安装XOOPS（全新安装） ----------------------------------- 1. 复制 htdocs/ 文件夹的内容，确保您的服务器可以访问它 2. 确保主要文件 mainfile.php 和 uploads/ 可由 Web 服务器写入 3. 为了安全起见，建议将目录 "/xoops_lib"（XOOPS 库）和 "/xoops_data"（XOOPS 数据）移出文档根目录，并更改文件夹名称。 4. 确保以下目录可由 Web 服务器写入：- uploads/，- uploads/avatars/，- uploads/images/，- uploads/ranks/，- uploads/smilies/，- xoops_lib/modules/protector/configs/，以及文件：- mainfile.php 和 - include/license.php 5. 使用您的 Web 浏览器访问安装 htdocs/ 文件的文件夹，以启动安装向导 文档: 请查阅 详细安装指南 和 操作指南 在XOOPS中安装保护者模块 ----------------------------------- 我们还强烈推荐安装 PROTECTOR 模块，这将为您网站带来额外的安全保护和日志记录功能。 从早期版本升级 ----------------------------------- 从 2.5.5 升级到 2.5.6 最终版： 1. 从 SourceForge 文件存储库获取正确的更新包 2. 使用更新包中 /htdocs 目录的内容覆盖您服务器上 XOOPS 目录中的文件 * 确保将 /xoops_lib 的内容复制到您现在在服务器上保存在的任何目录（它应该是您的当前 XOOPS_TRUST_PATH 目录），然后删除 /xoops_lib 目录。不允许出现两个包含 /xoops_lib 内容的目录 3. 前往 http://www.yoursite.com/upgrade 并从那里运行升级。完成后，请删除 /upgrade 文件夹 4. 如果尚未在升级过程中完成，请从模块管理界面运行“系统”模块的 Update 从低于 2.5.5 的更早版本升级（完整更新）： 0. 验证系统要求，特别是 PHP 版本。备份您的 XOOPS 数据库和网站目录。（这些操作有多种方法，其他地方另有讨论。）关闭您的网站是可选的。将 mainfile.php 和 /include/license.php 的权限更改为可写，例如：文件 正常 对升级 mainfile.php 400 700 /include/license.php 444 777 从 SourceForge 文件存储库获取 XOOPS 2.5.6 包。 1. 在升级包文件夹中，如果“upgrade”文件夹不在 "htdocs" 文件夹中，将其移动到 "htdocs" 文件夹内。如果已存在，从 "htdocs" 文件夹中删除 install 文件夹。如果已存在，从 "htdocs" 文件夹中删除 mainfile.php 文件。如果您已将 xoops_data 和 xoops_lib 文件夹移出了网站根目录，将这两个文件夹从升级包文件夹的 "htdocs" 文件夹中移出。 2. 删除当前 XOOPS 网站上的 /modules/system 目录（删除任何旧的不必要的文件）。 3. 使用升级包 "htdocs" 文件夹的内容覆盖当前 XOOPS 网站上的 XOOPS 目录中的文件。（这些操作有多种方法，其他地方另有讨论。）如上所述，如果已移位，覆盖您当前 xoops_data 和 xoops_lib 中的文件，用升级包中相应的文件内容替换。 4. 如果您之前已安装了保护者，请打开 "mainfile.php" 文件，并删除（如果存在）Pre-check 和 Post-check 行：include XOOPS_TRUST_PATH.'/modules/protector/include/precheck.inc.php' ; include XOOPS_TRUST_PATH.'/modules/protector/include/postcheck.inc.php' ; 5. 在您的网站地址（URL）处，以管理员身份登录。访问/upgrade/ with a browser, and follow the instructions (and any for updating your XOOPS database). After all updates have been applied (green checkmarks), note the link in the Updater to update the "system" module, and do so. 6. Delete the "upgrade" folder from your site's "htdocs" directory. 7. Update (reload) other modules, especially "Profile", "PM", and "Protector," if necessary. 8. Change permissions on the files noted above back to their normal state. 9. Turn your site back on, if you turned it off earlier. Debug information display level ----------------------------------- Since XOOPS 2.3.1 debug information display level is enabled as a temporary solution for 2.3* to show debug information to different level of users: to all users, to members or to admins only. The configuration can be set in /xoops_data/configs/xoopsconfig.php As a default, the display level is set for 2 (Admin only). Files integrity check ----------------------------------- The full XOOPS package is released with a script able to check if all the system files have been correctly uploaded to the server. To use it, follow these instructions: 1. Upload the checksum.php and checksum.md5 files located in the XOOPS package root to your XOOPS server folder (putting them next to mainfile.php). 2. Execute checksum.php with your browser 3. If necessary, re-upload the missing or corrupted system files 4. Remove checksum.php and checksum.md5 from your server Modules ----------------------------------- This release contains only the "system-related modules". You are invited to browse the XOOPS modules repository to if you need additional functionality. Note: as a new repository is being built, the current repository is not up-to-date, PLEASE VISIT INDIVIDUAL DEVELOPERS' WEBSITES TO MAKE SURE YOU ARE USING LATEST VERSION OF MODULES. How to contribute ----------------------------------- Bug report: http://sourceforge.net/tracker/?group_id=41586&atid=430840 Patch and enhancement: http://sourceforge.net/tracker/?group_id=41586&atid=430842 Feature design: http://sourceforge.net/tracker/?group_id=41586&atid=430843 Release announcement: https://lists.sourceforge.net/lists/listinfo/xoops-announcement We would like to thank all developers who contributed fixes to this release (Mage, ForMuss, Trabis, Mamba, DCrussader, XavierS, Cesag, Timgno, Culex, Luciorota, Geekwright, Tatane, PMartina, Paul, Alain091, Voltan, Xoobaru), and all our users who helped us with testing. XOOPS Development Team April 28, 2013 ========================== Change Log for XOOPS 2.5.6 Final ========================== Security fixes: - XSS/CSRF vulnerability in system/admin/groupperm.php (Dingjie Yang,Qualys/trabis) - XSS/CSRF vulnerability in system/modulesadmin/main.php (Dingjie Yang,Qualys/trabis) - XSS/CSRF vulnerability in system/admin/blocksadmin/main.php (Marcin,Ariko-Security Team/trabis) - LFI vulnerability in system/admin/tplsets/jquery.php (Marcin,Ariko-Security Team/trabis) Bugfixes: - updated English translations (Cesag,Mamba) - extra check for $noHtml in XoopsEditorHandler->get (luciorota) - fixing $GLOBAL typo in jquery.php (Zyspec) - Array to string conversion (geekwright/mamba) - issues with missing xoopscomments table (geekwright/sabahan/Mamba) - bug with using reference for non-variables (geekwright/mamba) - number of users when "all groups" selected was wrong (tatane/mamba) - fix for potential lack of rendering css and javascript in Installer on the last screen (culex) - fix for missing Protector logo under PHP 5.4 (mamba) - replacing ereg with preg_match in userutility.php (pmartina/paul) - #1219 dhtmltextarea editor accent not displayed (cesag/alain091) - added missing call for user language in /profile/index.php (xoobaru/zyspec) - errors related to static functions, so it works on PHP 5.4 (Mamba) - bug #1245 in class XoopsLoad.php (Alain91) Updated: - TinyMCE to 3.5.8 (mamba) - Smarty to 2.6.27 (mamba) - jQuery to 1.8.3 (mamba) - jQueryUI to version 1.10 (mamba) Added: - Fast Comment Hack (Voltan) Languages: ADDED/DELETED DEFINES - none