XenForo 1 v1.5.24

Bản này được sưu tầm từ internet.

Hot on the heels of our previous GDPR centric releases, today we're pleased to announce the release of XenForo 1.5.21 and XenForo 2.0.7 which aims to resolve some issues found since the release of the previous versions, and include a few further tweaks to enhance GDPR compliance on your forum.

See our previous release announcement for details of how we can help you comply with the new GDPR regulations.

A summary of the changes in this release are as follows:

• Ensure the server side validates the privacy policy/terms and rules acceptance form (XF1 and XF2)
• Ensure certain fields output in the data portability exports are escaped (XF1 and XF2)
• Some small phrase adjustments (XF1 and XF2)
• Attempt to ensure the new cookie notice does not hide the footer links (XF1 and XF2)
• Ensure data portability features are only available to admins with the "Manage users" permission (XF1 and XF2)
• If the geoLocationUrl option is empty, no longer attempt to link a user's location (XF1 and XF2)
• If a user's location is linked, ensure that noreferrer and nofollow values are set (XF1 and XF2)
• Implement the ability to add an unsubscribe link to admin sent emails (XF1)
• Fix issues with selecting the new bottom fixer notice type (XF1)
• Fix for invalid CSS (XF1)
• Fix broken register_twitter template (XF1)
• Not GDPR related, but fix issue with toggling Q&A CAPTCHA questions (XF2)
• Use consistent variables for displaying privacy policy and terms and rules URLs on help pages (XF2)
• Ensure default privacy policy and terms and rules help pages are redirected appropriately when custom URLs are set (XF2)
• Do not display protected change log entries (like policy acceptance dates) for potential spammers in the user approval queue (XF2)

More details can be found in the Resolved bug reports category.

The following templates have been changed in this release:

• account_contact_details (XF1)
• account_privacy (XF1)
• help_index (XF2)
• help_wrapper (XF2)
• helper_account (XF2)
• member_about (XF2)
• member_view (XF1)
• message_macros (XF2)
• message_user_info (XF1)
• public.css (XF1)
• register_twitter (XF1)

All customers with active licenses may now download the new versions from the customer area.

XenForo 1.5.13 Released | xenforo việt nam

Today, we are pleased to release XenForo 1.5.13. This release fixes a number of bugs and issues that were found since the previous release. As this is a maintenance release, the vast majority of the focus was an increase in stability.

Some of the changes in this release include:

• Disable the HTML5 uploader for older versions of Android (< 5, not using Chrome) due to incompatibilities.
• Prevent the HTML5 uploader from creating a horizontal scrollbar with very small windows.
• Fix an issue reverting message edits if not all of the edits could be reverted in one batch.
• Add several new indexes for performance benefits in specific cases.
• Ensure that several additional types of content are updated correctly when merging users.
• Capture errors parsing bounced emails and log them for future analysis.
• Prevent recursive calls to the image proxy by short circuiting to the final image.
• Limit the number of image proxy records removed at a time to prevent memory errors.
• Adjust multiple external calls in templates/JS to always use HTTPS.
• Prevent the likes received list from being completely blank in specific situations.
• Don't display the "log in or sign up" message on threads that have been explicitly closed.
• Fix an incorrect permission check when quoting a user that could lead to a phantom alert being created.
• Trim smilie replacement values when saving to prevent unexpected behavior

See the Resolved Bug Reports forum for further information.

The following templates have had changes:

• account_likes
• addthis_ajax
• captcha_recaptcha
• google_analytics
• login_two_step
• thread_view

Where necessary, the merge system within the "Outdated Templates" page should be used to integrate these changes.

Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. XenForo 2.0 is requires PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.

All customers with active licenses may now download the new version from the customer area.

XenForo 1.5.10 Released full and upgrade.
Today, we are pleased to release XenForo 1.5.10. This release fixes several bugs and issues that were found since the release of 1.5.9.

Most importantly, this release includes a fix for a security issue that we found during internal testing. The issue is known as a server-side request forgery (SSRF). This could allow an attacker to use your server to bypass your server's firewall and make internal requests. Depending on the services found, this could lead to privilege escalation or remote code execution.

This is a potentially serious issue and we strongly recommend all customers follow one of the below methods to fix this security issue.
If you are running XenForo 1.4, please see the 1.4.13 announcement for a patch. If you are running XenForo 1.3 or older, you must upgrade to the latest 1.4 or 1.5 release to fix this issue.

