ChangeLog 93.3 KB
Newer Older
Son Nguyen's avatar
Son Nguyen committed
1
2
1.10.9 (2016-03-24)

Robert Lyon's avatar
Robert Lyon committed
3
4
5
6
7
8
9
10
11
1.10.8 (2015-11-27)
- Bug 1340151: Consider a different approach to libxml_disable_entity_loader(true) in init.php
- Bug 1509874: Incorrectly truncated message in "inbox" block
- Bug 1514608: MySQL deadlock issues with simultaneous users
- Bug 1514299: MNet method "get_views_for_user()" returns full urls for collections when it should return partial
- Bug 1512542: Missing langstring "mobileuploadnotenabled" in MaharaDroid API
- Bug 1517228: Undefined index: ticks
- Bug 1517658: Upgrade to 1.10+ fails on Postgres <9.1

Robert Lyon's avatar
Robert Lyon committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
1.10.7 (2015-10-27)
- Bug 1486813 Prompt for new stat data after upgrade needs a 'no thanks' option
- Bug 1488697 Users may not receive the registration email after approval
- Bug 1486699 Username character limit preventing login via SAML
- Bug 1487464 SAML Update user details on login option creating new email artefact on every login
- Bug 1492919 Deadlock issues when 20-30 users copying collections & pages at the same time
- Bug 1500774 remove old session files doesn't work with adapted sessionpath
- Bug 1496681 Login box lang strings don't change when language is switched
- Bug 1495200 White screen when session times out
- Bug 1506188 Link in "Create" box in Dashboard is not correct
- Bug 1417828 Malformed lang string in email digest notification emails
- Bug 1437083 Download zip file of home folder, can't be extracted in Windows
- Bug 1444905 Elasticsearch doesn't search achievements
- Bug 1360977 Error when import a blog via self-Leap2A import
- Bug 1201174 allow and moderate comments not saving correctly for groups
- Bug 1389446 Elasticsearch: Searching for a particular term breaks when logged in to mahara.org
- Bug 1494152 Fatal error upgrading from 1.4 or earlier to 1.10 or later, with objectionable content reports
- Bug 1496910 Problem with scaling in flowplayer
- Bug 1495676 The setting 'maxuploadsize' did not count
- Bug 1500215 descending folders - setting does not carry to subfolders
- Bug 1416147 MySQL error in ORDER BY clause in get_artefactchooser_artefacts()
- Bug 1486262 Problem with isset() in a template file
- Bug 1497341 Pieforms "select" rule validation with optgroups fails
- Bug 1496616 CLI script help output is incorrect

Aaron Wells's avatar
Aaron Wells committed
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
1.10.6 (2015-08-19)
- Bug #1361005 "Ignore/Append/Add" settings are not being respected during interactive Leap2a import
- Bug #1447865 Include PHP version in mahara.org stats
- Bug #1450334 Prompt registered Mahara sites to re-register because we want to change the data registration policy
- Bug #1464477 Leap2a import of "Just some of my collections" doesn't put the pages into the imported collection
- Bug #1479543 Upgrading from 1.9 to 15.04 in mysql can timeout on big sites
- Bug #1480038 Account delete button showing when register allowed is off
- Bug #1480329 Session key is not checked during file upload
- Bug #1483077 Problem with mysql upgrade - not escaping table name
- Bug #1483084 Problem with upgrading to 15.04 - postgres and upgrade/limit
- Bug #1333424 Navigation block broken after Leap2a import
- Bug #1388664 Add focus for social media profile creation
- Bug #1397562 Error display on the admin menus (tabs) of theme 'primaryschool'
- Bug #1479178 Update of quota not working correctly
- Bug #1482010 Leap2a collection pages are in the wrong order
- Bug #1383543 The js script 'artefact/multirecipientnotification/js/sendmessage.js' is not neccessary
- Bug #1464052 Set a default record limit for the elasticsearch cron job
- Bug #1474136 Better warning message for cron when site is closed
- Bug #1479434 missing SESSION global ref in progressbarform_validate

Robert Lyon's avatar
Robert Lyon committed
57
58
59
60
61
62
63
64
65
1.10.5 (2015-07-10)
- Bug 1460368: Even if you disallow anonymous comments at the site level, you can still place anonymous comments on artefacts
- Bug 1472439: XSS in "add to watchlist" link on artefact detail screen
- Bug 1434927: Objectionable content inbox notification doesn't name reporter
- Bug 1444925: Admin can't see objectionable content in forums if not admin in the group
- Bug 1471604: Terms and conditions not showing on register page for multi institutions
- Bug 1463629: Prevent HTTP iframes on HTTPS sites
- Bug 1470281: Use "nosniff" header to prevent potential XSS via untrusted files in IE

Robert Lyon's avatar
Robert Lyon committed
66
67
68
69
70
71
72
73
74
75
76
77
78
1.10.4 (2015-05-29)
- Bug 1447377: Stored XSS in user reports access lists, and shared tabs for user/group/institution
- Bug 1361450: Preview a collection in 'Copy a collection' page causes a dark screen
- Bug 1400595: PDFs not displaying in IE
- Bug 1420590: access denied error when editing group as group admin
- Bug 1432988: Clean up the "Required profile fields" for social media
- Bug 1448948: Social media buttons are not visible to others
- Bug 1450705: TinyMCE disappears from feedback form after validation fails
- Bug 1417120: English lang strings distributed with Themes & Plugins aren't loaded.
- Bug 1454458: Navigation group pages
- Bug 1193177: Dwoo loader error
- Bug 1458703: ADDITIONALHTMLTOPOFBODY and ADDITIONALHTMLFOOTER are missing from the microheader/microfooter templates

Son Nguyen's avatar
Son Nguyen committed
79
80
81
1.10.3 (2015-04-20)
- 

Robert Lyon's avatar
Robert Lyon committed
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
1.10.2 (2015-01-13)
- 
- Bug 1396565: Error when adding a Group pages block onto a group home page
- Bug 1405427: Group forums posts email don't show user name of who posted
- Bug 1380203: Giving access to 2 pages only generates 1 access notification
- Bug 1384467: CSS is not stripping out bad css attributes anymore
- Bug 1387858: Draft journal entries are visible to others
- Bug 1394738: Text descriptions of image links on Edit Page need to be modified
- Bug 1395627: Visits counter not showing with "small headers"
- Bug 1399246: PDF embeds fail in sites with subdomains for user pages
- Bug 1400524: Upgrading from 1.7 to 1.10 failed in big databases
- Bug 1401313: Command-line updater not detecting core & local upgrades
- Bug 1408542: TinyMCE emoticons are not displayed in TinyMCE 4
- Bug 1385818: Font size in "Feedback" block pop-up is too small
- Bug 1392700: Images not displayed - blog post by tag
- Bug 1394758: cli not returning the 'nothing to upgrade' message when nothing to upgrade anymore
- Bug 1397068: Flickr API now requires use of https for endpoint
- Bug 1399311: SQL syntax error in cron_event_log_expire on key word SECONDS
- Bug 1400511: Cannot cancel comment form after validation fails

