Tendenci

* **SECURITY**: Updated exports to prevent potential CSV injection in the exported CSV files.
* **SECURITY**: Added the missing FileValidator to restrict files to images for case studies edit only at admin backend.

* **SECURITY**: Fixed a potential HTML Injection and XSS vulnerability in a few area of admin backend.
* Fixed a ValueError for directory add.

* Added the functionality to allow admin to email pending members or pending corp members.
* Enabled multiple categories and sub-categories for directories.
* Added the sort ability to directory categories with drag-and-drop.
* Added the approve_corpmembership perm so that users can be assigned to approve corporate memberships without granting them the superuser privilege.
* Added a setting to turn on/off private (obscure) url access without login required.
* Added the require_approval field to the corporate membership type with 2 choices "for ALL" and "for Non-Paid Only" (default to "for Non-Paid Only"). Currently, the non-paid corporate memberships are set to pending, while the paid ones are approved automatically. This allows admin to set to require approval for all applicants.
* Updated email to directory owners (If a directory is created from memberships, the owner is the associated member. If a directory is created from corporate memberships, the owners are the representatives.) upon approval.
* Allowed the owners of corp memberships to edit their own pending applications.
* Updated the base class for oauth2_client backend.
* updated gevent version to the latest 20.9.0.
* updated format for corp approve.
* Updated the edit link for memberships admin list - linked "Edit" to the frontend edit page, and "ID" to the backend edit.
* Avoided creating default entity and group in the initial_migrate.
* Added a simple command to show settings (Thanks bernd-wechner).
* Added a FAQs view to the help_files app (Thanks bernd-wechner).
* Tidied layout of the template themes/t7-tendenci2020/templates/base.html (Thanks bernd-wechner).
* Fixed Pay Online button not showing.
* Fixed field lengths in accounts forms (Thanks evanspaeder)
* Fixed empty app list /base/apps-list/.
* Fixed broken list_tables command.
* Resolved an error in firstdatae4.
* Fixed an error in the command settings_build_init_json (Thanks bernd-wechner).
* Fixed x_type initial issue for the firstdatae4.
* Removed the extra "\" in email subject when [full name] is used in subject template for custom forms.

* Updated format for corporate membership view to avoid long labels being cut off

* Fixed corp_membership encoding detection (Thanks evanspaeder)
* Added an edit button for admin on pending corp membership for easy editing
* Fixed a potential encoding issue on memberships import
* Updated memberships and corporate membership imports to use detected encoding instead of hard-coded utf-8
* Updated the corporate membership add to redirect anonymous user to login instead of add_pre if "public can view" is unchecked
* Formated the pricing end date to also show year 889
* Resolved corporate membership types not being imported along with their associated corporate memberships

* Fixed default value not working for boolean field on corporate membership application.
* Fixed profile/add form username limits 894 (Thanks evanspaeder)
* Fixed duplicate slug error on membership app clone 893
* Fixed newsletters are not searchable in Event Logs 892
* Applied strip_control_chars to feed for articles and news to resolve an UnserializableContentError: Control characters are not supported in XML 1.0.