Jump to content

Your Topic Feed

Guest
What's on your mind?
  1. Heute wurde WordPress 5.2.3 veröffentlicht. Die neue Version beinhaltet 29 Bug-Fixes und Verbesserungen sowie Fixes für Sicherheitslücken.

    Wenn ihr bisher nicht auf die 5er-Version von WordPress aktualisiert habt, gibt es auch für die früheren Versionszweige entsprechende Updates.

    Sicherheits-Updates

    • Danke an Simon Scannell von RIPS Technologies für das Finden und Melden von zwei Sicherheitslücken. Die erste ist eine Cross-Site-Scripting-Lücke (XSS) in der Beitragsvorschau von Mitarbeitern. Die zweite ist eine XSS-Lücke in gespeicherten Kommentaren.
    • Danke an Tim Coen für das Melden eines Problems, bei dem die Validierung und Sanitization einer URL zu einem Open Redirect führen konnte.
    • Danke an Anshul Jain für das Melden von »reflected« Cross-Site-Scripting während des Medien-Uploads.
    • Danke an Zhouyuan Yang of Fortinet’s FortiGuard Labs, der eine Schwachstelle für Cross-Site-Scripting in der Vorschau von Shortcodes gemeldet hat.
    • Danke an Ian Dunn und das Core-Security-Team für das Finden und Melden eines Falls von »reflected« Cross-Site-Scripting im Dashboard.
    • Danke an Soroush Dalili (@irsdl) von der NCC Group für das Melden eines Problems, bei dem die URL-Sanitization zu einer Cross-Site-Scripting-Attacke führen konnte.
    • Zusätzlich zu diesen behobenen Problemen wurde jQuery auf älteren Versionen von WordPress aktualisiert. Im 5er-Zweig wurde das bereits mit 5.2.1 vorgenommen, jetzt auch für die älteren Zweige.

    Eine Liste mit allen Änderungen gibt es im Trac. Weitere Informationen zur neuen Version gibt es auch auf der Dokumentations-Seite von 5.2.3.

    WordPress 5.2.3 ist ein kurzzyklischer Wartungs-Release, die nächste Major-Version wird WordPress 5.3 sein.

    Ihr könnt die neue Version von de.wordpress.org herunterladen, wenn ihr ein neues Projekt starten möchtet, oder eure bestehende Installation einfach über das Backend aktualisieren. Geht dafür auf DashboardAktualisierungen.

    Wenn ihr die automatischen Hintergrund-Updates nicht deaktiviert habt, könnte WordPress 5.2.3 bereits bei euch aktiv sein.

    Danke!

    Danke an die über 62 Mitwirkenden, die diesen Release ermöglicht haben!

    Adam Silverstein, Alex Concha, Alex Goller, Andrea Fercia, Andrew Duthie, Andrew Ozz, Andy Fragen, Ashish Shukla, Aslam Shekh, backermann1978, Catalin Dogaru, Chetan Prajapati, Chris Aprea, Christoph Herr, dan@micamedia.com, Daniel Llewellyn, donmhico, Ella van Durpe, epiqueras, Fencer04, flaviozavan, Garrett Hyder, Gary Pendergast, gqevu6bsiz, Hardik Thakkar, Ian Belanger, Ian Dunn, Jake Spurlock, Jb Audras, Jeffrey Paul, jikamens, John Blackbourn, Jonathan Desrosiers, Jorge Costa,karlgroves, Kjell Reigstad, laurelfulford, Maje Media LLC, Martin Spatovaliyski, Mary Baum, Monika Rao, Mukesh Panchal, nayana123, Ned Zimmerman, Nick Daugherty, Nilambar Sharma, nmenescardi, Paul Vincent Beigang, Pedro Mendonça, Peter Wilson, Sergey Biryukov, Sergey Predvoditelev, Sharaz Shahid, Stanimir Stoyanov, Stefano Minoia, Tammie Lister, tellthemachines, tmatsuur, Vaishali Panchal, vortfu, Will West und yarnboy.

