Serendipity - News
Additional news regarding the ongoing development of Serendipity, can be found in the NEWS-file of our CVS-Repository
Dezember 2nd, 2004 - Serendipity 0.7.1 Maintaineance Release - www.s9y.org up again
The Serendipity team is happy to announce the immediate availability of a maintaineance release of Serendipity 0.7.1.
This release only fixes three little issues:
- The captcha plugin may on certain system not create enough "randomness" to the string displayed in the graphic
- Fixed a possible cross site scripting vulnerability. Thanks to Stefan Esser for reporting this issue.
- Entries to be published in the future could be accessed by their future URL before being shown on the mainpage.
Upgrading from any version to 0.7.1 is very easy: Just extract the files of our release into your existing directory, open your blog and the automatic upgrader will do the rest. Creating a backup before is still a good idea for any software, though.
For users who want to easily patch their 0.7 release, you only need to copy over those files:
Meanwhile we are heavily working on our upcoming 0.8 release, which already has a huge list of changes (http://cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/docs/NEWS?view=markup).
We are also happy to announce that finally the DNS issues of www.s9y.org are resolved, and the ressource is up and running again. For the future, a backup DNS name 'www.s9y.info' is available.
the Serendipity Team
November 24th, 2004 - DNS downtime
As some of you may have noticed, we had (and still have) serious issues with our DNS to www.s9y.org. Since the administrative contacts of that domain are still struggling, in the meantime you can use the adress http://www.s9y.info (and in case that should be down, you can try to fallback to http://184.108.40.206).
Sorry for the caused inconvenience!
Garvin, on behalf of the s9y-Team
November 8th, 2004 - Serendipity 0.7 Release
The Serendipity team is happy to announce the immediate availability of Serendipity 0.7.
Serendipity is a PHP-powered weblog application, aiming at giving you an easy way to maintain your own individual diary or personal homepage.
The development of Serendipity is based upon offering a flexible, expandible and easy-to-use framework. We use a sophisticated Plugin architecture, affecting both the appearance of your blog and its core features. It ships with a variety of plugins (31 bundled with the distribution) to plug-and-play with your blog.
Wordpress/Textpattern users might favor Serendipity because of its vast functionality and flexible expandability without the hassle to edit core files. Moveable-Type users might appreciate the fact of our BSD-style licensing and the speed and functionality of dynamically generated pages.
Serendipity offers all of the following features and many more:
- Image and File-Asset-manager
- multiple users
- threaded comments, comment+trackback moderation
- nested categories, post to multiple categories
- XML-RPC interface to Blogger and MT-API
- powerful Plugin API to both affect custom sidebar items as well as 'event hooks' to trigger any kind of custom functionality nearly anywhere inside Serendipity
- dynamic page generation with 'pretty URLs'
- track- and pingback autodiscovery,
- multiple database support (MySQL, MySQLi, PostgreSQL, SQLite)
- can be used as shared library to host multiple blogs
- effective anti-spam-measurements (automoderation, captchas, ...)
- Skinable via structured CSS-elements
- Standards compliant: XHTML, CSS2, RSS 0.93/1.0/2.0, Atom 0.3, Conditional get support for XML-Feeds
- Flexible input: Choose between entering HTML, Textile, Wiki and/or BBCode markup, even for user-made comments
- Can import RSS-feeds to ease up migration
- Easy upgrading and updating without having to mangle with SQL-files
- Internationalization (German, English, Danish, Czech, partially: French, Dutch, Portuguese ...) - easy language addition/translation
- Open Source license: BSD-style
To wrap it up: Serendipity can do anything you want to get done with a blog, as easy as that. If you want more information, visit our Wiki on http://www.s9y.org/.
The latest 0.7 release vastly improves the featurebase of Serendipity.
A complete list of changes for this release can be found in our NEWS file, located in our CVS Repository. Here are the most important changes since 0.6:
- Threaded comments (viewmode can be toggled by the visitor), comment+trackback moderation
- Post to multiple categories
- Nested categories
- Configuration in native language of the blog, uses your Browser's language settings for auto-detection
- Multi-User interface with three userlevels: ADMIN, CHIEF-EDITOR and EDITOR. Assign entries and categories to individual users.
- Categories can have icons associated to them
- Image manager can now handle other file formats and subdirectories
- Redesigned admin interface for editing entries, searching/filtering entries now possible
- MySQLi and SQLite support
- iconv engine will be used for UTF-8 conversion, where available
- All core images can now be altered via the templating mechanism
- NEW serendipity_event_spamblock: Many anti-spam measurements, including captchas and link-checking.