Son Nguyen's avatar
Son Nguyen committed
102
103
104
1.10.1 (2014-11-26)
- 

Aaron Wells's avatar
Aaron Wells committed
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
1.10.0 (2014-10-21)
- New Features:
- - Streamlined easier-to-use "Text" block
- - The new "Note" block retains all the removed features of the Text block
- - Streamlined rich text editor, with a toggle button to access advanced features
- - "Messaging" profile tab replaced with "Social media" tab with newer options
- - User messages can be sent to multiple recipients
- - Added a "sent" box alongside the inbox for user messages
- - Groups: "Objectionable content" button for forum posts
- - Groups: Forum moderators can relocate forum posts between forums
- - Groups: Option to auto-create a LEAP2a archive of submitted pages
- - Groups: More control over which group members receive feedback & shared page notifications
- - Admins can customize the templates used for group homepages and new user dashboards and profile pages
- - Site option to send users a notification when they're near their file storage quota
- - Site option to allow users to hide author name on Pages
- - Site admins can disable new user self-registration for all institutions
- 
- API changes:
- - Support for generic "module" plugins
- - Plugins can include a pre-install "sanity check" method
- - New /local/lib.php method for adding sideblocks
- - Plugins can add top-level menu items to the main nav menu and the top-right nav menu
- 
- Theme API changes:
- - Plugin theme files can be located under /theme
- - Themes can have their own lang files
- - Support for /local override of theme files
- - See https://wiki.mahara.org/index.php/Customising/Themes/1.10 for more info
- 
- Other bugs/changes:
- 
- Bug #548021: Option to not have a display name on Views
- Bug #605749: Improvements for "Edit Profile": other messaging services
- Bug #681210: Clicking on blog post in tag result list goes to edit mode of blog post
- Bug #723225: Collections shared with groups not identified as such
- Bug #738263: faulty contact us form with noreplyaddress configdirective
- Bug #897586: Searching by user in Shared Pages
- Bug #1009262: User passwords logged when LDAP misconfigured
- Bug #1024872: Objectionable content button for forum posts and topics
- Bug #1036556: Embed PDF
- Bug #1070019: Make it more obvious when adding a page to a collection that same access rules apply
- Bug #1080518: ID numbers are not aligned with their institution in /admin/users/suspended.php
- Bug #1191576: Decrease the text and make it clearer in fewer words who has access to a page by default
- Bug #1206306: uninstalled plugins should be listed at top of extensions page
- Bug #1208328: Document everything that can go in the /local directory
- Bug #1231316: Move posts between forums within groups
- Bug #1231755: Allow /local and custom theme override of Plugin templates
- Bug #1246702: Notification to more than one recipient
- Bug #1250302: A site admin who belongs to an institution with skins disabled, gets an error trying to edit site skins
- Bug #1254841: Embedded media files overlap block configuration pop-up
- Bug #1259762: Wall posts should use semantic elements
- Bug #1259768: Sending a message with a friend request should be more obviously optional
- Bug #1261240: Form legends should be made into headings
- Bug #1262040: Problems with group artefact permissions due to misuse of $USER->can_view_artefact and $USER->can_edit_artefact
- Bug #1262928: Add users by CSV - enforce browse for file button only accepts csv files
- Bug #1265097: Navigation links in Administration should be more distinct
- Bug #1266586: Thumbnails style image galleries display incorrect
- Bug #1266913: "Export users in CSV format" link should have more descriptive text
- Bug #1266920: Initials when searching for users should have descriptive hidden text
- Bug #1266924: Column headers in User search should have descriptive text added
- Bug #1267239: Replace jscalendar with JQuery UI calendar
- Bug #1268746: Squelch PHP 5.4+ strict standards errors
- Bug #1271778: Orphaned labels should be removed (changed to non-label tags)
- Bug #1275581: Update jQuery and jQuery UI to latest compatible versions
- Bug #1279996: Separators between items in user menu should be in CSS, not HTML
- Bug #1282341: TinyMCE should be upgraded to 4.X
- Bug #1285896: "Hide" links in Plugin administration should be made more descriptive
- Bug #1287922: error when deleting a journal entry
- Bug #1292301: Cannot delete a Google web font
- Bug #1295422: Windows 8.1 Touch, drag and drop not working
- Bug #1296472: The reset password link should expire
- Bug #1297079: When you delete a blog entry, count of blog entries doesn't update
- Bug #1297510: Deleting fonts causes 'Invalid Parameter' error
- Bug #1297516: Font preview page did NOT display properly
- Bug #1298855: Sanity check for plugin installation
- Bug #1299993: Improvements to notification system
- Bug #1300289: commentlist shows logged in user's icon for anonymous comments
- Bug #1300544: retracted blocks shouldn't load content until expanded
- Bug #1300741: installation doesn't save email address
- Bug #1300997: Add id field to institution table
- Bug #1301109: Remove pre-1.1.0 sections of the core plugins' update scripts.
- Bug #1302251: MS Office files being seen as zip archives
- Bug #1302297: Sort portfolio pages on portfolio page overview
- Bug #1303491: Update the Mahara-Moodle assignment plugin to work with the Moodle 2.3+ assignment module
- Bug #1303551: Allow new user default view templates to be edited
- Bug #1304053: Sort / limit size of mygroups displayed in profile page
- Bug #1305275: custom theme goes white on save
- Bug #1305308: Site admin should not add background images to site skins
- Bug #1305361: Pages are not displayed in many themes except 'default'
- Bug #1305451: Content editor sidebar doesn't work on Chrome
- Bug #1305481: Adding content to page buggy on Firefox
- Bug #1306365: when copy page the originators profile picture carries over
- Bug #1307240: on delete of font alert if being used
- Bug #1307247: No notifications on pages/artefacts for groups/institutions
- Bug #1307294: Disable self-registration by default
- Bug #1307760: Problems saving view layout - no option selected by default
- Bug #1307777: Improvements to phpunit testing suite
- Bug #1307935: notification when a user is about to reach his quota
- Bug #1308294: Error in profile_icon_url call
- Bug #1308305: Remove IE6 related code
- Bug #1308479: License help not found for blocks
- Bug #1308792: institution data daily cron failing
- Bug #1310761: public group and allow submissions problem
- Bug #1310861: marking page objectionable now allows feedback
- Bug #1311428: admin homepage alert to new plugins
- Bug #1311454: Update lang string for shared page notification
- Bug #1311458: Error message when admin adds user to institution and quota is full
- Bug #1311860: textbox block config form attachment chooser closed by default
- Bug #1311876: textbox attachment chooser tabs cause the config form to shrink
- Bug #1311940: Error shown when changing your profile icon to default "Standard or external avatar"
- Bug #1311963: Undefined index
- Bug #1313963: Pagination in Groups/Topics does not work
- Bug #1314012: Document local/lib.php functions
- Bug #1314020: wishlist: usability: When listing collections to copy list once
- Bug #1314397: Forum "no indent" style sorts posts incorrectly
- Bug #1314416: admin account settings page needs success messages
- Bug #1314440: Deleting an institution which has user's registrations causes error
- Bug #1314460: Progress completion bar giving errors
- Bug #1314465: Local hook for adding custom sideblocks
- Bug #1314890: Button to reliably copy secret URLs
- Bug #1315226: Can't expand "Share with other users and groups" for sharing institution pages
- Bug #1315956: Members of a group should be listed based on their role
- Bug #1315960: get_default_category() not robust enough
- Bug #1316372: Upgrade flowplayer.audio to version 3.2.11
- Bug #1316375: Merge flowplayer 3.2.18 into mahara-flashplayer
- Bug #1316407: Update pdf.js to version 1.0.21
- Bug #1316421: Update csstidy to 1.5.2
- Bug #1316425: Update slimbox to 2.05
- Bug #1316912: Update mobiledetect to 2.8.0
- Bug #1317265: Move the setting for "Confirm registration" into institution settings
- Bug #1317295: Problem with pagination and plan blocks
- Bug #1318290: "Set spam probation:" has a colon too many
- Bug #1318430: php max execution time needs to be increased for install
- Bug #1318959: add page title to new-page-access notification
- Bug #1318995: File import of zipped PDF does not detect filetype correctly
- Bug #1319226: The static pages not greying out tinymce when the 'Use site default' option is ticked
- Bug #1319243: Translations for the new TinyMCE "toggle toolbar" button
- Bug #1319302: Mahara not detecting Tinymce lang packs correctly
- Bug #1319601: Error when moving users into instution
- Bug #1319634: deleting users via bulk delete causes error
- Bug #1320006: Show shared collections on the group homepage
- Bug #1320027: Editing a group home page can cause warnings
- Bug #1320716: allow collection's page list to be drag/drop sortable
- Bug #1321053: Better way to fetch template for some json files
- Bug #1321444: Leap2A self-import throws warnings
- Bug #1321499: Can't stop masquerading as user if they have a profile field required
- Bug #1321941: Include the pagination for submissions in group homepage
- Bug #1321972: When placing multiple feedbacks, previous feedback text shows up in text field
- Bug #1322387: Allow user csv upload to ignore non-essential mandatory fields
- Bug #1323163: Don't let locked views be added to collections
- Bug #1323495: Google Maps URLs not working in Google Apps block
- Bug #1323911: institution.id column breaks "auth_get_auth_instances_for_wwwroot()" function
- Bug #1323921: Provide autocomplete pieforms elements
- Bug #1324347: Links for hiding/showing more content need accessibility info
- Bug #1324748: Tests broken by changes to set_quota_triggers
- Bug #1326160: Artefact file plugin config getting crowded
- Bug #1326174: Creating a new group causes warnings using MySQL
- Bug #1326205: Error installing triggers for new mahara site in MySQL with dbprefix
- Bug #1326593: Group pages paginator and display different for group members compared to group admins
- Bug #1326597: Warning of undefined setlimit in blogs
- Bug #1327738: Rearrange user quota info
- Bug #1327920: Editing a page can be frozen if its content has ".row" element
- Bug #1327921: Plugin config params in config.php throw a strict standards notice: "Creating default obect from empty value"
- Bug #1328310: Let /local theme files override core theme files
- Bug #1328319: Why don't plugin theme directories have a "template" subdirectory?
- Bug #1328388: Remove most of the "reply" buttons when a forum is set to "no indent"
- Bug #1328705: Other active sessions should be destroyed after changing password
- Bug #1328739: Wishlist: Journal's list of entries should show the tags for each entry
- Bug #1328740: Table properties cannot be edited in IE10
- Bug #1328768: Wishlist: Generic plugin type
- Bug #1329136: Add deletion confirmation message for all files
- Bug #1330277: Make add_key() and drop_key() consistent with other DDL functions
- Bug #1331319: Using Persona login at the transient login page, does not return you to the page you requested
- Bug #1331863: Warning when adding an authentication plugin to an institution
- Bug #1333071: htmlpurifier sets different permissions in dataroot
- Bug #1334127: Error upgrading from vanilla 1.7 to master
- Bug #1334501: Cannot edit HTML code of text box in the block configuration
- Bug #1334870: Obsolete js calls need removing
- Bug #1335670: Allow submitted work to be archived as a leap2a file
- Bug #1335888: Typo in string 1274
- Bug #1336111: Error: class 'ArtefactTypeComment' does not have a method 'validate_config_options'
- Bug #1336514: Progress bar sideblock missing 'weight' attribute
- Bug #1336529: Buttons don't respond when editing content on 1.9.2
- Bug #1337013: Make block title retract/expand collapsible blocks
- Bug #1337547: Static function 'X' should not be abstract
- Bug #1337614: Deleting a forum topic works but reports an error
- Bug #1337626: Generate page content before initialising smarty
- Bug #1337664: Remove warning about ActiveDirectory on LDAP auth "Update user info on login"
- Bug #1338394: Tinymce editor can incorrectly appear in profile edit page
- Bug #1338410: Duplicate primary key upgrading from Mahara 1.1
- Bug #1339113: simple non-copyable textbox
- Bug #1341413: can't add textbox to page in IE10
- Bug #1341427: textbox on advanced tab in skin/design.php overlaps footer in 1.10
- Bug #1343930: Usability improvement: Add 'Edit dashboard' button to home page
- Bug #1346926: blockquote displays vertical line
- Bug #1347362: bug: Profile progress bar disappears
- Bug #1348428: Profile completion: make a friend bug
- Bug #1348476: Multirecipientnotification artefact should not be a progressbar option
- Bug #1348485: Date fields
- Bug #1348595: IE Error in Content/ File management
- Bug #1349311: Select All
- Bug #1350254: upgrade complains of duplicate cron row
- Bug #1350595: bug in error lib file
- Bug #1352027: Uploadcsvusers broken fields - maildisabled and authinstance
- Bug #1353153: upgrade to 1.9 error when logged in and belonging to an institution
- Bug #1353759: Google maps embed not working in Google Apps block
- Bug #1353802: Upload users from CSV performance improvements.
- Bug #1354266: No need for extra search box on copy page/collection page
- Bug #1354286: Allow image map to be rendered by htmlpurifier
- Bug #1355572: Blocktype JS includes not loaded correctly on https sites using subdirectory for wwwroot
- Bug #1356563: Example plugin issue
- Bug #1356672: Main navigation hides behind text box
- Bug #1358481: admin account settings page success message broken for self on institution join
- Bug #1358582: Group edit and delete buttons should only have the group name in the alt tag but not on the button itself
- Bug #1358912: Syntax error when using a logo by id for theme logo
- Bug #1359531: Artefact path is not being calculated correctly on file rename
- Bug #1360050: IMAP language string for 'Port' is missing
- Bug #1360943: In admin extensions the save_config_options function lacks the $form attribute
- Bug #1362410: Skins fetching of default 'no thumb' thumb image problem
- Bug #1362832: The list of group pages in the group homepage should be paginated
- Bug #1362871: Allow a theme lang file
- Bug #1364164: Remove IE6 check in help icon function
- Bug #1364690: Fix the missing argument in print_export_footer
- Bug #1365224: resume pages with tinymce break responsive design on mobile
- Bug #1366664: admin page not showing site information block when upgrades available
- Bug #1367539: When quota notification threshold is changed, send notifications to users who are now over threshold
- Bug #1367998: Errors installing/upgrading 1.10dev via CLI
- Bug #1368091: Broken html-tags in report.tpl
- Bug #1369315: Can't edit group homepage template on upgraded site
- Bug #1369830: Comments in CSS disappear in page skins Custom CSS
- Bug #1370830: download checkbox shown as already ticked on folder block when first enabled
- Bug #1371460: Missing translations in js/customlayout.js
- Bug #1372188: upgrade problem with having the settings array
- Bug #1372322: CLI upgrader can't handle plugin forced-installs
- Bug #1372536: PluginModule-menu items appear in two menus
- Bug #1373170: Description of a skin should be html escaped
- Bug #1373917: Inconsistent line break layout in notifications
- Bug #1374184: My groups block pagination fails when clean urls are in play
- Bug #1374879: Missing language string in user Settings
- Bug #1375092: XSS in page content editor
- Bug #1375515: new version of jquery not rendering the inline js on pieform elements correctly
- Bug #1375521: Pieform form maharatable renderer doesn't respect the isescaped flag
- Bug #1376503: Loading groups via csv throwing error Undefined index: allowarchives
- Bug #1376997: Date picker not working for certain languages
- Bug #1377371: Help text doesn't match functionality for "My groups" sidebar list
- Bug #1377377: Make $cfg->renamecopies = false; the default config value
- Bug #1377542: The calendar picker is visible directly when adding someone to page access
- Bug #1377543: There shouldn't be a notification for gaining access to a group homepage
- Bug #1377544: Group member receives page access notification for page they created
- Bug #1377556: Shared with
- Bug #1377736: XSS Vulnerability adding pages into a collection
- Bug #1377764: No visual indicator for where you can drop the first page into a collection
- Bug #1378543: Profile picture not showing in forum posts when remote avatar is on
- Bug #1378645: Google Maps "my maps" URLs breaking
- Bug #1379060: error message shows span tag escaped
- Bug #1379086: Change the "Access permissions have changed" notification from a JS popup to an inline CSS thing
- Bug #1380003: Forum moderators should be able to move forum topics
- Bug #1380201: Access to a collection is sent as page access
- Bug #1380433: error with profile icon and gravitar
- Bug #1380434: An error appears when importing an extracted portfolio
- Bug #1380829: Default notification setting not kept from Mahara 1.9 to 1.10
- Bug #1381715: adjust width in configure block
- Bug #1381719: Help icon hard to find
- Bug #1381729: Scoial profile and Social Profiles
- Bug #1381738: Journal entry TinyMCE missing row toggle button
- Bug #1381811: Error when copying collection or editing collection title/description
- Bug #1381868: XSS with institution full name on user profile page
- Bug #1382159: Profile -> contact information -> address textarea not displaying correctly
- Bug #1382890: Message window too large on upgraded site
- Bug #1382896: Cannot go to page that has been reported as objectionable
- Bug #1382899: Regular user can't see "Objectionable content in forum" as notification type
- Bug #1382902: Hard-coded lang strings in multirecipient messages
- Bug #1383029: Page not accessible after reporting it as objectionable
- 

