path: root/HISTORY
diff options
Diffstat (limited to 'HISTORY')
1 files changed, 2472 insertions, 0 deletions
diff --git a/HISTORY b/HISTORY
new file mode 100644
index 00000000..88bf58dc
--- /dev/null
@@ -0,0 +1,2472 @@
+Change notes from older releases. For current info see RELEASE-NOTES.
+= MediaWiki release notes =
+Security reminder: MediaWiki does not require PHP's register_globals
+setting since version 1.2.0. If you have it on, turn it *off* if you can.
+== Changes since 1.5 ==
+* (bug 2885) More PHP 5.1 fixes: skin, search, log, undelete
+Code quality:
+* Use strval() to make sure we don't accidentally get null on bad revision
+ text loads or other fields mucking up XML export output
+* Clean up duplicate code for selection of changeslist style
+* Correct blob caching to reduce redundant blob loads on backups
+* (bug 3182) Clear link cache during import to prevent memory leak
+* Fixed possible infinite loop in formatComment
+* Wrap message page insertions in a transaction to speed up installation
+* Avoid notice warning on edit with no User-Agent header
+* (bug 3649) Remove obsolete, broken moveCustomMessages script
+* Avoid numerous redundant latest-revision lookups in history
+* Require PHP 4.3.2 or higher strictly now.
+* Tweak infinite-template-handling loop for PHP 5.1.1 string handling change
+* Remove unused OutputPage::addCookie()
+* Fix for short_open_tag off again; please don't break this, guys
+* (bug 4507) Adjust FULLPAGENAMEE escaping to standard form
+* (bug 5302) Merge the two #p-search .pBody statements in monobook css.
+* Finally dropped MySQL 3.23.x support
+* Oracle support
+* (bug 3056) MySQL 3 compatibility fix: USE INDEX instead of FORCE INDEX
+* Update all stats fields on recount.sql
+* (bug 3227) Fix SQL injection introduced in experimental code
+* Fix table prefix usage in Block::enumBlocks
+* (bug 3448) Set page_len on undelete
+* (bug 3506) Avoid MySQL error when Listusers returns no results
+* Skip update of disused 'rc_cur_time' field (todo: discard the field)
+* (bug 3735) Fix to run under MySQL 5's strict mode
+* (bug 3786) Experimental support for MySQL 4.1/5.0 utf8 charset mode
+ NOTE: Enabling this may break existing wikis, and still doesn't
+ work for all Unicode characters due to MySQL limitations.
+* MySQL 5.0 strict mode fix for moving unwatched pages
+* Ability to set the table name for external storage servers
+* Update ipblocks table in MySQL 5 table defs
+* Removed FulltextStoplist.php, no longer used (was for MySQL 3.x workaround)
+* Added templatelinks table, to track template inclusions. User-visible effects
+ will be:
+ * (inclusion) tag for inclusions in Special:Whatlinkshere
+ * More accurate list of used templates on the edit page
+ * More reliable cache invalidation when templates outside the template
+ namespace are changed
+* Respect database prefix in
+* Removed read-only check from Database::query()
+* Added externallinks table, to track links to arbitrary URLs
+* Added job table, for deferred processing of jobs. The immediate application is
+ to complete the link table refresh operation when templates are changed.
+* Don't change the password of the MySQL root user.
+* (bug 3306) Document $wgLocalTZoffset
+(list not complete)
+* Move ArticleSave hook execution into Article insert/update functions,
+ so they get called on non-EditPage actions that use these functions
+ to create or update pages.
+* Added EditFilter hook, and output callback on EditPage::showEditForm()
+ for a place to add in captcha-type extensions in the edit flow
+* (bug 3684) Fix typo in fatal error backtraces in Hooks.php
+* Fix for hook callbacks on objects containing no fields
+* Add a hook for additional user creation throttle / limiter extensions
+* Use $wgOut->parse() in wfGetSiteNotice() instead of creating a new parser
+ instance. This allows use of extension hooks if required.
+* Added AutoAuthenticate hook for external User object suppliers
+* Added 'PageRenderingHash' hook for changing the parser cache hash key
+ from an extension that changes rendering based on nonstandard options.
+* Add 'GetInternalURL' hook to match the GetFullURL and GetLocalURL ones
+* (bug 4456) Add hook for marking article patrolled
+* Add UserRights hook, fires after a user's group memberships are changed
+* Support SVG rendering with rsvg
+* Cap arbitrary SVG renders to given image size or $wgSVGMaxSize pixels wide
+* (bug 3127) Render large SVGs at image page size correctly
+* Fix scaling of non-integer SVG unit sizes
+* (bug 2800) Don't scale up small images on |thumb| without explicit size
+* Use the real file link instead of the default-size rasterized version for
+ large SVG images on image description page
+* Include the file name/type/size line for non-resized images
+* (bug 3489) PHP 5.1 compat problem with captioned images
+* (bug 3643) Fix image page display of large images with resizing disabled
+* Added a limit to the size of image files which can be thumbnailed
+* (bug 3806) Gracefully fall back to client-side scaling on |thumb| image
+ that passes $wgMaxImageArea
+* (bug 153) Adjust thumbnail size calculations to match consistently;
+ patch by David Benbennick
+* (bug 4162) Add $wgThumbnailEpoch timestamp to force old thumbs to
+ be rerendered on demand, sitewide
+* (bug 1850) Additional fixes so existing local and remote images
+ get a blue link even if there's no local description page
+* Avoid FATAL ERROR when creating thumbnail of non-existing image
+* (bug 4207) Wrong image size when using 100x200px syntax to scale image up
+ patch by David Benbennick
+* Don't delete thumbnails when refreshing exif metadata. This caused thumbs
+ to vanish mysteriously from time to time for files that didn't have metadata.
+* (bug 4426) Add link to user_talk page on image pages
+* Support a custom convert command for thumbnailing. See DefaultSettings.php
+ and the comments for $wgCustomConvertCommand, for more information.
+* UserCan hook now allows advisory return values, rather than mandatory ones.
+* (bug 3782) Throw fatal installation warning if mbstring.func_overload on.
+ Why do people invent these crazy options that change language semantics?
+* Fixed installer bugs 921 and 3914 (issues with using root and so forth)
+* (bug 4258) Use ugly urls for ISAPI by default
+ patch by Rob Church
+* Improve installer
+ * Use a superuser account (such as root), if specifed, to create tables
+ * Don't overwrite conservative permissions on the mySQL user with ALL
+ permissions, if said user exists
+ * Changes to some of the wording of explanations for fields
+* (bug 1734) granting db permissions failed with db usernames containg '-'
+* Add basic check for session support in PHP and die if not present
+* Fix problem reported on mailing list where re-initialising stats didn't work (can't insert
+ duplicate rows with the same id field)
+* Added --conf option to command line scripts, allowing the user to specify a
+ different LocalSettings.php.
+* Maintenance script to delete unused text records
+* Maintenance script to delete non-current revisions
+* Maintenance script to wipe a page and all revisions from the database
+* Maintenance script to reassign edits from one user to another
+* Maintenance script to find and remove links to a given domain (cleanupSpam.php)
+* Fix --report interval option for dumpTextPass
+i18n / Languages:
+* Partial support for Basque language (from wikipedia and meta)
+* (bug 3141) Partial support for Breton language (thanks Fulup).
+* Support for venitian language
+* (bug 1334) LanguageGa.php update
+* Finnish date format was hardcoded, now implemented properly
+* (bug 3190) Added some date format choices for language sr
+* (bug 2753) Some namespaces were not translated in LanguageTa.php (Tamil)
+* (bug 3204) Fix typo breaking special pages in fy localization
+* (bug 3177) Estonian date formats not implemented in LanguageEt.php
+* (bug 1020) Changing user interface language does not work immediately
+* (bug 3271) Updated LanguageNn.php for HEAD
+* Experimental feature to allow translation of block expiry times
+ Implementation only for Finnish currently
+* (bug 3304) Language file for Croatian (LanguageHr.php)
+* (bug 2143) Update Vietnamese interface
+* (bug 3063) Remove some hardcodings from Hebrew localisation
+* (bug 3408) Bulgarian formatNum corrected
+* (bug 1512) Disable x-code interp on Esperanto URLs for now, it does more
+ harm than good under current system by breaking incoming URLs with "ux".
+ (Editing is not affected, just URLs.)
+* (bug 1423) LanguageJa.php update
+* Fix language name for dv
+* (bug 3503) Update LanguageSq.php from messages
+* (bug 3629) Fix date & time format for Frisian
+* (bug 3334) Namespace changes for Polish
+* (bug 3580) Change default Dutch language file to more neutral
+* (bug 3656) LanguageHr.php - added convertPlural
+* (bug 3414) LanguageBe.php - added convertPlural
+* (bug 3163) Full translation of LanguageBr
+* (bug 3617) Update for portuguese language (pt)
+* Namespaces hacks on LanguagePl
+* (bug 3682) LanguageSr.php - added convertPlural
+* (bug 3694) LanguageTr.php update
+* (bug 3711) Removed invisible unicode characters from LanguageHu
+* (bug 2981) Linktrail for Tamil (ta)
+* (bug 3722) Update of Arabic language (ar) Namespace changes
+* Removed hardcoded Norwegian (no) project namespaces
+* (bug 2324) image for redirects should be without text and oriented according to content language
+* (bug 3666) Don't spew PHP warnings in prefs on unrecognized site language
+* (bug 3817) Use localized date formats in preferences; 'no preference' option
+ localizable as 'datedefault' message. Tweaked lots of languages files...
+* (bug 2721) Regression: Use European number separators for vi: wikis
+* (bug 3961) minor languageDe changes
+* (bug 1984) LanguageKo.php (Korean) update
+* (bug 3804) update of LanguageWa.php file
+* (bug 3886) Update for Portuguese language (pt)
+* (bug 4020) Update namespaces for ms
+* (bug 3922) bidi embedding overrides on category links
+* (bug 4061) Update of Slovene namespace names (LanguageSl.php)
+* (bug 4064) LanguageDe comma changes
+* (bug 3922) Further tweaks to bidi overrides in category list for old
+ versions of Safari and Konqueror
+* Fix custom namespaces on wikis set for Portuguese
+* (bug 4153) Fix block length localizations in Greek
+* (bug 3844) ab: av: ba: ce: & kv: now inherit from LanguageRu.php
+ ii: & za: now inherit from LanguageZn_cn.php
+* (bug 4165) Correct validation for user language selection (data taint)
+* (bug 4192) Remove silly 'The Free Encyclopedia' default sitesubtitle
+* Use content-lang for sitenotice
+* (bug 4233) Update LanguageJa.php
+* (bug 4279) Small correction to LanguageDa.php
+* (bug 4108, 4336) Remove trailing whitespace from various messages, which
+ mucks up message updating to create dupe entries
+* (bug 4389) Fix math options on zh-hk and zh-tw (but not localized)
+* (bug 4392) Update of LanguageSr.php
+* (bug 4382) Frisian numeric format
+* (bug 4424) Update for Spanish language (es) 100% messages translated
+* (bug 4425) Typos in Polish translation
+* (bug 4436) Update for Turkish language (tr)
+* (bug 4413) Update of Farsi language file (LanguageFa.php)
+* Update for LanguageSr (Serbian): magic words
+* (bug 137) MediaWiki:Copyrightwarning hardcoding
+* (bug 4457) Update for Portuguese language (pt)
+* convertPlural breakage fixed a little
+* (bug 4144) Support for Sudanese language (Basa Sunda)
+* Big cleanup:
+ - Removed obsolote, badly or untranslated messages
+ - Removed references to wikipedia/wikimedia etc in messages
+ - Other cleanup, like removing html and javascript and extension calls
+ - Removed hardcoded namespaces: Tt, Ms, Ia, Ga, Fo, Bn, Csb, He, Nv, Oc, Tlh
+ - Removed some useless backwards compatibility hacks
+ - Fixed formatnum on many languages
+* wgAmericanDates check produced incorrect results in languages that don't have
+ a such distinction
+* (bug 4548) Update for Portuguese language (pt): time format
+* (bug 4530) Use consistent name for Kurdish
+* Tweak default "upload disabled" text
+* (bug 4504) Use site language for namespace name resolution
+* (bug 4510) Correct Barnes & Noble bookstore URLs
+* (bug 3991) Allow the operation of wikicode on Protect move only text
+* (bug 4267) Switch dv sd ug ks arc languages to RTL
+* Default main page content improved per bug 4690
+* (bug 4615) Update for Portuguese language (pt)
+* Separated MessagesSl.php as the other languages.
+* (bug 4960) Add additional namespaces variants to Yiddish for compatibility
+* (bug 4805) Removed more wikipedia-references from MessagesUk.php
+* (bug 5015) Update magic words translation in LanguageBe.php
+* (bug 4859) Update for Portuguese messages (pt)
+* (bug 4788) One string for MessagesPl
+* Restriction types now use restriction-* messages instead of ui messages
+* (bug 4685) Slovenian LanguageSl.php hardcodes project namespace
+* (bug 5097) Fix Hungarian language (hu): thousands separator
+* (bug 5098) Update for Portuguese messages (pt)
+* (bug 5113) Spelling error in French language file
+* (bug 5105) Magic words for LanguageAr.php
+* (bug 3993) Variants for Serbian language
+* Typo in English messages file
+* (bug 4114) Spacing in watchlist rows (in editing mode)
+* Update default "exporttext" to reflect that Special:Import exists
+* (bug 4960) Add additional namespaces variants to Yi projects: Yiddish Wikinews fix
+* (bug 5357) Add the icon near the user name also in RTL interfaces
+* (bug 5156) Update for Hebrew language (he)
+* (bug 4497,4704,5010) Added some new language codes.
+* (bug 5362) Piedmontese added
+* (bug 5349) Update for Portuguese messages (pt)
+* (bug 3573) Finished full Greek translation: namespaces
+* (bug 5288) Initial localisation for Az
+* (bug 4361) Fix "allmessagesnotsupportedui" so it doesn't refer to nonexisting
+ page
+* Tweak wording of "allmessagesnotsupporteddb"
+* (bug 2522) {{CURRENTDAY2}} now shows the current day number with two digits
+* (bug 3210) Fix Media: links with remote image URL path
+* (bug 3405) Don't use raw letters as aliases of MSGNW: and SUBST:
+* (bug 3412) Clean up date format handling so ~~~~-sigs work with default
+ format as designed. Documentation comments updated.
+* Fix Parser::unstrip on PHP 5.1.0RC4
+* (bug 3797) Don't expand variables and sigs in comments
+* Allow parser cache on redirect targets
+* Run wikitext-escaping on plaintext sigs (no wiki markup, just name)
+* Check for unbalanced HTML tags on raw sigs (markup allowed, but show
+ a warning in prefs and use default sig if not balanced)
+* Respect <noinclude> and <includeonly> during {{subst:}} expansion as well as
+ ordinary templates.
