XOOPS 2.5.x Changelog (Language changes: see: /docs/lang_diff.txt) =================================== 2.5.10 Final 2019/04/29 =================================== - fix version check in module administration (mage) - fix notification template in boostrap based themes (mage) - fix incorrect message in protector prefix manager (mage) - Warn in admin if using an unsupported version of PHP (security concern) - Add method XoopsLists::getFileListByExtension() - Fix missing jpeg extension in XoopsLists::getImgListAsArray() - Optimize images (mamba) - Allow multiple files in XoopsMediaUploader (luciorota) - change declaration of SystemFineUploadHandler class to abstract in #618 - Add basic support for MySQL 8.0 - Fix potential redirect loop when start module in use - Pass JWT for fineuploader in POST body instead of header (goffy, geekwright) - Change meta_robots config to textbox instead of select - Move protector config files to XOOPS_VAR_PATH/protector - Use Request to access $_SERVER variable in XoopsPageNav - Add Smarty modifiers truncateHtml and a UTF-8 safe truncate - Update protector add overview chart, ip ban button to log - Fix bug in image.php when resizing transparent png (luciorota) - Fix typo error in profile and system userform templates (mamba) - Fix issues in install/page_dbsettings.php (blogged by Nguyen Thanh Nguyen) - Fix stylesheet inclusion in ModuleAdmin - Misplaced MAX_FILE_SIZE (cadch) Updated libraries and assets: - Smarty to v2.6.31 (mamba) - phpmailer to 5.2.26 (mamba) - phpThumb to 1.7.15-201810050741 (mamba) - TinyMCE to 3.5.12 (mamba) - jQuery 3.3.1 (mamba) - jGrowl to 1.4.6 (mamba) - jQuery Form to 4.2.2 (mamba) - jQuery Tablesorter to 2.31.0 (mamba) - HTML Purifier to 4.10 (mamba) =================================== 2.5.9 Final 2017-08-01 =================================== - fix issue with establishing database character set under mysqli - Add PHP4 same name constructor shim in XoopsMailer (geekwright) - Some cleanup in xBootstrap to reduce setup for users, especially with publisher - fix with pre-install reporting (zyspec) - Streamline setup for publisher with xBootstrap (geekwright) - various "Assign by reference" issues in PHP 7 (geekwright/mamba/ggoffy) - Icons for Edit, Delete, Download (bleekk) - use HTML5 br tags consistently (mamba) - Publisher templates cleanup in xBootstrap (geekwright) - Change set charset behavior for mysqli - bug in mysqldatabase.php in XOOPS_DB_CHARSET for PHP < 5.5 (mamba) - Update makedata.php (luciorota) - Backport Smarty securityToken plugin (geekwright) - Add a table property to handlers (geekwright) - Fix occasional issues using xoops_loadLanguage('locale') (geekwright) - Docblock fix for getHandler functions (geekwright) - Correct help/module_index in system (geekwright) - fixed missing language constants (mamba) - Fix Bug #141 for avatar, userrank, smilies(mage) - improved upload class (mage) - fix Report error on database connection (geekwright) - fix Correct protector connection (geekwright) - Update help.tpl (cesagonchu) - Module Changelog in UTF-8 (mamba) - update system_siteclosed for xbootstrap (liomj) - make clean exit after delivering file in browse.php (geekwright) - fix XoopsObjectTree issues (geekwright) - various CSS and template tweaks (geekwright) - xos_kernel_Xoops2 reference issues (geekwright) - Implement Footer Blocks in xbootstrap theme (liamj/geekwright) - Bug in ProfileProfileHandler::get() (geekwright) - XoopsFormDateTime - time only option(geekwright) - Move to HTML5 syntax (geekwright) - changing icons in User Admin for consistency (mamba) - fixes for Publisher templates in xBootstrap (mamba) - Highlight Update System Module in upgrade(geekwright) - add recaptch2 support (mage) - fix login over IPv6 during upgrade (mage) - fix display of HTML5 banners in admin (mage) - profile module, hide ICQ, AIM, YIM and MSNM fields by default - profile module, us dhtml editor for signatures - use public suffix list when determining cookie domain - add polyfill for mb string, most functions always available if without extension - new admin theme - Transition (bitcero) - add XoopsObjectTree::makeSelectElement(), return tree as XoopsFormSelect (geekwright, mage) - Bootstrap form support with XoopsFormRenderer (geekwright, mage) - new templates to allow more consistent theme overrides (geekwright, mage) (system_comments_controls.tpl system_search.tpl system_popup_header.tpl, system_popup_footer.tpl) - Multi-file uploads for Image Manager, Avatars (mage) - PHP 7.1 compatibility fixes (mamba, geekwright) - set XOOPS_COOKIE_DOMAIN during install and set in mainfile.php - recommend Intl extension - add 'rendered' key to XoopsForm::assign(), allows template to choose rendered or by element - add lexikon templates for xBootstrap (bleekk) - removed extras/modules/system/admin/filemanager/ - installer updated - upgrader updated - theme changes: removed sucio and zetagenesis, added xswatch - error in search links (mage) - multiple issues in profile module (mage, trabis, geekwright) - issue with xBootstrap slider (mage) - XoopsFormSelectUsers issues - fix theme selection in install (mage) - Update \ModuleAdmin::renderAbout() PayPal donations (zyspec) - xbootstrap updates (mamba) - XoopsObject returns integer for XOBJ_DTYPE_INT vars - some accessibility fixed (tad0616) - fix serialization issues with XOBJ_DTYPE_ARRAY - deprecate system module "Cookie" class - fix issues reported by JPCERT/CC - fix issues reported by Mustafa Hasan - fix regressions in system theme select