380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1.10.0 (2014-10-21)

New Features:
- Streamlined easier-to-use "Text" block
- The new "Note" block retains all the removed features of the Text block
- Streamlined rich text editor, with a toggle button to access advanced features
- "Messaging" profile tab replaced with "Social media" tab with newer options
- User messages can be sent to multiple recipients
- Added a "sent" box alongside the inbox for user messages
- Groups: "Objectionable content" button for forum posts
- Groups: Forum moderators can relocate forum posts between forums
- Groups: Option to auto-create a LEAP2a archive of submitted pages
- Groups: More control over which group members receive feedback & shared page notifications
- Admins can customize the templates used for group homepages and new user dashboards and profile pages
- Site option to send users a notification when they're near their file storage quota
- Site option to allow users to hide author name on Pages
- Site admins can disable new user self-registration for all institutions

API changes:
- Support for generic "module" plugins
- Plugins can include a pre-install "sanity check" method
- New /local/lib.php method for adding sideblocks
- Plugins can add top-level menu items to the main nav menu and the top-right nav menu

Theme API changes:
- Plugin theme files can be located under /theme
- Themes can have their own lang files
- Support for /local override of theme files
- See https://wiki.mahara.org/index.php/Customising/Themes/1.10 for more info

Other bugs/changes:
Bug #548021: Option to not have a display name on Views
Bug #605749: Improvements for "Edit Profile": other messaging services
Bug #681210: Clicking on blog post in tag result list goes to edit mode of blog post
Bug #723225: Collections shared with groups not identified as such
Bug #738263: faulty contact us form with noreplyaddress configdirective
Bug #897586: Searching by user in Shared Pages
Bug #1009262: User passwords logged when LDAP misconfigured
Bug #1024872: Objectionable content button for forum posts and topics
Bug #1036556: Embed PDF
Bug #1070019: Make it more obvious when adding a page to a collection that same access rules apply
Bug #1080518: ID numbers are not aligned with their institution in /admin/users/suspended.php
Bug #1191576: Decrease the text and make it clearer in fewer words who has access to a page by default
Bug #1206306: uninstalled plugins should be listed at top of extensions page
Bug #1208328: Document everything that can go in the /local directory
Bug #1231316: Move posts between forums within groups
Bug #1231755: Allow /local and custom theme override of Plugin templates
Bug #1246702: Notification to more than one recipient
Bug #1250302: A site admin who belongs to an institution with skins disabled, gets an error trying to edit site skins
Bug #1254841: Embedded media files overlap block configuration pop-up
Bug #1259762: Wall posts should use semantic elements
Bug #1259768: Sending a message with a friend request should be more obviously optional
Bug #1261240: Form legends should be made into headings
Bug #1262040: Problems with group artefact permissions due to misuse of $USER->can_view_artefact and $USER->can_edit_artefact
Bug #1262928: Add users by CSV - enforce browse for file button only accepts csv files
Bug #1265097: Navigation links in Administration should be more distinct
Bug #1266586: Thumbnails style image galleries display incorrect
Bug #1266913: "Export users in CSV format" link should have more descriptive text
Bug #1266920: Initials when searching for users should have descriptive hidden text
Bug #1266924: Column headers in User search should have descriptive text added
Bug #1267239: Replace jscalendar with JQuery UI calendar
Bug #1268746: Squelch PHP 5.4+ strict standards errors
Bug #1271778: Orphaned labels should be removed (changed to non-label tags)
Bug #1275581: Update jQuery and jQuery UI to latest compatible versions
Bug #1279996: Separators between items in user menu should be in CSS, not HTML
Bug #1282341: TinyMCE should be upgraded to 4.X
Bug #1285896: "Hide" links in Plugin administration should be made more descriptive
Bug #1287922: error when deleting a journal entry
Bug #1292301: Cannot delete a Google web font
Bug #1295422: Windows 8.1 Touch, drag and drop not working
Bug #1296472: The reset password link should expire
Bug #1297079: When you delete a blog entry, count of blog entries doesn't update
Bug #1297510: Deleting fonts causes 'Invalid Parameter' error
Bug #1297516: Font preview page did NOT display properly
Bug #1298855: Sanity check for plugin installation
Bug #1299993: Improvements to notification system
Bug #1300289: commentlist shows logged in user's icon for anonymous comments
Bug #1300544: retracted blocks shouldn't load content until expanded
Bug #1300741: installation doesn't save email address
Bug #1300997: Add id field to institution table
Bug #1301109: Remove pre-1.1.0 sections of the core plugins' update scripts.
Bug #1302251: MS Office files being seen as zip archives
Bug #1302297: Sort portfolio pages on portfolio page overview
Bug #1303491: Update the Mahara-Moodle assignment plugin to work with the Moodle 2.3+ assignment module
Bug #1303551: Allow new user default view templates to be edited
Bug #1304053: Sort / limit size of mygroups displayed in profile page
Bug #1305275: custom theme goes white on save
Bug #1305308: Site admin should not add background images to site skins
Bug #1305361: Pages are not displayed in many themes except 'default'
Bug #1305451: Content editor sidebar doesn't work on Chrome
Bug #1305481: Adding content to page buggy on Firefox
Bug #1306365: when copy page the originators profile picture carries over
Bug #1307240: on delete of font alert if being used
Bug #1307247: No notifications on pages/artefacts for groups/institutions
Bug #1307294: Disable self-registration by default
Bug #1307760: Problems saving view layout - no option selected by default
Bug #1307777: Improvements to phpunit testing suite
Bug #1307935: notification when a user is about to reach his quota
Bug #1308294: Error in profile_icon_url call
Bug #1308305: Remove IE6 related code
Bug #1308479: License help not found for blocks
Bug #1308792: institution data daily cron failing
Bug #1310761: public group and allow submissions problem
Bug #1310861: marking page objectionable now allows feedback
Bug #1311428: admin homepage alert to new plugins
Bug #1311454: Update lang string for shared page notification
Bug #1311458: Error message when admin adds user to institution and quota is full
Bug #1311860: textbox block config form attachment chooser closed by default
Bug #1311876: textbox attachment chooser tabs cause the config form to shrink
Bug #1311940: Error shown when changing your profile icon to default "Standard or external avatar"
Bug #1311963: Undefined index
Bug #1313963: Pagination in Groups/Topics does not work
Bug #1314012: Document local/lib.php functions
Bug #1314020: wishlist: usability: When listing collections to copy list once
Bug #1314397: Forum "no indent" style sorts posts incorrectly
Bug #1314416: admin account settings page needs success messages
Bug #1314440: Deleting an institution which has user's registrations causes error
Bug #1314460: Progress completion bar giving errors
Bug #1314465: Local hook for adding custom sideblocks
Bug #1314890: Button to reliably copy secret URLs
Bug #1315226: Can't expand "Share with other users and groups" for sharing institution pages
Bug #1315956: Members of a group should be listed based on their role
Bug #1315960: get_default_category() not robust enough
Bug #1316372: Upgrade flowplayer.audio to version 3.2.11
Bug #1316375: Merge flowplayer 3.2.18 into mahara-flashplayer
Bug #1316407: Update pdf.js to version 1.0.21
Bug #1316421: Update csstidy to 1.5.2
Bug #1316425: Update slimbox to 2.05
Bug #1316912: Update mobiledetect to 2.8.0
Bug #1317265: Move the setting for "Confirm registration" into institution settings
Bug #1317295: Problem with pagination and plan blocks
Bug #1318290: "Set spam probation:" has a colon too many
Bug #1318430: php max execution time needs to be increased for install
Bug #1318959: add page title to new-page-access notification
Bug #1318995: File import of zipped PDF does not detect filetype correctly
Bug #1319226: The static pages not greying out tinymce when the 'Use site default' option is ticked
Bug #1319243: Translations for the new TinyMCE "toggle toolbar" button
Bug #1319302: Mahara not detecting Tinymce lang packs correctly
Bug #1319601: Error when moving users into instution
Bug #1319634: deleting users via bulk delete causes error
Bug #1320006: Show shared collections on the group homepage
Bug #1320027: Editing a group home page can cause warnings
Bug #1320716: allow collection's page list to be drag/drop sortable
Bug #1321053: Better way to fetch template for some json files
Bug #1321444: Leap2A self-import throws warnings
Bug #1321499: Can't stop masquerading as user if they have a profile field required
Bug #1321941: Include the pagination for submissions in group homepage
Bug #1321972: When placing multiple feedbacks, previous feedback text shows up in text field
Bug #1322387: Allow user csv upload to ignore non-essential mandatory fields
Bug #1323163: Don't let locked views be added to collections
Bug #1323495: Google Maps URLs not working in Google Apps block
Bug #1323911: institution.id column breaks "auth_get_auth_instances_for_wwwroot()" function
Bug #1323921: Provide autocomplete pieforms elements
Bug #1324347: Links for hiding/showing more content need accessibility info
Bug #1324748: Tests broken by changes to set_quota_triggers
Bug #1326160: Artefact file plugin config getting crowded
Bug #1326174: Creating a new group causes warnings using MySQL
Bug #1326205: Error installing triggers for new mahara site in MySQL with dbprefix
Bug #1326593: Group pages paginator and display different for group members compared to group admins
Bug #1326597: Warning of undefined setlimit in blogs
Bug #1327738: Rearrange user quota info
Bug #1327920: Editing a page can be frozen if its content has ".row" element
Bug #1327921: Plugin config params in config.php throw a strict standards notice: "Creating default obect from empty value"
Bug #1328310: Let /local theme files override core theme files
Bug #1328319: Why don't plugin theme directories have a "template" subdirectory?
Bug #1328388: Remove most of the "reply" buttons when a forum is set to "no indent"
Bug #1328705: Other active sessions should be destroyed after changing password
Bug #1328739: Wishlist: Journal's list of entries should show the tags for each entry
Bug #1328740: Table properties cannot be edited in IE10
Bug #1328768: Wishlist: Generic plugin type
Bug #1329136: Add deletion confirmation message for all files
Bug #1330277: Make add_key() and drop_key() consistent with other DDL functions
Bug #1331319: Using Persona login at the transient login page, does not return you to the page you requested
Bug #1331863: Warning when adding an authentication plugin to an institution
Bug #1333071: htmlpurifier sets different permissions in dataroot
Bug #1334127: Error upgrading from vanilla 1.7 to master
Bug #1334501: Cannot edit HTML code of text box in the block configuration
Bug #1334870: Obsolete js calls need removing
Bug #1335670: Allow submitted work to be archived as a leap2a file
Bug #1335888: Typo in string 1274
Bug #1336111: Error: class 'ArtefactTypeComment' does not have a method 'validate_config_options'
Bug #1336514: Progress bar sideblock missing 'weight' attribute
Bug #1336529: Buttons don't respond when editing content on 1.9.2
Bug #1337013: Make block title retract/expand collapsible blocks
Bug #1337547: Static function 'X' should not be abstract
Bug #1337614: Deleting a forum topic works but reports an error
Bug #1337626: Generate page content before initialising smarty
Bug #1337664: Remove warning about ActiveDirectory on LDAP auth "Update user info on login"
Bug #1338394: Tinymce editor can incorrectly appear in profile edit page
Bug #1338410: Duplicate primary key upgrading from Mahara 1.1
Bug #1339113: simple non-copyable textbox
Bug #1341413: can't add textbox to page in IE10
Bug #1341427: textbox on advanced tab in skin/design.php overlaps footer in 1.10
Bug #1343930: Usability improvement: Add 'Edit dashboard' button to home page
Bug #1346926: blockquote displays vertical line
Bug #1347362: bug: Profile progress bar disappears
Bug #1348428: Profile completion: make a friend bug
Bug #1348476: Multirecipientnotification artefact should not be a progressbar option
Bug #1348485: Date fields
Bug #1348595: IE Error in Content/ File management
Bug #1349311: Select All
Bug #1350254: upgrade complains of duplicate cron row
Bug #1350595: bug in error lib file
Bug #1352027: Uploadcsvusers broken fields - maildisabled and authinstance
Bug #1353153: upgrade to 1.9 error when logged in and belonging to an institution
Bug #1353759: Google maps embed not working in Google Apps block
Bug #1353802: Upload users from CSV performance improvements.
Bug #1354266: No need for extra search box on copy page/collection page
Bug #1354286: Allow image map to be rendered by htmlpurifier
Bug #1355572: Blocktype JS includes not loaded correctly on https sites using subdirectory for wwwroot
Bug #1356563: Example plugin issue
Bug #1356672: Main navigation hides behind text box
Bug #1358481: admin account settings page success message broken for self on institution join
Bug #1358582: Group edit and delete buttons should only have the group name in the alt tag but not on the button itself
Bug #1358912: Syntax error when using a logo by id for theme logo
Bug #1359531: Artefact path is not being calculated correctly on file rename
Bug #1360050: IMAP language string for 'Port' is missing
Bug #1360943: In admin extensions the save_config_options function lacks the $form attribute
Bug #1362410: Skins fetching of default 'no thumb' thumb image problem
Bug #1362832: The list of group pages in the group homepage should be paginated
Bug #1362871: Allow a theme lang file
Bug #1364164: Remove IE6 check in help icon function
Bug #1364690: Fix the missing argument in print_export_footer
Bug #1365224: resume pages with tinymce break responsive design on mobile
Bug #1366664: admin page not showing site information block when upgrades available
Bug #1367539: When quota notification threshold is changed, send notifications to users who are now over threshold
Bug #1367998: Errors installing/upgrading 1.10dev via CLI
Bug #1368091: Broken html-tags in report.tpl
Bug #1369315: Can't edit group homepage template on upgraded site
Bug #1369830: Comments in CSS disappear in page skins Custom CSS
Bug #1370830: download checkbox shown as already ticked on folder block when first enabled
Bug #1371460: Missing translations in js/customlayout.js
Bug #1372188: upgrade problem with having the settings array
Bug #1372322: CLI upgrader can't handle plugin forced-installs
Bug #1372536: PluginModule-menu items appear in two menus
Bug #1373170: Description of a skin should be html escaped
Bug #1373917: Inconsistent line break layout in notifications
Bug #1374184: My groups block pagination fails when clean urls are in play
Bug #1374879: Missing language string in user Settings
Bug #1375092: XSS in page content editor
Bug #1375515: new version of jquery not rendering the inline js on pieform elements correctly
Bug #1375521: Pieform form maharatable renderer doesn't respect the isescaped flag
Bug #1376503: Loading groups via csv throwing error Undefined index: allowarchives
Bug #1376997: Date picker not working for certain languages
Bug #1377371: Help text doesn't match functionality for "My groups" sidebar list
Bug #1377377: Make $cfg->renamecopies = false; the default config value
Bug #1377542: The calendar picker is visible directly when adding someone to page access
Bug #1377543: There shouldn't be a notification for gaining access to a group homepage
Bug #1377544: Group member receives page access notification for page they created
Bug #1377556: Shared with
Bug #1377736: XSS Vulnerability adding pages into a collection
Bug #1377764: No visual indicator for where you can drop the first page into a collection
Bug #1378543: Profile picture not showing in forum posts when remote avatar is on
Bug #1378645: Google Maps "my maps" URLs breaking
Bug #1379060: error message shows span tag escaped
Bug #1379086: Change the "Access permissions have changed" notification from a JS popup to an inline CSS thing
Bug #1380003: Forum moderators should be able to move forum topics
Bug #1380201: Access to a collection is sent as page access
Bug #1380433: error with profile icon and gravitar
Bug #1380434: An error appears when importing an extracted portfolio
Bug #1380829: Default notification setting not kept from Mahara 1.9 to 1.10
Bug #1381715: adjust width in configure block
Bug #1381719: Help icon hard to find
Bug #1381729: Scoial profile and Social Profiles
Bug #1381738: Journal entry TinyMCE missing row toggle button
Bug #1381811: Error when copying collection or editing collection title/description
Bug #1381868: XSS with institution full name on user profile page
Bug #1382159: Profile -> contact information -> address textarea not displaying correctly
Bug #1382890: Message window too large on upgraded site
Bug #1382896: Cannot go to page that has been reported as objectionable
Bug #1382899: Regular user can't see "Objectionable content in forum" as notification type
Bug #1382902: Hard-coded lang strings in multirecipient messages
Bug #1383029: Page not accessible after reporting it as objectionable

