5.5 Change Log

5.5

(31.12.2019) d2649d1 -> M17 (Release Notes)



1. Configuration

  1. disabled registration by default in config

1.1. primary config

  1. added
    • hashid_seed
    • sql_mode_strict
  2. removed
    • header_action
    • footer_action
    • classes_path
    • action_path -> ACTION_DIR
    • formatter_path -> FORMATTER_DIR
    • handler_path -> HANDLER_DIR
    • theme_path -> THEME_DIR
    • upload_path -> UPLOAD_DIR_GLOBAL
    • upload_path_per_page -> UPLOAD_DIR_PER_PAGE
    • upload_path_backup -> UPLOAD_DIR_BACKUP
    • cache_dir -> CACHE_DIR

1.2. secondary config

  1. renamed
    • session_expiration -> session_length
    • x_csp -> csp
    • policy_page -> terms_page
    • disable_autosubscribe -> autosubscribe
  2. new
    • allow_intercom
    • allow_massemail
    • allow_persistent_cookie
    • allowed_languages
    • anonymize_ip
    • approve_new_user
    • attachments_handler
    • default_diff_mode
    • diff_modes
    • enable_captcha
    • enable_referrers
    • ext_bad_behavior
    • footer_tags
    • help_page
    • hide_article_header
    • link_target
    • list_count
    • menu_items
    • nofollow
    • noreferrer
    • noreply_email
    • notify_diff_mode
    • notify_upload
    • privacy_page
    • pwd_admin_min_chars
    • referrer_policy
    • registration_delay
    • session_store
    • show_permalink
    • sorting_comments
  3. removed
    • x_frame_option
    • session_encrypt_cookie
    • allow_swfobject
    • revisions_hide_cancel
    • session_prefix
    • cookie_prefix
    • date_precise_format -> date_format and time_format_seconds
    • date_macro_format -> date_format and time_format
    • phpmailer
    • disable_npjlinks
    • meta_description
    • meta_keywords
    • tls_proxy

1.3. user settings

  1. new
    • sorting_comments
    • notify_minor_edit
    • notify_page
    • notify_comment
    • menu_items
    • diff_mode
  2. renamed
    • changes_count -> list_count
  3. removed
    • revisions_count -> list_count

1.4. constants

  1. new
    • ACTION_DIR
    • AP_LOCK
    • CACHE_CONFIG_DIR
    • CACHE_DIR
    • CACHE_FEED_DIR
    • CACHE_PAGE_DIR
    • CACHE_SESSION_DIR
    • CACHE_SQL_DIR
    • CACHE_TEMPLATE_DIR
    • CHMOD_DIR
    • CHMOD_FILE
    • CHMOD_SAFE
    • CONFIG_DEFAULTS
    • CONFIG_DIR
    • CONFIG_FILE
    • DAYSECS
    • FORMATTER_DIR
    • HANDLER_DIR
    • IMAGE_DIR
    • LINK_FILE
    • LINK_PAGE
    • OBJECT_FILE
    • OBJECT_PAGE
    • RECOVERY_MODE
    • SITEMAP_XML
    • SITE_LOCK
    • SQL_MODE_PERMISSIVE
    • SQL_MODE_STRICT
    • THEME_DIR
    • UPLOAD_BACKUP_DIR
    • UPLOAD_GLOBAL_DIR
    • UPLOAD_PER_PAGE_DIR
    • WACKO_ENV
    • XML_DIR
  2. renamed
    • TRAN_DONTCHANGE -> TRANSLIT_DONTCHANGE
    • TRAN_LOWERCASE -> TRANSLIT_LOWERCASE
    • TRAN_LOAD -> TRANSLIT_LOAD
    • TRAN_DONTLOAD -> TRANSLIT_DONTLOAD
    • ACTIONS4DIFF -> ACTION4DIFF
  3. removed
    • SQL_NULLDATE
    • CSP_CUSTOM -> csp_custom.conf

1.5. conf files

  1. autoload.conf
  2. router.conf
  3. csp_custom.conf
  4. csp_defaults.conf

2. Features

  • new session handler
  • new URI router
  • new template engine
  • added auth and form token
  • added Referrer-Policy HTTP header
  • public registration moderation by admin

