XOOPS: XOOPS 2.5.7 Final ReleasedPosted by: Mambaon 2014/6/16 8:50:00 40168 reads The XOOPS Development Team is pleased to announce the release of XOOPS 2.5.7 Final.
This release is focused on making XOOPS 2.5.7 fully compatible with PHP 5.5.x, on security enhancements, bug fixing, and on updating external libraries to their latest versions:
- jQuery to 1.11.0
- jQuery UI 1.10.4
- jQuery Lightbox to 1.2.3
- jQuery Form to 3.50.0
- jQuery Tablesorter to 2.15.11
- jGrowl to 1.2.14
- TinyMCE to 3.5.11
Angelo Rocha also has provided this new cool theme: the xBootstrap theme, based on Bootstrap
Since this version includes security fixes, it is highly recommended to update to this version ASAP!
See the Changelog for more details.
Due to changes related to security, it might happen that in one or two modules saving of the Permissions in Admin might not work. We are finalizing the Basic Module Pack, where all modules have been tested on XOOPS 2.5.6. Please check the News on XOOPS Website for a special announcement about the updated modules, or ask on the XOOPS Forums.
Or you can read more detailed information about how to fix it yourself in /docs folder in the file: "fixing_permissions.txt"
Please post and discuss all issues related to this release in this Forum thread
We also need help with Translations using Transifex
Minimum PHP Version: 5.3.7
Please note: the fact that the XOOPS Core runs correctly on PHP 5.5.x, doesn't mean that all your modules will run correctly, therefore you'll need to test them first.
The recently released modules that qualify for our Basic Module Pack, are all tested on PHP 5.5.x, and they should run just fine. We're also in process of updating the Basic Module Pack specifically for XOOPS 2.5.7
If you encounter any issues, please let us know in our Support Forums, in this specific thread dedicated to XOOPS 2.5.7
You can get this release package from the Sourceforge repository.
There are .zip and .gz archives provided.
Installing XOOPS (new installation)
1. Copy the content of the htdocs/ folder where it can be accessed by your server
2. Ensure mainfile.php and uploads/ are writable by the web server
3. For security considerations, you are encouraged to move directories "/xoops_lib" (for XOOPS libraries) and "/xoops_data" (for XOOPS data) out of Document Root, and change the folder names.
4. Ensure that directories:
- mainfile.php and
are writable by the web server
5. Access the folder where you installed the htdocs/ files using your web browser to launch the installation wizard
DOCUMENTATION: Please check out the detailed Installation Guide and the Operations Guide
Installing Protector in XOOPS
We also highly recommend the installation of the PROTECTOR module which will bring additional security protection and logging capabilities to your site.
Upgrading from a previous version
Upgrading from 2.5.6 to 2.5.7 Final:
1. Get the right update package from the sourceforge file repository
2. Overwrite files in XOOPS directory on your server with the content of /htdocs
* make sure that you copy the content of /xoops_lib to whatever directory you keep it on the server now (it should be your current XOOPS_TRUST_PATH directory), then delete the /xoops_lib directory. There can NOT be two directories with the content of /xoops_lib
3. Go to www.yoursite.com/upgrade and run the Upgrade from there. Once done, delete the folder /upgrade
4. If not done as part of the Upgrade above, run Update af the the "System" module from the modules administration interface. Other modules, especially "Profile", "PM", and "Protector" are recommended to update as well
Upgrading from previous versions older than 2.5.6 (Full Update):
0. Verify the system requirements, in particular the version of PHP. Backup your XOOPS database and site directory. (There are several ways to do these actions, which are discussed elsewhere.) Turning your site off is optional.
Change the permissions on mainfile.php and /include/license.php to be writable, for example:
File Normal For upgrade
mainfile.php 400 700
/include/license.php 444 777
Get the XOOPS 2.5.7 package from the SourceForge file repository.
1. In the upgrade package folder, move the "upgrade" folder inside the "htdocs" folder, if it's not already there. Remove the install folder from the "htdocs" folder, if it's there. Remove the mainfile.php file from the "htdocs" folder, if it's there.
If you've moved the xoops_data and xoops_lib folders outside your site's root directory, move these folders out of the "htdocs" folder in the upgrade package folder.
2. Delete the /modules/system directory on your current XOOPS site (to get rid of any old unnecessary files).
3. Overwrite the files in the XOOPS directory on your current XOOPS site with the content of "htdocs" folder of the upgrade package. (There are several ways to do this action, which are discussed elsewhere.)
