Thu Nov 19 2009 @ 06:44:39 by shadow (r2084) Due to the way it was coded, it worked on the dev server, but not the stable server. Here is the final fix, thoroughly tested on all servers. Fixed: Application 18 (all parts) Thu Nov 19 2009 @ 04:23:09 by shadow (r2080) Application 18 final fix. A full deep dive into the code revealed a small issue, and everything was corrected. Fixed: Application 18 and the checker Thu Nov 19 2009 @ 00:14:43 by shadow (r2075) Fixed many major bugs. Fixed: Application 18 checker Fixed: Basic 11->Basic 12 Logic Fixed: Apostrophes in articles Fixed: All forum functions Thu Nov 12 2009 @ 22:40:10 by shadow (r2068) Did some backend testing in the dev sandbox, allowed more access to staff members, fixed a couple access related functions, prepared a test for fixing app18, as well as making it work for people with the leading 0's glitch, and added a redirect on Real 8. Added: Redirect in realistic mission 8 Fixed: Function checkAccess - user id Updated: App 18 *win* checker Updated: App 18 functionality Removed: Random this and thats. Sat Sep 19 2009 @ 04:34:16 by scram (r2027) Changed article stuff a bit, added donors page, fixed Firefox download link. Added: donors page so it won't 404 anymore Fixed: Firefox download link tooltip Updated: moderators and above can always submit articles Updated: require two missions to be completed to submit an article whether they have two missions completed or not Thu Sep 17 2009 @ 22:05:44 by scram (r2015) Fixed registration issue. Fixed: Registration issue that kept saying that the website was invalid. Thu Sep 17 2009 @ 00:20:22 by scram (r2014) Fixed a lot of things. Added: Admin page to test if SMTP is working Added: Better interface to the admin page to clear user missions Fixed: Attempting to fix random segfaults during user registration Fixed: Fixed some missions not displaying the mission page if you entered an incorrect password Fixed: Many small security fixes Updated: Require one mission done to submit an article Thu Aug 20 2009 @ 23:25:57 by scram (r1939) Fixed comment vulnerability. Fixed: Comment vulnerability Thu Aug 20 2009 @ 23:17:39 by scram (r1938) Fixed comment vulnerability. Fixed: Comment vulnerability Mon Aug 17 2009 @ 18:05:41 by kage (r1926) Fixing themes Fixed: Fixing some issues with the themes Mon Aug 17 2009 @ 17:42:32 by kage (r1925) Fixing some large exploits and restoring from a previous database backup Fixed: Exploits in code Sat Aug 15 2009 @ 19:04:10 by wyrmkill (r1857) Removing bugs Fixed: Removing Bugs Sat Aug 15 2009 @ 18:47:29 by wyrmkill (r1856) Fixing Bugs Fixed: Bugs Bunny Fri Aug 14 2009 @ 19:05:40 by wyrmkill (r1852) Fixing bugzzzz Removed: Bugs Bunny Wed Aug 12 2009 @ 20:32:03 by kage (r1826) Removing a large vulnerability Removed: Removing unauthorized code Thu Aug 6 2009 @ 22:08:43 by kage (r1816) Forgot one minor change so forums work on Stable Fixed: Configuration error in forums Thu Aug 6 2009 @ 22:05:48 by kage (r1815) Forums are fixed, for real this time Fixed: Syntax errors in forums Updated: Forums backend software Thu Aug 6 2009 @ 00:24:12 by wyrmkill (r1808) Forums Fixed: Forums Thu Aug 6 2009 @ 00:01:17 by wyrmkill (r1804) Lots of updates Changed Requirements for Hacker Emblem Added: View access for admins/mods Fixed: Typos on several pages Fixed: Bug in app 18 Fixed: Reset password Updated: Clear mission function for admins/mods Updated: phpbb3 Updated: No longer need to have completed all basics for hacker emblem Updated: Receive hacker emblem for completing five mission categories Removed: Several security risks Fri Jul 31 2009 @ 20:16:25 by wyrmkill (r1654) Added new features Added: The ability to edit bugs Updated: Access error page Updated: App 18 Fri Jul 31 2009 @ 18:05:16 by kage (r1624) Fixing an issue with the forums, and adding features to Bug Management and ExtBasic missions. Added: Caching to ExtBasic missions Added: Bug Management editing Fixed: SQL authentication error in the forums Fri Jul 31 2009 @ 15:00:33 by kage (r1596) Fixing a few password things and changing some missions Added: GeSHi syntax highlighting for ExtBasic missions Removed: Points for logic missions Fri Jul 31 2009 @ 03:06:20 by wyrmkill (r1576) Bug Fixes Vulnerability Fixes Fixed: Fixed several XSS/SQL issues Updated: Pages that had to do with logic missions Wed Jul 29 2009 @ 04:10:22 by scram (r1556) Re-enabled alternative PHP caching functions. Fixed: Suppressed some errors Wed Jul 29 2009 @ 03:25:06 by scram (r1554) Fixed a few bugs, did some fixing of