    View the full article

  2. <h1>vBulletin 5.5.4 Changes and Updates</h1>
    <h2>Front End Changes</h2>
    <h3>Avatars as Status Icons</h3>
    <p>A new option has been added to show the user's avatar instead of the status icon in Topic Lists. This allows the system to be consistent with the responsive view. All views will display the same icons based on this option. You can access the option in the AdminCP under <code>Settings -&gt; Options -&gt; Channel Display Options</code>.</p>
    <p>When displaying avatars as status icons, the avatar will link to the user's profile for consistency. Administrators and moderators will not be able to double-click on the status icon to open and close topics. If this functionality is important for your site, you will need to use the standard status icons.</p>
    <blockquote>
    <p>Note: Previous versions of vBulletin 5 would always show avatars in Responsive View. In order to maintain consistency, Responsive View now follows this new setting.</p>
    </blockquote>
    <h3>Semantic HTML</h3>
    <p>By using semantic HTML tags, we can provide additional information to search engines and accessibility tools (e.g. Screen Readers). Using these tags allows the system to signify which information is more important on the page.</p>
    <p>We have converted the header, footer, and Channel Navigation Modules to better use Semantic HTML tags. The system is now using the &lt;header&gt;, &lt;footer&gt;, &lt;nav&gt;, and &lt;main&gt; tags where appropriate. Header elements are wrapped in the &lt;header&gt; tag instead of using the &lt;div&gt; tag. Footer elements on each page now use the &lt;footer&gt; tag. Menus and breadcrumbs are wrapped in the &lt;nav&gt; tag. The primary content of each page now uses the &lt;main&gt;. We have worked to make these changes backwards compatible and you should not see any difference in the rendering of your pages. However, if your custom CSS targets container.class (e.g. div.header) then you will need to update your CSS for these changes.</p>
    <p>If you are using one of the provided styles, then you will not have to do anything to take advantage of this change.</p>
    <hr>
    <h2>Back End / AdminCP</h2>
    <h3>Style Variable Validation</h3>
    <p>As a security measure, we have applied a series of validation rules to CSS attributes entered as Style Variable values and in User Profile Customization. These rules limit the amount of CSS that can be added to a variable and prevent users from adding their own attributes using third-party software to alter the page. As an Administrator, you can apply more complex CSS using the css_additional.css template for your style.</p>
    <p>The following validation rules have been added to the system:</p>
    <ol>
    <li><strong>Default</strong>
    <ul>
    <li>Applies to all style variables unless specified below.</li>
    <li>Limited to less than 250 characters.</li>
    <li>Does not contain the characters &quot;{}&quot;.</li>
    </ul>
    </li>
    <li><strong>URL and Image</strong>
    <ul>
    <li>URLs must be quoted.</li>
    <li>Unescaped braces &quot;{}&quot; are not allowed.</li>
    <li>Base64 is allowed as long as there are no braces.</li>
    </ul>
    </li>
    <li><strong>Font Family</strong>
    <ul>
    <li>No more than 20 font families listed.</li>
    <li>Font Family list is comma separated.</li>
    <li>Each font name is no more than 100 characters.</li>
    <li>Font names with spaces must be enclosed within quotation marks.</li>
    </ul>
    </li>
    </ol>
    <h3>Security Headers / Anti-Clickjacking</h3>
    <p>We have added several options to control how your site can be embedded in frames. Embedding a website within another is a frequent method used to PHISH for user data. vBulletin now allows you to prevent this and control where your site appears. This security measure will help safeguard your user's information and your site overall.</p>
    <p>These HTTP Headers are sent to the browser for interpretation. Each browser may interpret these headers differently.</p>
    <p>The options can be found in the AdminCP under <code>Settings -&gt; Options -&gt; Cookie and HTTP Header Options</code>.</p>
    <ul>
    <li><strong>Anti-Clickjacking Headers</strong>: This setting can be used to prevent your site from being included within HTML Frames. The default value will allow your site to be used in frames originating from the same URL. This will prevent sites that currently use frames from breaking. Setting this to Deny will prevent any framing. There are for options available:
    <ul>
    <li>Allow all Framing. This is how vBulletin works today. This option provides no security.</li>
    <li>Deny all Framing. This is the most restrictive Option.</li>
    <li>Allow from Same Site. Allows the system to be embedded in frames on your site. This provides basic security but will not break current sites. This will allow your site to be embedded in Frames that share the same domain as your Forum URL. Note: Accessing via domain name and IP Address will be considered two different sites.</li>
    </ul>
    </li>
    <li><strong>Content-Security-Policy Header Value</strong>: This header is supported by all modern browsers and provides a robust framework for browser security. Please view the inline help for more information. This option is for Advanced Users and Network Administrators. For best results, you should set the Anti-Clickjacking Header value to Allow All and then handle that within your Content Security Policy.</li>
    </ul>
    <h3>Content Notifications</h3>
    <p>Administrators can specify words that will trigger notifications when they are used. The system works similarly to the existing word censor options. After you have created your list of words, the system will monitor them. When a word is used, the site Administrators and Moderators will be notified via their message center and email based on their notification settings.</p>
    <p>The option for this is available in the AdminCP under <code>Settings -&gt; Options -&gt; User Banning Options</code>.</p>
    <h3>PHP Imagick Support</h3>
    <p>We have added support for the PECL imagick class available for PHP. Using this class can reduce server overhead and processing time when compared to the ImageMagick command line tools using the exec() function. Please see the <a href="https://www.php.net/manual/en/book.imagick.php">PHP Documentation</a> for information on installing this class on your server. Once installed, the class can be selected within the AdminCP under <code>Settings -&gt; Options -&gt; Image Settings</code>.</p>
    <blockquote>
    <p>Note: In a future version of vBulletin, we will be removing the older command line implementation of ImageMagick.</p>
    </blockquote>
    <h3>Guest Permissions</h3>
    <p>On new installations, several permissions for the Guest Users usergroup have been changed. The following permissions have been changed so that they default to No for guests:</p>
    <ul>
    <li>Can view Member Info.</li>
    <li>Skip Moderation for Topics.</li>
    <li>Skip Moderation for Replies.</li>
    <li>Skip Moderation for Posts/Topics With Attachments.</li>
    </ul>
    <hr>
    <h2>Additional Information</h2>
    <h3>Install / Upgrade</h3>
    <ul>
    <li><a href="https://www.vbulletin.com/forum/node/4391348">Installation Instructions</a></li>
    <li><a href="https://www.vbulletin.com/forum/node/4391346">Upgrade Instructions</a></li>
    </ul>
    <h3>File Cleanup</h3>
    <p>After upgrading your vBulletin system, you should delete any possible obsolete files. You can obtain more information on why this is needed and instructions on how to do this in this <a href="https://www.vbulletin.com/forum/node/4391346"><strong>topic</strong></a> in the vBulletin 5 Installs &amp; Upgrades forum.</p>
    <h3>System Requirements</h3>
    <h4>Minimum System Requirements</h4>
    <ul>
    <li>PHP Version: 7.1.0</li>
    <li>MySQL Version: 5.6.10</li>
    <li>MariaDB Version: 10.0.0</li>
    </ul>
    <h4>Recommended System Requirements</h4>
    <ul>
    <li>PHP Version: 7.3 or higher</li>
    <li>MySQL Version: 8.0 or higher</li>
    <li>MariaDB Version: 10.3+</li>
    </ul>
    <p>For more information see <a href="https://www.vbulletin.com/forum/node/4391344">vBulletin Connect System Requirements</a>.</p>
    <h3>Current Version Support Schedule</h3>
    <p>It is recommended to use the latest version of vBulletin at all times.</p>
    <ul>
    <li>Active Version - 5.5.4</li>
    <li>Security Patch - 5.5.3</li>
    <li>Security Patch - 5.5.2</li>
    <li>No Patch Release - 5.5.1 or earlier.</li>
    </ul>
    <h3>Discussion</h3>
    <p>If you have any questions about these changes you may discuss them here: https://forum.vbulletin.com/node/4419735</p>
    <p>If you find an issue with the software or wish to place a feature request please visit our <a href="https://tracker.vbulletin.com">tracker</a>.</p>
    <p>In order to receive support for your vBulletin Product please visit our <a href="https://www.vbulletin.com/forum/">community forums</a>.</p>

