Use the menu below to choose a header image. You can choose between images included with the theme or use a custom image.

If you are using both sidebars and you want to use an included image then choose one ending with "_large.jpg". For ex: red_sky_large.jpg instead of red_sky.jpg

To choose a custom image, select "custom header path" from the menu list and then click on the "media library" link. A custom header image must be 780x95 in size if you are using only one sidebar or 1000x95 if you are using both sidebars.

Please choose a header image: OUT ); define("FRESHY_CUSTOM_HEADER","Custom header path:"); define("FRESHY_HOMELINK_DESCRIPTION","Enter a custom label for the link pointing to your blog front page: "); define("FRESHY_NAVLINK_TITLE","Navigation link "); define("FRESHY_NAVLINK_DESCRIPTION_URL","Enter URL for Navigation link "); define("FRESHY_NAVLINK_ANCHOR_TEXT","Enter label for Navigation link "); define("FRESHY_NAVBG_TITLE","Navigation highlight colour"); define("FRESHY_NAVBG_DESCRIPTION","Please choose a navigation button highlight colour for this theme: "); define("FRESHY_NAVBG_GREEN","Green"); define("FRESHY_NAVBG_RED","Red"); define("FRESHY_NAVBG_LIGHT_BLUE","Light Blue"); define("FRESHY_NAVBG_BLUE","Blue"); define("FRESHY_NAVBG_PURPLE","Purple"); define("FRESHY_NAVBG_GRAY","Gray"); define("FRESHY_NAVBG_ORANGE","Orange"); define("FRESHY_NAVLINK_HOME","Home"); //only used for s9y versions <1.1 ?> Serendipity

Serendipity 2.1.4 and 2.2.1-alpha1 released

20 09 2018

Two new releases have been issued today. 2.1.4 is a security fix release which addresses these issues:

  • Security: Fix XSS for pagination, when multi-category selection is used. Thanks to Brian Carpenter (geeknik) and Hanno Boeck!
  • Minor code fixes (proper PHP escaping for 'orderkey' SQL statement
  • Skeleton, Timeline and Clean Blog templates: Add theme option to disable google webfonts
  • Link to https s9y.org pages

The 2.2.1-alpha1 release addresses a few larger changes in Serendipity. These are the key points of the release:

  • PHP 7.2 support (including a new autologin token system and bcrypt password hashing)
  • Add function to add multiple images to an enty at once, creating a gallery
  • Added a maintenance mode option
  • Upgrade Smarty to 3.1.32
  • Bootstrap4 adaptations
  • Fixes for plugin drag'n'drop
  • Improvements to the p-mode of nl2br plugin
  • Ability to create responsive image thumbnails
  • Improvements to local caching
  • Rework of moving media items (work in progress)

We would love to get feedback from our users. Be sure to try out the new release only on test/development blogs yet. If you absolutely want to test it on production blogs, make sure to have a backup available.

Both releases can be downloaded from our GitHub release page.


serendipity_event_freetag: Security update

17 08 2018

Together with the security-release of Serendipity 2.1.3, a possible SQL injection has been reported in the serendipity_event_freetag plugin, reported by Brian Carpenter (geeknik) and Hanno Böck. Many thanks for reporting this.

The issue has been fixed in version 3.69 of the plugin which you can install through Spartacus (or manually).


Serendipity 2.1.3 released

16 08 2018

This release addresses several security issues that have been reported to us by Hanno Boeck, Brian Carpenter, oreamnos and Julio Cesar. Many thanks for this!

More specifically:

  • Ensure URL parameter casting for RSS and blog entry limits to prevent possible SQL injection inside the LIMIT statement part Prevent XSS in the "Edit entries" panel
  • Prevent sending comment notifications to more than one email address
  • Disable exit.php-Tracking for open URL redirection, unless the trackexits plugin is specifically configured to do so
  • The release also addresses a new feature for a "legal" plugin property bag attribute (usable for GDPR/DSGVO plugin information) and by default disables subToMe service to prevent GDPR issues.

    Simply download the release and update your blog.


Serendipity 2.1.2 released

25 03 2018

We are happy to announce the availability of the next bugfix release Serendipity 2.1.2.

We have fixed some accumulated bugs:

  • Fixed a regression in Net/DNSBL regarding serendipity_event_spamblock_rbl and serendipity_event_spamblock_surbl by adding Net/DNS2 1.4.3 as a bundled library to core and patching Net/DNSBL.
  • Fixed broken Akismet API calls.
  • Fixed comment preview for logged-in users.
  • Fixed message display after comment editing/deleting

You can download the release file and unzip it to your installation as usual.


Announcing deprecated plugins

14 04 2017

The s9y team has opted to deprecate a group of event and sidebar plugins and remove from the spartacus plugin repository. These plugins use services that no longer exist, are no longer required, no longer maintained etc. We may deprecate more plugins in the future in order to consolidate our plugin base further, but they need to be tested first.

Note that you can still use these plugins if you already have them installed or install them manually, but they will no longer be available through spartacus. You could also volunteer to “save” an umaintained plugin.

See the extended entry for a full list of plugins deprecated in this “wave”.


Continue reading "Announcing deprecated plugins"


Greetings from Serendipity #s9ycamp

09 04 2017

Our group of developers says "Hi!" from the Linux-Hotel in Essen. We met up for the third time (thanks for hosting us!), and it was entertaining and productive as ever - great to have such a nice community and same-spirited people.

We mainly worked on releasing Serendipity 2.1, addressing some last-minute PHP7 things and went through our open issues.

We also talked a lot about coming features for the next Serendipity version, how we want to implement responsive images, improve on our login/hashing framework and went through all of our plugins to see how we can consolidate some of them and remove deprecated ones.