block - fix template search order issues - fix white screen issue with text sanitiser wiki support - fix extgallery template issues (mamba) - added missing tooltip.js in transition GUI (ihackcode) - fix issues with transition admin theme (bitcero) - fix moduleadmin message formatting (mage) - move iconv extension from optional to required in install - fix issues publicly posted by jgj212, ADLab of Venustech Updated libraries and assets: - jQuery 3.2.1 (mamba) - jQuery UI 1.12.1 (mamba) - jGrowl to 1.4.5 (mamba) - Tabs jQuery Tools to 1.2.7 (mamba) - jQuery Lightbox to 1.2.3 (mamba) - jQuery Form to 3.5.1 (mamba) - jQuery Tablesorter to 2.26.6 (mamba) - phpThumb to 1.7.14-201607141354 (mamba) - Bootstrap 3.3.7 in xBootstrap theme (geekwright, mamba) - HTML Purifier to 4.9.3 (mamba) - PHPMailer to 5.2.21 - XMF to 1.2.10 - Font Awesome 4.7.0 now included =================================== 2.5.8 Final 2016-05-27 =================================== - replaced "dirname(__FILE__)" with "__DIR__" since the min. PHP is now 5.3.7, and __DIR__ is faster (mamba) - updating some copyright notices (mamba) - fix issues when protector 'id_forceintval' preference is enabled, that manifests as an error when deleting private messages. (rgriffith) - fix for Update setting Template import date to 0 (timgno/mamba) - Adding language constants for Protector's Prefix Manager (slider84/mamba) - allowing for "https" URL in YouTube links in Textsanitizer (mamba) - converting $i++ to ++$i for improved performance (mamba) - reverting couple of $i++ conversions (zyspec/mamba) - updated xBootstrap to Bootstrap 3.3.1 (Angelo Rocha) - Some code cleanup for private messages (Dingjie (Daniel) Yang/rgriffith) - Adding Footer blocks (timgno/mamba) - fixing a bug in xmlrpc.php (wppd/rgriffith) - remove addrFormat override in XoopsMultiMailer (rgriffith) - patch from Xoops 2.5.6 XoopsFormSelectUser is not compatible with some old modules like xNews (luciorota) - fix "setExtra" in moduleadmin.php, Admin buttons can now use "onClick" assignments (mamba) - updated XOOPS copyright to 2016, changed links to http://xoops.org (mamba) - replaced intval() with (int) (mamba) - added possibility to include full icon URL in module's menu.php (mamba) - added strong { font-weight: bold; } to reset.css (mamba) - added .tpl option for module Help files (mamba) - fix moved "count($tagsArray)" and "count($attrArray)" outside of FOR loop in xoopsfilterinput.php (mamba) - add option to set height of Themes block (mamba) - fix: Invalid argument supplied for foreach() (cesagonchu/mamba) - removed -khtml CSS properties (mamba) - fix profile/search (cesagonchu/slider84) - changed minimum image sizes in Image Manager to: 800x600, 1MB (mamba) - added image sort order in TinyMCE image-manager plugin (elpaksu/Peekay) - added Youtube handling enhancements (xd9527/geekwright) - fix system module update issue (zyspec) - fixed multiple issues (CSRF, weak password hash, and directory traversal) reported by hyp3rlinx (geekwright) - fix privileged information disclosure issue reported by Cédric MONTUY (geekwright) - Move to supported PHP mysqli extension for database access (redheadedrod/geekwright) - IPv6 safe in comments, protector, sessions and online - Include XMF library (geekwright) Updated: - TinyMCE to 3.5.11 (mamba) - PHPMailer to 5.2.14 (mamba) - jQuery to 1.12.4 (mamba) - jQuery UI 1.11.4 (mamba) - jGrowl to 1.4.4 (mamba) - phpThumb to 1.7.14-201603240806 (mamba) - HTML Purifier to 4.7.0 (mamba) - Bootstrap to 3.3.6 (mamba) - Snoopy to 1.2.5 (zyspec) - SWF banners to HTML5 (mamba) - extra banners (mamba) =================================== 2.5.7.2 Final 2016-01-02 =================================== This patch for XOOPS 2.5.7 corrects the following issues: - multiple issues reported by Tim Coen (Curesec GmbH) All XOOPS 2.5.7.1 users are advised to apply this patch as soon as possible. Any users that are running an older XOOPS version are advised to update to XOOPS 2.5.7.2 now. =================================== 2.5.7.1 Final 2014-06-20 =================================== This patch for XOOPS 2.5.7 corrects the following issues: - CSRF and XSS issues reported by Dingjie 'Daniel' Yang of Qualsys - XSS and best practice issues reported by Narendra Bhati - Updating docu for the correct version of tablesorter (mamba) - Fix path specified for include (rgriffith, mamba) - added mainfile.php to /extras for use on servers where write to root is not possible (rgriffith) - fix for array issue in pm/viempmsg.php (Roby73/mamba) All XOOPS 2.5.7 users are advised to apply this patch as soon as possible. Any users that are running an older XOOPS version are advised to update to XOOPS 2.5.7.1 now. =================================== 2.5.7 Final 2014/06/14 =================================== - updated XoopsMediaUploader to use system memory values from php.ini, and to offer random file names (mamba/luciorota/zyspec) - added .tpl to XoopsList's getHtmlListAsArray (wizanda) - updating xBootstrap (voltan, Angelo Rocha) - moved all images, CSS, and JS files to /assets in modules Profile and PM (mamba) - renamed .html Smarty templates to .tpl in modules Profile and PM (mamba) - corrected English typos (cesag) - added missing .php file extension (AngeloRocha/Zyspec/rgriffith) - deprecated destoryVars($var) in object.php (cesag/rgriffith) - update phpmailer translation array to include all keys, and remove reassignment of $PHPMAILER_LANG as array() (cesag/rgriffith) - added XoopsRequest class (rgriffith) - removed