5.5 Change Log

5.5

(31.12.2019) d2649d1 -> M17 (Release Notes)

1. Configuration

disabled registration by default in config

1.1. primary config

added
- hashid_seed
- sql_mode_strict
removed
- header_action
- footer_action
- classes_path
- action_path -> ACTION_DIR
- formatter_path -> FORMATTER_DIR
- handler_path -> HANDLER_DIR
- theme_path -> THEME_DIR
- upload_path -> UPLOAD_DIR_GLOBAL
- upload_path_per_page -> UPLOAD_DIR_PER_PAGE
- upload_path_backup -> UPLOAD_DIR_BACKUP
- cache_dir -> CACHE_DIR

1.2. secondary config

renamed
- session_expiration -> session_length
- x_csp -> csp
- policy_page -> terms_page
- disable_autosubscribe -> autosubscribe
new
- allow_intercom
- allow_massemail
- allow_persistent_cookie
- allowed_languages
- anonymize_ip
- approve_new_user
- attachments_handler
- default_diff_mode
- diff_modes
- enable_captcha
- enable_referrers
- ext_bad_behavior
- footer_tags
- help_page
- hide_article_header
- link_target
- list_count
- menu_items
- nofollow
- noreferrer
- noreply_email
- notify_diff_mode
- notify_upload
- privacy_page
- pwd_admin_min_chars
- referrer_policy
- registration_delay
- session_store
- show_permalink
- sorting_comments
removed
- x_frame_option
- session_encrypt_cookie
- allow_swfobject
- revisions_hide_cancel
- session_prefix
- cookie_prefix
- date_precise_format -> date_format and time_format_seconds
- date_macro_format -> date_format and time_format
- phpmailer
- disable_npjlinks
- meta_description
- meta_keywords
- tls_proxy

1.3. user settings

new
- sorting_comments
- notify_minor_edit
- notify_page
- notify_comment
- menu_items
- diff_mode
renamed
- changes_count -> list_count
removed
- revisions_count -> list_count

1.4. constants

new
- ACTION_DIR
- AP_LOCK
- CACHE_CONFIG_DIR
- CACHE_DIR
- CACHE_FEED_DIR
- CACHE_PAGE_DIR
- CACHE_SESSION_DIR
- CACHE_SQL_DIR
- CACHE_TEMPLATE_DIR
- CHMOD_DIR
- CHMOD_FILE
- CHMOD_SAFE
- CONFIG_DEFAULTS
- CONFIG_DIR
- CONFIG_FILE
- DAYSECS
- FORMATTER_DIR
- HANDLER_DIR
- IMAGE_DIR
- LINK_FILE
- LINK_PAGE
- OBJECT_FILE
- OBJECT_PAGE
- RECOVERY_MODE
- SITEMAP_XML
- SITE_LOCK
- SQL_MODE_PERMISSIVE
- SQL_MODE_STRICT
- THEME_DIR
- UPLOAD_BACKUP_DIR
- UPLOAD_GLOBAL_DIR
- UPLOAD_PER_PAGE_DIR
- WACKO_ENV
- XML_DIR
renamed
- TRAN_DONTCHANGE -> TRANSLIT_DONTCHANGE
- TRAN_LOWERCASE -> TRANSLIT_LOWERCASE
- TRAN_LOAD -> TRANSLIT_LOAD
- TRAN_DONTLOAD -> TRANSLIT_DONTLOAD
- ACTIONS4DIFF -> ACTION4DIFF
removed
- SQL_NULLDATE
- CSP_CUSTOM -> csp_custom.conf

1.5. conf files

2. Features

new session handler
new URI router
new template engine
added auth and form token
added Referrer-Policy HTTP header
public registration moderation by admin

