XOOPS: XOOPS 2.5.7 最终版发布

发布者: Mamba于 2014/6/16 8:50:00 52986 次阅读
xoops 开发团队很高兴地宣布推出 xoops 2.5.7 正式版。 本次发布重点关注使xoops 2.5.7完全兼容 PHP 5.5.x,增强安全性,修复错误,以及更新外部库到最新版本: - jQuery 到 1.11.0 - jQuery UI 到 1.10.4 - jQuery Lightbox 到 1.2.3 - jQuery Form 到 3.50.0 - jQuery Tablesorter 到 2.15.11 - jGrowl 到 1.2.14 - TinyMCE 到 3.5.11 Angelo Rocha 还提供了一套新的酷炫主题:基于 Bootstrap 的 xBootstrap 主题 Resized Image 由于这个版本包括安全修复,强烈建议尽快更新到此版本! 请参阅更改日志以获取更多详细信息。 重要提示: ----------------------------------- 由于安全方面的变更,可能出现一种情况,即在一两个模块中,管理员的权限保存可能不起作用。我们正在完善基本模块包,其中所有模块都已在本 2.5.6 版的xoops上进行过测试。请在xoops网站上查看有关更新模块的特别公告,或在xoops论坛上提出问题。或者您可以在/docs文件夹中的“fixing_permissions.txt”文件中了解如何自行修复的更详细信息。 请在此论坛线程中发布和讨论与此版本相关的问题。 我们还需要帮助使用Transifex进行翻译 翻译 系统要求 ----------------------------------- 最小PHP版本:5.3.7 请注意:虽然xoops核心在PHP 5.5.x上运行正常,但这并不意味着所有模块都能正确运行,因此您需要首先进行测试。新发布的符合我们基本模块包的条件,所有这些模块都已在本PHP 5.5.x上进行过测试,并且应该能够顺利运行。我们也在致力于更新专门针对xoops 2.5.7的基本模块包。如果您遇到任何问题,请在我们的支持论坛中告知,在 此线程 中。 Viva XOOPS! 下载XOOPS ----------------------------------- 您可以从Sourceforge仓库获取此发布包。提供.zip和.gz存档。

安装XOOPS(新安装) ----------------------------------- 1. 复制htdocs/文件夹的内容,使其可通过服务器访问 2. 确保mainfile.php和uploads/文件夹可由Web服务器写入 3. 为了安全考虑,建议将"/xoops_lib"(XOOPS库所在的目录)和"/xoops_data"(XOOPS数据所在的目录)移动到Document Root之外,并更改文件夹名称 4. 确保以下目录:- uploads/、- uploads/avatars/ - uploads/images/ - uploads/ranks/ - uploads/smilies/ - xoops_lib/modules/protector/configs/ 和以下文件:- mainfile.php 和 - include/license.php 可由Web服务器写入 5. 使用Web浏览器访问您安装的htdocs/文件所在的文件夹以启动安装向导 文档:请查阅详细安装指南操作指南 在XOOPS中安装Protector ----------------------------------- 我们还强烈建议安装PROTECTOR模块,该模块将为您的网站提供额外的安全保护和日志记录功能。 从先前的版本升级 ----------------------------------- 从2.5.6升级到2.5.7最终版: 1. 从sourceforge文件库获取正确的更新包 2. 用/htdocs的内容覆盖您服务器上XOOPS目录中的文件 * 确保您将/xoops_lib的内容复制到服务器上您现在保留的任何目录中(它应该是您当前的XOOPS_TRUST_PATH目录),然后删除/xoops_lib目录。不能有两个包含/xoops_lib内容的目录 3. 前往http://www.yoursite.com/upgrade并从这里运行升级。完成后,删除/upgrade文件夹 4. 如果未在上面的升级过程中完成,请从模块管理接口运行“系统”模块的更新。建议其他模块(特别是“个人资料”、“短消息”和“Protector”)也进行更新 从2.5.6之前的版本升级(完整更新): 0. 检查系统要求,特别是PHP版本。备份XOOPS数据库和网站目录。(有几种方法执行这些操作,这些操作在其他地方讨论过。)关闭您的网站是可选的。将mainfile.php和/include/license.php的权限更改为可写入,例如:文件 正常 对于升级 mainfile.php 400 700 /include/license.php 444 777 从SourceForge文件库获取XOOPS 2.5.7包。 1. 在升级包文件夹中,将"upgrade"文件夹移动到"htdocs"文件夹内(如果尚不存在)。如果存在,从"htdocs"文件夹中删除安装文件夹。如果存在,从"htdocs"文件夹中删除mainfile.php文件。如果您已将xoops_data和xoops_lib文件夹移动到网站根目录之外,请将这些文件夹从升级包文件夹中的"htdocs"文件夹移动出来。 2. 删除您当前XOOPS网站上/modules/system目录(以去除任何旧的无用文件)。 3. 用升级包中"htdocs"文件夹的内容覆盖您当前XOOPS网站上XOOPS目录中的文件。(有几种方法执行此操作,这些操作在其他地方讨论过。)如上所述,如果已移动,请使用升级包中的内容覆盖您当前xoops_data和xoops_lib中的文件。 4. 如果您已经安装了Protector,请打开"mainfile.php"文件,并删除(如果存在)Pre-check和Post-check行:include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ; include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ; 5. 在您的网站地址(URL)上以管理员身份登录。访问/upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so. 6. Delete the "upgrade" folder from your site's "htdocs" directory. 7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary. 8. Change permissions on the files noted above back to their normal state. 9. Turn your site back on, if you turned it off earlier. Debug information display level ----------------------------------- Since XOOPS 2.3.1 debug information display level is enabled to show debug information to different level of users: to all users, to members or to admins only. The configuration can be set in /xoops_data/configs/xoopsconfig.php As a default, the display level is set for 2 (Admin only). Files integrity check ----------------------------------- The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions: 1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php). 