    View the full article

  3. Tja, da sind wir wieder!

    Nach einer zugegeben etwas längeren Auszeit ist die Seite nun wieder verfügbar. Wie ihr seht hat sich auch einiges getan, anstelle von XenForo basiert sie jetzt auf der Invision Community Suite. Für den einen oder anderen wahrscheinlich etwas ungewohnt, aber vieles ist was die Funktionen angeht doch sehr ähnlich und ich wette ihr werdet euch schnell hier zurecht finden.

    Die Inhalte vom alten Ressource-Manager wurden komplett importiert, allerdings in zwei Bereiche aufgeteilt. Die Addons an sich findet ihr unter Files bzw. Downloads. Alles was nicht in diese Kategorie fällt, befindet sich nun unter Tutorials. Es hatten sich mit der Zeit im RM nämlich auch einiges an Anleitungen und Templateedits angesammelt, die man nicht unbedingt in ein eigenständiges Addon verpacken muss.

    Das Forum an sich ist wie ihr seht zwar zweisprachig, aber sehr simpel gehalten. Ankündigungen, Support zur Seite und ein allgemeiner Bereich. Dazu noch die Project Tools für Verbesserungsvorschläge und als Bugtracker. Alles andere ist auf die Clubs verteilt, ähnlich wie im alten Board auch schon, nur etwas komplexer.

    Nehmen wir als Beispiel den Club für XenForo Admins. Dort gibt es neben einem Allgemeinen Forum (Topics) auch einen Fragen und Hilfebereich (Help), eine Linkliste mit XF-Relevanten Webseiten und noch ein paar andere Sachen. Mit "Supportthreads" sind die der hier angebotenen Addons gemeint. Bei jedem Download findet ihr einen Button, der euch zum jeweiligen Thread führt. Es sei denn ein Addon wird nicht mehr Supported, wie beispielsweise altes Zeugs für XF1 oder vBulletin.

    Diese Microcommunities oder Interessensgemeinschaften sind dazu gedacht, nicht ein übergrosses Board zu haben, wo am Ende keiner mehr durchblickt, joined einfach die Clubs zu Themen, die euch Interessieren. Einen XF-User wird zum Beispiel das vBulletin Resort eher weniger interessieren, es sei denn er hat selber mal eins gehabt ;)

    Dazu kommt, dass hier nicht nur MV sondern noch zwei weitere Foren integriert wurden, die so nicht mehr am Netz sind. Das eine ist CelebStash, dessen Content grösstenteils in den gleichnamigen Club importiert wurde. Weitere Threads dieses Bords sind nun unter anderem in den Clubs "TV-Total" und "Filmpalast" zu finden. Das andere ist Famewhores, welches ursprünglich als klassisches Forum gestartet und mittlerweile in ein moderneres Imageboard umgewandelt wurde. Der Grossteil der alten Threads wurde in einem geschlossenen Club archiviert, da es einfach zu schade war, alles zu löschen. Im Gegensatz zu den MV-Accounts wurden die Stammuser ebenfalls übernommen, lediglich Nullposter und Trashmails wurden weggelassen.

    Die Linkliste liess sich leider nicht so einfach aus dem alten Board importieren, nach und nach werden die Inhalte allerdings manuell reposted werden. Ist wahrscheinlich auch am besten so, denn einige der Links werden mittlerweile bestimmt tot sein. Die Gallery diente schon im XF eigentlich nur zu Demonstrationszwecken und das ist hier auch nicht anders. Ihr könnt gerne Bilder hochladen, Alben anlegen und direkt mit der XFMG vergleichen (Login logischerweise erforderlich). Der Bereich Videos ist im grossen und ganzen das, wofür ich früher das exzellente XenMedio verwendet habe, eine kleine Jukebox für's Board. Das was ihr unter Movies seht, ist momentan noch in der Entwicklungsphase, funktioniert aber soweit einwandfrei. Mehr dazu an anderer Stelle. Einzig für das brilliante XenCarta habe ich keinen ebenbürtigen Ersatz gefunden, aber ein Wiki wird auf dieser Seite im Moment nicht wirklich dringend benötigt.

    Wenn euch das dunkle Design nicht so zusagt, können angemeldete User unten im Footer auch zu einem helleren wechseln. Das Classic Theme ist bis auf ein paar minimale Anpassungen der Standard-Style von IPS4.

    Ich glaube, das müsste es fürs erste auch gewesen sein. Bei Fragen einfach Fragen und Feedback ist immer willkommen :winking-face:

    Best regards

    V0RT3X


    View full article

  4. Bitte beachten Sie, dass die unten stehende Liste nur die wichtigsten Änderungen enthält. Kleinere Korrekturen (u.a. Tippfehler) werden nicht separat aufgeführt.


