Softpedia >Windows >Internet >Other Internet Related >ImpressCMS >  Changelog

ImpressCMS Changelog

What's new in ImpressCMS 1.5.0 Beta

Oct 10, 2022
  • What's Changed:
  • Prepare the documentation for 1.5.0
  • Updated branch references & readme
  • Remove TinyMCE
  • Remove openid
  • Align syntax of DB interface and mysql implementation with PDO
  • Prepare for 1.5.0 beta
  • Fix mailuser

New in ImpressCMS 1.4.4 (Mar 9, 2022)

  • Applying the filters to inner elements of arrays by @skenow in #1162
  • Additional input filtering - mailusers, findusers, checkVarArray inner elements by @skenow in #1163
  • Filtering updates for blocksadmin and mailusers by @skenow in #1164
  • Prepare 1.4.4 by @fiammybe in #1171

New in ImpressCMS 1.4.3 (Feb 6, 2022)

  • Fixed some warnings and notices in installer for newer PHP versions by @MekDrop in #882
  • Protector get_magic_quotes_gpc fix for php 7.4 by @MekDrop in #884
  • Smiles in misc.php now are escaped by @MekDrop in #890
  • Fix "#881 trying to send mails with SMTP auth gives missing smtp class" by @MekDrop in #889
  • Added exception handler by @MekDrop in #888
  • Fixed bug when handlers from module separate files cant be loaded by @MekDrop in #887
  • Fixes 'Notice: Only variables should be passed by reference in /home/vagrant/impresscms/htdocs/libraries/icms/config/Handler.php on line 237' by @MekDrop in #886
  • Fixed bug when admin menu can't regenerate when module folder is removed before uninstalling by @MekDrop in #897
  • Fixed syntax error in include/registerform.php by @MekDrop in #896
  • fix vulnerability in autoloader by @fiammybe in #913
  • block path traversal in image editor, transform .. to _ by @fiammybe in #915
  • Fixes/ipf table filtering - limitsel missing POST value by @skenow in #937
  • Adjusted template file inclusion for correct path. Fixes #603 by @skenow in #944
  • Increase input sanitizing for system module and submodules by @skenow in #943
  • Dev/jquery inclusion by @skenow in #935
  • Fix for modules admin; user language files - fix #948 by @skenow in #949
  • Update release_notes.md by @fiammybe in #1058
  • Added filtering to the input in setSortOrder in icms_ipf_table by @fiammybe in #966
  • filter url variable in findusers.php by @fiammybe in #967
  • Remove the old FCKEditor - no longer supported by @fiammybe in #833
  • add CKEditor 4.17.1 by @fiammybe in #1095
  • Protector updates - PHP8 compatibility, update and remove legacy code by @skenow in #1098
  • Preparations for the 1.4.3 RC release by @fiammybe in #1099
  • Add a default parameter to addSlashes by @fiammybe in #1108
  • Improvements in findusers logic and filtering by @skenow in #1110
  • Undefined language constants for CKeditor in general preferences by @skenow in #1111
  • Accept token for valid users only by @skenow in #1115
  • User cookie could be contaminated - filter added by @skenow in #1117
  • Protector enhancements and added security by @skenow in #1118
  • Prepare 1.4.3 RC2 release by @fiammybe in #1109
  • Making sure protector gets installed during the site installation by @skenow in #1137
  • Changing filter method for request_uri to filter_sanitize_string by @skenow in #1136
  • Fix for information displayed in protector admin and debug console by @skenow in #1154
  • release 1.4.3 by @fiammybe in #1155

New in ImpressCMS 2.0.0 Alpha 12 (Feb 6, 2022)