hard-coded text from installation (mamba) Updated: - TinyMCE to 3.5.11 (mamba) =================================== 2.5.7 RC 1 2014/04/06 =================================== Bugfixes: - fixed System Module image manager html/js bugs (luciorota) - replaced "array_diff_assoc" with "array_diff_key" in /class/theme_blocks.php (masel/mamba) - icons for active module sections in System module not shown correctly (Slider84/mamba) - added two new language definitions (see lang_diff.txt) - added Office 2007 MIME types (Voltan) - added xml MIME type (Goffy) - added new icons (mamba) Updated: - jQuery to 1.11.0 (mamba) - jQuery UI 1.10.4 (mamba) - jQuery Lightbox to 1.2.3 (mamba) - jQuery Form to 3.50.0 (mamba) - jQuery Tablesorter to 2.15.11 (mamba) - jGrowl to 1.2.14 (mamba) =================================== 2.5.7 Beta 1 2014/03/06 =================================== Bugfixes: - ID: 1143 (old ID 430840) class/module.errorhandler.php (uberrookie/zyspec) - ID: 1225 Restore user theme choice during "Remember me" processing. (rgriffith) - ID: 1226 Change value of clickable due to issues centering on CaricaFoto script (rgriffith) - ID: 1227 Sorting bug in Profile module search (Zyspec) - ID: 1246 Fallback to english for admin theme language files if no language specific file exists (rgriffith) - ID: 1261 Fix as proposed by Irmtfan (irmtfan/rgriffith) - ID: 1268 reduce db load if XoopsFormSelectUser is called multiple times in a page load (rgriffith) - ID: 1269 Block template file will not updated after update the module (irmtfan) - ID: 1270 template issue in email notifications (changed X_ITEM_TILE to X_ITEM_NAME) (alain01/slider84/mamba) - ID: 1271 install last page no css/js (tarik/rgriffith)) - ID: 1272 delete functions always return true (rgriffith) - ID: 1273 template duplicate issue (irmtfan) - ID: 1274 prevent multiple inclusions of a module's xoops_version.php (irmtfan/rgriffith) - ID: 1278 _AM_SENDMTOUSERS missed (Mowaffaq/mamba) - ID: 1281 initialize arrays as empty arrays rather than null (rgriffith) - ID: 1285 check if session exists before attempting to start a new one (wishcraft) - ID: 1287 assigning "static" to various class methods (wishcraft/mamba) - ID: 1291 xoops_getModuleOption() did not respect $dirname (rgriffith) - ID: 1382 add cleanup of unused avatar resources to admin maintenance page (rgriffith) - reversing fix for potential lack of rendering css and javascript in Installer on the last screen by culex - removing @ in link[@rel*=style][title] in styleswitch.js (not needed in jQuery 1.83) (SMEDrieben/Mamba) - added missing "`" in upgrade from 2.0.18 to 2.3.0 (mamba) - fixing errors in upgrade from 2.4.0 to 2.4.1 (mamba,voltan) - added check for menu link description in ModuleAdmin - fixed wrong return icon in Smarty xoModuleIcons32 - fixed issue with jGrows in xoops.css (xoobaru/tarik) - fix for deprecated "preg_replace/e" function in PHP 5.5 (mamba) - added: check if 'date.timezone' is set in php.ini, if not, set it to UTC (cesag/mamba) - assigned _SHORTDATESTRING to _CAL_FORMAT to have consistency in local languages (jcweb/guspel) - fixed bug in calendar.js (mamba) - added link to Module's Admin after "Update" (currently only to XOOPS Modules section) (mamba) - added placeholder for a link to upload test data, if available after installation (mamba) - solved bug into PM module readpmsg.php (escrime-info/slider84) - fixed missing check on variable in userinfo.php (cesag/mamba) - replaced extract($_POST) in /include/comment_delete.php with filters (mamba) - adding some missing generic default fonts (mamba) - removing some unreachable statements (mamba) - replacing deprecated HTML tags (mamba) - bug in commentrenderer.php (Roby73/irmtfan) - added missing info about new language constants in Fast Comments (irmtfan/mamba) - fixed Undefined index: uid in file /modules/profile/userinfo.php line 24 (cesag/mamba) - set minimum PHP version to 5.3.7 (mamba) - added missing apostrophe corrections for Date types in CleanVars in /class/model/write.php - added function escape to XoopsMySQLDatabase, needed for Formulize (jegelstaff) - added blank.gif images to ModuleAdmin icons (timgno) - addedd [soundcloud] BB code as supplied by (iHackCode/rgriffith) - fix for cancel button in javascript (currently it still entered the text, even if canceled) (mamba) - added "module_status" to show with module Version (mamba) - patch for input validation bypass issue reported by Tatane (tatane/rgriffith) - change default value for usercookie config to match change in 2.6.0. (rgriffith) - correct method used to determine the current effective language.(rgriffith) - fix errors "PHP Strict standards: Redefining already defined constructor" under PHP 5.5 (rgriffith) - fix to correctly load the CSS file into the header in ModuleAdmin (Bleekk, Alfred) - added "title" to buttons in DHTML Editor (mamba) - updated required PHP and XOOPS versions, module versions in modules (cesag/mamba) - added xBootstrap theme (UI/UX Team: Angelo Rocha, Bleekk, Heyula) - added extra escape for "e" in YESTERDAY definition in locale.php, which was added in PHP 5.4 (madDan) - fixed PHP minimum version comparison in ModuleAdmin (mamba) - fixed System Module image manager and popup image manager save images in different directories(luciorota) - added PHPDoc comments for classes and functions (mamba) Security fixes - XSS issues reported by Mehdi Dadkhah (rgriffith) - Fix security issues reported by Pedro Ribeiro of Agile Information Security (rgriffith) - Fix XSS issue reported by Manuel