-
Notifications
You must be signed in to change notification settings - Fork 87
/
Copy pathchangelog.txt
3022 lines (2072 loc) · 112 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
Changes by Jacob Barkdull 2017-08-09
--------------------------------------------------------------------------------
* Frontend settings have returned!
HashOver 1.0 had limited frontend control over settings, like how tall the
comment box is and which fields are enabled. For technical reasons this
feature was removed early in development of HashOver 2.0.
This feature is now back and better than ever.
You now have much greater frontend control over settings, limited to settings
that are safe to expose to the public, meaning you can't change the
notification e-mail address from the frontend, for example, but most settings
are available to change from the frontend.
To use this new feature you need to do the following...
1. Use the new `hashover/loader.php` script instead of the
`hashover/comments.php` script.
2. You need to use the `?nodefault` URL query. Please keep in mind that this
query name might change before official release.
The resulting script tag should look something like this:
<script src="/hashover/loader.php?nodefault"></script>
3. In another script you will need to instantiate HashOver manually, in
doing so you may specify the URL, title, thread, and settings.
Like so:
var hashover = new HashOver ({
url: 'http://example.com/cool-blog-post',
title: 'Example Title of My Cool Blog Post',
settings: {
allowsImages: false,
formPosition: 'bottom',
fieldOptions: {
password: false,
email: false
}
}
});
The code above disables embedded external images, changes the form
position to be on the bottom of the comment thread, and disables the
password and e-mail fields. You may also: require a field, change the
theme, change the language, collapse the comments, and much more!
Enjoy! As always, improvements are welcome!
* Fixed: Posting a comment with required fields always threw an exception.
* Fixed: Page reload when editing a comment when the e-mail field is disabled.
* Fixed: The public `$imageFormat` setting was not being respected.
* Improved: Admin comment moderation thread page "Back" button style.
* Improved: Operating system specific line ending style conversation.
* JavaScript: Only iterate over non-inherited object properties.
* Differentiate backend redirect vs intend to display a message.
* Decouple user edit moderation from overall moderation.
* Fix/improve minified JavaScript Copyright notice.
* Other minor CSS changes.
Changes by Jacob Barkdull 2017-04-11
--------------------------------------------------------------------------------
* "Notify me of replies" checkbox default state is now configurable.
* Escape HTML tags that get trimmed in half in the latest comments API.
* Added new CSS file for latest comments API.
* Added Greek locale by @Soulhub
* Small CSS changes; removed most transitions.
* Changed and added CSS Copyright notices.
* Vertically flipped the paint brush icon.
* Other minor improvements.
Changes by Jacob Barkdull 2017-03-15
--------------------------------------------------------------------------------
* Fixed big, em, small, strong, sub, and sup tags are now automatically closed.
* Automatically close tags that may have had their endings trimmed off.
* Localized all admin views.
Changes by Jacob Barkdull 2017-03-14
--------------------------------------------------------------------------------
* Date is now an absolute path in API and remote contexts.
* Limited event handlers in the latest comments API.
Changes by Jacob Barkdull 2017-03-13
--------------------------------------------------------------------------------
* Fixed JSONP shared code conflicts.
Changes by Jacob Barkdull 2017-03-12
--------------------------------------------------------------------------------
* Fixed shared frontend code conflicts
When either an API was used on the same page as HashOver, or when two
API were used on the same page together, the two or more scripts
would conflict with each other because the shared prototype methods
were being added to the constructor from the previous script.
Changes by Jacob Barkdull 2017-03-11
--------------------------------------------------------------------------------
* HashOver script tag can now safely be placed anywhere on the page.
* Page URL and title removed from count link and latest comments API.
* Improved admin sidebar navigation tracking.
* Improved performance of admin login.
* Fixed bug causing nonexistent files to resolve to `false`.
* Untracked JSON config files.
Changes by Jacob Barkdull 2017-03-03
--------------------------------------------------------------------------------
* Admin Settings page now only merges settings into `config/settings.json`.