  • Features:
  • Themes installed as composer dependencies @MekDrop (#1106)
  • Added posibility to specify default block weight, position and visibility @MekDrop (#1105)
  • Enable migrations for modules in module installer/updating/removing @MekDrop (#1104)
  • RedirectResponse now can be used for same things as redirect_header @MekDrop (#1092)
  • Move content.php to content module @MekDrop (#1082)
  • Misc.php as controller @MekDrop (#1080)
  • Rewrite admin.php as controller @MekDrop (#1079)
  • Add smarty url function @MekDrop (#1078)
  • Replaced league router with sunrise http router @MekDrop (#1077)
  • Install system module from composer @MekDrop (#1075)
  • Rewritten privpolicy.php with controller @MekDrop (#1071)
  • Corrected DataFilter class usage @MekDrop (#1070)
  • image.php rewritten as controller action @MekDrop (#1068)
  • PHP 8.0 & PHP 8.1 support @MekDrop (#1053)
  • Bug Fixes:
  • Fixed incorrect urls for PageNav generated links @MekDrop (#1107)
  • Enable migrations for modules in module installer/updating/removing @MekDrop (#1104)
  • Fixed module block titles/names from constants resolving @MekDrop (#1103)
  • Fixes few issues with page_modulesinstall.php for installer @MekDrop (#1102)
  • Add IcmsPersistableController to legacy class resolving map @MekDrop (#1101)
  • Remove few system module services that was previously defined in core @MekDrop (#1093)
  • Fixes system module upgrading from installer @MekDrop (#1091)
  • Fixes some old class references resolving for some older modules @MekDrop (#1087)
  • Fixes crash when not correct order comes from user data for table @MekDrop (#1086)
  • Fixed namespaces issues for never PHP in footer.php and header.php @MekDrop (#1083)
  • Fixed legacy url index.php resolving when they are described as paths @MekDrop (#1084)
  • Use new version imponeer/smarty-db-resource @MekDrop (#1013)
  • Corrected DataFilter class usage @MekDrop (#1070)
  • Fixed crashing translator when translation folder contains index file @MekDrop (#1072)
  • Fixed bug when HTTP headers for modules that doesn't use controllers where stripped @MekDrop (#1061)
  • Fixed media uploader sizes checks when there is no limit set @MekDrop (#1069)
  • image.php rewritten as controller action @MekDrop (#1068)
  • Fixed 'Class "ImpressCMSCoreDatabaseLegacyUpdaterReflectionClass" not found' bug @MekDrop (#1066)
  • Fixed fatal error (PHP 8.x) when config item doesn't have a description @MekDrop (#1067)
  • Fixed bug when legacy module crashed due translations constants not loaded at correct time @MekDrop (#1065)
  • Fixed rights check for legacy URL modules @MekDrop (#1064)
  • Fixed module model resolving to be able to work with PHP 8.x @MekDrop (#1063)
  • Fixed module submenu counting bug for PHP 8.x @MekDrop (#1062)
  • Fixed bug when version getting failed for never PHP in system admin @MekDrop (#1060)
  • Fixed translation loading for module admin menus @MekDrop (#1059)
  • PHP 8.0 & PHP 8.1 support @MekDrop (#1053)
  • Maintenance:
  • Bump .homestead from 9cbb84c to 6dd850d @dependabot (#1116)
  • Bump .homestead from 56650de to 9cbb84c @dependabot (#1097)
  • Bump actions/cache from 2.1.6 to 2.1.7 @dependabot (#1094)
  • Add smarty url function @MekDrop (#1078)
  • Bump .homestead from ee603d7 to 56650de @dependabot (#1076)

New in ImpressCMS 1.4.3 RC (Dec 5, 2021)

  • Fixed some warnings and notices in installer for newer PHP versions by @MekDrop in #882
  • Protector get_magic_quotes_gpc fix for php 7.4 by @MekDrop in #884
  • Smiles in misc.php now are escaped by @MekDrop in #890
  • Fix "#881 trying to send mails with SMTP auth gives missing smtp class" by @MekDrop in #889
  • Added exception handler by @MekDrop in #888
  • Fixed bug when handlers from module separate files cant be loaded by @MekDrop in #887
  • Fixes 'Notice: Only variables should be passed by reference in /home/vagrant/impresscms/htdocs/libraries/icms/config/Handler.php on line 237' by @MekDrop in #886
  • Fixed bug when admin menu can't regenerate when module folder is removed before uninstalling by @MekDrop in #897
  • Fixed syntax error in include/registerform.php by @MekDrop in #896
  • fix vulnerability in autoloader by @fiammybe in #913
  • block path traversal in image editor, transform .. to _ by @fiammybe in #915
  • Fixes/ipf table filtering - limitsel missing POST value by @skenow in #937
  • Adjusted template file inclusion for correct path. Fixes #603 by @skenow in #944
  • Increase input sanitizing for system module and submodules by @skenow in #943
  • Dev/jquery inclusion by @skenow in #935
  • Fix for modules admin; user language files - fix #948 by @skenow in #949
  • Update release_notes.md by @fiammybe in #1058
  • Added filtering to the input in setSortOrder in icms_ipf_table by @fiammybe in #966
  • filter url variable in findusers.php by @fiammybe in #967
  • Remove the old FCKEditor - no longer supported by @fiammybe in #833
  • add CKEditor 4.17.1 by @fiammybe in #1095
  • Protector updates - PHP8 compatibility, update and remove legacy code by @skenow in #1098
  • Preparations for the 1.4.3 RC release by @fiammybe in #1099