1.9.0 (2014-04-15)
- New Features:
- Accessibility! W3C WCAG 2.0 level AA (except for some admin pages)
- Profile completion progress bar
- Institutions can customise static pages (Dashboard, Terms & Conditions, etc)
- Institutions can customise their default language
- Support for reCAPTCHA on self-registration page
- "New user probation" system to discourage spam
- "Cookie Consent" system for compliance with the EU cookie law
- "Post now" option for forum posts, to bypass post delay
- Support for Creative Commons 4.0 licenses
- New "Feedback" block, allows placing feedback as a block intead of at the bottom of the page
- Can now show image descriptions in "Image Gallery" block
- Can specify the sort order of files in a "Folder" block
- "Folder" block can now have "Download all as zip" link
- Improvements to watchlist notifications
- Notification sent to admins when an institution reaches its allowed member limit
- "New group page" notification
- Elasticsearch shows forum post dates in search results
- Elasticsearch plugin now works with MySQL
- API: Blocks can provide a custom stylesheet
- API: Themes can disable Page Skins
- 
- Security bugs:
- Security Bug #1266976: Update to HTMLPurifier 4.6.0
- Security Bug #1284876: Suspended users can log in via password reset email
- 
- Other bugs:
- Bug #778254: Split multiple user activity notifications into chunks
- Bug #1058416: Copying page in a collection only gives "untitled" title for clean URLs
- Bug #1081947: Use of CAST() causes extreme slowdown in large MySQL sites 
- Bug #1237198: Make Elasticsearch plugin work with MySQL 
- Bug #1239271: Skin description is not displayed
- Bug #1247715: Upgrade to 1.8.0 fails - can't connect to mysql
- Bug #1248307: Content chooser panel doesn't work on tablet 
- Bug #1249123: Users who are in "No Institution" can't use skins 
- Bug #1249858: Mahara can't figure out mime types because of a finfo() bug
- Bug #1252497: editing a skin deletes the creation time from db
- Bug #1254394: Can't change auth method on /admin/users/edit.php 
- Bug #1256118: elasticsearch install hangs if ElasticSearch Server not running
- Bug #1257953: public group forum info do not show up in elasticsearch
- Bug #1259359: Use of tabindex is confusing for screen readers
- Bug #1259378: Profile pictures have inconsistent alt text
- Bug #1259393: Required form fields are not obvious to screen readers
- Bug #1259397: Dropdown navigation is not accessible
- Bug #1259408: The status of notifications in "Recent Activity" is not accessible to screen readers
- Bug #1262867: Site search box does not have a label
- Bug #1262870: Textarea for posting to a user's wall does not have a label
- Bug #1262933: Drag-and-drop page editor is not keyboard-accessible
- Bug #1264105: Problem with deleting skins that are attached to a portfolio page 
- Bug #1265049: forum post notifications have escaped <br> in message in inbox
- Bug #1265629: elasticsearch setup by mahara causes Elasticsearch Server status to go from green to yellow
- Bug #1266317: Institution/group ownership of custom flexible layouts
- Bug #1267668: Add a "Cookie Consent" link to the Admin Home page. 
- Bug #1268788: mobile_api_json_reply sends extra stuff at the top, making it invalid json
- Bug #1270752: "shared with me" pagination fails with IE 9
- Bug #1270846: no message when incorrect username entered
- Bug #1270987: Modal dialogs are not accessible
- Bug #1271301: Search and filter forms need labels
- Bug #1273492: Group members list cannot be sorted when using elasticsearch
- Bug #1275995: Navigation and tabs are broken in IE11
- Bug #1278013: LDAP sync enter list of groups 
- Bug #1278428: No groups and group files visible although there must be many in 1.8.1 
- Bug #1279468: Error with saving extensions - > artefact -> file configuration
- Bug #1279523: "Use content from another text box" stops working if pagination is used 
- Bug #1279530: Attachments section for Text box blocks is not accessible
- Bug #1281787: Artefacts not locked in in submitted view
- Bug #1283869: page editor adds blank block and screen goes black
- Bug #1284878: external feed rss not updating
- Bug #1287350: New Google Drive URL 
- Bug #1287922: error when deleting a journal entry
- Bug #1288490: upgrade from 1.8 error
- Bug #1288542: Can't open feedback form when HTML editor is turned off
- Bug #1290156: spelling mistake in view/index.php 'offest'
- Bug #1290649: fonts not working under https
- Bug #1292303: Clicking 'All' and 'None' does not work in 'User search' page 
- Bug #1293803: Adding an profile picture as a background image for a skin causes errors 
- Bug #1296915: settings page error Undefined index: licensedefault
- Bug #1297510: Deleting fonts causes 'Invalid Parameter' error:  
- Bug #1298717: Saving a customised color in a skin does not work
- Bug #1300741: installation doesn't save email address
- Bug #1302251: MS Office files being seen as zip archives
- Bug #1305275: custom theme goes white on save:  
- Bug #1305308: Site admin should not add background images to site skins
- Bug #1305361: Pages are not displayed in many themes except 'default'
- Bug #1305451: Content editor sidebar doesn't work on Chrome 
- Bug #1305481: Adding content to page buggy on Firefox
- Bug #1306365: when copy page the originators profile picture carries over
- Bug #661602: Dates on external feed entries are not shown
- Bug #974855: "Generate sitemap" option has empty help file
- Bug #993676: Members did not show up in second search if the first search found no results
- Bug #1013022: Wishlist : enabling to download an entire folder
- Bug #1051500: Warning message before deleting journal
- Bug #1053708: A full list of Pages don't show up
- Bug #1058850: Warning when editing note that all instances are changed
- Bug #1064780: Default journal of a Persona auth account doesn't have user's name
- Bug #1070046: select query uses more than MAX_JOIN_SIZE on mysql:  
- Bug #1085744: Could not remove tags with special characters
- Bug #1086569: Lang string misleading when inst. staff doesn't have stats access
- Bug #1089136: "Add me as friend" results in error message
- Bug #1099811: group files error after upgrade
- Bug #1145156: Improve resume usability
- Bug #1174623: Correct schema drift during 1.0 -> 1.8 upgrades
- Bug #1187212: Handle timezone mismatch between webserver and DB (MySQL) server
- Bug #1224750: Site files located in a subfolder cannot be accessed by normal users
- Bug #1237177: Elastic Search does not find media in a group
- Bug #1239928: Prezi doesn't load
- Bug #1240244: Deleting an image used for a skin should give a popup warning
- Bug #1242220: Show file description on Leap2a import screen
- Bug #1245638: elasticsearch 'textbox' results should be under text rather than media
- Bug #1246576: Upgrade MobileDetect library to 2.7.1
- Bug #1246580: Upgrade PHPMailer to 5.2.7
- Bug #1247722: Update PEAR libraries for 1.9.0
- Bug #1252885: Hide suspended users' pages from the "Latest Pages" block
- Bug #1254396: Skins description textbox should be expandable
- Bug #1255361: Error adding files to Institution pages
- Bug #1255378: Fill in the missing "key_exists()" method in ddl.php
- Bug #1255780: copying collection needs to sort table by collection
- Bug #1258970: "Menu" is hardcoded when viewed on small device
- Bug #1259372: "Edit Access" image has missing string for alt text
- Bug #1259373: HTML editor is not disabled when leaving feedback
- Bug #1259377: Explanation when there are no tasks in a plan is unclear
- Bug #1259379: Delete buttons need a descriptive (and consistent) value
- Bug #1259387: Tabs should include textual information to show their state
- Bug #1259388: Input help text should be linked using ARIA
- Bug #1259394: Help links in forms are not keyboard-accessible
- Bug #1259395: HTML lang attribute is not specified
- Bug #1259405: Screen readers are confused by Unsubscribe button in forums
- Bug #1259409: "Delete" and "Mark Read" checkboxes in Inbox need labels
- Bug #1259411: Table headers in Inbox are not read properly by screen readers
- Bug #1259685: Datepicker is not accessible to screen readers
- Bug #1259746: Username links are not always read out when using a screen reader
- Bug #1259764: Feedback form should use focus management
- Bug #1261239: Expanders in forms should use focus management
- Bug #1261610: JSDetector adds output to command-line scripts
- Bug #1261694: remember the limit parameter on view pages
- Bug #1262483: Forms should consistently have errors above the top-level heading
- Bug #1262903: The alt text of icons in the file browser should be changed
- Bug #1262904: Files cannot be moved from one folder to another without using the mouse
- Bug #1262918: Add/Edit buttons in Resume should use focus management
- Bug #1262932: Bad data in the DB can cause the schema correction SQL to throw a fatal error
- Bug #1263440: Improve lang strings for Cookie Consent
- Bug #1264014: Collection Navigation should be a list not a table
- Bug #1264429: Set up an institution_config table for configuring institutions
- Bug #1265086: "Completed" column for tasks is unclear for screen reader users
- Bug #1265102: Focus is not visually apparent when tabbing through the page
- Bug #1265104: spelling mistake in additionalhtmlfooter config variable
- Bug #1265696: Can't edit access to profile after "Logged-in profile access" turned on
- Bug #1265982: Add Creative Commons 4.0 as licence types to CC block
- Bug #1266923: Focus should be set to search results if they are loaded with AJAX
- Bug #1266934: Institution option for dropdown menus should take precedence over site option
- Bug #1267311: Elasticsearch page doesn't have textual description of tab state
- Bug #1267861: Page shared to group: notification to page owner
- Bug #1268746: Squelch PHP 5.4+ strict standards errors
- Bug #1271779: Resume layout on mobile devices
- Bug #1272297: Authentication plugin up/down and delete links should be buttons
- Bug #1273448: "Attachments" icon in Resume needs alt text
- Bug #1273841: Specific form errors should be linked with ARIA
- Bug #1273937: Skins form needs to use label elements
- Bug #1274083: View an artefact with related skin or theme
- Bug #1275481: Dwoo doesn't support Smarty's nl2br syntax
- Bug #1276397: Edit and delete buttons need descriptive alt text
- Bug #1277276: Results per page combobox needs a label
- Bug #1277290: Resume attachments form element should be made accessible
- Bug #1277297: Radio buttons in email selector need labels
- Bug #1278198: Close button in homepage information should be made accessible
- Bug #1278202: Skin previews need descriptive alt text
- Bug #1278216: Checkboxes when editing permissions for a page need labels
- Bug #1278238: Radio buttons used when importing need labels
- Bug #1278667: Two error messages when uploading files without accepting upload agreement
- Bug #1279943: Textbox attachments not showing on htdocs/view/artefact.php page
- Bug #1280009: Skin edit form should use responsive tabs
- Bug #1281877: Colour contrast needs to be improved for accessibility (default theme)
- Bug #1282214: Move "Edit site pages" under institution menu
- Bug #1282219: Rename "Edit site pages" to "General pages" to "Static pages"
- Bug #1283839: institution general pages not set as site default on upgrade
- Bug #1284869: Suspended user login attempts show up in "Online Users" list
- Bug #1286941: double call of language_select_form()
- Bug #1287262: unable to create group home page
- Bug #1300289: commentlist shows logged in user's icon for anonymous comments
- Bug #1307240: on delete of font alert if being used  
- Bug #1307294: Disable self-registration by default
- Bug #609167: Add group categories default action is page submit, not add
- Bug #620161: Distinction between Name and Profile not clear
- Bug #633658: Shouldn't viewing and downloading files have the same process?
- Bug #646691: Blog account settings still available when blog disabled
- Bug #707161: opensslcnf not set (on rhel at least)
- Bug #731062: Feedback ratings are not exportable
- Bug #731647: Ignore duplicates in CSV upload
- Bug #746418: Institution authentication plugin option doesn't exist when creating new institution
- Bug #852304: Sending a friend request should return you to the page you were previously on
- Bug #892684: Remove the Contact Info block
- Bug #898470: Inconsistent "required field" behavior on institution membership page
- Bug #995761: Use the same paginator throughout
- Bug #996337: Forum post delay setting only sticks after you clicked "Save"
- Bug #1034213: When editing the group editablity times with a end date before the start date both dates are greyed out after validation 
- Bug #1047481: Groups menu 'I want to join' - improvement
- Bug #1053223: Publish/Unpublish a journal's entry should change the background
- Bug #1064219: "Add page to watchlist" not clear on artefact page
- Bug #1067550: /admin/users/bulk.php shows submit button for changing auth method even if only 1 auth method
- Bug #1067724: Unable to read language directory
- Bug #1075760: reporting objectional material with no message doesn't get sent to admin with digest emails
- Bug #1115638: Empty masquerading report needs "none found" type string
- Bug #1195120: Delete superflous fullstop on /admin/groups/uploadcsv.php
- Bug #1196213: Linking of tags in tag search
- Bug #1203082: Change password warning contains escaped html
- Bug #1212541: GoogleSpell has been discontinued -- remove it from TinyMCE spellchecker
- Bug #1220410: MNet with port number requires port to be in wwwroot
- Bug #1220943: Warning when creating a new auth instance in 1.8dev
- Bug #1231920: Duplicate tags in page creation gives error message
- Bug #1240306: Styling error on add user page if there's a very long institution name
- Bug #1246024: error message disappears too fast
- Bug #1246573: Upgrade htmlpurifier to 4.5.0
- Bug #1246933: image slider display error
- Bug #1247729: Elastic Search: Set the second column to sort by to score
- Bug #1247729: Elastic Search: Set the second column to sort by to score
- Bug #1250235: View gives error if user could make skins then had option revoked
- Bug #1250239: Saving 'no institution' institution gives errors
- Bug #1250256: Support for changing the session directory
- Bug #1251089: Invalid value for licensedefault
- Bug #1253462: Undefined property: stdClass::$urlid after doing feedback
- Bug #1253835: Make profile page tabs design responsive
- Bug #1259366: Title of 'Tasks' page should be capitalised
- Bug #1259401: Dashboard info (Create and Collect, ...) is hard to understand when using a screen reader
- Bug #1259402: "Learn more" link when posting on a Wall is not descriptive
- Bug #1259689: Skin metadata lightbox is not keyboard-accessible
- Bug #1259757: Gender radio buttons need descriptive labels
- Bug #1261231: Allow a VERP "bounceprefix" that's not exactly 4 characters
- Bug #1261233: Allow a VERP "bounces_ratio" of 0
- Bug #1262487: Row headers in "Edit Access" table are confusing for screen reader users
- Bug #1262490: Add buttons in "Edit Access" should have more descriptive text
- Bug #1262899: Add buttons in "Edit Access" should move focus to the inserted row
- Bug #1262911: In-page tabs should use focus management
- Bug #1265061: Add support for regional languages to TinyMCE language detection
- Bug #1265088: Description of dual listbox (in Admin) is unclear to screen reader users
- Bug #1265091: Pieforms date elements should have "Not specified" before the date picker
- Bug #1265098: Register site page title should be more descriptive
- Bug #1265099: Some form elements in Administration area need labels
- Bug #1265101: License icons need alt text
- Bug #1266300: hover over unselected tabs in admin -> users ->reports not showing pointer cursor
- Bug #1266624: When using small headers, action buttons break the logical ordering of the page
- Bug #1267240: Clicking on new change layout icon needs to warn if navigating away without saving
- Bug #1267296: Focus should be set to search results if loaded with AJAX (Administration)
- Bug #1267633: It's confusing to hide the "copy for new users" site page access option
- Bug #1271391: focus on help box close button in chromium has gap
- Bug #1275617: Allow CLI api to specify exit code
- Bug #1279529: All attachments tables should be collapsable
- Bug #1281121: Method view_has_token uses uninitialized variable
- Bug #1282872: Top right "Settings" image should not have alt text
- Bug #1285414: User search column headers should include text to explain sort order
- Bug #1285890: Set focus to new row when adding a group category
- Bug #1285892: Title of "Group categories" page should be made more descriptive
- Bug #1290672: PluginArtefactResume should extend PluginArtefact
- Bug #1297516: Font preview page did NOT display properly
- Bug #1298129: Multicolumntable pieform help is broken
- Bug #1298671: The link in the skin thumbnail header should be not displayed in Chromium
- Bug #1301096: Eliminate redundant &obsolete get_mime_type() function
- Bug #817372: Override forum post delay for individual groups and/or forums
- Bug #817373: Add ability to 'send now' on a forum post
- Bug #833867: Add "Show Description" to Image Gallery
- Bug #1027260: Warning when deleting a page that is used in a collection
- Bug #1041228: Improve watchlist notifications
- Bug #1204699: Mahara does not notify administrators if institutional membership is full
- Bug #1223069: Site files accessible in "Links and resources" sidebar
- Bug #1233896: Sort files in the "Folder" block
- Bug #1237013: Allow theme to turn off skins
- Bug #1245679: Place feedback for a view in a block rather at base of page
- Bug #1246547: Give a different error message for an expired registration key than for an invalid registration key
- Bug #1248318: Allow $SESSION messages to be displayed in alternative places
- Bug #1252098: Wishlist: reCAPTCHA support
- Bug #1252101: Wishlist: Prevent new users from taking spammy actions
- Bug #1254299: Institutional Specific Dashboard
- Bug #1258130: Directive on Privacy and Electronic Communications
- Bug #1259538: "Progress bar" based on Institution selected preferences
- Bug #1259741: "Jump to Content" link should be included for screen reader users
- Bug #1259773: Having group links as a bulleted list in sidebar is confusing for screen reader users
- Bug #1262477: First column in Inbox should have a hidden header
- Bug #1266320: Feature request: Institution-specific default languages
- Bug #1266907: Edit/Add License page titles should be more descriptive
- Bug #1272240: New group page notification
- Bug #1273542: Add Creative Commons 4.0 as licence types to the admin-controlled licenses
- Bug #1273931: It is impossible to add custom CSS for blocks
- Bug #1281364: Let users from controlled-registration institutions delete their accounts
- Bug #1281847: Elasticsearch: Show forum post dates in search results