* Added missing files to Source Code viewer.
* Made small improvements to admin views.
* Improved locale optionality.
Changes by Jacob Barkdull 2017-03-01
--------------------------------------------------------------------------------
* Added new setting to control metadata collection on localhost.
* Fixed AJAX comment posting.
* Fixed admin login issue.
Changes by Jacob Barkdull 2017-02-28
--------------------------------------------------------------------------------
* Fixed the comment thread's automatic placement position on the page.
* Added new locales to Source Code viewer.
Changes by Jacob Barkdull 2017-02-26
--------------------------------------------------------------------------------
* MIGRATION INFORMATION
- The `pages` directory is now `comments/threads`, this change will
cause existing comments to not appear until you move the directories
under `pages` into the new `comments/threads` directory.
- All JSON config files have been moved to the new `config` directory,
you will need to move the files `hashover/blocklist.json` and
`hashover/ignored-queries.json` into the new `config` directory. If
these files do not exist, you don't need to do anything as these
config files are completely optional.
- The previously removed `secrets.php` file has returned. The required
setup information, namely the notification e-mail address, encryption
key, and the admin username and password are now stored in this
`secrets.php` file located at `/hashover/backend/classes/secrets.php`.
You will need to move the values of the public properties
`$notificationEmail`, `$encryptionKey`, `$adminName`, and
`$adminPassword` in the `settings.php` file into the new `secrets.php`
file, and remove these properties from `settings.php` or replace the
`settings.php` file entirely, as its source code is publicly viewable,
whereas the source code of `secrets.php` is not.
- The file `hashover.js` has been removed, as it is no longer necessary,
and replaced by the new `comments.php` file.
This means you will need to update your JavaScript tag...
From:
<script type="text/javascript" src="/hashover/hashover.js"></script>
To:
<script type="text/javascript" src="/hashover/comments.php"></script>
* Removed dependancy on Mcrypt
- Mcrypt is considered "abandonware" and has been deprecated in PHP 7.
OpenSSL is now used in its place. There should be no compatibility
issues, but please report any if you find any.
* All new administrative control page
- Comments may now be posted, moderated, edited, and deleted from the
new administrative control page. This allows you to disable the
"Password" field while retaining a way of moderating comments.
This feature should be considered beta software, it will be improved.
It has not yet been localized, it is only available in English.
Anyone interested in having the admin page available in another
language should feel free to translate the text and add the
necessary strings to the respective locale file, I have already
made the necessary preparations to facilitate your contribution.
The admin control page is located at:
/hashover/admin/
For example:
http://example.com/hashover/admin/
You will be prompted for a login, use the username and password
stored in "backend/classes/secrets.php" file's public `$adminName`
and `$adminPassword` properties.
Feedback and suggestions are welcome.
* Improved metadata
- Any kind of metadata can now be collected. The process has been
simplified, for flat-file data formats metadata is stored as
individual JSON files, for SQL(ite) databases metadata is stored as
individual tables in the database. In both cases the metadata naming
schemes is as follows: <thread-name>/metadata/<metadata-name>, there
is also the global metadata, which is at "comments/metadata" and the
table "hashover-metadata" respectively.
This change breaks backwards compatibility, new metadata will have to
be generated. This can be done by simply viewing each page on your
website that uses HashOver comments, or you can wait for your
visitors to do that for you. The Googlebot web crawler may also cause
metadata to be created eventually as well.
* Beginning of more proper frontend/backend structure
- The `HashOver` constructor function and its methods have been split
into multiple individual files in the new "frontend" directory.
- The "scripts" directory has been renamed to "backend".
- All PHP class files have been moved into "backend/classes".
- In the future more files may be moved into "backend" and the new
"frontend" directory as well. Files under consideration for location
change are: the "images" and "themes" directories. I am open to
suggestions about the overall file/project structure.
* JavaScript mode
- Major code refactoring.