2. Execute checksum.php with your browser 3. If necessary, re-upload the missing or corrupted system files 4. Remove checksum.php and checksum.md5 from your server Modules ----------------------------------- This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES. How to contribute ----------------------------------- Bug report: http://sourceforge.net/tracker/?group_id=41586&atid=430840 Patch and enhancement: http://sourceforge.net/tracker/?group_id=41586&atid=430842 Feature design: http://sourceforge.net/tracker/?group_id=41586&atid=430843 Release announcement: https://lists.sourceforge.net/lists/listinfo/xoops-announcement We would like to thank all developers who contributed fixes to this release (Alain091, Alain01 Alfred, AngeloRocha, Bleekk, Cesag, Culex, Geekwright, Goffy, iHackCode Irmftan, jegelstaff, Luciorota, madDan, Mamba, Manuel Garcia Cardenas, Guspel, Jcweb, Mehdi Dadkhah, Mowaffaq, Pedro Ribeiro, Roby73, Slider84,, SMEDrieben, Tarik, Tatane, Timgno, , Trabis, , Voltan, Wishcraft, Xoobaru, Zyspec) Special Thanks go to our fantastic UI/UX Team for the xBootstrap theme: - AngeloRocha - Bleekk - Heyula And of course, a BIG THANK YOU to all our users who helped us with testing. XOOPS Development Team June 15, 2014 ========================== Change Log for XOOPS 2.5.7 Final ========================== Security fixes: - XSS issues reported by Mehdi Dadkhah (rgriffith) - Fix security issues reported by Pedro Ribeiro of Agile Information Security (rgriffith) - Fix XSS issue reported by Manuel Garcia Cardenas (rgriffith) Bugfixes: - ID: 1143 (old ID 430840) class/module.errorhandler.php (uberrookie/zyspec) - ID: 1225 Restore user theme choice during "Remember me" processing. (rgriffith) - ID: 1226 Change value of clickable due to issues centering on CaricaFoto script (rgriffith) - ID: 1227 Sorting bug in Profile module search (Zyspec) - ID: 1246 Fallback to english for admin theme language files if no language specific file exists (rgriffith) - ID: 1261 Fix as proposed by Irmtfan (irmtfan/rgriffith) - ID: 1268 reduce db load if XoopsFormSelectUser is called multiple times in a page load (rgriffith) - ID: 1269 Block template file will not updated after update the module (irmtfan) - ID: 1270 template issue in email notifications (changed X_ITEM_TILE to X_ITEM_NAME) (alain01/slider84/mamba) - ID: 1271 install last page no css/js (tarik/rgriffith)) - ID: 1272 delete functions always return true (rgriffith) - ID: 1273 template duplicate issue (irmtfan) - ID: 1274 prevent multiple inclusions of a module's xoops_version.php (irmtfan/rgriffith) - ID: 1278 _AM_SENDMTOUSERS missed (Mowaffaq/mamba) - ID: 1281 initialize arrays as empty arrays rather than null (rgriffith) - ID: 1285 check if session exists before attempting to start a new one (wishcraft) - ID: 1287 assigning "static" to various class methods (wishcraft/mamba) - ID: 1291 xoops_getModuleOption() did not respect $dirname (rgriffith) - ID: 1382 add cleanup of unused avatar resources to admin maintenance page (rgriffith) - reversing fix for potential lack of rendering css and javascript in Installer on the last screen by culex - removing @ in link[@rel*=style][title] in styleswitch.js (not needed in jQuery 1.83) (SMEDrieben/Mamba) - added missing "`" in upgrade from 2.0.18 to 2.3.0 (mamba) - fixing errors in upgrade from 2.4.0 to 2.4.1 (mamba,voltan) - added check for menu link description in ModuleAdmin - fixed wrong return icon in Smarty xoModuleIcons32 - fixed issue with jGrows in xoops.css (xoobaru/tarik) - fix for deprecated "preg_replace/e" function in PHP 5.5 (mamba) - added: check if 'date.timezone' is set in php.ini, if not, set it to UTC (cesag/mamba) - assigned _SHORTDATESTRING to _CAL_FORMAT to have consistency in local languages (jcweb/guspel) - fixed bug in calendar.js (mamba) - added link to Module's Admin after "Update" (currently only to XOOPS Modules section) (mamba) - added placeholder for a link to upload test data, if available