XOOPS: XOOPS 2.5.5 测试版发布

发布者: ForMusS于 2012/2/22 5:10:00 10238 阅读
XOOPS 开发团队 欣慰地宣布发布 XOOPS 2.5.5 测试版

本版本主要关注修复安全漏洞、公开的 bug 以及更新我们的库到最新版本

- phpMailer 5.2.1
- TinyMCE 3.4.8
- jQuery 1.7.1
- jQueryUI 1.8.17

更多信息请查看变更日志。

请注意:此为 测试版,仅用于功能测试!!!

绝对不要 在生产网站上安装它,也 绝对不要 用它升级任何生产网站!!!


请在此论坛发布并讨论与此发布相关的所有问题

我们也需要帮助进行 翻译

系统需求
-----------------------------------

PHP
任何 PHP 版本 >= 5.2(强烈推荐 PHP 5.3+)

MySQL
MySQL 服务器 5.0+

Web 服务器
任何支持所需 PHP 版本的服务器(强烈推荐 Apache)

下载 XOOPS
-----------------------------------

您可以从 Sourceforge 存储库 获取此发布包。
提供了 .zip 和 .gz 归档。

安装XOOPS(全新安装) ----------------------------------- 1. 复制htdocs/文件夹的内容,以便您的服务器可以访问 2. 确保web服务器可以写入mainfile.php和uploads/ 3. 考虑到安全性,建议将“/xoops_lib”目录(XOOPS库)和“/xoops_data”目录(XOOPS数据)移动到Document Root之外,并更改文件夹名称。 4. 使xoops_data/目录可写;如果不存在,创建并使xoops_data/caches/、xoops_data/caches/xoops_cache/、xoops_data/caches/smarty_cache/和xoops_data/caches/smarty_compile/可写。 5. 使用您的网页浏览器访问您安装了htdocs/文件的文件夹,以启动安装向导 您还可以查看详细的安装指南(点击此处查看安装指南)和操作指南(点击此处查看操作指南) 在XOOPS中安装Protector ----------------------------------- 我们还强烈推荐安装PROTECTOR模块,这将为您网站提供额外的安全保护和日志功能。 从先前版本升级 ----------------------------------- 从2.5.4升级到2.5.5 Beta: 1. 从SourceForge文件存储库获取正确的更新包 2. 用/htdocs中的内容覆盖您的服务器上XOOPS目录中的文件 * 确保将/xoops_lib的内容复制到服务器上保存的任何目录中(它应该是您当前的XOOPS_TRUST_PATH目录),然后删除/xoops_lib目录。不能有两个包含/xoops_lib内容的目录。 3. 通过模块管理接口更新“系统”模块。建议更新其他模块,尤其是“个人资料”、“消息传递”和“Protector”模块 从早于2.5.0的版本升级: 0. 验证系统要求,特别是PHP的版本。备份您的XOOPS数据库和网站目录。(有几种执行这些操作的方法,其他地方会讨论。)关闭您的网站是可选的。将mainfile.php和/include/license.php的权限改为可写,例如:文件 正常 升级 mainfile.php 400 700 /include/license.php 444 777 从SourceForge文件存储库获取正确的更新包。 1. 在更新包文件夹中,如果尚未存在,将“upgrade”文件夹移动到“htdocs”文件夹内。如果存在,请从“htdocs”文件夹中删除install文件夹。如果已将xoops_data和xoops_lib文件夹移动到网站根目录之外,请将这两个文件夹从更新包文件夹中的“htdocs”文件夹中移除。 2. 删除当前XOOPS网站上“/modules/system”目录(删除任何旧的不必要的文件)。 3. 用更新包“htdocs”文件夹中的内容覆盖当前XOOPS网站上XOOPS目录中的文件。(有几种执行此动作的方法,其他地方会讨论。)如上所述,如果已移动,用更新包中的内容覆盖当前xoops_data和xoops_lib中的文件。 4. 如果之前已安装Protector,打开“mainfile.php”文件,并删除Pre-check和Post-check行(如果存在): include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ; include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ; 5. 在您网站地址(URL)处,以管理员身份登录。访问/upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so. 6. Delete the "upgrade" folder from your site's "htdocs" directory. 7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary. 8. Change permissions on the files noted above back to their normal state. 9. Turn your site back on, if you turned it off earlier. Debug information display level ----------------------------------- Since XOOPS 2.3.1 debug information display level is enabled as a temporary solution for 2.3* to show debug information to different level of users: to all users, to members or to admins only. The configuration can be set in /xoops_data/configs/xoopsconfig.php As a default, the display level is set for 2 (Admin only). Files integrity check ----------------------------------- The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions: 1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php). 2. Execute checksum.php with your browser 3. If necessary, re-upload the missing or corrupted system files 4. Remove checksum.php and checksum.md5 from your server Modules ----------------------------------- This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES. How to contribute ----------------------------------- Bug report: http://sourceforge.net/tracker/?group_id=41586&atid=430840 Patch and enhancement: http://sourceforge.net/tracker/?group_id=41586&atid=430842 Feature design: http://sourceforge.net/tracker/?group_id=41586&atid=430843 Release announcement: https://lists.sourceforge.net/lists/listinfo/xoops-announcement We would like to thank all developers who contributed fixes to this release (ForMuss, Trabis, Mamba, DCrussader, Casag), and our users who helped us with testing, especially Sabahan. XOOPS Development Team February 21st, 2012 ================ Change Log ================ Security fixes: - XSS (Cross Site Scripting) vulnerability in PM module and tinymce (High-Tech Bridge Security Research Lab/trabis) Bugfixes: - Templates Manager does not handle single quotes correctly (trabis) - $xoTheme->addScript('', '', 'content here'); causes duplicate CDATA on cached pages (wishcraft/trabis) - System admin maintenance table names are incorrect if db_prefix length is not 4 (trabis) - System admin users advance search displays wrong results when using 'contains' or 'equal' in some fields (trabis) - System admin users pagination not working correctly for some fields (trabis) - System admin users blank page when site as many users (trabis) - /class/object.php deprecated message, should be /class/xoopsobject.php (mamba/trabis) - /class/module.php deprecated message, should be /class/xoopsmodule.php (mamba) - /class/user.php deprecated message, should be /class/xoopsuser.php (mamba) - ID: 3443381 Images stored in database not given correctly in edit mode (mage) - ID: 3201929 Change upper limit for Banner impressions (mamba/mage) - ID: 3432275 html structure (kris_fr/mage) - ID: 3461539 Incorrect value for setOrder() in modulesadmin/main.php (mage) - ID: 3469896 When deleting client, it doesn't delete finished banners (mamba/mage) - ID: 3442270 Date format and Xoops 2.5.4 (cesag/formuss) Updated: - TinyMCE to 3.4.8 (mamba) - jQuery to 1.71 (mamba) - jQueryUI to version 1.8.17 (mamba) - PhpMailer to version 5.2.1 (mamba) Improved: - Add key 'uid' on 'groups_users_link' table to allow joining 'users' table with better performance (trabis) - Add Comments, Templates, and Uninstall links to Module's Admin (mamba) Languages: - added \modules\system\language\english\admin.php _AM_SYSTEM_UNINSTALL - added \language\english\calendar.php _CAL_FORMAT - added \language\english\pmsg.php _PM_READ