Wordcraft 0.9.1 available
Wed, Apr 8, 2009 08:00 AM
There are several key changes in Wordcraft 0.9.1. The two big
things are:
-
Tokens on post forms in the admin to help ward off
CSRF attacks.
-
Database schema updates automated.
The first comes as a result of us doing the same work on
Phorum recently. I realized I needed the same protection in
Wordcraft. The second was done out of neccesity as I changed
the datetime fields in the database schema into int fields.
Not sure why I ever made them datetime fields. Unix
timestamps are much easier to work with. It saves many
strtotime() calls and will make eventual time zone settings much
easier to implement.
In addition to those two big ones, there were some notable small
ones:
- HTML 4.01 validation fixes
- Ensuring UTF-8 on all encoding function calls
- Protection against hitting the back button when writing a
post (most annoying on Macs as the back button and the
beginning of line keystroke is the same).
And there were other a few
other bug
fixes.
I will or course need many more testers and users before I can ever
declare this software as stable. If you need a simple blog,
give it a try.
About Wordcraft
Wordcraft aims to be a simple, lightweight blogging
application. Wordcraft is written exclusively for PHP 5+ and
MySQL 5.0+ using only the PHP mysqli extension, UTF-8, and HTML
4.01 to achieve that simpleness.
Comments are disabled for this post.