after installation (mamba) - solved bug into PM module readpmsg.php (escrime-info/slider84) - fixed missing check on variable in userinfo.php (cesag/mamba) - replaced extract($_POST) in /include/comment_delete.php with filters (mamba) - adding some missing generic default fonts (mamba) - removing some unreachable statements (mamba) - replacing deprecated HTML tags (mamba) - bug in commentrenderer.php (Roby73/irmtfan) - added missing info about new language constants in Fast Comments (irmtfan/mamba) - fixed Undefined index: uid in file /modules/profile/userinfo.php line 24 (cesag/mamba) - set minimum PHP version to 5.3.7 (mamba) - added missing apostrophe corrections for Date types in CleanVars in /class/model/write.php - added function escape to XoopsMySQLDatabase, needed for Formulize (jegelstaff) - added blank.gif images to ModuleAdmin icons (timgno) - addedd [soundcloud] BB code as supplied by (iHackCode/rgriffith) - fix for cancel button in javascript (currently it still entered the text, even if canceled) (mamba) - added "module_status" to show with module Version (mamba) - patch for input validation bypass issue reported by Tatane (tatane/rgriffith) - change default value for usercookie config to match change in 2.6.0. (rgriffith) - correct method used to determine the current effective language.(rgriffith) - fix errors "PHP Strict standards: Redefining already defined constructor" under PHP 5.5 (rgriffith) - fix to correctly load the CSS file into the header in ModuleAdmin (Bleekk, Alfred) - added "title" to buttons in DHTML Editor (mamba) - updated required PHP and XOOPS versions, module versions in modules (cesag/mamba) - added xBootstrap theme (UI/UX Team: Angelo Rocha, Bleekk, Heyula) - added extra escape for "e" in YESTERDAY definition in locale.php, which was added in PHP 5.4 (madDan) - fixed PHP minimum version comparison in ModuleAdmin (mamba) - fixed System Module image manager and popup image manager save images in different directories(luciorota) - added PHPDoc comments for classes and functions (mamba) - fixed System Module image manager html/js bugs (luciorota) - replaced "array_diff_assoc" with "array_diff_key" in /class/theme_blocks.php (masel/mamba) - icons for active module sections in System module not shown correctly (Slider84/mamba) - added two new language definitions (see lang_diff.txt) - added Office 2007 MIME types (Voltan) - added xml MIME type (Goffy) - added new icons (mamba) - updated XoopsMediaUploader to use system memory values from php.ini, and to offer random file names (mamba/luciorota/zyspec) - added .tpl to XoopsList's getHtmlListAsArray (wizanda) - updating xBootstrap (voltan, Angelo Rocha) - moved all images, CSS, and JS files to /assets in modules Profile and PM (mamba) - renamed .html Smarty templates to .tpl in modules Profile and PM (mamba) - corrected English typos (cesag) - added missing .php file extension (AngeloRocha/Zyspec/rgriffith) - deprecated destoryVars($var) in object.php (cesag/rgriffith) - update phpmailer translation array to include all keys, and remove reassignment of $PHPMAILER_LANG as array() (cesag/rgriffith) - added XoopsRequest class (rgriffith) - removed hard-coded text from installation (mamba) Updated: - jQuery to 1.11.0 (mamba) - jQuery UI 1.10.4 (mamba) - jQuery Lightbox to 1.2.3 (mamba) - jQuery Form to 3.50.0 (mamba) - jQuery Tablesorter to 2.5.11 (mamba) - jGrowl to 1.2.14 (mamba) - prototype.js to 1.7.1, Aug 2012 (rgriffith) - HTML Purifier to 4.6.0 (mamba) - TinyMCE to 3.5.11 (mamba) Added: Languages: ADDED/DELETED DEFINES /modules/system/language/english/admin.php - added define('_AM_SYSTEM_USAGE',"Usage"); - added define('_AM_SYSTEM_ACTIVE',"Active"); /install/language/english/install.php - added define('WRITTEN_LICENSE',"Written XOOPS %s License Key: %s");