HackThisSite Stable release Concatenated a few CHANGELOG entries involving debugging and fixing Stable (~Kage) Fixed: Made extended basic 6 answers more accurate Fixed: Comment bug Fixed: Sign-up bug Fixed: Errors causing Stable to appear blank Fixed: Multiple CHANGELOG entries Updated: Link to actual application missions in profiles Removed: Logic missions from mission listing Sat Jul 25 2009 @ 19:44:06 by wyrmkill (r1419) Fixed problem with HTS not loading Fixed: Stay logged in function Removed: Stay logged in function Sat Jul 25 2009 @ 17:33:30 by wyrmkill (r1412) Bug Fixes Added Administration/Moderation tools New Features! Added: Stay Logged in Feature in user settings Added: Administration Tools Fixed: Gallery issues Fixed: Mission listings Sat Jul 25 2009 @ 17:33:30 by wyrmkill (r1412) Bug Fixes Lots of Administration/Moderation tools added New features! Added: Stay Logged in Feature in user settings Added: Administration Tools Fixed: Gallery issues Fixed: Mission listings Thu Jul 23 2009 @ 15:44:18 by wyrmkill (r1315) Fixing bug that prevented certain users profiles from being displayed correctly Fixed: Bug in sanatize function that was causing sporadic issues on users profiles Thu Jul 23 2009 @ 05:08:49 by wyrmkill (r1309) Bug fixes Added features Added: Specialized Lead Moderator tools Added: Error reporting always on, on test site Fixed: Article bug Fixed: Issue with gallery pictures not being displayed Updated: Overall integrity of code, implemented sanatize function globally Updated: Validated xhtml Tue Jul 21 2009 @ 22:45:04 by wyrmkill (r1281) Lots of bug fixes Testing of new features Added: Testing "Stay Logged in Feature" - COMING SOON Fixed: Logic points for all users Fixed: Application 18 Fixed: Search Users page fixed Fixed: Bug in quotes pages Fixed: Avatar issue Fixed: Several typos on different pages Updated: Validated some XHTML Updated: Random misc. fixes Removed: Logic mission category Removed: Stego 15 from one last person Mon Jul 20 2009 @ 00:14:03 by wyrmkill (r1119) Several bug fixes Introduction of two new missions Added: Application 18 Added: Extended Basic 14 Added: Content-Type headers, csv output, and better formatting to quotes page Fixed: Fixed issue with droptable on all news posts Fixed: SQL injection in clear missions form Sun Jul 19 2009 @ 15:33:36 by wyrmkill (r1090) Recoded some functions Fixed several bugs Sorted Programs Added: Sorted Programs Fixed: Fixed issue with users being able to delete all comments Fixed: Fixed vulnerable code in programs.php Fixed: Fixed API bug Fixed: Fixed whitespace bug Fixed: Fixed bug in bug management system Fixed: Miscellaneous/minor bug fixes to several files Updated: Recoded sanitize function Sun Jul 19 2009 @ 15:25:52 by wyrmkill (r1039) Lots of Vulnerability & Bug Fixes Few new features coming out and in the works. Added: Sorting Feature for Fixed: Vulnerability in mission 14 Fixed: Bug in comment deletion Sun Jul 19 2009 @ 15:16:10 by wyrmkill (r920) Testing for new application challenge. Vulnerability fixes. Fixed: SQL injection in bug set status Fri Jul 17 2009 @ 19:48:28 by kage (r870) Adding a few new features to the site for bug management, as well as some various bug fixes due to slight errors in code. Also, first real use of our new web-based Development-to-Stable deployment system! Added: Rank 11 image to replace missing one Added: Tooltips for Short News, Latest Articles, RSS Feeds Added: Added the ability for users to see their own reported bugs regardless of status or visibility setting Fixed: More fixes for avatar uploads Fixed: Blank spaces causing issues in a couple pages and scripts Fixed: XSS vulnerability in gallery Updated: Changing the update password to use our better error handling system Updated: Validating some XHTML in User Info Updated: Altered spacing for text in Comments system Updated: Stego 15, -again- Tue Jun 16 2009 @ 21:08:24 by kage (r819) Invalid syntax overlooked in the last Stable Pushes * Fixed: Missing parenthesis in avatar upload code Tue Jun 16 2009 @ 20:43:51 by kage (r816) Minor security fix for an admin control panel * Updated: Disabled an admin control panel for security concerns Tue Jun 16 2009 @ 20:10:45 by kage (r815) More bug and exploit fixes * Added: Category in Bug Reporting to denote bugs fixed on Dev, but awaiting a push to Stable * Fixed: XSS in Secret Question/Answer code * Fixed: XSS in ad banner system * Fixed: Other debugging text missed in gallery code * Fixed: Real 15 authentication error * Fixed: Real 15 CSRF