3. Core

major refactoring of init system
fixed missing slash in LIKE condition to clone, backup or rename cluster
using password_hash() and password_verify() API
replaced the error prone use of KiB for upload quota with Bytes
give all forms unique names
$_REQUEST allows only $_GET and $_POST
uses self-closing tags (void elements) (HTML5): <br> <hr> <img> <input> <link> <meta>
added config option: allow_persistent_cookie
added option to change the current SQL mode at runtime
file:attachment.ext loads now the local file before the global file
- it tries to load the local file first and only if there is none, it loads the global file
- to force the global file with the same name use file:/attachment.ext
added option to write sitemap only once in a given period
automagic mod_rewrite detection
Captcha works again out of the box
set <meta name="robots" content="noindex,nofollow"> for meta pages like page index, recent changes
fixed broken moderator notification
switched diff mode for notify_watcher email to source diff
fixed DEFAULT value error in save_revision function (STRICT_TRANS_TABLES SQL mode)
invalidate cache for pages with form tokens like login and registration: $this->disable_cache = true; in no_cache($client_only = false)
removed deprecated X-Frame-Options in favor of the frame-ancestors directive from the CSP Level 2 specification
saves now also page lang with revision
unset PHP default_charset for page cache to avoid encoding disagrees ini_set('default_charset', NULL);
re-implemented target="_blank" as a user option for external links
set link to ((user:UserName UserName)) via config['users_page'] in link() function
set link to ((group:GroupName GroupName)) via config['groups_page'] in link() function
implemented file link tracking file:we_track_reference_like_we_do_for_links.txt
- please notice that links inside a %% wrapper still get NOT parsed into the *_link tables
separate email address for sending emails noreply_email, Send From / No-reply address e.g. noreply@example.com
added 'SameSite' cookie attribute: SameSite=Strict
removed obsolete TLS-Proxy support
page cache takes now also user language into account
ensure page via redirect for invalid namespace
fixed ensure_tls() sends relative URL in endless loop

3.1. Methods

This is only a random selection.

added
- validate_email($email_address)
- validate_form_token($form_name)
- affected_rows($dblink, $results)
- can_upload() - checks if user has all rights required to upload files
- update_link_table()
- set_user_trail($size = 5)
- get_user_trail($titles = false, $separator = ' > ', $linking = true, $size)
- binary_multiples_factor ($size, $prefix = true)
- load_file_usage($file_id, $for = '')
- set_cookie($name, $value, $persistent = false)
- user_link($user_name, $account_lang = '', $linking = true, $add_icon = true)
- group_link($group_name, $group_lang = '', $linking = true, $add_icon = true)
- notify_moderator($page_id, $tag, $title, $user_name)
- notify_watcher($page_id, $comment_on_id, $tag, $title, $page_body = '', $user_id, $user_name, $is_revision)
- get_list_count($max, $default = 50)
- print_pagination($pagination = '')
- write_sitemap($write_site_map = false, $update = false)
- form_autocomplete_off()
- add_html()
- get_html_addition()
- preload_acls()
- preload_categories()
- preload_file_links()
modified
- http->no_cache($client_only = true) - added option to disable also server cache for a page, default false (required for form tokens)
- form_open($form_name = '', [])
renamed
- get_translation() -> _t()
- user_is_owner() -> is_owner()
- load_recently_deleted() -> load_deleted()
- load_recently_changed() -> load_changed()
- load_recently_comment() -> load_comment()
- get_time_string_formatted() -> get_time_formatted()
- set_session_cookie() -> set_cookie()
- set_persistent_cookie() -> set_cookie()
- header() -> theme_header()
- footer() -> theme_footer()
- cache_links() -> preload_links()
- track_link_to() -> track_link()
removed
- get_page_time_formatted() -> get_time_formatted($this->page['modified'])

3.2. Classes

added
- see class folder ... plus add a short explanation
- Dbal - database abstract layer
- DbMysqli
- DbPDO
- Diag
- Http
- Installer
- Session
- SessionDbalStore
- SessionFileStore
- Settings
- Templatest - templatest compiler and factory
- TemplatestEscaper
- TemplatestFilters
- TemplatestSetter
- TemplatestUser
- UriRouter - yet another uri router
- Ut - assorted utility functions used throughout WackoWiki
renamed
- RSS -> Feed
removed
- Utility -> Ut

3.3. Folders

added
- _cache/session
- _cache/template
- action/template
- handler/page/template
- formatter/highlight/template
- theme/default/appearance/template
renamed
- actions -> action
- classes -> class
- feeds -> feed
- files -> file
- formatters -> formatter
- handlers -> handler
- icons -> icon
- images -> image
- queries -> query
- modules -> module
- themes -> theme
removed
- db

Use singular for folder names, it describes a specific entity.

3.4. Template Engine

The new template engine provides support for templates, to separate visual code (HTML/CSS) from logic code (PHP).

example.php

 $tpl->variable = 'Templatest is awesome.';

template/example.tpl

 <p>[ ' variable | e ' ]</p>

classes

Template support is available for actions, handlers, formatters and themes.