+* Support <includeonly> in templates loaded through preload= parameter
+* (bug 3979) Save correct {{REVISIONID}} into parser cache on edit
+* Substitute {{REVISIONID}} correctly in diff display
+* (bug 1850) Allow red-links on image pages linked with [[:image:foo]]
+* Fix XML validity checks in parser tests on PHP 5.1
+* (bug 4377) "[" is not valid in URLs
+* (bug 4453) fix for __TOC__ dollar-number breakage
+* Convert unnecessary URL escape codes in external links to their equivalent
+ character before doing anything with them. This prevents certain kinds of
+ spam filter evasion.
+* (bug 4783) : Fix for "{{ns:0}} does not render"
+* Improved support for interwiki transclusion
+* (bug 1850) Image link to nonexistent file fixed.
+* (bug 5167) Add {{SUBPAGENAME}} and {{SUBPAGENAMEE}} variables
+* (bug 4949) Missing : in "addedwatchtext" for English and Spanish
+* Allow user-defined functions, which work in a similar way to {{GRAMMAR:}}
+ etc. Registered via an interface similar to tag hooks.
+* (bug 2527) Always set destination filename when new file is selected
+* (bug 3076) Support MacBinary-encoded uploads from IE/Mac
+* (bug 2554) Tell users they are uploading too large file
+* Support for a license selection box on Special:Upload, configurable from MediaWiki:Licenses
+* Add 'reupload' and 'reupload-shared' permission keys to restrict new uploads
+ overwriting existing files; default is the old behavior (allowed).
+* (bug 3244) Fix remote image loading hack, JavaScript injection on MSIE
+* (bug 3280) Respect 'move' group permission on page moves
+* (bug 2613) Clear saved passwords from the form
+* IP privacy fix for blocklist search on autoblocks
+* Security fix for <math>
+* Security fix for tables
+* Security fix for Special:Upload license selection list
+* Add UploadVerification hook for custom file upload validation/security checks
+* Blacklist additional MSIE CSS safety tricks
+* Fix meta robots tag on Special:Version again to avoid listing vulnerable
+ versions for convenient harvesting by automated worms
+* Sanitizer CSS comment processing order fix
+* Forbid usernames that can be interpreted as titles with namespaces, as that
+ leads to hard-to-manage names.
+* (bug 4071) Generate passwords long enough for $wgMinimalPasswordLength
+* Add createpage and createtalk permission keys, allowing a quick
+ switch to disable page creation for anonymous users.
+* (bug 675) Add page protection level for unregistered/new accounts
+* User::isNewbie now uses the registration date and $wgAutoconfirmAge
+* Add 'deletedhistory' permission key for ability to view deleted history
+ list via Special:Undelete. Default is off, replicating the 1.5 behavior,
+ but it can be turned back on for random users to replicate the previous
+ 1.6 dev behavior.
+* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
+* (bug 4371) Disallow tilde character in signatures
+* Removed broken wgAllowAnonymousMinor and added new group right minoredit
+* Added detection for WMF files (application/x-msmetafile), added this
+ MIME type to the default blacklist. Prevented inline display of images
+ which are not of known image types. This is in response to
+* Blocked users can no longer roll back, change the protection of, or delete/undelete pages
+* Protect against spoofing of X-Forwarded-For header
+* XSS issue : now sanitize search query input (fixed in 1.5rc3)
+* Remove deprecated $wgOnlySysopsCanPatrol references; use User::isAllowed( 'patrol' )
+ per bug 5282. Patch by Alan Harder.
+* Prevent registration/login with the username "MediaWiki default"
+Special Pages:
+* Rearranged Special:Movepage form to reduce confusion between destination
+ title and reason input boxes
+* (bug 1956) Hide bot uploads from Special:Newimages
+* (bug 3220) Fix escaping of block URLs in Recentchanges
+* (bug 3284) Ipblocklist paging, substring search
+* Allow filtering of robot edits in Special:Watchlist by stting
+ $wgFilterRobotsWL = true.
+* Fix interlanguage links on special pages when extra namespaces configured
+* (bug 3475) anon contrib links on Special:Newpages
+* Special:Import/importDump fixes: report XML parse errors, accept <minor/>
+* (bug 2369) Add separate message for input box on Special:Prefixindex
+* (bug 3798) DoubleRedirects no longer has hard coded arrows
+* (bug 3803) Fix links on Special:Wantedcategories with miser mode off
+* Fix Special:BrokenRedirects on MySQL 5.0
+* (bug 3807) Fix 'all' in namespaces drop-down on contribs, rc
+* Fail gracefully on invalid namespace in Special:Newpages
+* (bug 3762) Define missing Special:Import UI messages
+* (bug 3761) Avoid deprecation warnings in Special:Import
+* (bug 2894) Enhanced Recent Changes link fixes
+* (bug 4059) fix 'hide minor edits' on Recentchangeslinked
+* (bug 146) List number of category members in Special:Categories
+ (patch by Joel Nothman)
+* (bug 4090) Fix diff links in Special:Recentchangeslinked
+* (bug 4093) '&bot=1' in Special:Contributions now propagate to other links
+* Fix display of old recentchanges records for page moves
+* (bug 360) Let Whatlinkshere track [[:image:foo]] links
+* (bug 3073) Keep search parameter on paging in Special:Newimages
+* Removed Special:Validate, it's been superseded by the Review extension
+* (bug 4359) red [[user:#id]] links generated in [[special:Log]]
+* (bug 1996) Special page to list redirects
+* (bug 4334) Add "watch" links to Special:Unwatchedpages
+* Generate target user page links in Special:Ipblocklist where appropriate
+ (i.e. not an autoblock)
+* Generate link to talk page of the blocker in Special:Ipblocklist, move
+ contribs. link of the target next to their name
+* (bug 2714) Backlink from special:whatlinkshere was hard set as 'existing'
+* Move parentheses out of <a> link in Special:Contributions
+* (bug 3192): properly check 'limit' parameter on Special:Contributions
+* (bug 3187) watchlist text refer to unexistent "Stop watching" action
+* Add block, block log and general log links to Special:Contributions
+* Add contributions link to block log items
+* Added optional "hide own edits" feature to Special:Recentchanges
+* (bug 5018) Anchors for each message in Special:Allmessages
+* Introduce $wgWantedPagesThreshold per bug 5011; Special:Wantedpages will not
+ list pages with less than this number of links. Defaults to 1.
+* (bug 4319) Don't show a "create account" link on the login form when
+ account creation is disabled.
+* JavaScript filter for Special:Allmessages
+* (bug 3047) Don't mention talk pages on Special:Movepage when there isn't one
+* Show links to user page, talk page and contributions page on Special:Newpages
+* Special:Export can now export a list of all contributors to an article (off by default)
+* (bug 5372) Add number of files to Special:Statistics
+* (bug 2871) Links to talk pages in watchlist editing view
+* (bug 5385) Allow hiding anonymous edits on Special:Recentchanges
+* (bug 2544) Illogical error reporting order in Special:Userlogin
+* (bug 5409) Hide "show/hide patrolled edits" in Special:Recentchanges if patrolling
+ is disabled
+* (bug 5447) Convert first letter of username to uppercase before searching in Special:Listusers
+* (bug 759) Wrap redirects on the watchlist editing page in a span, class "watchlistredir"
+* (bug 1862) Namespace filtering in watchlists
+* PHP 4.1 compatibility fix: don't use new_link parameter to mysql_connect
+ if running prior to 4.2.0 as it causes the call to fail
+* (bug 3117) Fix display of upload size and type with tidy on
+* (bug 2323) Remove "last" tabindex from history page
+* (bug 3116) Division by zero on [[Image:Foo.png|123x123px|]]
+* Fix display of read-only lockfile message
+* Include software-visible client IP address in Special:Version comment
+ as a proxy debugging aid
+* (bug 3170) Page Title failed to obey MediaWiki:Pagetitle.
+ wikititlesuffix was removed
+* Add ability to break off certain debug topics into additional log files;
+ use $wgDebugLogGroups to configure and wfDebugLog() to log.
+* Edit conflict on recreation of deleted page
+* (bug 3216) Don't show empty warning page when no warnings.
+* (bug 3218) Use proper quoting on history Compare Revisions button
+* Fix upgrade from 1.4 due to version number check breakage [for rc future]
+* Fix upgrade from 1.4 with no old revisions
+* Remove "info" editing toolbar that was shown in browsers which do not
+fully support the editing toolbar, but was found to be too confusing.
+* Don't override edit conflict suppression on section edits; section merging
+ should provide the expected transparency here and fits usage patterns better.
+* (bug 3292) Fix move-over-redirect test when current entries are not plaintext
+* (bug 2078) Don't hide watch tab on preview
+* Fix regressions in ChangesList traditional layout
+* Fix edit on double-click for move-protected pages in Classic skin
+* (bug 3485) Fix bogus warning about filename capitalization when off
+* (bug 2570) Add 'watch this page' checkbox on uploads, watch uploads
+ by default when 'watchdefault' option is on
+* Add options to dumpBackup.php for making split/partial dumps by page id
+* Added filter options, compression piping, and multiple output streams for
+ dumpBackup.php
+* (bug 3595) Warn and abort if importDump.php called in read-only mode.
+* (bug 3598) Update message cache on message page deletion, patch by Tietew
+* Added separate noarticletext and newarticletext messages for logged in and anon users.
+* (bug 3332) Installation now uses Monobook, validates, plus usability improvements.
+* (bug 3660) Update diff3 detection to work with Windows/Cygwin
+* (bug 2330) Don't do funny thinks with "links" in MediaWiki:Undeletedtext
+* Two-pass data dump for friendliness to the DB (--stub, then dumpTextPass.php)
+* Data dump 'prefetch' mode to read normalized text from a prior dump
+ (requires PHP 5, XMLReader extension)
+* (bug 2773) Print style sheet no longer overrides RTL text direction
+* (bug 2938) Update MediaWiki:Exporttext to be more general
+* Various fixes
+* Fix wfMsg*() replacements; args containing literal $[2-9] were wiped
+* Added @import for [[MediaWiki:Common.css]] to all skins
+* Edit box now remembers scrollbar position on preview
+* (bug 3816) Throw edit conflict instead of fatal error when a page is
+ moved or deleted during section edit
+* (bug 3771) Handle internal functions in backtrace in wfAbruptExit()
+* (bug 3291) 'last' diff link for last history line when not at end
+* (bug 3667) Add missing global in page move code
+* (bug 2885) Remove unnecessary reference parameter which broke classic skin
+ talk notification on PHP 5.0.5
+* (bug 3852) "Redirected from" link no longer obscured on double-redirects
+* changed directory hierarchy in images/math/. System upgrades from old to
+ new hierarchy on the fly.
+* (bug 3487) Fix category edit preview with preview-on-bottom
+* (bug 918) Search index incorrectly joined words at == headings ==
+* (bug 3877) Render math images into temp directory, then move to hashed
+ subdir so you can render new math images and have them work
+* (bug 2392) Fix Atom items content type, upgrade to Atom 1.0
+* Allow $wgFeedCacheTimeout of 0 to disable feed caching
+* Fix WebRequest::getRequestURL() to strip off the host bits squid prepends
+* Require POST for action=purge, to stop bots from purging the cache
+* Added local message cache feature ($wgLocalMessageCache), to reduce bandwidth
+ requirements to the memcached server.
+* (bug 3562) for go search, try Caps-Variants-Broken-At-Non-Whitespace
+* (bug 2569) Use PATH_SEPARATOR instead of trying to guess based on
+ DIRECTORY_SEPARATOR (was wrong on NetWare)
+* (bug 2740) Accept image deletions on 'enter' submit from MSIE
+* (bug 3939) Don't try to load text for interwiki redirect target
+* (bug 3948) Avoid notice warning in debug statement in bad search
+* Recognize Special:Search consistently so read whitelist works
+* (bug 3999) Change atom 1.0 feed id; had been unnecessarily complex due to
+ unclear language in the spec. Now using the URL, same as the permalink,
+ which someone else will probably whine about because it's not 'perma'
+ enough or something.
+* (bug 4014) Fix include mode for Allpages on small page sets
+* (bug 3996) Fix text for new entries in RC RSS/Atom feed
+* (bug 3065) Update both watched namespaces when renaming pages
+* Changed mail form to have a bigger message entry box (like for editing
+ a page
+* Fix ulimit parameters for wfShellExec when memory_limit is specified in 'm'
+* (bug 2111) Collapsable exif metadata table, clean up display
+* Reduce fractions in display of exif exposure time
+* (bug 4048) Optional footer link to site privacy policy
+* Don't die() when update.php reaches the end of the warning count
+* (bug 1915) Fix edit links when 'direction' used with 'oldid';
+ using revision ID reported via OutputPage; Skin::editUrlOptions()
+* Remove obsolete 'redirect=no' on some edit links
+* Include oldid for the second revision on edit link on diff view
+* (bug 4035) Fix prev/next revision links on edit page
+* (bug 4100, 3049) Add 'edittools' message to hold edit tools, put it
+ on Special:Upload as well as edit, rearrange edit page pieces a bit.
+ Copyright warning now above the buttons to ensure it's visible,
+ template list at the bottom so it can grow.
+* Optional summary parameter to action=rollback, for user javascript
+* (bug 4167) Fix regression caused by patch for bug 153
+* (bug 4169) Use $wgLegalTitleChars in pipe trick conversions
+* (bug 4170) Decode HTML character escapes in sort key
+* (bug 4201) Fix user-talk mode for Enotif, and general code cleanup
+* (bug 4214) Skip redundant action text inserts into the HTML <title>
+* (bug 4212) Skip redundant meta-robots tag for default settings
+* Fix regression: old version missing from edit links in Nostalgia skin
+* (bug 1600) Trigger edit conflict on duplicate section=new submissions
+* (bug 4001) Use local variables properly in wikibits.js akeytt()
+* Fix regression: old version missing from edit links on CSS/JS pages
+* (bug 3211) Include Date, To mail headers when using PEAR::Mail
+* (bug 3407) Fix encoding of subject and from/to headers on notification
+ mails; userMailer() now takes a MailAddress wrapper object instead of
+ a raw string to abstract things a level.
