e107 Bootstrap CMS (Content Management System) v2 with PHP, MySQL, HTML5, jQuery and Twitter Bootstrap. Issue Discussion Room: https://gitter.im/e107inc/e107
admin_log_ui::maintenanceProcess() by @Deltik #4831
e107forum::getForumClassMembers() by @Deltik #4931
db_verify::getIndex(): Support index_col_name optional parts by @Deltik #5055
e_user_model::checkAdminPerms() and getperms() by @Deltik #5070
Full Changelog: https://github.com/e107inc/e107/compare/v2.3.2...2.3.3
social plugin and Hybridauth by @Deltik in https://github.com/e107inc/e107/pull/4643
Full Changelog: https://github.com/e107inc/e107/compare/v2.3.1...v2.3.2
Support for PHP 5.6 through PHP 8.1 (#4554) – e107 v2 now adds PHP 8.0 and 8.1 support while maintaining support for PHP 5.6.
New Admin Theme Skins – Modern Light and Modern Dark. May now be selected during initial installation of e107.
Collapsible Navigation Panel – Option to reduce left-panel admin area navigation to icons only, for increased screen real-estate where it matters.
Database session handler performance improvement (#4575) – e107 v2.3.0 introduced a non-blocking session handler backed by the database; however, a missing index causes gradually slower performance the more rows there are in the session table. This release fixes that bug by adding the missing index through a database update (migration).
Thumbnail Generator rebuilt to use Intervention library.
WebP image support (#4270) – e107 can now serve WebP images to compatible browsers and convert existing images on-the-fly. Requires PHP 7.0+ with the GD WebP extension installed.
More reliable file uploads – A common complaint with e107 v2.3.0 was rejected file uploads. To fix this, e107 now recognizes files based on their MIME type.
Increased protection against cross-site scripting (XSS) – There is now improved layering of HTML tag rendering to reduce the likelihood of corrupting pages with bad HTML.
Increased protection against cross-site request forgery (CSRF) – Nonces have been added to some forms to prevent external sites from submitting them unbeknown to the authenticated user.
New theming features – Theme developers can now take advantage of Bootstrap 5 and customisable breadcrumbs.
SEO optimizations for Google, Facebook (Open Graph) and Twitter.
New "Hero" plugin for home page carousel management. Supports animated bullet points and buttons. (see e107.org home page for example)
News item Previous/Next navigation shortcode options.
jQuery updated to v3.6.0
FontAwesome updated to v5.14.0
session user tracking method: Database storage. Improves performance for concurrent requests in a session.readfile() (#3528)$host variable support to Downloads » Protection » NGINX secure_link_md5 (#4010)session (was cookie). The cookie user tracking method is expected to be removed in a future release.?route=system/xup/signup was removed because ?route=system/xup/login now signs up and logs in via social login.back) is no longer base64-encoded.signup_shortcodes generates login buttons somewhat differently now.?route=system/xup/test is no longer enabled by default../e107_admin/core_image.php, now ./e107_system/core_image.phar) has a new backwards-incompatible format. As it is now a binary file, administrators upgrading e107 over FTP should ensure that they are using binary transfer mode. (Issue reference)
e_LEGACY_MODE this time (was only partially removed in v2.2.0)ALLOW_AUTO_FIELD_DEFS constant./e107_admin/fileinspector.php (#4114)./e107_admin/message.php is now deprecated.download_mail pref (#3622)flood_protect pref (#3681)./e107_core/bbcodes/bb_p.php" (#3988)<a rel> (#4128)post_script changed from Main Admin to Nobodybootstrap4 theme, which is now at https://github.com/e107inc/bootstrap4
landingzero theme, which is now at https://github.com/e107inc/landingzero
e_model refactoring for compatible subclass method signatures (#2146){NEWSTITLE} shortcode issue (#4035)e_parser::cleanHtml()
core_index_index_controller (#4203)E_NOTICE issues (some of them documented in #4074)INT types no longer return a width specification, so take that into consideration when verifying the database structure (#4216)usersettings.php ("strong password not being hashed correctly") (#4004)MENUAREA
{USER_EXTENDED} 'text_value' did not display the 'text' label correctly (#3957)usersettings.php is no longer required if the disable_emailcheck preference is truthy. (#4115)./e107_admin/cpage.php: Added check to prevent saving page/menu with empty page_title and menu_name fields when editing (#1474, #3986)$fieldpref
