2010/04/12 - media%20server
I am currently in the process of converting the entire media website over to a brand new API. This API should allow for even easier development and modification of the site.
Performance has been improved with changes to the cron.php script that loads information about files. New options have been added for turning off recursive calls to display directories on sites whose file structure doesn’t change very often. The Live template has been improved greatly, adding more accessibility to all the functionality of the site. Development of a new JS template has begun with the inclusion of PHP-EXT, an open source project for generating EXT-JS code based on PHP objects. The settings API is nearing completion; this will allow users to save template information or global site options in their profile.
The smarty template system has been removed because it's ugly, doesn’t abstract code very well, and has annoying structures for manipulating small amounts of information. The new template system uses PHP, which is prettier and more useful, while still offering a lot of abstraction.
Functional templates allow for blocks or pieces of the site to be included anywhere on the page. The new templates include features like quick-lists for file downloading, a brand new Administrative section for enabled and disabling templates and plug-ins, and new interfaces to the most popular plug-ins. Now, templates do not need to generate all the possible links that could be needed. Instead, plug-ins (such as encode, convert, and search) can display a default configuration page, or an “advanced search” page.
The newest version includes a brand new installation process for easy setup. There are thorough instructions for configuring each step, and it generates a settings.php file for you! It also checks all of the dependencies. A new Admin Tools section now supports loading tool plug-ins and a brand new menu system.
This new API comes with several new security features. Creating errors on the site is prevented by the new request processing that completely removes all variables that are not validated. Cross-site-scripting is prevented by a new register_output_vars() function that encodes all variables used in the output templates to be HTML compliant.