This release adds user accounts and an INI-based configuration
system. The language, skin, author, and login support have improved
dramatically. phplib is now bundled and preconfigured for easier
installation.
A new security model, rewritten NavBar, skins/theme support, multiple langauge support, enhanced documentation, easier layout, buxfixes, speedups, and much more.
Versions of phpslash less than 0.61pl1 have a security hole in Block_render_url.class that allows an authorized phpslash admin to read any file that the webserver process has access to and display that information on the front page. 0.6.2 fixes this and adds several bugfixes for HTML in comments and stories (now works correctly and javascript is stripped out). Also, default_pending mode for comments now works as expected and links are now parsed correctly into glossary definitions.
A bug allowing any user to overwrite comments has
been fixed. Comment display code has been fixed
to display all display modes correctly. Various
regex' have been fixed to format HTML more
nicely.