email_item_class preference was not saving (#4220)user_login event if authentication fails (#4236)<body> tag when using Menu Manager. Stored HTML-theme true/false var for each theme.<iframe> to avoid same-origin restrictions (#4208)./e107_admin/newspost.php
admin_style.css (#4020)<pre>, <code> syntax in TinyMCE area (#4058)onchange, onclick, etc. when script access is enabled (#3926, #4135)unsubscribe.php and white page (no error) (#4178)cron.php as an executable, the "Headers already sent" warning should no longer be emitted.tablestyle() to avoid fatal error with some themes (#4012)corporate.css fix font path glyphicons (#3998)btn-default in user update information button (#2898)mkdir() would fail to create the system or cache image directories.e107::url() (#4054)e_parse::toASCII() method (#4101)srcset conflicts. Improves rendering quality of fine-lined PNGs under some conditions. (#2981)render_newsgrid() (#4092)type=radio value conversion fix (#4144)db_* methods (#3993)e_frontpage - allow selection of a specfic forum as frontpage$rankInfo to prevent unwanted HTML output (#3827){ACTIVE} shortcode typo (#4206)e_db is the new interface for database abstraction. It is implemented by e_db_pdo (PDO-based) with a fallback of e_db_mysql (mysqli-based)..editorconfig now configures IntelliJ for the e107 code style when typing new code or reformatting existing code.{---BREADCRUMB---}
{FAQ_HIDE} added for manual collapse/expand management via template.e_file_inspector (e107::getFileInspector()) (#4114)e_user_provider (e107::getUserProvider()) (#4099)e107::getUserProvider()->isSocialLoginEnabled() (deprecates e107::getPref('social_login_active'))e107::getThumb() to get thumbnailer class.e_shims offers resilient replacements for some internal PHP functions.filter=>true required)$fieldPrefName to Admin-UI for saving/loading field preferences under another name. Default is the current table name. (#4089)theme_shortcodes class. (#3932){USER_JUMP_LINK}) (#4001){USER_USERCLASS_ICON} (#2225){NEWS_IMAGE} shortcode can be invoked with {NEWS_IMAGE: loading=lazy}
strptime() replacement: e_shims::strptime() (#4077)e_parser:
d (digits) flag to parser filter.e_parser::toAvatar():
base64 option to allow for embedded image src. (useful when including avatars in email signatures)hd option.e_parser::toAudio():
e_form::carousel() to disable navigation and indicators. Custom navigation can now display a custom label when 'label' is included in the carousel array.e_form::mediapicker() enhancements: Now accepts: 'resize', 'rename' and 'convert' $parms. See PHPDoc for details.e_form::datepicker() input form (#3966)e_form: Name for css submit-trigger group added.e_form: Custom CSS class on container when modal/iframe is active.e_model, e_front_model, and e_tree_model APIs have changed substantially in an effort to improve inheritance. (#2146)e107::getHybridAuth()
BODYTAG constant (#2308)e_frontpage addon called news_frontpage
e_frontpage addon called page_frontpage
e_db_pdo failures to connect to the database are now catchable PDOException exceptions.user_class::getUsersInClass() now accepts extended user field names - just prefix those fields with "ue.".users_admin_ui now has batch export enabled.e_user_model as a logged in user if login failed (#4236)checkRouteAccess() to hasRouteAccess() and renamed checkModeAccess() to hasModeAccess()
$adminMenu now has a 'badge' attribute. Send it an array and it will render a badge in the navigation, e.g., array('value' => $count, 'type'=>'warning').e_LOG when in debug mode.e_form::datepicker() deprecated $option['type'] and added $option['mode'] as a replacement. Provides a workaround to a conflict involving a custom 'type' in the writeParms().e_ajax_class has been renamed to e_ajax.e_signup_class has been renamed to e_signup../.github/.ADMINPERMS. It now has all permissions in ADMINPERMS.e107::getDb()->retrieve() when using full query with multiple fields without 'multi' enabled. (#4111)e_db_pdo::copyRow() - Greatly decrease collision chanceadmin_user_delete was not firing (#3969)array_diff_recursive() type check for recursion{THEME} (i.e. theme folder path) in footer part of theme layout.