Fork me on GitHub



Make donations with PayPal!
Goal: $100.00
Due Date: Oct 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00

GitHub Twitter

Learn XOOPS Core

Local Support


XOOPS Code hosted on SourceForge

Cumulus Tag Cloud

- 2 2.5 2.6 4 6 admin adslight Android AntiHarvesting AntiSpam API Apple Battlefield billige Blocks Bootstrap Captcha cell cent chronolabs Clicks Cloud content CĂN demo download Dresses facebook Fat floor Gateway giải Google Guide herre Home Honeypot html5 Human HỘ IP iPhone jQuery Language Law Legal List log Loss module modules Monster new newbb news nhiệt NHÀ online PARK Payment phone PHP Plugin Prevention profile project Protector publisher RESIDENCE responsive review Rights Room security Sentry Signed site Smartphone Smarty Smoking Solution Spam stem Studio support tag tdmcreate The Theme themes User userlog weight xoops Xortify XPayment ZendFramework

New Users

Registering user

# 139413


Welcome to XOOPS!


News archives

XOOPS 2.5.5 Final Released

Posted by Mamba on 2012/4/16 1:40:00 (51405 reads) | Posted on XOOPS
The XOOPS Development Team is pleased to announce the release of XOOPS 2.5.5 Final.

Resized Image

This release is focused on fixing open bugs and on updating external libraries to their latest versions:

- phpMailer 5.2.1
- TinyMCE 3.4.9
- jQuery 1.7.2
- jQueryUI 1.8.18
- HTML Purifier 4.4.0
- phpThumb 1.7.11
- jGrowl 1.2.6

Since it also includes a security fix, it is highly recommended to update to this version ASAP!

See the Changelog for more details.

Please post and discuss all issues related to this release in this Forum

We also need help with Translations using Transifex

System requirements

Any PHP version >= 5.2 (PHP 5.3+ is strongly recommended)

MySQL server 5.0+

Web server:
Any server supporting the required PHP version (Apache highly recommended)

Downloading XOOPS

You can get this release package from the Sourceforge repository.
There are .zip and .gz archives provided.

Installing XOOPS (new installation)

1. Copy the content of the htdocs/ folder where it can be accessed by your server
2. Ensure mainfile.php and uploads/ are writable by the web server
3. For security considerations, you are encouraged to move directories "/xoops_lib" (for XOOPS libraries) and "/xoops_data" (for XOOPS data) out of Document Root, and change the folder names.
4. Ensure that directories:
- uploads/,
- uploads/avatars/
- uploads/images/
- uploads/ranks/
- uploads/smilies/
- xoops_lib/modules/protector/configs/
and files:
- mainfile.php and
- include/license.php
are writable by the web server
5. Access the folder where you installed the htdocs/ files using your web browser to launch the installation wizard

DOCUMENTATION: Please check out the detailed Installation Guide and the Operations Guide

Installing Protector in XOOPS
We also highly recommend the installation of the PROTECTOR module which will bring additional security protection and logging capabilities to your site.

Upgrading from a previous version

Upgrading from 2.5.4 to 2.5.5 Final:

1. Get the right update package from the sourceforge file repository
2. Overwrite files in XOOPS directory on your server with the content of /htdocs
* make sure that you copy the content of /xoops_lib to whatever directory you keep it on the server now (it should be your current XOOPS_TRUST_PATH directory), then delete the /xoops_lib directory. There can NOT be two directories with the content of /xoops_lib
3. Update the "System" module from the modules administration interface. Other modules, especially "Profile", "PM", and "Protector" are recommended to update as well

Upgrading from previous versions older than 2.5.0 (Full Update):

0. Verify the system requirements, in particular the version of PHP. Backup your XOOPS database and site directory. (There are several ways to do these actions, which are discussed elsewhere.) Turning your site off is optional.
Change the permissions on mainfile.php and /include/license.php to be writable, for example:
File Normal For upgrade
mainfile.php 400 700
/include/license.php 444 777
Get the XOOPS 2.5.5 package from the SourceForge file repository.
1. In the upgrade package folder, move the "upgrade" folder inside the "htdocs" folder, if it's not already there. Remove the install folder from the "htdocs" folder, if it's there. Remove the mainfile.php file from the "htdocs" folder, if it's there.
If you've moved the xoops_data and xoops_lib folders outside your site's root directory, move these folders out of the "htdocs" folder in the upgrade package folder.
2. Delete the /modules/system directory on your current XOOPS site (to get rid of any old unnecessary files).
3. Overwrite the files in the XOOPS directory on your current XOOPS site with the content of "htdocs" folder of the upgrade package. (There are several ways to do this action, which are discussed elsewhere.)
As noted above, if relocated, overwrite the files in your current xoops_data and xoops_lib with the content of those in the upgrade package.
4. If you have Protector previously installed, open the "mainfile.php" file , and remove the Pre-check and Post-check lines (if they exist):
include XOOPS_TRUST_PATH.'/modules/protector/include/' ;
include XOOPS_TRUST_PATH.'/modules/protector/include/' ;
5. At your site's address (URL), login as administrator. Access /upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so.
6. Delete the "upgrade" folder from your site's "htdocs" directory.
7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary.
8. Change permissions on the files noted above back to their normal state.
9. Turn your site back on, if you turned it off earlier.