Garcia Cardenas (rgriffith) Updated: - jGrowl to 1.2.13 (mamba) - jQuery Form to 3.42.0 (mamba) - HTML Purifier to 4.6.0 (mamba) - Smarty to 2.6.28 (mamba) - TinyMCE to 3.5.10 (mamba) - prototype.js to 1.7.1, Aug 2012 (rgriffith) =================================== 2.5.6 Final 2013/04/21 =================================== Bugfixes: - updated English translations (Cesag,Mamba) - extra check for $noHtml in XoopsEditorHandler->get (luciorota) - fixing $GLOBAL typo in jquery.php (Zyspec) - improving protection against spam by turning off registration's 1st step saving (timgno) =================================== 2.5.6 RC1 2013/03/25 =================================== Bugfixes: - Array to string conversion (geekwright/mamba) - issues with missing xoopscomments table (geekwright/sabahan/Mamba) - bug with using reference for non-variables (geekwright/mamba) - number of users when "all groups" selected was wrong (tatane/mamba) - fix for potential lack of rendering css and javascript in Installer on the last screen (culex) - fix for missing Protector logo under PHP 5.4 (mamba) - replacing ereg with preg_match in userutility.php (pmartina/paul) - #1219 dhtmltextarea editor accent not displayed (cesag/alain091) - added missing call for user language in /profile/index.php (xoobaru/zyspec) Security fixes - XSS/CSRF vulnerability in system/admin/groupperm.php (Dingjie Yang,Qualys/trabis) - XSS/CSRF vulnerability in system/modulesadmin/main.php (Dingjie Yang,Qualys/trabis) - XSS/CSRF vulnerability in system/admin/blocksadmin/main.php (Marcin,Ariko-Security Team/trabis) - LFI vulnerability in system/admin/tplsets/jquery.php (Marcin,Ariko-Security Team/trabis) =================================== 2.5.6 Beta 2013/01/22 =================================== Security fixes: - XSS (Cross Site Scripting) vulnerability in Maintenance (Dingjie Yang,Qualys/trabis) Bugfixes: - errors related to static functions, so it works on PHP 5.4 (Mamba) - bug #1245 in class XoopsLoad.php (Alain91) Updated: - TinyMCE to 3.5.8 (mamba) - Smarty to 2.6.27 (mamba) - jQuery to 1.8.3 (mamba) - jQueryUI to version 1.10 (mamba) Added: - Fast Comment Hack (Voltan) =================================== 2.5.5 Final 2012/04/15 =================================== Bugfixes: - preventing division by zero in pagenav.php (timgno) - ID: 3466534 tooltip "$ not defined" fix (culex) - ID: 3513787 wrong cookie_domain (arion92fr) - ID: 3518291 Fix of variables assigned by reference in formelementtray (mamba) - problem in formtextdateselect (wishcraft) Updated: - phpThumb to 1.7.11 (mamba) - jGrowl to 1.2.6 (mowaffaq/mamba) =================================== 2.5.5 RC 2012/03/14 =================================== Bugfixes: - ID: 3494895 When changing the # of visible entries in Protector, it goes to Admin (jcweb/mamba) - ID: 3494894 Calendar shows 40 days (peekay/mage) - ID: 3494896 Image Manager category creation restrictions (voltan/mage) - ID: 3494893 PM Messages deleted from Saved box (Danielw42/mage) - ID: 3501897 Protector errors (cesag/XavierS) - ID: 3511204 TinyEditor only loading in the 'Scoop' part of the News module (peekay/XavierS) - ID: 3511205 Bug in fresh install in page_configsave.php (XavierS) Improved: - replacing "msnbot" with "bingbot" in Protector (mamba) Updated: - HTML Purifier to 4.4.0 (mamba) - TinyMCE to 3.4.9 (mamba) - jQuery to 1.72 (mamba) - jQueryUI to version 1.8.18 (mamba) =================================== 2.5.5 Beta 2012/02/19 =================================== Security fixes: - XSS (Cross Site Scripting) vulnerability in PM module and tinymce (High-Tech Bridge Security Research Lab/trabis) Bugfixes: - Templates Manager does not handle single quotes correctly (trabis) - $xoTheme->addScript('', '', 'content here'); causes duplicate CDATA on cached pages (wishcraft/trabis) - System admin maintenance table names are incorrect if db_prefix length is not 4 (trabis) - System admin users advance search displays wrong results when using 'contains' or 'equal' in some fields (trabis) - System admin users pagination not working correctly for some fields (trabis) - System admin users blank page when site as many users (trabis) - /class/object.php deprecated message, should be /class/xoopsobject.php (mamba/trabis) - /class/module.php deprecated message, should be /class/xoopsmodule.php (mamba) - /class/user.php deprecated message, should be /class/xoopsuser.php (mamba) - ID: 3443381 Images stored in database not given correctly in edit mode (mage) - ID: 3201929 Change upper limit for Banner impressions (mamba/mage) - ID: 3432275 html structure (kris_fr/mage) - ID: 3461539 Incorrect value for setOrder() in modulesadmin/main.php (mage) - ID: 3469896 When deleting client, it doesn't delete finished banners (mamba/mage) - ID: 3442270 Date format and Xoops 2.5.4 (cesag/formuss) Improved: - Add key 'uid' on 'groups_users_link' table to allow joining 'users' table with better performance (trabis) - Add Comments, Templates, and Uninstall links to Module's Admin (mamba) Updated: - TinyMCE to 3.4.8 (mamba) - jQuery to 1.71 (mamba) - jQueryUI to version 1.8.17 (mamba) - PhpMailer to version 5.2.1 (mamba) =================================== 2.5.4 Final 2011/11/20 =================================== Bugfixes: - ID: 3430112 Java problem in xoops editor (voltan/mamba/trabis) - dhtml smilie is always inserted in the end (mamba/trabis) - tinymce using body background color (trabis) - jquery ui css no loaded correctly on admin side (trabis) - ID: 3432017 HTML tags not closed (kris_fr/mamba) Updated: - updated jQuery to 1.7 (mamba) =================================== 2.5.4 RC 2011/10/10 =================================== Bugfixes: - quoteConv causing problems with large number of quotes (Roby73/trabis) - Cache bug. The key's not generated correctly (andrey3761/trabis) - ID: 3425970 Unknown: Function split() (cesag/trabis) - ID: 3424295 Undefined index: tplset (cesag/trabis) - Preferences not using description field correctly, tooltip showing title and description without space (trabis) - Extra height in admin page when warnings are not displayed (timgno/trabis) - Files loaded with browse.php (*.js, *.css, etc) are not cached by the browser (trabis) - ID: 3421180 CBB 4.05 and Xoops 2.5.4 error with Framework (cesag/trabis) Improved: - Replacing deprecated Database::getInstance(); calls with XoopsDatabaseFactory::getDatabaseConnection(); (trabis) - Logging deprecated methods and files that will be removed on XOOPS 2.6.0 (trabis) =================================== 2.5.4 Beta 2011/10/05 =================================== Bugfixes: - Remove a call of non existing css file in admin menu - ID: 3419812 Drag and drop Xoops 2.5.3 bug (cesag/trabis) - Calendar form element does not work properly (trabis) - Make sure xoops_data/data is writable during install (trabis) - ID: 3419332 Logout bug (cesag/trabis) Updated: - Update jQueryUI to version 1.8.16 (voltan) - Update tinymce to version 3.4.6 (ForMuss) - Update PhpMailer to version 5.1 (dhsoft) - Update jQuery o version 1.6.4 (ForMuss) - Update Core modules (PM, Profile, Protector) to ModuleAdmin GUI (mamba) Deleted: - Delete xoops_lib/data/secure.php file for exclude update error =================================== 2.5.3 2011/10/03 =================================== Bugfixes: - Style switcher does not work on default admin GUI(trabis) - Reverting fix for bug ID: 2672723 Changed the code in Install to omits the SQL command: "ALTER DATABASE ... CHARACTER SET ..." (trabis) =================================== 2.5.2 Final 2011/09/29 =================================== Bugfixes: - ID: 3416069 - avatars upload problem (cesag/trabis) - MyTextSanitizer::htmlSpecialChars() using UTF-8 by default (trabis) - System Waiting block produces queries for inactive modules (trabis) - 'Selected modules does not exist' if using inactive module on startpage (trabis) =================================== 2.5.2 RC 2011/09/06 =================================== Security fixes: - Removed support for script driven images!!! (High-Tech Bridge Security Research Lab/trabis) - Fixed XSS (Cross Site Scripting) vulnerability in /include/formdhtmltextarea_preview.php (High-Tech Bridge Security Research Lab/trabis) Bugfixes: - Protector Module - Added stopforumspam option (trabis) - Modules admin does not show update warning for modules that have no main. (trabis) - ID: 3411696 custom avatar is not deleted after user change avatar (sabahan) - XoopsCaptcha does not load captcha configs correctly (trabis) - XoopsCaptcha is not allowing the use of Frameworks folder (trabis) - XoopsCaptcha(Method) is not extensible enough, can't add new captcha methods without hacking (trabis) - ID: 2909799 Unbalanced [quote] introduces unbalanced
tags in 2.4.5 Final/madreus)(trabis)
- Templates that use xoAppUrl or xoImgUrl (themes/default/modules/system/system_redirect.html, etc) do not compile correctly during module update (trabis)
- XOOPS_SYSTEM_COMMENT not defined, comment permissions not working correctly (trabis)
- Banner count being incremented in admin pages and twice for redirect pages (trabis)
- ID: 2153663 (Preview function/anderssk) (trabis)
- ID: 2929230 (DHTML AJAX can tackle server/ghia) (trabis)
- ID: 3033138 (XoopsLists::getHtmlList method needs updating/zyspec) (trabis)
- ID: 3023820 (Error in folder class/formuss) (trabis/formuss)
- XoopsFormDhtmlTextArea validation not working (trabis)
- Removing file class/xoopsform/formtree.php, class is not working and not following Xoops naming conventions (trabis)
Design Fixes:
- update legacy admin gui (change link in header) - xoops 2.5.0 (kris_fr)
- correction of image links and cleaning css code in legacy admin gui (kris_fr)
- correction and cleaning css code and deleting unused images in installer (kris_fr)
- correction define language, cleaning css code and deleting unused files in zetadigme admin gui (kris_fr)
- fix tooltips in zetadigme admin gui (kris_fr)
- design template system_preferences.html in zetadigme admin gui (kris_fr)
- suico theme : delete french language, correction filemanager link and language define for baradmin/footerstatic, add if no avatar in userbar popup (kris_fr)
- suico theme : minors fixes for list : ol li (kris_fr)
- fix suico thm for ie (kris_fr)
- fix and cleaning css code in modules/system/css (kris_fr)
- complete generic class in modules/system/css/class.css (kris_fr)
- rebuild default admin gui based by morphogenesis 3.1.3 (voltan)
* incativ orange skin (voltan)
- add new style Sheet for installer and upgrade script (voltan)
- update zetagenesis theme for xoops 2.5.0 : add new links, images and language defines in footer admin (kris_fr)
- minors fixes css in zetagenesis theme : link hover for #xo-logger-tabs, accordion transition effect (kris_fr)
- remove old tag/style css in system blocks templates - replace by generic class (kris_fr)
- complete xoops.css with basic styles and generic class used in system module, themes and admin gui (kris_fr)
- replace old/tag styles by generic class for module system templates (kris_fr)