+* Fixed --server override on dumpTextPass.php
+* Added plugin interface for dumpBackup, so additional filters and output
+ sink types can be registered at runtime from an extension
+* (bug 349) Fix for some numeric differences not being highlighted
+ patch by Andrius Ramanauskas
+* (bug 4298) Include rc_id on enhanced RC singleton diff links for patrolling
+* Did some refactoring on ChangesList.php merging dupe code
+* (bug 1586) Fix interwiki generator for wikimedia obscure domains
+* (bug 3493) Mark edits patrolled when they are reverted
+ patch by Leon Planken
+* Removed experimental Amethyst skin from default set
+* Upgrade old skin preferences properly at Special:Preferences
+ (used to spontaneously switch to Classic skin for old numeric pref records)
+* (bug 3424) Update page_touched for category members on category page creation
+* Log views show message when no matches
+* Fix raw sitenotice display on database error
+* Fix autoconfirm check for old accounts
+* (bug 4368) Don't show useless empty preview on new section creation
+* Don't show useless empty preview on new page creation
+* (bug 4411) Fix messages diff link for classic skin
+* (bug 4385) Separate parser cache entries for non-editing users, so section
+ edit links don't vanish / appear unwanted on protected pages
+* (bug 2726, 3397) Fix [[Special:]] and [[:Image]] links in action=render
+* (bug 4419) Remove obsolete magnify.png.old
+* Removed $wgUseCategoryMagic option, categories are now enabled unconditionally
+* (bug 3318) UI workarounds for disabled items in license selector
+ MSIE/Win: items now grayed out, JS will revert to 'non selected' if clicked
+ Safari: JS will revert to 'non selected' if clicked (but not gray)
+ MSIE/Mac: indented items now visible (JS hack)
+* (bug 714) "plainlinks" class issues in IE, Opera
+* (bug 4317) Inconsistent "broken redirects" messages
+* Default interface text for "selflinks" tweaked
+* (bug 3194) default implementation of translateBlockExpiry
+ which uses ipboptions
+* (bug 4446) $wgExportAllowHistory option to explicitly disable history in
+ Special:Export form, 'exportnohistory' message to translate live hack.
+* Maintenance script to delete unused user accounts
+* (bug 912) Search box easier to reach in text browsers (lynx, links)
+* $wgParserCacheExpireTime added
+* Skip loading of RecentChange.php except where needed
+* Enforce $wgSVGMaxSize when rendering, even for SVGs with a very large source
+ size. This is necessary to limit server memory usage.
+* Cleanup and error checking on Special:Listredirects
+* Clear up some instances of old OutputPage::sysopRequired() function usage
+* Improve "upload disabled" notice
+* Move parts of index.php to include/Wiki.php in an attempt to both cleanup index.php
+ and create a MediaWiki-class mediaWiki base object
+* (bug 4104) Added OutputPageBeforeHTML hook for tweaking primary wiki output
+ HTML on final output (cached or not)
+* Avoid PHP notice on command-line scripts if empty argument is passed ('')
+* (bug 4571) Partial fix hack for {{fulllurl:}} in action=render
+* (bug 3502) Bowtie symbol for TeX
+* (bug 4000) Support for \textstyle et al. in <math>
+* (bug 1663) support color in TeX formulas
+* (bug 2026) missing glue around \not= (TeX)
+* (bug 4576) Missing '>' broke license selector's first option in IE, Opera
+* Override $wgLocaltimezone in parser tests for us outside Iceland and UK
+* Fix extra whitespace at end of Wiki.php, DESTROYS XML OUTPUT
+* Remove redundant 'echo' statements from MonoBook.php
+* (bug 1103) Fix up redirect handling for images, categories
+ Redirects are now followed from the top-level, outside of the Article
+ content loading and viewing, for clarity and consistency.
+* (bug 4104) 'OutputPageBeforeHTML' hook to postprocess article HTML on
+ page view (comes after parser cache, if used). Patch by ThomasV.
+* Linker::formatComment corrupted the passed title object on PHP 5
+ if the comment included a section link. Use clone() to make a safe copy.
+* Add wfClone() wrapper since we're still using PHP 4 on some servers.
+* Remove obsolete killthread.php
+* Added wfDie() wrapper, and some manual die(-1), to force the return code
+ to the shell to return nonzero when we crap out with an error.
+* Allow input of the stub from a compressed file instead of stdin
+ for dumpTextPass.php; easier to get errors back on the shell
+* Added an attractive space on the namespace selector on contribs
+* Move PHP 5-friendly XHTML doctype hack to Sanitizer, use for sig checks.
+ Fixes use of named entities in sigs on PHP 5
+* (bug 4482) Include move comment on the null edit as well as the redirect
+* (bug 3990) Use existing session name if session.auto_start is on
+ Fixes checks for open sessions, such as the cookie warning on login.
+ Patch by Zbigniew Braniecki.
+* Add cache-safe alternate sitenotice for anonymous users. (MediaWiki:Anonnotice)
+ This is displayed instead of the regular sitenotice, if it exists. If not, the
+ regular sitenotice shows. If that doesn't exist, the value of $wgSiteNotice is used,
+ and if that's null, then nothing is shown.
+* Spit the generated LocalSettings code out during the installer as an aid
+ to debugging issues. (Keep this?)
+* Use __FILE__ to form path in new LocalSettings.php, so it stays accurate
+ when the directory is relocated for typical usage.
+* Auto-update $wgCacheEpoch when LocalSettings.php changes on new installs.
+ For typical usage this will be a light burden and should reduce confusion
+ when the configuration is edited.
+* Fix $wgCacheEpoch's effect on client-side caching.
+* (bug 1122) gray out 'older revision' when viewing first article revision.
+* Clearer message in DefaultSettings.php: edit LocalSettings.php instead
+* MonoBook skin top link id changed from "contentTop" to "top" (shared with
+ name attribute)
+* (bug 3350) Missing label for move talk page checkbox.
+* (bug 2108) Sort entries when using category browser
+* (bug 2393) Fix MIME type for Atom feeds ( application/rss+atom )
+* Add ".deps.php" include-file preloaders for some dynamically-loaded
+ language and skin classes. Should help with the broken base-class
+ problem under PHP 5 with APC as opcode cache. See details:
+* Small changes to tabs in Monobook skin c/o Chris Ware
+* (bug 4679) Work around buggy basename() function in PHP5, which breaks
+ uploads of files starting with multibyte characters on Linux.
+ wfBaseName() doesn't suffer this bug, and understands backslash on
+ both Unix and Windows.
+* (bug 3603) headscripts variable not hooked up to MonoBook skin
+* Allow local cdb-based interwiki cache
+* Use the "block", not the "protect" permission, when determining whether to
+ show a "block user" link in the toolbox
+* Fix backup dump text prefetch for XMLReader constant changes in PHP 5.1
+* Suppress useless percentage indicator on output from 7za during dumps
+* (bug 4633) Add (previous 200) (next 200) also above catlinks
+* (bug 4686) Fix regression where ?diff=0&oldid=0 caused fatal error on
+ pages with only one revision. Fixes message diff link on first edit.
+* Fix dependence on hardcoded UNIQ_PREFIX in LanguageConverter.php
+* Do not check lag on external storage servers
+* Do not tidy interface messages (unless full tidy is set)
+* Do not trust equality propagation and give more hints to MySQL
+ optimizer for revision fetches (avoids index scans)
+* Use revision rate for ETA in dump generation; it tends to be more stable
+ than the per-page count for full-history dumps.
+* Include timestamp in wfDebugLog breakouts
+* (bug 4469) Namespace-specific notice to be displayed below site-notice
+ Edit messages like "MediaWiki:Namespacenotice-" plus namespace name
+ which is blank for main namespace, or like e.g. "User_talk"
+* Adjust user login/creation form hooks to work with a captcha plugin
+* (bug 1284) Inline styles for diffs in Recent Changes RSS/Atom feeds
+* (bug 4824) IE7 beta 2 broke compatibility with PNG logo workarounds,
+ and seems to work ok with other bits. No longer including the IE
+ workarounds JavaScript for IE 7 and above.
+* Fix extra namespace for Bulgarian
+* (bug 4303) Add $wgFavicon to change the shorticon icon link from
+ the default /favicon.ico or disable it (if set to false)
+* (bug 3347) strip linebreaks in math error source
+* (bug 4841) Warning for non-logged-in edits
+* (bug 4867) Leave invalid EXIF date fields unformatted instead of
+ showing a bogus current timestamp
+* Reset $wgActionPaths during parser test; corrects some false failures
+ in the automated test report.
+* (bug 4875) Define a div containing the shared image description
+* (bug 4860) Expose Title->userCan() as Hooks
+* (bug 4828) Fix genitive month-name variable for cs, pl, uk
+* (bug 4842) Fix 'show number of watching users' with enhanced RC
+* (bug 4889) Fix image talk namespace for Tamil
+* (bug 4147) Added cleanupWatchlist.php to clear out bogus watchlist entries
+* (partial bug 3456) Disable auto redirect to Main Page after account creation
+* (bug 4824) Separate out IE7 CSS compat hacks, fix for RTL pages
+* Added support for wikidiff2 and similar external diff engines.
+* Allow cookies to be shared between multiple wikis with a shared user database
+* Blocking some Unicode whitespace characters in usernames. Should check
+ if some or all should be blocked from all page titles.
+* Unknown log types no longer throw notices everywhere in RecentChanges
+* (bug 4502, 5017) Don't render potentially hostile deleted page contents
+ on Special:Undelete by default; show source, with an optional preview.
+ The revisions list no longer shows the latest text by default, so it can
+ still be operated if the text is hostile.
+* (bug 5013) Check for existence on "return to" links
+* Removed trailing whitespace on a bunch more messages.
+* Fix missing bad title check in Special:Booksources
+* Remove empty booksources string in fy
+* Avoid corrupting <gallery> inside <!-- comment -->
+* Remove legacy PHPTal code, hasn't been maintained in ages.
+* Tweak Userlogin include order for APC issue
+* Don't try to link to current page on protection tab
+* More exact checking in Title::equals() to fox moves of numerically similar
+ page titles. (Odd hex title bug on 64-bit.)
+* Fix explicit s-maxage=0 on raw pages; should help with proxy issues in
+ generated stylesheets... hopefully...
+* (bug 4685) More fixes for Slovenian project namespace
+* Fixed and enhanced a little the Live Preview, which had been broken for some time
+* Added article size limit, $wgMaxArticleSize
+* (bug 4974) Don't follow redirected talk page on "new messages" link
+* (bug 4970) Make category paging limits configurable
+* (bug 4535) Warn user when editing CSS or JS subpage of a skin that doesn't exist
+* Make Live Preview an user preference, still controllable by the global variable
+* Rename the stub LanguageAls / LanguageGem_alsation to LanguageGsw to follow
+ updated language code assignments
+* (bug 5081) Remove bogus fix for invalid characters in links which simply
+ broke use of legitimate multiple whitespace characters in bracketed link.
+* (bug 4838) Add relative oldids (prev, next, cur) for raw pages
+ Patch by Lupin
+* (bug 5086) Force image resize dimensions on ImageMagick, as for instance
+ "-resize 100x35!"; some thumbs were off due to differences in rounding and
+ would be generated smaller than expected.
+* (bug 5062) Width sometimes one pixel short when using maximum heights
+* Purge thumbnails and metadata cache for action=purge on an image page
+* (bug 4273) Bounce back with a message when attempting to submit a new comment
+ with an empty main textbox (user probably hit Enter in subject field)
+* (bug 5141) Gracefully handle the new account link when createaccount off
+* (bug 5150 and related) Fix missing ID attribute in HTML namespace selector
+* (bug 5152) Proper HTML escaping on subpage breadcrumbs
+* (bug 4855) Section edit links now have the section name in the title attribute.
+* (bug 2115) Support shift-selecting multiple checkboxes with JavaScript.
+* (bug 5161) Don't try to load template list for nonexistent pages
+* (bug 5228) Workaround for broken LanguageConverter title overrides; avoid
+ unnecessary hidden UI work when watch/unwatch is performed on edit
+* Fixed bogus master fallback in external storage
+* (bug 5246) Add speak:none to "hiddenStructure" class in main.css
+* Further work on rev_deleted; changed to a bitfield with several data-hiding
+ options. Not yet ready for production use; Special:Revisiondelete is
+ incomplete, and the flags are not preserved across page deletion/undeletion.
+ To try it; add the 'deleterevision' permission to a privileged group.
+* (bug 5270) Fix broken linktrail for br, cv, fr, hr, nn, oc, ta, wa
+* Add a clickable contribs link in user tool links (rc, watchlist, diff view)
+ to see how people like it. (There was one in the old hacked-up diff view.)
+* (bug 5236) Load wikibits.js before site-customized javascript
+* (bug 4119) Workaround for <nowiki> following link in Walloon; remove capitals
+ from linktrail, as they're not used anywhere else.
+* (bug 4781) Output links with the percent-encoding they're supplied with;
+ save the normalization for internal link storage. The normalization is a bit
+ buggy and can make incorrect foldings in the query string and such, so isn't
+ reliable beyond the hostname where it's used for the spam bulk checker.
+* Don't URL-decode in the title attribute for URL links; it can produce false
+ results that don't code back to their original values.
+* (bug 4611) Add user preference (default on) to add new pages to creators's watchlist
+* (bug 5286) Fix regression in display of missing/bad revision IDs
+* (bug 4729) Add user preference that marks a user's edits as patrolled if user is able to
+* (bug 4630) Add user preference to prompt users when entering blank edit summaries
+* Added optional suggest feature for the search box. Set wgUseAjax to true to
+ enable it.
+* (bug 5277) Use audio/midi rather that audio/mid
+* (bug 5410) Use namespace name when a custom namespace's nstab-NS message is nonexistent
+* (bug 5432) Fix inconsistencies in cookie names when using table prefixes
+* Additional protections against HTML breakage in table parsing
+* (bug 5355) Include skin name and style JS settings in page source;
+ fixes regression where Opera 6/7 and KHTML CSS fixes weren't applied
+ when wikibits.js was moved up before user JS inclusion.
+* Added $wgColorErrors: if set, database error messages will be highlighted
+ when running command-line scripts in a Unix terminal.
+* (bug 5195) rebuildrecentchanges.php works again; Database::insertSelect now
+ has a parameter for select options.
+* Fix updateSearchIndex.php for new schema
+* Fix bogus "filename too short" error when uploading files with a period in the base
+ name, e.g. "Mr. Zee.png"
+* (bug 2139) Show page title in subtitle when viewing "read only" page
+* (bug 5452) Update language name for Cree
+== MediaWiki 1.5.8 ==
+March 26, 2006
+MediaWiki 1.5.8 is a security and bugfix maintenance release.
+A bug in decoding of certain encoded links could allow injection of raw
+HTML into page output; this could potentially lead to XSS attacks.
+Some minor UI fixes were also made, see the change log at the bottom of
+this file.
+== MediaWiki 1.5.7 ==
+March 2, 2006
+MediaWiki 1.5.7 is a bugfix maintenance release.
+Most importantly, a security issue in the installer has been fixed. The bug
+affects new installations of 1.5.6 only. If the user specified the MySQL root
+password, to allow the installer to create an unprivileged account, the
+installer would not only create the new account but also change the root
+password to be equal to the password of the new account.
+Anyone affected by this bug will need to change the root password back
+manually. For information about how to change passwords in MySQL please see:
+This version includes fixes for compatibility with Internet Explorer 7
+beta 2, and various other bugs; see the full changelog at the end of
+the release notes.
+== MediaWiki 1.5.6 ==
+January 19, 2006
+MediaWiki 1.5.6 is a security and bugfix maintenance release.
+A bug in edit comment formatting could send PHP into an infinite loop
+if certain malformed links were included. In most installations, this
+would cause the script to fail after PHP's 30-second failsafe timeout.
