From ac4c0991fea56df834d49e98a53938ed5dc48bb4 Mon Sep 17 00:00:00 2001
From: Graham Eames <grahamje@users.sourceforge.net>
Date: Sat, 14 Jan 2006 23:09:57 +0000
Subject: [PATCH] A list of the changes to date

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5462 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/docs/CHANGELOG.html | 62 ++++++++++++++++++++++++---------------
 1 file changed, 38 insertions(+), 24 deletions(-)

diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 3d069416f3..b324acb4a9 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -32,6 +32,7 @@ p,ul,td {font-size:10pt;}
 <ol>
 <li><a href="#changelog">Changelog</a></li>
 <ol type="i">
+	<li><a href="#2019">Changes since 2.0.19</a></li>
 	<li><a href="#2018">Changes since 2.0.18</a></li>
 	<li><a href="#2017">Changes since 2.0.17</a></li>
 	<li><a href="#2016">Changes since 2.0.16</a></li>
@@ -64,7 +65,20 @@ p,ul,td {font-size:10pt;}
 
 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
 
-<a name="2018"></a><h3 class="h3">l.i. Changes since 2.0.18</h3>
+<a name="2019"></a><h3 class="h3">l.i. Changes since 2.0.19</h3>
+
+<ul>
+<li>[Fix] Prevent login attempts from incrementing for inactive users</li>
+<li>[Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight</li>
+<li>[Fix] Regenerate session keys on password change</li>
+<li>[Fix] Better handling of short usernames within the search (bug #105)</li>
+<li>[Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)</li>
+<li>[Fix] Correct use of default_style config value (Bug #861)</li>
+<li>[Sec] Some changes to HTML handling if enabled</li>
+</ul>
+
+
+<a name="2018"></a><h3 class="h3">l.ii. Changes since 2.0.18</h3>
 
 <ul>
 <li>[Fix] corrected index on session keys table under MS SQL</li>
@@ -83,7 +97,7 @@ p,ul,td {font-size:10pt;}
 </ul>
 
 
-<a name="2017"></a><h3 class="h3">l.ii. Changes since 2.0.17</h3>
+<a name="2017"></a><h3 class="h3">l.iii. Changes since 2.0.17</h3>
 
 <ul>
 <li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
@@ -133,7 +147,7 @@ p,ul,td {font-size:10pt;}
 <li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
 </ul>
 
-<a name="2016"></a><h3 class="h3">l.iii. Changes since 2.0.16</h3>
+<a name="2016"></a><h3 class="h3">l.iv. Changes since 2.0.16</h3>
 
 <ul>
 <li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
@@ -149,7 +163,7 @@ p,ul,td {font-size:10pt;}
 <li>Correctly set username on posts when deleting a user from the admin panel</li>
 </ul>
 
-<a name="2015"></a><h3 class="h3">l.iv. Changes since 2.0.15</h3>
+<a name="2015"></a><h3 class="h3">l.v. Changes since 2.0.15</h3>
 
 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@@ -161,7 +175,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>
 
-<a name="2014"></a><h3 class="h3">l.v. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.vi. Changes since 2.0.14</h3>
 
 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@@ -183,7 +197,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>
 
-<a name="2013"></a><h3 class="h3">l.vi. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.vii. Changes since 2.0.13</h3>
 
 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@@ -200,7 +214,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>
 
-<a name="2012"></a><h3 class="h3">l.vii. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.viii. Changes since 2.0.12</h3>
 
 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@@ -208,7 +222,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>
 
-<a name="2011"></a><h3 class="h3">l.viii. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.ix. Changes since 2.0.11</h3>
 
 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@@ -223,7 +237,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>
 
-<a name="2010"></a><h3 class="h3">l.ix. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.x. Changes since 2.0.10</h3>
 
 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@@ -234,7 +248,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>
 
-<a name="209"></a><h3 class="h3">l.x. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.xi. Changes since 2.0.9</h3>
 
 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@@ -247,7 +261,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>
 
-<a name="208"></a><h3 class="h3">l.xi. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.xii. Changes since 2.0.8</h3>
 
 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@@ -266,7 +280,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>
 
-<a name="207"></a><h3 class="h3">l.xii. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.xiii. Changes since 2.0.7</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@@ -278,7 +292,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>
 
-<a name="206"></a><h3 class="h3">1.xiii. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.xiv. Changes since 2.0.6</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@@ -292,7 +306,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>
 
-<a name="205"></a><h3 class="h3">1.xiv. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xv. Changes since 2.0.5</h3>
 
 <ul>
 <li>Fixed various email issues</li>
@@ -308,7 +322,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>
 
-<a name="204"></a><h3 class="h3">1.xv. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xvi. Changes since 2.0.4</h3>
 
 <ul>
 <li>Removed user facing session_id checks</li>
@@ -380,7 +394,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>
 
-<a name="203"></a><h3 class="h3">1.xvi. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xvii. Changes since 2.0.3</h3>
 
 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@@ -507,7 +521,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>
 
-<a name="202"></a><h3 class="h3">1.xvii. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xviii. Changes since 2.0.2</h3>
 
 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@@ -516,7 +530,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>
 
-<a name="201"></a><h3 class="h3">1.xviii. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xix. Changes since 2.0.1</h3>
 
 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@@ -551,7 +565,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>
 
-<a name="200"></a><h3 class="h3">1.xix. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xx. Changes since 2.0.0</h3>
 
 <ul>
 <li>Fixed delete image bug for normal users</li>
@@ -608,7 +622,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>
 
-<a name="final"></a><h3 class="h3">1.xx. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xxi. Changes since RC-4</h3>
 
 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@@ -638,7 +652,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>
 
-<a name="rc4"></a><h3 class="h3">1.xxi. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xxii. Changes since RC-3</h3>
 
 <ul>
 <li>Addressed serious security issue with included files</li>
@@ -669,7 +683,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>
 
-<a name="rc3"></a><h3 class="h3">1.xxii. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xxiii. Changes since RC-2</h3>
 
 <ul>
 <li>Fixed infamous install parse error</li>
@@ -702,7 +716,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>
 
-<a name="rc2"></a><h3 class="h3">1.xxiii. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xxiv. Changes since RC-1</h3>
 
 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@@ -722,7 +736,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>
 
-<a name="rc1"></a><h3 class="h3">1.xxiv. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxv. Changes since RC-1 (pre)</h3>
 
 <ul>
 <li>Upgrade script completed for initial fully functional release</li>