- little cosmetic cleaning / generic class in admin templates (kris_fr)
- cosmetic cleaning / generic class in pm module templates (kris_fr)
- cosmetic cleaning / generic class in profile module templates (kris_fr)
- cosmetic cleaning / generic class in php files (kris_fr)
- add xoops.css to system_imagemanager.html (kris_fr)
- add imagemanager.css for imagemanager.html (voltan)
- redesign fatal error message (kris_fr)
- redesign upgrade process (kris_fr)
- complete legacy admin gui : icons missing and link for help page (kris_fr)
- fix block theme with pm module (kris_fr)
- fix td align in pm_pmlite.html (kris_fr)
- fix cookie Styleswitch - problem with old orange style for default admin gui (kris_fr)
- fix color link under ie8/9 in default admin gui footer (kris_fr)
- add help page in zetadigme admin gui (kris_fr)
XOOPS:
- user.php: User page
* Change destroy session for jGrowl redirection
- xoops.css: Xoops stylesheet
* Add jGrowl style
- class/smarty/xoops_plugins/resource.db.php: Smarty plugin (Modify)
* Search template for module, permit to have two template with the same name in different module
* Construct template path for front and backend side
* Fix an error for find template
- class/smarty/xoops_plugins/compiler.xoAdminIcons.php: Smarty plugin for find icons (Add)
- class/smarty/xoops_plugins/compiler.xoAdminNav.php:: Smarty plugin for breadcrumb (Add)
- class/theme.html: XOOPS Theme (Modify)
* Change path to admin theme
- include/defines.php: XOOPS Constants (Modify)
* Change path and url for admin area
- xoops_lib/Frameworks/jquery/jquery.js: JQuery file (Modify)
* Update jQuery to latest version
- xoops_lib/Frameworks/jquery/plugins/jquery.form.js (Add)
- xoops_lib/Frameworks/jquery/plugins/jquery.jgrowl.js (Add)
- xoops_lib/Frameworks/jquery/plugins/jquery.lightbox.js (Add)
- xoops_lib/Frameworks/jquery/plugins/jquery.tablesorter.js (Add)
- xoops_lib/Frameworks/jquery/plugins/jquery.ui.js (Add)
- include/comment_form.php (Modify)
* Add choice of text editor module system in the comment form
Install:
- install/include/makedata.php: Save default data for system module (Modify)
* Add some new setting in config table and new template for admin
- install/language/english/mysql.lang.data.sql: SQL data
* Change folder location
System module:
- /modules/system/admin/modulesadmin/modulesadmin.php
* Adding extra module-related links to the just installed modules (Add) Mamba
- modules/system/header.php: System constants (Add)
* use specific header for all system module
- modules/system/admin.php: Admin main page (Modify)
* use system function for load admin language file
* use template for main admin page
* Use function for get system setting
- modules/system/help.php: Help page (Add)
* Add content to help index page and first page of all modules (Voltan)
- modules/system/constants.php: System constants (Modify)
* Add new constant variables for system module
- modules/system/menu.php: System menu (Modify)
* Use user right for manage menu
- modules/system/class/gui.php: Xoops Cpanel GUI abstract class (Modify)
* Manage template file in admin side and move admin theme in specific folder
- modules/system/class/cpanel.php: Xoops Cpanel class (Modify)
* Change path to admin theme
- modules/system/xoops_version.php: System setting (Modify)
* Clean code and add admin template and system settings
- modules/system/blocks/system_blocks.php (Modify)
* Add waiting content for some modules
pm module:
* Changing the admin menu. Using the menu generated by the module system
- modules/pm/admin/admin.php (Modify)
- modules/pm/admin/header.php (Modify)
- modules/pm/admin/prune.php (Modify)
- modules/pm/changelog.txt (Modify)
- modules/pm/xoops_version.php (Modify)
profile module:
* Changing the admin menu. Using the menu generated by the module system
- modules/profile/admin/category.php (Modify)
- modules/profile/admin/field.php (Modify)
- modules/profile/admin/header.php (Modify)
- modules/profile/admin/header.php (Modify)
- modules/profile/admin/permissions.php (Modify)
- modules/profile/admin/step.php (Modify)
- modules/profile/admin/user.php (Modify)
- modules/profile/changelog.txt (Modify)
- modules/profile/xoops_version.php (Modify)
Templates:
- modules/system/templates/admin: Folder for all admin template files (Add)
- modules/system/templates/admin/index.html: Secure HTML file (Add)
- modules/system/templates/admin/system_header.html: Template for breadcrumb, tips and help (Add)
- modules/system/templates/admin/system_avatar.html: Template for avatars (Add)
- modules/system/templates/admin/system_banners.html: Template for banners (Add)
- modules/system/templates/admin/system_blocks.html: Template for blocks (Add)
- modules/system/templates/admin/system_blocks_item.html: Sub template for blocks (Add)
- modules/system/templates/admin/system_comments.html: Template for comments (Add)
- modules/system/templates/admin/system_groups.html: Template for groups (Add)
- modules/system/templates/admin/system_images.html: Template for images (Add)
- modules/system/templates/admin/system_mailusers.html: Template for mail to users (Add)
- modules/system/templates/admin/system_maintenance.html: Template for maintenace (Add)
- modules/system/templates/admin/system_modules.html: Template for modules (Add)
- modules/system/templates/admin/system_modules_confirm.html: Template for modules (Add)
- modules/system/templates/admin/system_preferences.html: Template for preferences (Add)
- modules/system/templates/admin/system_smilies.html: Template for smilies (Add)