+Some improvements have been made to the installer which should make
+installation possible on a system with a broken MySQL "root" account.
+For several other minor fixes, see the complete changelog at the end
+of this file.
+== MediaWiki 1.5.5 ==
+January 5, 2006
+MediaWiki 1.5.5 is a security and bugfix maintenance release.
+Detection for uploads of Windows Metafile (.wmf) images has been added
+to help protect against a client-side vulnerability in unpatched Microsoft
+Windows operating systems.
+Sites which have enabled uploads and added non-standard file types
+(such as .ogg, .doc, or .pdf) should upgrade to this release to ensure
+that malicious .wmf files can't be uploaded with a fake extension;
+such files could put visitors to the site at risk.
+For more details on this, see:
+Additionally, a maintenance script removeUnusedAccounts.php has been added;
+this replaces an older Perl script which had not been updated for the new
+schema in 1.5.
+== MediaWiki 1.5.4 ==
+December 21, 2005
+MediaWiki 1.5.4 is a security and bugfix maintenance release.
+A hardcoded internal placeholder string has been replaced with a random
+one. This closes a hole where security checks in inline style attributes
+could be bypassed, injecting JavaScript code that could execute in
+Microsoft Internet Explorer.
+Other browsers would not be vulnerable.
+Several minor fixes are included in this release, most notably a fix
+to clear the "you have new messages" flag properly for usernames
+containing spaces when e-mail notification is enabled.
+See the changelog at the end of the release notes for a full list of
+== MediaWiki 1.5.3 ==
+December 4, 2005
+MediaWiki 1.5.3 is a security and bugfix maintenance release.
+Validation of the user language option was broken by a code change in
+May 2005, opening the possibility of remote code execution as this
+parameter is used in forming a class name dynamically created with
+The validation has been corrected in this version. All prior 1.5 release
+and prelease versions are affected; 1.4 and earlier and not affected.
+Additionally several bugs have been fixed; see the changelog later in
+this file for a complete list.
+== MediaWiki 1.5.2 ==
+November 2, 2005
+MediaWiki 1.5.2 is a bugfix maintenance release.
+A change in PHP 4.4.1 and PHP 5.1.0RC broke handling of extension and
+<pre> sections, causing garbage data to be inserted in output and saved
+edits. This version works around the change.
+Several other glitches with MySQL 5.0 and PHP 5.0.5 were also fixed;
+see the change log below for a complete list.
+== MediaWiki 1.5.1 ==
+October 26, 2005
+MediaWiki 1.5.1 is a bugfix and security maintenance release, and is a
+recommended upgrade for all installations.
+This release includes further corrections to the inline CSS style sanitation
+which works around a JavaScript "feature" on Microsoft Internet Explorer.
+Users of Microsoft Internet Explorer for Windows may be vulnerable to
+XSS injections on prior versions; users of standards-compliant browsers
+are not vulnerable.
+Major fixes include:
+* Image pages work again with resizing disabled
+* Works in MySQL 5.0 strict mode
+There is experimental support in this release for explicitly declaring
+the UTF-8 charset in the database; this has been tested with MySQL 5.0.15
+but should work on 4.1 as well.
+IMPORTANT: Changing this setting on an existing wiki may produce interesting
+data corruption, depending on server configuration. Page contents should,
+usually, be unaffected, but page titles and other items may be. Limitations
+in MySQL's Unicode support mean that characters outside the BMP cannot be used
+in page titles or various other fields when using this mode.
+Table definitions are in maintenance/mysql5/tables.sql, and the runtime
+option to send 'SET NAMES utf8' is set by $wgDBmysql5 = true.
+(MySQL 3.23.x and 4.0.x do not support character set declarations; on these
+versions MediaWiki simply works with UTF-8 data and MySQL is blissfully
+unaware of it.)
+== MediaWiki 1.5.0 final ==
+October 5, 2005
+MediaWiki 1.5.0 is the new stable release branch of MediaWiki, and is
+recommended for all new installations.
+Any wikis running a 1.5 beta or release candidate are strongly recommended
+to upgrade to the final release, which includes a number of bug fixes and
+a security fix for CSS bugs in Microsoft Internet Explorer.
+IMPORTANT: Running a 1.3 or 1.4 wiki and don't want to jump to 1.5 yet?
+Be sure to upgrade to 1.3.17 or 1.4.11, also released today. Versions
+prior to 1.3.16 and 1.4.10 have a serious data corruption bug which is
+triggered by a spambot known to operate in the wild.
+=== What's new in 1.5? ===
+ The core table schema has changed significantly. This should make better
+ use of the database's cache and disk I/O, and make significantly speed up
+ rename and delete operations on pages with very long edit histories.
+ Unfortunately this does mean upgrading a wiki of size from 1.4 will require
+ some downtime for the schema restructuring, but future storage backend
+ changes should be able to integrate into the new system more easily.
+ The current revision of a page now has a permanent 'oldid' number assigned
+ immediately, and the id numbers are now preserved across deletion/undeletion.
+ A permanent reference to the current revision of a page is now just a matter
+ of going to the 'history' tab and copying the first link in the list.
+Page move log:
+ Renames of pages are now recorded in Special:Log and the page history.
+ A handy revert link is available from the log for sysops.
+Editing diff:
+ Ever lost track of what you'd done so far during an edit? A 'Show diff'
+ button on the edit page now makes it easy to remember.
+ It's now possible to specify the final filename of an upload distinct
+ from the original filename on your disk.
+ An image link for a missing file will now take you straight to the upload page.
+ More metadata is pre-extracted from uploaded images, which will ease pressure
+ on disk or NFS volumes used to store images. EXIF metadata is displayed on
+ the image description page if PHP is configured with the necessary module.
+ If .svg files are added to the upload whitelist, you can choose to render
+ them to rasterized .png images for inline display using one of several
+ external helper programs. See DefaultSettings.php for SVG options.
+User accounts:
+ There are some changes to the user permissions system, with assignable
+ groups. Note that this does *not* allow you to make pages which are only
+ accessible to certain groups.
+ For details see:
+ User-to-user e-mail can now be restricted to require a mail-back confirmation
+ first to reduce potential for abuse with false addresses.
+ Updates to user talk pages and watchlist entries can optionally send e-mail
+ notifications.
+External hooks:
+ A somewhat experimental interface for hooking in an external editor
+ application is included.
+ A bunch of stuff we forgot to mention.
+=== What's gone? ===
+ Wikis must now be encoded in Unicode UTF-8; this has been the default for
+ some time, but some languages could optionally be installed in Latin-1 mode.
+ This is no longer supported.
+ You can check if your current wiki is in Latin-1 mode by using your browser's
+ "view source"; look for a line like this:
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+ If it says charset=utf-8, you're ready. If it says charset=iso8859-1,
+ you may need to convert your data. (English-language wikis avoiding
+ any accented characters may be able to get away without conversion.)
+MySQL 3.x:
+ Some optimization hacks for MySQL 3.x have been removed as part of the schema
+ clean-up (specifically, the inverse_timestamp fields).
+ MediaWiki 1.5 may still run on 3.x, but wikis of non-trivial size should
+ very seriously consider upgrading to a more modern release. MySQL 3.x support
+ will probably be entirely dropped in the next major release.
+ These tools were, ironically enough, not really maintained. This special
+ page has been removed; insofar as some of its pieces were useful and haven't
+ already been supplanted by other special pages they should be rewritten in
+ an efficient and safe manner in the future.
+=== Caveats ===
+ Wikis in Latin-1 encoding are no longer supported; only Unicode UTF-8.
+ A new option $wgLegacyEncoding is provided to allow on-the-fly recoding of
+ old page text entries, but other metadata fields (titles, comments etc) need
+ to be pre-converted. The standard upgrade process does not yet fully automate
+ this, but you can try the alternate partial-upgrader in upgrade1_5.php.
+ The upgrade from 1.4 to 1.5 schema has not been tested for all cases, so
+ it's possible you may experience problems in some combinations.
+ The text entries of deleted pages are no longer removed from the main
+ text table on deletion. If you provide public backup dumps of your databases,
+ you will probably want to use the new XML-format dump generator, available
+ as maintenance/dumpBackup.php.
+ For more information on how we run our own public data dumps at Wikimedia,
+ see
+ The table definitions for PostgreSQL install are out of date. PostgreSQL
+ support may return in later releases, pending appropriate patches.
+MySQL 4.1+:
+ Some users may encounter installation problems with MySQL 4.1 or higher
+ due to strange charset encoding / collation configurations. Try setting
+ to 'latin1' or 'utf8' if you encounter problems.
+== MediaWiki 1.5 release candidate 4 ==
+August 29, 2005
+MediaWiki 1.5rc4 is a preview release of the new 1.5 release series.
+It fixes compatibility with PHP 5.1, and corrects two cross-site scripting
+security bugs:
+* <math> tags were handled incorrectly when TeX rendering support is off,
+ as in the default configuration.
+* Extension or <nowiki> sections in Wiki table syntax could bypass HTML
+ style attribute restrictions for cross-site scripting attacks against
+ Microsoft Internet Explorer
+Wikis where the optional math support has been *enabled* are not vulnerable
+to the first, but are vulnerable to the second.
+== MediaWiki 1.5 release candidate 3 ==
+August 24, 2005
+MediaWiki 1.5rc3 is a preview release of the new 1.5 release series.
+It fixes several major problems in 1.5rc2:
+* Fixed a cross-site scripting injection in the search form
+ (broken since 1.5beta1)
+* Fixed upgrades from 1.4 database schema
+ (broken since 1.5rc2)
+1.3 and 1.4 releases are not vulnerable to the XSS bug, but anyone
+running an earlier 1.5 beta or release candidate should upgrade
+== MediaWiki 1.5 release candidate 2 ==
+August 23, 2005
+MediaWiki 1.5rc2 is a preview release of the new 1.5 release series.
+Numerous bug fixes since last beta, plus a security fix; see change
+log below for full details.
+A flaw in the interaction between extensions and HTML attribute
+sanitization was discovered which could allow unauthorized use
+of offsite resources in style sheets, and possible exploitation
+of a JavaScript injection feature on Microsoft Internet Explorer.
+This version expands the returned text and properly checks it
+before output.
+A 1.5rc1 release was mistakenly made from the incorrect source code
+branch; 1.5rc2 is identical to the actual 1.5rc1 in revision control
+except for version number.
+== MediaWiki 1.5 beta 4 ==
+July 30, 2005
+MediaWiki 1.5 beta 4 is a preview release of the new 1.5 release series.
+A number of bugs have been fixed since beta 3; see the full changelist below.
+== MediaWiki 1.5 beta 3 ==
+July 7, 2005
+MediaWiki 1.5 beta 3 is a preview release of the new 1.5 release
+series, with a security update over beta 2.
+Incorrect escaping of a parameter in the page move template could
+be used to inject JavaScript code by getting a victim to visit a
+maliciously constructed URL. Users of vulnerable releases are
+recommended to upgrade to this release.
+Vulnerable versions:
+* 1.5 preview series: n <= 1.5beta2 vulnerable, fixed in 1.5beta3
+* 1.4 stable series: 1.4beta6 <= n <= 1.4.5 vulnerable, fixed in 1.4.6
+* 1.3 legacy series: not vulnerable
+This release also includes several bug fixes and localization updates.
+See the changelog at the end of this file for a detailed list.
+== MediaWiki 1.5 beta 2 ==
+July 5, 2005
+MediaWiki 1.5 beta 2 is a preview release of the new 1.5 release series.
+While most exciting new bugs should have been ironed out at this point,
+third-party wiki operators should probably not run this beta release
+on a public site without closely following additional development.
+Anyone who _has_ been running beta 1 is very very strongly advised to
+upgrade to beta 2, as it fixes many bugs from the previous beta including
+a couple of HTML and SQL injections.
+This release should be followed by one or two release candidates and
+a 1.5.0 final within the next few weeks.
+Beta upgraders, note there are some minor database changes. For upgrades
+from 1.4, see the file UPGRADE for details on significant database and
+configuration file changes.
+Beta 2 includes a preliminary command-line XML wiki dump importer tool,
+maintenance/importDump.php, paired with maintenance/dumpBackup.php.
+These use the same format as Special:Export and Special:Import, able
+to package a wiki's entire page set independent of the backend database
+and compression format.
+== MediaWiki 1.5 beta 1 ==
+June 26, 2005
+MediaWiki 1.5 beta 1 is a preview release, pretty much feature complete,
+of the new 1.5 release series. There are several known and likely a number
+of unknown bugs; it is not recommended to use this release in a production
+environment but would be recommended for testing in mind of an upcoming
+A number of significant changes have been made since the alpha releases,
+including database changes and a reworking of the user permissions settings.
+See the file UPGRADE for details of upgrading and changing your prior
+configuration settings for the new system.
+== MediaWiki 1.5 alpha 2 ==
+June 3, 2005
+MediaWiki 1.5 alpha 2 includes a lot of bug fixes, feature merges,
+and a security update.
+Incorrect handling of page template inclusions made it possible to
+inject JavaScript code into HTML attributes, which could lead to
+cross-site scripting attacks on a publicly editable wiki.
+Vulnerable releases and fix:
+* 1.5 prerelease: fixed in 1.5alpha2
+* 1.4 stable series: fixed in 1.4.5
+* 1.3 legacy series: fixed in 1.3.13
+* 1.2 series no longer supported; upgrade to 1.4.5 strongly recommended
+== MediaWiki 1.5 alpha 1 ==
+May 3, 2005
+This is a testing preview release, being put out mainly to aid testers in
+finding installation bugs and other major problems. It is strongly recommended
+NOT to run a live production web site on this alpha release.
+=== Smaller changes since 1.4 ===
+Various bugfixes, small features, and a few experimental things:
+* 'live preview' reduces preview reload burden on supported browsers
+* support for external editors for files and wiki pages:
+* Schema reworking:
+* (bug 15) Allow editors to view diff of their change before actually submitting an edit
+* (bug 190) Hide your own edits on the watchlist
+* (bug 510): Special:Randompage now works for other namespaces than NS_MAIN.
+* (bug 1015) support for the full wikisyntax in <gallery> captions.
+* (bug 1105) A "Destination filename" (save as) added to Special:Upload Upload.
+* (bug 1352) Images on description pages now get thumbnailed regardless of whether the thumbnail is larger than the original.
+* (bug 1662) A new magicword, {{CURRENTMONTHABBREV}} returns the abbreviation of the current month
+* (bug 1668) 'Date format' supported for other languages than English, see:
+* (bug 1739) A new magicword, {{REVISIONID}} give you the article or diff database
+ revision id, useful for proper citation.
+* (bug 1998) Updated the Russian translation.
+* (bug 2064) Configurable JavaScript mimetype with $wgJsMimeType
+* (bug 2084) Fixed a regular expression in includes/Title.php that was accepting invalid syntax like #REDIRECT [[foo] in redirects
+* It's now possible to invert the namespace selection at Special:Allpages and Special:Contributions
+* No longer using to check for open proxies by default.
