Tiki Wiki CMS Groupware 10.3
28 June 2013
Tiki Wiki CMS Groupware version 10.3 is now available.
Upgrading to Tiki Wiki CMS Groupware 10.3
Tiki Wiki CMS Groupware 10.3 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply Tiki Wiki CMS Groupware updates as new versions are released, or use Installatron's Clone feature to duplicate an existing Tiki Wiki CMS Groupware install to test the 10.3 upgrade prior to applying it live. Get started managing your Tiki Wiki CMS Groupware installations with Installatron
What's New in Tiki Wiki CMS Groupware 10.3
- Security: Validate email to prevent XSS
- Security: Use parameterized queries to avoid XSS
- Security: convertSortMode must always return a string which can follow "order by"
- Security: Always use parameters in queries to prevent XSS
- Security: Login passcode: Add option to show passcode on registration form. Together with r45367, helps avoid unauthorized user trackers from being created upon registration
- Enhancement: Add the possibility to filter list with tags + display number of result
- Fix: Usability fix: wording was missleading, and fixed former non-English sentences.
- Fix: Usability fix based on feedback from training provided to experienced tiki users but newbie tiki admins (the wording might be improved). Thanks ricks99 and and jonnyb for feedback
- Fix: Clearing Tiki caches finally cleans also folders from PluginR under temp/cache.
- Fix: partially revert r45878. the fatal error is produced only by the call time pass by reference. this param should remain being passed by reference.
- Fix: auto_save: Check the user doing the save or preview has permission and is the one currently editing the page. Thanks Marcela B?\195?\169n?\195?\169trix Also modernise library use and fix some missing and/or unset vars. * Fix: Restore pagination (thanks Torsten)
- Fix: tracker plugin: Stop page exploding when there are validation issues with the "generate() on a non-object" error (by including captchalib and assigning the global before use). However, the antibot code should not be appearing for registered users even when making a mistake, so partial revert of r45315 to fix the logic here and moving the showmandatory assign out of the "if antibot" clause. Thanks jonnyb
- Fix: The Id column is now also sortable
- Fix: Fix warnings which interfere with proper XML syntax in RSS feeds
- Fix: when a user is removed, remove it's reports preferences and cache. thks sampaioprimo
- Fix: Usability fix: count number next to numeric options (e.g. 1 to 5 in radio buttons, which can be quite common in surveys) and no column names is missleading for end users. Added a param to allow removing the count number, at least, since the user can display results in bars or percentages which is much less missleading. Not commited to 11.x but to trunk since there is no such file there (!)
- Fix: Usability: calendarid param was lost after each new edition through the convene js interface, and the icon at the bottom to add the date to the calendar is nowadays only shown after a minimum number of votes have been cast, to prevent new users clicking at the icon when all dates have the icon (at the beginning) assuming that this is the way to indicate their choices (minvotes set to 3 by default, but overridable with a param)
- Fix: Call-time pass-by-reference has been deprecated in PHP 5, and in PHP 5.4, '&$watches' produced 'Fatal error'. Thanks lph and jonnyb for feedback on this issue.
- Fix: Actually show newest articles on top
- Fix: trackerlist: export link fix when no sefurl (and add missing service dialog)
- Fix: Since the Jison Parser is only for programmers for now, removing from the admin panel. The problem is that end users tend to click everything to try stuff, but then, they report bugs and don't know they are Json parser bugs
- Fix: jison parser: Disable feature_jison_wiki_parser in the systemConfiguration, which switches it off and disables the prefs needed to turn it back on. This is to reduce support issues resulting from people trying it out by mistake and running into trouble. Can be overridden by just commenting the line out, or adding it to a tiki.ini file, for development (thanks marclaporte)
- Fix: Various improvements and documentation to Registration Passcode to block automated spammers. Used double-quotes instead of single quotes, which is better for translations
- Fix: Display article type attributes in predictable order
- Fix: Option allowing to make freetags less invisible, like in Tiki3
- Fix: Don't show Slideshow button if feature not active
- Fix: Register passcode: If passcode fails, also prevent user tracker from being created.
- Fix: ReCaptcha: Widget was disappearing when a wrong antibot code was entered and was displaying error messages when a correct one was entered. Also, just show error message once. Still disappears when a pretty registration tracker is used (smarty tpl variables don't seem to be recognized)
- Fix: Clean the pdf output generated by PluginR. Thanks jyhem
- Fix: If admin validation is on, and user has been approved, resend email does not go to user