New in ImpressCMS 2.0.0 Alpha 11 (Oct 30, 2021)

  • Features:
  • Added ImpressCMS/codemirror-integration to default installation & fixed installer bug for installing from there @MekDrop (#1051)
  • Added asset-packagist repo to composer for installing frontend assets as composer packages (if there is a need) @MekDrop (#1019)
  • Added phpseclib/bcmath_compat to make it possible to install without bcmath extension @MekDrop (#1000)
  • Remove all editors from core @MekDrop (#800)
  • PARTIAL use editor contracts from imponeer to make editors plugable @MekDrop (#1007)
  • Do not show module version for unreleased modules in modules admin @MekDrop (#1012)
  • Available modules list function now uses module describers @MekDrop (#1011)
  • Added possibility for module to copy assets from vendor/ @MekDrop (#1005)
  • Use criteria lib from Imponeer @MekDrop (#927)
  • Using Composer 2.x API for internal operations @MekDrop (#796)
  • Most of Smarty plugins now implemented as composer libraries from @imponeer + xoops_link smarty function removed @MekDrop (#919)
  • add install instructions to readme for 2.0 @fiammybe (#917)
  • Added smarty 'trans' block and 'trans' variable modifier for translations @MekDrop (#874)
  • Added ping to extend sessions automatically @MekDrop (#869)
  • Fix/Improvement for cases when a theme was selected but than removed @MekDrop (#855)
  • Removed reflex theme from core @MekDrop (#854)
  • Site closed view functionality as dynamic SiteClosedMiddleware @MekDrop (#725)
  • Code about multi_login moved from common.php into separate HTTP Middlware @MekDrop (#724)
  • Session moved from container to middleware + theme changing now from HTTP middleware @MekDrop (#723)
  • Added possibility to describe themes (also support for composer themes!) @MekDrop (#770)
  • Added possibility to load modules definitions from different type of info files (like icms_version.php or composer.json) @MekDrop (#768)
  • Smarty plugins can now be defined as services in container @MekDrop (#752)
  • System waiting block is now can be expanded with services defined in container @MekDrop (#750)
  • Upgraded middlewares/referrer-spam to 2.0.2 for PHP 8.0 and Composer 2.0 supporr @MekDrop (#826)
  • Replace "ICMS_URL . '/modules/' -> ICMS_MODULES_URL . '/'" and "ICMS_ROOT_PATH . '/modules/' -> ICMS_MODULES_PATH . '/'" @MekDrop (#749)
  • Using properties instead of setVar when setting database object properties everywhere where is possible @MekDrop (#745)
  • Added new translator service @MekDrop (#801)
  • Use league/mime-type-detection for dealing with mimetype detection & deprecated icms_Utils @MekDrop (#738)
  • Using object property instead of getVar everywhere where is possible @MekDrop (#744)
  • Fixed #733: Rename using the proper naming convention (This is a public var) @MekDrop (#736)
  • Removed some old openid related code + migration to update openid related fields @MekDrop (#747)
  • Added Roave Security Advisories to composer [dev] @MekDrop (#742)
  • Encrypt cookies automatically with middleware if such preference is set @MekDrop (#740)
  • Timers visible as Server-Timing header (using HTTP Middleware) @MekDrop (#727)
  • Messengers fields from user settings where removed @MekDrop (#746)
  • Fixed 'Rename using the proper naming convention (this is a public var)' for #731 @MekDrop (#737)
  • Removed old style redirect @MekDrop (#726)
  • Using FireWall middleware for bad ips checking instead of Security class @MekDrop (#720)
  • Replaced DB_SALT env variable with APP_KEY @MekDrop (#739)
  • Removes textsanitizer plugins and default DHTMLEditor @MekDrop (#735)
  • Removed checkSuperGlobals from Security class @MekDrop (#721)
  • Checks referers with HTTP middleware instead of security class @MekDrop (#719)
  • Upgraded phpunit to 9.4 and test to make sure PHP 8.0 compatible @MekDrop (#802)
  • Changed way how paths in subfolder would be handled @MekDrop (#797)
  • Bug Fixes:
  • Added ImpressCMS/codemirror-integration to default installation & fixed installer bug for installing from there @MekDrop (#1051)
  • Fixes few installer errors @MekDrop (#1020)
  • Fixed template file source resolving for tplsets @MekDrop (#1018)
  • Use editor contracts (second part) @MekDrop (#1017)
  • Fixed wrong constant for uptating module config data @MekDrop (#1016)
  • Fixes bug with constants translations for console @MekDrop (#1015)