+* What was $wgDisableUploads is now $wgEnableUploads, and should be set to true if one wishes to enable uploads.
+* Supplying a reason for a block is no longer mandatory
+* Language conversion support for category pages
+* $wgStyleSheetDirectory is no longer an alias for $wgStyleDirectory;
+* Special:Movepage can now take paramaters like Special:Movepage/Page_to_move
+ (used to just be able to take paramaters via a GET request like index.php?title=Special:Movepage&target=Page_to_move)
+* (bug 2151) The delete summary now includes editor name, if only one has edited the article.
+* (bug 2105) Fixed from argument to the PHP mail() function. A missing space could prevent sending mail with some versions of sendmail.
+* (bug 2228) Updated the Slovak translation
+* ...and more!
+=== Changes since 1.5alpha1 ===
+* (bug 73) Category sort key is set to file name when adding category to
+ file description from upload page (previously it would be set to
+ "Special:Upload", causing problems with category paging)
+* (bug 419) The contents of the navigation toolbar are now editable through
+ the MediaWiki namespace on the MediaWiki:navbar page.
+* (bug 498) The Views heading in MonoBook.php is now localizable
+* (bug 898) The wiki can now do advanced sanity check on uploaded files
+ including virus checks using external programs.
+* (bug 1692) Fix margin on unwatch tab
+* (bug 1906) Generalize project namespace for Latin localization, update namespaces
+* (bug 1975) The name for Limburgish (li) changed from "Lèmburgs" to "Limburgs
+* (bug 2019) Wrapped the output of Special:Version in <div dir='ltr'> in order
+ to preserve the correct flow of text on RTL wikis.
+* (bug 2067) Fixed crash on empty quoted HTML attribute
+* (bug 2075) Corrected namespace definitions in Tamil localization
+* (bug 2079) Removed links to Special:Maintenance from movepagetext message
+* (bug 2094) Multiple use of a template produced wrong results in some cases
+* (bug 2095) Triple-closing-bracket thing partly fixed
+* (bug 2110) "noarticletext" should not display on Image page for "sharedupload" media
+* (bug 2150) Fix tab indexes on edit form
+* (bug 2152) Add missing bgcolor to attribute whitelist for <td> and <th>
+* (bug 2176) Section edit 'show changes' button works correctly now
+* (bug 2178) Use temp dir from environment in parser tests
+* (bug 2217) Negative ISO years were incorrectly converted to BC notation
+* (bug 2234) allow special chars in database passwords during install
+* Deprecated the {{msg:template}} syntax for referring to templates, {{msg: is
+ now the wikisyntax representation of wfMsgForContent()
+* Fix for reading incorrectly re-gzipped HistoryBlob entries
+* HistoryBlobStub: the last-used HistoryBlob is kept open to speed up
+ multiple-revision pulls
+* Add $wgLegacySchemaConversion update-time option to reduce amount of
+ copying during the schema upgrade: creates HistoryBlobCurStub reference
+ records in text instead of copying all the cur_text fields. Requires
+ that the cur table be left in place until/unless such fields are migrated
+ into the main text store.
+* Special:Export now includes page, revision, and user id numbers by
+ default (previously this was disabled for no particular reason)
+* dumpBackup.php can dump the full database to Export XML, with current
+ revisions only or complete histories.
+* The group table was renamed to groups because "group" is a reserved word in
+ SQL which caused some inconveniances.
+* New fileicons for c, cpp, deb, dvi, exe, h, html, iso, java, mid, mov, o,
+ ogg, pdf, ps, rm, rpm, tar, tex, ttf and txt files based on the KDE
+ crystalsvg theme.
+* Fixed a bug in Special:Newimages that made it impossible to search for '0'
+* Added language variant support for Icelandic, now supports "Íslenzka"
+* The #p-nav id in MonoBook is now #p-navigation
+* Putting $4 in msg:userstatstext will now give the percentage of
+ admnistrators out of normal users.
+* links and brokenlinks tables merged to pagelinks; this will reduce pain
+ dealing with moves and deletes of widely-linked pages.
+* Add validate table and val_ip column through the updater.
+* Simple rate limiter for edits and page moves; set $wgRateLimits
+ (somewhat experimental; currently needs memcached)
+* (bug 2262) Hide math preferences when TeX is not enabled
+* (bug 2267) Don't generate thumbnail at the same size as the source image.
+* Fix for new schema
+* Remove linkscc table code, no longer used.
+* (bug 2271) Use faster text-only link replacement in image alt text
+ instead of rerunning expensive link lookup and HTML generation.
+* Only build the HTML attribute whitelist tree once.
+* Replace wfMungeToUtf8 and do_html_entity_decode with a single function
+ that does both numeric and named chars: Sanitizer::decodeCharReferences
+* Removed some obsolete UTF-8 converter functions
+* Fix function comment in debug dump of SQL statements
+* (bug 2275) Update search index more or less right on page move
+* (bug 2053) Move comment whitespace trimming from edit page to save;
+ leaves the whitespace from the section comment there on preview.
+* (bug 2274) Respect stub threshold in category page list
+* (bug 2173) Fatal error when removing an article with an empty title from the watchlist
+* Removed -f parameter from mail() usage, likely to cause failures and bounces.
+* (bug 2130) Fixed interwiki links with fragments
+* (bug 684) Accept an attribute parameter array on parser hook tags
+* (bug 814) Integrate AuthPlugin changes to support Ryan Lane's external
+ LDAP authentication plugin
+* (bug 2034) Armor HTML attributes against template inclusion and links munging
+=== Changes since 1.5alpha2 ===
+* (bug 2319) Fix parse hook tag matching
+* (bug 2329) Fix title formatting in several special pages
+* (bug 2223) Add unique index on user_name field to prevent duplicate accounts
+* (bug 1976) fix shared user database with a table prefix set
+* (bug 2334) Accept null for attribs in wfElement without PHP warning
+* (bug 2309) Allow templates and template parameters in HTML attribute zone,
+ with proper validation checks. (regression from fix for 2304)
+* Disallow close tags and enforce empty tags for <hr> and <br>
+* Changed user_groups format quite a bit.
+* (bug 2368) Avoid fatally breaking PHP 4.1.2 in a debug line
+* (bug 2367) Insert correct redirect link record on page move
+* (bug 2372) Fix rendering of empty-title inline interwiki links
+* (bug 2384) Fix typo in regex for IP address checking
+* (bug 650) Prominently link MySQL 4.1 help page in installer if a possible
+ version conflict is detected
+* (bug 2394) Undo incompatible breakage to {{msg:}} compatiblity includes
+* (bug 1322) Use a shorter cl_sortkey field to avoid breaking on MySQL 4.1
+ when the default charset is set to utf8
+* (bug 2400) don't send confirmation mail on account creation if
+ $wgEmailAuthentication is false.
+* (bug 2172) Fix problem with nowiki beeing replaced by marker strings
+ when a template with a gallery was used.
+* Guard Special:Userrights against form submission forgery
+* (bug 2408) page_is_new was inverted (whoops!)
+* Added wfMsgHtml() function for escaping messages and leaving params intact
+* Fix ordering of Special:Listusers; fix groups list so it shows all groups
+ when searching for a specific group and can't be split across pages
+* (bug 1702) Display a handy upload link instead of a useless blank link
+ for [[media:]] links to nonexistent files.
+* (bug 873) Fix usage of createaccount permission; replaces $wgWhitelistAccount
+* (bug 1805) Initialise $wgContLang before $wgUser
+* (bug 2277) Added Friulian language file
+* (bug 2457) The "Special page" href now links to the current special page
+ rather than to "".
+* (bug 1120) Updated the Czech translation
+* A new magic word, {{SCRIPTPATH}}, returns $wgScriptPath
+* A new magic word, {{SERVERNAME}}, returns $wgServerName
+* A new magic word, {{NUMBEROFFILES}}, returns the number of rows in the image table
+* Special:Imagelist displays titles with " " instead of "_"
+* Less gratuitous munging of content sample in delete summary
+* badaccess/badaccesstext to supercede sysop*, developer* messages
+* Changed $wgGroupPermissions to more cut-n-paste-friendly format
+* 'developer' group deprecated by default
+* Special:Upload now uses 'upload' permission instead of hardcoding login check
+* Add 'importupload' permission to disable direct uploads to Special:Import
+* (bug 2459) Correct escaping in Special:Log prev/next links
+* (bug 2462 etc) Taking out the experimental dash conversion; it broke too many
+ things for the current parser to handle cleanly
+* (bug 2467) Added a Turkish language file
+* Fixed a bug in Special:Contributions that caused the namespace selection to
+ be forgotten between submits
+* Special:Watchlist/edit now has namespace subheadings
+* (bug 1714) the "Save page" button now has right margin to seperate it from
+ "Show preview" and "Show changes"
+* Special:Statistics now supports action=raw, useful for bots designed to
+ harwest e.g. article counts from multiple wikis.
+* The copyright confirmation box at Special:Upload is now turned off by default
+ and can be turned back on by setting $wgCopyrightAffirmation to a true value.
+* Restored prior text for password reminder button and e-mail, replacing
+ the factually inaccurate text that was there.
+* (bug 2178) Fix temp dir check again
+* (bug 2488) Format 'deletedtext' message as wikitext
+* (bug 750) Keep line endings consistent in LocalSettings.php
+* (bug 1577) Add 'printable version' tab in MonoBook for people who don't
+ realize you can just hit print to get a nicely formatted printable page.
+* Trim whitespace from option values to weather line-ending corruption problems
+* Fixed a typo in the Romanian language file (NS_MESIA => NS_MEDIA)
+* (bug 2504) Updated the Finnish translation
+* (bug 2506, 2512) Updated the Nynorsk translation
+* (bug 996) Replace $wgWhitelistEdit with 'edit' permission; fixup UPGRADE
+ documentation about edit and read whitelists.
+* (bug 2515) Fix incremental link table update
+* Removed some wikipedia-specifica from LanguageXx.php's
+* (bug 2496) Allow MediaWiki:edithelppage to point to external page
+* Added a versionRequired() function to OutputPage, useful for extension
+ writers that want to control what version of MediaWiki their extension
+ can be used with.
+* Serialized user objects now checked for versioning
+* Fix for interwiki link regression
+* Printable link shorter in monobook
+* Experimental Latin-1-and-replication-friendly upgrader script
+* (bug 2520) Don't show enotif options when disabled
+== Changes since 1.5beta1 ==
+* (bug 2531) Changed the interwiki name for sh (Serbocroatian) to
+ Srpskohrvatski/Српскохрватски (was Српскохрватски (Srbskohrvatski))
+* Nonzero return code for command-line scripts on wfDebugDieBacktrace()
+* Conversion fix for empty old table in upgrade1_5.php
+* Try reading revisions from master if no result on slave
+* (bug 2538) Suppress notice on user serialized checks
+* Fix paging on Special:Contributions
+* (bug 2541) Fix unprotect tab
+* (bug 1242) category list now show on edit page
+* Skip sidebar entries where link text is '-'
+* Convert non-UTF-8 URL parameters even if referer is local
+* (bug 2460) <img> width & height properly filled when resizing image
+* (bug 2273) deletion log comment used user interface langage
+* Try reading revision _text_ from master if no result on slave
+* Use content-language message cache for raw view of message pages
+* (bug 2530) Not displaying talk pages on Special:Watchlist/edit
+* Fixed a bug that would occour if $wgCapitalLinks was set to false, a user
+ agent could create a username that began with a lower case letter that was
+ not in the ASCII character set ( now user $wgContLang->ucfirst() instead of
+ PHP ucfirst() )
+* Moved the user name / password validity checking from
+ LoginForm::addNewAccountInternal() to two new functions,
+ User::isValidUserName() and User::isValidPassword(), extensions can now do
+ these checks without rewriting code.
+* Fix $wgSiteNotice when MediaWiki:Sitenotice is set to default '-'
+* Fixed a bug where the watchlist count without talk pages would be off by a
+ factor of two.
+* upgrade1_5.php uses insert ignore, allows to skip image info initialization
+* Fix namespaces in category list.
+* Add rebuildImages.php to update image metadata fields
+* Special:Ancientpages is expensive in new schema for now
+* (bug 2568) Fixed a logic error in the Special:Statistics code which caused
+ the displayed percentage of admins to be totally off.
+* (bug 2560) Don't show blank width/height attributes for missing size
+* Don't show bogus messages about watchlist notifications when disabled
+* Don't show old debug messages in watchlist
+* (bug 2576) Fix recording of transclusion links
+* (bug 2577) Allow sysops to enter non-standard block times
+* Fixed a bug where Special:Contributions wouldn't remember the 'invert'
+ status between next/previous buttons.
+* Move MonoBook printable link from tab to sidebar
+* (bug 2567) Fix HTML escaping on category titles in list
+* (bug 2562) Show rollback link for current revisions on diff pages
+* (bug 2583) Add --missinig option on rebuildImages.php to add db entries
+ for uploaded files that don't have them
+* (bug 2572) Fix edit conflict handling
+* (bug 2595) Show "Earlier" and "Latest" links on history go to the first/last
+ page in the article history pager.
+* Don't show empty-page text in 'Show changes' on new page
+* (bug 2591) Check for end, fix limits on Whatlinkshere
+* (bug 2584) Fix output of subcategory list
+* (bug 2597) Don't crash when undeleting an image description page
+* (bug 2564) Don't show "editingold" warning for recent revision
+* Various code cleanup and HTML escaping fixlets
+* Copy IRC-over-UDP update option from REL1_4
+* (bug 2548) Keep summary on 'show changes' of section edit
+* Move center on toc to title part to avoid breaking .toc style usage
+* HTML sanitizer: correct multiple attributes by keeping last, not first
+* (bug 2614) Fix section edit links on diff-to-current with oldid set
+ Also fix navigation links on current-with-oldid view.
+* (bug 2620) Return to prior behavior for some more things (such as
+ subpage parent links) on current-diff view.
+* (bug 2618) Fix regression from another fix; show initial preview for
+ categories only if the page does not exist.
+* (bug 2625) Keep group & user settings when paging in Listusers
+* (bug 2627) Fix regression: diff radio button initial selection
+* Copy fix for old search URLs with Lucene search plugin from REL1_4
+* (bug 619) Don't use incompatible diff3 executable on non-Linux systems.
+* (bug 2631) Fix Hebrew namespaces.
+* (bug 2630) Indicate no-longer-valid cached entries in BrokenRedirects list
+* (bug 2644, 2645) "cur" diff links in page history, watchlist and
+ recentchanges should specify current ID explicitly.
+* (bug 2609) Fix text justification preferenced with MonoBook skin.
+* (bug 2594) Display article tab as red for non-existent articles.
