XOOPS: Xoops 2.0.10 Beta 2 ReleasedPosted by: Mithrandiron 2005/3/27 20:06:58 7183 reads Thank you goes out to everyone in the XOOPS community who have tried the first beta version of XOOPS 2.0.10
There were some bugs that weren't fixed and a couple of new ones introduced in this version that we try to remedy with the beta 2 release.
XOOPS version 2.0.10 beta 2 is a security-improving release that lessens the use of fopen with URLs and brings a completely new tool for securing modules against CSRF attacks: The XoopsSecurity class. See the first beta announcement for a description of the token system.
This is still a beta, since the token system still needs some testing, but provided we get enough positive feedback, a final 2.0.10 release should be released within 1-2 weeks.
This release contains files for the core-included versions of News and Newbb (1.1 and 1, respectively). If you use Newbb 2 and/or News 1.2 or later, you should not upload the files in modules/news and modules/newbb as they will mess up these modules.
Xoops 2.0.10 Beta 2 Full (.tar.gz)
Xoops 2.0.10 Beta 2 Full (.zip)
Xoops 22.214.171.124/126.96.36.199 to 2.0.10 Beta 2 Patch (.tar.gz)
Xoops 188.8.131.52/184.108.40.206 to 2.0.10 Beta 2 Patch (.zip)
(edit: Don't pay attention to that, it will be changed for the final version, so it doesn't impact on modules)
2005/03/27: Version 2.0.10 Beta 2
- Fixed bug in header.php – assign $xoops_lblocks (Mithrandir/phppp)
- Fixed bug #1087786 Can"t assign to $this in PHP5 (Mithrandir)
- Fixed bug where blocks without templates were not showing content (Mithrandir)
- Fixed bug where redirect screen was showing HTML (Mithrandir/Wanikoo)
- Fixed bug - Image manager not storing categories (Mithrandir/StudioC)
- Fixed bug - Search not submitting (Mithrandir/Gruby)
- Fixed bug - Popup changes main window (Mithrandir/zimmi88)
- Added more vars to $bad_globals in XoopsSecurity::checkSuperglobals() (Mithrandir/Wanikoo)
- Deprecated xoops_refcheck() function (Mithrandir)
- Included 220.127.116.11 fixes in 2.0.10 patch for easy upgrade from 18.104.22.168 (Mithrandir/rowd)
2005/03/25: Version 2.0.10 Beta
- Security fix to avoid the usage of fopen and unlink when previewing (Onokazu)
- Fixed bug #1157029 - Bug in include/checklogin.php (Onokazu/sudhaker)
- Fixed bug #1060061 - renderValidationJS showing htmlentities instead of intended characters (Onokazu/theCat)
- Implemented new token system for validating form origination and increased protection against CSRF (Mithrandir/Onokazu)