Debug information display level

Since XOOPS 2.3.1 debug information display level is enabled as a temporary solution for 2.3* to show debug information to different level of users: to all users, to members or to admins only.
The configuration can be set in /xoops_data/configs/xoopsconfig.php
As a default, the display level is set for 2 (Admin only).

Files integrity check

The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions:

1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php).
2. Execute checksum.php with your browser
3. If necessary, re-upload the missing or corrupted system files
4. Remove checksum.php and checksum.md5 from your server


This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES.

How to contribute
Bug report:
Patch and enhancement:
Feature design:
Release announcement:

We would like to thank all developers who contributed fixes to this release (Mage, ForMuss, Trabis, Wishcraft, Mamba, DCrussader, XavierS, Cesag, Timgno, Culex), and all our users who helped us with testing.

XOOPS Development Team
April 15th, 2012

Change Log for XOOPS 2.5.5 Final
(for previous versions see here:
- XOOPS 2.5.5 RC
- XOOPS 2.5.5 Beta)

Security fixes:
- XSS (Cross Site Scripting) vulnerability in PM module and tinymce (High-Tech Bridge Security Research Lab/trabis)

- Templates Manager does not handle single quotes correctly (trabis)
- $xoTheme->addScript('', '', 'content here'); causes duplicate CDATA on cached pages (wishcraft/trabis)
- System admin maintenance table names are incorrect if db_prefix length is not 4 (trabis)
- System admin users advance search displays wrong results when using 'contains' or 'equal' in some fields (trabis)
- System admin users pagination not working correctly for some fields (trabis)
- System admin users blank page when site as many users (trabis)
- /class/object.php deprecated message, should be /class/xoopsobject.php (mamba/trabis)
- /class/module.php deprecated message, should be /class/xoopsmodule.php (mamba)
- /class/user.php deprecated message, should be /class/xoopsuser.php (mamba)
- ID: 3443381 Images stored in database not given correctly in edit mode (mage)
- ID: 3201929 Change upper limit for Banner impressions (mamba/mage)
- ID: 3432275 html structure (kris_fr/mage)
- ID: 3461539 Incorrect value for setOrder() in modulesadmin/main.php (mage)
- ID: 3469896 When deleting client, it doesn't delete finished banners (mamba/mage)
- ID: 3442270 Date format and Xoops 2.5.4 (cesag/formuss)
- ID: 3494895 When changing the # of visible entries in Protector, it goes to Admin (jcweb/mamba)
- ID: 3494894 Calendar shows 40 days (peekay/mage)
- ID: 3494896 Image Manager category creation restrictions (voltan/mage)
- ID: 3494893 PM Messages deleted from Saved box (Danielw42/mage)
- ID: 3501897 Protector errors (cesag/XavierS)
- ID: 3511204 TinyEditor only loading in the 'Scoop' part of the News module (peekay/XavierS)
- ID: 3511205 Bug in fresh install in page_configsave.php (XavierS)
- preventing division by zero in pagenav.php (timgno)
- ID: 3466534 tooltip "$ not defined" fix (culex)
- ID: 3513787 wrong cookie_domain (arion92fr)
- ID: 3518291 Fix of variables assigned by reference in formelementtray
- problem in formtextdateselect (wishcraft)

- HTML Purifier to 4.4.0 (mamba)
- TinyMCE to 3.4.9 (mamba)
- jQuery to 1.72 (mamba)
- jQueryUI to version 1.8.18 (mamba)
- phpThumb to 1.7.11 (mamba)
- jGrowl to 1.2.6 (mowaffaq/mamba)