3. Core

  • major refactoring of init system
  • fixed missing slash in LIKE condition to clone, backup or rename cluster
  • using password_hash() and password_verify() API
  • replaced the error prone use of KiB for upload quota with Bytes
  • give all forms unique names
  • $_REQUEST allows only $_GET and $_POST
  • uses self-closing tags (void elements) (HTML5): <br> <hr> <img> <input> <link> <meta>
  • added config option: allow_persistent_cookie
  • added option to change the current SQL mode at runtime
  • file:attachment.ext loads now the local file before the global file
    • it tries to load the local file first and only if there is none, it loads the global file
    • to force the global file with the same name use file:/attachment.ext
  • added option to write sitemap only once in a given period
  • automagic mod_rewrite detection
  • Captcha works again out of the box
  • set <meta name="robots" content="noindex,nofollow"> for meta pages like page index, recent changes
  • fixed broken moderator notification
  • switched diff mode for notify_watcher email to source diff
  • fixed DEFAULT value error in save_revision function (STRICT_TRANS_TABLES SQL mode)
  • invalidate cache for pages with form tokens like login and registration: $this->disable_cache = true; in no_cache($client_only = false)
  • removed deprecated X-Frame-Options in favor of the frame-ancestors directive from the CSP Level 2 specification
  • saves now also page lang with revision
  • unset PHP default_charset for page cache to avoid encoding disagrees ini_set('default_charset', NULL);
  • re-implemented target="_blank" as a user option for external links
  • set link to ((user:UserName UserName)) via config['users_page'] in link() function
  • set link to ((group:GroupName GroupName)) via config['groups_page'] in link() function
  • implemented file link tracking file:we_track_reference_like_we_do_for_links.txt
    • please notice that links inside a %% wrapper still get NOT parsed into the *_link tables
  • separate email address for sending emails noreply_email, Send From / No-reply address e.g. noreply@example.com
  • added 'SameSite' cookie attribute: SameSite=Strict
  • removed obsolete TLS-Proxy support
  • page cache takes now also user language into account
  • ensure page via redirect for invalid namespace
  • fixed ensure_tls() sends relative URL in endless loop

3.1. Methods

This is only a random selection.


  • added
    • validate_email($email_address)
    • validate_form_token($form_name)
    • affected_rows($dblink, $results)
    • can_upload() - checks if user has all rights required to upload files
    • update_link_table()
    • set_user_trail($size = 5)
    • get_user_trail($titles = false, $separator = ' > ', $linking = true, $size)
    • binary_multiples_factor ($size, $prefix = true)
    • load_file_usage($file_id, $for = '')
    • set_cookie($name, $value, $persistent = false)
    • user_link($user_name, $account_lang = '', $linking = true, $add_icon = true)
    • group_link($group_name, $group_lang = '', $linking = true, $add_icon = true)
    • notify_moderator($page_id, $tag, $title, $user_name)
    • notify_watcher($page_id, $comment_on_id, $tag, $title, $page_body = '', $user_id, $user_name, $is_revision)
    • get_list_count($max, $default = 50)
    • print_pagination($pagination = '')
    • write_sitemap($write_site_map = false, $update = false)
    • form_autocomplete_off()
    • add_html()
    • get_html_addition()
    • preload_acls()
    • preload_categories()
    • preload_file_links()
  • modified
    • http->no_cache($client_only = true) - added option to disable also server cache for a page, default false (required for form tokens)
    • form_open($form_name = '', [])
  • renamed
    • get_translation() -> _t()
    • user_is_owner() -> is_owner()
    • load_recently_deleted() -> load_deleted()
    • load_recently_changed() -> load_changed()
    • load_recently_comment() -> load_comment()
    • get_time_string_formatted() -> get_time_formatted()
    • set_session_cookie() -> set_cookie()
    • set_persistent_cookie() -> set_cookie()
    • header() -> theme_header()
    • footer() -> theme_footer()
    • cache_links() -> preload_links()
    • track_link_to() -> track_link()
  • removed
    • get_page_time_formatted() -> get_time_formatted($this->page['modified'])

3.2. Classes


  • added
    • see class folder ... plus add a short explanation
    • Dbal - database abstract layer
    • DbMysqli
    • DbPDO
    • Diag
    • Http
    • Installer
    • Session
    • SessionDbalStore
    • SessionFileStore
    • Settings
    • Templatest - templatest compiler and factory
    • TemplatestEscaper
    • TemplatestFilters
    • TemplatestSetter
    • TemplatestUser
    • UriRouter - yet another uri router
    • Ut - assorted utility functions used throughout WackoWiki
  • renamed
    • RSS -> Feed
  • removed
    • Utility -> Ut

3.3. Folders

  • added
    • _cache/session
    • _cache/template
    • action/template
    • handler/page/template
    • formatter/highlight/template
    • theme/default/appearance/template
  • renamed
    • actions -> action
    • classes -> class
    • feeds -> feed
    • files -> file
    • formatters -> formatter
    • handlers -> handler
    • icons -> icon
    • images -> image
    • queries -> query
    • modules -> module
    • themes -> theme
  • removed
    • db

Use singular for folder names, it describes a specific entity.

