporting the issue.

   2008-08-22 22:55  mmakaay
	* Fixed #787: BBcode module: end of message end tags for some bbcode
	  tags were not processed correctly. The tag and the text that came
	  before the tag were duplicated at the end of the rendered message.

   2008-08-22 21:21  mmakaay
	* Added "@" as a safe character for the quoted printable encoding
	  requirement check. Otherwise, every mail address will be quoted
	  printable encoded, even if there are no special characters in it.

   2008-08-04 17:57  mmakaay
	* Phorum3 script updated for the new phorum_db_file_save() call in
	  Phorum 5.2. Thanks to Simon King who posted the patch in our
	  support forums.

2008-07-22 07:23  mmakaay
	* Suppress output from the memcache cache layer for cases where
	  connecting to the memcached server fails. This prevents memcached
	  problems from breaking the page ("headers already sent".)
	  Additionally, the inline documentation was updated.

   2008-07-18 13:28  mmakaay
	* Fixed #772: possible corruption of serialized custom field data
	  (reported by Jonhoo).

   2008-07-15 18:11  brian
	* Fix for #731. Strip DESCRIPTION for search page

   2008-07-15 18:07  brian
	* moving the 5.2.x tags to the 5.2 dir

   2008-07-04 16:48  ts77
	* use display_name for reporter as suggested by Oliver Riesen
	  (fixing #761)

   2008-07-04 15:49  ts77
	* same date formatting in read templates as suggested by Oliver
	  Riesen (#749)

   2008-07-02 18:39  mmakaay
	* Fixed an incompatibility between file downloads with the "only
	  from this forum" restriction, in combination with URI
	  authentication. Before this fix, access for downloading the image
	  would be denied, even though the file was downloaded directly from
	  the forum. # Also a typo-fix-of-the-day change (learned that it is
	  "existent" :-).

   2008-07-01 14:30  mmakaay
	* Fixed a compatibility problem between the new BBcode module and
	  PHP versions prior to 5.1.0. The PHP function
	  htmlspecialchars_decode() is not available for those versions of
	  PHP. Thanks to Adam for noticing the problem and for providing a
	  work-around!

   2008-06-25 21:14  ts77
	* fixed undefined index in event_logger module (#748, reported by
	  Oliver Riesen)

   2008-06-25 21:07  ts77
	* stripped quotes from plain-text forum description as suggested by
	  Oliver Riesen (#743)

   2008-06-25 20:53  ts77
	* added line-height for thread options as suggested by Oliver Riesen
	  (#730)

   2008-06-25 20:20  ts77
	* made users tz_offset a float value for non-integer timezones

   2008-06-17 11:19  mmakaay
	* The "Force hiding of email addresses" option is now only
	  applicable to regular forum users. Administrators and moderators
	  can always see the email addresses of the users. For moderators,
	  this can be restricted by setting the PHORUM_MOD_EMAIL_VIEW
	  constant to false in include/constants.php. Some more fine grained
	  control for email address displaying will be added to Phorum 5.3.

   2008-06-16 10:15  ts77
	* quote anonymous authors with their name (fixing #744)

   2008-06-16 09:59  ts77
	* sort strictly by datestamp to get the recent_post (fixing #755)

   2008-06-16 09:32  ts77
	* added user's posts to edit screen (readonly), fixing #759

   2008-06-16 09:06  mmakaay
	* Another fix for #765: UTF-8 byte order markers at the start of
	  template files are now stripped by include/templates.php.

   2008-06-16 08:20  mmakaay
	* Fix for #765: catch the output of include files
	  (include/db/config.php, include/lang/* and
	  templates/*/settings.tpl) to prevent extra output like UTF-8 byte
	  order markers from breaking the pages.