    WoltLab Suite Blog

    • Die Ungelesen-Markierung wurde auf mobilen Geräten nicht immer korrekt entfernt. 3.0 / 3.1

    WoltLab Suite Calendar

    • In der Wochenansicht kam es zu einem Fehler im Template Scripting. 3.0 / 3.1
    • Einige Verbesserungen der Übersetzungen. 3.0 / 3.1

    WoltLab Suite Filebase

    • Die Ungelesen-Markierung wurde auf mobilen Geräten nicht immer korrekt entfernt. 3.0 / 3.1

    WoltLab Suite Forum

    • Beim Bearbeiten eines Themas mit der Einstellung als Ankündigung ohne ausgewählte Foren kam es zu einer inkorrekten Fehlermeldung. 5.0 / 5.1
    • Die Nachrichtenprüfung beim Bearbeiten von Beiträgen wurde verbessert. 5.0 / 5.1
    • Kategorien in Atom-Feeds werden nun beim Import korrekt verarbeitet. 5.0 / 5.1
    • Beim Kopieren von Foren wurde das eingestellte Icon nicht übernommen. 5.1
    • Die Antwort-Box verhielt sich bei einer umgedrehten Nachrichtenreihenfolge fehlerhaft. 5.1

    WoltLab Suite Gallery

    • Die Ungelesen-Markierung wurde auf mobilen Geräten nicht immer korrekt entfernt. 3.0 / 3.1
    • Nicht mehr zugeordnete Marker konnten beim Import Probleme verursachen. 3.0 / 3.1
    • Eine fehlende Sprachvariable für den Kamerablitz wurde ergänzt. 3.0 / 3.1

    WoltLab Suite Core: Conversations

    • Die Darstellung einiger Labels für Konversationen war fehlerhaft. 3.0 / 3.1

    WoltLab Suite Core: Exporter

    • SMF 2.x
      • Vorschaugrafiken von Dateianhängen werden nicht länger als eigenständiger Dateianhang importiert. 3.1
    • vBulletin 5.x
      • Ungültige Passwort-Hash-Verfahren werden nun korrekt verarbeitet. 3.1

    WoltLab Suite Core: Moderated User Groups

    • Einige Verbesserungen der Übersetzungen. 3.1

    WoltLab Suite Core

    • Die Anzahl an automatischen Benutzergruppenzuordnungen werden nun pro Durchlauf beschränkt um Zeitüberschreitungen zu vermeiden. 3.0 / 3.1
    • Dynamisch nachgeladene Nachrichten konnten manchmal nicht bearbeitet werden. 3.0 / 3.1
    • Tags werden nun unabhängig von der Groß- bzw. Kleinschreibung sortiert. 3.0 / 3.1
    • Die Anmelde-Buttons für Drittanbieter wurden angepasst, um den aktualisierten Vorgaben der Anbieter zu entsprechen. 3.0 / 3.1
    • Auf CMS-Seiten mit nur einer Sprache wird nicht länger das Drop-Down für die Sprachauswahl angeboten. 3.0 / 3.1
    • Der Wert der Spalte wcfN_user.authData wurde im DSGVO-Export ergänzt. 3.0 / 3.1
    • Die Verarbeitung von Links im Editor wurde verbessert. 3.0 / 3.1
    • Das Mindestdatum im Datumswähler konnte auf Grund eines Fehlers nicht in der Zukunft liegen. 3.0 / 3.1
    • Einige Nachrichtenformatierungen wurden bei der Server-seitigen Verarbeitung nicht korrekt zurückgewiesen. 3.0 / 3.1
    • Fehlerhafte Eingaben im Kontaktformular führten dazu, dass der ausgewählte Empfänger verworfen wurde. 3.1
    • Die Ausrichtung einiger scrollbaren Drop-Downs war fehlerhaft. 3.1
    • Die Entfernung einer Formatierung an der Cursor-Position im Editor war fehlerhaft und erzeugte eine durchgestrichene Darstellung. 3.1
    • CMS-Seiten können nun korrekt als Startseite einer App eingestellt werden. 3.1

    View the full article

  5. Back in July I released the new installer. After some reports I realized that it was urgent to improve its functionality and reliability as I overestimated the expected servers setups.

    I added a custom error handler and I improved how the server responses are interpreted, I also improved the DB privileges check so now the installer should work more servers, including Dreamhost.

    Finally, I've made public...

    Installer 2.0.0 released (stable)

    View the full article

  6. Die WoltLab Suite 5.2 ist der nächste Meilenstein in der Geschichte der Community- und Foren-Lösungen, probieren Sie unverbindlich den Nachfolger der überaus erfolgreichen WoltLab Suite 3 aus.


    Systemvoraussetzungen

    Für die Installation und Nutzung von WoltLab Suite 5.2 müssen die folgenden Voraussetzungen erfüllt sein:

    • Webserver mit PHP 7.0.22 oder neuer (PHP 7.3+ empfohlen)
    • MySQL 5.5.35 (oder neuer) / MariaDB 5.5.47 (oder neuer) / MariaDB 10.0.22 (oder neuer)
    • 20 MB Festplattenspeicher
    • Aktueller Webbrowser (Chrome 76+, Firefox 68+, Safari 12+, Microsoft Edge 44+ [EdgeHTML 18+])

    Installationsanleitung

    1. Laden Sie das Installations-Archiv auf Ihren Computer herunter.
    2. Entpacken Sie das Archiv.
    3. Laden Sie die Dateien install.php, test.php und WCFSetup.tar.gz auf Ihren Webserver hoch.
    4. Starten Sie die Installation, indem Sie die Datei test.php in Ihrem Webbrowser aufrufen.

    Aktualisierung von früheren Versionen

    Die erste Beta-Version unterstützt keine Aktualisierung von früheren Versionen von WoltLab Suite 3.x, die Update-Funktionalität wird erst mit nachfolgenden Versionen ermöglicht.