- All PHP code has been removed from the JavaScript. Instead an
AJAX request is sent to retrieve the necessary backend data.
- JSONP has now been implemented, enabling AJAX for allowed remote
domain connections, as well as enabling likes and dislikes.
- The "api/json.php" file is no longer used to show more comments, the
new "backend/load-comments.php" is now used instead.
- Preliminary work toward allowing multiple HashOver instances on a
single page. Specifically, multiple instances is now possible,
however, element IDs still conflict with each other.
- Elements are now expected to be prefixed with "hashover-", as to
impose a pseudo-namespacing for HashOver specific elements.
* Minor theming change
- The main HashOver element now recieves a "hashover" class, and
in the default theme styling HashOver is pseudo-namespaced based
on this class instead of the "hashover" element ID.
Custom themes should not break, but in the future there will be
problems with themes based around the "hashover" element ID when
using multiple instances of HashOver. For this reason, themes
should move to using the "hashover" class instead.
- Added a new "borderless" version of the default theme.
* hashover/scripts/cookies.php
- All cookie names are now prefixed with "hashover-", to impose a
pseudo-namespace for HashOver specific cookies.
* hashover/scripts/locale.php
- Removed now unnecessary `get` and `set` methods.
* hashover/scripts/misc.php
- Removed now unnecessary `jsEscape` method.
* Fixed: "setup.php" being displayed instead of "settings.php" in errors about
required unique notification e-mail, encryption key, and admin password. My
apologies for the confusion.
* Improved latest comments API.
* Improved comment count link API.
* Improved SQL(ite) support.
* Improved Spanish and Chinese locales.
* Added Lithuanian locale by vKaotik.
* Added Korean locale by dryoo.
* Added Persian locale by paradox70.
* Comments are now uncollapsed when loaded with a permalink.
* JavaScript/JSON is now the assumed default mode.
* PHP regular expressions now use the "study" flag.
* The "Latest Comments" API frontend no longer uses its own stylesheet.
* Removed the public `$executingScript` property from the `HashOver` class.
* The `ReadComments` class has been renamed to `Thread`.
* The `JSMinifier` class has been renamed to `JavaScriptMinifier`.
* The `ReadFiles` class has been renamed to `CommentFiles`.
* Fixed JavaScript minification.
* Added centralized source code viewer for all AGPL licensed PHP files.
* Removed code to display source code from every PHP file.
* Made some small improvements to the icons images.
* Markdown can now be disabled.
* Small bug fixes.
Changes by Jacob Barkdull 2017-05-12
--------------------------------------------------------------------------------
* hashover/scripts/javascript-mode.php
- Major code refactoring.
- `HashOver` object converted to constructor function.
- `HashOver` constructor `init ()` method split into multiple methods.
- High likelihood of new expected bugs, please report.
* hashover/scripts/phpmode.php
- Fixed: Thread hyperlink ID no longer uses parent comment's permalink.
* Fixed: When HashOver is the first script tag (index 0) the `$executingScript`
property was being set as `false`, instead of zero as intended.
* Fixed: "Edit" hyperlink being displayed to anonymous users.
* Fixed: All anonymous users being treated as the same user.
* `HTMLOutput` class split into new `FormUI` and `CommentsUI` classes.
* CSS class `hashover-sort-div` renamed to `hashover-sort-section`.
* Default theme: Minor change in look of sort select element.
* Other minor bug fixes.
Changes by Jacob Barkdull 2017-05-06
--------------------------------------------------------------------------------
* Moved IP blocklist file to JSON format.
* Moved ignored URL query list file to JSON format.
* Marked JavaScript files as Free Software readable by GNU LibreJS.
* Improvements to GNU LibreJS compatibility.
Changes by Jacob Barkdull 2017-04-09
--------------------------------------------------------------------------------
* Added new language setting option
- Setting the `$language` setting to 'auto' will now cause HashOver to
detect and use the system's locale. This is now the default.