3.4. Template Engine

The new template engine provides support for templates, to separate visual code (HTML/CSS) from logic code (PHP).


example.php

 $tpl->variable = 'Templatest is awesome.';	

template/example.tpl

 <p>[ ' variable | e ' ]</p>	

classes

  1. templatest.php
  2. templatestescaper.php
  3. templatestfilters.php
  4. templatestsetter.php
  5. templatestuser.php

Template support is available for actions, handlers, formatters and themes.


3.5. URI router

Decouples the serve logic from Apache to be server-agnostic.


class


foo://example.com:8042/over/there?name=ferret#nose
\_/   \______________/\_________/ \_________/ \__/
 |           |            |           |        |
scheme     authority     path        query   fragment
 |     ___________________|__
/ \   /                      \
urn:example:animal:ferret:nose	

router.conf

// whole idea is to take URI path, _GET/_PUT/_SERVER data and other
// meta-data, then process rules in this file sequentially, which
// results in dispatched handler to process query,
// and all arguments extracted from URI for further usage by those handlers
// (e.g. you can extract parts of URI to _GET vars, etc.)


// 'language' guide:
// every line of code consists of regex which matched against URI, and
// actions, all separated by whitespace. there are no possibility to
// include whitespace in regex or action.
// regex will be matched against URI, on success all actions executed, on failure - we go for next regex.
// lines without regex is continuations for same regex, and will be executed sequentially if regex matched.

// every single action can succeed or fail. if any one fails - all
// variable assignments made by THIS line (even before failed action) is
// discarded, and we go to next line.

// two control action exist (all action line must succeed for them to act!)
//	_next!		-- jump to next regex (skip next action lines with empty regex)
//	_ok!		-- search terminated with success
// if no _ok! executed ever - search fails and 404 emitted

// that's all on control flow.

// main regex:
// http://php.net/manual/en/reference.pcre.pattern.syntax.php -- usual php preg_* regex syntax apply, including
// delimiters and options after trailing delimiter.
// convenience macros (defined by 'define' line, or supplied by wackowiki) expanded before matching.
// used as {macro} - to be referenced as $1-vars then, or {var=macro} - for inline assignment.
// macros cannot be used in ~-regexes

// VARIABLES:
//	$0..$9	- fields matched by main regex. $0 is complete match, $1 and later - corresponding (...) parts
//	$a..$j	- as $0..$9 but set by sub-matched (by ~ operator) patterns 
//	Gname	- _GET[name]
//	Pname	- _PUT[name]
//	Sname	- _SERVER[name]
//	others	- local variables
// predefined vars:
//	_tls		- 1 or 0, tls session
//	_uri		- parsed URI (it is matched against main regex, but can be changed by assignment)
//	_method		- _SERVER[REQUEST_METHOD]
//	_rewrite	- 1 or 0, mod_rewrite active
// usage of undefined variables considered a failure (if not masked by @ in VALUE expansion, see later)

// ACTIONS:
// similar format used for all actions (not all fields apply for every action, and just ignored):
//		VARIABLE[:FUNCTION]operatorVALUE

// value is a string, with expanded variables. expansions:
//	$0 .. $9 / $a .. $j -- see above
//	${name}
//	@$... format can be used to mask undefined variable error
//	$$ - replaced by $
//	$@ - replaced by @

// assignments:
// 	FUNCTIONs can be used: tolower | toupper | int
//	var=$1
//	var:tolower=$1
//	var?=$2				-- assign if not set
//	var!				== var=1
//	dbg=$1,$2,$3		-- Ut::dbg printer ;)

// pattern matching:
//	var~/regex/i			-- sets $a..$j on success
//	var!~/regex/i
//	var~hashid:[1-9]		-- hashid expansion, into $a...
//	var!~hashid:[1-9]

// comparisons:
//	FUNCTIONS can be used: int -- both args converted to int before comparison
//	var==12    var!=12    var:int<12    var>12    var<=12    var>=12