  • Fixed bug when module model couldn't load unreleased module info @MekDrop (#1014)
  • If database was already initialized, do not go back in installer without message @MekDrop (#1009)
  • Better non installed icms detection @MekDrop (#1008)
  • Added phpseclib/bcmath_compat to make it possible to install without bcmath extension @MekDrop (#1000)
  • Remove all editors from core @MekDrop (#800)
  • Available modules list function now uses module describers @MekDrop (#1011)
  • Fixed bug when composer.json module describer failed with unreleased modules due release date @MekDrop (#1010)
  • Fixed bug when there are no editors of type @MekDrop (#1006)
  • Fixed a bug for templates during installation @MekDrop (#1003)
  • Fix bug with mindplay/composer-locator old version @MekDrop (#1001)
  • Fixed few security issues with packages @MekDrop (#974)
  • Fixed tuupola/server-timing-middleware requirements @MekDrop (#975)
  • CacheClearSetup steps moved to same namespace/path as other steps @MekDrop (#892)
  • Smiles in misc.php now are escaped @MekDrop (#891)
  • Fixed bug when was not possible to automatically resolve correct Route Strategy service due missing escape character in beginning @MekDrop (#870)
  • Fix/Improvement for cases when a theme was selected but than removed @MekDrop (#855)
  • Fixed includeq not working in smarty anymore bug @MekDrop (#849)
  • Fixed null response bug for root path instalations @MekDrop (#844)
  • Fixed bug with too long cookie names for Table component @MekDrop (#842)
  • Upgraded middlewares/referrer-spam to 2.0.2 for PHP 8.0 and Composer 2.0 supporr @MekDrop (#826)
  • Fixed #733: Rename using the proper naming convention (This is a public var) @MekDrop (#736)
  • Remove whitesource config @MekDrop (#837)
  • Removed some old openid related code + migration to update openid related fields @MekDrop (#747)
  • Messengers fields from user settings where removed @MekDrop (#746)
  • Fixed 'Rename using the proper naming convention (this is a public var)' for #731 @MekDrop (#737)
  • Fixed short if bug for newer PHP in BlockHandler @MekDrop (#798)
  • Prevents using submitted filenames with ../ for modelcontroller @MekDrop (#813)
  • Fixed possible file system exposing due language cookie on installer (reported by hackerone_success) @MekDrop (#822)
  • switch to a more explicit form of comparison @fiammybe (#809)
  • Changed way how paths in subfolder would be handled @MekDrop (#797)
  • Fix '0.0.0/composer-include-files 1.5.0 requires composer-plugin-api ^1.0 -> found composer-plugin-api[2.0.0] but it does not match the constraint.' with newer composer @MekDrop (#787)
  • Fixes deprecation 'Array and string offset access using curly braces' @MekDrop (#786)
  • Maintenance:
  • Bump monolog/monolog from 2.3.2 to 2.3.4 @dependabot (#995)
  • Bump symfony/translation from 5.3.7 to 5.3.9 @dependabot (#996)
  • Bump league/mime-type-detection from 1.7.0 to 1.8.0 @dependabot (#997)
  • Bump phpunit/phpunit from 9.5.4 to 9.5.10 @dependabot (#998)
  • Bump .homestead from 42def2e to ee603d7 @dependabot (#994)
  • Bump .homestead from 7192301 to 42def2e @dependabot (#986)
  • Bump symfony/translation from 5.2.6 to 5.3.7 @dependabot (#987)
  • Bump symfony/console from 5.2.6 to 5.3.7 @dependabot (#988)
  • Bump phpmailer/phpmailer from 6.5.0 to 6.5.1 @dependabot (#991)
  • Bump lulco/phoenix from 1.9.0 to 1.10.0 @dependabot (#989)
  • Bump league/flysystem from 1.1.4 to 1.1.5 @dependabot (#990)
  • Bump lulco/phoenix from 1.7.0 to 1.9.0 @dependabot (#980)
  • Bump league/container from 3.3.5 to 3.4.1 @dependabot (#982)
  • Bump http-interop/http-factory-guzzle from 1.0.0 to 1.2.0 @dependabot (#983)
  • Bump monolog/monolog from 2.2.0 to 2.3.2 @dependabot (#981)
  • Bump .homestead from cb987fb to 7192301 @dependabot (#979)
  • Bump symfony/polyfill-iconv from 1.22.1 to 1.23.0 @dependabot (#984)
  • Bump actions/stale from 3.0.19 to 4 @dependabot (#977)
  • Bump phpmailer/phpmailer from 6.4.1 to 6.5.0 @dependabot (#976)
  • Fixed few security issues with packages @MekDrop (#974)
  • Fixed tuupola/server-timing-middleware requirements @MekDrop (#975)
  • Bump .homestead from 47ce122 to cb987fb @dependabot (#973)
  • Use criteria lib from Imponeer @MekDrop (#927)
  • Bump .homestead from 51bc66d to 47ce122 @dependabot (#970)
  • Bump actions/cache from 2.1.5 to 2.1.6 @dependabot (#969)
  • skip vulnerable versions of composer/composer @fiammybe (#968)
