Serendipty 1.3 has been released. This new version of the blogging applications introduces 41 changes. Not only are enhancements and additional features introduced, but also changes to address a nasty cross site scripting issue (security exploit).

Some of the more significant features and enhancements for Serenditpity 1.3 include:

• The karma rating plugin has been upgraded to support nice, CSS-based rating graphics (see this post) and an overall rehaul on the its coding.
• Make the Spartacus plugin be able to use FTP upload, a workaround for SafeMode PHP restrictions. Also add a remote backend for plugin update checks.
• Import scripts for phpNuke and lifetype.

The following is a list of some of the new enhancements according to the Serendipity 1.2-beta1 announcement since Serendipity 1.1:

• Templates for Backend (Entry Editor, Master Template) via Smarty
• New session/login system
• Improved database support for SQLite3 and PDO::Postgresql
  
• IPv6 support

Serendipity 1.1.1 was released to fix a few bugs.  This is the first update to Serendipity 1.1 since it was first released at the end of 2006.  The 1.1.1 update does not include any security fixes so you may not even need to update unless you've experienced one of these bugs:

• Windows IIS server cookie/session authentication problem when not running via HTTPS
• Change execution order of trackbacks to properly send them when a failure occurs
• Display proper plugin permissionship restrictions when the admin user is not part of the group that is restricted
• Fixed a bug that some plugins were not able to properly execute in the entry detail view

In a blog post at the Serendipity site, Garvin also commented on the feature improvements that can be expected for Serendipity 1.2.  Users of the weblog application can expect the following in Serendipity 1.2 once it is released : 

The start of compatibility fixes for PHP applications. Serendipity 1.0.3 released to so the blogging application can properly run under PHP 5.2.0.

Because of the issue with PHP 5.2.0 mentioned before, and the 1.1 release not hastily being pushed out the barnyard, the Serendipity Team has decided to release a 1.0.3 version that fixes the mentioned problem. Complete Story

"Serendipity 1.0.x an PHP 5.2.0 currently do not go well together because of the new PHP ext/filter extension. In the early PHP 5.2.0 cycles this provided a function 'input_name_to_filter' which was later dropped, but not removed from Serendipity 1.0."

Complete Story

The folks at Serendipity have released version 1.0.2 to address cross-site scripting (XSS) vulnerabilities "on the admin backend which could happen if registered authors can be tricked into following a specially crafted URL." The 1.1 Beta 5 also contains this fix along with the following new changes since Beta 1:

1. Themes can now support custom amounts and positions of any number of sidebars (top, bottom, left, right etc.) (more)
2. Usergroups can now configure which plugins/events a group is allowed to execute (more)
3. Added the options to use HTTP-Authentication for your login, which enables you to use secured RSS-Feeds with login credentials
4. Some permalinks oddities when using % in URLs and some other minor fixes.

You can read more details about this release at Serendipity.

Serendipity's own Garvin has some helpful hints. While only those using the blogging application Serendipity will likely only have interest in this post, I thought I would post it up front anyway. There have not been a huge amount of real news from the various blogging applications except for a couple exceptions. Regardless, I like to promote blogging applications as much as I can.

While blogs are really just a subset of content management systems (CMS), they have played a significant role in getting people comfortable to using a modern CMS to drive their Websites. Let's face it, many of us really would not have trusted a database to manage our Web sites and replace our trusty HTML files until we saw how blogs worked. We owe a lot to blogging applications such as Wordpress, Serendipity, and Nucleus.

So with no more delay here is an excerpt regarding one of our favorite blogging applications:

For ages, Serendipity has given users the flexibility to move around plugins in the left/right sidebar. Two sidebars were a usual concept for blogs in the days past, and for surely some more days to come.

But some themes, like the Hemingway theme give people a different approach to surrounding their blog content. The result of a porting discussion on the forums lead me to patch our plugin API.

Serendipity 1.1 already support custom theme options (like special navigation bars, colorsets etc.), and what came out of my recent patch is the functionality to define multiple custom sidebars.

It has been more than a year since I looked at Serendipity. Since my experience with the CMS blog pre-dates the 1.0 era, the best I can do at this time is send you over to NewsForge for their latest review of Serendipity. From time to time, they have been kind enough to include me in their NewsVac. It's only fair that I do the same for them.

New kid on the blog: A look at Serendipity 1.0 - Serendipity is a PHP-based content management system (CMS) for powering blogs and other sites, and has a feature set that should make any blogger happy. After several years in development, the Serendipity team hit the 1.0 mark on June 15. Let's see how the 1.0 release shakes out. [NewsForge]