News from the Top

New Features

• Administration: Added confirmation dialogs for deleting posts individually or via a batch
• Administration: Super Admins can view a user’s login history via the user’s profile
• Administration: The moderator who banned/unbanned a user is saved to the user profile, in addition to a timestamp, to facilitate tracking
• Administration: Unban requests are now also sent to the moderator who banned the user
• Display: There are now .error and .message classes for displaying errors and messages inside a form (Check out the “My Account” area to see how they apply)
• My Accounts: New ESO2 field
• Posting: Now checks for common shock images and filters them out
• User: New password recovery system requires the user to click on a link in the initial email in order for the password to be actually reset
• User: Added login history support. A User’s last 5 unique IPs and their most recent logins are now saved to the user’s profile

Changes

• Administration: lib_users is now loaded as a standard library in admin.cgi
• Administration: EMails registered to existing accounts that fail the new validation rules are grandfathered
• Display Thread: (id: ...) tags not displayed if the screenname and username is the same case insensitive wise
• Gatekeeper: Removed old trip-wire for people who tried to access EEH’s staff forum using a leaked password
• Misc: Updated constant for message fields so they really represent what they say they are
• Misc: Removed obsolete function EncodeUserName (Used in the first forum mod(!) to encode the IP into the username field in messages)
• Misc: The default permissions for user profiles has been updated so Zope can read them
• Misc: Removed BANINFO code as better systems have taken over
• My Accounts: Passwords now must be at least 6 characters long without any limits on how long the password could be
• My Accounts: Field length validation now silently truncate fields that are too long instead of throwing an error
• My Accounts: Error messages now show up in the form instead of on separate page
• My Accounts: Personal URL is now validated to make sure it’s a valid URL for Web servers only (http/https)
• My Accounts: Display Names are now subject to validation tests (whether the name already exists as someone else’s display name or username, must only be 6-24 characters long, and also other username validation and censor checks)
• My Accounts: When a user changes his/her email, the email will be processed through the same validation process as registration.
• My Accounts: Password changes will not require the user to re-log into the forums
• My Accounts: if Email Verification is required and the email address was changed, the user will be forwarded to the forum index if the change was sucessful, or back to the change form, with the error message displayed on the form
• My Accounts: The wording on the Signature page describing what’s allowed and not allowed has been updated
• My Accounts: Profile changes now return you to the profile page
• My Accounts: Profile login errors now display the error on the login form
• My Accounts: The ICQ field now has a new validation check – the ICQ number must be at least 100000
• My Accounts: Login History added to main profile page
• Posting: The Attribute ‘expr=’ is now filtered out to prevent javascript from being executed
• Registration: Character sequence checks now start at triples and up (i.e. ‘banana’ now passes this test)
• Registration: Hostname check skipped if hostname is empty (unresolvable)
• Registration: Wording updated to reflect username restrictions (length and type of characters allowed)
• Registration: Usernames now must be at least 4 characters long, up to a maximum of 16. Previously the minimum length required was 2 characters.
• Registration: The short hostname check has been removed – it gave way too many false positives on possible proxies
• Registration: Shawcable users are exempt from the IP->username check as Shawcable forces their users to view websites through their proxies
• Registration: Registration logs now have a new field that indicates whether a registration was OK (‘OK’) or if it was rejected (‘BANNED’)
• User Preferences: Preference changes now return you to the preference screen with a “save successfully” message (before it sent you to the forum index)
• User: Moved login / logout logs to a centralized location

Bugfixes

• Administration: A missing parenthesis in the javascript prevented any javascript-based functions from functioning
• Administration – User Editor: The user index is now updated when a user is banned or his/her staff/vip title changes
• Administration: Banning a user returned a bug that resulted in the action being omitted from the user ban log
• Cookies: Cookies are now URL Escaped (i.e. ’ ’ => %20)
• Display Thread: Fixed bug where a stickied thread was also labelled as a closed thread
• Display: Font size was too big in error messages using the new .error CSS class
• Display Profile: Removed extraneous ; that shows up in the HTML when viewing a profile in admin mode
• Display Thread: Removed extraneous ); that made it into the HTML
• Display Thread: Individual URLs for posts replaced by ‘0’
• Misc: Typos caused initialization routines not to be run, disabling registration, profile changes, recovery, etc.
• Registration: Typo in failed_reg logger resulted in the omission of the severity score from the entry
• Registration: Typo caused rejection message to FMT to be truncated
• Registration: Typo caused the browser agent to be omitted in alert emails
• Registration: Inserted linebreak between UserName label and textbox
• Registration: User index wasn’t updated after a banned/closed account was registered
• User: Bug in update_login_history caused subsequent userprofile writes to wipe out the login history
• User Preferences: Changes to user preferences now also affect the preferences currently loaded in memory