XOOPS: XOOPS 2.5.5 最终版发布

帖子发布者: Mamba于 2012/4/16 5:40:00 67346 阅读
XOOPS 开发团队 欣喜地宣布发布 XOOPS 2.5.5 最终版。

Resized Image

此次发布专注于修复公开的虫洞以及将外部库更新到最新版本

- phpMailer 5.2.1
- TinyMCE 3.4.9
- jQuery 1.7.2
- jQueryUI 1.8.18
- HTML Purifier 4.4.0
- phpThumb 1.7.11
- jGrowl 1.2.6

由于其还包含一个安全修复,强烈建议尽快更新到这个版本!

查看变更日志以获取更多详细信息。

请在此论坛发布并讨论与此发布相关的所有问题

我们也需要在使用Transifex进行翻译方面提供帮助

系统要求
-----------------------------------

PHP
任何PHP版本 >= 5.2(强烈推荐PHP 5.3+)

MySQL
MySQL服务器 5.0+

Web服务器
支持所需PHP版本的任何服务器(强烈推荐Apache)

下载XOOPS
-----------------------------------

您可以从Sourceforge仓库获取此版本发行包。
提供了.zip和.gz存档。

安装XOOPS(全新安装) ----------------------------------- 1. 将htdocs/文件夹的内容复制到可由您的服务器访问的位置 2. 确保mainfile.php和uploads/目录可以被Web服务器写入 3. 考虑到安全因素,建议将"/xoops_lib"(XOOPS库)和"/xoops_data"(XOOPS数据)目录从Document Root移出,并更改文件夹名称 4. 确保以下目录可被Web服务器写入:- uploads/、- uploads/avatars/、- uploads/images/、- uploads/ranks/、- uploads/smilies/、- xoops_lib/modules/protector/configs/ 以及文件:- mainfile.php 和 - include/license.php 5. 使用您的Web浏览器访问已安装的htdocs/文件所在的文件夹,以启动安装向导 文档:请查看详细安装指南操作指南 在XOOPS中安装Protector ----------------------------------- 我们还强烈推荐安装PROTECTOR模块,这将为您网站的提供额外的安全保护和管理日志功能。 从先前版本更新 ----------------------------------- 从2.5.4更新到2.5.5最终版: 1. 从sourceforge文件仓库获取正确的更新包 2. 使用/htdocs的内容覆盖您服务器上的XOOPS目录中的文件 * 请确保将/xoops_lib的内容复制到服务器上的任何目录(它应该是您当前的XOOPS_TRUST_PATH目录),然后删除/xoops_lib目录。不能有两个包含/xoops_lib内容的目录 3. 通过模块管理界面更新“系统”模块。建议更新其他模块,特别是“用户资料”、“私信”和“Protector” 从比2.5.0更早的版本更新(完整更新): 0. 验证系统要求,特别是PHP版本。备份XOOPS数据库和网站目录。(关于如何执行这些操作,其他地方有讨论。)关闭网站是可选的。将mainfile.php和/include/license.php的权限更改为可写,例如:文件 正常 对升级 mainfile.php 400 700 /include/license.php 444 777 从SourceForge文件仓库获取XOOPS 2.5.5包。 1. 在升级包文件夹中,将“upgrade”文件夹移动到“htdocs”文件夹内,如果它不在那里。如果存在,从“htdocs”文件夹中删除install文件夹。如果存在,从“htdocs”文件夹中删除mainfile.php文件。如果您已将xoops_data和xoops_lib文件夹移出了您网站的根目录,请将这些文件夹从升级包文件夹中的“htdocs”文件夹移出。 2. 在您当前XOOPS网站中删除/modules/system目录(以删除任何旧的不必要文件)。 3. 使用升级包的“htdocs”文件夹中的内容覆盖您当前XOOPS网站中的XOOPS目录中的文件。(关于如何执行此操作,其他地方有讨论。)如上所述,如果已移动,请使用升级包中的内容覆盖您的当前xoops_data和xoops_lib中的文件。 4.如果您先前已安装Protector,打开“mainfile.php”文件,并删除Pre-check和Post-check行(如果存在):include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ; include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ; 5. 在您网站的地址(URL)上,以管理员身份登录。访问/upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so. 6. Delete the "upgrade" folder from your site's "htdocs" directory. 7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary. 8. Change permissions on the files noted above back to their normal state. 9. Turn your site back on, if you turned it off earlier. Debug information display level ----------------------------------- Since XOOPS 2.3.1 debug information display level is enabled as a temporary solution for 2.3* to show debug information to different level of users: to all users, to members or to admins only. The configuration can be set in /xoops_data/configs/xoopsconfig.php As a default, the display level is set for 2 (Admin only). Files integrity check ----------------------------------- The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions: 1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php). 2. Execute checksum.php with your browser 3. If necessary, re-upload the missing or corrupted system files 4. Remove checksum.php and checksum.md5 from your server Modules ----------------------------------- This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES. How to contribute ----------------------------------- Bug report: http://sourceforge.net/tracker/?group_id=41586&atid=430840 Patch and enhancement: http://sourceforge.net/tracker/?group_id=41586&atid=430842 Feature design: http://sourceforge.net/tracker/?group_id=41586&atid=430843 Release announcement: https://lists.sourceforge.net/lists/listinfo/xoops-announcement We would like to thank all developers who contributed fixes to this release (Mage, ForMuss, Trabis, Wishcraft, Mamba, DCrussader, XavierS, Cesag, Timgno, Culex), and all our users who helped us with testing. XOOPS Development Team April 15th, 2012 ========================== Change Log for XOOPS 2.5.5 Final ========================== (for previous versions see here: - XOOPS 2.5.5 