Tiki Wiki CMS Groupware 9.8
3 May 2014
Tiki Wiki CMS Groupware version 9.8 is now available (security release).
Upgrading to Tiki Wiki CMS Groupware 9.8
Tiki Wiki CMS Groupware 9.8 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Tiki Wiki CMS Groupware updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Tiki Wiki CMS Groupware install to test the 9.8 upgrade prior to applying it live. Get started managing your Tiki Wiki CMS Groupware installations with Installatron
What's New in Tiki Wiki CMS Groupware 9.8
- [SEC] tiki-print: enhance permission check (thanks luci)
- [ENH] Improve usability and user-friendliness of last page
- [FIX] forum import: Use proper variable for temp folder so that file to be imported can be found; handle null values causing server errors for some fields; improve parsing which was mangling forums posts; keep php line breaks from displaying in the imported forum posts.
- [SEC] forum import: parameterize database insert; change $_REQUEST to $_POST and filter
- [FIX] Add icon for Image Galleries and Images from Image Galleries in the since_last_visit_new module in jquery mode, since it was missing as shown in tiki.org community site (image galleries are being used still there, as an example).
- [SEC] featured links: parameterize query used to update links
- [FIX] featured links: faulty logic and missing hidden input from the form was causing the update function to never be called - a new link was being added instead, causing the hits history to be lost
- [SEC] directory search: Filter inputs; refactor slightly to make it more obvious which variables are based on user input; fix some notices
- [SEC] banning: Remove where parameter since it doesn't seem to be used and would likely need reworking to function
- [SEC] accounting: tighten up validation byt using a whitelist; alter r50145 to return $error instead of false to stop creation/change of accounts when there are errors
- [FIX] accounting: correct invalid smarty variables keeping some submit buttons from working; missing " in div
- [FIX] accounting: avoid system errors when creating a book or account
- [SEC] accounting: validate query parameters
- [SEC] user messages: validate flag parameter
- [SEC] sql log: filter user input
- [SEC] installer: Check prefs before filtering user input. Changes filtering logic added in r50025
- [SEC] social networks: filter user input
- [FIX] PluginCountdown: Enddate was always set to UTC timezone - now the appropriate timezone is used. Also fixed other notices.
- [FIX] countdown: Handle text param as described, i.e. if empty then use the defaults.
- [SEC] [FIX] User reports: avoid invalid datetime system error when a new user registers with the daily reports for new users preference enabled.
- [SEC] user registration tracker: Fix to r49920 to check for registration validation errors regardless of whether a registration passcode is required.
- [SEC] user registration tracker: better test for registration validation errors before allowing the tracker item to be created because tracker items could still be created even if the validation errors kept a user from being created.
- [MOD]Code re-indentation only, no other changes.
- [FIX]It's not trackers but tracker items (fix for title attribute; missing in the previous commit). thanks luci!
- [FIX]It's not trackers but trakcer items
- [FIX]Usability fix of the icon, font size and content width for module since_last_visit_new in jquery mode, for theme styles with a little bit less width by default in side modules (including coalesce), while keeping similar readability like other modules.
- [FIX]Usability fix of the icon size for module since_last_visit_new in jquery mode, for theme styles with a little bit less width by default in side modules
- [ENH]Distinguish the active tab from the others in the module since_last_visit_new when in jquery mode. Lighter grey color, better contrast in admin modules > edit (tabs). [adapted to Tiki9, since the css property has a different name]
- [ENH]Added calendars and their events to the module since_last_visit_new.
- [FIX]Distinguish between blogs and blog posts, and between file gals and files, with slightly different icons also
- [MOD]Change icon for users from vcard (looks as if new contacts were added, in the feaure "contacts") to users indeed.
- [FIX]Added the missing icon and code to display updated trackers in module since_last_visit_new in that fancy jquery mode (how come I didn't know during so many years about that jquery mode?). Updated the icon for new tracker items accordingly to distinguish it from the other. Extra pieces of images taken from openclipart (public domain svg's)
- [FIX] login: Check email validation
- [FIX]Stop showing twice the content from a field type 'static text' when when editing the item through tiki-view_tracker_item.php, since contents of 'Static text' are stored in the description box.
- [ENH] Additional defense against session collisions
- [FIX] Changes added to fix table/alias error in page listing. Ref: http://dev.tiki.org/item4932
- [FIX] Changes added to detect when two wiki pages have the same alias Ref: http://dev.tiki.org/item4250
- [FIX] If user selects all months (max="-1"), show at least 10 years instead of just 1. Cheap usability fix to close http://dev.tiki.org/item4794