1.8.2 (2014-04-03)
- Bug 1239461: External feed has duplicate rows causing problems
- Bug 1249858: Mahara can't figure out mime types because of a finfo() bug
- Bug 1256118: elasticsearch install hangs if ElasticSearch Server not running
- Bug 1257953: public group forum info do not show up in elasticsearch
- Bug 1262050: Same profile picture used on "Shared with me"
- Bug 1264105: Problem with deleting skins that are attached to a portfolio page
- Bug 1265049: forum post notifications have escaped <br> in message in inbox
- Bug 1266317: Institution/group ownership of custom flexible layouts
- Bug 1266976: Update to HTMLPurifier 4.6.0
- Bug 1268788: mobile_api_json_reply sends extra stuff at the top, making it invalid json
- Bug 1270752: "shared with me" pagination fails with IE 9
- Bug 1284876: Suspended users can log in via password reset email
- Bug 1284878: external feed rss not updating
- Bug 1287350: New Google Drive URL
- Bug 1290649: fonts not working under https
- Bug 1064780: Default journal of a Persona auth account doesn't have user's name
- Bug 1070046: select query uses more than MAX_JOIN_SIZE on mysql
- Bug 1086569: Lang string misleading when inst. staff doesn't have stats access
- Bug 1099811: group files error after upgrade
- Bug 1239928: Prezi doesn't load
- Bug 1259377: Explanation when there are no tasks in a plan is unclear
- Bug 1262932: Bad data in the DB can cause the schema correction SQL to throw a fatal error
- Bug 1278667: Two error messages when uploading files without accepting upload agreement
- Bug 1284869: Suspended user login attempts show up in "Online Users" list
- Bug 1287262: unable to create group home page
- Bug 1064219: "Add page to watchlist" not clear on artefact page
- Bug 1067724: Unable to read language directory
- Bug 1195120: Delete superflous fullstop on /admin/groups/uploadcsv.php
- Bug 1203082: Change password warning contains escaped html
- Bug 1231920: Duplicate tags in page creation gives error message
- Bug 1253462: Undefined property: stdClass::$urlid after doing feedback
- Bug 1267240: Clicking on new change layout icon needs to warn if navigating away without saving

