Changelog

A Changelog is a list of changes between releases that are usually technical in nature and utilize a lot of internal jargon. Each release of Barebones CMS is accompanied with a list of detailed changes that took place between the last release and the current release.

There are a couple of different ways of reaching this page. You either arrived via the download page or a link from the admin stating that an upgrade is available.

If you are not running the latest version, be sure to check this page for known security vulnerabilities in the version you now have installed. If there are security vulnerabilities, you need to upgrade right away so that your website does not get hacked.

To upgrade Barebones CMS, follow the Upgrade documentation.

1.1

Released on: 2013-01-30

Type: Stable Release

This is the official, stable release for the 1.1 branch of the Barebones CMS. This release cycle went through 16 release candidates. Total development time: Roughly 6 months.

Security Fixes

• Dropped installer-based random password generation. Now simply linking to several good tools.
• Significantly improved root seed generation in the installer by using multiple sources of random and non-random entropy.

Breaking Changes

• Upgraded 'support/http.php' to use the latest and greatest from WebCron. WebCron introduced a complete rewrite of RetreiveWebpage().
• Upgraded 'support/pop3.php' to use the latest and greatest from WebCron. WebCron introduced a rewrite of the internals to be slightly faster, offer more POP3->Connect() options, and some code simplications. POP3->Connect() function signature changed.
• Layout widget changes made to support cache profiles. Code that directly accessed the data structures will need to be modified.
• Renamed GetCookie() in easyedit.js to BB_GetCookie().

Added

• Integrated Ajax.org Cloud9 Editor (ACE) into 'editfile.js' to show instead of EditArea wherever ACE is supported.
• Added a login hook.
• Added an installer hook.
• Added the ability for form submissions to work within the context of the revision system. Code and content widget changes.
• Improved performance of the caching system when only one language exists. New 'onelang' option in $bb_page.
• Slightly improved PHP loading performance, slightly smaller source file sizes, and vastly improved generated code readability with the new 'USE_LESS_SAFE_STORAGE' boolean configuration variable. Only slightly less safe. Installer defaults to 'No'.
• Added a new installer page called 'Performance Settings' with one option 'Use Less Safe Storage'.
• Added a cache profile system that allows for alternate views per page/language. For example, create a 'mobi' cache profile for 'Mobile'. New globals $bb_profiles and $bb_profile.
• Added cache profile support to the Layout widget. It is now possible to serve up alternate layouts based on the cache profile. New '#profile cachename' splitter. For example, '#profile mobi' to start the layout for the 'mobi' cache profile.
• Added BB_HTMLToJS() to take most HTML input and return a bunch of document.write() calls.
• Added cache profile support to the Content widget. It is now possible to rewrite HTML Content widget output based on the cache profile. Three new functions added that can be overridden via 'main_hook.php'.
• Added multilingual support to the admin. BB_Translate() is called everywhere to make sure PHP-based strings are translated.
• Added the ability to move 'login.php' to its own randomly named directory during installation and lock out the original location in the configuration.
• Added MySQL unbuffered query support to the MySQL class.
• Added MySQL replication support to the MySQL class.
• Added IP address library support.