{USERSETTINGS} shortcode (#1767)e_url addon breaks admin configuration (#4075)< and > in text field in admin UI (#4102)type=hidden elements. (#3461)writeParms['optArray'] is defined but empty.srcset height value when using overrides and a default.e_parser::toBadge() fix.placeholder attribute wasn't working on datepicker input.e_form::name2id() when = and ? characters are detected is found.e107.css doesn't work (#4153)e107_handlers/media_class.php (#4043)e_fileTest (#4248)session user tracking method: Database storage. Improves performance for concurrent requests in a session.readfile() (#3528)$host variable support to Downloads » Protection » NGINX secure_link_md5 (#4010)session (was cookie). The cookie user tracking method is expected to be removed in a future release.?route=system/xup/signup was removed because ?route=system/xup/login now signs up and logs in via social login.back) is no longer base64-encoded.signup_shortcodes generates login buttons somewhat differently now.?route=system/xup/test is no longer enabled by default../e107_admin/core_image.php, now ./e107_system/core_image.phar) has a new backwards-incompatible format. As it is now a binary file, administrators upgrading e107 over FTP should ensure that they are using binary transfer mode. (Issue reference)
e_LEGACY_MODE this time (was only partially removed in v2.2.0)ALLOW_AUTO_FIELD_DEFS constant./e107_admin/fileinspector.php (#4114)./e107_admin/message.php is now deprecated.download_mail pref (#3622)./e107_core/bbcodes/bb_p.php" (#3988)<a rel> (#4128)post_script changed from Main Admin to Nobodybootstrap4 theme, which is now at https://github.com/e107inc/bootstrap4
landingzero theme, which is now at https://github.com/e107inc/landingzero
e_model refactoring for compatible subclass method signatures (#2146){NEWSTITLE} shortcode issue (#4035)e_parser::cleanHtml()
core_index_index_controller (#4203)E_NOTICE issues (some of them documented in #4074)usersettings.php ("strong password not being hashed correctly") (#4004)MENUAREA
{USER_EXTENDED} 'text_value' did not display the 'text' label correctly (#3957)usersettings.php is no longer required if the disable_emailcheck preference is truthy. (#4115)./e107_admin/cpage.php: Added check to prevent saving page/menu with empty page_title and menu_name fields when editing (#1474, #3986)$fieldpref
<body> tag when using Menu Manager. Stored HTML-theme true/false var for each theme.<iframe> to avoid same-origin restrictions (#4208)./e107_admin/newspost.php
admin_style.css (#4020)<pre>, <code> syntax in TinyMCE area (#4058)onchange, onclick, etc. when script access is enabled (#3926, #4135)unsubscribe.php and white page (no error) (#4178)tablestyle() to avoid fatal error with some themes (#4012)corporate.css fix font path glyphicons (#3998)btn-default in user update information button (#2898)mkdir() would fail to create the system or cache image directories.e107::url() (#4054)e_parse::toASCII() method (#4101)srcset conflicts. Improves rendering quality of fine-lined PNGs under some conditions. (#2981)render_newsgrid() (#4092)type=radio value conversion fix (#4144)db_* methods (#3993)e_frontpage - allow selection of a specfic forum as frontpage$rankInfo to prevent unwanted HTML output (#3827){ACTIVE} shortcode typo (#4206)e_db is the new interface for database abstraction. It is implemented by e_db_pdo (PDO-based) with a fallback of e_db_mysql (mysqli-based)..editorconfig now configures IntelliJ for the e107 code style when typing new code or reformatting existing code.{---BREADCRUMB---}
{FAQ_HIDE} added for manual collapse/expand management via template.e_file_inspector (e107::getFileInspector()) (#4114)e_user_provider (e107::getUserProvider()) (#4099)e107::getUserProvider()->isSocialLoginEnabled() (deprecates e107::getPref('social_login_active'))e107::getThumb() to get thumbnailer class.e_shims offers resilient replacements for some internal PHP functions.filter=>true required)$fieldPrefName to Admin-UI for saving/loading field preferences under another name. Default is the current table name. (#4089)theme_shortcodes class. (#3932){USER_JUMP_LINK}) (#4001){USER_USERCLASS_ICON} (#2225){NEWS_IMAGE} shortcode can be invoked with {NEWS_IMAGE: loading=lazy}
strptime() replacement: e_shims::strptime() (#4077)e_parser:
d (digits) flag to parser filter.e_parser::toAvatar():
base64 option to allow for embedded image src. (useful when including avatars in email signatures)hd option.e_parser::toAudio():
e_form::carousel() to disable navigation and indicators. Custom navigation can now display a custom label when 'label' is included in the carousel array.e_form::mediapicker() enhancements: Now accepts: 'resize', 'rename' and 'convert' $parms. See PHPDoc for details.e_form::datepicker() input form (#3966)e_form: Name for css submit-trigger group added.e_form: Custom CSS class on container when modal/iframe is active.e_model, e_front_model, and e_tree_model APIs have changed substantially in an effort to improve inheritance. (#2146)e107::getHybridAuth()
BODYTAG constant (#2308)e_frontpage addon called news_frontpage
e_frontpage addon called page_frontpage
