v0.9.9.6 (Late February 2007)

Security:

* Added Shaka_Flex's "Randomize The Cookie Password" of 2005 - new authentication method.
* Added HTML filter to Gallery Image Captions.
* Picture uploader character filtering.
* Fixed logic in Gallery uploader file checking.
* Censoring added to Gallery Image Captions.
* HTML filtering added on view of Image Captions.
* Fix for Menu problem.
* Security Update alert feed added to Site Admin.
* Fixed a malicious deletion of Downloads bug.
* Fixed a malicious deletion of Links bug.
* Added a username stamp to Emails sent.
* Changed chmod on Saved Instant Message files from world writeable.
* Removed chmod 777 block from Save Menu Item.
* Added validation to Unsubscribe email input.
* HTML escaped recipient name in Recommend.
* Patch for client-side XSS in Search when zero search results.
* Added check for acceptable filename characters in ShowHTML.
* Added URL characters filter to Who's On for Admins block.
* Added URL characters filter to Theme/Language Chooser.
* XSS patch for Edit Profile.
* Removed percent encoding characters from entries added to Profiles.
* Added length restriction on inputs in Edit Profile.

Bug Fixes:

* Fixed Printer Friendly page for Archives.
* Fix for server error on nonexistent Download id number like when moved.
* Fix for server error on nonexistent Link id number like when moved.
* Added delete for Gallery Image Caption when image is deleted.
* Fixed pipe character data entry problem in Recommend Log.
* Fixed basic referrer check on Search from non-index.cgi pages.
* Fixed status check for percentage total posts calculations in View Profile.
* Fix for icons not changing on Menu Items.

General Improvements:

* Added configuration variable for module directory.
* Added language tag "No such page."
* Added certain query strings with no action to valid actions list.
* Skipped writing of empty Gallery Caption file when no caption is added.
* Added navbar breadcrumb links to Downloads.
* Added navbar breadcrumb links to Links.
* Simplified email validation subroutine loading.
* Set Instant Message Alert not to pop up when there is form input.
* Warnings fix on "Other Articles By".
* Warnings fix on Image::Size module.
* Removed eval block from Language subroutine.
* Removed eval block from Mod configuration check in Mod Manager.
* Replaced eval block with file test in Mod Language support in Mod Manager for compatibility with Random Password authentication scheme.
* Removed reading of user.dat file from Mod Language support.
* Corrected script information links in page footers.