- modules/system/templates/admin/system_templates.html: Template for templates (Add)
- modules/system/templates/admin/system_userrank.html: Template for user ranks (Add)
- modules/system/templates/admin/system_users.html: Template for users (Add)
- modules/system/templates/admin/system_help.html: Template for help (Add)
- modules/system/templates/admin/system_index.html: Template for index (Add)
Help:
- modules/system/language/english/help/avatars.html: Help file for avatars
CSS:
- modules/system/css: Folder for CSS file (Add)
* Create a folder for put all CSS file used by system module
- modules/system/css/index.html: Secure HTML file (Add)
- modules/system/css/admin.css: CSS file for system module (Add)
- modules/system/css/button.css: CSS file for buttons (Add)
- modules/system/css/class.css: CSS file for standard class (Add)
- modules/system/css/admin.css: CSS file for help section (Add)
- modules/system/css/lightbox.css: CSS file for help lightbox (Add)
- modules/system/css/help.css: CSS file for help pages (Add)
- modules/system/css/code_mirror/*: Code mirror stylesheet files
Images:
- modules/system/images/icons/*: Icons folder (Add)
- modules/system/images/breadcrumb/*: Breadcrumb folder (Add)
- modules/system/images/mimetypes/*: Mimetypes folder (Add)
- modules/system/images/bg_button.gif: Background images button (Add)
- modules/system/images/loading.gif: Loading images (Add)
- modules/system/images/spinner.gif: Small loading images (Add)
- modules/system/images/bg_content.gif (Delete)
- modules/system/images/bg_menu.gif (Delete)
- modules/system/images/check.gif (Delete)
- modules/system/images/hbar_left.gif (Delete)
- modules/system/images/hbar_middle.gif (Delete)
- modules/system/images/hbar_right.gif (Delete)
- modules/system/images/info.gif (Delete)
- modules/system/images/install.gif (Delete)
- modules/system/images/logo.gif (Delete)
- modules/system/images/menu.gif (Delete)
- modules/system/images/powered_by_xoops.gif (Delete)
- modules/system/images/uninstall.gif (Delete)
- modules/system/images/update.gif (Delete)
- modules/system/images/xoops2.gif (Delete)
JS:
- modules/system/js: Folder fo JS files (Add)
- modules/system/js/index.html: Secure HTML file (Add)
- modules/system/js/admin.js: Main JS file for system module (Add)
Breadcrumbs:
- modules/system/class/breadcrumb.php: Class for breadcrumb toolbar
* Manage the breadcrumb in system module
Thumbs:
- modules/system/class/thumbs: Thumbs class for avatar and image gallery (Add)
* Class for generate thumbs images
Avatars:
- edituser.php: Xoops edit user page (Modify)
* Create a specific folder in uploads directory for avatars
- modules/profile/edituser.php: Profile edit user page (Modify)
* Create a specific folder in uploads directory for avatars
- modules/system/admin/avatars/xoops_version.php: Avatars configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/avatars/main.php: Main avatar managment (Modify)
* Code cleanup and use of a specific class to manage Avatars
- modules/system/class/avatar.php: System class for Avatars (Modify)
* Manage avatars with a specific class
- modules/system/language/english/admin/avatar.php: Avatar define variable (Modify)
* Changed define name to follow XOOPS standard
Banners:
- modules/system/admin/banners/xoops_version.php: Banners configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/banners/main.php: Main banners managment (Modify)
* Code cleanup and use of a specific class to manage Banners
- modules/system/admin/banners/banners.php (Delete)
- modules/system/class/banner.php: Banners Class Manager (Add)
* Manage banners with a specific class
- modules/system/class/bannerclient.php: Banners Client Class Manager (Add)
* Manage banners client with a specific class
- modules/system/class/bannerfinish.php: Banners Finish Class Manager (Add)
* Manage banners finish with a specific class
- modules/system/language/english/admin/banners.php: Banners define variable (Modify)
* Changed define name to follow XOOPS standard
Blocks:
- modules/system/admin/blocksadmin/xoops_version.php: Blocks configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/blocksadmin/main.php: Main block managment (Modify)
* Code cleanup and use of a specific class to manage Blocks
- modules/system/admin/blocksadmin/blockform.php (Delete)
- modules/system/admin/blocksadmin/blocksadmin.php (Delete)
- modules/system/class/block.php: Block Class Manager (Add)
* Manage blocks with a specific class
- modules/system/class/blocklinkmodule.php: Block link to module Class Manager (Add)
- modules/system/class/cookie.php: Class for manage cookie
- modules/system/language/english/admin/blocksadmin.php: Block define variable (Modify)
* Changed define name to follow XOOPS standard
Comments:
- modules/system/admin/comments/xoops_version.php: Comments configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/comments/main.php: Main comments managment (Modify)
* Code cleanup and use of a specific class to manage Comments
- modules/system/admin/comments/admin_header.php: Comment Header (Modify)
- modules/system/admin/comments/comment_delete.php: Comment delete file (Modify)
- modules/system/admin/comments/comment_edit.php: Comment edit file (Modify)
- modules/system/admin/comments/comment_post.php: Comment post file (Modify)
- modules/system/language/english/admin/comments.php: Comment define variable (Modify)
* Changed define name to follow XOOPS standard
Find users:
- modules/system/admin/findusers/xoops_version.php: Find user configuration files (Delete)
