1v0.2.1 2- uid and gid tests now correctly test the user and group that PHP is executing as 3 (requires that exec() or posix functions are enabled) 4- Changed upload_max_filesize and post_max_size return "OK" if current value is 5 equal to recommended value 6- fixed nonstandard naming with a couple locally used constants 7- fixed problem with XHTML validity in cases of not run tests <Thomas Corbiere> 8 9v0.2.0 10- Changes to output code to avoid licensing problems with PHP (CSS was derived code) 11- New test: PhpSecInfo_Test_Session_Save_Path <Thomas Corbiere> 12- API changes! Read the API docs if you're a test developer, and ask questions on the 13 mailing list. 14- rewrote all tests to adapt to API changes (displaying and use current and recommended 15 settings in tests) 16- Added display of "current" and "recommended" settings in test result output 17- Added link to "more info" in output (see Test::getMoreInfoURL) 18- Modified CSS to improve readability 19- added Test::getMoreInfoURL() to generate link to detailed info on external site 20- added PHPSECINFO_TEST_MOREINFO_BASEURL and set to 21 http://phpsec.org/projects/phpsecinfo/tests/ 22- Changed Test_Curl::isTestable() to use extension_loaded. (Thx Thomas Corbiere) 23- Changed Test_CGI::isTestable() to use strpos() instead of preg_match() (Thx Thomas Corbiere) 24- Added isTestable() checks for magic_quotes_gpc and register_globals where 25 tests are not executed if PHP_VERSION >= 6 (Thx Thomas Corbiere) 26- Fixed bug in use_trans_sid.php where parent::_setMessages() wasn't being called. 27 (Thx Thomas Corbiere) 28- Fixed bug in SVN version Test_CGI.php where searching for 'php' instead of 'cgi' in 29 sapi output (what the hell was I thinking? Thx Thomas Corbiere) 30- Fixed potential redeclare weirdness in PhpSecInfo::renderOutput() with PHP5 31- added meta tag to output telling compliant search engines to not index the page 32- Added PhpSecInfo_Test::setTestGroup 33- Fixed memory_limit test to properly report if the option has not been enabled 34 at compile time 35- Added PhpSecInfo_Test::osIsWindows() for checking the OS 36- Fixed NOTICE for undefined string offset in returnBytes when input is 0 37- Fixed NOTICE for undefined offset in table output where $test_results['moreinfo_url'] 38 is not set 39 40 41 42v0.1.2 43- Code is now licensed under "New BSD" license. See LICENSE 44- Added PhpSecInfo_Test_Core_Allow_Url_Include to test for allow_url_include in PHP5.2 and 45 above 46- fix bug in post_max_size check where upload_max_size value was being checked 47- change curl file_support test to recommend upgrading to newest version of PHP 48 rather than disabling support in cURL for 'file://' protocol 49- removed =& calls that force pass by reference in PHP4, so as to not throw PHP5 STRICT notices. 50 It means passing objects by value in PHP4, but this seems acceptable for our purposes (memory 51 usage isn't terribly high). 52- Fixed bug in PhpSecInfo_Test_Session_Use_Trans_Sid where wrong ini key was requested 53 (Thanks Mark Wallert) 54 55v0.1.1a 56- fix bug in phpsecinfo() where debugging code was left in release. ugh. 57- modified test result output to include text version of result type. Color-only results 58 don't work in text-based browsers or cases where browser is overriding styles. 59 60v0.1.1 61- Added PhpSecInfo::getOutput(), PhpSecInfo::loadAndRun() and PhpSecInfo::getResultsAsArray() 62 methods 63- Modified PhpSecInfo::runTests() to fix undefined offset notices 64- Modified PhpSecInfo_Test::setMessageForResult() to fix undefined offset notices 65- Modified PhpSecInfo_Test_Curl_File_Support to skip if PHP version is < 5 (detection of 66 file protocol support relies on PHP5 version of curl_version) 67 68v0.1 69- Initial public release 70