As noted above, if relocated, overwrite the files in your current xoops_data and xoops_lib with the content of those in the upgrade package.
4. If you have Protector previously installed, open the "mainfile.php" file , and remove the Pre-check and Post-check lines (if they exist):
include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ;
include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ;
5. At your site's address (URL), login as administrator. Access
6. Delete the "upgrade" folder from your site's "htdocs" directory.
7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary.
8. Change permissions on the files noted above back to their normal state.
9. Turn your site back on, if you turned it off earlier.
Debug information display level
Since XOOPS 2.3.1 debug information display level is enabled to show debug information to different level of users: to all users, to members or to admins only.
The configuration can be set in /xoops_data/configs/xoopsconfig.php
As a default, the display level is set for 2 (Admin only).
Files integrity check
The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions:
1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php).
2. Execute checksum.php with your browser
3. If necessary, re-upload the missing or corrupted system files
4. Remove checksum.php and checksum.md5 from your server
This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES.
How to contribute
Bug report: http://sourceforge.net/tracker/?group_id=41586&atid=430840
Patch and enhancement: http://sourceforge.net/tracker/?group_id=41586&atid=430842
Feature design: http://sourceforge.net/tracker/?group_id=41586&atid=430843
Release announcement: https://lists.sourceforge.net/lists/listinfo/xoops-announcement
We would like to thank all developers who contributed fixes to this release (Alain091, Alain01 Alfred, AngeloRocha, Bleekk, Cesag, Culex, Geekwright, Goffy, iHackCode Irmftan, jegelstaff, Luciorota, madDan, Mamba, Manuel Garcia Cardenas, Guspel, Jcweb, Mehdi Dadkhah, Mowaffaq, Pedro Ribeiro, Roby73, Slider84,, SMEDrieben, Tarik, Tatane, Timgno, , Trabis, , Voltan, Wishcraft, Xoobaru, Zyspec)
Special Thanks go to our fantastic UI/UX Team for the xBootstrap theme:
And of course, a BIG THANK YOU to all our users who helped us with testing.
XOOPS Development Team
June 15, 2014
Change Log for XOOPS 2.5.7 Final
- XSS issues reported by Mehdi Dadkhah (rgriffith)
- Fix security issues reported by Pedro Ribeiro of Agile Information Security (rgriffith)
- Fix XSS issue reported by Manuel Garcia Cardenas (rgriffith)
- ID: 1143 (old ID 430840) class/module.errorhandler.php (uberrookie/zyspec)
- ID: 1225 Restore user theme choice during "Remember me" processing. (rgriffith)
- ID: 1226 Change value of clickable due to issues centering on CaricaFoto script (rgriffith)
- ID: 1227 Sorting bug in Profile module search (Zyspec)
- ID: 1246 Fallback to english for admin theme language files if no language specific file exists (rgriffith)
- ID: 1261 Fix as proposed by Irmtfan (irmtfan/rgriffith)
- ID: 1268 reduce db load if XoopsFormSelectUser is called multiple times in a page load (rgriffith)
- ID: 1269 Block template file will not updated after update the module (irmtfan)
- ID: 1270 template issue in email notifications (changed X_ITEM_TILE to X_ITEM_NAME) (alain01/slider84/mamba)
- ID: 1271 install last page no css/js (tarik/rgriffith))
- ID: 1272 delete functions always return true (rgriffith)
- ID: 1273 template duplicate issue (irmtfan)
- ID: 1274 prevent multiple inclusions of a module's xoops_version.php (irmtfan/rgriffith)
- ID: 1278 _AM_SENDMTOUSERS missed (Mowaffaq/mamba)
- ID: 1281 initialize arrays as empty arrays rather than null (rgriffith)
- ID: 1285 check if session exists before attempting to start a new one (wishcraft)
- ID: 1287 assigning "static" to various class methods (wishcraft/mamba)
- ID: 1291 xoops_getModuleOption() did not respect $dirname (rgriffith)
- ID: 1382 add cleanup of unused avatar resources to admin maintenance page (rgriffith)
- removing @ in link[@rel*=style][title] in styleswitch.js (not needed in jQuery 1.83) (SMEDrieben/Mamba)
- added missing "`" in upgrade from 2.0.18 to 2.3.0 (mamba)