* Added new public `$usesUserTimezone` setting
- This setting controls whether the comment dates use the server's
timezone or the user's local timezone. This is only possible in
JavaScript mode, not PHP mode.
* Added new public `$countIncludesDeleted` setting
- This setting controls whether deleted comments are included in the
standard comment count as well as in the count used in the
"Show X Other Comments" hyperlink.
* Return of the "Popular Comments" section!
- This feature has been nonfunctional since the introduction of AJAX
support. It is now functional again.
* Fixed comment ownership issues
- When posting a comment while logged out or editing an existing
comment and changing the name, the AJAX returned comment was not
displaying the "Edit" button or indicating proper ownership. This is
now fixed, though may see more improvements.
* Changed date permalink URLs
- Permalink URLs now include a relative path along with the fragment in
order to exclude the HashOver form specific URL queries.
* Changed `$collapsesUI` setting behavior
- Previously, the button used to display the HashOver UI was the same
button used to display all comments when `$collapsesComments` is
enabled. This caused a few problems, and so is no longer the case.
The behavior is now such that clicking the button simply displays the
HashOver UI as it would be display be displayed with the
`$collapsesUI` setting disabled.
- Fixed button not being displayed when there are no comments.
- Other minor improvements.
* Added message area explaining what HTML and Markdown is allowed in comments.
* Fixed incorrect `comment-needed` locale being displayed for failed replies.
* XML and JSON comment files now use OS specific line endings.
* Removed form position from locales; we don't always know where the form is.
* Default theme: Removed padding from reply form, the bubble is now the form.
* Default theme: Added some simple style to the optional form labels.
* Default theme: Improved styling of messages.
* The "Accepted HTML" form title has been split into two separate locales.
* Improved message timeouts, they are now separated by form type.
* Added innerHTML as allowed HTMLTag attribute for creation by array.
* Added "mobile" and "tablet" keywords to mobile device detection regex.
* Changed the text for some of the optional form labels.
* The long format of comment post dates and times is now localized.
* The comment post date and time formats are now fully configurable.
* Renamed CSS class `hashover-sort-count` back to `hashover-count-sort`.
* Added accepted Markdown string to all locales.
* Other small bug fixes.
Changes by Jacob Barkdull 2017-04-04
--------------------------------------------------------------------------------
* Default theme: Now using border-box everywhere.
* Fixed: Locale text left unescaped in login field titles.
Changes by Jacob Barkdull 2017-03-25
--------------------------------------------------------------------------------
* Fixed uncaught syntax error in AJAX response.
* Improved how HashOver accesses its loader script.
Changes by Jacob Barkdull 2017-03-24
--------------------------------------------------------------------------------
* No longer escaping Unicode in "JSON to coding standard" function.
* Fixed possible XSS vulnerabilities.
* Now using PHP's hideous namespacing.
* Avatar bug fix and improvements.
Changes by Jacob Barkdull 2017-03-21
--------------------------------------------------------------------------------
* Fixed error messages failing to redirect user back to comment form.
* Added Chinese locale by Mr. Q and Takeman.
Changes by Jacob Barkdull 2017-03-19
--------------------------------------------------------------------------------
* `Locales` class renamed to `Locale`.
* Renamed public `locale` method of `Locale` class to `get`.
* Renamed public `$locale` property of `Locale` class to `text`.
* Added new public `set` method to `Locale` class.
Changes by Jacob Barkdull 2017-03-11
--------------------------------------------------------------------------------
* Locales now adds C slashes by default.
* Fixed Strict Mode uncaught syntax error.
* Now requiring instead of including setup PHP files.
Changes by Jacob Barkdull 2017-02-25
--------------------------------------------------------------------------------
* hashover/scripts/setup.php
- Added type checking to JSON settings loading process.
- Added allowed domain name check in referer checking.
- Now assuming false in referer check.
* hashover/scripts/hashover.php
- public function `getCommentCount` now returns a string value instead
of setting the value of the public `$commentCount` property.