+* (bug 2656) Fix regression: prevent blocked users from reverting images
+* (bug 2629) Automatically capitalize usernames again instead of
+ rejecting lowercase with a useless error message
+* (bug 2661) Fix link generation in contribs
+* Add support for &preload=Page_name (load text of an existing page into
+edit area) and &editintro=Page_name (load text of an existing page instead
+of MediaWiki:Newpagetext) to &action=edit, if page is new.
+* (bugs 2633, 2672, 2685, 2695) Fix Estonian, Portuguese, Italian, Finnish and
+ Spanish numeric formatting
+* Fixed Swedish numeric formatting
+* (bug 2658) Fix signature time, localtime to match timezone offset again
+* Files from shared repositories (e.g. commons) now display with their
+ image description pages when viewed on local wikis.
+* Restore compatibility namespace aliases for French Wikipedia
+* Fix diff order on Enhanced RC 'changes' link
+* (bug 2650) Fix national date type display on wikis that don't support
+ dynamic date conversion.
+* FiveUpgrade: large table hacks, install iw_trans update before links
+* (bug 2648) Rename namespaces in Afrikaanse
+* Special:Booksources checks if custom list page exists before using it
+* (bug 1170) Fixed linktrail for da: and ru:
+* (bug 2683) Really fix apostrophe escaping for toolbox tips
+* (bug 923) Fix title and subtitle for rclinked special page
+* (bug 2642) watchdetails message in several languages used <a></a> instead of [ ]
+* (bug 2181) basic CSB language localisation by Tomasz G. Sienicki (thanks for the patch)
+* Fix correct use of escaping in edit toolbar bits
+* Removed language conversion support from Icelandic
+* (bug 2616) Fix proportional image scaling, giving correct height
+* (bug 2640) Include width and height attributes on unscaled images
+* Workaround for mysterious problem with bogus epoch If-Last-Modified reqs
+* (bug 1109) Suppress compressed output on 304 responses
+* (bug 2674) Include some site configuration info in export data:
+ namespaces definitions, case-sensitivity, site name, version.
+* Use xml:space="preserve" hint on export <text> elements
+* Make language variant selection work again for zh
+== Changes since 1.5beta2 ==
+* Escaped & correctly in Special:Contributions
+* (bug 2534) Hide edit sections with CSS to make right click to edit section work
+* (bug 2708) Avoid undefined notice on cookieless login attempt
+* (bug 2188) Correct template namespace for Greek localization
+* Fixed number formatting for Dutch
+* (bug 1355) add class noprint to commonPrint.css
+* (bug 2350) Massive update for Limburgish (li) language using Wikipédia
+* Massive update for Arab (ar) language using Wikipédia
+* (bug 1560) Massive update for Kurdish (ku) language using Wikipédia
+* (bug 2709) Some messages were not read from database
+* (bug 2416) Don't allow search engine robots to index or follow nonexisting articles
+* Fix escaping in page move template.
+* (bug 153) Discrepancy between thumbnail size and <img> height attribute
+== Changes since 1.5beta3 ==
+* Fix talk page move handling
+* (bug 2721) New language file for Vietnamese with the Vietnamese number notation
+* (bug 2749) &nbsp; would appear as a literal in image galleries for Cs, Fr, Fur, Pl and Sv
+* (bug 787) external links being rendered when they only have one slash
+* Fixed a missing typecast in Language::dateFormat() that would cause some
+ interesting errors with signitures.
+* (bug 2764) Number format for Nds
+* (bug 1553) Stop forcing lowercase in Monobook skin for German language.
+* (bug 1064) Implements Special:Unusedcategories
+* (bug 2311) New language file for Macedonian
+* Fix nohistory message on empty page history
+* Fix fatal error in history when validation on
+* Cleaned up email notification message formatting
+* Finally fixed Special:Disambiguations that was broke since SCHEMA_WORK
+* (bug 2761) fix capitalization of "i" in Turkish
+* (bug 2789) memcached image metadata now cleared after deletion
+* Add serialized version number to image metadata cache records
+* (bug 2780) Fix thumbnail generation with GD for new image schema
+* (bug 2791) Slovene numeric format
+* (bug 655) Provide empty search form when searching for nothing
+* Nynorsk numeric format fix
+* (bug 2825) Fix regression in newtalk notifications for anons w/ enotif off
+* (bug 2833) Fix bug in previous fix
+* With $wgCapitalLinks off, accept off-by-first-letter-case in 'go' match
+* Optional parameters for [[Special:Listusers]]
+* (bug 2832) [[Special:Listadmins]] redirects to [[Special:Listusers/sysop]]
+* (bug 785) Parser did not get out of <pre> with list elements
+* Some shared upload fixes
+* (bug 2768) section=new on nonexistent talk page does not add heading
+* support preload= parameter for section=new
+* show comment subject in preview when using section=new
+* use comment form when creating a new talk page
+* (bug 460) Properly handle <center> tags as a block.
+* Undo inconsistent editing behavior change
+* (bug 2835) Back out fix for bug 2802, caused regressions in category sort
+* PHP 4.1.2 compatibility fix: define floatval() equivalent if missing
+* (bug 2901) Number format for Catalan
+* Special:Allpages performance hacks: index memcached caching, removed
+ inverse checkbox, use friendlier relative offsets in index build
+* Bring back "Chick" skin for mobile devices. It needs testing.
+* Fix spelling of $wgForwardSearchUrl in DefaultSettings.php
+* Specify USE INDEX on Allpages chunk queries, sometimes gets lost
+ due to bogus optimization
+* (bug 275) Section duplication fix
+* Remove unused use of undefined variable in UserMailer
+* Fix notice on search index update due to non-array
+* (bug 2885) Fix fatal errors and notices in PHP 5.1.0beta3
+* (bug 2931) Fix additional notices on reference use in PHP 4.4.0
+* (bug 2774) Add three new $wgHooks to LogPage which enable extensions to add
+ their own logtypes, see extensions/Renameuser/SpecialRenameuser.php for an
+ example of this.
+* (bug 740) Messages from extensions now appear in Special:Allmessages
+* (bug 2857) fixed parsing of lists in <pre> sections
+* (bug 796) Trackback support
+* Fix 1.5 regression: weird, backwards diff links on new pages in enhanced RC
+ are now suppressed as before.
+* New skin: Simple
+* "uselang" and "useskin" URL parameters can now be used in the URL when
+ viewing a page, to change the language and skin of a page respectively.
+* Skins can now be previewed in preferences
+* (bug 2943) AuthPlugin::getCanonicalName() name canonicalization hook,
+ patch from robla
+* Wrap revision insert & page update in a transaction, rollback on late
+ edit conflict.
+* (bug 2953) 'other' didn't work in Special:Blockip when localized
+* (bug 2958) Rollback and delete auto-summary should be in the project's
+ content language
+* Removed useless protectreason message
+* Spelling fix: $wgUrlProtcols -> $wgUrlProtocols
+* Switch Moldovan local name to cyrillic
+* Fix typo in undefined array index access prevention
+* (bug 2947) Update namespaces for sr localization
+* (bug 2952) Added Asturian language file with translated namespaces
+* (bug 2676) Apply a protective transformation on editing input/output
+ for browsers that hit the Unicode blacklist. Patch by plugwash.
+* (bug 2999) Fix encoding conversion of pl_title in upgrade1_5.php
+* compressOld.php disabled, as it's known to be broken.
+=== Changes since 1.5beta4 ===
+* Fix Special:Allmessages under PHP 5
+* (bug 2911) Special:Watchlist allowed only one type of limit at a time
+* (bug 693) Special:Allmessages is excessively wide and redundant
+* (bug 3001) Updated and applied live hack for recentchanges-based watchlist
+* (bug 145) Finish 'exclude redirect' implementation in search form
+* Rearranged Special:Movepage form to reduce confusion between destination
+ title and reason input boxes
+* (bug 2527) Always set destination filename when new file is selected
+* (bug 3056) MySQL 3 compatibility fix: USE INDEX instead of FORCE INDEX
+* PHP 4.1 compatibility fix: don't use new_link parameter to mysql_connect
+ if running prior to 4.2.0 as it causes the call to fail
+* (bug 3117) Fix display of upload size and type with tidy on
+* (bug 1487) invalid html on empty list in banlist
+* (bug 3017) Hotkey conflict for delete and show changes
+* made pixel unit translateable and blocklistline now eats infiniteblock
+ and expiringblock
+* (bug 3092) Wrong numerical separator for big numbers in Serbian.
+* (bug 2855) Credit for a uniq author showed its realname even with
+ $wgAllowRealName=false.
+* New special page: SpecialMostlinked
+* (bug 2393) Fix MIME type for Atom feeds ( application/rss+atom )
+* Fix display of read-only lockfile message
+* Added a new hook, 'AddNewAccount', which is run after account creation
+* Update all stats fields on recount.sql
+* Include software-visible client IP address in Special:Version comment
+ as a proxy debugging aid
+* (bug 3162) Fix 'undefined property page_is_new' error on watchlist
+* (bug 1734) granting db permissions failed with db usernames containg '-'
+* (bug 3170) wikititlesuffix was removed, use pagetitle instead
+* (bug 3187) watchlist text refer to unexistent "Stop watching" action
+* (bug 3190) Added some date format choices for language sr
+* (bug 1334) LanguageGa.php update
+* (bug 1020) Changing user interface language does not work immediately
+* (bug 2753) Some namespaces were not translated in LanguageTa.php (Tamil)
+* (bug 3204) Fix typo breaking special pages in fy localization
+* (bug 3210) Fix Media: links with remote image URL path
+* (bug 3220) Fix escaping of block URLs in Recentchanges
+* (bug 3238): Updated LanguageNn.php for 1_5 branch
+* (bug 3192): properly check 'limit' parameter on Special:Contributions
+* (bug 3244) Fix remote image loading hack, JavaScript injection on MSIE
+* Fix URL sanitization in HTML attributes, which broke in this branch
+* (bug 3475) anon contrib links on Special:Newpages
+=== Changes since 1.5rc2 ===
+* Fix upgrade from 1.4 due to version number check breakage
+* Fix upgrade from 1.4 with no old revisions
+* (bug 2108) Sort entries when using category browser
+* XSS issue : now sanitize search query input
+=== Changes since 1.5rc3 ===
+* (bug 3280) Respect 'move' group permission on page moves
+* (bug 2885) More PHP 5.1 fixes: skin, search, log, undelete
+* Security fix for <math>
+* Security fix for tables
+=== Changes since 1.5rc4 ===
+* (bug 3292) Fix move-over-redirect test when current entries are not plaintext
+* (bug 2078) Don't hide watch tab on preview
+* (bug 3306) Document $wgLocalTZoffset
+* Support SVG rendering with rsvg
+* Cap arbitrary SVG renders to given image size or $wgSVGMaxSize pixels wide
+* (bug 3127) Render large SVGs at image page size correctly
+* (bug 3448) Set page_len on undelete
+* (bug 2800) Don't scale up small iamges on |thumb| without explicit size
+* Use the real file link instead of the default-size rasterized version for
+ large SVG images on image description page
+* Include the file name/type/size line for non-resized images
+* (bug 3412) Clean up date format handling so ~~~~-sigs work with default
+ format as designed. Documentation comments updated.
+* (bug 1423) LanguageJa.php update
+* (bug 3405) Don't use raw letters as aliases of MSGNW: and SUBST:
+* (bug 3485) Fix bogus warning about filename capitalization when off
+* (bug 2792) Update for new schema
+* Special:Import/importDump fixes: report XML parse errors, accept <minor/>
+* (bug 3489) PHP 5.1 compat problem with captioned images
+* (bug 3350) Missing label for move talk page checkbox.
+* (bug 2570) Add 'watch this page' checkbox on uploads, watch uploads
+ by default when 'watchdefault' option is on
+* (bug 3182) Clear link cache during import to prevent memory leak
+* (bug 3573) Full Greek Translation
+* (bug 3595) Warn and abort if importDump.php called in read-only mode.
+* (bug 3598) Update message cache on message page deletion, patch by Tietew
+* Blacklist additional MSIE CSS safety tricks
+=== Changes since 1.5.0 ===
+* (bug 3629) Fix date & time format for Frisian
+* (bug 3641) Fix handling of unrecognized file uploads with known extensions
+* (bug 3643) Fix image page display of large images with resizing disabled
+* Fix meta robots tag on Special:Version again to avoid listing vulnerable
+ versions for convenient harvesting by automated worms
+* (bug 3684) Fix typo in fatal error backtraces in Hooks.php
+* Backport fix for reference usage notice in Special:Search on PHP 4.4.0
+* Backport database connect error display fix from HEAD
+* (bug 2773) Print style sheet no longer overrides RTL text direction
+* MonoBook skin top link id changed from "contentTop" to "top" (shared with
+ name attribute)
+* Wrap message page insertions in a transaction to speed up installation
+* Fix Special:MovePage invalid HTML attribute for reason textarea
+* Avoid notice warning on edit with no User-Agent header
+* (bug 3734) Swapped out obsolete recount.sql with initStats.php
+* (bug 3735) Fix to run under MySQL 5's strict mode
+* (bug 3786) Experimental support for MySQL 4.1/5.0 utf8 charset mode
+ NOTE: Enabling this may break existing wikis, and still doesn't
+ work for all Unicode characters due to MySQL limitations.
+* Sanitizer CSS comment processing order fix
+=== Changes since 1.5.1 ===
+* Fix Special:BrokenRedirects on MySQL 5.0
+* (bug 3809) Backport fix for detecting diff3 failure
+* MySQL 5.0 strict mode fix for moving unwatched pages
+* (bug 3782) Throw fatal installation warning if mbstring.func_overload on.
+ Why do people invent these crazy options that change language semantics?