- NEW serendipity_plugin_remoterss: Embed a foreign RSS or OPML-bloroll feed within your blog
- NEW serendipity_event_karma: Per-Entry uservoting, per-entry clickstatistics
- NEW serendipity_event_entrylinks: Show incoming/outgoing links for the detailed article view
- NEW serendipity_event_blogpdf: Export your full blog, a specific article, a specific category or a whole month to PDF
- NEW serendipity_event_livesearch: Enhances the Quick Search? to show the results of the search on-the-fly
- NEW serendipity_event_searchhighlight: Highlights words of your entries for visitors which were refered from searchengines like Google, MSN, ...
- NEW serendipity_event_spamblock: Basic spam protection for comments, can be enhanced easily for your own filtering code.
- FIXED serendipity_event_trackexits: Can no longer be misused to track statistics of foreign links sent to exit.php
- FIXED serendipity_event_bbcode: Can now pretty-print code/php blocks
- HTML Nuggets can be configured to only show up in article overview, article detail or both
- Plugin API: Plugins can register the event-hook 'external_plugin' to spawn individual content outside of the blog layout (see livesearch/blogpdf plugin)
- Plugin API: A sidebar plugin can now return false to instruct the plugin API to NOT display the item on a sidebar. Allows optional sidebar plugins to be only shown on specific parameters.
- Plugin API: Allow each sidebar plugin to get individual CSS classes
- Plugin API: Defaults for configuration values now possible
- Fixed possible SQL injections [fixed in 0.7-beta2]
- Fixed possible HTTP response splitting [fixed in 0.7-rc1]
- Verbose trackback-autodiscovery output after posting an entry
- Better RSS import (toggle draft state, category association)
- Improved XMLRPC API
- RSS UTF-8 compatibility for blogs using UTF-8 as their main charset
- Some minor issues for full Windows-Server compatibility (strftime, ...)
- Fixed wrong proportions when resizing small images
- Better default file permissions
- Fixed HTML generation for trackback discovery when using Wiki-Markup
- More XHTML 1.1 compatibility
- An entries' Last Modified timestamp will get updated if a comment is made to it, but only if the article is newer than 7 days.
- Trackback autodiscovery will only fetch files smaller than 150kb to preserve bandwidth
- Missing entity encoding for blogtitle/subtitle for RSS feeds
- "Pretty URL generation" will now seperate words using '-' instead of '_' for better indexing
- Added detection for support of 'php_value' directives so that no 'Error 500' are generated.
- Fixed some PostgreSQL issues.
- Pagination for multiple pages for categories/search results/entries now works properly.
- The RSS guid has changed to not contain the entry title, so that RSS Clients will not toggle an item as updated when only the title has changed. This change may mark all your RSS feed's entries as unread once after upgrading.
- Make use of Rewrite Base to properly activate mod_rewrite.
- Portugues (brasilian)
TEMPLATES / CSS:
- New Templates: mt3-chalkboard, idea, mt-rusty
- New CSS Class: .serendipity_msg_important, .serendipity_msg_notice for status messages
- New CSS Class: Now each sidebar plugin item will get a CSS class name added to the default "serendipitySideBarContent" one, which is called 'sidebar_wrap_', 'sidebar_title_', 'sidebar_content_' and then the original class name of the plugin appended. I.e.: 'sidebar_wrap_serendipity_html_nugget_plugin'. This allows special customization of any individual sidebar item.
- New CSS Class: .serendipity_comments for the comments block on full article view
- New CSS Class: .serendipity_admin_filters, .serendipity_admin_list_item_even, .serendipity_admin_list_item_uneven for the browse facility in administration-entries area
- New CSS Class: .serendipity_entryIcon for an image that can be assigned to each article of a certain category
- Calendar's CSS code is better structurized
The next version is already in active development. 0.8 already adds:
- theming flexibility by fully utilizing Smarty for all frontend HTML code,
- cache entries with their full markup (via plugin)
- better filesystem structure with more subdirectories
- support of "JustBlogIt" Extension
- SURBL Anti-Spam measurement
- Quicksaving entries, immediate file upload when creating an entry
- more flexible archive summary pages
- native WordPress/MoveableType import
- private/member/public entries
- sticky postings
And of course there's even more to come as we wade through the list of feature requests and user suggestions! Our ears are open for listening to our users...
HOW TO UPDATE:
The update from a previous Serendipity release is easy: Download the latest distribution, unpack it to your existing folder, open the Admin panel of your blog, say hello to our update script and let it do its work. And then you're done! To be on the safe side, we suggest to make a backup of both your files and database before.