   2008-06-13 18:28  ts77
	* case insensitive search for block tags in html module (fixing
	  #760)

   2008-06-05 00:21  mmakaay
	* Implemented some improvements for the Editor Tools module as
	  suggested by David King (phorum.org user "Optimal") and Oliver
	  Riesen. The behavior when adding tags using the buttons is now
	  much better. The textarea won't scroll up anymore if it is
	  scrolled downwards a bit and the text that was selected previously
	  to adding the tag will be reselected after adding the tag.

   2008-06-03 09:41  mmakaay
	* Fixed a bug in handling stale close tags that directly follow
	  another open or close tag. Thanks to CBiLL for the problem report.
	  The related error message was: Unsupported operand types in
	  [..]/bbcode/api.php

   2008-06-02 08:09  mmakaay
	* Fix for #762: moved pm_sent hook to always trigger the hook after
	  a sent PM. Before, it would not trigger if the PM mail
	  notification was disabled.

   2008-05-27 20:34  mmakaay
	* Improved handling of stale close tags in the text and fixed a PHP
	  undefined index warning along with it. Thanks to CBiLL for the
	  problem report.

   2008-05-25 22:58  mmakaay
	* MFT: # Undefined indexes fixed.

   2008-05-25 11:57  mmakaay
	* Added the conference 2008 rewrite release of the BBcode module to
	  the tree.

   2008-05-25 09:35  mmakaay
	* Added javascript_filter hook (for things like javascript
	  compression). Added a refresh=1 parameter for javascript.php to
	  let it ignore the cache.

   2008-05-19 15:51  mmakaay
	* The javascript.php script automatically loads the Ajax client
	  code, so modules can be sure that they can make use of it and
	  don't have to load it specifically. Templates can now contain a
	  "javascript.tpl", which is loaded in by the javascript.php code
	  automatically. This corresponds to the way that the CSS code works
	  (where you can create a "css.tpl").

   2008-05-13 03:51  ataylor
	* Added File Path block

   2008-05-08 15:00  mmakaay
	* Added a new API layer for handling JSON data (final goal: Ajax
	  layer)

   2008-05-08 14:56  mmakaay
	* Added a new API layer for newflags handling.

   2008-05-03 13:53  mmakaay
	* Backported the phorum_switch_template() function from trunk to
	  5.2. This new function makes it possible to switch the active
	  Phorum template to a template that is stored in any directory.
	  This is for example useful if a module includes a full Phorum
	  template, where the template is packaged with the module code.
	  With this new function, the Phorum can activate the module's
	  template without the need for the admin to copy the template to
	  the main templates directory.

   2008-04-29 16:41  mmakaay
	* Fixed #740: Mark read in folder (classic index) goes back to root
	  (thanks Oliver!)

   2008-04-29 16:03  mmakaay
	* Fixed #754: Display name filter was not included in pagination
	  (thanks Oliver!)

   2008-04-29 16:01  mmakaay
	* Fixed #738: problems with German help file for smileys module
	  (thanks Oliver!)

   2008-04-29 15:54  mmakaay
	* Fixed #757: Fixed typo in hook call for "posting_permissions"
	  (thanks Alexey)

   2008-04-17 15:24  ts77
	* use the correct default language for announcement conversion
	  (fixing #734)

   2008-04-03 08:42  mmakaay
	* Fixed #735: Added missing backslash in JavaScript code (thanks to
	  Oliver Riesen)

   2008-03-23 00:24  mmakaay
	* Fixed spam flagging by SpamAssassin for rule
	  SUBJECT_NEEDS_ENCODING. This prevents spam flagging of mail in
	  case the admin uses a name that contains special characters in the
	  "System Emails From Name" field. Encoding was implemented using
	  the Quoted-Printable description from RFC 2045.

   2008-03-21 11:25  mmakaay
	* Fixed spam flagging by SpamAssassin for rule FROM_BLANK_NAME
	  (From: contains empty name). This prevents spam flagging of mail
	  in case the admin did not fill in the "System Emails From Name"
	  field. This resulted in a header like: From: ""
	  <admin@example.com>

   2008-03-21 11:16  mmakaay
	* Fixed spam flagging by SpamAssassin for rule MSGID_FROM_MTA_HEADER
	  (Message-Id was added by a relay). This prevents spam flagging of
	  mail messages that are not sent for new message notification (for
	  those we already generated a Message-Id header).

