phpList 3.4.3
19 June 2019
phpList version 3.4.3 is now available (security release).
Upgrading to phpList 3.4.3
phpList 3.4.3 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply phpList updates as new versions are released, or use Installatron's Clone feature to duplicate an existing phpList install to test the 3.4.3 upgrade prior to applying it live. Get started managing your phpList installations with Installatron
What's New in phpList 3.4.3
Security
- Add a check to confirm a list is not private before adding a subscriber to it from the "Subscribe" or "Update preferences" pages
- Escape title value in "Edit subscribe page" to prevent attacks
Highlights
- New aggregated domain statistics
- REST API action: count list subscribers
- Added optional Sender ID header support and configuration, to allow phpList compliance with feedback loop services which use it (e.g. Gmail and Microsoft)
- Added support for setting list membership and HTML preference via HTTP GET vars for remote subscriptions/ajax/form submissions and
- Added data verification for $_GET['list'] and $_GET['htmlemail']
- Add a check for required PHP modules that are missing and display an error message with the missing PHP module names if there is any, check the the pull request for the list of modules
- Display 'bounce date' instead of 'bounce processing time' on the Subscriber Profile page in order to avoid confusing data related to the bounce
- Before moving updated files in place via the Automatic Updater, run a version compare check for the downloaded copy of phpList to ensure that the downloaded version is an upgrade not downgrade (e.g. for RC releases)
Bug Fixes
- On the "Manage Templates" page fixed the incorrect URL for the 'Edit' button
- Fixed 500 Internal Server Error in web developer network when using PHP version 7.2.0 or higher
- Stop an SQL syntax warning being displayed when running the 'Send' page from the command line
- Sanitise the plugin Category so that it can be used as an HTML ID attribute value and successfully linked to
- Update $GLOBALS['jQuery'] to avoid a 404 error in the error log
- Remove duplicate page title on "Verify Database Structure" page
Known Issues
- Since the upgrade of jQuery and associated scripts in phpList 3.4.0, when using the Trevelin theme, the Language menu within the main navigation has incurred an intermittent problem whereby on some page loads the menu is not visible. Refreshing the page frequently returns the menu to operation, and using browser debugg tools to make the menu visible using CSS also makes it temporarily accessible so that the language can be changed. You can track progress of this issue on the associated mantis issue 19988.