- replacing "msnbot" with "bingbot" in Protector (mamba)
- Add key 'uid' on 'groups_users_link' table to allow joining 'users' table with better performance (trabis)
- Add Comments, Templates, and Uninstall links to Module's Admin (mamba)


- added define("_AM_MODULEADMIN_HOME", "Home");
- added define("_AM_MODULEADMIN_DASHBOARD", "Dashboard");
- added define("_AM_MODULEADMIN_ABOUT", "About");
- added define("_AM_MODULEADMIN_PERMISSIONS", "Permissions");
- added define("_AM_MODULEADMIN_ABOUT_RELEASEDATE","Released: ");
- added define("_AM_MODULEADMIN_ABOUT_AUTHOR","Author: ");
- added define("_AM_MODULEADMIN_ABOUT_CREDITS","Credits: ");
- added define("_AM_MODULEADMIN_ABOUT_LICENSE","License: ");
- added define("_AM_MODULEADMIN_ABOUT_AUTHOR_NAME","Author name: ");
- added define("_AM_MODULEADMIN_ABOUT_AUTHOR_INFO","Author Info");
- added define("_AM_MODULEADMIN_ADMIN_FOOTER", "
This module is maintained by the XOOPS Community

- added define("_CAL_FORMAT","Y-m-d");


- added define($constpref."_ADMINHOME","Home");
- added define($constpref."_ADMINABOUT","About");
- added define($constpref.'_STOPFORUMSPAM_ACTION','Stop Forum Spam');
- added define($constpref.'_STOPFORUMSPAM_ACTIONDSC','Checks POST data against spammers registered on database. Requires php CURL lib.');

- added define( "FILTER_FUNCTIONS", "Filter functions");

- added define('_DBDATESTRING', 'Y-m-d');
- added define('_DBTIMESTRING', 'H:i:s');
- added define('_DBTIMESTAMPSTRING', 'Y-m-d H:i:s');

- added define('_PM_READ', 'Already Read');

- added define("_AM_SYSTEM_UNINSTALL","Uninstall");


Printer friendly page Send this story to a friend Create a PDF from the article
Bookmark Me
Bookmark to Google Plus
The comments are owned by the author. We aren't responsible for their content.

Provided languages with moduleadmin in Frameworks, French, German and Russian must be removed.

Missing update packs from 2.5.5 Beta and RC to Final ?

Protector language files must be edited, to remove white spaces and to replace contants with DEFINE in order to be maintained with rest of the language files.

Install/Language/English/ - better to be in one file with DEFINE only for 2.5.6.

2 Files per module, 1 for core
eg. modules/pm/language/english/site.php and modules/pm/english/admin.php
all in language/english - in one english.php
mail_templates/ to be moved within SQL and with option to be modified per module.
help/ - to be removed off installation and moved to
Published: 2012/4/16 3:43 • Updated: 2012/4/16 3:43
Missing update packs from 2.5.5 Beta and RC to Final ?

Working on it right now...
Published: 2012/4/16 3:45 • Updated: 2012/4/16 3:45
Release them together :)
News announcement can wait hour or two ....
Published: 2012/4/16 3:55 • Updated: 2012/4/16 3:55
Protector language files must be edited, to remove white spaces and to replace contants with DEFINE in order to be maintained with rest of the language files.

Can you provide English version as a template for the others?

All the other suggestions will have to wait till XOOPS 2.6.0.

Can you please add them to the Feature Requests, so we won't forget? Thanks!
Published: 2012/4/16 5:56 • Updated: 2012/4/16 5:56
Italian translation in SVN

Added language frameworks
Published: 2012/4/16 7:40 • Updated: 2012/4/16 7:41
Protector definitions:
define($constpref."_ADMININDEX","Protect Center");

Protector whitespaces:
define('_MD_PROTECTOR_YOUAREBADIP','You are registered as BAD_IP by Protector.<br />') ;

Line should look like:
define('_MD_PROTECTOR_YOUAREBADIP','You are registered as BAD_IP by Protector.<br />');

Standard XOOPS Define
define('_NOCOMMENTS''No Comments');

From Portector must be removed spaces betwen ) and ;, all lines to end with CRLF and define($constpref. to be replaced by DEFINE.

If redhead install is ready, why the /install lang files to not be merged into one ... and for rest, no one will forget, I'll moan all the time :)
Published: 2012/4/16 7:47 • Updated: 2012/4/16 7:47
Great news !!!
Published: 2012/4/16 9:59 • Updated: 2012/4/16 9:59

If redhead install is ready, why the /install lang files to not be merged into one ... and for rest, no one will forget, I'll moan all the time :)

I am finishing up my semester then will be working on this. (Writing a card game in C# as my final project. Semester is done in 2 weeks.)