2008-07-04 16:48  ts77
	* use display_name for reporter as suggested by Oliver Riesen
	  (fixing #761)

   2008-07-04 15:49  ts77
	* same date formatting in read templates as suggested by Oliver
	  Riesen (#749)

   2008-07-02 18:39  mmakaay
	* Fixed an incompatibility between file downloads with the "only
	  from this forum" restriction, in combination with URI
	  authentication. Before this fix, access for downloading the image
	  would be denied, even though the file was downloaded directly from
	  the forum. # Also a typo-fix-of-the-day change (learned that it is
	  "existent" :-).

   2008-07-01 14:30  mmakaay
	* Fixed a compatibility problem between the new BBcode module and
	  PHP versions prior to 5.1.0. The PHP function
	  htmlspecialchars_decode() is not available for those versions of
	  PHP. Thanks to Adam for noticing the problem and for providing a
	  work-around!

   2008-06-25 21:14  ts77
	* fixed undefined index in event_logger module (#748, reported by
	  Oliver Riesen)

   2008-06-25 21:07  ts77
	* stripped quotes from plain-text forum description as suggested by
	  Oliver Riesen (#743)

   2008-06-25 20:53  ts77
	* added line-height for thread options as suggested by Oliver Riesen
	  (#730)

   2008-06-25 20:20  ts77
	* made users tz_offset a float value for non-integer timezones

   2008-06-17 11:19  mmakaay
	* The "Force hiding of email addresses" option is now only
	  applicable to regular forum users. Administrators and moderators
	  can always see the email addresses of the users. For moderators,
	  this can be restricted by setting the PHORUM_MOD_EMAIL_VIEW
	  constant to false in include/constants.php. Some more fine grained
	  control for email address displaying will be added to Phorum 5.3.

   2008-06-16 10:15  ts77
	* quote anonymous authors with their name (fixing #744)

   2008-06-16 09:59  ts77
	* sort strictly by datestamp to get the recent_post (fixing #755)

   2008-06-16 09:32  ts77
	* added user's posts to edit screen (readonly), fixing #759

   2008-06-16 09:06  mmakaay
	* Another fix for #765: UTF-8 byte order markers at the start of
	  template files are now stripped by include/templates.php.

   2008-06-16 08:20  mmakaay
	* Fix for #765: catch the output of include files
	  (include/db/config.php, include/lang/* and
	  templates/*/settings.tpl) to prevent extra output like UTF-8 byte
	  order markers from breaking the pages.

   2008-06-13 18:28  ts77
	* case insensitive search for block tags in html module (fixing
	  #760)

   2008-06-05 00:21  mmakaay
	* Implemented some improvements for the Editor Tools module as
	  suggested by David King (phorum.org user "Optimal") and Oliver
	  Riesen. The behavior when adding tags using the buttons is now
	  much better. The textarea won't scroll up anymore if it is
	  scrolled downwards a bit and the text that was selected previously
	  to adding the tag will be reselected after adding the tag.

   2008-06-03 09:41  mmakaay
	* Fixed a bug in handling stale close tags that directly follow
	  another open or close tag. Thanks to CBiLL for the problem report.
	  The related error message was: Unsupported operand types in
	  [..]/bbcode/api.php

   2008-06-02 08:09  mmakaay
	* Fix for #762: moved pm_sent hook to always trigger the hook after
	  a sent PM. Before, it would not trigger if the PM mail
	  notification was disabled.

   2008-05-27 20:34  mmakaay
	* Improved handling of stale close tags in the text and fixed a PHP
	  undefined index warning along with it. Thanks to CBiLL for the
	  problem report.