If you are running XenForo Media Gallery 1.0, you must also follow the instructions in the XFMG 1.0.10 release announcement to fully patch this issue. If you are running XFMG 1.1.0 to 1.1.4, you must upgrade to a newer XFMG release. XFMG 1.1.5+ will be automatically fixed by following one of the steps below.

Method 1: Upgrade to the New Version (Recommended)
You may upgrade to XenForo 1.5.10 (or any subsequent version) to fix this issue. You should upgrade as you would to any other release. See further below in this announcement for more details on this release. If you take this approach, you should not apply the patch below.

Method 2: Install the Patch (for 1.5 Users)

Download the patch zip file attached to the end of this message. It contains 4 files:

• 
  
  
  • library/XenForo/BbCode/Formatter/BbCode/AutoLink.php
  • library/XenForo/Helper/Http.php
  • library/XenForo/Helper/Url.php
  • library/XenForo/Model/ImageProxy.php

These 4 files should be uploaded to your server, overwriting the existing files of the same names.

Note that with this method there is no outward indication that the patch has been applied. We recommend upgrading if possible.

Other Changes in 1.5.10

Some of the bugs fixed in 1.5.10 include:

• 
  
  
  • Add several language code/locale options for pages.
  • Fix a situation where white space may not be maintained 100% when pasting code/pre-formatted into the rich text editor.
  • Add a 1000 user limit to ignoring to prevent potential errors.
  • Ensure that poll resetting/deleting is logged correctly.
  • Automatically adjust uploaded image extensions to match their type (rather than throwing an error).
  • Change NoCaptcha requests to POST to prevent a possible regular expression failure.
  • Fix an issue with automatic vendor prefixing in the CSS when using @supports.
  • Fix a timezone related issue when displaying stats output.
  • Adjust the meta description of member profiles to handle missing components better.
  • Prevent an error in the phpBB 3.1 importer relating to timezones.

See the Resolved Bug Reports forum for further information.

The following templates have had changes:

• 
  
  
  • member_view

Where necessary, the merge system within the "Outdated Templates" page should be used to integrate these changes.

Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.

All customers with active licenses may now download the new version from the customer area.

Today, we are pleased to release XenForo 1.5.3. This release fixes a number of bugs and issues that were found since the release of 1.5.2. As this is a maintenance release, the vast majority of the focus was an increase in stability.

Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo.

Add-on developers: there are some serialization compatibility changes in 1.5.3. Please see this thread for details as you may need to check your add-ons or make changes.

Some of the bugs fixed in 1.5.3 include:

• Add beta importers for IPB 4.0/4.1 and phpBB 3.1.
• When using the mail queue and bulk email systems, if an error is received emailing a user, attempt to establish a new transport connection and resend the email. This should help resolve issues where SMTP connections are closed unexpectedly.
• Added sanity checks to ensure that serialized data is an array (containing only simple data within) in numerous places. (This may cause an error with add-ons that have incorrectly specified option definitions.)
• When associating an external account with an existing account, you must already be logged into the target account to ensure two-step verification is respected.
• Add dir="auto" to the sidebar online users list to ensure mixed LTR and RTL usernames do not interact.
• Improve results when pasting into the RTE from certain programs (such as PHPStorm).
• Fix converting links to page titles when the title tag is found more than 20KB into the page (such as on Amazon pages).
• Prevent a fatal error if an import remains unfinished but the importer has been removed.
• Do not automatically apply avatars during registration if the user doesn't have permission.
• Prevent an error in the user change log when a user has changed a custom field option that no longer exists.
• Do not display the RTE to Firefox mobile due to cursor issues.

See the Resolved Bug Reports forum for further information.

The following templates have had changes:

• register_facebook
• register_google
• register_twitter
• sidebar_online_users

Where necessary, the merge system within the "Outdated Templates" page should be used to integrate these changes.

All customers with active licenses may now download the new version from the customer area.

The new features in XenForo 1.5 include:

• Thread tagging
• Responsive admin control panel
• Two-step verification
• Floating notices
• Profile post comment improvements, including soft deletion and liking
• Admin sent alerts and conversations
• Welcome messages
• Automatic link title conversion
• Newest posts in the sidebar
• Independent language selection in the admin control panel

...and more.

XenForo Resource Manager and Media Gallery with 1.5
The XenForo Resource Manager 1.2.0 and XenForo Media Gallery 1.1.0 have been released to add support for the new XenForo 1.5 features. If you are running either of these add-ons, we recommend you upgrade them after upgrading to 1.5. However, previous releases of these add-ons should remain compatible with XenForo 1.5.

XenForo Enhanced Search 1.1.2 is compatible with XenForo 1.5.