    Nutzung & Support

    Es handelt sich um eine Testversion, die nicht für den produktiven Einsatz gedacht ist. Die Nutzung in einer Produktivumgebung erfolgt auf eigene Gefahr. Ein Update von WoltLab Suite 5.2 Beta 1 auf zukünftige Versionen wird nicht garantiert. Die Nutzungsdauer der Betaversion ist auf den 25. Oktober 2019 begrenzt, danach ist eine weitere Nutzung nur mit einer gültigen Lizenz gestattet.


    Fragen und Anregungen zu der neuen Version können direkt hier im Forum hinterlassen werden; Im Falle von Probleme oder Unstimmigkeiten bitten wir um eine kurze Rückmeldung im entsprechenden Bereich, damit wir uns dessen annehmen können.

    Anpassung der Versionsnummern

    Die Forum App nutzte aus historischen Gründen eine höhere Versionsnummer, wodurch es zu einigen Unklarheiten kam. Ab dieser Version laufen alle Produkte unter der einheitlichen Versionsnummer 5.2.



    Download WoltLab Suite Forum 5.2 Beta 1

    Download WoltLab Suite Blog 5.2 Beta 1

    Download WoltLab Suite Calendar 5.2 Beta 1

    Download WoltLab Suite Gallery 5.2 Beta 1

    Download WoltLab Suite Filebase 5.2 Beta 1

    View the full article

  7. <h1>vBulletin 5.5.4 Changes and Updates</h1>
    <p>The Preview Release of vBulletin 5.5.4 is now available to download customers. Preview Releases should not be used on production servers and are for testing purposes only.</p>
    <h2>Front End Changes</h2>
    <h3>Avatars as Status Icons</h3>
    <p>A new option has been added to show the user's avatar instead of the status icon in Topic Lists. This allows the system to be consistent with the responsive view. All views will display the same icons based on this option. You can access the option in the AdminCP under <code>Settings -&gt; Options -&gt; Channel Display Options</code></p>
    <h3>Semantic HTML</h3>
    <p>By using semantic HTML tags, we can provide additional information to search engines and accessibility tools (e.g. Screen Readers). Using these tags allows the system to signify which information is more important on the page.</p>
    <p>We have converted the header, footer, and Channel Navigation Modules to better use Semantic HTML tags. The system is now using the &lt;header&gt;, &lt;footer&gt;, &lt;nav&gt;, and &lt;main&gt; tags where appropriate. Header elements are wrapped in the &lt;header&gt; tag instead of using the &lt;div&gt; tag. Footer elements on each page now use the &lt;footer&gt; tag. Menus and breadcrumbs are wrapped in the &lt;nav&gt; tag. The primary content of each page now uses the &lt;main&gt;. We have worked to make these changes backwards compatible and you should not see any difference in the rendering of your pages. However, if your custom CSS targets container.class (e.g. div.header) then you will need to update your CSS for these changes.</p>
    <p>If you are using one of the provided styles, then you will not have to do anything to take advantage of this change.</p>
    <hr>
    <h2>Back End / AdminCP</h2>
    <h3>Style Variable Validation</h3>
    <p>As a security measure, we have applied a series of validation rules to CSS attributes entered as Style Variable values and in User Profile Customization. These rules limit the amount of CSS that can be added to a variable and prevent users from adding their own attributes using third-party software to alter the page. As an Administrator, you can apply more complex CSS using the css_additional.css template for your style.</p>
    <p>The following validation rules have been added to the system:</p>
    <ol>
    <li><strong>Default</strong>
    <ul>
    <li>Applies to all style variables unless specified below.</li>
    <li>Limited to less than 250 characters.</li>
    <li>Does not contain the characters &quot;{}&quot;.</li>
    </ul>
    </li>
    <li><strong>URL and Image</strong>
    <ul>
    <li>URLs must be quoted.</li>
    <li>Unescaped braces &quot;{}&quot; are not allowed.</li>
    <li>Base64 is allowed as long as there are no braces.</li>
    </ul>
    </li>
    <li><strong>Font Family</strong>
    <ul>
    <li>No more than 20 font families listed.</li>
    <li>Font Family list is comma separated.</li>
    <li>Each font name is no more than 100 characters.</li>
    <li>Font names with spaces must be enclosed within quotation marks.</li>
    </ul>
    </li>
    </ol>
    <h3>Security Headers / Anti-Clickjacking</h3>
    <p>We have added several options to control how your site can be embedded in frames. Embedding a website within another is a frequent method used to PHISH for user data. vBulletin now allows you to prevent this and control where your site appears. This security measure will help safeguard your user's information and your site overall.</p>
    <p>These HTTP Headers are sent to the browser for interpretation. Each browser may interpret these headers differently.</p>