1.8.1 (2013-12-18)
- Bug 1247715: MySQLi driver errors out with non-default port number
- Bug 1246024: Error message fading too fast to read
- Bug 1053708: Problems when changing the page size in the paginator
- Bug 1058416: Properly setting the clean URL for copied pages
- Bug 1255361: Error when a site admin tries to attach a file to an institution page
- Bug 1250239: Errors while changing settings for "No Institution"
- Bug 996337: Forum post delay not properly displayed
- Bug 974855: Missing help file for "generate sitemap" option
- Bug 1248307: When device detection is on, show radio button
- Bug 1254394: User auth method can't be changed
- Bug 1255378: Fill in missing "find_key-name()" method implementation
- Bug 1081947: Removing usage of CAST() for MySQL optimization
- Bug 1174623: Sites upgraded from 1.0 missing some keys and indexes
- Bug 1067550: On bulk user edit page, don't show "change auth" if there's only 1 auth
- Bug 1075760: Empty objectionable material reports not included in digest emails
- Bug 1196213: On "my tags" page, tags not linked for most users
- Bug 1237177: Elasticsearch: not including group content
- Bug 1245638: Elasticsearch: Textboxes should be indexed as text rather than media
- Bug 1247729: Elasticsearch: Set 2nd column to sort by score/relevance
- Bug 1252497: Skins: creation date overwritten on edit
- Bug 1249123: Skins: Allow to specify where "No Institution" should allow skins
- Bug 1239271: Skins: description not displayed
- 

1.8.0 (2013-10-24)
- New features: 
-- Turned the block chooser vertical and scrolling, to accomodate longer Pages
-- The Image block and Text Box block are now conveniently at the top of the block chooser
-- Page layouts can now have rows as well as columns
-- Users can import leap2a files into their existing Mahara account
-- PDF block allows PDFs to be viewed inline in a Page
-- Resume elements can have attachments
-- Notes (and text box blocks) can have attachments
-- Users are notified when they try to navigate away from a page with unsaved changes
-- Many more types of user content can have tags
-- Resume entries for electronic publications can now be hotlinks
-- Drag-and-drop to upload files
-- Page skins, which give individual users the ability to change the CSS of their Pages
-- Admins can search for users with duplicate email addresses
-- Admins can filter user search by auth method
-- Elasticsearch search plugin
-- "Additional HTML" config option for things such as Google Analytics
-- A cron job in the LDAP auth plugin to synchronize Mahara accounts with LDAP
- Security Bug #1034180: A group member with no access rights to folder can still view it
- Security Bug #1236636: Can attach other users' Folders to your Image Gallery block 
- Bug #1180625: Update ADOdb library to version 5.18 
- Bug #1187964: Use adodb "mysqli" instead of "mysql" 
- Bug #1180624: Add support for SQL temp tables 
- Bug #1184450: Add mysql collation mode to pre-install sanity check 
- Bug #1235305: Image slideshow fails first time when selecting 'Style:  Slideshow' 
- Bug #1045563: Email address in the 'Required profile fields' form must be validated 
- Bug #1097565: Automatic account expiry doesn't happen 
- Bug #1140836: 'Max. items per page' doesn't work for group pages 
- Bug #1160093: Don't display a remote username on /admin/users/edit.php if no remote username exists 
- Bug #1187963: Updating group members by CSV caused existing group admins removed 
- Bug #1211621: Centralized license and copyright info from file headers into README
- Bug #1214124: Improve stylesheet cacheing 
- Bug #1239539: Registration:  Force Terms and Conditions - error text 
- Bug #993676: Members did not show up in second search if the first search found no results 
- Bug #1046114: Errors when adding new institution members 
- Bug #1127801: consecutive deleted forum posts for same user should be grouped 
- Bug #1158086: Forum:  error after deleting a post that is the child of another deleted post 
- Bug #1187571: Updating groups by CSV caused 'Not found' page 
- Bug #1193757: Institution admin needs tob e able to change auth method "No institution" to one of their own 
- Bug #1203965: Increase number of characters in collection tabs 
- Bug #1204309: Edit forum post error if parent is deleted 
- Bug #1220639: mp4 file has wrong icon 
- Bug #1223063: Deleting display name does not remove it 
- Bug #1234487: Put the system requirements for each Mahara release into README 
- Bug #1238407: Mahara 1.0 upgrade path depends on no-longer-supported "ENGINE=INNODB" 
- Bug #1240746: Plans page displaying 1 block of text when I used 3 paragraphs  
- Bug #1242263: Switch suspension reason and "Suspend" button around 
- Bug #703980: personal information pulled into add resume even if there is nothing in it 
- Bug #959926: No warning when deleting a profile picture that is used in a portfolio page 
- Bug #1017281: The pagination drop down shows when less than 10 entries on the page. 
- Bug #1078591: ClamAV path missing/not detected. No option to provide path to Clamav 
- Bug #1114790: masqueradingreasonrequireddescription string is misleading about settings 
- Bug #1165300: Year not shown for post dates on "Topics" 
- Bug #1166578: auth/session.php incorrectly multiplies $cfg->session_timeout by 60 
- Bug #1168422: clamdscan permission issues 
- Bug #1182649: uploading multiple files - only last one gets marked complete 
- Bug #1191605: blocktype/externalfeed/lib.php throws array_chunk errors 
- Bug #1201052: Notification to anonymous user when comment was submitted 
- Bug #1201055: Change lang string for updated comments when moderation is turned on 
- Bug #1208287: Clarify error message in Mahara syntax checker about table names with {} 
- Bug #1211161: Creating a new group with cleanurls active, throws a warning 
- Bug #1220108: 'usersuniquebyusername' config option not in lib/config-defaults.php 
- Bug #1222200: Make the masquerade "Log in anyway" link more noticeable to admins
- Bug #1230044: Wording in password reset phrase in English 
- Bug #547386: Linking to electronic publications 
- Bug #680710: Revive the Solr plugin using elasticsearch 
- Bug #1036556: Embed PDF 
- Bug #1046750: Show more of the file name 
- Bug #1050297: drag & drop content from desktop 
- Bug #1073625: Add additional html interface 
- Bug #1083263: Filter by auth method in "User search" 
- Bug #1103942: Allow uploading attachments to Resume composites 
- Bug #1117237: Allow uploading attachments to Textboxes/Notes 
- Bug #1166499: Filter out accounts with duplicate email address 
- Bug #1168213: Wishlist/Feature Request:  Customise page themes (skins) 
- Bug #1180622: Integrate Patrick Pollet's ldap sync plugin into the core auth/ldap plugin 
- Bug #1180997: Add tagging feature for all user's content 
- Bug #1182739: Display a warning message when navigating away without saving 
- Bug #1183612: Make it easier to change a user's profile picture 
- Bug #1185209: Allow existing users to import LEAP2A content into their portfolio 
- Bug #1190720: Edit access page needs default share with text 
- Bug #1194672: Drop-down navigation option be overridden at institutional level 
- Bug #1197154: Hide or move the "Retractable" and "Automatically retract" controls for blocks 
- Bug #1201258: artefact chooser panel 
- Bug #1193936: License info is NOT updated when using content from other text boxes 
- Bug #1235813: "Your entire resume" should be "My entire resume" 
- Bug #959926: No warning when deleting a profile picture that is used in a portfolio page