3.5. URI router

Decouples the serve logic from Apache to be server-agnostic.

class

urirouter.php

foo://example.com:8042/over/there?name=ferret#nose
\_/   \______________/\_________/ \_________/ \__/
 |           |            |           |        |
scheme     authority     path        query   fragment
 |     ___________________|__
/ \   /                      \
urn:example:animal:ferret:nose

router.conf

// whole idea is to take URI path, _GET/_PUT/_SERVER data and other
// meta-data, then process rules in this file sequentially, which
// results in dispatched handler to process query,
// and all arguments extracted from URI for further usage by those handlers
// (e.g. you can extract parts of URI to _GET vars, etc.)


// 'language' guide:
// every line of code consists of regex which matched against URI, and
// actions, all separated by whitespace. there are no possibility to
// include whitespace in regex or action.
// regex will be matched against URI, on success all actions executed, on failure - we go for next regex.
// lines without regex is continuations for same regex, and will be executed sequentially if regex matched.

// every single action can succeed or fail. if any one fails - all
// variable assignments made by THIS line (even before failed action) is
// discarded, and we go to next line.

// two control action exist (all action line must succeed for them to act!)
//	_next!		-- jump to next regex (skip next action lines with empty regex)
//	_ok!		-- search terminated with success
// if no _ok! executed ever - search fails and 404 emitted

// that's all on control flow.

// main regex:
// http://php.net/manual/en/reference.pcre.pattern.syntax.php -- usual php preg_* regex syntax apply, including
// delimiters and options after trailing delimiter.
// convenience macros (defined by 'define' line, or supplied by wackowiki) expanded before matching.
// used as {macro} - to be referenced as $1-vars then, or {var=macro} - for inline assignment.
// macros cannot be used in ~-regexes

// VARIABLES:
//	$0..$9	- fields matched by main regex. $0 is complete match, $1 and later - corresponding (...) parts
//	$a..$j	- as $0..$9 but set by sub-matched (by ~ operator) patterns 
//	Gname	- _GET[name]
//	Pname	- _PUT[name]
//	Sname	- _SERVER[name]
//	others	- local variables
// predefined vars:
//	_tls		- 1 or 0, tls session
//	_uri		- parsed URI (it is matched against main regex, but can be changed by assignment)
//	_method		- _SERVER[REQUEST_METHOD]
//	_rewrite	- 1 or 0, mod_rewrite active
// usage of undefined variables considered a failure (if not masked by @ in VALUE expansion, see later)

// ACTIONS:
// similar format used for all actions (not all fields apply for every action, and just ignored):
//		VARIABLE[:FUNCTION]operatorVALUE

// value is a string, with expanded variables. expansions:
//	$0 .. $9 / $a .. $j -- see above
//	${name}
//	@$... format can be used to mask undefined variable error
//	$$ - replaced by $
//	$@ - replaced by @

// assignments:
// 	FUNCTIONs can be used: tolower | toupper | int
//	var=$1
//	var:tolower=$1
//	var?=$2				-- assign if not set
//	var!				== var=1
//	dbg=$1,$2,$3		-- Ut::dbg printer ;)

// pattern matching:
//	var~/regex/i			-- sets $a..$j on success
//	var!~/regex/i
//	var~hashid:[1-9]		-- hashid expansion, into $a...
//	var!~hashid:[1-9]

// comparisons:
//	FUNCTIONS can be used: int -- both args converted to int before comparison
//	var==12    var!=12    var:int<12    var>12    var<=12    var>=12

// others:
// var?					-- isset
// var-					-- unset

//define	{method}	name|name|name		// predefined by wackowiki
define		{hashid}	[0-9a-zA-Z]+
define		{i}			[0-9]+
define		{h}			[0-9a-fA-F]+
define		{a}			[0-9a-zA-Z]+
define		{w}			[\w]+
define		{}			[^/]*
define		{*}			.*?
define		{**}		.*

//`^{hashid}$`						$1~hashid:2 Gone=$a Gtwo=$b all=$0+${Gone} _ok! _tls!=0 _method~/g(e)t/i BIN:tolower=$b Pln=${_line}
//									desc=$0 term:tolower=MyMethod term!= Gmethod=show _ok!
//`^{hashid}/{Op=*}/{Mode=**}$`
//									Op!~/^diff$/i &next!
//									$1~hashid:2 Gone=$a Gtwo=$b Gmethod:tolower=${Op} _ok! // test