If you want to upgrade from a different blog application like Word Press or Moveable Type, you can use the RSS import facility to preserve your entries. Look at our Wiki on http://www.s9y.org/53.html to see instructions.
October 21st, 2004 - Serendipity 0.7 Release Candidate 1, Security Fixes
Before the final 0.7 version will be released, we have created an intermediate release, which fixes a security issue concerning HTTP Response Splitting. The bug was discovered by Chaotic Evil? - thanks for contacting us, so that we could fix this issue.
Users are urged to easily upgrade their Serendipity installation, even though the exploit is not so easily performable.
The 0.7 release will be out later this month, with hopefully no more changes to this release.
On behalf of the s9y-Team,
October 14th, 2004 - Serendipity Release / 0.7-beta4
Garvin has bundled beta4 of the upcoming 0.7 release that is waiting for you to download. Here's what has changed since -beta3:
- Fixed two mod_rewrite rules to properly redirect to categories/archives pages without falling back to apache's Errorhandling
- Some SQL fixes for postgreSQL and SQLite for the entries pagination footer, index key creation and statistics plugin
- RSS Import: New option 'full body only', so that imported RSS contents can be forced to only show up in the full body.
- Extend filter in commment moderation to allow the user to select which types of comments he wants displayed "All", "Only approved", "Need approval".
- Upgraded Spam Protector event plugin. Optionally:
- Use Captchas - images with string sequences which a user has to enter before his comment is accepted.
- Restrict captchas to entries older than X days.
- Auto-moderate comments to entries older than X days.
- Auto-moderate comments depending on their amount of contained links.
- Reject comments depending on their amount of contained links.
- Able to log rejected/moderated comments to a plaintext file.
- Fallback method for non-gdlib-enabled hosts.
Feel like being fresh? Grab a copy!
October 3rd, 2004 - Wiki-engine-update
As you can see, s9y.org looks slightly different. I've just upgraded from the last (one year old) release version of coWiki to CVS-HEAD, since the old version required a PHP5 beta, which is uncool. If you notice something weird or even broken - tell me: firstname.lastname@example.org
September 21th, 2004 - Serendipity Maintenance Release / 0.7-beta3
Thanks to a considerate Serendipity-user, aCiDBiTS, we have been informed of a security issue related to Serendipity. Some missing validation of specially crafted variables could possibly lead to SQL injections.
We have fixed this issue in our latest 0.7-beta3 release, which has been made available today. Because of several changes since version 0.6-pl3 of Serendipity, it is not possible to offer an easy patch for older releases.
The Serendipity Team therefore STRONGLY advises you to update to the 0.7-beta3 release immediately, in order not to endanger any contents of your Blog. Even though this release is entitled "beta" we did not receive any serious bug reports, and the developers themselves have used this version in production for quite some time. Thus we do favor this beta release in terms of stability and security.
Updating from older versions of Serendipity is easy: Unpack the downloaded archive to your existing Serendipity directory, open your Blog page via HTTP and follow the automatted on-screen instructions. See Installation Docs for detailed instructions. If you need further information or have questions to ask, please contact us
Of course, upgrading to our latest 0.7 release will allow you to use the many cool new features of Serendipity. Go, explore, and have fun!
Other Changes since the last 0.7-beta1 release are:
- PostgreSQL compatibility (quicksearch, comment moderation) and bug fixes
- Updated XML-RPC API
- Fixed exit tracking with SQLite
- Wrong entry count in footer
- Updated translations, added Italian and Norwegian
September 9th, 2004 - Serendipity and Smarty support
After creating the 0.7 beta release of Serendipity, we have feature-frozen that branch and will be bundling the final release in about 2-3 weeks, after having gone through your reports about using the beta-release.
But being always inventive, we are currently in the process of integrating Smarty-Templating support to Serendipity. A seperate CVS-branch has been created for that effort and initial groundwork is already committed.
Volunteers to help us in migrating the code to Smarty templates are welcome to take Serendipity to the next level of blogging applications. Feel free to contact us on our Mailing List!
June 20th, 2004 - Serendipity v0.6-pl3 released
The Serendipity team is happy to announce the immediate availability of Serendipity 0.6-pl3.
This version fixes a bug caused during installation of Serendipity, which may create an endless loop of HTTP connections on certain server setups.
Some other minor issues have also been fixed: The XML-RPC ping service plugin has a recent list of available pinging-services and the WYSIWYG-editor has a better way of relative HTML-anchor rewriting in Internet Explorer?.
Upgrading from a previous 0.6 or 0.5 version is easy, as usual: Just copy the files to your Serendipity directory, open the URL to your blog and let our automatic upgrade process do it's work.
