Dotclear 2.14.2
10 September 2018
Dotclear version 2.14.2 is now available (major release).
Upgrading to Dotclear 2.14.2
Dotclear 2.14.2 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Dotclear updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Dotclear install to test the 2.14.2 upgrade prior to applying it live. Get started managing your Dotclear installations with Installatron
What's New in Dotclear 2.14.2
2.14.2
- Security: Authenticated cross-site scripting (XSS) was possible due to the .ahtml (or .bhtml, .chtml, …) file extension being allowed in the media manager. Thank's Josiah Pierce for report (CVE-2018-16358)
- Security: Unregister phar wrapper in order to avoid PHP Phar extension vulnerability
- Enter key in some input fields were not redirect to the parent form
- Unable to save modified theme's files in theme editor, when Codemirror is used
- Back to the original global_filters() template function (will be rewritten in the next 2.15)
2.14.1
- Install wizzard was broken
- Smallest admin font size was set when saving user prefs
- Minifying JS scripts may cause problems with regular expressions
- Empty JS var was set for syntax coloration if disabled
2.14
- PHP 7.2 compliance, with minimum PHP 5.6
- Use specialized fields whenever it's possible (email, ...)
- Add definition list capabilities (dl, dt, dd) to wiki (= <term>, : <definition>)
- Add <sup>...</sup> support in wiki, syntax : ^exponant^
- Add syntax property/method to dblayer driver
- Replace some js oriented background fading by CSS3 animation
- Enhance some visual focus indicators
- Enhance key event management in popup (Esc, Enter, ...)
- Template filters may now be extended (or modified) by 3rd party plugins (via behaviors)
- PSR-2 code formatting as far as possible (work in progress)
- Add two new ways to order tags (by oldest or newest associated post publication date)
- Update Codemirror to 5.38.0
- Update CKEditor to 4.9.2
- Update jQuery migrate plugin to 1.4.1
- Update jQuery UI (custom) 1.12.1
- Add a dark mode (via user preferences) for administration, CSS refactoring
- Animate some counters on dashboard icons (nb of comments, spam comments and posts)
- Various bugs and typos fixed
- Some locales and cosmetic adjustments