    <p>The options can be found in the AdminCP under <code>Settings -&gt; Options -&gt; Cookie and HTTP Header Options</code>.</p>
    <ul>
    <li><strong>Anti-Clickjacking Headers</strong>: This setting can be used to prevent your site from being included within HTML Frames. The default value will allow your site to be used in frames originating from the same URL. This will prevent sites that currently use frames from breaking. Setting this to Deny will prevent any framing. There are for options available:
    <ul>
    <li>Allow all Framing. This is how vBulletin works today. This option provides no security.</li>
    <li>Deny all Framing. This is the most restrictive Option.</li>
    <li>Allow from Same Site. Allows the system to be embedded in frames on your site. This provides basic security but will not break current sites. This will allow your site to be embedded in Frames that share the same domain as your Forum URL. Note: Accessing via domain name and IP Address will be considered two different sites.</li>
    <li>Specify Raw Header Values. When this is selected, the system will not send headers unless specified in the next two options.</li>
    </ul>
    </li>
    <li><strong>X-Frame-Options Header Value</strong>: This setting allows you to specify a custom value for this header. This header is primarily for Internet Explorer 11 support. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    <li><strong>Content-Security-Policy Header Value</strong>: This header is supported by all modern browsers and provides a robust framework for browser security. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    </ul>
    <h3>Content Notifications</h3>
    <p>Administrators can specify words that will trigger notifications when they are used. The system works similarly to the existing word censor options. After you have created your list of words, the system will monitor them. When a word is used, the site Administrators and Moderators will be notified via their message center and email based on their notification settings.</p>
    <p>The option for this is available in the AdminCP under <code>Settings -&gt; Options -&gt; User Banning Options</code>.</p>
    <h3>PHP Imagick Support</h3>
    <p>We have added support for the PECL imagick class available for PHP. Using this class can reduce server overhead and processing time when compared to the ImageMagick command line tools using the exec() function. Please see the <a href="https://www.php.net/manual/en/book.imagick.php">PHP Documentation</a> for information on installing this class on your server. Once installed, the class can be selected within the AdminCP under <code>Settings -&gt; Options -&gt; Image Settings</code>.</p>
    <blockquote>
    <p>Note: In a future version of vBulletin, we will be removing the older command line implementation of ImageMagick.</p>
    </blockquote>
    <hr>
    <h2>Additional Information</h2>
    <h3>Install / Upgrade</h3>
    <ul>
    <li><a href="https://www.vbulletin.com/forum/node/4391348">Installation Instructions</a></li>
    <li><a href="https://www.vbulletin.com/forum/node/4391346">Upgrade Instructions</a></li>
    </ul>
    <h3>File Cleanup</h3>
    <p>After upgrading your vBulletin system, you should delete any possible obsolete files. You can obtain more information on why this is needed and instructions on how to do this in this <a href="https://www.vbulletin.com/forum/node/4391346"><strong>topic</strong></a> in the vBulletin 5 Installs &amp; Upgrades forum.</p>
    <h3>System Requirements</h3>
    <h4>Minimum System Requirements</h4>
    <ul>
    <li>PHP Version: 7.1.0</li>
    <li>MySQL Version: 5.6.10</li>
    <li>MariaDB Version: 10.0.0</li>
    </ul>
    <h4>Recommended System Requirements</h4>
    <ul>
    <li>PHP Version: 7.3 or higher</li>
    <li>MySQL Version: 8.0 or higher</li>
    <li>MariaDB Version: 10.3+</li>
    </ul>
    <p>For more information see <a href="https://www.vbulletin.com/forum/node/4391344">vBulletin Connect System Requirements</a>.</p>
    <h3>Current Version Support Schedule</h3>
    <p>It is recommended to use the latest version of vBulletin at all times.</p>
    <ul>
    <li>Active Version - 5.5.3</li>
    <li>Security Patch - 5.5.2</li>
    <li>Security Patch - 5.5.1</li>
    <li>No Patch Release - 5.5.0 or earlier.</li>
    </ul>
    <h3>Discussion</h3>
    <p>If you have any questions about these changes you may discuss them here: https://forum.vbulletin.com/node/4419735 </p>
    <p>If you find an issue with the software or wish to place a feature request please visit our <a href="https://tracker.vbulletin.com">tracker</a>.</p>
    <p>In order to receive support for your vBulletin Product please visit our <a href="https://www.vbulletin.com/forum/">community forums</a>.</p>