`^`
		SPATH_INFO!= _uri=${SPATH_INFO} _next!		// if PATH_INFO available - use it
		_rewrite==0 _uri=@${Gpage} Gpage-			// when rewrite mode is off - replace _uri by page _GET variable

`^/*{_uri=*}/*$`	// trim _uri of beginning & trailing slashes
`^index\.(php|html)$`									_uri=

'^'												route=static age=30 static=${_uri}

`^robots\.txt$`										_ok!
`^sitemap\.xml$`									_ok! age=0 

`^(theme/{}/css|theme/_common|admin/style)/{}$`			_ok!	// css
`^image/(wikiedit/)?{}$`								_ok!	// icons
`^theme/default/icon/{}$`								_ok!	// icons
`^js/(lang/)?{}$`									_ok!	// js
`^file/global/{}$`									_ok!	// global uploads
`^setup/(image|css)/{}$`								_ok! unlock=1	// setup inlines
`^xml/{}$`											_ok! age=0	// feeds

'^'												_ok! _install!=0 route=install unlock=1
												session=1 age- static-

`^\.freecap$`										_ok! route=freecap

'^'												engine=1 route=wacko

`^admin\.php$`										_ok! route=admin

`^{}(/.*)?$`
		$1~hashid:2 page=$ax$b method=Hashid _ok!
		// $1~hashid:2 Gpage_id=$a Gversion_id=$b page= method=show redirect=301 _ok!

//`^{i}rev{i}$`
//		page=$1x$2 method=Hashid redirect=301 _ok!

//`^{page=}$`
//		method=show _ok!

`^(|{page=**}/){method}(/.*?)?$`i
		method:tolower=$3 _ok!

// catch-all
`{page=**}`
		method=show _ok!

4. Database

Database schema changes

5. Installer

added option to select only a subset of the available languages with multilanguage mode on
added option to set 'cp1257 Windows Baltic'
set noindex true for all default pages except for Home and Admin page
removed obsolete secondary config settings
use version_compare() scheme for upgrade, e.g. version_compare('5.5.rc', '5.5.beta2')
fixed DEFAULT values errors for columns 'body_r' and 'body_toc' (STRICT_TRANS_TABLES SQL mode)
added missing DEFAULT values in table creation scripts
normalized SQL query arrays
purges old cache files
does not overwrites the provided 'site_name' with the default value anymore
fixed wrong version sorting of upgrade array

6. Formatters

uses new HTML5 <mark> tag for ??highlight text?? syntax
parses now audio and video links into their media tags
added
- support for audio, video and SVG files
- option to add rel= noreferrer and nofollow to external links
- added <ignore> tag as terminator for paragrafica -> bugs:375
- new formatter for command line: %%(cl) %%
  - ```
  zypper dup --no-recommends	
```
- anchor link to headings
- added rel="noopener" for target="_blank"
- added file:/image.png?200x400&direct&caption media parameters for
  - linking
    - direct - to file
    - nolink - shows only the image
    - linkonly - shows only link
    - meta - to filemeta handler (default)
  - alignment
    - right
    - left
    - center
  - resizing
    - 400x300 - width x height
    - 0x700 - height
    - 600 - width
  - others
    - caption - shows caption
    - clear - clears float
removed
- double nested pre tag if highlighter class is used
- redundant anchor <a name="[p|h]1249-1">
- npjlink patterns
- icq highlighters -> chat highlighter
implemented ACTION4DIFF, sets allowed actions in DIFF
does not strip anymore whitespace (or other characters) at the beginning of a non-empty line %% code example %%
added new wrapper parameter clear -> clears float
made numbers settings accessible for Text_Highlighter:
- %%(hl css numbers=1 start=2) code example %%
- numbers line numbering style: 1 -> ol, 2 -> table
- start make the line numbers start at any number, rather than just 1
- 2 3
  body {margin: 0; padding:5px;} .class {background:url("http://www.example.com/")}

assigned custom CSS class to interwiki link for icon

e.g. source:master/wacko/index.php -> source:master/wacko/index.php -> class="iw-source"
e.g. bugs:wacko/index.php -> bugs:395 -> class="iw-bugs"

add your CSS class and icon accordingly

a.iw-source .icon {
    background: rgba(0, 0, 0, 0) url('./../icon/repository.svg') no-repeat scroll left center;
    padding-left: 17px;
}
a.iw-bugs .icon {
    background: rgba(0, 0, 0, 0) url('./../icon/report-bug.svg') no-repeat scroll left center;
    padding-left: 17px;
}

fixed broken IRI link encoding
- https://de.wikipedia.org/wiki/Geh%C3%B6rnte_Mauerbiene
- https://ru.wikipedia.org/wiki/[...]81%D0%B0%D0%B1%D0%B8

