Chamilo 1.11.24

27 September 2023

Chamilo version 1.11.24 is now available (security release).

Upgrading to Chamilo 1.11.24

What's New in Chamilo 1.11.24

• Security: Add filter on messages forwarding
  

• Admin: Optimize users export to CSV/XML by displacing query complexity. Might improve users export speed tenfold on portals with >10k users.
  

• Add script to update course extra fields based on other extra field value
  
• Add script to update course extrafield based on specific rules
  
• Add cron to send notification of updates in all the courses to the teachers or coaches during the last X days
  

• Documentation: Update suggested default for HSTS (remove preload by default) and link to hstspreload.org
  
• Documentation: Update suggested default for HSTS and link to MDN for documentation
  
• Calendar: Reduce iCal export options to simplify interface
  
• Calendar: export members subscribed or invited to an event to CSV
  
• Admin: Optimize course export with extra fields to CSV/XML (adds "0" and "No" values when default values apply)
  
• Internal: Fix redirect when creating user and limit_session_admin_list_users is enabled
  
• Display: Add icons for CSV/Excel export of users and groups
  
• Group: add icon to CSV export of student members of a group
  
• Calendar: Fix to save invited list changed
  
• Calendar: Refactor to save invitations and subscriptions
  
• Calendar: Fix to save max subscriptions when saving by ajax
  
• Calendar: Move code to function
  
• Calendar: Fix save invitations or subscribers edit event
  
• Calendar: Allow choice between invitations and subscriptions
  
• Internal: Optimize UserManager::get_extra_user_data() to avoid string concat when avoidable
  
• Internal: Optimize UserManager::get_extra_user_data() to avoid querying the database when avoidable
  
• Internal: Set strict requirement for PHP version 7.4
  

• Webservice: Add possibility to get all users with filter status=* in get_users WS
  

• The Zoom plugin fails on one of the endpoints for reasons that seem to be on the Zoom side.
  

• Group: Use FormValidator shortcuts instead of FormValidator:addElement()
  
• Extrafield: Use FormValidator shortcuts instead of FormValidator:addElement()
  
• Session: filter HTML when saving/updating categories
  
• Career: Use FormValidator::addText instead of FormValidator:addElement('text')
  
• Admin: filter HTML when updating language
  
• Course: filter HTML when saving/updating category
  
• Skill: filter HTML when saving profiles
  
• Social: Secure requests to delete posts and comments
  
• Security: Rename htaccess file by replacing case-insensitively
  
• Security: Avoid relative path traversal to execute ppt2png and escape shell command used to execute PPT converter
  
• Security: Add configuration setting 'webservice_remote_ppt2png_enable' to disable additional_webservices.php by default
  
• Security: Session: Avoid SQL when importing session
  

• Session: Scheduled announcements: Add user extra fields to scheduled announcements editor
  
• Plugin: H5P Import: Add first H5P import plugin implementation
  

• Plugin: OAuth2: Enable setting values for user status from OAuth2.0 responses
  
• User: Access URLs: Add configuration setting 'multiple_access_url_user_management_show_and_order_by_official_code' to enable official code presentation and ordering in user management page
  
• Plugin: Buycourse: Add plugin configuration setting 'hide_shopping_cart_from_course_catalogue' to not show the shopping cart in the catalogue but the same subscribe button even if the course is on sale
  
• Admin: Add sec_token to delete courses
  
• Exercise: Add configuration setting 'exercise_question_reading_comprehension_extra_speeds' to customize reading comprehension questions' speeds (adds support for Belgian FRALA referencial)
  
• Catalogue: Add configuration setting $_configuration['course_catalog_settings']['pre_filter_on_language'] to enable pre-filtering on user's language (only works for the courses catalogue as sessions may contain courses in different languages)
  
• Mail: Use api_get_mail_configuration_value() to get SMTP_UNIQUE_SENDER. Fix issue using unique sender on multi-URL portals
  

• Plugin: Resubscription: Fix SQL query using old end date field name
  
• Plugin: H5P Import: Add plugin to official plugins list
  
• Group: Fix issue preventing group members from seeing documents uploaded by the teacher
  
• Display: Fix error when updating tool icon on the course homepage (introduced in 1.11.20 through security updates)
  
• Plugin: H5P Import: Update README and French translations
  
• Admin: User import: Fix off-by-one issue caused by re-using the $user variable, previously set by reference
  
• Admin: Make user CSV/XML import stricter on unique e-mails by detecting same e-mails in the uploaded file
  
• Plugin: BBB: Fix global chat not available in admin list (avoid overwriting _p array with plugin paths)
  
• Fix example quiz when adding default course content
  
• Internal: Remove automated testing on PHP 7.2 and 7.3: we officially only support 7.4 now (which is a temporary situation until the release of 2.0).
  
• Calendar: Add session management to deleteEventIfAlreadyExists() (and rename method to fix English typo). Fix code conventions
  
• Exercise: Increase blurriness of text in reading comprehension questions (better resolutions make it possible to read)
  
• Catalogue: Fix language filter when multi-URL
  
• Glossary: Fix visibility conditions for glossary terms
  
• Internal: Format code + add undefined variables + code readability
  
• Internal: Mark function as deprecated
  
• Social: Fix not being able to download one's own vCard
  
• Admin: Fix message when header logo has invalid dimensions
  
• Plugin: Keycloak: Align properly the Keycloak login button
  
• Plugin: Buycourse: adapt documentation for webhook configuration on Stripe to work with new API
  
• User: Access URLs: fix select option presentation to add option to enable official code presentation and ordering in user management page
  
• User: Access URLs: fix option name to add option to enable official code presentation and ordering in user management page
  
• Plugin: Buycourse: adapt confirmation message content for Stripe command
  
• Plugin: file missing for Fix Stripe process to work with new API version 2022-11-15
  
• Plugin: Buycourse add confirmation message for seller and buyer at the end of the Stripe command
  
• Plugin: Fix Stripe process to work with new API version 2022-11-15
  
• Survey: fix per-user report when survey in LP but not in all sessions: missing 2 lines to remove from previous commit
  
• Survey: fix per-user report when survey in LP but not in all sessions
  
• Script: fix script for id to iid correction for quiz to avoir duplicate actions
  
• Script: Add script to update user extra fields based on other extra field values
  
• Plugin: Zoom: Delete webinar even if API doesn't respond
  
• Plugin: Zoom: Delete meeting even if API doesn't respond
  
• Mail: Fix SMTP options if set in mail.conf.php
  
• Plugin: BBB: Fix ordering to have the last conferences on the first page
  
• Catalogue: show price in catalogue for all kind of payment types activated
  
• Plugin: OAuth2: Fix function to set user status
  
• Plugin: Zoom: Differenciate instant meeting from period meeting. Don't try to show instant meeting in the profile block or in the agenda
  
• Script: adapt script to be able to delete course from a script for all URLs
  
• Script: adapt course rel URL deletion to make it usable from script and delete relation with all URLs
  
• Admin: session admins can access user information page by defaut
  

• Webservice: Add 'status' field to get_users' return values
  

• The Zoom plugin fails on one of the endpoints for reasons that seem to be on the Zoom side.