• Fixed moveUploadImage() to better deal with unwanted characters in filename.
• Fixed submit check on add and edit listings pages when using Entities.
• Fixed sort on listings.php caused all listings to be viewed when changing dynamic listing number.
• Fixed search page now checks for empty values before outputting list for feature searches.
• Fixed sidebar now checks for empty values before outputting list for makes.
• Fixed robots.txt default disallows.
• Change default query in xml_site_feed.php will not show sold listings any more.
• Change made xml text editable through the global lang file.
• Change listings.tpl layout to reduce some redundant code.
• Change viewOnPage Function to use ENT_NOQOUTES vs ENT_QOUTES for htmlentities.
• Added password Strength meter for register and change password pages.
• Added set limit clause to members.php.
• Remove old comment code sections.

• Fixed File path disclosure admin.tpl.php. {Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed when adding a new image to an existing listing the listing is now set back to pending.
• Fixed form submit would not submit when using entities for submit values.
• Change update Smarty core to 2.6.26 from 2.6.18.
• Added version check in admin which will alert admin of new version.
• Added Spanish language files for admin and main site.[vectra]
• Added French language files for admin and main site.[gillou63]
• Misc other fixes.

• Fixed Insecure File Upload.{Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed File path disclosure in paycalc.php.{Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed Improper int check in SmartyPaginate.class.php which could lead to Cross Site Scripting vulnerability.{Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed a blind sql exploit in search.php and in listings.php.{Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed improper int check which could lead to SQL Injection in xml_zone_data.php.{Bug Submitted by Andrew Horton of MorningStar Security}
• Fixed “Korea Democratic Republic error” encountered during the install process.
• Fixed \r\n newlines in addlisting description when there was an error adding listing.
• Change admin header.tpl minor text change.

• Fixed FILES array was stripping slashes and caused improper path names in windows environments.
• Fixed typo in admin section.
• Fixed improper thumbnail image display when not using the lightbox feature.
• Fixed phone error message on user edit.
• Fixed delete user image error when deleting user from system.
• Fixed added proper Language defines for useredit page.
• Fixed ability to edit country via dynamic list in useredit and admin list user.
• Change default home page text.
• Change pending list limit and sort order for admin page.
• Added Ability to quick approve a full listing.

• Fixed Add listing bug Parse error: syntax error, unexpected '='.
• Fixed activateProfile user email verification error when new username has an underscore username isn't unobfuscated.
• Fixed use_user_approval error that defaults all users to approved even if user approval is set to enabled.
• Fixed more undefined index errors for E_ALL|E_STRICT checking (I swear I don't know where they all come from).
• Fixed validateName regex for last name on sign up now able to use an apostrophe like in O'Connor.
• Fixed When maint mode is on allow for login of admin to perform tasks all other users remain locked out.
• Fixed markImageMain SQL regression error.
• Fixed image display error when filename has an ampersand in it. The ampersand is stripped from the filename.
• Added max image limit controls for edit and add listings from admin panel(work in progress).
• Added company field for user sign up.
• Added DEFINES for CURRENCY_SYMBOLS_DECIMAL_SEPARATOR and CURRENCY_SYMBOLS_THOUSANDS_SEPARATOR.
• Change number_format functions to use the DEFINES and allows better international support.
• Change moved referrers from db.inc.php to env.inc.php will eventually move into the db.
• Change checkReferer() function refactored logic.
• Change validateUsername function to be in sync with the activateProfile changes.
• Change Build status to stable (I think I finally have enough things working correctly to do this).
• Change xml_site_map.php now automatically detects if using fancy urls and changes on the fly.

• Added data checks for fields if the data is not what is expected returns a form submit error.
• Added more error codes for add and edit listings.
• Added Hit count per listing.
• Fixed width error in members.tpl and poster.tpl with large images.
• Fixed space in image name error spaces are now replaced with -.
• Fixed more error checking for E_ALL|E_STRICT undefined variables.
• Changed image.php reduce null or bad image errors.

