Pre-release announcement for security/antispam release 1.1.6.4
Due to the recent upswing in autogenerated wiki spam, the Wikka development team has decided that an interim security release would be in the best interests of Wikka users. While some of the security/antispam features we’ll be introducing have always been available in the Wikka trunk, we realize that many users would rather install Wikka from a stable distribution. In addition, we have been beta-testing some features on the main site that have not yet made it to trunk. We are preparing an upcoming release (1.1.6.4) that will address several security, spam, and ease-of-use issues.
New enhancements and features will include:
- Introduction of two new administration modules to assist with user administration (including mass removals as a result of bot-generated registrations) and page administration (including a mass reversion
tool to restore spammed/vandalized pages). - New registration features, including moderated registrations, new features to reject autogenerated registrations, and the ability to disable registrations.
- Several new security features to limit or prevent scripted access and to control page, comment, and feedback spam.
- A new action to display information about the structure of the Wikka database.
- A new streamlined Wikka editor with more user-friendly features and a new and improved look-and-feel.
We are diligently working to have this release available as soon as possible. At the moment, our target date for release is by year’s end. We would encourage those willing to run on the cutting edge to consider downloading and testing the 1.1.6.4 development branch. As always, your comments, issue reports, and suggestions are welcome and deeply appreciated.
very good, thaks!
Max
23 Nov 07 at 5:34 pm
Thank you guys for the update and the continued development. The spam is driving me crazy!… can’t wait for the final release
Keith
26 Nov 07 at 11:03 pm
the current revision doesn’t work for me. when I try to login, I get the following mysql error: Query failed: SELECT * FROM wikka_sessions WHERE sessionid=’XYZ…’ AND userid=’admin’ (Table ‘wikka.wikka_sessions’ doesn’t exist)
raff
2 Dec 07 at 7:30 am
I installed (with some kind help from the Wikka developers) the 1.1.6.4 development
http://tmxxine.com/wik/
I have reported a couple of bugs but it seems OK. Looking forward to the final release.
We had a lot of spam problems on the Puppy Linux site that I am one of the admins for http://puppylinux.org/wikka/
Again thanks to help and advice we hope to overcome this.
Thanks guys. Appreciate your work. Fast and efficient code.
Ed Jason
4 Dec 07 at 9:47 am
Has the release date changed? I noticed the tracker still says 12/31/07
Keith
3 Jan 08 at 1:06 am
Keith, looks like this date needs to be changed to the end of this month. Most of the tickets have been addressed, all the devs just need to do is find the time to get together and test everything.
But keep on us about it!
Brian
3 Jan 08 at 5:06 pm
I installed a snapshot out of the 1.1.6.4 branch and I’m seeing the same issue as ‘raff’. What was the fix?
Also, how do I access the new admin modules?
Richard Berg
4 Jan 08 at 12:30 pm
Richard, this was fixed as of 12/2, so if your snapshot was installed prior to that date, you’ll need to do an update. If you’ve upgraded from a previous checkout of 1.1.6.4, you’ll need to add a field to the wikka_sessions table:
alter table wikka_sessions add session_start datetime NOT NULL;For more details, see this ticket.
The new admin modules are in the latest 1.1.6.4 checkout. You’ll need to create a page, then include the action in the page:
{{adminusers}}or{{adminpages}}Hope this helps…
Brian
4 Jan 08 at 5:45 pm
I did an svn checkout just minutes before my bug report. However, I installed on top of 1.1.6.2. Your upgrade fix does not work correctly in this case — I didn’t have a sessions table at all, nor a status column on the users table, etc. Manually copying each line of SQL out of setup/install.php got things working.
Richard Berg
5 Jan 08 at 1:21 am
Richard, just did the same…checked out the 1.1.6.2 version, installed it, then immediately ran ‘svn switch https://wush.net/svn/wikka/branches/1.1.6.4‘ in the working directory. Tables are complete, and I was successful in deleting a test user (logged in from another browser instance) and killing the session. So I’m not too sure why the upgrade didn’t work for you, but it appears to work now!
Brian
15 Jan 08 at 11:23 pm
Has the release date changed? I noticed the tracker still says 2/1/08 … that was 5 days ago.
Keith
6 Feb 08 at 11:03 pm
Thank you, I was missing the registration features, especially moderated registrations.
Andreas
9 Feb 08 at 4:46 pm
Keith, almost there! We have 7 issues remaining to be resolved. Of these, 4 are documentation-related, 1 is a non-critical form enhancement, 1 is a coordination ticket that will be closed once the other 6 are resolved, and 1 addresses the upgrade to WikkaEdit (already completed, working on fine tuning).
So essentially, 1.1.6.4 is ready to go. The dev team is working to get everything wrapped up before the end of the month.
Thanks for hanging in there!
Brian
9 Feb 08 at 6:33 pm
Thank you very much for the update Brian, it is nice not being in the dark. I admire your guy’s work as always
Keith
11 Feb 08 at 5:51 pm
not to be annoying but…. nov 07… did dev stop?
Ben
13 Feb 08 at 8:01 pm
Check it out yourself. There’s been an ugly lot of daily development activity, both on the 1.1.6.4 and 1.1.7 branches. Brian’s comment above should be self-explanatory.
Dario
13 Feb 08 at 8:10 pm