Meanwhile our work on the upcoming 0.7 release is making huge progress, you might want have a CVS-snapshot testdrive with vastly improved multi-user authoring, nested categories, post to multiple categories and some new nifty plugins!
June 13th, 2004 - GMail invitation contest
Since s9y.org lacks an original design, and we want the default theme for s9y redesigned, I'll offer a free GMail invite to whoever supplies us with a great layout. We need a template for coWiki (s9y.org is powered by coWiki) and a s9y template. It should be a CSS-only design (check out csszengarden.com if you don't know what I'm talking about). So, be creative and send screenshots of your ideas to:
June 7th, 2004 - Feature upgrade
The latest CVS (snapshot will be updated tomorrow) now allows to post to multiple categories, have nested subcategories and also displays threaded comments. If you are tough enough, please consider to try this version (backup first, of course) and give us some feedback. :-)
Major thanks to Evan Nemerson for making this possible!
June 3rd, 2004 - Server back up
Due to a relocation of this server s9y.org was unreachable since tuesday afternoon. It's now at it's new location and should be up and running smoothly.
May 24th, 2004 - Serendipity v0.6-pl2 released
The Serendipity team is happy to announce the immediate availability of Serendipity 0.6-pl2.
This version fixes a security vulnerability for webservers having set the PHP directive 'register_globals' to 'On'. If you run a webserver with such a configuration, you are advised to update your Serendipity installation immediately, as this issue has also existed in previous Serendipity releases.
To take immediate precautions you are advised to set register_globals to 'Off' for your Serendipity installation (this setting is the default for PHP versions above 4.1.0). Edit your .htaccess file and insert this:
php_value register_globals Off
Note that this only works if you run the Apache-PHP module and the Allow Override? inside the Apache configuration is set to allow your actions.
The current CVS-HEAD version has been patched today morning for that fix, so users running that version are advised to updated their CVS-sandboxes as soon as possible.
Thanks to Frog-Man of phpSecure for reporting this issue.
May 15th, 2004 - Serendipity v0.6-pl1 released
This is a patch release to the 0.6 version. It solely fixes a bug with not referencing received trackbacks to the right entry id and a bug inside the Create Commons? plugin.
You can safely unpack this release to your 0.6 (rc1/rc2/final) version directory. The only modified files are: serendipity_functions.inc.php, comment.php, NEWS and plugins/serendipity_event_creativecommons/serendipity_event_creativecommons.php.
May 12th, 2004 - Serendipity v0.6 released
The serendipity development team is proud to announce the final release of Serendipity 0.6.
Upgrading from the previous release candidates or a 0.5 version is easy and painless: Just extract the files into your s9y directory and overwrite changes (if you haven't made your own changes); the automatic installer will take care of the rest for you.
Some more compatibility issues and fixes have been made since the last release candidate. Most important of them are the installer-timeout bugfix, a PostgreSQL compatibility issue and corrected RSS feeds.
The detailed fixes since rc2 are:
- Creative Commons plugin bugfix (wrong 'non-commercial' case) (garvinhicking)
- Fixed wrong doctype header (garvinhicking)
- Fix %e date issue on windows systems. (garvinhicking, tomsommer)
- Fix serendipity_makefilename() to replace some more foreign characters (garvinhicking)
- Shoutbox plugin bugfix (errors using '%' in shouts) (garvinhicking)
- Error with non-absolute image paths in RSS feed (garvinhicking)
- Fixed installer problems timeouting (garvinhicking)
- Removed possible error message about session_start for categories admin page (garvinhicking)
- Fixed postgresql limit error when browsing pages (garvinhicking)
A full list of changes can be found in the distributed NEWS file or by browsing to the announcements of -rc2 and -rc1 below.
Work on the current head CVS version (experimental) has already begun and introduced an advanced and flexible multi-user interface as well as other new features and new plugins.
April 26th, 2004 - Serendipity v0.6RC2 released
The serendipity development team is proud to announce the second release candidate of Serendipity 0.6.
Upgrading from the first release candidate and later upgrading to 0.6 final is easy and painless: Just extract the files into your s9y directory and overwrite changes (if you haven't made your own changes).
A few glitches have been fixed since the first release candidate. Most important is the ability to use foreign charsets like Czech. Also the plugin configuration will now correctly remember and set options. The WYSIWYG-editor has also been updated to work on more environments.
Here's a more detailed list:
- Language Charset Header are now used throughout s9y which make it completely internationalization compatible
- German translation fix
- Upgrader kills the current session for possible changes inside session data on upgrade
- Fixed wrong comparison operator - bug reported by Tom, where nl2br plugin has "reversed" logic.