7. Actions

toc: allow missing heading levels in table of content
fixed inconsistent use of alias 'page' for 'for' / 'root' in actions -> use page= from now on
topics: allow user to edit his forum posts per default
include: hide edit link in include if user has no rights to edit the included page
menu: fixed broken setting with system=1 (guests)
files:
- fixed false reference for files_cache
- added parameter track (default off)
- replaced parameter picture with media
search: add categories in results and filter
pageindex: added system=1 option to hide default pages
whatsnew: added pagination
orphaned: fixed broken orphaned pages selection
adminupdate: added routine to set missing ACL sets
redirect: added parameter temporary=1 to set HTTP status code to 302 (new default: 301)
added templates for actions, see sub-folder template/
added
- fileusage
- hashid
- lastedited
- randomimage
removed
- permalinkproxy
- permalink -> successor hashid

8. Handlers

show: fixed broken redirect after editing a page comment with active paging
renamed ms to wordprocessor
diff: added a link to switch directly between diff modes
referrers: added anchor for internal links
_comments: toggle setting that allows users to list comments either with the most recent OR the oldest comment at the top of the list of page comments
upload: added missing file path for local file in preview link
allowed Admin to fix e.g. typos in comments of other users
properties: show keywords with related categories in page properties
remove: updates menu array in session after deleting a related page
show: moved page title (H1) from theme header to show handler
- to suppress the page title you can set hide_article_header true in your action or theme
added option to turn external referrers off or to show them only to administrators, off by default
added attachments handler
added filemeta handler
added paging to revisions
added templates for handlers, see sub-folder template/

9. Themes

replaced GIF with PNG/SVG icons
1. optimized SVG files with SVG Cleaner
HTML5 Migration
removed smooth scrolling JavaScript functions in default.js
- ```
body {
  scroll-behavior: smooth;
} 	
```
default theme
1. use reverse hierarchy order in page titles
2. bookmarks as dropdown
3. added templates, see sub-folder appearance/template/
moved theme icons to default.css
moved wiki link icons to wacko.css
added viewport meta tag <meta name="viewport" content="width=device-width, initial-scale=1">

10. WikiEdit

localized WikiEdit
- language file folder for message sets: js/lang/wikiedit.<lang>.js
moved toolbar icons to default.css

11. Admin panel

now you must be logged in as Admin in the first place to access the admin panel
recovery password login (in case of db corruption) -> requires to set RECOVERY_MODE to 1
fixed Admin Panel sets mode_rewrite always on
fixed broken groups management
backup & restore:
1. fixed broken processing of default values with '' and 'timestamp'
2. uses now the DEFAULT keyword to restore empty values
3. fixed broken backup and restore for cluster
added AP module
1. to convert MyISAM to InnoDB
2. for Bad Behavior extension
3. for user approval
4. to config appearance
5. to config upload
localized most of the message sets, please help to translate the English placeholders into your language
loads separate lang files for Admin panel (see admin/lang/ap.<lang>.php)
data sync: added parameter to limit redirects and the number of pages per turn for re-rendering pages

12. Extensions

added Bad Behavior extension

13. Translations

Localization
- added new message sets

14. Packages

added

Bad Behavior 2.2.23
Hashids 3.0.0 (Changelog)
php-diff 1.0
clipboard.js v2.0.0

updated

PHP Thumb Library 2.1
Text_Highlighter 0.8.0
SafeHTML 1.3.11
WikiEdit 3.15
SimplePie 1.5.4 (Changelog)
PHPMailer 6.1.4 (Changelog)

removed

SWFObject

Note that the changelog is usually incomplete, for a complete list of changes that went into R5.5, you can browse the Commit log, the Bug Tracker Log and ToDo list.