  • Bump actions/stale from 3.0.18 to 3.0.19 @dependabot (#964)
  • Bump phpmailer/phpmailer from 6.4.0 to 6.4.1 @dependabot (#963)
  • Bump middlewares/base-path from 2.0.1 to 2.1.0 @dependabot (#960)
  • Bump defuse/php-encryption from 2.2.1 to 2.3.1 @dependabot (#961)
  • Bump symfony/console from 5.2.3 to 5.2.6 @dependabot (#959)
  • Bump league/mime-type-detection from 1.5.1 to 1.7.0 @dependabot (#957)
  • Bump actions/cache from v2.1.4 to v2.1.5 @dependabot (#956)
  • Bump .homestead from 9923e00 to 51bc66d @dependabot (#958)
  • Bump lulco/phoenix from 1.5.0 to 1.7.0 @dependabot (#962)
  • Bump phpunit/phpunit from 9.5.2 to 9.5.4 @dependabot (#951)
  • Bump symfony/translation from 5.2.3 to 5.2.6 @dependabot (#952)
  • Bump phpmailer/phpmailer from 6.3.0 to 6.4.0 @dependabot (#953)
  • Bump league/container from 3.3.3 to 3.3.5 @dependabot (#954)
  • Bump .homestead from 455252c to 9923e00 @dependabot (#950)
  • Bump symfony/polyfill-iconv from 1.20.0 to 1.22.1 @dependabot (#955)
  • Bump actions/stale from v3.0.17 to v3.0.18 @dependabot (#938)
  • Bump symfony/translation from 5.2.2 to 5.2.3 @dependabot (#931)
  • Bump league/route from 4.5.0 to 4.5.1 @dependabot (#930)
  • Bump phpmailer/phpmailer from 6.2.0 to 6.3.0 @dependabot (#932)
  • Bump symfony/console from 5.2.1 to 5.2.3 @dependabot (#933)
  • Bump phpunit/phpunit from 9.5.1 to 9.5.2 @dependabot (#934)
  • Bump .homestead from 29b731f to 455252c @dependabot (#929)
  • Bump smarty/smarty from 3.1.36 to 3.1.39 @dependabot (#928)
  • Bump actions/stale from v3.0.16 to v3.0.17 @dependabot (#926)
  • Bump actions/stale from v3.0.15 to v3.0.16 @dependabot (#921)
  • Bump actions/cache from v2.1.3 to v2.1.4 @dependabot (#920)
  • Bump smottt/wideimage from 1.1.3 to 1.1.4 @dependabot (#911)
  • Bump symfony/translation from 5.2.1 to 5.2.2 @dependabot (#909)
  • Bump phpunit/phpunit from 9.5.0 to 9.5.1 @dependabot (#908)
  • Bump vlucas/phpdotenv from 3.6.7 to 3.6.8 @dependabot (#910)
  • Bump lulco/phoenix from 1.4.0 to 1.5.0 @dependabot (#907)
  • Bump .homestead from 9244785 to 29b731f @dependabot (#906)
  • Bump actions/stale from v3.0.14 to v3.0.15 @dependabot (#902)
  • Fixed release drafter config to use correct GitHub labels when sorting tickets @MekDrop (#865)
  • Bump actions/stale from v1 to v3.0.14 @dependabot (#873)
  • Bump actions/cache from v1 to v2.1.3 @dependabot (#872)
  • Added dependabot v2 config @MekDrop (#868)
  • Added filter-by-commitish option in release drafter config @MekDrop (#866)
  • Bump .homestead from b2b3f19 to 9244785 @dependabot-preview (#867)
  • Bump phpunit/phpunit from 9.4.4 to 9.5.0 @dependabot-preview (#858)
  • Bump league/mime-type-detection from 1.4.0 to 1.5.1 @dependabot-preview (#860)
  • Bump lulco/phoenix from 1.3.0 to 1.4.0 @dependabot-preview (#861)
  • Bump symfony/console from 5.2.0 to 5.2.1 @dependabot-preview (#864)
  • Bump symfony/translation from 5.2.0 to 5.2.1 @dependabot-preview (#863)
  • Bump middlewares/encoder from 2.1.0 to 2.1.1 @dependabot-preview (#859)
  • Bump monolog/monolog from 2.1.1 to 2.2.0 @dependabot-preview (#857)
  • Bump middlewares/firewall from 2.0.1 to 2.0.2 @dependabot-preview (#862)
  • Bump middlewares/client-ip from 2.0.0 to 2.0.1 @dependabot-preview (#856)
  • Code Climate steps are now not required in GitLabCI test action @MekDrop (#851)
  • Remove whitesource config @MekDrop (#837)
  • Added Roave Security Advisories to composer [dev] @MekDrop (#742)
  • Temp fix: use composer v1.0 for tests @MekDrop (#823)
  • Bump middlewares/referrer-spam from 2.0.0 to 2.0.1 @dependabot-preview (#816)
  • Bump symfony/console from 5.1.8 to 5.2.0 @dependabot-preview (#817)
  • Bump cerdic/css-tidy from 1.7.2 to 1.7.3 @dependabot-preview (#818)
  • Bump phpmailer/phpmailer from 6.1.8 to 6.2.0 @dependabot-preview (#819)
  • Bump phpunit/phpunit from 9.4.3 to 9.4.4 @dependabot-preview (#820)
  • Upgraded phpunit to 9.4 and test to make sure PHP 8.0 compatible @MekDrop (#802)
  • Bump cerdic/css-tidy from 1.7.1 to 1.7.2 @dependabot-preview (#794)
  • Bump phpmailer/phpmailer from 6.1.7 to 6.1.8 @dependabot-preview (#792)
  • Bump symfony/polyfill-iconv from 1.18.1 to 1.20.0 @dependabot-preview (#793)
  • Bump symfony/console from 5.1.6 to 5.1.8 @dependabot-preview (#791)
  • Bump simplepie/simplepie from 1.5.5 to 1.5.6 @dependabot-preview (#790)
  • Remove greetings actions due actions/first-interaction#23 bug @MekDrop (#788)