error * Fixed: Filename sanitizing for avatar uploads * Fixed: Removed unnecessary SQL sanitizing (Bug #003169) * Updated: Application Mission Perl code preparation for missions * Updated: Integration of Perl and PHP for missions backend * Updated: Changing over more code to use our new error notification system * Updated: Reworded Extbasic 2 for better clarity (Bug #003221) * Updated: Fixed typo in Extbasic 13 (Bug #003213) * Updated: More Basic 4 CSRF exception handling * Updated: Global CSRF protection redirects to a better error page Tue Jun 16 2009 @ 13:37:10 by kage (r652) Lots of bug fixes, thanks to droptable's investigations and reports * Fixed: Cleaned up accidental remnant debug text from gallery * Fixed: SQL inject in IRC pages * Fixed: CSRF in comment reporting * Fixed: XSS in article preview * Fixed: SQL injection in Admin Vote section * Fixed: Invalid links for the HTS Show Source * Fixed: IRC Missions link now points to the proper IRC channel * Fixed: Sanitizing data shown in User Edit page * Fixed: Allow viewing private bugs if you reported them * Fixed: Altered code for login "last page" function to prevent logout loops * Fixed: IE6 XSS exploit in Real 4 * Fixed: Stego 15 answer * Fixed: Basic 4 CSRF protection interference * Updated: Cleaned up some admin and user control HTML/Text * Updated: Extra validation for E-Mail addresses in Real 14 * Updated: Bug report listing now requires you're logged in * Removed: Deprecated article code Mon May 11 2009 @ 17:34:55 by kage (r609) Fixed some security flaws (XSS, CSRF, injection, etc.), and other issues * Added: Space trimming on username registration * Added: Delete-All administrative control to remove mass spam * Added: New CSRF protection system * Fixed: Missions Plug'n'Play functionality * Fixed: XSS hole in a Realistic mission * Fixed: robots.txt syntax error * Fixed: SQL injection on an internal API * Updated: All main forms to implement the new CSRF protection system * Updated: Extra sanitization to administrative access control * Updated: Staff Charter Thu Apr 30 2009 @ 22:43:44 by kage (r554) Fixing a bug in the Bug Reports code (how ironic) * Fixed: Comments markup/code making comments section in Bug Reports disappear Thu Apr 30 2009 @ 19:56:22 by kage (r552) Lots of changes, including SQL optimization, Registration fixes, abd administrative backend stuff * Added: Additional forum information on the front page * Added: Local MySQL caching * Added: Better control and logging of comment reporting * Added: Better admin control of front-page news posts * Added: Article API for Copyscape admin-approval * Fixed: "Undefined" notice on Rankings * Fixed: Forums query to utilize better indexing and sorting (removing filesort) * Fixed: HTML markup on User Info and Comments * Fixed: SQL exploit in Admin BBCode * Fixed: Blank-page error if user registration fails * Updated: Front-page Forum, Article, and RSS-feed information utilizing caching * Updated: IP Address now included in password reset requests Mon Apr 20 2009 @ 22:59:50 by kage (r510) Updates to some missions and various other functionality, plus a quotes dump. And also, 420! :D * Added: 420 :D * Added: HTS Header Quotes Dump (XML, Plaintext. CSV coming soon) * Fixed: Image validation check in program submissions * Updated: Altering the functionality of Logic Missions (point values, etc.) * Updated: App 18 code (not public yet) * Updated: Staff Info page (to reflect correct names) * Updated: Front-page forums links (removed now, since they were for some odd reason breaking the database) Tue Apr 7 2009 @ 19:44:36 by kage (r463) Fixing an issue with the new HTS Ads system on the forums * Fixed: HTS Ads call in forums functions Tue Apr 7 2009 @ 19:25:35 by kage (r462) Adding the HTS Ads update to the other themes * Updated: New HTS Ads support in other themes Tue Apr 7 2009 @ 19:21:47 by kage (r461) Updated the HTS Ads system (due to some weird bug), and a quick update to a mission * Fixed: Typo in Real 5 * Updated: Rewrote the HTS Ads system to use PHP OOP to get around a global variable bug Thu Apr 2 2009 @ 21:59:55 by kage (r437) Totally rewrote how themes are handled, and also made a better error message for required authentication * Fixed: Rewrote how themes are grabbed from the database and loaded * Fixed: Removed and replaced how theme information is stored and accessed (using sessions instead of a flat variable) * Fixed: Rewrote most of the theme switcher so now it works instantly * Updated: Required Authentication error message Wed