A new release of Textpattern (news) is available. This version has a focus primarily on security and introduces a number of new changes to the way passwords are handled as well as general security fixes.
Some excerpts from the release announcement:
.htaccess-dist
file in the /files
directory to .htaccess
to prohibit direct URL access to your files.password
function for a long time now. MySQL themselves do not recommend this and, moving forward to TXP 5, our goal is to open up the avenue for using other databases, so to rely on MySQL is counter to this philosophy. We have therefore taken the step of implementing phpass from this point forward.This has the implication that passwords are now case-sensitive.This release also mops up some bits and pieces that snuck into 4.3.0. Namely:
<txp:variable />
when dealing with empty valuesget_pref()
bugs squashedjQuery has also been upgraded to 1.5.1.
For the full announcement, or to download, visit: http://textpattern.com