Milestone 1.5.11 (2018-12-29) bug #1054: The bbcode2email() function has no localization bug #1057: Add CSRF protection to promote user action bug #1081: openssl_random_pseudo_bytes() is not cryptographically secure bug #1087: LIKE and '_' bug #1095: Radium and Cobalt have unreadable alert on admin index bug #1098: Don't use local aware format for sprintf bug #1124: Where is the start transaction in the db_update.php? enhancement #1089: Time formatting in profile.php enhancement #1097: We need a ban on references in the titles enhancement #1101: SMTP Password field on admin_options page too short enhancement #1103: Ban mail/domain dosent check for duplicates enhancement #1108: Incorrect answer for search results with short text enhancement #1115: Need 503 status for maintenance and error pages enhancement #1121: Require more characters for password Milestone 1.5.10 (2016-06-16) bug #792: Profile and signature img bug #1012: Incorrect coding login.php bug #1017: fix CSS bug #1056: Invalidate only feed caches bug #1058: hash_equals(): Expected known_string to be a string, null given bug #1059: No csrf_token in unsubscibe link of subscription email bug #1062: Edit.php and checkboxes bug #1068: Wrong description for BBCode bug #1072: The DB class for SQLite doesn't maintain string values by default? bug #1075: Empty PHP_SELF somewhere bug #1078: InnoDB check failed bug #1082: Custom title overrides "Banned" enhancement #1019: Refactor/move forum_list_plugins to common_admin.php enhancement #1025: Display error message inline with login form enhancement #1027: Change htmlspecialchars to pun_htmlspecialchars enhancement #1064: error() function, PUN_DEBUG and security enhancement #1066: For long nicknames Milestone 1.5.9 bug #1011: No automatic redirection to install.php bug #1016: Does not work glob() bug #1032: No notifications for users w/ language set to an inexistent language bug #1033: Make it easier to configure frame options header bug #1039: Parser error message no have name tag bug #1040: PHP 7 compatibility bug #1041: Fatal error mysqli_free_result bug #1043: Prevent timing attack bug #1046: Exclude newlines when parsing username in quote tag bug #1049: CSRF attack allows to stick, lock, etc. enhancement #1029: db_update.php: Inline script trips over content security policy Milestone 1.5.8 (2015-01-23) bug #925: Scrollbar in chrome fluxbb1.5.5 bug #949: Use \r\n for SMTP, FORUM_EOL for others bug #951: [url][img] patch doesn't work. bug #963: Add rel="prev", rel="next" and rel="canonical" bug #969: New TLDs not allowed as valid URLs bug #996: Prevent clickjacking attacks bug #998: Bug in validate_redirect() function bug #1001: Remove setting of values in quickpostform bug #1006: [HTB23246] File Inclusion in install.php enhancement #57: Making a new forum is a 2 step process enhancement #810: Improve unread forums tracking enhancement #935: Auto-promotion improvements enhancement #936: Add new group permission to allow moderators to promote users enhancement #941: Remove obsolete global variables enhancement #944: Remove "page 1" when thread or forum has just one page enhancement #947: Improve Air/Earth/Fire design enhancement #948: Require passwords with at least 6 characters enhancement #959: Quick actions from registration email enhancement #965: Avoid double redirect when no new posts are found enhancement #976: [PATCH] Invalidate updated cache files from PHP's Opcache enhancement #992: Drop IE6 support enhancement #997: Make random passwords longer enhancement #1007: Antispam hooks enhancement #1008: Please delete your install.php file task #942: Remove obsolete language strings task #966: Optimize images in FluxBB core Milestone 1.5.7 (2014-10-20) bug #961: Open Redirection Vulnerability bug #990: SQL injection in profile.php