* hashover/scripts/javascript-mode.php
- When comments are collapsed the more link now uses the comment count.
- Now using the alternative syntax for control structures in PHP code
nested within the JavaScript code. This is easier to read, however,
all nested PHP code in the JavaScript will be removed eventually.
- Now using the like/dislike count returned by the `like.php` AJAX
request, removing the need for the JavaScript code to handle
increasing and decreasing the like/dislike count, and allowing the
code to know if the request executed successfully. Additionally, an
error message is now displayed to the user under rare circumstances.
* hashover/scripts/settings.php
- Added new public boolean `$collapsesUI` setting.
Previously named `$initialHide`, this sets whether the entire comment
form, thread, and end links are collapsed. The standard link used to
display the collapsed comments will be displayed, clicking the link
will load all of the comments. In the future, this behavior may
change to display the collapsed comments instead of loading them all
or -- once pagination is implemented -- to display the first page.
- Added new public array `$allowedDomains` setting.
This setting allows you list what domains are allowed to remotely
load the HashOver script files. This is useful for loading HashOver
files located on a web host with PHP from another host without PHP,
or loading HashOver files located on a subdomain from the top level
of a website. Please use this format '*.example.com'.
- public `$setCookies` setting renamed to `$setsCookies`.
* hashover/scripts/htmltag.php
- Switched singleton and pretty print parameter order.
- Allow more characters in tag and attribute names.
- Added new method for creating attributes from a given array.
- Added new method for appending text to attributes from a given array.
- Allow creating attributes when object is instantiated.
- Small performance improvements.
* hashover/scripts/htmloutput.php
- Reduced code base size by ~12.1%
- Small performance improvements.
* hashover/api/rss.php
- Code tags are now converted to pre tags to ensure proper whitespace.
* hashover/scripts/like.php
- This file now returns JSON data containing a like and/or dislike
count or an error message under rare circumstances.
- Main code moved into a function.
- Removed most instances of `exit`.
- Added code comments
* Added: <big>, <em>, <small>, <strong>, <sub> and <sup> as allowed HTML tags.
* Added code to check for PHP extensions HashOver depends on.
* Added error messages for missing PHP extensions.
* Added language specific reusable code for generating error messages.
* Added "Status" locale string to all locales.
* Removed CSS class `hashover-edit` in favor of `hashover-comment-edit`.
* Renamed CSS class `hashover-count-sort` to `hashover-sort-count`.
* Improved support for multiple line ending styles in comment files.
* Improved JSON data format support.
* Minor locale improvements.
* Small code improvements.
Changes by Jacob Barkdull 2016-01-05
--------------------------------------------------------------------------------
* hashover/scripts/javascript-mode.php
- Updated Copyright year.
- Small code changes.
* Added: Danish translation by Jacob Moen.
* Merged: Further improvements to German locale.
* Changed "Be the first to comment!" to "No comments yet." in all locales.
* Now hiding unused comment text of "No comments yet." notice.
Changes by Jacob Barkdull 2016-01-02
--------------------------------------------------------------------------------
* Merged: New public `$setCookies` setting for enabling and disabling cookies.
* Merged: Improvements to German locale.
Changes by Jacob Barkdull 2016-12-03
--------------------------------------------------------------------------------
* Now using MCRYPT_DEV_URANDOM instead of MCRYPT_RAND.
* Small CSS changes.
Changes by Jacob Barkdull 2016-10-28
--------------------------------------------------------------------------------
* Added loading indicator to embedded images.
* Fixed: Loading indicator not showing on "Show X Other Comments" link.
* Fixed: User being logged in as Anonymous when posting a comment.
* Fixed: Use Japanese ellipsis.
* Small improvements to multibyte support.
* Other small changes.
Changes by Jacob Barkdull 2016-09-20
--------------------------------------------------------------------------------
* Allow admin to change comment moderation status when editing comments.
* Allow admin to view and edit comments marked as deleted.