Hope to have it finished within 2-3 weeks when I am able to get back to it...

So with this in mind I am hoping to have the install system ready by the end of May.

Will support Language defines and themes.
Published: 2012/4/16 13:08 • Updated: 2012/4/16 13:08
Great news!
Published: 2012/4/16 17:41 • Updated: 2012/4/16 17:41
File "/language/english/pmsg.php" why not "?>" At the end?
Published: 2012/4/16 20:33 • Updated: 2012/4/16 20:33
File "/language/english/pmsg.php" why not "?>" At the end?

See this post
Published: 2012/4/16 20:38 • Updated: 2012/4/16 20:38
From Portector must be removed spaces betwen ) and ;, all lines to end with CRLF and define($constpref. to be replaced by DEFINE.

I'll take care of the spaces.

But I still don't understand why do you want to use CRLF? Everybody is using LF - see these Guidelines for Zend Framework from the company that is in charge of PHP
Published: 2012/4/16 20:45 • Updated: 2012/4/16 20:45
I fresh installed v.2.5.5. In the "User manager" should be only one (admin), but there it shows "2 user(s) found". Why?

Resized Image

Published: 2012/4/17 1:55 • Updated: 2012/4/17 1:55
same problem
Resized Image

Published: 2012/4/17 4:41 • Updated: 2012/4/17 4:41
Images problem

Resized Image

Resized Image

Published: 2012/4/17 4:47 • Updated: 2012/4/17 4:47
Guys, please report all issues and bugs in the XOOPS Forums, so we have all of them in one place.

Published: 2012/4/17 4:49 • Updated: 2012/4/17 4:49
define('_MD_PROTECTOR_YOUAREBADIP','You are registered as BAD_IP by Protector.<br />') ;

I am reasonably fussy when it comes to coding semantics, but I don't know of a PHP or Apache version that would have a problem with the space at the end of that statement. The LF issue seems equally pedantic. Can someone explain exactly how is this likely to cause a problem?

The post by chnwalkman is completely understandable. I have never encountered a whitespace issue resulting from terminating PHP with the closing tag. I have however seen more than one corrupted file upload with half the code missing. Without the closing tag, how are people supposed to know whether the code is complete or not?.

Unless it is essential for the code to work, I agree (with many others) that this is an uneccessary shortcut which will lead to confusion and delivers no tangible benefit. I hope this is not the standard to be adopted by Xoops because it is unlikely to assist in debugging.
Published: 2012/4/17 9:20 • Updated: 2012/4/17 9:43

The LF issue seems equally pedantic. Can someone explain exactly how is this likely to cause a problem?

infinite line
Instead Transifex to recognize 900 lines as 900 strings for translations, recognize only 30 (newly added).

Mentioned Protector "problems"are only with Transifex, it's given as example, that such language files will be dropped.

CRLF issue with banned CMS in Administration/Preferences giving blank page looks like are not the same here, today will upload first VBox images for Mamba which gives blank page on userinfo.php.
Published: 2012/4/18 5:26 • Updated: 2012/4/18 5:26

OK, thx for explaining. I can see the benefit of having it work with Transifex.
Published: 2012/4/18 8:44 • Updated: 2012/4/18 8:44
Instead Transifex to recognize 900 lines as 900 strings for translations, recognize only 30 (newly added).

It sounds like a Transifex problem. Did you file already a bug report with them? If not, I'll do it.
Published: 2012/4/18 12:41 • Updated: 2012/4/18 12:41
END Need "?>"

END Need "?>"
Published: 2012/4/19 23:22 • Updated: 2012/4/20 0:06
END Need "?>"

No, it doesn't. It is actually recommended not to use it.

See the guidelines from Zend people:

For files that contain only PHP code, the closing tag ("?>") is never permitted. It is not required by PHP, and omitting it´ prevents the accidental injection of trailing white space into the response.

I hope, in XOOPS 2.6.0 we'll have it implemented consistently.
Published: 2012/4/20 2:56 • Updated: 2012/4/20 14:02
Dear Mamba~
Published: 2012/4/20 8:13 • Updated: 2012/4/20 8:13
Zend may feel happy to 'forbid' this for pure framework projects, but I think the PHP manual optional end tag comment is more suitable guidance for Xoops module development.