- Fixed textile plugin not enabled by default after adding it as a plugin
- Comments plugin now correctly wordwraps
- Fixed wrong HTML links for WYSIWYG-editor in Internet Explorer
- Fixed htmlentites acceptance for foreign language entry titles
- Relaxed dependency on WIKI plugin, if the inclusion fails.
- PostgreSQL SQL update files
- Better detection of serendipityPath variable
- Adjustable WYSIWYG-language for foreign languages
- Fixed special characters for WYSIWYG-htmlarea.css file
- Fixed WYSIWYG-editing error for HTML Nugget plugin
- newline fixes inside the files (cosmetic issues)
For a list of news in -rc1, see below.
April 4th, 2004 - Serendipity v0.6RC1 released
The serendipity development team is proud to announce the first release candidate of Serendipity 0.6.
Even though the s9y team is not aware of any serious outstanding bugs, it is recommended to test this release in a non-production blog. If no bugs are discovered (as is expected ;-) the final version will be available a short time later.
Work has already begun on 0.6.1-CVS, where bleeding-edge users can take a look at improvements in the multi-user interface.
Upgrading is easy thanks to the new upgrade script. Just extract files in the directory of your s9y blog and access the page, and you will be guided through the following steps. A detailed explanation can be found in our README file.
If you face any problems or bugs with this release, please report them on our developer's mailinglist, hosted at Source Forge?.
Now the good stuff - This new release adds several major feature improvements:
- Plugin architecture allows Events/Callback functions for several actions. Integrated examples are: HTML Validation preview, Template change for users, Send entries via E-Mail, XML-Pingbacks, Creative Commons licensing, Statistics-panel for your entries/comments
- Serendipity can now be used for shared/virtual hosts by sharing the core files and only deploying some dummy-files to access a blog. Let's you operate X different blogs with one single installation, but leaving each blog operate independently, with plugins/templates applicable per-blog.
- Markup Event plugins to allow BBCode, Wiki and/or Textile markup.
- Emoticons can now be controlled as a plugin.
- Several new templates (Moveable Type imitations, Mozilla Modern Tribute), per-template smilies
- Improved image manager: Sorting by date/filesize/filename, items per page, specify upload filename, resizable window
- Improved the WYSIWYG-Editor (htmlarea) to a new version, integrated the s9y image manager.
- Preview mode for comments made by users
- Conditional GET logic for RSS feeds (allows caching)
- Support WFW:CommentAPI to post comments via RSS-Aggregators like RSS-Bandit
- New language: Danish
There are also minor bugfixes:
- Fixed installer on non-standard HTTP-Ports and better react to encountered errors
- Relaxed file permissions to allow better access to FTP users.
- XHTML-compliance fixes for both back- and frontend
- Fixed mod_rewrite rules to allow browsing the calendar
- Different charsets for languages (no more ISO-8859-1 enforcing), locale-support for formatting datestamps
- Fixed invalid XML for RDF trackback:ping
February 14th, 2004 - Serendipity v0.5-pl1 released
The serendipity development team is proud to announce the availability of Serendipity 0.5-pl1.
This is a maintenance release for the 0.5 version, which fixes some minor bugs. Most important fix is that the 0.91 version RSS feed was not working in the 0.5 release.
Some installation issues were corrected and it is now no more possible to access draft entries from your blog.
Just copy over the files into your existing 0.5 installation, no more configuration or database issues are affected. The only files modified are serendipity.css.php, serendipity_admin.php, serendipity_admin_entries.inc.php, serendipity_admin_installer.inc.php and serendipity_functions.inc.php.
February 6th, 2004 - Serendipity v0.5 released
The serendipity development team is proud to announce the availability of Serendipity 0.5.
Other new features include Autologin, Atom 0.3 feeds, pinging weblogs (weblogs.com, blo.gs, blogrolling.com, technorati.com, blogg.de, yahoo), PostgreSQL bugfixes, Spanish translation, Bugfixes for sent mails by your blog and some other fixes (see Change Log?).
This release requires no DB layout upgrade if you migrate from 0.4 to 0.5. Making a backup of your files and then copying the files of this release over is all you need. After that you should enter the configuration page of your blog and see to change the new options ('rewrite', 'ping blogs') to your preference.
December 12th, 2003 - Serendipity v0.4 released
Serendipity 0.4 has been released. Go grab it now!
October 6th, 2003 - Serendipity v0.3 released
Here we go, the release is there! Fetch serendipity-0.3.tar.gz at Sourceforge
September 9th, 2003 - Serendipity goes Wiki