- modules/system/admin/findusers/main.php: Main find user managment (Delete)
- modules/system/language/english/admin/findusers.php: Find user define variable (Delete)
Groups:
- modules/system/admin/groups/xoops_version.php: Groups configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/groups/main.php: Main groups managment (Modify)
* Code cleanup and use of a specific class to manage Comments
- modules/system/admin/groups/groupform.php (Delete)
- modules/system/admin/groups/groups.php (Delete)
- modules/system/class/group.php: Group Class Manager (Add)
* Manage group with a specific class
* Add All check box for group form
- modules/system/language/english/admin/groups.php: Groups define variable (Modify)
* Changed define name to follow XOOPS standard
Images:
- modules/system/admin/images/xoops_version.php: Images configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/images/main.php: Main Images managment (Modify)
* Code cleanup and use of a specific class to manage Images
- modules/system/language/english/admin/images.php: Images define variable (Modify)
* Changed define name to follow XOOPS standard
Mail users:
- modules/system/admin/mailusers/xoops_version.php: Mail to users configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/mailusers/main.php: Main mail to users managment (Modify)
* Code cleanup and use of a specific class to manage Mail to users
- modules/system/admin/groups/mailform.php (Delete)
- modules/system/admin/groups/mailusers.php (Delete)
- modules/system/language/english/admin/mailusers.php: Mail to users define variable (Modify)
* Changed define name to follow XOOPS standard
Maintenance:
- modules/system/admin/maintenance/xoops_version.php: Maintenance configuration files (Add)
* Changes to use the same variables for image and help
- modules/system/admin/maintenance/main.php: Main Maintenance managment (Add)
* Use a specific class for manage maintenance
- modules/system/admin/maintenance/dump: Folder for database dump (Add)
- modules/system/class/maintenance.php: Maintenance Class Manager (Add)
* Manage maintenance with a specific class
- modules/system/language/english/admin/maintenance.php: Maintenance variable (Add)
* Changed define name to follow XOOPS standard
Modules:
- modules/system/admin/modulesadmin/xoops_version.php: Maintenance configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/modulesadmin/main.php: Main Maintenance managment (Modify)
* Update code and use drag'n drop for define position
- modules/system/modulesadmin/modulesadmin.php: Modules functions (Modify)
* Change header file and change log display
- modules/system/language/english/admin/modulesadmin.php: Maintenance variable (Modify)
* Changed define name to follow XOOPS standard
Preferences:
- modules/system/admin/preferences/xoops_version.php: Preferences configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/preferences/main.php: Preferences managment (Modify)
* Clean code for manage preferences
- modules/system/language/english/admin/preferences.php: Preferences variable (Modify)
* Changed define name to follow XOOPS standard
Smilies:
- modules/system/admin/smilies/xoops_version.php: Smilies configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/smilies/main.php: Smilies managment (Modify)
* Code cleanup and use of a specific class to manage smilies
- modules/system/admin/smilies/smileform.php (Delete)
- modules/system/admin/smilies/smilies.php (Delete)
- modules/system/class/smilies.php: Smilies Class Manager (Add)
* Manage smilies with a specific class
- modules/system/language/english/admin/smilies.php: Smilies variable (Modify)
* Changed define name to follow XOOPS standard
Templates:
- modules/system/admin/tplsets/xoops_version.php: Templates configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/tplsets/main.php: Templates managment (Modify)
* Change code for use template editor (code mirror)
- modules/system/admin/tplsets/jquery.php: jQuery File Tree PHP Connector (Add)
- modules/system/admin/tplsets/themeimgform.php (Delete)
- modules/system/admin/tplsets/tplform.php (Delete)
- modules/system/language/english/admin/tplsets.php: Templates variable (Modify)
* Changed define name to follow XOOPS standard
Ranks
- modules/system/admin/userrank/xoops_version.php: User ranks configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/userrank/main.php: User ranks managment (Modify)
* Code cleanup and use of a specific class to manage user ranks
- modules/system/admin/userrank/rankform.php (Delete)
- modules/system/admin/userrank/userrank.php (Delete)
- modules/system/class/userrank.php: User ranks Class Manager (Add)
* Manage user ranks with a specific class
- modules/system/language/english/admin/userrank.php: User ranks variable (Modify)
* Changed define name to follow XOOPS standard
Users:
- modules/system/admin/users/xoops_version.php: User configuration files (Modify)
* Changes to use the same variables for image and help
- modules/system/admin/users/main.php: User managment (Modify)
* Code cleanup and use of a specific class to manage user
- modules/system/admin/users/users.php: Users functions (Modify)
* Code cleanup and use of a specific class to manage user
- modules/system/admin/users/jquery.php: jQuery File Tree PHP Connector (Add)
- modules/system/admin/users/userform.php (Delete)
- modules/system/class/users.php: User Class Manager (Add)
* Manage user with a specific class
- modules/system/language/english/admin/users.php: User variable (Modify)
* Changed define name to follow XOOPS standard