written by Bryan Loniewski.
- Use Special Folder Color config option works again (#931956).
- In POP3-class, be more liberal regarding RFC-incompliant POP3-servers.
- - Disabled Korean extra functions, because they don't provide all required
- options and message composition is broken.
- Added Basque translation support.
- Remove flag buttons / links from display if mailbox doesn't allow it.
- Make used of cached ordered uid list in case of server_side_sorting.
- Give proper error when PEAR DB not found.
- Remove inappropriate strip_tags() from add-to-addressbook (#968475).
- Prefs caching didn't work properly with register_globals off (#995102).
+ - Security: fix SQL injection vulnerability in addressbook
+ (CVE ID: CAN-2004-0521).
+ - Removed html_top and html_bottom hooks. No longer used/needed.
+ - Added "trailing text" for options built by SquirrelMail (text placed
+ after text and select list inputs on options pages)
+ - Custom option page values now repopulate correctly
+ - Added "no focus" option for compose page in display preferences (setting
+ reply focus to "No focus" also affects composing new messages)
+ - Current hook name is now globally available when running a hook ($currentHookName)
+ - Fix bug when Saving to Draft folder that contains special characters.
+ - Added size limit to signatures saved in file backend. Created error_option_save
+ function, that allows sending error message to options page. Thanks to Martynas
+ Bieliauskas for spotting big signature "option".
+ - Make SquirrelSpell work with safe_mode enabled, if using PHP >=4.3.0.
+ Patch by Ray Ferguson.
+ - Make IP-address in Message-ID RFC822 compliant.
+ - Uneditable address book entries no longer have checkboxes on addresses page.
+ - Alignment of title text above folder list fixed.
+ - Changed structure of xtra_code functions that are used by some translations.
+ - Added Uighur language support.
+ - Added status bar to compose window when "Compose In New Window" is used.
+ - Reenabled the move_messages_button_action hook and changed its name to
+ mailbox_display_button_action to promote the new location
+ - Making delete button, when viewing a message, consider which page was viewed
+ before.
+ - $agresive_decoding configuration option changed to $aggressive_decoding.
+ Fixed spelling.
+ - Added $lossy_encoding option (provides fix for #806698)
+ - Reenabled use of $default_charset option. Option works only with en_US
+ translation in order to prevent language/charset misconfiguration.
+ - Fixes for nonpopulation of folder lists and errors when emptying the trash
+ (provides fixes for #1019185 and #1017941)
Version 1.5.0
--------------------
can enable it by setting variable in plugins/spamcop/setup.php
- Fix again for Internet Explorer's stupidity of decoding characters, then
executing it blindly. See http://www.securityfocus.com/archive/1/340118.
- - Replaced obsolate 2mbit.com RBL with ahbl.org RBL. Bug.No.829887
+ - Replaced obsolete 2mbit.com RBL with ahbl.org RBL. Bug.No.829887
- Added a sitewide override for authenticated SMTP - see authentication.txt.
- Fixed sorting of sent_subfolders.
Sent_subfolder plugin is hooked to special_mailbox hook.
- Correctly fold encoded header lines.
- Fix prefs caching not working correctly in PHP 4.3 caused by a stupid
version checking mechanism.
- - Fix XXS hole that allowed JavaScript execution by sending someone
+ - Fix XSS hole that allowed JavaScript execution by sending someone
an email with specially crafted headers. Thanks Jason Munro, and
Masato Higashiyama.
projects / squirrelmail.git / blobdiff