* Allow admin to edit all applicable comment information, not just the body.
* Differentiate between deleted, marked deleted, and unreadable comments.
* Small improvements to support for multibyte locale strings.
* Minor locale changes.
* Minor bug fixes.
Changes by Jacob Barkdull 2016-08-28
--------------------------------------------------------------------------------
* Added 3 new comment sorting methods
- "By replies" sorts comments by the number of replies each comment has,
in ascending order. Meaning the more replies a comment has, the more
towards the top the comment appears.
- "By discussion" sorts comments by the total number of replies they
have including replies to replies. Meaning the more discussion has
happened, the more towards the top the comment appears.
- "By popularity" sorts threads by the sum of likes minus the sum of
dislikes for each comment in the thread. Meaning the more likes a
comment has, and the more likes its replies have, the more towards
the top the entire comment thread appears.
* Added protection against `target="_blank"` vulnerability
- Hyperlinks that open in a new tab/window, especially those linking to
external websites, now use a `rel="noopener noreferrer"` attribute to
help prevent potential phishing attacks.
* hashover/scripts/htmltag.php
- HTMLTag children are now stored as object references instead of as
strings, this allows tag attributes and inner HTML to be set and/or
changed after the children have been appended to their parent tags.
* hashover/scripts/javascript-mode.php
- Fixed: `EOLTrim ()` function only trimming a single carriage return
from beginning and ending of strings.
* Added: Dutch locale.
* Fixed: External image tooltips weren't localized.
* Fixed: The HashOver homepage, RSS, and source code links weren't localized.
* Fixed: Comments with Twitter @handle names sorted higher than normal names.
* Fixed: Anonymous comments sorted by name were incorrectly ordered.
* Minor code improvements.
Changes by Jacob Barkdull 2016-05-17
--------------------------------------------------------------------------------
* Fixed: Non-Gravatar default avatars using PNG image on mobile devices.
Changes by Jacob Barkdull 2016-05-14
--------------------------------------------------------------------------------
* Updated animated loading GIFs.
* Added easy element creation function.
* Removed sprintf function.
Changes by Jacob Barkdull 2016-04-19
--------------------------------------------------------------------------------
* Added loading indicators to elements that trigger heavy AJAX requests.
* Fixed: "0 Likes" remaining displayed after sorting comments by likes.
Changes by Jacob Barkdull 2016-03-15
--------------------------------------------------------------------------------
* Small style changes for Like, Edit, and Reply hyperlinks
- Pages with small fonts no longer cause button icons to be clipped.
- Button hyperlink text now vertically centered.
* Bug fix
- Showing "undefined" in JavaScript mode and nothing in PHP mode
instead of configured anonymous name in Reply hyperlink tooltip for
comments without a name.
* Improved Japanese locale.
* Minor style changes.
Changes by Jacob Barkdull 2016-01-25
--------------------------------------------------------------------------------
* `hashover.js` file moved
- `hashover.js` moved into `hashover/` directory, this allows you to
rename the HashOver root directory without having to modify
`hashover.js` as well. This also allows you to have multiple
versions of HashOver running on your server without conflicts, each
version simply needs its own directory.
* Improved HTTP root path to allow HashOver to run from a sub-directory.
* Comments from logged in users now have `hashover-user-owned` class.
* Fixed: One popular comment more than configured limit being shown.
* Fixed: `fieldOptions` setting not being synced.
* Removed public `$JSONSettingsFile` setting.
* Improved popular comment sorting.
* Small code improvements.
Changes by Jacob Barkdull 2016-01-09
--------------------------------------------------------------------------------
* Fixed: Administrative comment deletion requiring name and password.
* Fixed: Posting comment without a file value posts comment normally.
Changes by Jacob Barkdull 2016-01-04
--------------------------------------------------------------------------------
* hashover/scripts/writecomments.php
- Fixed: All comments from unlogged in users posting with default name.
- Other small bug fixes.
