« Changelog History


Blog v1.18 Release Notes

Release Date: 2019-12-22 // over 4 years ago

  • 🔋 Features:

    • automatically fix images orientation from exif data.
    • custom bb tags: goal.
    • autocomplete attributes for nick & password.
    • 📜 show loading while parsing page / uploading image.

    🐛 Bugs:

    • 🛠 csrf-token compatibity bug fixed.
    • in debug mode show php errors.
    • 🛠 datepick bug fixed - when month starts with sunday.
    • autoresize textarea will expand immediatly.
    • drag & drop will accept only one file.
    • mcrypt_create_iv replaced by random_bytes.

    🔒 Security issues:

    • image upload only using form data
    • 🔊 logs injection prevention.
    • filter data SQL parameters using prepared statements only.
    • == replaced by ===.
    • instad of md5 is used crc32 on server side session check.
    • session cookie is http only.
    • load jQuery only localy.
    • XSS prevention on clien side - JS will treat data from server as text, not as html.