e_db_pdo failures to connect to the database are now catchable PDOException exceptions.user_class::getUsersInClass() now accepts extended user field names - just prefix those fields with "ue.".users_admin_ui now has batch export enabled.checkRouteAccess() to hasRouteAccess() and renamed checkModeAccess() to hasModeAccess()
$adminMenu now has a 'badge' attribute. Send it an array and it will render a badge in the navigation, e.g., array('value' => $count, 'type'=>'warning').e_LOG when in debug mode.e_form::datepicker() deprecated $option['type'] and added $option['mode'] as a replacement. Provides a workaround to a conflict involving a custom 'type' in the writeParms().e_ajax_class has been renamed to e_ajax.e_signup_class has been renamed to e_signup../.github/.ADMINPERMS. It now has all permissions in ADMINPERMS.e107::getDb()->retrieve() when using full query with multiple fields without 'multi' enabled. (#4111)e_db_pdo::copyRow() - Greatly decrease collision chanceadmin_user_delete was not firing (#3969)array_diff_recursive() type check for recursion{THEME} (i.e. theme folder path) in footer part of theme layout.{USERSETTINGS} shortcode (#1767)e_url addon breaks admin configuration (#4075)< and > in text field in admin UI (#4102)type=hidden elements. (#3461)writeParms['optArray'] is defined but empty.srcset height value when using overrides and a default.e_parser::toBadge() fix.placeholder attribute wasn't working on datepicker input.e_form::name2id() when = and ? characters are detected is found.e107.css doesn't work (#4153)e107_handlers/media_class.php (#4043)News shortcode {NEWS_AUTHOR_EUF} to retrieve Extended User Fields (e.g. {NEWS_AUTHOR_EUF: field=biography})-) (#3800)Download plugin with batch userclass optionsForum plugin with forum moderator userclass recognition (#3814), with the Userlist shortcode links (#3809), and added placeholder option in {SEARCH} shortcodeForum template optimizations for Bootstrap 4 (#2969)bootstrap4 theme_blank theme (theme.xml and theme.php)db_Fetch() in e_LEGACY_MODE permanently removed. Old plugins should use e107::getDb->fetch('both'); if this is still required.comments: Any reference to #comments-container (div ID) in the theme must be changed to .comments-container (div class) (#1944){SIGNUP_GDPR_PRIVACYPOLICY_LINK} and {SIGNUP_GDPR_TERMSANDCONDITIONS_LINK} shortcodes. (#3175 and #3579).Chatbox plugin: new default templates added (#3630)SITENAME SITEDESCRIPTION can be overridden using English_custom.php or English_global.php plugin LAN files.{SIGNUP_IMAGES} and {SIGNUP_SIGNUP_TEXT} (#3582) and {LOGIN_*} shortcodes (#3466)user_like_submitted & user_rate_submitted (#3552)load() method for the e_admin addon. See _blank plugin for examples. (#3695)e107-test repository https://github.com/e107inc/e107-test (to prevent bugs from being introduced, rather than having to fix them after they are an issue)e107::getUserClass()->getUsersInClass
e_related, added {RELATED_DATE} shortcodeafterPrefsSave() method in Admin-UI (#3799)Private Messenger plugin (#1758, #3413)Banner plugin (#3141)FAQ pluginForum plugin: not being able to move a forum post (#3619), forum moderators permissions (#3490), deleting of last post (#3490), forum pagination, newforumposts plugin (#3757), inline editing of forum name was changing SEF URL (#3798)Download plugin (#3201, #3189, #3199, #2486, #3787)'type' => 'country' in the Admin-UI (#3644)country correctly displayed in User Profile (#3646){USER_AVATAR: w=150&h=150&crop=1&shape=circle} (#3721)user_forum_post_report, user_forum_post_report and user_forum_topic_created_probationary event triggers (#3618)/contact SEF URL (#3566)list() method in the the e_admin addon (#3695)mysql_*() methods and improved PDO usagee107::getForm()->bbarea() method by changing the $options array, e.g. $options['wysiwyg'] = 'tinymce4' (#3330)define('X-FRAME-SAMEORIGIN', false); in e107_config to allow for external websites including an e107 website through an iframe (#3101)backcompat.css) is now correctly loaded+ sign (#3307)e_gsitemap addon to News and Download plugin (#2606)user_forum_topic_created_probationary, user_forum_topic_updated, ser_forum_topic_moved, user_forum_topic_deleted, user_forum_topic_split, user_forum_post_created, user_forum_post_updated, user_forum_post_deleted, user_forum_post_report
e_gsitemap for Sitemap generation. See forum plugin for an example.e_output.php to capture the output of a page in a buffer (#3151)*) works againtype=number when filter is true.$field 'filter' attribute now accepts 'future' and 'both', defaults to 'past' when set to true. ie. search future dates, past/future dates or past dates.