• Fixed contact form on error would addslasshes to message removed sql_real_escape_string from viewOnPage function.
• Fixed row count error for uploadListImage which caused issue with admin updates.
• Fixed missing files now added for installer and removed old SQL folder.
• Changed getSearchList and getVehicleCountStats to use GROUP BY instead of DISTINCT.
• Changed better SEO titles and descriptions for listings.
• Changed index images now display title for alt text instead of image 1, image 2, etc.
• Added listing category for better SEO titles.
• MISC clean up and ran through error checking for E_ALL|E_STRICT

• Fixed Incorrect error reporting of image delete in editlistings.
• Fixed Admin cannot delete users picture.
• Fixed Admin mark image as main error.
• Fixed Friend mail error on contact form now displays error message.
• Fixed site url replacement in register user for emails with invalid paths.
• Fixed Incorrect handling of default feature options settings in the admin section.
• Changed Greatly increased the speed of the getRandomImage() function.
• Changed Optimized the admin stats functions.
• Changed Default check box setting in admin maintenance section.
• Changed Error handling routine for contact.php and register.php.
• Changed Default thumbnail handling, images are resized to 350px width and uploaded images are set to 640px
• Added more error handling for image upload in addlistings.php.
• Added error handling for an empty database otherwise a redirect loop occours.
• Added city field to editlistings and addlistings for listings.
• Added Installer with upgrade option.
• Added EMPTY_FRIEND_EMAIL define to Includes/language/en/contact.php language file.
• Added enable/disable stateslist feature in registration to admin center.
• Added XML site feed page xml_site_feed.php.

• Fixed Lang for UNSUPPORTED_DATABASE_TYPE_ERROR changed to DATABASE_UNSUPPORTED_DATABASE_TYPE_ERROR.
• Fixed browse bug by editing getSellerid() function.
• Fixed contact seller bug where an error causes the form to reload dropping the seller and listing details.
• Fixed when deleting a user any image associated with that account is removed also.
• Fixed registration bug when user opts for a generated password not sending password and login url in email.
• Fixed search session issue when browsing listings and then viewing the members/admin listing list.
• Fixed small code validation errors.
• Update Set internal file encoding to UTF8 from Western Latin for all lang files, should help with some issues.
• Change adjusted default sql debug action to redirect now you need to uncomment the setsql debug function for output.
• Change refactor code to allow easier expansion for admin settings and cleaned up old comments.
• Added Admin Receive an email on listing creation.
• Added ability to upload up to 3 images when adding new listings.
• Added an optional listing expiration in days feature.[keanesf]
• Added an optional notification (in Member profile and email) after x days of adding a listing(listing still active).[keanesf]
• Added an optional delete users older than x days that have not activated their account by email verification.
• Added tabbed images to listing details.
• Added Country database for future use.

• Changed default sql error handling in env.inc.php now instead of fatal error it redirects to main listings page.
• Fixed Captcha bug where entering any text would match and allow mail to send.
• Fixed table sorting issue in admin options.
• Fixed contact seller bug by editing getSellerEmail() function.
• Fixed add profile image bug.
• Fixed mark image as main to correctly set secondary image as default when default is removed [leowmjw].
• Update Default theme tpls, when using alternate themes changed to point to the correct includes.
• Added lang definitions for editlisting max size invalid file type errors

• Changed replaced split functions with explode as explode does not parse with regex so it's faster.
• Changed approveImage function to perform better move file checking.
• Removed unnecessary function getListingTitle now perform tite search with getRandomImage.
• Fixed improper checking of ip address checked for not set so no ip address was inserted.

• Fixed error in openauto_auto.sql syntax.