1.7.3 (2013-10-03)
- Bug #1211758 Security bug: Arbitrary image download
- Bug #1175446 Security bug: user supplied $_SERVER['HTTP_HOST'] can be used for injections
- Bug #1233500 Security bug: Not checking ownership of blocks before editing them
- Bug #1158625 Make profile information not avaialble for public when not shared
- Bug #1207140 The embedded iframe filter doesn't support scheme-relative URLs such as "//youtube.com" (now used in the YouTube and Vi$
- Bug #1218091 Pager in search in a block doesn't work
- Bug #1195489 After installation, make the installer "jump" to the "Continue" link at the bottom of the page
- Bug #1214647 When an auth instance is deleted, disable it as a parent authority
- Bug #1215190 LDAP support for non-standard port LDAP Urls
- Bug #1215702 Reduce false positives in syntax checker for unbracketed SQL tables
- Bug #1218684 Alt tag in the artefact chooser panel only says "Preview"
- Bug #1219499 Some RSS feed channel images are rendered too large in External feeds block
- Bug #1222368 Missing lang string for group page with clean URL
- Bug #1227372 Missing lang string for existing URL on allowed iframes
- Bug #1095208 uploading a file - "Loading" message remains
- Bug #1165592 "Cron is not running" not displayed in red anymous
- Bug #1188001 Page view throws headdata warning, if group submissions enabled
- Bug #1213908 Undefined variable $id in group/report.php
- Bug #1072972 Internal search ignores 'KATAKANA-HIRAGANA PROLONGED SOUND MARK'

1.7.2 (2013-07-25)
- Bug #1177187: program code error when create new rss feed in mahara 1.7.1
- Bug #1130990: creating a journal with licence requirements on causes errors
- Bug #1132660: "invite user to group" form on user profile page throws headdata error
- Bug #1166879: Multiple blogs parameter uncheck when profile is updated
- Bug #1171310: Can bypass comment moderation by editing a comment
- Bug #1180194: Changing the auth method requires info about remoteuser getting lost
- Bug #1180243: Installation hangs with "Mahara requires InnoDB tables" on mysql 5.6
- Bug #1190186: Masquerading sessions report fails if database tables have prefix
- Bug #1191453: Don't show password in cleartext
- Bug #1171365: Resume: Let user set gender to "unspecified"
- Bug #1179299: "Other (enter URL" not translatable for license
- Bug #1180263: Help not shown in edit note/text box form
- Bug #1185661: HTML export doesn't list Pages on the index page
- Bug #1195269: Resume "birthdate" field, if empty auto-fills to 1 Jan 1970
- Bug #1150831: Trailing slash missing in directory URL

1.7.1 (2013-05-02)
- Bug #1171714: Bug that can cause RSS feeds to be randomly copied between users
- Bug #1016253: Don't include RSS block passwords in Leap2A archives
- Bug #1016253: Fix terminal error when there's a mistake in an authenticated RSS feed
- Bug #1016253: Don't send RSS block passwords to the browser in plain text
- Bug #1172096: If the URL of an RSS feed block is changed, force password re-entry
- Bug #1088609: Fix moderation of anonymous comments
- Bug #1170587: Potential artefacts installation issue
- Bug #1171641: Correct license code's support for $cfg->dbprefix
- Bug #1168617: Add missing tooltip text to group admin page
- Bug #1165587: Updating YouTube favicon for externalmedia block
- Bug #788882: Fix decompression of ZIP files containing subdirectories
- Bug #1173440: Address bug in group edit form when cleanurls toggled on & off
- Bug #1051792: Fix a warning when uploading users via CSV
- Bug #1101984: Make filebrowser error messages have a red background
- Bug #1174540: Fix warnings when licenses are disabled
- Bug #1039865: Remove explicit CAST to improve MySQL performance during upgrade
- 

1.7.1 (2013-05-02)
- Bug #1171714: Bug that can cause RSS feeds to be randomly copied between users
- Bug #1016253: Don't include RSS block passwords in Leap2A archives
- Bug #1016253: Fix terminal error when there's a mistake in an authenticated RSS feed
- Bug #1016253: Don't send RSS block passwords to the browser in plain text
- Bug #1172096: If the URL of an RSS feed block is changed, force password re-entry
- Bug #1088609: Fix moderation of anonymous comments
- Bug #1170587: Potential artefacts installation issue
- Bug #1171641: Correct license code's support for $cfg->dbprefix
- Bug #1168617: Add missing tooltip text to group admin page
- Bug #1165587: Updating YouTube favicon for externalmedia block
- Bug #788882: Fix decompression of ZIP files containing subdirectories
- Bug #1173440: Address bug in group edit form when cleanurls toggled on & off
- Bug #1051792: Fix a warning when uploading users via CSV
- Bug #1101984: Make filebrowser error messages have a red background
- Bug #1174540: Fix warnings when licenses are disabled
- 

1.7.0 (2013-04-19)
- Bug 1100187: First option under "manage institutions", institution is not capitalised
- Bug 1100024: Relocate "Shared pages" menu item
- Bug 1095499: License metadata for every artefact
- Bug 1085566: Add logged in filter to admin search
- Bug 1081194: Add 'groups I can join' to groups search condition and make it default
- Bug 1051868: Add support for "retractable" blocks
- Bug 1040337: Upgraded TinyMCE to 3.5.8
- Bug 1033070: Increase limit on group members block
- Bug 1027574: Improve logging of what admins do while masqueraded
- Bug 939299: Display more collections on the overview page
- Bug 1100030: Take out word-break in the CSS
- Bug 1057259: Add year to forum post dates
- Bug 1051497: Correct word spacing between posts and entries on journal page
- Bug 1050655: forum post notification subject should be the post subject not the topic subject
- Bug 1021653: Ensure length of input fields is sufficient for required data
- Bug 1006706: Missing lang strings in view/urls.php
- Bug 952625: Pending registrations have an unreasonable expiry time
- Bug 920263: Make "Institution expiry date" column not be in italics
- Bug 913320: Separate "Suspend / delete user" on /admin/users/edit.php
- Bug 1100104: Account deleted notice to include contact information
- Bug 1100066: dwoo function str doesn't take extra arguments that are "0"
- Bug 1073136: Fix ordering of forums when there are more than 10 forums
- Bug 1072850: Facebook doesn't pick up Mahara's Facebook logo
- Bug 1069811: Quota exceeded message for groups
- Bug 1069664: "Text on background" does not change for top right-hand corner in configurable theme
- Bug 1068962: "Delete users" button should be red on /admin/users/suspended.php
- Bug 1051529: Activating spellchecker brings up warning
- Bug 1046617: hard-coded plural logic on /group/find.php
- Bug 1023834: Refactor login form elements code duplication
- Bug 1154928: Warning when adding a new user or add users via CSV
- Bug 1145178: Warning after installing other language packs
- Bug 1095834: Wrong result when searching for the special string: '0'
- Bug 1089730: Plain editor not available in Resume area instead of WYSIWYG editor
- Bug 1081309: export fails if files missing from dataroot
- Bug 1079451: split function is deprecated but still used
- Bug 1074974: WMV files are not recognized by Internal Media block when uploaded directly in the block
- Bug 1072967: Add user-unique message IDs to forum emails
- Bug 1069274: "Allow copying" is not shown on the institution and site access list
- Bug 1068952: Update of user information brings warnings
- Bug 1056544: The number of topics on /interaction/forum/view.php doesn't count the sticky topics
- Bug 1111066: define('CLI') should bypass auth_setup() in init.php
- Bug 1091506: Allowed iframe sources page doesn't allow sideblocks
- Bug 1091504: Suspended and expired users page is not displayed as selected in menu
- Bug 1031560: json_headers change to use application/json
- Bug 1046647: Warnings when access "Group files" tab
- Bug 1046641: "Group files" tab does not show up until the user re-login.
- Bug 900983: Notification after user has been masqueraded

1.6.4 (2013-04-15)
- Bug #1153423 Stored XSS in TinyMCE editor
- Bug #1141446 Google presentation embed code doesn't work

1.6.3 (2013-02-15)
- Bug #1082416 XMLRPC with Firefox 17.0 not possible
- Bug #1091764 Cross site Scripting(XSS) Vulnerability in notes page
- Bug #1103748 included flowplayer 3.2.7 is vulnerable
- Bug #1113180 Delete Wall Post Throws 404 Error
- Bug #1115832 collection navigation links break after "show more" with cleanurls
- Bug #1089282 Pagination links are broken due to encoding of encoded ampersands
- Bug #1090203 Double encoding of &amp; in 'url' for pagination causes pagination links to be broken
- Bug #1085569 Link to user profile takes on comment ID
- Bug #1097788 forum next page link
- 

1.6.2 (2012-11-23)
- Bug #1079498: Fix XSS in pagination URL
- Fix the rss image exceptions preventing updating (Bug #1081431)
- Check originals directory before iterator in upgrade (Bug #1080498)
- Fix mnet jump-back link regression (Bug #1079260)
- Escape table names in profile image query (Bug #1077013)
- 

1.6.1 (2012-10-24)
- Fix regression with mobile upload token (Bug #1057878)
- 

1.6.0 (2012-10-19)
- A new "responsive theme", designed to work fluidly on many screen sizes; especially mobile devices
- Members of multiple institutions can decide which theme to use
- Basic support for theming logged-out users
- Option for images to be resized at upload time
- Ability to add journal entries directly from a page
- Tagged journal entries block can show full entries
- Collections can be submitted to groups
- Mobile uploads support multiple devices
- Mobile API support for journal entries and attaching files to journal entries
- Mobile API support for syncing messages, tags, files, and journals
- Breadcrumbs in small headers are visible at all times
- New "Unpublish" button for journal entries
- Optional "Clean URLs" for user profiles, portfolio page, groups and group pages with support for subdomains
- More sorting options on member's listing in a group
- Collections are available for groups, institutions and on the site level
- Group information expanded to include number of forums, topics and posts
- Group admins can enable and view participation reports within groups
- Editability of group content can be limited with a start and end time
- Pagination for forum topics
- Statistics for institutions and more statistics at the site level
- Cron error message appears red for visibility
- Option to add institution staff rights during registration approval
- Configurable SafeIframe site list
- Option to allow self registration process for users authenticating via Persona
- Cron can poll an imap inbox for mail bounces
- Option to allow local customisation of "Edit site pages" list
- "User search" in the admin area links to profile pages
- 

1.6rc1 (2012-09-17)
- 
- First Release Candidate for 1.6.0

1.5.2 (2012-07-31)
- Logged-in user's name unescaped in top right header
- BrowserID changed login URL
- Textbox upgrade inserts too many rows per query in MySQL
- sprintf function problems with pluralrule
- "Copy page" button on group homepage to always copy page into personal portfolio

1.5.1 (2012-05-04)
- Use MySQL database collation for string literals (bug #985608)
- Make download.php publicly accessible (bug #979538)

1.5.0 (2012-04-17)
- A new theme for younger students called "Primary School"
- Optional drop-down menus for the site navigation
- Support for institution logos to replace the site header logo
- New institution theme with configurable colours
- Reusable text boxes, a.k.a. "Notes"
- Block to display journal entries with a particular tag
- Block to display a user's watchlist
- Improvements to online users sideblock (e.g. limit on number of users to display)
- Image gallery displays external galleries (flickr, Panoramio, Photobucket, Picasa, Windows Live)
- Support for embedding content from Glogster, Prezi, Slideshare, Vimeo, Voki and WikiEducator
- Add an option to include feedback in HTML export
- Implementation of the SafeIFrame feature of HTML Purifier to facilitate the use of specified iFrames
- Copying of collections
- Pages and collections can be shared with institutions
- Allow original author of a copyable page to retain permission to see copies of the page
- More search options on "Shared pages"
- Added and updated many help texts and descriptions
- Improvements to search usability
- WYSIWYG fullscreen option
- Profile pictures are available in the files area
- Multiple file uploads
- Institution landing page listing institution admins and staff
- Users can suggest and invite others to groups
- Group admins can hide members
- Group and group member CSV uploads
- Group file quotas
- Admins can suspend, delete, and change the authentication method for multiple users in one action
- Admin report on user pages access lists
- Support for custom links in the footer menu
- User file quotas are configurable by institution and visible on the user accounts page
- Set general account preferences when adding users for internal authentication
- Allow institutions more control over access to user profiles
- Allow site admin to specify a default notification method for new users
- MNet key regeneration button and functions to export dashboard info to Moodle
- User CSV upload can make updates to existing users
- Sitemap generation
- CLI install and upgrade abilities for unattended installations
- BrowserID authentication method
- More user-friendly password policy with password salts, bcrypt storage and brute force prevention
- Student ID and display name can be set from LDAP
- Confirmation of new user registrations via self-registration method prior to account creation