RC - XOOPS 2.5.5 Beta) Security fixes: - XSS (Cross Site Scripting) vulnerability in PM module and tinymce (High-Tech Bridge Security Research Lab/trabis) Bugfixes: - Templates Manager does not handle single quotes correctly (trabis) - $xoTheme->addScript('', '', 'content here'); causes duplicate CDATA on cached pages (wishcraft/trabis) - System admin maintenance table names are incorrect if db_prefix length is not 4 (trabis) - System admin users advance search displays wrong results when using 'contains' or 'equal' in some fields (trabis) - System admin users pagination not working correctly for some fields (trabis) - System admin users blank page when site as many users (trabis) - /class/object.php deprecated message, should be /class/xoopsobject.php (mamba/trabis) - /class/module.php deprecated message, should be /class/xoopsmodule.php (mamba) - /class/user.php deprecated message, should be /class/xoopsuser.php (mamba) - ID: 3443381 Images stored in database not given correctly in edit mode (mage) - ID: 3201929 Change upper limit for Banner impressions (mamba/mage) - ID: 3432275 html structure (kris_fr/mage) - ID: 3461539 Incorrect value for setOrder() in modulesadmin/main.php (mage) - ID: 3469896 When deleting client, it doesn't delete finished banners (mamba/mage) - ID: 3442270 Date format and Xoops 2.5.4 (cesag/formuss) - ID: 3494895 When changing the # of visible entries in Protector, it goes to Admin (jcweb/mamba) - ID: 3494894 Calendar shows 40 days (peekay/mage) - ID: 3494896 Image Manager category creation restrictions (voltan/mage) - ID: 3494893 PM Messages deleted from Saved box (Danielw42/mage) - ID: 3501897 Protector errors (cesag/XavierS) - ID: 3511204 TinyEditor only loading in the 'Scoop' part of the News module (peekay/XavierS) - ID: 3511205 Bug in fresh install in page_configsave.php (XavierS) - preventing division by zero in pagenav.php (timgno) - ID: 3466534 tooltip "$ not defined" fix (culex) - ID: 3513787 wrong cookie_domain (arion92fr) - ID: 3518291 Fix of variables assigned by reference in formelementtray - problem in formtextdateselect (wishcraft) Updated: - HTML Purifier to 4.4.0 (mamba) - TinyMCE to 3.4.9 (mamba) - jQuery to 1.72 (mamba) - jQueryUI to version 1.8.18 (mamba) - phpThumb to 1.7.11 (mamba) - jGrowl to 1.2.6 (mowaffaq/mamba) Improved: - replacing "msnbot" with "bingbot" in Protector (mamba) - Add key 'uid' on 'groups_users_link' table to allow joining 'users' table with better performance (trabis) - Add Comments, Templates, and Uninstall links to Module's Admin (mamba) Languages: ADDED/DELETED DEFINES /Frameworks/moduleclasses/moduleadmin/language/english/main.php - added define("_AM_MODULEADMIN_HOME", "Home"); - added define("_AM_MODULEADMIN_DASHBOARD", "Dashboard"); - added define("_AM_MODULEADMIN_ABOUT", "About"); - added define("_AM_MODULEADMIN_PERMISSIONS", "Permissions"); - added define("_AM_MODULEADMIN_ABOUT_RELEASEDATE","Released: "); - added define("_AM_MODULEADMIN_ABOUT_AUTHOR","Author: "); - added define("_AM_MODULEADMIN_ABOUT_CREDITS","Credits: "); - added define("_AM_MODULEADMIN_ABOUT_LICENSE","License: "); - added define("_AM_MODULEADMIN_ABOUT_AUTHOR_NAME","Author name: "); - added define("_AM_MODULEADMIN_ABOUT_AUTHOR_INFO","Author Info"); - added define("_AM_MODULEADMIN_ADMIN_FOOTER", "
此模块由XOOPS社区维护
"); /language/english/calendar.php - 添加define("_CAL_FORMAT","Y-m-d"); /xoops_lib\modules\protector\language\english\modinfo.php - 添加define($constpref."_ADMINHOME","Home"); - 添加define($constpref."_ADMINABOUT","About"); - 添加define($constpref+'_STOPFORUMSPAM_ACTION','Stop Forum Spam'); - 添加define($constpref.'_STOPFORUMSPAM_ACTIONDSC','与http://www.stopforumspam.com 数据库中的垃圾邮件发送者注册信息比对。需要php CURL库。'); /install/language/english/install.php - 添加define("FILTER_FUNCTIONS", "Filter functions"); /language/english/global.php - 添加define('_DBDATESTRING', 'Y-m-d'); - 添加define('_DBTIMESTRING', 'H:i:s'); - 添加define('_DBTIMESTAMPSTRING', 'Y-m-d H:i:s'); /language/english/pmsg.php - 添加define('_PM_READ', '已读'); /modules\system\language\english\admin.php - 添加define("_AM_SYSTEM_UNINSTALL","卸载"); 参考文档:/modules/profile/docs/lang_diff.txt