New in ImpressCMS 1.4.2 (Dec 27, 2020)

  • Fixes:
  • #574 Test 1.4 on PHP 7.4 PHP7 (fiammybe)
  • #692 Include new version of profile PHP7 (fiammybe)
  • #845 PHP 7.4 : access array offset on value of type null in include/functions.php 1037 php 7.4 (fiammybe)
  • #852 anti-clickjacking security vulnerability (report #1055589 by jrckmcsb on HackerOne) (fiammybe)
  • #825 Improve path sanitizing bug security vulnerability (MekDrop)
  • #814 Better sanitize database queries in installer bug (report #983710 by solov9ev on HackerOne) (fiammybe)
  • #637 Notice on admin pages in PHP 7.4 duplicate php 7.4 (fiammybe)
  • #843 Fix the amount of cookies (fiammybe)
  • #805 Missing templates in system module (skenow)
  • #838 Remove whitesource config (Mekdrop)
  • #834 + #836 Limit maximum length of password (report #1033373 by f1v3 on HackerOne) (fiammybe)
  • #821 Fixed possible file system exposing due language cookie on installer (MekDrop)
  • #812 Prevents using submitted filenames with ../ for controller (report #1035311 by siva12 on HackerOne) (MekDrop)
  • #815 Better sanitize database queries in installer (report #983710 by solov9ev on HackerOne) (fiammybe)
  • #811 Remove phpopenid example folder bug (report #1042838 by hackerone_success on HackerOne) (fiammybe)
  • #810 more strict comparison of variables (report #1036883 by hodorsec on HackerOne) (fiammybe)
  • #806 Include the missing templates for the image manager (skenow)
  • #603 Issue with image inclusion on TinyMCE (fiammybe)
  • Improvements:
  • #636 errors in form fields on admin account creation page of the installer (fiammybe)
  • #848 Cleanup deprecated functions in functions.php (fiammybe)
  • #694 remove the icms_banner reference. No longer present (fiammybe)
  • Download ImpressCMS

