Development

Due to a bug in PHP 5.2.2, the Serendipity XML-RPC plugin will no longer work, because PHP does not initialize a required variable correctly.

The bug is listed on PHP.net here and has been fixed in their CVS already. To fix the problem in Serendipity you will need to either update your PHP installation, or downgrade to the previous version.

Since this bug happens at a place where Serendipity has no possibility to interact, the bug cannot be circumvented by the XML-RPC posting plugin, and your provider definitely needs to upgrade PHP as soon as it will be out officially.

rrichards from the forums published his first public OpenID-Plugin results. Check out this thread on the forums. If you're interested in testing the plugin or are interested in OpenID, please give it a look and report about it.

Many thanks to rrichards and all volunteers!

As you might have read in the Serendipity 1.1.1 release announcement, we have a fundamental code change in Serendipity 1.2 concerning the authentication theme.

Those changes were discussed in this forum thread

It basically evolves around those things:

1. Introduce a new, first event hook that can be fired to authenticate external users.
   
   
2. This new event hook requires to execute a plugin before the whole language system is initialized, and thus language preferences have been fetched. To accomodate this, a new cookie has been introduced that defines the language your used has chosen.
   
   
3. A new HTTP / HTTPS session sharing system is now in effect, which allows you to login via HTTPS and be able to work using the HTTP connection and be recognized as logged-in.
   
   

Those changes might introduce new glitches, especially in environments where HTTPS is used, and/or the multilingual plugin features.

Everyone using such an environment, please download a recent Serendipity 1.2 snapshot and try it out on a test-system. You can easily clone an existing installation of yours by copying all files to a second directory, copying the database tables to a different table (or with a different table prefix) and then uploading the Serendpity 1.2 Snapshot to that dummy directory. After your login to that new installation, change the path locations in your Serendipity Configuration and you can test the new install with the data of your production blog.

Your help is much required to ensure the stability of Serendipity. Any problems you face that did not previously show up in older Serendipity versions should please be reported on our forums!

Many thanks go to rrichards_ from the original thread, who implemented the new functionality that will hopefully ultimately lead to OpenID integration into Serendipity. :-)

After the well-received Serendipity 1.1 release, we put our ears to the community and searched for any bugs left. Luckily, those were very few (like the IIS server cookie bug) - we didn't at first believe it, so we let some time go by to be absolutely sure there were no other things to fix before issuing a maintenance release.

And here it is now: Serendipity 1.1.1 is a bugfix-only release to fix these reported issues:

• Windows IIS server cookie/session authentication problem when not running via HTTPS
• Change execution order of trackbacks to properly send them when a failure occurs
• Display proper plugin permissionship restrictions when the admin user is not part of the group that is restricted
• Fixed a bug that some plugins were not able to properly execute in the entry detail view

This is not a security-related upgrade. You only need to apply it if you think you are affected by any of the bugs listed.

Meanwhile, we continue to work on Serendipity 1.2 for feature improvements. Together with helpful users of the forum we are currently working on improving the authentication/plugin API sequence to better support future plugins like OpenID. Any help is appreciated, have a look at the forum thread. Also we are working on improving the Spartacus API, PDO::PostgreSQL support has been added, spamblock plugin improvements and some tweaks to the permalink system.

You can download the new version (or a recent snapshot of Serendipity 1.2) as always on our Download page. Detailed upgrade steps are explained in our FAQ, but it's as simply as: Download, extract, go to the Admin panel. :-)

Have fun!

Some users have reported on the forums that they had login problems to their Serendipity Admin suite since the upgrade to version 1.1.

Thanks to the help of Shadowin it was discovered that a problematic $_SERVER['HTTPS'] variable setting by the Windows IIS Server caused this. According to the PHP documentation, $_SERVER['HTTPS'] should only contain a non-empty value in case of enabled SSL/HTTPS connections, in which case Serendipity would issue a "secure" cookie.

To fix this odd behaviour in Serendipity 1.1 you need to open the file include/functions_config.inc.php and replace the line

$secure = !empty($_SERVER['HTTPS']) ? true : false;

with

$secure = (strtolower($_SERVER['HTTPS']) == 'on') ? true : false;. Also replace this line in the file serendipity_config.inc.php:

if ($_SERVER['HTTPS'])) {
  @ini_set('session.name', 'SSLSID');
  @ini_set('session.cookie_secure', '1');
}

with

if (strtolower($_SERVER['HTTPS']) == 'on') {
  @ini_set('session.name', 'SSLSID');
  @ini_set('session.cookie_secure', '1');
}

This will use a more stricter check. For people who are afraid to edit that file, simply download this file and replace it with your current include/functions_config.inc.php file. Also please download this file and replace it with the 'serendiptiy_config.inc.php' file.

A fully patched 1.1.1 version will be made available later, when we have made sure that there are no other bugs left. So far, the 1.1 version has been received very stable by the public! Thanks for improving Serendipity through your reports and help!

The Serendipity Team is proud to release the Serendipity Weblog version 1.1 to the public.

This new version is aimed for feature enhancement and stability consolidation. The most important change is the overhaul of the media database, which vastly enhances the already obvious superiority of Serendipity's Media management. In depth this means that you can now store and customize meta properties easily - store descriptions, EXIF-Tags and keywords which you can later see and search in your database. You can also now assign detailed privileges for each directory of the media database, and the output is now completely templated. Yes, that means you can customize and style your very own media database, both effective in the backend and the frontend.

The other important change is more granular plugin permission management. You can enable/disable certain markup-plugins on a per-entry basis, and allow/forbid specific usergroups to access certain plugins.

Another visual apparent change is the overhaul of the plugin manager. You can now drag'n'drop order and move your plugins around. Together with the ability of templates to specific the amount and names of sidebars, you have virtually unlimited flexibility for plugin management!

Templating has also intensively been upgraded in the respect of themes being able to specify custom "options". A theme could allow you to choose navigation links, colorsets and much more. Explore the possibilites! Many themes by Carl Galloway and other great designers from our forums have already used that feature to provide you with many cool options!

For the developers among us, it might be of interest to note that Serendipity now also supports easy custom template-engine support. Tired of Smarty? You can also use a plain old PHP template emulation or even a XSLT-transformation layer (read more on this topic here).

Of course we have not only focussed on injecting features, but also fixed some minor bugs, a huge-impact central SQL query optimization and glitches and smaller improvements. In total we have 29 feature improvements, 24 bugfixes and 21 usability/technical improvements. For intense reports on this either read our NEWS-file or past 1.1-beta announcements here and there.

Upgrading is easy as always: Download, unpack, go to your Admin panel, done. Read more here: Serendipity FAQ. The download is available here: Serendipity Download Page.

We hope you'll have fun with this new release and continue to make Serendipity an ever-improving system. Let's have a great 2007!