Dotclear 2.33
19 February 2025
Dotclear version 2.33 is now available (major release).
Upgrading to Dotclear 2.33
Dotclear 2.33 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Dotclear updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Dotclear install to test the 2.33 upgrade prior to applying it live. Get started managing your Dotclear installations with Installatron
What's New in Dotclear 2.33
Security
- Fix potential XSS, thanks Ratnesh Kumar for reporting this issue
- Escape HTML content in filters' input fields
- Disallow double (or more) extensions on media upload file, fix a potential RCE reported by Ratnesh Kumar.
Bug Fixes and Changes
- PHP 8.1+ is required, PHP 8.2, 8.3 and 8.4 compliance
- Get title and description from SVG if exist
- Add optional release date to modules and display them if present
- Status management revamped (entries, comments, users, blogs, ...)
- New behavior coreBlogBeforeGetPostsAddingParameters (used for some db requests)
- Add left/right arrow key navigation from post to post (or page to page)
- Adjust (small) image size in some popup display
- Add media title to metadata list
- Add direct submit on quick menu selection (search field)
- Add a required attribute to password of the chosen action is delete on blogs page management
- Add count of available updates for plugins and themes in tab title
- Review "Lock theme update" note, thanks Gérard Barré for this suggestion
- Adjust size and positions of sub/sup texts
- Add media title as ordering criteria
- Apply a lexical sort for names and titles of media
- During meta (tags) search, add a second loop looking after the beginning (those results will be displayed at the end of the list)
- Remove stats (no of entries, usage frequency) on autocomplete list (tags)
- Classic editor: Set some CSS attributes to avoid dynamic inline style insertion during copy'n'paste
- Switch from : to ▶ character for current/active menu-item indicator (with a fallback to :)
- Remove metadata frequency information (not useful in backend)
- Cope with large SVG icon in sidebar of entry edition page
- Media item page: on display list of entries using the media, display now two lists (inside entry/entry attachments).
- Cope with alternate text and description of video and audio media during insertion
- Lock/unlock button (on input/textarea) was not accessible
- Don't display a warning about missing permission for super-admin newly created users
- SQL error on changing existing user id, the prefs were created from the old id, not the new one
- On some servers, OPCache API might be restricted. Try to detect this.
- Don't display twice the media title in media metadata list
- In en empty media folder, uploaded files using the enhanced uploader were not displayed
- Ensure there is at least one available language to download before showing the according form
- XMP metadata were badly read from image file
- Cope with non existing settings in Ductile configuration
- Boxes alignment on blog appearance page
- Date format label in blog parameters
- Sortable blocks system on dashboard
- Various bugs, a11y concerns and typos fixed
- Some locales and cosmetic adjustments