Most modules are modifications rather than ground-up solutions. If you encourage Zend's requirement, devs are going to cut and paste code and leave some with closing tags and some without. With no closing tag, any HTML in the file will break it, so people debugging a blank screen would have to read every line of code to check for some embedded HTML?.

Allowing whitespace after the closing tag is poor coding. To resolve this by removing the tag doesn't exactly encourage developers to be more diligent.
Published: 2012/4/20 8:51 • Updated: 2012/4/20 8:51
There is more that goes into this than was mentioned and ultimately I think it will depend on the preferences of the user. However since Zend is the group that is responsible for WRITING php it is a good idea to listen to what they say.

In the long run this is a coding practice and although to some programmers it will be like nails to a blackboard if you put them there it really doesn't do harm.

On large sites with lots of PHP files it can be a slight performance hit. It can introduce the hard to find "white" spaces as mentioned (And believe me, these can be hard to find...)

As to programmers in general. If someone is copying and pasting code from one module to another they should be looking at the code and not just running it. Chances are if they are copying a whole file this won't be an issue but if you are copying code into a template or something else with mixed HTML and PHP you better be watching your tags regardless.

So personally, if I am redoing a module or coding from scratch I will leave out the end tags because when you weigh the cons and pros really leaving it off makes sense.

But in the end, it really doesn't make that much of a difference.
Published: 2012/4/20 12:30 • Updated: 2012/4/20 12:30
What about if I want to upgrade from 2.5.0?

Should I just download the full package and replace all files and update system module?
Published: 2012/4/21 8:46 • Updated: 2012/4/21 8:46
Should I just download the full package and replace all files and update system module?

That's the easiest way. Just make sure, you do NOT copy over the mainfile.php file!
Published: 2012/4/21 9:17 • Updated: 2012/4/21 9:17
Yes leave the mainfile.php in place.

Other than the notes below you will also want to keep your module directory in place as well.

One thing that the upgrade does not address is that you will want to disable your modules before doing an upgrade if you are coming from an older branch and once you have installed the new version enable them one at a time to make sure they are still compatible with your new version. If you get any white screens with all the modules off you need to look at the theme as it might have something in it that is not compatible with the newer xoops.

Also, realize that the new version of xoops generally comes with a new version of PM, Module and Protector so you will want to make especially sure you disable those modules if you are using them and make sure to remove those directories from the module directory before you copy over the new xoops version. If your old xoops also had a xoops trusted path you will likely have supporting code for Protector that will need to be removed and replaced with the new code in the trusted path.
Published: 2012/4/21 12:41 • Updated: 2012/4/21 12:41

It sounds like a Transifex problem. Did you file already a bug report with them? If not, I'll do it.

Nope, It's look like "no rules" problem. Don't plan to bother Infidex with something that can be solved here. It's not only the LF issue, not only and white spaces, but and strange DEFINEs.

Does core files have problems - nope, then rest will follow this way of creating/maintaining language files until is not changed to POT/INI.


I hope, in XOOPS 2.6.0 ...

I hope to see .INI files in 2.6.0 and no more then 2 files per module.

quote from zend guidelines...

The target line length is 80 characters.....

Current LF ending makes them infinite (only for PHP DEFINE statement), this maybe is a transifex bug or not, but since there is a solution, why to bother someone else. If protector files was written in the way of how core files are written, who will ever mention them ? And from when someone on follows Guidelines ? Half of the language files are still ending with "?>" (wont mention those on 3rd party modules)....
Published: 2012/4/22 0:46 • Updated: 2012/4/22 0:47
Don't plan to bother Infidex with something that can be solved here. It's not only the LF issue, not only and white spaces, but and strange DEFINEs.

I agree that DEFINE in Protector is not the "typical" one, and we can look into it to see if we can change it on our side.

But LF is the standard in almost all Open Source projects that I am aware of, so this should be handled by Transifex.
Published: 2012/4/22 13:37 • Updated: 2012/4/22 13:37

But LF is the standard in almost all Open Source projects that I am aware of, so this should be handled by Transifex.

Ok u report it as bug, to avoid double posts.
It happens with specific files only. So give Wishcraft My-Album download link as demonstration. They have to test it out on they're test server. To take a look in xoops/language/english/global.php and any of the old 4 files in myalbum/language/english/main, modinfo, admin, blocks.php.
Published: 2012/4/22 15:21 • Updated: 2012/4/22 15:21
Great news mr Mamba Thx
Published: 2012/4/28 16:34 • Updated: 2012/4/28 16:34