    View the full article

  8. <h1>vBulletin 5.5.4 Changes and Updates</h1>
    <p>The Preview Release of vBulletin 5.5.4 is now available to download customers. Preview Releases should not be used on production servers and are for testing purposes only.</p>
    <h2>Front End Changes</h2>
    <h3>Avatars as Status Icons</h3>
    <p>A new option has been added to show the user's avatar instead of the status icon in Topic Lists. This allows the system to be consistent with the responsive view. All views will display the same icons based on this option. You can access the option in the AdminCP under <code>Settings -&gt; Options -&gt; Channel Display Options</code></p>
    <h3>Semantic HTML</h3>
    <p>By using semantic HTML tags, we can provide additional information to search engines and accessibility tools (e.g. Screen Readers). Using these tags allows the system to signify which information is more important on the page.</p>
    <p>We have converted the header, footer, and Channel Navigation Modules to better use Semantic HTML tags. The system is now using the &lt;header&gt;, &lt;footer&gt;, &lt;nav&gt;, and &lt;main&gt; tags where appropriate. Header elements are wrapped in the &lt;header&gt; tag instead of using the &lt;div&gt; tag. Footer elements on each page now use the &lt;footer&gt; tag. Menus and breadcrumbs are wrapped in the &lt;nav&gt; tag. The primary content of each page now uses the &lt;main&gt;. We have worked to make these changes backwards compatible and you should not see any difference in the rendering of your pages. However, if your custom CSS targets container.class (e.g. div.header) then you will need to update your CSS for these changes.</p>
    <p>If you are using one of the provided styles, then you will not have to do anything to take advantage of this change.</p>
    <hr>
    <h2>Back End / AdminCP</h2>
    <h3>Style Variable Validation</h3>
    <p>As a security measure, we have applied a series of validation rules to CSS attributes entered as Style Variable values and in User Profile Customization. These rules limit the amount of CSS that can be added to a variable and prevent users from adding their own attributes using third-party software to alter the page. As an Administrator, you can apply more complex CSS using the css_additional.css template for your style.</p>
    <p>The following validation rules have been added to the system:</p>
    <ol>
    <li><strong>Default</strong>
    <ul>
    <li>Applies to all style variables unless specified below.</li>
    <li>Limited to less than 250 characters.</li>
    <li>Does not contain the characters &quot;{}&quot;.</li>
    </ul>
    </li>
    <li><strong>URL and Image</strong>
    <ul>
    <li>URLs must be quoted.</li>
    <li>Unescaped braces &quot;{}&quot; are not allowed.</li>
    <li>Base64 is allowed as long as there are no braces.</li>
    </ul>
    </li>
    <li><strong>Font Family</strong>
    <ul>
    <li>No more than 20 font families listed.</li>
    <li>Font Family list is comma separated.</li>
    <li>Each font name is no more than 100 characters.</li>
    <li>Font names with spaces must be enclosed within quotation marks.</li>
    </ul>
    </li>
    </ol>
    <h3>Security Headers / Anti-Clickjacking</h3>
    <p>We have added several options to control how your site can be embedded in frames. Embedding a website within another is a frequent method used to PHISH for user data. vBulletin now allows you to prevent this and control where your site appears. This security measure will help safeguard your user's information and your site overall.</p>
    <p>These HTTP Headers are sent to the browser for interpretation. Each browser may interpret these headers differently.</p>
    <p>The options can be found in the AdminCP under <code>Settings -&gt; Options -&gt; Cookie and HTTP Header Options</code>.</p>
    <ul>
    <li><strong>Anti-Clickjacking Headers</strong>: This setting can be used to prevent your site from being included within HTML Frames. The default value will allow your site to be used in frames originating from the same URL. This will prevent sites that currently use frames from breaking. Setting this to Deny will prevent any framing. There are for options available:
    <ul>
    <li>Allow all Framing. This is how vBulletin works today. This option provides no security.</li>
    <li>Deny all Framing. This is the most restrictive Option.</li>
    <li>Allow from Same Site. Allows the system to be embedded in frames on your site. This provides basic security but will not break current sites. This will allow your site to be embedded in Frames that share the same domain as your Forum URL. Note: Accessing via domain name and IP Address will be considered two different sites.</li>
    <li>Specify Raw Header Values. When this is selected, the system will not send headers unless specified in the next two options.</li>
    </ul>
    </li>
    <li><strong>X-Frame-Options Header Value</strong>: This setting allows you to specify a custom value for this header. This header is primarily for Internet Explorer 11 support. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    <li><strong>Content-Security-Policy Header Value</strong>: This header is supported by all modern browsers and provides a robust framework for browser security. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    </ul>
    <h3>Content Notifications</h3>
    <p>Administrators can specify words that will trigger notifications when they are used. The system works similarly to the existing word censor options. After you have created your list of words, the system will monitor them. When a word is used, the site Administrators and Moderators will be notified via their message center and email based on their notification settings.</p>
    <p>The option for this is available in the AdminCP under <code>Settings -&gt; Options -&gt; User Banning Options</code>.</p>
    <h3>PHP Imagick Support</h3>
    <p>We have added support for the PECL imagick class available for PHP. Using this class can reduce server overhead and processing time when compared to the ImageMagick command line tools using the exec() function. Please see the <a href="https://www.php.net/manual/en/book.imagick.php">PHP Documentation</a> for information on installing this class on your server. Once installed, the class can be selected within the AdminCP under <code>Settings -&gt; Options -&gt; Image Settings</code>.</p>
    <blockquote>
    <p>Note: In a future version of vBulletin, we will be removing the older command line implementation of ImageMagick.</p>
    </blockquote>
    <hr>
    <h2>Additional Information</h2>
    <h3>Install / Upgrade</h3>
    <ul>
    <li><a href="https://www.vbulletin.com/forum/node/4391348">Installation Instructions</a></li>
    <li><a href="https://www.vbulletin.com/forum/node/4391346">Upgrade Instructions</a></li>
    </ul>
    <h3>File Cleanup</h3>
    <p>After upgrading your vBulletin system, you should delete any possible obsolete files. You can obtain more information on why this is needed and instructions on how to do this in this <a href="https://www.vbulletin.com/forum/node/4391346"><strong>topic</strong></a> in the vBulletin 5 Installs &amp; Upgrades forum.</p>
    <h3>System Requirements</h3>
    <h4>Minimum System Requirements</h4>
    <ul>
    <li>PHP Version: 7.1.0</li>
    <li>MySQL Version: 5.6.10</li>
    <li>MariaDB Version: 10.0.0</li>
    </ul>
    <h4>Recommended System Requirements</h4>
    <ul>
    <li>PHP Version: 7.3 or higher</li>
    <li>MySQL Version: 8.0 or higher</li>
    <li>MariaDB Version: 10.3+</li>
    </ul>
    <p>For more information see <a href="https://www.vbulletin.com/forum/node/4391344">vBulletin Connect System Requirements</a>.</p>
    <h3>Current Version Support Schedule</h3>
    <p>It is recommended to use the latest version of vBulletin at all times.</p>
    <ul>
    <li>Active Version - 5.5.3</li>
    <li>Security Patch - 5.5.2</li>
    <li>Security Patch - 5.5.1</li>
    <li>No Patch Release - 5.5.0 or earlier.</li>
    </ul>
    <h3>Discussion</h3>
    <p>If you have any questions about these changes you may discuss them here: https://forum.vbulletin.com/node/4419735 </p>
    <p>If you find an issue with the software or wish to place a feature request please visit our <a href="https://tracker.vbulletin.com">tracker</a>.</p>
    <p>In order to receive support for your vBulletin Product please visit our <a href="https://www.vbulletin.com/forum/">community forums</a>.</p>