+* (bug 3762) Define missing Special:Import UI messages
+* (bug 3771) Handle internal functions in backtrace in wfAbruptExit()
+* (bug 3649) Remove obsolete, broken moveCustomMessages script
+* (bug 3667) Add missing global in page move code
+* (bug 3761) Avoid deprecation warnings in Special:Import
+* (bug 2885) Remove unnecessary reference parameter which broke classic skin
+ talk notification on PHP 5.0.5
+* (bug 3845) Update attribute.php for 1.5 schema
+* Fix Parser::unstrip on PHP 4.4.1 and PHP 5.1.0RC4
+=== Changes since 1.5.2 ===
+* (bug 3612) Remove old broken version of maintenance/compressOld.php
+ The working version is in maintenance/storage/compressOld.php
+* (bug 2740) Accept image deletions on 'enter' submit from MSIE
+* (bug 3933) specify XML namespace for Atom 0.3 feeds
+* (bug 3939) Don't try to load text for interwiki redirect target
+* (bug 3948) Avoid notice warning in debug statement in bad search
+* Recognize Special:Search consistently so read whitelist works
+* (bug 4013) typo in fr
+* (bug 3996) Fix text for new entries in RC RSS/Atom feed
+* (bug 2894) Enhanced Recent Changes link fixes
+* (bug 3065) Update both watched namespaces when renaming pages
+* Move parentheses out of <a> link in Special:Contributions
+* (bug 4071) Generate passwords long enough for $wgMinimalPasswordLength
+* (bug 4035) Fix prev/next revision links on edit page
+* (bug 4165) Correct validation for user language selection (data taint)
+* Clearer message in DefaultSettings.php: edit LocalSettings.php instead
+=== Changes since 1.5.3 ===
+* (bug 3805) Clear 'new messages' flag properly in enotif mode
+ for usernames containing spaces
+* (bug 2714) Backlink from special:whatlinkshere was hard set as 'existing'
+* (bug 4249) Typo in
+* (bug 4233) Update for japanese language
+* (bug 4279) Small correction to LanguageDa.php
+* (bug 4267) Switch dv sd ug ks arc languages to RTL
+* (bug 3991) Allow the operation of wikicode on Protect move only text
+* Added AutoAuthenticate hook for external User object suppliers
+* Parser internal placeholder string now fully randomized for safety
+=== Changes since 1.5.4 ===
+* Maintenance script to delete unused user accounts
+* Added detection for WMF files (application/x-msmetafile), added this
+ MIME type to the default blacklist. Prevented inline display of images
+ which are not of known image types. This is in response to
+=== Changes since 1.5.5 ===
+* (bug 4258) When installing under IIS, $wgArticlePath = "$wgScript?title=$1"
+ should be set
+* (bug 4510) Correct Barnes & Noble bookstore URLs
+* (bug 4504) Use site language for namespace name resolution
+* Installer fixes from HEAD backported; now uses a more sensible method of
+ establishing which mySQL user to use, which clears up bug 921 et al. Minor
+ changes to installer.
+* Fix problem reported on mailing list where re-initialising stats didn't work
+ (can't insert duplicate rows with the same id field)
+* (bug 1122) gray out 'older revision' when viewing first article revision.
+* Respect database prefix in
+* Minor improvements to removeUnusedAccounts.php maintenance script
+* Fix for single-digit week numbers from {{CURRENTWEEK}}, broken by PHP 4.4.1
+* Removed read-only check from Database::query()
+* Added --conf option to command line scripts, allowing the user to specify a
+ different LocalSettings.php.
+=== Changes since 1.5.6 ===
+* Default main page content improved per bug 4690
+* Fix dependence on hardcoded UNIQ_PREFIX in LanguageConverter.php
+* Fixed Special:Unlockdb
+* Maintenance script to delete unused text records
+* Maintenance script to delete non-current revisions
+* Maintenance script to wipe a page and all revisions from the database
+* (bug 4768) Wrong Russian translation (typo)
+* Performance bugfix: propagate equality manually for Revision fetches
+* (bug 4773) PHP fatal error when invalid title passed to Special:Export
+* Added missing table defs. for transcache to installer schemas
+* (bug 4824) IE7 beta 2 broke compatibility with PNG logo workarounds,
+ and seems to work ok with other bits. No longer including the IE
+ workarounds JavaScript for IE 7 and above.
+* (bug 2532) Image directory structure migration bug
+* (bug 4881) Correction to the fix for 1487; Ipblocklist showed 'no blocks'
+ message at the end of the list even if there were blocks.
+* (bug 4805) Removed more wikipedia-references from LanguageUk.php
+* Introduce $wgWantedPagesThreshold per bug 5011; Special:Wantedpages will not
+ list pages with less than this number of links. Defaults to 1.
+* Allow customisation of paging limits for items in categories using the
+ $wgCategoryPagingLimit global, per bug 4970.
+* Improve "nogomatch" text to make it more obvious that a page can be created.
+* (bug 5113) Spelling error in French language file
+* Don't change the password of the MySQL root user.
+=== Changes since 1.5.7 ===
+* (bug 5180) User login page shows inappropriate email blurb
+* Add the "AbortNewAccount" hook on account creation; see hooks.txt for more info.
+* Update default "exporttext" to reflect that Special:Import exists
+* Add links to useful material to the default main page content
+* Fix fragment HTML injection
+=== Changes since 1.5.8 ===
+* Fixed obvious mistakes in Finnish (fi) translation
+* Fixed obvious mistakes in Kurdish (ku) translation
+* Merge two #p-search .pBody statements i monobook/main.css
+* (bug 5156) Update for Hebrew language (he) translation
+* Add the "UserRights" hook on user group changes; see hooks.txt for more info.
+* Translated "listingcontinuesabbrev" for German
+=== Caveats ===
+Some output, particularly involving user-supplied inline HTML, may not
+produce 100% valid or well-formed XHTML output. Testers are welcome to
+set $wgMimeType = "application/xhtml+xml"; to test for remaining problem
+cases, but this is not recommended on live sites. (This must be set for
+MathML to display properly in Mozilla.)
+== MediaWiki 1.4.3 ==
+(released 2005-04-28)
+MediaWiki 1.4.3 is a bugfix release for the 1.4 stable release series.
+Chiefly, this fixes a compatibility problem with PHP 5 and a minor link
+table corruption bug on initial page save.
+== MediaWiki 1.4.2 ==
+(released 2005-04-20)
+MediaWiki 1.4.2 is a security and bug fix release for the 1.4 stable release
+A cross-site scripting injection vulnerability was discovered, which
+affects only MSIE clients and is only open if MediaWiki has been
+manually configured to run output through HTML Tidy ($wgUseTidy).
+Several other bugs are fixed in this release, see the changelog below.
+All new installations are highly recommended to use 1.4.2 instead of
+1.3.x; 1.3.x users should consider upgrading for bug fixes and new
+features. Ealier 1.4.x release and beta users should upgrade to this
+release for relevant bug fixes; see the changelog later in this file.
+If you have trouble, remember to read this whole file and the online FAQ page
+before asking for help:
+=== READ THIS FIRST: Upgrading ===
+If upgrading from an older release, see the notes in the file UPGRADE.
+There are a couple of minor database changes from the beta releases,
+and somewhat larger changes from 1.3.x.
+Upgrading from a previous 1.4.x stable release installation should
+generally only require copying the new files over the old ones.
+==== READ THIS FIRST, TOO: MySQL 4.1 AND 5.0 ====
+MySQL 5.0 is a beta release, not yet ready for production use. If you
+are using it, the notes below about 4.1 apply to you too.
+If you have the choice of MySQL 4.0 or MySQL 4.1 and don't need 4.1 for
+some other application, you should consider sticking with 4.0 for the
+moment. 4.1 may require you to do extra fiddling to get things to work
+due to changes that aren't fully backwards-compatible.
+MySQL 4.1 has changed the authentication protocol in an incompatible
+way; many PHP installations still use the older client libraries and
+If MySQL is set with utf-8 as the default character set, installation
+may fail with "key too long" errors. Set the default charset to 'latin1'
+for installation and it should work.
+The mysqldump backup generator now applies an automatic conversion to
+UTF-8, which may irretrivably corrupt your data. Pass the -charset option
+with the original default charset (eg 'latin1') to skip the conversion.
+MediaWiki is tested and deployed primarily under the Apache web server
+on Linux Unix systems. There are known to be problems running on
+Microsoft's IIS which are not fully resolved. If you have a choice,
+try running under Apache on Windows, or on a Unix/Linux box instead.
+If you're having trouble with blank pages on IIS and can't switch,
+try the workaround suggested in this bug report:
+=== New features ===
+* 'Recentchanges Patrol' to mark new edits that haven't yet been viewed.
+* New, searchable deletion/upload/protection logs
+* Image gallery generation (Special:Newimages and <gallery> tag)
+* SVG rasterization support (requires external support tools)
+* Users can select from the available localizations to override the
+ default user interface language.
+* Traditional/Simplified Chinese conversion support
+* rel="nofollow" support to combat linkspam
+The current implementation adds this attribute to _all_ external URL
+links in wiki text (but not internal [[wiki links]] or interwiki links).
+To disable the attribute for _all_ external links, add this line to your
+ $wgNoFollowLinks = false
+For background information on nofollow see:
+=== Installation and compatibility ===
+* The default MonoBook theme now works with PHP 5.0
+* Installation on systems with PHP's safe mode or other oddities
+ should work more reliably, as MonoBook no longer needs to
+ create a compiled template file for the wiki to run.
+* A table prefix may be specified, to avoid conflicts with other
+ web applications forced to share a database.
+* More thorough UTF-8 input validation; fixes non-ASCII uploaded
+ filenames from Safari.
+* Command-line database upgrade script.
+=== Customizability ===
+* Default user options can now be overridden in LocalSettings.
+* Skins system more modular: templates and CSS are now in /skins/
+ New skins can be dropped into this directory and used immediately.
+* More extension hooks have been added.
+* Authentication plugin hook.
+* More internal code documentation, generated with phpdoc:
+=== Optimization ===
+* For many operations, MediaWiki 1.4 should run faster and use
+ less memory than MediaWiki 1.3. Page rendering is up to twice
+ as fast. (Use a PHP accelerator such as Turck MMCache for best
+ results with any PHP application, though!)
+* The parser cache no longer requires memcached, and is enabled
+ by default. This avoids a lot of re-rendering of pages that
+ have been shown recently, greatly speeding longer page views.
+* Support for compiled PHP modules to speed up page diff and
+ Unicode validation/normalization. (Requires ability to compile
+ and load PHP extensions).
+=== What isn't ready yet ===
+* A new user/groups permissions scheme has been held back to 1.5.
+* An experimental SOAP interface will be made available as an extension
+* PostgreSQL support is largely working, minus search and the installer.
+ You can perform a manual installation.
+* E-mail notification of watched page changes and verification of
+ user-submitted e-mail addresses is not yet included.
+* Log pages are not automatically imported into the new log table
+ at upgrade time. A script to import old text log entries is
+ incomplete, but may be available in later point releases.
+* Some localizations are still incomplete.
+== Changelog ==
+=== Important security updates ===
+A security audit found and fixed a number of problems. Users of MediaWiki
+1.3.10 and earlier should upgrade to 1.3.11; users of 1.4 beta releases
+prior to 1.4rc1 should upgrade immediately.
+==== Cross-site scripting vulnerability ====
+XSS injection points can be used to hijack session and authentication
+cookies as well as more serious attacks.
+* Media: links output raw text into an attribute value, potentially
+ abusable for JavaScript injection. This has been corrected.
+* Additional checks added to file upload to protect against MSIE and
+ Safari MIME-type autodetection bugs.
+As of 1.3.10/1.4beta6, per-user customized CSS and JavaScript is disabled
+by default as a general precaution. Sites which want this ability may set
+$wgAllowUserCss and $wgAllowUserJs in LocalSettings.php.
+==== Cross-site request forgery ====
+An attacker could use JavaScript-submitted forms to perform various
+restricted actions by tricking an authenticated user into visiting
+a malicious web page. A fix for page editing in 1.3.10/1.4beta6 has
+been expanded in this release to other forms and functions.
+Authors of bot tools may need to update their code to include the
+additional fields.
+==== Directory traversal ====
+An unchecked parameter in image deletion could allow an authenticated
+administrator to delete arbitary files in directories writable by the
+web server, and confirm existence of files not deletable.
+==== Older issues ====
+Note that 1.4 beta releases prior to beta 5 include an input validation
+error which could lead to execution of arbitrary PHP code on the server.
+Users of older betas should upgrade immediately to the current version.
+Beta 6 also introduces the use of rel="nofollow" attributes on external
+links in wiki pages to reduce the effectiveness of wiki spam. This will
+cause participating search engines to ignore external URL links from wiki
+pages for purposes of page relevancy ranking.
+=== Misc bugs fixed in beta 1 ===
+* (bug 95) Templates no longer limited to 5 inclusions per page
+* New user preference for limiting the image size for images on image description
+ pages
+* (bug 530) Allow user to preview article on first edit
+* (bug 479) [[RFC 1234]] will now make an internal link
+* (bug 511) PhpTal skins shown bogus 'What links here' etc on special pages
+* (bug 770) Adding filter and username exact search match for Special:Listusers
+* (bug 733) Installer die if it can not write LocalSettings.php
+* (bug 705) Various special pages no more show the rss/atom feed links
+* (bug 114) use category backlinks in Special:Recentchangeslinked
+=== Beta 2 fixes ===
+* (bug 987) Reverted bogus fix for bug 502
+* (bug 992) Fix enhanced recent changes in PHP5
+* (bug 1009) Fix Special:Makesysop when using table prefixes
+* (bug 1010) fix broken Commons image link on Classic & Cologne Blue
+* (bug 985) Fix auto-summary for section edits
+* (bug 995) Close <a> tag
+* (bug 1004) renamed norsk language links (twice)
+* Login works again when using an old-style default skin
+* Fix for load balancing mode, notify if using old settings format
+* (bug 1014) Missing image size option on old accounts handled gracefully
+* (bug 1027) Fix page moves with table prefix
+* (bug 1018) Some pages fail with stub threshold enabled
+* (bug 1024) Fix link to high-res image version on Image: pages
+* (bug 1016) Fix handling of lines omitting Image: in a <gallery> tag
+* security fix for image galleries
+* (bug 1039) Avoid error message in certain message cache failure modes
+* Fix string escaping with PostgreSQL
+* (bug 1015) [partial] -- use comment formatter on image gallery text
+* Allow customization of all UI languages
+* use $wgForceUIMsgAsContentMsg to make regular UI messages act as content
+* new user option for zh users to disable language conversion
+* Defer message cache initialization, shaving a few ms off file cache hits
+* Fixed Special:Allmessages when using table prefixes
+* (bug 996) Fix $wgWhitelistRead to work again
+* (bug 1028) fix page move over redirect to not fail on the unique index
+=== Beta 3 fixes ===
+* Hide RC patrol markers when patrol is disabled or not allowed to patrol.
+* Fix language selection for upgraded accounts
+* (bug 1076) navigation links in QueryPage should be translated by wgContLang.
