2.3.0

• Implement optional reCAPTCHA functionality for user registration
• Add QR code generation functionality after a URL is shortened
• Fix HTTP response codes for certain endpoints
• Add new instructions for MaxMind geolocation database
• Implement bulk link creation API
• Misc. bugfixes

Security updates ⚠️

• Fixes a critical privilege escalation vulnerability in the setup process. See security advisory for more details.

If you are running any version of Polr <2.3.0, please update to this version due to a security vulnerability in Polr <2.3.0.

Stable 2.2.0

Changelog:

• Implement advanced analytics system with click tracking
• Refactor admin pagination
• Improve performance with Link table indexes and long link hashes
• Implement ApiException and improve API error handling
• Implement long link editing
• Small bugfixes and improvements

Stable 2.1.1

Changelog:

• Resolve #264
• Small fixes and improvements

This patch fixes #264 by changing the class constant USER_ROLES to a class variable to accommodate PHP version 5.5.9.

Stable 2.1.0

Changelog

• Fix XSS security vulnerability with DataTables
• Add DataTables integration for user and link tables
• Add user creation and user edit features to the admin panel
• Remove vendored files -- composer is now required to use Polr
• Other bug fixes and improvements

Known bugs

• #264 affects PHP version 5.5.9; fixed in 2.1.1

Upgrading

• Ensure your dependencies are up to date by running composer install --no-dev -o

Stable 2.0.0

Do not attempt to upgrade from any 1.x release, as there have been breaking changes to the API, configuration, and database structure.

Changelog:

• Changes from RC1
• Option to redirect 404s and disabled short links to the redirect URL
• Setup wording changed

Release Candidate 2.0.0rc1

Changelog:

• Provide more information in setup
• nginx configuration fixes
• Allow API quota change from admin panel
• Implement AngularJS controller for admin panel
• Misc. admin panel front-end changes
• Fix various configuration parsing errors
• Implement API throttling with quotas
• Fix SMTP configuration and usage
• Other bugfixes

Beta 2.0.0b1

Changelog:

• API implemented
• API automatic key assignment, user key assignment #141
• Continuous integration unittests with TravisCI
• Link stats in API lookup #128
• Fixed race condition related to encryption key changes in setup
• Add delete link button #59
• Other misc. bugfixes and improvements

A big thank you to @umpc for helping test this release and providing useful feedback.

Alpha 2.0.0a2

This is an alpha release not suitable for production use.

Implements a number of changes, including a significant rewrite and move to the Lumen (Laravel-based) framework. Database abstraction is now done with Eloquent,

Changelog:

• Lumen PHP web framework
• Blade templating
• composer autoloading
• Better security and extensibility through PDO
• Artisan database migration support
• SQLite support*
• CSRF protection
• Plugin support*
• User-based API key assignment
• API revamping
• More information on user admin panel
• No more relative path mishaps
• Better documentation
• Revamped user interface
• New logo
• Faster iteration from cleaner code

(*) denotes incomplete features

Legacy 1.5.1

The final 1.x release on master.
1.x will no longer be maintained except for critical security updates.

Note: a modern 2.x release or a clone of master should be favoured whenever possible.

Changelog:

• Allow redirect of private front page
• Remove calls to GH raw
• Disable PHP errors
• Deprecate cheery theme
• Use int to stop overflow in DB
• Fix misc. bugs

Stable 1.4.1

Changelog:

• Changes from 1.4.1 Beta
• Fixed "bell curve" issue in admin panel
• General bugfixes
• Fixed bug allowing users to complete registration even if registration is turned off (users' accounts will be inactivated and unusable, so this bug does not compromise the integrity of an instance's links)