PukiWiki UPDATING
$Id: UPDATING.en.txt,v 1.3 2006/06/11 15:24:35 henoheno Exp $


INCOMPATIBILITY INFORMATION BETWEEN RELEASES
============================================

PukiWiki 1.4.7: Incompatibility from PukiWiki 1.4.6

   1. Default value of administrator's password ($adminpass) had been changed
     from "pass" to "(A string never authenticatable)"
       * Password for PukiWiki 1.4.6 is also usable for 1.4.7
       * Password format had been changed from 1.4.6 (See BugTrack/709)

   2. The implementation of "OS command execution after write" had been
     changed from "with a global variable($update_exec)" to "with a
     constant(PKWK_UPDATE_EXEC)" for security reason

      If someone tricks you into using malicious (but obfuscated) plugin,
      that can simply rewrite $update_exec, to do something nasty.
      (a vulnerability called "OS command injection")

   3. Default contents: Page "FormatRule" had been renamed to
     "FormattingRules" to show text-formatting-rules with edit plugin
     correctly

     And the setting "$rule_page" now specifies not "Text Formatting Rules"
     (No such page ...) but "FormattingRules".  (See BugTrack2/118)

     If you add the page by hand, please don't forget to "freeze" the page!

   4. Files: These files had been removed
     pukiwiki.php    : If you want it, please just copy index.php
     skin/default.js : No one use this file ...

   5. Footnotes: Footnote hyperlinks will never hold "Whole footnote text"
      but "First N letters of the footnote text"

   6. Plugins: These plugins will follow $non_list (non-listing filter
     pattern) setting: attach, popular, related, touchgraph, yetlist
     (See BugTrack2/140, BugTrack2/175)