+* (bug 922) bogus DOS line endings in LanguageEl.php
+* Fix index usage in contribs
+* Caching and load limiting options for Recentchanges RSS/Atom feed
+* (bug 1074) Add stock icons for non-image files in gallery/Newimages
+* Add width and height attributes on thumbs in gallery/Newimages
+* Enhance upload extension blacklist to protect against vulnerable
+ Apache configurations
+=== Beta 4 fixes ===
+* (bug 1090) Fix sitesupport links in CB/classic skins
+* Gracefully ignore non-legal titles in a <gallery>
+* Fix message page caching behavior when $wgCapitalLinks is turned off
+ after installation and the wiki is subsequently upgraded
+* Database error messages include the database server name/address
+* Paging support for large categories
+* Fix image page scaling when thumbnail generation is disabled
+* Select the content language in prefs when bogus interface language is set
+* Fix interwiki links in edit comments
+* Fix crash on banned user visit
+* Avoid PHP warning messages when thumbnail not generated
+* (bug 1157) List unblocks correctly in Special:Log
+* Fix fatal errors in LanguageLi.php
+* Undo overly bright, difficult to read colors in Cologne Blue
+* (bug 1162) fix five-tilde date inserter
+* Add raw signatures option for those who simply must have cute sigs
+* (bug 1164) Let wikitext be used in Loginprompt and Loginend messages
+* Add the dreaded <span> to the HTML whitelist
+* (bug 1170) Fix Russian linktrail
+* (bug 1168) Missing text on the bureaucrat log
+* (bug 1180) Fix Makesysop on shared-user-table sites
+* (bug 1178) Fix previous diff link when using 'oldid=0'
+* (bug 1173) Stop blocked accounts from reverting/deleting images
+* Keep generated stylesheets cache-separated for each user
+* (bug 1175) Fix "preview on first edit" mode
+* Fix revert bug caused by bug 1175 fix
+* Fix CSS classes on minor, new, unpatrolled markers in enhanced RC
+* Set MySQL 4 boolean search back to 'and' mode by default
+* (bug 1193) Fix move-only page protection mode
+* Fix zhtable Makefile to include the traditional manual table
+* Add memcache timeout for the zh conversion tables
+* Allow user customization of the zh conversion tables through
+ Mediawiki:zhconversiontable
+* Add zh-min-man (back) to language names list
+* Ported $wgCopyrightIcon setting from REL1_3A
+* (bug 1218) Show the original image on image pages if the thumbnail would be
+ bigger than the original image
+* (bug 1213) i18n of Special:Log labels
+* (bug 1013) Fix jbo, minnan in language names list
+* Added magic word MAG_NOTITLECONVERT to indicate that the title of the page
+ do not need to be converted. Useful in zh:
+* (bug 1224) Use proper date messages for date reformatter
+* (bug 1241) Don't show 'cont.' for first entry of the category list
+* (bug 1240) Special:Preferences was broken in Slovenian locale when
+ $wgUseDynamicDates is enabled
+* Added magic word MAG_NOCONTENTCONVERT to supress the conversion of the
+ content of an article. Useful in zh:
+* write-lock for updating the zh conversion tables in memcache
+* recursively parse subpages of MediaWiki:Zhconversiontable
+* (bug 1144) Fix export for fy language
+* make removal of an entry from zhconversiontable work
+* (bug 752) Don't insert newline in link title for url with %0a
+* Fix missing search box contents in MonoBook skin
+* Add option to forward search directly to an external URL (eg google)
+* Correctly highlight the fallback language variant when the selected
+ variant is disabled. Used in zh: only for now.
+=== Beta 5 fixes ===
+* (bug 1124) Fix ImageGallery XHTML compliance
+* (bug 1186) news: in the middle of a word
+* (bug 1283) Use underlining and borders to highlight additions/deletions
+ in diff-view
+* Use user's local timezone in Special:Log display
+* Show filename for images in gallery by default (restore beta 3 behaviour)
+* (bug 1201) Double-escaping in brokenlinks, imagelinks, categorylinks, searchindex
+* When using squid reverse proxy, cache the redirect to the Main_Page
+* (bug 1302) Fix Norwegian language file
+* (bug 1205) Fix broken article saving in PHP 5.1
+* (bug 1206) Implement CURRENTWEEK and CURRENTDOW magic keyword (will give
+ number of the week and number of the day).
+* (bug 1204) Blocks do not expire automatically
+* (bug 1184) expiry time of indefinite blocks shown as the current time
+* (bug 1317) Fix external links in image captions
+* (bug 1084) Fix logo not rendering centrally in IE
+* (bug 288) Fix tabs wrapping in IE6
+* (bug 119) Fix full-width tabs with RTL text in IE
+* (bug 1323) Fix logo rendering off-screen in IE with RTL language
+* Show "block" link in Special:Recentchanges for logged in users, too, if
+ wgUserSysopBans is true.
+* (bug 1326) Use content language for '1movedto2' in edit history
+* zh: Fix warning when HTTP_ACCEPT_LANGUAGE is not set
+* zh: Fix double conversion for zh-sg and zh-hk
+* (bug 1132) Fix concatenation of link lists in refreshLinks
+* (bug 1101) Fix memory leak in refreshLinks
+* (bug 1339) Fix order of @imports in Cologne Blue CSS
+* Don't try to create links without namespaces ([[Category:]] link bug)
+* Memcached data compression fixes
+* Several valid XHTML fixes
+* (bug 624) Fix IE freezing rendering whilst waiting for CSS with MonoBook
+* (bug 211) Fix tabbed preferences with XHTML MIME type
+* Fix for script execution vulnerability.
+=== Beta 6 fixes ===
+* (bug 1335) implement 'tooltip-watch' in Language.php
+* Fix linktrail for nn: language
+* (bug 1214) Fix prev/next links in Special:Log
+* (bug 1354) Fix linktrail for fo: language
+* (bug 512) Reload generated CSS on preference change
+* (bug 63) Fix displaying as if logged in after logout
+* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits
+* Skip message cache initialization on raw page view (quick hack)
+* Fix notice errors in wfDebugDieBacktrace() in XML callbacks
+* Suppress notice error on bogus timestamp input (returns epoch as before)
+* Remove unnecessary initialization and double-caching of parser variables
+* Call-tree output mode for profiling
+* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries
+* Add $wgNoFollowLinks option to add rel="nofollow" on external links
+ (on by default)
+* (bug 1130) Show actual title when moving page instead of encoded one.
+* (bug 925) Fix headings containing <math>
+* (bug 1131) Fix headings containing interwiki links
+* (bug 1380) Update Nynorsk language file
+* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode
+* (bug 1217) Image within an image caption broke rendering
+* (bug 1384) Make patrol signs have the same width for page moves as for edits
+* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit
+* (bug 1389) i18n for proxyblocker message
+* Add fur/Furlan/Friulian to language names list
+* Add TitleMoveComplete hook on page renames
+* Allow simple comments for each translation rules in MW:Zhconversiontable
+* (bug 1402) Make link color of tab subject page link on talk page indicate whether article exists
+* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x
+* Translated Hebrew namespace names
+* (bug 1429) Stop double-escaping of block comments; fix formatting
+* (bug 829) Fix URL-escaping on block success
+* (bug 1228) Fix double-escaping on &amp; sequences in [enclosed] URLs
+* (bug 1435) Fixed many CSS errors
+* (bug 1457) Fix XHTML validation on category column list
+* (bug 1458) Don't save if edit form submission is incomplete
+* Logged-in edits and preview of user CSS/JS are now locked to a session token.
+* Per-user CSS and JavaScript subpage customizations now disabled by default.
+ They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss.
+* Removed .ogg from the default uploads whitelist as an extra precaution.
+ If your web server is configured to serve Ogg files with the correct
+ Content-Type header, you can re-add it in LocalSettings.php:
+ $wgFileExtensions[] = 'ogg';
+=== RC1 fixes ===
+* Fix notice error on nonexistent template in wikitext system message
+* (bug 1469) add missing <ul> tags on Special:Log
+* (bug 1470) remove extra <ul> tags from Danish log messages
+* Fix notice on purge w/ squid mode off
+* (bug 1477) hide details of SQL error messages by default
+ Set $wgShowSQLErrors = true for debugging.
+* (bug 1430) Don't check for template data when editing page that doesn't exist
+* Recentchanges table purging fixed when using table prefix
+* (bug 1431) Avoid redundant objectcache garbage collection
+* (bug 1474) Switch to better-cached index for statistics page count
+* Run Unicode normalization on all input fields
+* Fix translation for allpagesformtext2 in LanguageZh_cn and LanguageZh_tw
+* Block image revert without valid login
+* (bug 1446) stub Bambara (bm) language file using French messages
+* (bug 1432) Update Estonian localization
+* (bug 1471) unclosed <p> tag in Danish messages
+* convertLinks script fixes
+* Corrections to template loop detection
+* XHTML encoding fix for usernames containing & in Special:Emailuser
+* (for zh) Search for variant links even when conversion is turned off,
+ to help prevent duplicate articles.
+* Disallow ISO 8859-1 C1 characters and "no-break space" in user names
+ on Latin-1 wikis.
+* Correct the name of the main page it LanguageIt
+* Allow Special:Makesysop to work for usernames containing SQL special
+ characters.
+* Fix annoying blue line in Safari on scaled-down images on description page
+* Increase upload sanity checks
+* Fix XSS bug in Media: links
+* Add cross-site form submission protection to various actions
+* Fix fatal error on some dubious page titles
+* Stub threshold displays correctly again
+=== 1.4.0 final fixes ===
+* (bug 65) Fix broken interwiki link encoding on Latin-1 wikis; force to UTF-8
+* (bug 563) Fix UTF-8 interwiki URL redirects via Latin-1 wikis
+* (bug 1536) Fix page info
+* Support os (Ossetic) as language code, using Russian localization base
+* (bug 1610) Support non (Old Norse) as language code, using Icelandic localization base
+* (bug 1618) Properly list custom namespaces in Special:Allpages
+* (bug 1622) Remove trailing' >' when using category browser
+* (bug 1570) Fix php 4.2.x error on conflict merging
+* (bug 1585) Fix page title on post-login redirection page
+* Run UTF-8 validation on old text in Recentchanges RSS diffs
+* (bug 1642) fix a mime type typo in img_auth.php
+* Automated interwiki redirects only for local interwikis
+* Respect read-only mode on block removals
+* Trim old illegal characters from syndication feeds
+* Reduce message cache outage recovery delay from 1 day to 5 minutes
+* (bug 1403) Update Finnish localization
+* (bug 1478) Punjabi localization
+* (bug 1667) Update script 5 second countdown.
+* (bug 1057) Fix logging table encoding (error on MySQL 4.1)
+* (bug 1680) Fix linktrail for fo
+* (bug 1653) Removing hardcoded messages in Special:Allmessages
+* (bug 1594) Render a hyphen in a formula as &minus; in HTML
+* (bug 1495) Fall back to default language MediaWiki: for custom messages
+* (bug 1617) Show different error messages for "user does not
+ exist" and "wrong password" when using AuthPlugin
+* (bug 1532), (bug 1544) Changed language names for
+ 'bn', 'bo', 'dv', 'dz', 'ht', 'ii', 'li', 'lo', 'ng', 'or', 'pa', 'si',
+ 'ti', 've'
+* Fix editing on non-Esperanto wiki with user language pref set to Esperanto
+* Make conversion table for zh-sg default to zh-cn, and zh-hk default to zh-tw
+* Fix PHP notice in MonoBook when counters disabled
+* (bug 1696) Update namespaces, dates in uk localization
+* (bug 551) Installer warns about magic_quotes_runtime and magic_quotes_sybase
+ instead of trying to install with corrupt table files
+* Installer no longer tries to move non-default MediaWiki: pages into Template:
+* User-to-user email disabled by default ($wgEnableUserEmail)
+=== 1.4.1 fixes ===
+* (bug 1720) fix genitive month names for uk
+* (bug 1704) fixed untranslateable string in Special:Log
+* (bug 1638) Added Belrusian language file
+* (bug 1736) typo in SpecialValidate.php
+* (bug 73) Upload doesn't run edit updates on description page (links,
+ search index and categories)
+* (bug 646) <math> fails to recognize \ll and \gg
+* (bug 926) \div element from TeX not supported in <math> element
+* (bug 1147) add \checkmark to whitelist in
+* (bug 937) \limits function from LaTeX not supported in <math> element
+* Support for manually converting article title to different Chinese
+ variants (for zh)
+* (bug 1488, bug 1744) Fix encoding for preferences, dates in Latin-1 mode
+* (bug 1042) Fix UTF-8 case conversion for PHP <4.3 with mbstring extension
+* Fix code typo that broke article credits display
+* Installation fixes for running under IIS
+* (bug 1556) login page tab order. "remember" checkbox now come after password.
+* SQL debug log fixlets
+* (bug 1815) Fix namespace in old revision display with mismatched title
+* (bug 1788) Fix link duplication when edit/upload comment includes newlines
+* Change default on $wgSysopUserBans and $wgSysopRangeBans to true
+* Fix link conversion for URL request
+* (bug 1851) Updated download URL for the SCIM packages used by zhtable
+* (bug 1853) Try stripping quotes from term for 'go' title match
+* Fix missing function in Latin1 mode
+* (bug 1860) Anchors of interwiki links did not get normalized
+* (bug 1847) accept lowercase x in ISBN, do not accept invalid A-W,Y,Z
+* Fix link conversion for URL request, hopefully without breaking the wiki
+* (bug 1849) New option allows to consider categorized images as used on
+ Special:Unusedimages
+* Localized category namespace for ka (Georgian)
+* (bug 1107) Work around includes problem in installer when parent dir is not
+ readable by the web server
+* (bug 1927) Incorrect escaping on wikitext message in Blockip
+=== 1.4.2 fixes ===
+* Fix math options in Finnish localization
+* Use in-process Tidy extension if available when $wgUseTidy is on
+* (bug 1933) Fix PATH_INFO usage under IIS with PHP ISAPI module
+* (bug 1188) <nowiki> in {{subst:}} includes fixed
+* (bug 1936) <!-- comments --> in {{subst:}} includes fixed
+* Fix a potential MSIE JavaScript injection vector in Tidy mode
+=== 1.4.3 fixes ===
+* (bug 1636) Refs like &#0355; were misinterpreted as octal in some places
+* (bug 1163) Special:Undelete showed oldest revision instead of newest
+* (bug 1938) Fix escaping of illegal character references in link text
+* (bug 1997) Fix for error on display of renamed items in Recentchanges on PHP5
+* (bug 1949) Profiling typo in rare error case
+* (bug 1963) Fix deletion log link when $wgCapitalLinks is off
+* (bug 1970) Don't show move tab for immobile pages
+* (bug 1770) Page creation recorded links from the 'newarticletext' message
+* Optional change to the site_stats table. When applied, this removes the need
+ for expensive queries in Special:Statistics.
+=== 1.4.4 fixes ===
+* (bug 725) Let dir="ltr" attribute work again in MonoBook on RTL languages
+* (bug 2024) Skip JavaScript error for custom skins where .js message not set
+* (bug 2025) Updated Indonesian localization
+* (bug 2039) Updated Lithuanian localization
+=== Caveats ===
+Some output, particularly involving user-supplied inline HTML, may not
+produce 100% valid or well-formed XHTML output. Testers are welcome to
+set $wgMimeType = "application/xhtml+xml"; to test for remaining problem
+cases, but this is not recommended on live sites. (This must be set for
+MathML to display properly in Mozilla.)
+For notes on 1.3.x and older releases, see HISTORY.
+=== Online documentation ===
+Documentation for both end-users and site administrators is currently being
+built up on Meta-Wikipedia, and is covered under the GNU Free Documentation
+=== Mailing list ===
+A MediaWiki-l mailing list has been set up distinct from the Wikipedia
+wikitech-l list:
+A low-traffic announcements-only list is also available:
+It's highly recommended that you sign up for one of these lists if you're
+going to run a public MediaWiki, so you can be notified of security fixes.
+=== IRC help ===
+There's usually someone online in #mediawiki on