Fixed/Changed

• Fixed the installer error message for the designer account. Added possible reason for duplicate accounts.
• Fixed the PHP 5.3.x login issue involving the REQUEST superglobal not containing the COOKIE superglobal.
• Upgraded jQuery to 1.6.
• Upgraded jQuery Hotkeys to jeresig's 1.4.x-compatible version (Feb 22, 2010 - v0.8).
• Upgraded jQuery UI to 1.8.12.
• Upgraded HTML Purifier Standalone to 4.3.0.
• Upgraded PEAR::Net_DNS Stable to 1.0.7.
• Fixed jQuery Hotkeys so 'Esc' works properly again.
• Switched basic doctype of editor to XHTML 1.1
• Fixed default language selection. Thanks to 'Jukka Aho' for finding the bug.
• Fixed EditArea close file bug to properly ask when an edited file is closed without saving.
• Made calls to CreateEditAreaInstance() and CreateWYMEditorInstance() more maintainable/easier to read.
• Fixed BB_IsValidURL() and BB_IsValidHTMLImage() to use latest RetrieveWebpage() from the 'support/http.php' upgrade.
• Changed BB_GetImageType() to not copy underlying data and waste memory.
• Fixed 'support/http.php' notices.
• Upgraded 'support/smtp.php' to use the latest and greatest from WebCron. WebCron introduced some simplifications and several bugfixes. The internal function ProcessSMTPRequest() replaced and obsoleted GetSMTPResponse().
• Fixed installer to use latest SMTP and POP3 client libraries from the 'support/smtp.php' and 'support/pop3.php' upgrades.
• Upgraded 'support/mysql.php' to use the latest and greatest from WebCron. WebCron introduced some bugfixes.
• Eliminated enough Barebones CMS dependencies for support modules to be able to create a couple of new products.
• Updated copyright year to 2011.
• Changed BB_ProcessMasterWidget() to allow for master widgets that contain exactly one widget.
• Changed Layout widget to support master widgets that contain exactly one specific widget.
• Changed BB_MasterWidgetPreWidget() to not show detachment/deleting options for master widgets that contain exactly one widget.
• Display two 'Edit CSS' links when a cache profile other than the default is selected.
• Backported changes from Admin Pack that changes multiselect boxes to checkboxes for improved usability.
• Upgraded jQuery to 1.6.2.
• Upgraded jQuery UI to 1.8.14.
• Updated IANA and common language lists to latest.
• Fixed broken installer.
• Fixed installer less safe storage option.
• Fixed Layout widget cache profile integration.
• Fixed cache profile integration in cache cleanup functions.
• Fixed Layout widget '#edit' section storage.
• Fixed in-browser Javascript file editing.
• Fixed layout widget cache profile viewing issue.
• Removed layout widget cache profile @import default.
• Fixed zero byte write detection with file_put_contents() calls.
• Fixed slow vertical mouse scrolling with ACE.
• Fixed cache profiles so changes are reflected correctly.
• Fixed tab selection in ACE to automatically focus on the editor.
• Fixed tab selection in ACE to automatically refresh the editor's content. Sometimes the content randomly mostly vanished - resizing seemed to fix the problem.
• Changed BB_AddWidget() to support initializing a newly added widget. Used in the Layout widget for one widget master widget initialization so content gets loaded correctly.
• Fixed Content widget to reload cached content when global cache is flushed.
• Fixed Content widget regenerating content overkill with causing security token issues on editor load.
• Fixed the optional MySQL database connection testing in the installer. Thanks to neo93 for finding the bug.
• Fixed the SMTP/POP3 tester in the installer.
• Improved session key and token generation.
• Fixed multiple MySQL connection issue.
• Backported change from Admin Pack that adds 'htmldesc' to property forms.
• Fixed PHP 5.2.x MySQL query bug.
• Refactored the HTTP library.
• Fixed some minor SMTP/POP3 library issues. Added IP address library support.
• Upgraded HTML Purifier Standalone to 4.4.0.
• Fixed a minor root key generation issue on POSIX hosts.
• Fixed broken build due to not testing syntax changes.
• Fixed installer CSPRNG root seed generation not completing issue.
• Upgraded jQuery to 1.7.2.
• Upgraded jQuery UI to 1.8.22.
• Updated ACE to latest repo. Disabled behaviors by default. Added code folding.
• Refactored ACE syntax highlighting loader code.
• Added some extra options for ACE.
• Updated WYMEditor to latest repo.
• Fixed the WYMEditor infinite resizing issue.
• Fixed installer issue with jQuery upgrade.
• Fixed font issue with ACE to use default browser font.

1.0

Released on: 2010-06-20

Type: Archived Stable Release

This is the official, stable release for the 1.0 branch of the Barebones CMS. This release cycle went through 21 release candidates over the course of three months. Yeah, that is a large number of release candidates. Total development time: Roughly 11 months.

Added

• Added the 'Blank Slate' layout to the Layout widget.
• Added the widget type (e.g. '[Code]') to each widget for easier identification.
• Added the ability to identify which layout is active.
• Added the ability for widgets to specify the need for the BB_PreMainJS() call.
• Shortcodes can add extra CSS and JS files into the 'head' element
• Shortcodes can declare a BB_PreMainJS() requirement.
• Added a Caption option to the image shortcode.
• Added a head section to the Code widget.
• Added a Caption Width option to the image shortcode.
• Added 'first-line' class to default WYMEditor classes.
• Added a basic bit stream manipulation class.
• Added the PHP SSL/TLS transport to RetrieveWebpage().
• Added HTTPS support to BB_IsValidURL() and BB_IsValidHTMLImage().
• Added the PEAR::Net_DNS third-party package.
• Added a HTML to text converter.

