- Recycle bin (for comments only)
- Action buttons in comment lists moved from aspx pages to htm template
(1.6.2.32)

- Added new RightCategory enum to categorize Rights (made part of existing RightDetailsAttribute).
- Updated Rights page to output rights in category groups.
- Removed "RequireLoginToViewPosts" setting - now checking user's right to "ViewPublicPosts".
- Removed HTML table row in UserService Edit method, instead using template.
- New Post shortcut property "CanUserDeletePost".
- Fixed incorrect Security check in Reject webmethod (issue 11981)
(1.6.2.31)

- Setup default Rights for Anonymous and Editors in rights.xml file, updated default roles.xml and settings.xml files.
- Creating Editors role if it does not exist.
- Defaults for Anonymous and Editors role will be auto-generated to defaults if Rights are missing from data store.
- Added "EditorsRole" to BlogSettings, and made configurable via web.config appSetting.
- Handling Role renames and Role deletions in Rights class so Rights class stays in-sync with changes in Roles.
- Removed the table row HTML from RoleService when rename occurs -- instead now calling JS LoadRoles() which uses template.
- Added missing XML comments to methods.
(1.6.2.30)

- Earlier merge with new Rights system
- Implemented FillRights() & SaveRights() in DbBlogProvider
- Created 2 new DB table for SQL Server, updated DB upgrade script file.
- Centralized check for Administrators and Anonymous role in Right constructor.
- Profile page fix so profile roles are saved.
- New JsonRole class used to remove/disable Editing/Deleting of "system roles" (admin/anonymous).
- Removed Rights tab from Users page - can now get to this via a new Rights link on Roles page (next to Edit/Delete).
- Calling JS LoadRoles() and LoadUsers() when new role/user is added so the same template is used for new table row.
- Url decoding Querystring() function return value (admin.js) to deal with query string values with URL encoded values such as spaces (%20).
(1.6.2.29)

Merge Security Rights fork with 1.6.2.28.

More updates to the rights system. Also fixed a few possible security related problems.

Added CurrentUserOwnsPost to Posts.cs. This method allows for checking a Post against the current user to see if they created it. This should replace the areas through out the code that constantly call for Author name equality.

Fixed a stack overflow problem on the IsAuthorizedTo overload.

Implemented security system on post ratings.

Added a few more Rights. Also extended the functionality of Security.IsAuthorizedTo to checking for any/all Rights in an IEnumerable.

Added comments to the existing Rights enums.

Revision to the whole security system. Implemented with the XmlProvider for loading/saving. Rights section in the admin panel has basic functionality.

Initial test of an implementation of rights for roles and overall improved security. This isn't a full implementation by any means, so users shouldn't download it and actually use it in production situations.

- Removed redundant submit click from post image upload
- Added "go to post" link next to save post button
- Load template calls for users and roles moved to pages
(1.6.2.28)

Merged with tinyMce upgrade

- Added marking post as dirty before comment save in couple places
- Enhancements to the tools menu
- Improved post list filtering and paging
- jquery.cookie.js added (used to remember current page and filter)

- Upgraded tinyMCE to latest version 3.3.9.2
- Fixed issue with Files and Images not uploading on Add Entry page when using colorbox.
- Updated AdminLinks in PostViewBase so the post "edit" link points to the new Add entry page location.
(1.6.2.27)

- Tools dropdown added to comment lists
- Info message when list on the page is empty
- Post save converted to use ajax call
- Some new icons added and minor style changes
(1.6.2.26)

- Page list added
(1.6.2.25)

Merged 1.6.2.23 and 1.6.2.24

- Posts list implementation
- Dashboard added
- Minor design tweaks
(1.6.2.24)

- Added new Language option to recaptcha
- Dropdown list for Extension settings can now have a separate Text and Value
- Removed Defer attribute from Recaptcha script
- Removed Defer attribute from widget admin script
- Now outputting injected script tags at top of Head tag so these scripts (jQuery, etc) will be already loaded for any custom script(s) added to the Head tag of a theme.
(1.6.2.23)

- AjaxHelper page added
- Pingbacks avatars fixed
(1.6.2.22)

Merge with db provider bug fix

Merge with DB provider refactoring