2 $Id: UPDATING.en.txt,v 1.3 2006/06/11 15:24:35 henoheno Exp $
5 INCOMPATIBILITY INFORMATION BETWEEN RELEASES
6 ============================================
8 PukiWiki 1.4.7: Incompatibility from PukiWiki 1.4.6
10 1. Default value of administrator's password ($adminpass) had been changed
11 from "pass" to "(A string never authenticatable)"
12 * Password for PukiWiki 1.4.6 is also usable for 1.4.7
13 * Password format had been changed from 1.4.6 (See BugTrack/709)
15 2. The implementation of "OS command execution after write" had been
16 changed from "with a global variable($update_exec)" to "with a
17 constant(PKWK_UPDATE_EXEC)" for security reason
19 If someone tricks you into using malicious (but obfuscated) plugin,
20 that can simply rewrite $update_exec, to do something nasty.
21 (a vulnerability called "OS command injection")
23 3. Default contents: Page "FormatRule" had been renamed to
24 "FormattingRules" to show text-formatting-rules with edit plugin
27 And the setting "$rule_page" now specifies not "Text Formatting Rules"
28 (No such page ...) but "FormattingRules". (See BugTrack2/118)
30 If you add the page by hand, please don't forget to "freeze" the page!
32 4. Files: These files had been removed
33 pukiwiki.php : If you want it, please just copy index.php
34 skin/default.js : No one use this file ...
36 5. Footnotes: Footnote hyperlinks will never hold "Whole footnote text"
37 but "First N letters of the footnote text"
39 6. Plugins: These plugins will follow $non_list (non-listing filter
40 pattern) setting: attach, popular, related, touchgraph, yetlist
41 (See BugTrack2/140, BugTrack2/175)