New in ImpressCMS 1.4.0 (Jan 6, 2020)

  • Improvements:
  • curl extension in installer now is requirement not optional (#530) @MekDrop
  • PHP7 improvements based on mamba7x PR (#507) @fiammybe
  • make expiration header dynamic in the past (#504) @fiammybe
  • check mysql using PDO now (#487) @fiammybe
  • Add a warning when PHP used is below 7.2
  • Fixes:
  • Move prototype inclusion so trust_path creation works fixes #569 (#571) @skenow
  • Fixed PathStuffController's constructor (#528) @MekDrop
  • Fixed suppressed warning if variable $options['folderName'] is undefined or empty when creating theme (1.4.x) (#510) @MekDrop
  • Fixed function signatures in icms_image_Handler (1.4) (#512) @MekDrop
  • Fixed installer collation selection (#529) @MekDrop
  • Fix the template handling in the system module (#503) @fiammybe
  • Add a warning when PHP used is below 7.2
  • Added missing template for version checker @fiammybe
  • Update:
  • Protector update for PDO SQL sanitizing Close #496 (#497) @skenow
  • Update Protector for PHP7 (#492) @skenow
  • Update php requirements to 5.6 (#505) @fiammybe
  • Update of Smarty to 2.6.31 (the latest 2.x release)
  • Update of CSS-tidy to work in PHP7
  • PHPMailer update to 5.2.7
  • PHPOpenID updated for better PHP7 compatibility
  • Removed:
  • Removed installation_notify (#566) @MekDrop
  • Remove admin template folder in system module on upgrade (#509) @fiammybe

New in ImpressCMS 1.2.3 (Dec 15, 2010)

  • Removing inclusion to deprecated sqlutility classes

New in ImpressCMS 1.1 (Nov 19, 2008)

  • Issues with content menu in RTL.
  • Issues with registration not completed with passwordmeter.
  • Issues with too easy captcha configs.
  • #2190687: When saving a block, if $options was a multi-levels array, StopXSS was failing to save array. StopXSS is now recursive and will all levels of $text parameter if it's an array
  • #2192679: Leading space in cache/index.html
  • Fixed issues with spambots.
  • Fixed issues multiple time stamps.
  • Fixed security issue in snoopy.php
  • Fixed issue on the pagination links of the image manager tinyMCE plugin.
  • The WYSIWYG group permission per module was confused when trying to know if a user should have permission to use WYSIWYG when posting a comment in a module that had such permission
  • Fixed a bug with RTL, if this is not implemented, we will have troubles while sending posts in some modules like newbb
  • Stop Spam Registration class and its experimental use in extra/anti-spam/register.php It is now possible to specify in which modules Webmasters can use WYSIWYG editor
  • Automatically check the Enable HTML check box and uncheck the Enable Linebreaks when using TinyMCE in a comment post form
  • Improved the installer so it is now possible to install ImpressCMS even with safe_mode ON

New in ImpressCMS 1.0 Beta 2 (Feb 6, 2008)

  • w3c validation in impresstheme and impresstheme_light (sato-san)
  • 1870346 System blocks not visible to added group (skenow/dave_l)
  • No nice path from getNicePathFromId (MacDonald/malanciault)
  • the $tpl XoopsTpl object used in htdocs/cp_functions.php and htdocs/admin.php had a too generic name which was creating conflict (with AltSys for example). The variable name was renamed for $icsmAdminTpl (malanciault)
  • Error in xoops.css (display: inline-block) (MacDonald/malanciault)
  • Problems in the queries executed when editing User Ranks (malanciault/vaughan)
  • Adding a few @ in install/page_pathsettings.php to prevent the display of some errors that would confuse users (rplima/malanciault)
  • Small display bug in user.php (incama/malanciault)
  • Several security improvements (DSecRG/malanciault/fx2024)