Tiki Wiki CMS Groupware 11.2
3 May 2014
Tiki Wiki CMS Groupware version 11.2 is now available (security release).
Upgrading to Tiki Wiki CMS Groupware 11.2
Tiki Wiki CMS Groupware 11.2 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Tiki Wiki CMS Groupware updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Tiki Wiki CMS Groupware install to test the 11.2 upgrade prior to applying it live. Get started managing your Tiki Wiki CMS Groupware installations with Installatron
What's New in Tiki Wiki CMS Groupware 11.2
- [FIX] maps: Disappointing browser specific fix for problem with Chrome where some markers (often most) disappear if not fully opaque
- [FIX] kaltura: Make playlists work as expected in the plugin (thanks marclaporte)
- [SEC] tiki-print: enhance permission check (thanks luci)
- [ENH] Improve usability and user-friendliness of last page
- [FIX] forum import: Use proper variable for temp folder so that file to be imported can be found; handle null values causing server errors for some fields; improve parsing which was mangling forums posts; keep php line breaks from displaying in the imported forum posts.
- [SEC] forum import: parameterize database insert; change $_REQUEST to $_POST and filter
- [SEC] featured links: parameterize query used to update links
- [FIX] featured links: faulty logic and missing hidden input from the form was causing the update function to never be called - a new link was being added instead, causing the hits history to be lost
- [SEC] directory search: Filter inputs; refactor slightly to make it more obvious which variables are based on user input; fix some notices
- [SEC] banning: Remove where parameter since it doesn't seem to be used and would likely need reworking to function
- [SEC] accounting: tighten up validation byt using a whitelist; alter r50145 to return $error instead of false to stop creation/change of accounts when there are errors
- [FIX] accounting: correct invalid smarty variables keeping some submit buttons from working; missing " in div
- [FIX] accounting: avoid system errors when creating a book or account
- [SEC] accounting: validate query parameters
- [SEC] user messages: validate flag parameter
- [SEC] installer: filter more user inputs
- [SEC] sql log: filter user input
- [SEC] social networks: filter user input
- [FIX] PluginCountdown: Enddate was always set to UTC timezone - now the appropriate timezone is used. Also eliminated duplicate code for PHP less than 5.3 and fixed other notices.
- [FIX] User reports: avoid invalid datetime system error when a new user registers with the daily reports for new users preference enabled.
- [SEC] user registration tracker: better test for registration validation errors before allowing the tracker item to be created because tracker items could still be created even if the validation errors kept a user from being created.
- [FIX] Module top_articles: allow intended sorting by number of reads to work for this module. The top articles module was sorting by ascending article ID instead.
- [FIX] Usability fix of the icon, font size and content width for module since_last_visit_new in jquery mode, for theme styles with a little bit less width by default in side modules (including coalesce), while keeping similar readability like other modules.
- [FIX] Usability fix of the icon size for module since_last_visit_new in jquery mode, for theme styles with a little bit less width by default in side modules
- [ENH] Distinguish the active tab from the others in the module since_last_visit_new when in jquery mode. Lighter grey color, better contrast in admin modules > edit (tabs).
- [FIX] Distinguish between blogs and blog posts, and between file gals and files, with slightly different icons also
- [MOD] Change icon for users from vcard (looks as if new contacts were added, in the feaure "contacts") to users indeed.
- [FIX] Added the missing icon and code to display updated trackers in module since_last_visit_new in that fancy jquery mode (how come I didn't know during so many years about that jquery mode?). Updated the icon for new tracker items accordingly to distinguish it from the other. Extra pieces of images taken from openclipart (public domain svg's)
- [FIX] maps: Change URL for experimental StreetView layer... (without erroneous reformatting)
- [FIX] maps: Change URL for experimental StreetView layer as previous one is no longer supported - better fix using something like StreetViewCoverageLayer needed in the long term...
- [FIX]tracker: Replacing r43697 with a better (hopefully) fix for header field descriptions. Previous fix caused other field descriptions to no longer be directly under the field input and other issues.
- [FIX] ini_get cannot be tested directly
- [FIX] /tmp is not the only folder to be able to store tmp files, sometimes it fails :)
- [FIX] login: Check email validation
- [FIX]Stop showing twice the content from a field type 'static text' when when editing the item through tiki-view_tracker_item.php, since contents of 'Static text' are stored in the description box.
- [FIX] webdav: The test being done in prefs/php.php for the php-libxml extension was actually testing for a php-dom object class, which is a separate, but dependent library from libxml. Extensions can (and should) be tested using an 'extensions' block in the pref so now feature_webdav checks directly for libxml and bigbluebutton_feature checks for dom - and the "fake pref" file php.php will be removed in trunk later.
N.B. The class DOMDocument is actually used untested 100s of places in Tiki so should be added to tiki-check (thanks marclaporte)
- [FIX] check: Add separate test for the php-dom extension - probably should be counted as ugly if not present?
- [FIX] validation: Add a new validation rule "email_multi" for email fields that can accept multiple email addresses separated by (default) commas, and deploy on outboundEmail setting on trackers. Sadly keeping the html5 type=email attribute engages the default email validations which does not seem to be removable, so deleting that from the input field (thanks marclaporte)
- [FIX] Slow-down related to re-fetching permission list from cache in some object lists, store in memory after first use
- [FIX] PluginModule interface Crash issue fixed on Custom Module Insert Ref:http://dev.tiki.org/item4668.
- [FIX search module: Explicitly set the "action" of the module to be the default form action as IE sometimes was missing it being set by js only, resulting in staying on the same page with no search results (thanks marclaporte)
- [FIX] mail: Allow subject to be reset - should fix tracker problem in wish4945 (thanks Geoff)
- Changing expires for modules and plugins from 10 years to 1 month, as discussed on the mailing list
- [FIX] Massive performance issue with category jail since permissions were checked on all categories (Since this can bring a big/complex site to utter slowness, I am backporting even if no other 11.x releases are planned
- [FIX] Since smarty 3.1 error_reporting is not respected by Smarty once there is a custom error handler and this is to prevent all smarty errors and warnings from being logged or displayed when display_errors in on on some server setups
- [FIX] If user selects all months (max="-1"), show at least 10 years instead of just 1. Cheap usability fix to close http://dev.tiki.org/item4794