• Changed Refactor database calls to new functions so that it is not only dependent on MySQL (DB independence?).
• Changed Admin listuser.tpl added some boxes and made the user list nicer.
• Changed listings.tpl code to allow use of mod_rewrite SEF urls
• Changed paginate functions to allow for rewrite of SEF links.
• Changed Updated slimbox and mootools js files to support their newest features.
• Changed Refactor database update code for env_update no more adding additional POST vars for new fields.
• Changed logoff function to remove onlineusers table data if logged in user logs off.
• Changed lastActive function to check for logged in or guest users and insert details in onlineusers table.
• Changed Functions that used mysql_result for returned row data to plain query. I could not find a mysqli replacemet.
• Removed Rogue getlistings() request on listings.php should speed up results.
• Removed INET_ATON MySQL specific feature replaced with a function ipConvertLong should work with any unsigned(int).
• Removed link to forums in header.tpl for less editing on start ups.
• Removed getTypesList(), getDriveTrainsList(), getManufacturersList(), they are basically redundent functions.
• Added getTableDataList($table) as replacement for three redundant functions.
• Added Site statistics for admin section, view total listings by type, sold listings, guest and logged in users etc.
• Added new mod_rewrite rules into the .htacces file to allow for SEF urls.(experimental)
• Added New database table onlineusers which holds the visitor tracking info.
• Added Listing approval system that can be turned on or off in the admin section (defaults to off).
• Added User approval system that can be turned on or off in the admin section (defaults to off).
• Added Updated “Find by make or model URL Hack” to codebase [sentry].
• Added Function to display script generation time, time is commented in the bottom footer view page source to see.
• Added 3 new files to Includes/configs for remapping db functions.
• Fixed Function checkIfEmail does not ensure email is matched when a user changes their password from reset.php [leowmjw].
• Fixed Removed function call from contact.php which would add unneeded slashes to your sent emails.
• Fixed Invalid function pagefix on contact.php when send a bad email replaced with correct function viewOnPage.
• Fixed Small validation issues for w3c validation for XHTML strict doctype.
• Misc cleanup of various code and minor bug fixes.

• Fixed line 380 of functions.php removed unneeded reference to error_code = NULL (maybe a bug with PHP4?).
• Fixed bad EOL in the openauto_auto.sql file on line 380 replaced , with :.

• Change reformatted language file structure all pages have a separate lang file. View the upgrade guide located at Upgrade Instructions Guide.
• Change reformatted the theme file structure changed to an override type system. View the upgrade guide located at Upgrade Instructions Guide.
• Change all text should now be located in one of the language files.
• Fixed after fixing the combo-box issue in v1.4.11 I introduced a search issue that is fixed listings.php.
• Fixed E_ALL debugging error undefined index in listings.php.
• Added code to prevent session fixation attacks in env.inc.php.
• Added flag in env.inc.php to turn force compile on/off by setting flag “force_compile_enabled”.
• Added Email Verification for newly registered users [leowmjw].
• Added admin ability to turn on and off Email Verification feature (OFF by default).[leowmjw].
• Added Version details to make it easier to figure out which version you are running.
• Added 3 new button images for the sidebar.
• Removed some misc text and graphics from the userside sidebar.
• Removed Require includes from Captcha.php as they are uneccesary.
• Many other Misc fixes.

• Fixed changing your password then going back to the site, some links result in a redirect loop [raymor].
• Fixed replace comma on line 92 with a colon to fix internal server error [raymor].
• Fixed set second image as main if no image set shows error [leowmjw].
• Fixed search bug for empty search to show all listings on listings.php.
• Fixed make and model combo-box not being populated on the addlisting and editlistings pages.
• Fixed bug introduced in PHP 5.1.2 for new predefined constant CURRENCY_SYMBOL displays odd number.
• Change split file structure for db.inc.php new file for env settings env.inc.php.
• Change when admin adds or edits a listing seller and sellerid not being inserted/updated correctly.
• Change added_on date now inserted when add new listing.
• Change updated install.txt file[raymor].
• Added field fuel_type.
• Added List of the members listed vehicles in their members home.
• Added Multiple image upload in editlistings page.

• Added Tell A Friend functionality
• Fixed defined seller variable being used in sidebar in contact.php
• Fixed preg_replace() No ending delimiter '/' found in contact.php
• Change removed commented code that is not needed
• Change header and footer links can be styled in the style.css
• Change cleaned up codeClean functions through the php
• Added more variable checking for type int

• Added Lightbox function based off of the Slimbox JavaScript
• Added chained drop-down box for quick search and advanced search select a make then the models change
• Fixed path to correct css in the poster.tpl page
• Fixed on the listing page when using the sort functions if the page is in a sub-directory it will take you back to the root directory
• Fixed on the db.inc.php page now checks for a default timezone before trying setting a default
• Fixed no_image image link wrong since migration to the new directory structure
• Change Added inline style to advanced search select boxes

