Wordcraft 0.9.1 available

Wed, Apr 8, 2009 08:00 AM
There are several key changes in Wordcraft 0.9.1. The two big things are:
  • Tokens on post forms in the admin to help ward off CSRF attacks.  
  • Database schema updates automated.
The first comes as a result of us doing the same work on Phorum recently.  I realized I needed the same protection in Wordcraft.  The second was done out of neccesity as I changed the datetime fields in the database schema into int fields.  Not sure why I ever made them datetime fields.  Unix timestamps are much easier to work with.  It saves many strtotime() calls and will make eventual time zone settings much easier to implement.

In addition to those two big ones, there were some notable small ones:
  • HTML 4.01 validation fixes
  • Ensuring UTF-8 on all encoding function calls
  • Protection against hitting the back button when writing a post (most annoying on Macs as the back button and the beginning of line keystroke is the same).
And there were other a few other bug fixes.

I will or course need many more testers and users before I can ever declare this software as stable.  If you need a simple blog, give it a try.

About Wordcraft
Wordcraft aims to be a simple, lightweight blogging application.  Wordcraft is written exclusively for PHP 5+ and MySQL 5.0+ using only the PHP mysqli extension, UTF-8, and HTML 4.01 to achieve that simpleness.

Comments are disabled for this post.