What has changed in this release?

The changelog (contained within this release) is as follows:

* Prevent login attempts from incrementing for inactive users
* Do not check maximum login attempts on re-authentication to the admin panel - tomknight
* Regenerate session keys on password change
* retrieving category rows in index.php (Bug #90)
* improved index performance by determining the permissions before iterating through all forums (Bug #91)
* Better handling of short usernames within the search (bug
#105)
* Send a no-cache header on admin pages as well as normal board pages (Bug #149)
* Apply word censors to the message when quoting it (Bug #405)

* Improved performance of query in admin_groups (Bug #753)
* Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)
* Correct use of default_style config value (Bug #861)
* Replace unneeded unset calls in admin_db_utilities.php - vanderaj
* Improved error handling in modcp.php
* Improved handling of forums to which the user does not have any explicit permissions - vanderaj
* Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions
* Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions
* Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions
* Escape group names in admin_groups.php
* Replace strip_tags with htmlspecialchars in private message subject
* Some changes to HTML handling if enabled
* Escape any special characters in reverse dns - Anthrax101
* Typecast poll id values - Anthrax101
* Added configurable search flood control to reduce the effect of DoS style attacks
* Changed the way we create "random" values for use as keys -
chinchilla/Anthrax101
* Enabled Visual Confirmation by default
* Changed handling of the case where a selected style doesn't exist in the database
* Changed handling of topic pruning to improve performance
* Changed default forum permissions to only allow registered users to post in new forums

What has changed in this release?

The changelog (contained within this release) is as follows:

* Prevent login attempts from incrementing for inactive users
* Do not check maximum login attempts on re-authentication to the admin panel - tomknight
* Regenerate session keys on password change
* retrieving category rows in index.php (Bug #90)
* improved index performance by determining the permissions before iterating through all forums (Bug #91)
* Better handling of short usernames within the search (bug
#105)
* Send a no-cache header on admin pages as well as normal board pages (Bug #149)
* Apply word censors to the message when quoting it (Bug #405)

* Improved performance of query in admin_groups (Bug #753)
* Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)
* Correct use of default_style config value (Bug #861)
* Replace unneeded unset calls in admin_db_utilities.php - vanderaj
* Improved error handling in modcp.php
* Improved handling of forums to which the user does not have any explicit permissions - vanderaj
* Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions
* Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions
* Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions
* Escape group names in admin_groups.php
* Replace strip_tags with htmlspecialchars in private message subject
* Some changes to HTML handling if enabled
* Escape any special characters in reverse dns - Anthrax101
* Typecast poll id values - Anthrax101
* Added configurable search flood control to reduce the effect of DoS style attacks
* Changed the way we create "random" values for use as keys -
chinchilla/Anthrax101
* Enabled Visual Confirmation by default
* Changed handling of the case where a selected style doesn't exist in the database
* Changed handling of topic pruning to improve performance
* Changed default forum permissions to only allow registered users to post in new forums

• Added confirm table to admin_db_utilities.php
• Prevented full path display on critical messages
• Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - AnthraX101
• Added exclude list to unsetting globals (if register_globals is on) - SpoofedExistence
• Fixed arbitrary file disclosure vulnerability in avatar handling functions - AnthraX101
• Fixed arbitrary file unlink vulnerability in avatar handling functions -AnthraX101
• Removed version number from powered by line
• Merged database update files to update_to_latest.php file
• Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery)
• Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - matrix_killer