Serendipity 1.5.1 with SQLite

UPDATE: Serendipity 1.5.2 release

Some SQLite upgrades from Serendipity prior to 1.5 to the current version might create a problem, that the database update cannot properly update the serendipity_authors database table structure to insert the new "hashtype" (int) column. Due to that column missing, this can lead to the inability to log in.

Sadly SQLite does not easily allow to ALTER a table structure, so unless you have a SQLite admin tool to manually that column, and until the Serendipity Team can provide a proper fix, you should not yet update. Due to Christmas 2009.1 getting released soon, this might takes us a few more extra days.

If you have NOT yet uploaded the new serendipity release and executed the update, you can simply copy the file sql/db_update_1.5-alpha1_1.5-alpha2_sqlite.sql onto your installation, which fixes the upgrade procedure.

Side information: Hashtype defines whether md5 (value '0') or salted sha1 (value '1') is used for the stored encrypted password of the serendipity_authors table. Once you login with a hashtype=0, serendipity will automatically convert your password to sha1, and adjust the hashtype column. This is why once we fix this issue in 1.5.2, we must make sure that no manuall updates you might have used are overwritten, that could lead to Serendipity no longer knowing which hashtype was used for your column. That requires some thoughtful thinking, and a bit more time instead of a hotfix that might make the situation worse.

Note that this ONLY applies to users UPGRADING and using SQLite. A fresh installation as well as using other Database types is not affected.

Serendipity 1.5.1, bugfix release

It's been a long time, and the Serendipity Team is proud to present the Serendipity 1.5.1 release...

...All bad things come in triplets, except this one, which came in a duplet: First the uploaded release file contained the current development version, the second issue was found due to just 3 mixed up characters, which prevents any plugin that has a HTML/WYSIWYG-Config-item (like the HTML Nugget plugin) to be properly displayed.

The fix is quite easy: include/functions_plugins_admin.inc.php. The cause for this problem was introduced only a few days earlier and sadly slipped by unnoticed. We're awfully sorry for the trouble this may cause you.

Due to this version mixup earlier and this annoying bug, Serendipity 1.5.1 (Codename Colin AKA If everybody else is doing it, why can't we; but well, it could be worse) has been released.

If you're lazy and already upgraded to 1.5, you will only need to download and replace the file found here: include/functions_plugins_admin.inc.php.

Now have a merry christmas, and let's hope that our best friend Murphy has no surprises left for us freezing germans.

Serendipity 1.5 released

The Serendipity Team is proud to present the final release of Serendipity 1.5. While the earlier beta versions are proven to work fine for many people, it was finally time to package up a real release. ;)

This version mainly addresses login security by changing our method how passwords are stored to use salted SHA1 checksums instead of plain MD5 checksums. This makes password retrieval (rainbow attacks, see special blog posting) through the database virtually impossible. Another thing is improved PHP 5.3 compatibility.

For users of our Bundled WYSIWYG-Editor Xinha users now have the ability to easily customize the appearance of this panel through a "my_custom.js" file inside the template directory (a draft of such a file can be found as fallback default in the htmlarea/ subdirectory).

One cool new feature for developers is that now also templates can register themselves inside the plugin API hooks to execute specific things, that don't require installation of an event plugin.

Other news include:

  • new event API hooks
  • fixed PDF thumbnail generation
  • ability to auto-scroll on borders when Drag/Dropping plugins
  • UTC server time zone support
  • improvements in the Smarty functions to easier use Serendipity as a CMS for individual entry output.
  • quicksearch improvements for doing a wildcard-search when too few searchresults were found on a fixed searchterm
  • support for Typepad anti-spam server-checks, additionally to Akismet

Minor improvements since the 1.5-beta1 release:

  • more PHP 5.3.0 compatibility improvements
  • Disallow uploading any files that contain ".php." in the filename for extra security with Apache MimeMagic-Modules
  • expermiental PDO:SQlite support
  • usability improvements for the comment moderation panel (bottom-navigation, removed border increase)

The current release can be easily installed on any previous Serendipity installation. Just unpack, upload and visit your admin panel to perform possible database upgrades. Upon first login with an old password, Serendipity will store your old password in the new format - please be sure to make a backup of your Database prior to upgrading, and read the upgrade pointers on Upgrading Serendipity.

Have fun using Serendipity, and let us know on the Forums if you have any issues!

Update: Accidentaly, the 1.6-alpha release file was uploaded with the wrong file name. This has been fixed, the real files are now available -- users who had already downloaded this 1.6 release can either re-download the new release bundle, or stay at their current version. 1.6 has only 2 minor changes yet, and is 99,9% identical with 1.5 at this point. The most major difference would only be the version number. ;-)
I'm sorry for this fault, I blame it on the german weather...

Mail-server problems

Currently the mailserver of the board.s9y.org is malfunctioning, so new board registrations and reply notifications cannot be sent. Jannis is working on migrating the Mailserver so that the unstable behaviour of the mail-sending of the board is hopefully an issue of the past quite soon.

Update 2009-20-12: SMTP should work again now! If anyone still faces problem, please contact garvin(-at)s9y(-dot)org!