- fixing errors in upgrade from 2.4.0 to 2.4.1 (mamba,voltan)
- added check for menu link description in ModuleAdmin
- fixed wrong return icon in Smarty xoModuleIcons32
- fixed issue with jGrows in xoops.css (xoobaru/tarik)
- fix for deprecated "preg_replace/e" function in PHP 5.5 (mamba)
- added: check if 'date.timezone' is set in php.ini, if not, set it to UTC (cesag/mamba)
- assigned _SHORTDATESTRING to _CAL_FORMAT to have consistency in local languages (jcweb/guspel)
- fixed bug in calendar.js (mamba)
- added link to Module's Admin after "Update" (currently only to XOOPS Modules section) (mamba)
- added placeholder for a link to upload test data, if available after installation (mamba)
- solved bug into PM module readpmsg.php (escrime-info/slider84)
- fixed missing check on variable in userinfo.php (cesag/mamba)
- replaced extract($_POST) in /include/comment_delete.php with filters (mamba)
- adding some missing generic default fonts (mamba)
- removing some unreachable statements (mamba)
- replacing deprecated HTML tags (mamba)
- bug in commentrenderer.php (Roby73/irmtfan)
- added missing info about new language constants in Fast Comments (irmtfan/mamba)
- fixed Undefined index: uid in file /modules/profile/userinfo.php line 24 (cesag/mamba)
- set minimum PHP version to 5.3.7 (mamba)
- added missing apostrophe corrections for Date types in CleanVars in /class/model/write.php
- added function escape to XoopsMySQLDatabase, needed for Formulize (jegelstaff)
- added blank.gif images to ModuleAdmin icons (timgno)
- addedd [soundcloud] BB code as supplied by (iHackCode/rgriffith)
- added "module_status" to show with module Version (mamba)
- patch for input validation bypass issue reported by Tatane (tatane/rgriffith)
- change default value for usercookie config to match change in 2.6.0. (rgriffith)
- correct method used to determine the current effective language.(rgriffith)
- fix errors "PHP Strict standards: Redefining already defined constructor" under PHP 5.5 (rgriffith)
- fix to correctly load the CSS file into the header in ModuleAdmin (Bleekk, Alfred)
- added "title" to buttons in DHTML Editor (mamba)
- updated required PHP and XOOPS versions, module versions in modules (cesag/mamba)
- added xBootstrap theme (UI/UX Team: Angelo Rocha, Bleekk, Heyula)
- added extra escape for "e" in YESTERDAY definition in locale.php, which was added in PHP 5.4 (madDan)
- fixed PHP minimum version comparison in ModuleAdmin (mamba)
- fixed System Module image manager and popup image manager save images in different directories(luciorota)
- added PHPDoc comments for classes and functions (mamba)
- fixed System Module image manager html/js bugs (luciorota)
- replaced "array_diff_assoc" with "array_diff_key" in /class/theme_blocks.php (masel/mamba)
- icons for active module sections in System module not shown correctly (Slider84/mamba)
- added two new language definitions (see lang_diff.txt)
- added Office 2007 MIME types (Voltan)
- added xml MIME type (Goffy)
- added new icons (mamba)
- updated XoopsMediaUploader to use system memory values from php.ini, and to offer random file names (mamba/luciorota/zyspec)
- added .tpl to XoopsList's getHtmlListAsArray (wizanda)
- updating xBootstrap (voltan, Angelo Rocha)
- moved all images, CSS, and JS files to /assets in modules Profile and PM (mamba)
- renamed .html Smarty templates to .tpl in modules Profile and PM (mamba)
- corrected English typos (cesag)
- added missing .php file extension (AngeloRocha/Zyspec/rgriffith)
- deprecated destoryVars($var) in object.php (cesag/rgriffith)
- update phpmailer translation array to include all keys, and remove reassignment of $PHPMAILER_LANG as array() (cesag/rgriffith)
- added XoopsRequest class (rgriffith)
- removed hard-coded text from installation (mamba)
- jQuery to 1.11.0 (mamba)
- jQuery UI 1.10.4 (mamba)
- jQuery Lightbox to 1.2.3 (mamba)
- jQuery Form to 3.50.0 (mamba)
- jQuery Tablesorter to 2.5.11 (mamba)
- jGrowl to 1.2.14 (mamba)
- prototype.js to 1.7.1, Aug 2012 (rgriffith)
- HTML Purifier to 4.6.0 (mamba)
- TinyMCE to 3.5.11 (mamba)
- added define('_AM_SYSTEM_USAGE',"Usage");
- added define('_AM_SYSTEM_ACTIVE',"Active");
- added define('WRITTEN_LICENSE',"Written XOOPS %s License Key: %s");