// others:
// var?					-- isset
// var-					-- unset

//define	{method}	name|name|name		// predefined by wackowiki
define		{hashid}	[0-9a-zA-Z]+
define		{i}			[0-9]+
define		{h}			[0-9a-fA-F]+
define		{a}			[0-9a-zA-Z]+
define		{w}			[\w]+
define		{}			[^/]*
define		{*}			.*?
define		{**}		.*

//`^{hashid}$`						$1~hashid:2 Gone=$a Gtwo=$b all=$0+${Gone} _ok! _tls!=0 _method~/g(e)t/i BIN:tolower=$b Pln=${_line}
//									desc=$0 term:tolower=MyMethod term!= Gmethod=show _ok!
//`^{hashid}/{Op=*}/{Mode=**}$`
//									Op!~/^diff$/i &next!
//									$1~hashid:2 Gone=$a Gtwo=$b Gmethod:tolower=${Op} _ok! // test

`^`
		SPATH_INFO!= _uri=${SPATH_INFO} _next!		// if PATH_INFO available - use it
		_rewrite==0 _uri=@${Gpage} Gpage-			// when rewrite mode is off - replace _uri by page _GET variable

`^/*{_uri=*}/*$`	// trim _uri of beginning & trailing slashes
`^index\.(php|html)$`									_uri=

'^'												route=static age=30 static=${_uri}

`^robots\.txt$`										_ok!
`^sitemap\.xml$`									_ok! age=0 

`^(theme/{}/css|theme/_common|admin/style)/{}$`			_ok!	// css
`^image/(wikiedit/)?{}$`								_ok!	// icons
`^theme/default/icon/{}$`								_ok!	// icons
`^js/(lang/)?{}$`									_ok!	// js
`^file/global/{}$`									_ok!	// global uploads
`^setup/(image|css)/{}$`								_ok! unlock=1	// setup inlines
`^xml/{}$`											_ok! age=0	// feeds

'^'												_ok! _install!=0 route=install unlock=1
												session=1 age- static-

`^\.freecap$`										_ok! route=freecap

'^'												engine=1 route=wacko

`^admin\.php$`										_ok! route=admin

`^{}(/.*)?$`
		$1~hashid:2 page=$ax$b method=Hashid _ok!
		// $1~hashid:2 Gpage_id=$a Gversion_id=$b page= method=show redirect=301 _ok!

//`^{i}rev{i}$`
//		page=$1x$2 method=Hashid redirect=301 _ok!

//`^{page=}$`
//		method=show _ok!

`^(|{page=**}/){method}(/.*?)?$`i
		method:tolower=$3 _ok!

// catch-all
`{page=**}`
		method=show _ok!	

4. Database



5. Installer

  • added option to select only a subset of the available languages with multilanguage mode on
  • added option to set 'cp1257 Windows Baltic'
  • set noindex true for all default pages except for Home and Admin page
  • removed obsolete secondary config settings
  • use version_compare() scheme for upgrade, e.g. version_compare('5.5.rc', '5.5.beta2')
  • fixed DEFAULT values errors for columns 'body_r' and 'body_toc' (STRICT_TRANS_TABLES SQL mode)
  • added missing DEFAULT values in table creation scripts
  • normalized SQL query arrays
  • purges old cache files
  • does not overwrites the provided 'site_name' with the default value anymore
  • fixed wrong version sorting of upgrade array

6. Formatters

  • uses new HTML5 <mark> tag for ??highlight text?? syntax
  • parses now audio and video links into their media tags
  • added
    • support for audio, video and SVG files
    • option to add rel= noreferrer and nofollow to external links
    • added <ignore> tag as terminator for paragrafica -> bugs:375
    • new formatter for command line: %%(cl) %%
      • zypper dup --no-recommends	
    • anchor link to headings
    • added rel="noopener" for target="_blank"
    • added file:/image.png?200x400&direct&caption media parameters for
      • linking
        • direct - to file
        • nolink - shows only the image
        • linkonly - shows only link
        • meta - to filemeta handler (default)
      • alignment
        • right
        • left
        • center
      • resizing
        • 400x300 - width x height
        • 0x700 - height
        • 600 - width
      • others
        • caption - shows caption
        • clear - clears float
  • removed
    • double nested pre tag if highlighter class is used
    • redundant anchor <a name="[p|h]1249-1">
    • npjlink patterns
    • icq highlighters -> chat highlighter
  • implemented ACTION4DIFF, sets allowed actions in DIFF
  • does not strip anymore whitespace (or other characters) at the beginning of a non-empty line %% code example %%
  • added new wrapper parameter clear -> clears float
  • made numbers settings accessible for Text_Highlighter:
    • %%(hl css numbers=1 start=2) code example %%
    • numbers line numbering style: 1 -> ol, 2 -> table
    • start make the line numbers start at any number, rather than just 1
    • 2
      3
      