Changes by Jacob Barkdull 2016-01-03
--------------------------------------------------------------------------------
* Improved Markdown
- Added support for Github-style code blocks.
- Now ignoring nested patterns, allows multi-underscore "blank space."
- Now allowing an underlined word to appear on a line by itself.
* hashover/scripts/writecomments.php
- Fixed: Unfinished <code> tags not being escaped.
* hashover/scripts/javascript-mode.php
- Improved embedded images, now automatically closes upon error.
- Fixed: Thread link not displayed on some replies after sorting.
- Fixed: Tabs and spaces being trimmed from block HTML tags.
* hashover/scripts/jsminifier.php
- Now removing entire line when removing single-line code comments.
- Smarter indentation and whitespace removal.
Changes by Jacob Barkdull 2016-01-01
--------------------------------------------------------------------------------
* Improved Markdown, allow the erroneous use of grave accents as apostrophes.
* Now only getting the current date once when parsing comments.
* Small bug fixes.
Changes by Jacob Barkdull 2015-12-31
--------------------------------------------------------------------------------
* Fixed: Posting date, status, other fields are updated when editing comments.
* For better posting dates, time is no longer compared when parsing comments.
* Minor improvements, CSS changes.
Changes by Jacob Barkdull 2015-12-30
--------------------------------------------------------------------------------
* Fixed: Local IP address blocklist not being checked.
* Fixed: Comment post date not taking time into account.
* Improved Markdown, now parsing Markdown in RSS.
* Added code comments to SpamCheck class.
Changes by Jacob Barkdull 2015-12-28
--------------------------------------------------------------------------------
* Fixed: "In reply to ..." link loses onClick event handler after sorting.
* Added code comments for Encryption class.
Changes by Jacob Barkdull 2015-12-24
--------------------------------------------------------------------------------
* Added basic markdown support.
Changes by Jacob Barkdull 2015-12-17
--------------------------------------------------------------------------------
* Added optional required field options
- The login inputs can now be individually set as required, meaning a
user will not be able to post or edit a comment, or login, without
properly filling the specific fields.
* Fixed: Login inputs with empty values aren't passed to the login method.
* Fixed: More comments are automatically shown when URL jump points to form.
* Fixed: Messages close after 10 seconds of the first one opened, not the last.
* Improved how failed comment post handling works.
* Removed individual settings for enabled login fields in favor of an array.
* Added locale string for individual required input error messages.
* Added a CSS class for styling required login inputs.
* Changed locales to reflect optional and required fields.
* Minor modifications to some icons.
* Improved custom login code.
* Renamed a couple variables.
* Reordered some functions.
* Improved default theme.
Changes by Jacob Barkdull 2015-12-12
--------------------------------------------------------------------------------
* Locales
- Replaced "_TITLE_", "_NUM_", and "_TIME_" with format specifiers.
- Now using printf functions instead of str_replace for locale strings.
- "Top of Thread" changed to "In reply to %s".
- Merged improvements to Spanish locale.
- Added Brazilian Portuguese locale.
- Added Romanian locale.
* hashover/scripts/writecomments.php
- Login code decoupled into separate files.
- `kickback ()` method no longer exits script.
- Class methods now have return values.
- Methods for posting and editing comments now return the comment as an
array when AJAX requests are made. This allows the receiving code to
encode the comment as JSON for AJAX requests.
* Added new Login and DefaultLogin classes
- New login class for handling custom login mechanisms.
- New default login class for default login mechanism.
* hashover/scripts/postcomments.php
- New file for posting comments, both the traditional way and via AJAX.
- This file also handles login.
* hashover/scripts/javascript-mode.php
- Added AJAX comment posting and editing.
- Comment and e-mail form validation now applies to edit forms as well.
- Edit forms now have their own message element for displaying errors.
- Fixed: Onclick only attached to one embedded image per comment.
- Fixed: Only one of multiple open message dialogs closing.
- Reply parsing now has access to their parent comment.