1.4.2 (2012-03-06)
- Fix PHP Fatal Error in user/view.php (Bug #885588)
- Fixes to Selenium tests
- Blog block pagination bug prevents images from being displayed (Bug #886581)
- Fixed youtube filter Bug #884438
- Ensure that default SAML behaviour is to match user to remote user name (Bug #932909)
- Update the registration URL to support SSL (Bug #943772)

1.4.1 (2011-11-01)
- XSS in unvalidated URI attributes (CVE-2011-2771)
- Information disclosure exposing private messages (CVE-2011-2774)
- DoS via invalid or excessively large images (CVE-2011-2773)
- CSRF to trick admins into adding a user to an institution (CVE-2011-2773)
- Fix broken links on export page
- Fix problems with blog, plan and comment pagination, and comment deletion
- Fix embedding issues with google docs and multimedia content
- Fix issues preventing tinymce and pieforms javascript loading for text areas
- Fix fatal errors for collections and image galleries
- Fix issues with settings for search plugin and mail preferences
- Ensure that bulk imported users are forced to change passwords

1.4.0 (2011-06-14)
- new Google Apps and Image Gallery blocks
- star ratings with comments
- easier page for sharing content with others
- ability to add comments on file artefacts
- support for SSL-based SMTP and LDAP servers
- administration interace for mail server configuration
- remote avatar (Gravatar) support for HTTPS sites
- "views" are now "pages" and "blogs" are now "journals"
- lots of small changes to make the interface more consistent
- pages can now display more than one embedded video at a time
- added a fullscreen button to the internal video player
- added spellchecker and undo button to the WYSIWYG editor
- spam checks now also performed on forum posts
- support for new Youtube Iframe embed code
- optional site-wide maximum quota
- working start/stop overrides on pages
- removal of the obsolete and broken Solr search plugin
- removal of the httpswwwroot setting
- removal of the .htaccess file

1.3.6 (2011-05-10)
- Privilege escalations (CVE-2011-1402)
- Fixes to session key validation (CVE-2011-1403)
- Information disclosure in AJAX calls (CVE-2011-1404)
- Sanitisation of HTML emails (CVE-2011-1405)
- https to http downgrade (CVE-2011-1406)

1.3.5 (2011-03-29)
- Upgrade to HTML Purifier 4.3.0 (includes security fixes)

1.3.4 (2011-03-24)
- Blogs get deleted without sesskey check (CVE 2011-0440)
- XSS in select box validation (CVE 2011-0439)
- Leap2A fixes
- Fix for out of memory errors

1.3.3 (2010-11-07)
- Fix for XSS vulnerability (CVE-2010-3871)
- Fixes to category namespaces and encoding in Leap2a import/export
- Updates to selenium tests
- Fixes to permissions in secret URL views and feedback attachments
- Fixes in view creation wizard, embedded media block, js calendar

1.3.2 (2010-10-08)
- Bug fixes to group homepage, blogs, LDAP authentication, view themes, and embedded video.

1.3.1 (2010-09-17)
- Bug fixes in upgrade from 1.2.x
- Browse user files while in group views
- Reporting of max file size errors on upload
- Fix missing logged out language selector
- Minor fixes in UI workflow, themes & default language pack

1.3.0 (2010-09-10)
- User-configurable home page (Dashboard View)
- Simpler main navigation
- Basic Mahara information & help on home page
- View/artefact feedback enhancements:
- Collections (sets of Views that are linked to one another)
- Plans (task lists)
- Users can change the theme for individual views
- Support for Gravatar profile icons
- Configurable number of items in external feed, blog blocks
- New block types: notifications, recently modified views, recent forum posts
- More user-friendly notifications & help text
- Show entire thread when replying to personal messages
- External objects that have <embed> or <object> tags can be embedded into blog posts, text boxes or uploaded within an HTML file
- Locking of blogposts and files in submitted views
- Atom feeds for public blogs and forums
- new flash-based video player with support for .mp4 files (H.264)
- Moodle Repository plugin support (allows a user's Mahara files to be accessed from their Moodle account)
- Portfolio API to allow import of artefacts from Moodle over MNET.
- Configurable group home page (Group Homepage View)
- Improved ways to add/invite users to invite only and "course membership" groups:
- View submission from group page and from the view itself
- Group categories for use in group searches
- Admin group management page for group deletion/assignment of group admins
- Groups can disable new view access notifictions
- View access to group only notified when the view owner also belongs to the group
- Bulk user import & export (experimental)
- CAPTCHAs replaced with new anti-spam features to make form-filling difficult for bots & check urls in content against known spam blacklists
- Site statistics & graphs in admin area
- Admin page shows link to latest Mahara release & status of cron
- Admin site options grouped into sections
- Record number of page hits on views & display these to the owner
- Facility to disable email addresses after receiving multiple bounces.
- Footer links can be disabled/enabled
- Online users can be disabled
- Indenting of threads can be disabled per-forum
- Active user sessions revoked on suspension
- Full security review of all db queries & templates; automatic template escaping enabled
- New version of HTMLPurifier allows safe <embed> and <object> tags in user html content
- Search options to make users always searchable by their real names & usernames
- Leap2a support updated to version 2010-07

1.2.6 (2010-09-01)
- Better mimetype detection
- New flash-based video player
- Bug fixes including upgrade from 1.0.x, blogpost image button
- 

1.2.5 (2010-07-02)
- Multiple XSS vulnerabilities (CVE-2010-1667)
- Multiple CSRF vulnerabilities (CVE-2010-1668)
- SQL Injection (CVE-2010-1669)
- Removal of dangerous auth plugin configuration options (CVE-2010-1670)
- New version of HTML Purifier fixing an IE-only XSS (CVE-2010-2479)
- Better handling of cron events to avoid sending duplicate emails
- Fix problems when mime_content_type() is missing
- Improved detection of https on Windows
- Set the correct envolope sender for emails sent on cron
- Set the locale in Mahara instead of in language packs

1.2.4 (2010-04-06)
- Bug fixes

1.2.3 (2010-02-08)
- New authentication plugin: SAML
- Various Internet Explorer Fixes
- Blog post deletion fixes

1.2.2 (2009-12-08)
- Fix for broken upgrade in 1.2.1

1.2.1 (2009-12-08)
- Bug fixes

1.2.0 (2009-11-16)
- Mahara now ships with six themes: Aqua, Default, Fresh, Raw, Sunset, Ultima
- Site admins can now disable artefact and blocktype plugins
- Files section rewritten: works without javascript, uploading is easier
- Can extract .zip, .tar.gz and .tar.bz2 files in the files area
- Full Import/Export system with LEAP2A suport, and static HTML export
- Support for submitting views to MNET Peers for assessment (e.g. Moodle)
- View interface sped up, files can be uploaded on the View screen
- UTF8 database now required for new installs (old installs will continue to work)
- Allow more group type/join type combinations, and more control over group creation
- Simplifications to the blog (all users get one blog to start with)
- Added a new blocktype for specifying a license for a View
- RTL language pack support
- Upgraded tinyMCE to version 3.2.5
- Replaced Smarty with Dwoo

1.1.7 (2009-10-29)
- Upgraded HTMLPurifier to 4.0.0
- Fix creation of duplicate user accounts when using LDAP and XMLRPC authentication
- HTTPS logins supported
- Improvements to MNET: windows profile icon importing & links in emails
- Implemented "update user info on login" flag for LDAP
- CVE-2009-3298: Privelege escalation vulnerability
- CVE-2009-3299: Cross site scripting in resume
- Several bug fixes and minor translation updates across Mahara

1.1.6 (2009-08-04)
- Forum e-mail notifications now have a cleaner format, and allow users to unsubscribe immediately.
- Enforce UTF8 database upon installation.
- Upgraded bundled XML feed reader to 1.0.3, multiple bug fixes to RSS handling.
- Wall posts now have a configurable character limit.
- Fixed a very slow query affecting My Groups and user profile pages.
- Many bug fixes across all areas of Mahara.

1.1.5 (2009-06-22)
- Czech strings for Pieforms library
- Bug fixes for embedded media block, multibyte character string handling,
- public forums, email notifications
- Security fixes: multiple xss bugs and information disclosure bug for user files.

1.1.4 (2009-06-11)
- Dutch and Slovenian translations of pieform strings.
- Spanish translation of TinyMCE.
- Increase number of users shown on the admin/staff pages, and sort listing.
- List user institutions on profile page and search results.
- Bugfixes to view feedback, embedded media mimetypes, SSO, and more.

1.1.3 (2009-04-22)
- Fixed XSS vulnerabilities in user views (CVE-2009-0664)
- Prevent arbitrary code execution in html2text library (CVE-2008-5619)
- Allow course groups with membership by request
- Many minor improvements and bug fixes
1.1.2 (2009-03-10)
- Fixed multiple XSS vulnerabilities in user profile data and blogs
  (CVE-2009-0660)
- minor fixes to portfolio import, html validation, default theme and upgrade
  path from 1.0
- added support for embedding slideshare widgets
1.1.1 (2009-02-27)
- a few fixes to the upgrade path from 1.0
1.1.0 (2009-02-26)
- raft of new features over the 1.0 series of Mahara
- ability to copy Views
- many improvements to Groups
- ability to import content from other systems (such as Moodle 2.0)
- user profile pages such as Views
- many other smaller improvements and bugfixes have been made.

1.0.9 (2009-01-29)
- small bugfixes and minor layout improvements
- fixes the blank screens some people were seeing upon installation
- filters HTML that is used in the forums

1.0.8 (2009-01-07)
- fixes a bug that prevented email from being sent
- makes it much easier to install new language packs

1.0.7 (2008-12-23)
- increases the memory limit available to Mahara
- adds a 'powered by mahara' icon and link to the footer
- a few bugfixes

1.0.6 (2008-11-04)
- security fixes for vulnerabilities in 3rd party libraries

1.0.5 (2008-09-25)
- bug and stability fixes around user authentication and MNET

1.0.4 (2008-06-25)
- bug and stability fixes around the administration section

1.0.3 (2008-06-13)
- HTTP level performance improvements
- some MySQL fixes
- improvement to "login as" functionality
- some other bugfixes

1.0.2 (2007-04-28)
- more usability work for the Views interface
- bugfixes for videos in Views
- RSS blocktype is greatly improved, with the ability to show the
  feed icon and a full view of the feed
- bugfixes for SSO, authentication, and search.

1.0.1 (2008-04-09)
- minor bugfixes to the Resume, SSO, and MySQL support