      body {margin: 0; padding:5px;}
      .class {background:url("http://www.example.com/")}
  • assigned custom CSS class to interwiki link for icon
    • e.g. source:master/wacko/index.php -> source:master/wacko/index.php -> class="iw-source"
    • e.g. bugs:wacko/index.php -> bugs:395 -> class="iw-bugs"
    • add your CSS class and icon accordingly
      a.iw-source .icon {
          background: rgba(0, 0, 0, 0) url('./../icon/repository.svg') no-repeat scroll left center;
          padding-left: 17px;
      }
      a.iw-bugs .icon {
          background: rgba(0, 0, 0, 0) url('./../icon/report-bug.svg') no-repeat scroll left center;
          padding-left: 17px;
      }
  • fixed broken IRI link encoding

7. Actions

  • toc: allow missing heading levels in table of content
  • fixed inconsistent use of alias 'page' for 'for' / 'root' in actions -> use page= from now on
  • topics: allow user to edit his forum posts per default
  • include: hide edit link in include if user has no rights to edit the included page
  • menu: fixed broken setting with system=1 (guests)
  • files:
    • fixed false reference for files_cache
    • added parameter track (default off)
    • replaced parameter picture with media
  • search: add categories in results and filter
  • pageindex: added system=1 option to hide default pages
  • whatsnew: added pagination
  • orphaned: fixed broken orphaned pages selection
  • adminupdate: added routine to set missing ACL sets
  • redirect: added parameter temporary=1 to set HTTP status code to 302 (new default: 301)
  • added templates for actions, see sub-folder template/
  • added
    • fileusage
    • hashid
    • lastedited
    • randomimage
  • removed
    • permalinkproxy
    • permalink -> successor hashid

8. Handlers

  1. show: fixed broken redirect after editing a page comment with active paging
  2. renamed ms to wordprocessor
  3. diff: added a link to switch directly between diff modes
  4. referrers: added anchor for internal links
  5. _comments: toggle setting that allows users to list comments either with the most recent OR the oldest comment at the top of the list of page comments
  6. upload: added missing file path for local file in preview link
  7. allowed Admin to fix e.g. typos in comments of other users
  8. properties: show keywords with related categories in page properties
  9. remove: updates menu array in session after deleting a related page
  10. show: moved page title (H1) from theme header to show handler
    • to suppress the page title you can set hide_article_header true in your action or theme
  11. added option to turn external referrers off or to show them only to administrators, off by default
  12. added attachments handler
  13. added filemeta handler
  14. added paging to revisions
  15. added templates for handlers, see sub-folder template/

9. Themes

  1. replaced GIF with PNG/SVG icons
    1. optimized SVG files with SVG Cleaner
  2. HTML5 Migration
  3. removed smooth scrolling JavaScript functions in default.js
    • body {
        scroll-behavior: smooth;
      } 	
  4. default theme
    1. use reverse hierarchy order in page titles
    2. bookmarks as dropdown
    3. added templates, see sub-folder appearance/template/
  5. moved theme icons to default.css
  6. moved wiki link icons to wacko.css
  7. added viewport meta tag <meta name="viewport" content="width=device-width, initial-scale=1">

10. WikiEdit

11. Admin panel

  1. now you must be logged as Admin in the first place to access the admin panel
  2. recovery password login (in case of db corruption) -> requires to set RECOVERY_MODE to 1
  3. fixed Admin Panel sets mode_rewrite always on
  4. fixed broken groups management
  5. backup & restore:
    1. fixed broken processing of default values with '' and 'timestamp'
    2. uses now the DEFAULT keyword to restore empty values
    3. fixed broken backup and restore for cluster
  6. added AP module
    1. to convert MyISAM to InnoDB
    2. for Bad Behavior extension
    3. for user approval
    4. to config appearance
    5. to config upload
  7. localized most of the message sets, please help to translate the English placeholders into your language
  8. loads separate lang files for Admin panel (see admin/lang/ap.<lang>.php)
  9. data sync: added parameter to limit redirects and the number of pages per turn for re-rendering pages

12. Extensions

  1. added Bad Behavior extension

13. Translations

14. Packages

added


updated


removed

  • SWFObject



Note that the changelog is usually incomplete, for a complete list of changes that went into R5.5, you can browse the Commit log, the Bug Tracker Log and ToDo list.