Fixed/Changed

• CSS 'expressions' in IE are now removed.
• Installation from web root now works properly.
• Fixed Code widget.
• Fixed Layout widget issue with an unassigned layout not setting the layout path properly.
• Fixed 2-column admin Layout issue with Easy Edit.
• Fixed infinite iframe growth issue involving the 2-column admin Layout in the editor by introducing a CSS override mechanism.
• SWFUpload uploader security token issue fixed.
• Installer file deletion tests fixed.
• SWFUpload status tracking fixed.
• Fixed the security token error when editing files from the Layout widget.
• Fixed the CSSTidy template loader to use absolute paths to fix the 'Unable to find the CCSTidy 'barebones' template' issue.
• Upgraded EditArea to 0.8.2 due to constant, weird visual artifacts.
• Fixed file/directory creation bug.
• Fixed the security token error when traversing to '..' in File Explorer.
• Fixed the 2-1 2-column 200px layout in the Layout widget.
• Fixed browser sizing of columns and the iframe of the Content widget to be more dynamic.
• Fixed saving Content widget content so it actually works.
• Fixed the two space issue that resulted in bogus non-breaking spaces showing up in the output.
• Created LoadProperties2() to allow the Content widget, site cache flush, and other no-form functions to load without closing open dialogs.
• Created a loading queue display so the user doesn't think that something is broken when Javascript is being downloaded.
• Fixed the 'allow_call_time_pass_reference' deprecation warning.
• Made all links, by default, target _top in the admin.
• Fixed CloseProperties2() call for site cache flush.
• Cleaned up proc.php a bit.
• Fixed reordering widgets.
• Changed all /support/ references to use the global define().
• Simplified creating URLs to load property pages within shortcodes.
• Fixed shortcode uploader parameter list.
• Fixed escaped login usernames/passwords.
• Fixed content jumping around with small heights when the content editor is open and page scrolled to the bottom.
• Fixed shortcode display issues with fixing the 'allow_call_time_pass_reference' deprecation issue.
• Fixed shortcode uploader 'Back' link issue.
• Fixed CSS float application issue.
• Fixed multiple content widgets open causes a Javascript error issue.
• Fixed empty body causes a PHP Notice when saving a shortcode issue.
• Fixed URL calculation for some servers on alternate ports.
• Fixed logout so cookies are actually deleted.
• Fixed 'Blank Slate' layout PHP notice.
• Fixed file transfers for existing shortcodes.
• Changed web image detection to be slightly cleaner.
• Fixed widget dependencies issue with 'action' in proc.php.
• Rewrote 'bb_widget_internal' to make $bb_widget easier to use with fewer restrictions.
• Fixed fallout from the 'bb_widget_internal' rewrite when manipulating master widgets.
• Simplified base widget code and removed unnecessary variable inclusion from core widgets.
• Fixed the Code widget ProcessAction() function.
• Reordered a few 'bb_action' handlers in edit.php.
• Eliminated most of the need for REQUEST_URI.
• Fixed a content widget bug where two content widgets on a page would wipe out CSS and Javascript includes in the first widget.
• Changed the Content Editor so the toolbar shows up as icons instead of text. Occupies less screen space and is easier to use.
• Removed a duplicate ReloadPage() function call.
• Fixed file upload speed calculation - was in bits instead of bytes.
• Rewrote the e-mail address parser in the SMTP routines to be more robust and versatile.
• Rewrote the e-mail sending routines to be more versatile.
• Upgraded HTMLPurifier to 4.1.0.
• Fixed 'pre' tag newline removal.
• Fixed 'pre' tag newline removal not working issue.
• Fixed a minor issue with the 'float-clear' default WYMEditor class.
• Fixed vertical alignment default WYMEditor classes.
• Changed table cell default WYMEditor classes so they look nicer and new table rows stand out more.
• Upgraded to WYMEditor 0.5 RC2 to fix Firefox 3.6 bugs/issues.
• Upgraded to HTMLPurifier 4.1.1
• Upgraded to jQuery UI 1.7.3
• Fixed a minor SSL-related bug.

Deprecated

• Most of the original 'bb_widget_internal' functions have been deprecated for a lighter-weight approach.

Removed

• BB_HTMLPurify() call removed from Layout widget. It doesn't make sense despite reintroducing a privilege escalation vulnerability.
• BB_CSSPurify() call removed from general-purpose saving routines. Was removing useful comments and rearranging everything.
• Removed a bunch of trim() calls.
• Removed 'developer' plugins support. Doesn't make sense.