• A re-upload of v1.4.8 with one SQL Fix

• Fixed changed SQL to allow for proper phone number entry old value was 12 new value is 25 to allow for new phone validation scheme
• Fixed made sure validation happens on useredit page as well as registration page
• Fixed Check for edge case in search results for price [leowmjw]
• Fixed Edit Listing shows “View this Listing” after delete [leowmjw]
• Fixed SQL issue where correct admin information was not propagated
• Fixed in certain cases the style.css was not being pointed to correctly
• Change adjusted listing.tpl to not show blank fax and alt phone information
• Added check for html tags and links in listing descriptions [sentry]
• Added 2 new entries in the english lang file for the choose template section

• Added SetPageLimit to slim down page groupings on listings.php [sentry]
• Fixed referrer function not iterating through all checks before redirecting [leowmjw]
• Added entries to the lang file for new registration error texts
• Change ereg and eregi_replace with preg_match and preg_replace
• Change Start preparation for new templates directory structure for use of multiple themes
• Change misc code cleanup

• Fixed search glitch when browsing previous and next pages then viewing a single listing and using the back button messes up your search
• Fixed quick search glitch
• Fixed added strtolower in image.php to resolve watermark failing [Mike Pryslak]
• Fixed/Added Sort by price make or model functionality on listings.php
• Change sold listing automatically sort to the bottom of the listings.php list
• Change when addlisting fails you no longer have to refill all fields
• Change link to get to main listings view to fit with search modifications
• Change featured listings on index have ad title displayed underneath
• Added Vin and Stock numbers to description on listings.php
• Added seller info on single listing details page
• Added Poster page /work in progress
• Added Javascript code to allow for tabs on the listings pages
• Added search by seller id and view all sellers listings
• Added update required fields for user login and required fields

• Changed Moved a lot of hard-coded text into the lang file most of the userside tpl files have all of the text in the lang file now. Exceptions are the header, sidebar and index tpl files
• Fixed listing id is passed as an int

!!!CRITICAL RELEASE!!!

• FIXED bypass login SQL injection attack
• FIXED remote SQL exploit to gather user data by unauthorized user in listing.php
• FIXED unauthorized user escalation in admin section
• FIXED SQL attack vulnerability which allows unauthorized user to change database entries

• Fixed function mismatch typo in the image functions and the image php file [partsnthings]
• Fixed typo in en lang file milage should be mileage
• Fixed typo in functions php for listing_condition in addListing function [sammy95]
• Changed listings.tpl will not display empty fields now if no data is in the db column
• Changed the way random images are displayed on the index page does not show sold autos in the random list
• Added currency symbol in the lang file [gathrawn]

• Fixed Syntax error when importing openauto.sql[galeens]

• Fixed missing brackets around sql query caused errors when not contacting seller
• Fixed invalid id in sidebar.tpl for w3c code validation

• Fixed Refined the search functions so the session was reset when performing a new search
• Added a Loan Calculator page
• Added a “QUICK SEARCH” on the sidebar
• Added a stock # box
• Added Captcha for contact us page
• Added contact seller feature
• Added view changes to listing link on edit listing page
• Added misc new text for new pages in en lang file
• Added Mark as “SOLD” with a watermark
• Changed Text in en lang file
• Removed “static” class functions

• Fixed show proper search results when multiple pages of search results
• Added a search by zip code into search
• Added a search by state into search
• Added VIN for future use maybe checking with CarFax reports
• Added check for empty zip value when adding new or editing a listing
• Changed Reduced ad title to only allow 25 chars to reduce line wrapping when browser text set to large
• Changed Sort order for search items when displayed now shows newest listing first
• other misc fix/changes

• Fixed updated the search
• Fixed bug that only appears in MySQL 5 not allowing the adding or editing of listings
• Changed moved some of the static settings into the admin site settings
• misc fixes/updates

• Added Expanded search functionality
• Added search by min and max price
• Added dynamic content in title when viewing a listing
• Added dynamic keywords when viewing a listing
• Changed Moved all text into the language file except the sidebar.tpl text and link text

• Fixed MySQL column count mismatch
• Changed name= tag to id= in listings.tpl for valid markup

• Fixed no image bug
• Added search function
• Added featured listings on front page
• Added JavaScript onmouseover event to change single listing main image
• Fixed bug for editlistings when logged in as seller
• misc fixes and style additions/changes
• Changed error text input from referrer to ip address

• Initial release