WebAPP Version 0.9.9.2 (February 2005):

Features:

* Statistics page now shows Search Engines that visited.
* Fancier Who's Online page (action=who) showing location, interests, and other information about users online.
* Permalinks on each individual forum post, for bookmarking or direct linking.
* Latest forum posts "jump to post" tag added, for direct link to post.
* Mouseover previews on Latest Forum Posts.
* Theme tester added (action=test_theme).
* Language tags code display on page feature added (&showlanguage=y).

Security:

* Directory traversal vulnerability in topics patched. This was a serious hole that allowed visitors to read other files on the server, including server administration files.
* UBBC images script injection vulnerability patched.
* Fix for HTML and/or cross site scripting injection in real names for Guest comments.
* Forum posts display recoded to help prevent server overload and loss of forum board data.
* Forum post flood and read timers installed to fix refresh bug in forums.
* META, referrer check, and other form security filters installed.
* Special checking added for hack attempts, and specific action.
* Memberlist viewable by direct URL by guest visitors hole fixed.
* For visitor logging - Referrer field fixed, so admin can see where a visitor came from.
* Logging of visitors by page visited fixed.
* Administration files all made to use one main form parsing subroutine instead of one in each file.

Bug Fixes:

* Fix for site error on missing user-selected theme.
* Timezone bug in install fixed.
* Banner Edit Fix.
* Banner fix for ampersands (&) in URLs.
* Article publishing by admin assistants fixed.
* Previous poster's Avatar showing on past member's forum posts fixed.
* Error in Latest Forum Posts when only post in a thread is deleted fixed.
* Forum "mark posts read" fixed.
* Case insensitive email addresses fixed for lost password feature.
* Invalid characters in username at registration fixed.
* Profile bugs fixed.
* Downloads hits counter fixed.
* Poll administration quotes in Poll title fixed.
* Poll display in left column fixed.
* Top 10 Most Read News fixed and activated.
* Bug in search results links to multiple posts in same thread fixed.
* Recent searches bug fixed.
* UBBC in Palm Pilot fixed.
* Bug in admin IM on new member fixed. (message ID number)
* Instant messages reply username fixed.
* Welcome message fixed to allow UBBC and Smilies to Guests as well as members.
* Bug for "@" in email address for calendar admin fixed.
* Fixes in languages subroutine.
* Language tag fixes, and missing and new tags added.
* Replaced lock/unlock that were left in forum_admin.pl, admin.pl, and botkiller/index.cgi with hold/release.
* General errors shown by Perl warnings in server error log fixed throughout.

General Improvements:

* New and improved topics.pl.
* Better reading of server paths in Install.
* Install now allows for renaming of index.cgi.
* Recommend feature improved.
* www links to posters' websites in forums made invisible when no website is listed in profile.
* Blank subject lines in forums made impossible.
* Code blocks in forums shows actual code with no transformation by security filters.
* Latest Links and Latest Downloads subroutines reworked for code efficiency.
* Row counting in Links page table corrected.
* Memberlist made viewable by admin when memberlist is turned off.
* Existing real names and restricted names list made unavailable for use in new real names chosen by users.
* Repeating 1's at ends of IM files eliminated.
* Direct email links to article authors removed from Palm Pilot.
* Sidebar Calendar reworked - Only dates with events are linked. Font and style upgrades.
* Spelling of San Francisco corrected in time zones list.
* One-click javascript added in many places, so forms aren't submitted twice causing duplicate postings.
* Time calculation subroutines changed to avoid repeated recalculations of date and time.
* Censoring feature converted to use censor_it subroutine in forums, instant messages, and search.
* Numerical comparison in checking for new items improved.
* Most unused global variables removed throughout.
* Nearly all of the former thousands of Perl warnings eliminated.

HTML/CSS:

* W3C valid HTML in core code for all features.
* Valid HTML in the Standard theme.
* Valid CSS in DenDen's Standard style.css style sheet.
* Redundant CSS lines combined or removed.
* cellpading typo changed to cellpadding in many places.
* Call for boxhead.gif removed from Statistics page.
* Extra class to keep valid forms from having too big a margin.
* Style added for code blocks in forums.