- "Top of Thread" changed to "In reply to <parent comment name here>".
- Improved XSS escaping and utilizing it more.
- Very minor performance/memory improvements.
- Removed duplicate code.
* hashover/scripts/settings.php,
hashover/scripts/hashover.php
- Logic for comment reply nesting modified to allow a configurable
number of indentation levels, after which the thread is flattened.
- Added public $usesAJAX setting.
- Added public $streamDepth setting.
- Added public $JSONSettingsFile setting.
- Added public $loginMethod setting.
- Settings can now be set in a local JSON file.
* hashover/scripts/setup.php
- Merged in code to automatically adjust settings.
* hashover/scripts/readcomments.php
- Missing comment search now ~60% faster (~100 ms for 1000 comments).
* hashover/scripts/database.php,
hashover/scripts/parsesql.php
- Improved syntax of SQL statements.
- Tables are now created upon first posted comment.
- Conformed method return values to expected behavior.
- Removed redundant comment counting code.
- Bug fixes.
* Users re-logged in when editing comments
- If the user editing a comment changes their name, they are now
automatically logged in with that new name. This allows them to
continue to edit or delete their comment after saving their initial
edit, as otherwise they would still be logged in with the old name
and not have editing or deletion rights.
* Improved GET, POST, and COOKIE data filtering
- PHP code implementing HashOver should no longer see it affecting the
GET, POST, or COOKIE data in the global namespace in any way, as this
data is now filtered as required instead of all at once.
* Improved error handling
- Classes now throw Exceptions, and try/catch blocks are used to display
the error messages, `escapeOutput ()` has been removed and the new
`displayErrors ()` in the new Misc class is used as a wrapper instead.
* hashover/scripts/htmloutput.php
- Comment thread link function modified to include parent comment name.
* hashover/scripts/hashover.php
- `initiate ()` split into two methods, an added `finalize ()` method.
- Comments are no longer automatically parsed during initialization.
- Fixed: Most popular comments being sorted in reverse order.
* All images are now in a single directory
- Subdirectories "/pngs" and "/svgs" have been merged with "/images",
this simplifies the generation of paths to these image files, and
makes the pathnames easier to remember and type out.
* hashover/scripts/cookies.php
- Fixed: Cookies set with port, causing issues on ports other than 80.
* Removed closing PHP tags
- All class files and files intended for inclusion consisting entirely
of PHP code no longer have a closing PHP tag, the developers of PHP
recommend doing so for such files and it helps prevent a
"headers already sent" error on poorly configured web servers.
* Coding style changes
- Code following PHP opening tags is no longer indented one level,
except where PHP code is being aligned with other text in the
document, as with JavaScript code for example.
- My standard for function return types in languages like C, and other
Object Oriented languages like Java, is to place a newline after the
class method keywords and return type, which are to be on their own
line. My hope was for PHP to eventually gain strict function return
type declarations, and for my standard to apply to PHP as well.
While PHP has gained scalar type declarations with version 7, the way
it's implemented is to specify the type, preceded by a colon, after
the function parameter list. This is ugly, and doesn't work well with
my standard style, so a different approach will be taken, for now,
the newlines will simply be done away with.
- Most associative array keys with underscores have been renamed to use
dashes instead. This is for readability, ease of typing, and the
separation in naming convention makes it easier to differentiate
HashOver specific variables from PHP global variables, and allows for
easier search and replace of just HashOver variables when necessary.
* Added files:
hashover/scripts/defaultlogin.php,
hashover/scripts/login.php,
hashover/scripts/misc.php,
hashover/scripts/postcomments.php,
hashover/scripts/postdata.php,
hashover/scripts/locales/pt_br.php,
hashover/scripts/locales/ro.php
Changes by Jacob Barkdull 2015-10-25
--------------------------------------------------------------------------------
* hashover/scripts/settings.php,
hashover/scripts/setup.php
- Remove requirement of unique administrative login name.
Changes by Jacob Barkdull 2015-10-13