    View the full article

  9. <h1>vBulletin 5.5.4 Changes and Updates</h1>
    <p>The Preview Release of vBulletin 5.5.4 is now available to download customers. Preview Releases should not be used on production servers and are for testing purposes only.</p>
    <h2>Front End Changes</h2>
    <h3>Avatars as Status Icons</h3>
    <p>A new option has been added to show the user's avatar instead of the status icon in Topic Lists. This allows the system to be consistent with the responsive view. All views will display the same icons based on this option. You can access the option in the AdminCP under <code>Settings -&gt; Options -&gt; Channel Display Options</code></p>
    <h3>Semantic HTML</h3>
    <p>By using semantic HTML tags, we can provide additional information to search engines and accessibility tools (e.g. Screen Readers). Using these tags allows the system to signify which information is more important on the page.</p>
    <p>We have converted the header, footer, and Channel Navigation Modules to better use Semantic HTML tags. The system is now using the &lt;header&gt;, &lt;footer&gt;, &lt;nav&gt;, and &lt;main&gt; tags where appropriate. Header elements are wrapped in the &lt;header&gt; tag instead of using the &lt;div&gt; tag. Footer elements on each page now use the &lt;footer&gt; tag. Menus and breadcrumbs are wrapped in the &lt;nav&gt; tag. The primary content of each page now uses the &lt;main&gt;. We have worked to make these changes backwards compatible and you should not see any difference in the rendering of your pages. However, if your custom CSS targets container.class (e.g. div.header) then you will need to update your CSS for these changes.</p>
    <p>If you are using one of the provided styles, then you will not have to do anything to take advantage of this change.</p>
    <hr>
    <h2>Back End / AdminCP</h2>
    <h3>Style Variable Validation</h3>
    <p>As a security measure, we have applied a series of validation rules to CSS attributes entered as Style Variable values and in User Profile Customization. These rules limit the amount of CSS that can be added to a variable and prevent users from adding their own attributes using third-party software to alter the page. As an Administrator, you can apply more complex CSS using the css_additional.css template for your style.</p>
    <p>The following validation rules have been added to the system:</p>
    <ol>
    <li><strong>Default</strong>
    <ul>
    <li>Applies to all style variables unless specified below.</li>
    <li>Limited to less than 250 characters.</li>
    <li>Does not contain the characters &quot;{}&quot;.</li>
    </ul>
    </li>
    <li><strong>URL and Image</strong>
    <ul>
    <li>URLs must be quoted.</li>
    <li>Unescaped braces &quot;{}&quot; are not allowed.</li>
    <li>Base64 is allowed as long as there are no braces.</li>
    </ul>
    </li>
    <li><strong>Font Family</strong>
    <ul>
    <li>No more than 20 font families listed.</li>
    <li>Font Family list is comma separated.</li>
    <li>Each font name is no more than 100 characters.</li>
    <li>Font names with spaces must be enclosed within quotation marks.</li>
    </ul>
    </li>
    </ol>
    <h3>Security Headers / Anti-Clickjacking</h3>
    <p>We have added several options to control how your site can be embedded in frames. Embedding a website within another is a frequent method used to PHISH for user data. vBulletin now allows you to prevent this and control where your site appears. This security measure will help safeguard your user's information and your site overall.</p>
    <p>These HTTP Headers are sent to the browser for interpretation. Each browser may interpret these headers differently.</p>
    <p>The options can be found in the AdminCP under <code>Settings -&gt; Options -&gt; Cookie and HTTP Header Options</code>.</p>
    <ul>
    <li><strong>Anti-Clickjacking Headers</strong>: This setting can be used to prevent your site from being included within HTML Frames. The default value will allow your site to be used in frames originating from the same URL. This will prevent sites that currently use frames from breaking. Setting this to Deny will prevent any framing. There are for options available:
    <ul>
    <li>Allow all Framing. This is how vBulletin works today. This option provides no security.</li>
    <li>Deny all Framing. This is the most restrictive Option.</li>
    <li>Allow from Same Site. Allows the system to be embedded in frames on your site. This provides basic security but will not break current sites. This will allow your site to be embedded in Frames that share the same domain as your Forum URL. Note: Accessing via domain name and IP Address will be considered two different sites.</li>
    <li>Specify Raw Header Values. When this is selected, the system will not send headers unless specified in the next two options.</li>
    </ul>
    </li>
    <li><strong>X-Frame-Options Header Value</strong>: This setting allows you to specify a custom value for this header. This header is primarily for Internet Explorer 11 support. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    <li><strong>Content-Security-Policy Header Value</strong>: This header is supported by all modern browsers and provides a robust framework for browser security. Please view the inline help for more information. This option is for Advanced Users and Network Administrators.</li>
    </ul>
    <h3>Content Notifications</h3>
    <p>Administrators can specify words that will trigger notifications when they are used. The system works similarly to the existing word censor options. After you have created your list of words, the system will monitor them. When a word is used, the site Administrators and Moderators will be notified via their message center and email based on their notification settings.</p>
    <p>The option for this is available in the AdminCP under <code>Settings -&gt; Options -&gt; User Banning Options</code>.</p>
    <h3>PHP Imagick Support</h3>
    <p>We have added support for the PECL imagick class available for PHP. Using this class can reduce server overhead and processing time when compared to the ImageMagick command line tools using the exec() function. Please see the <a href="https://www.php.net/manual/en/book.imagick.php">PHP Documentation</a> for information on installing this class on your server. Once installed, the class can be selected within the AdminCP under <code>Settings -&gt; Options -&gt; Image Settings</code>.</p>
    <blockquote>
    <p>Note: In a future version of vBulletin, we will be removing the older command line implementation of ImageMagick.</p>
    </blockquote>
    <hr>
    <h2>Additional Information</h2>
    <h3>Install / Upgrade</h3>
    <ul>
    <li><a href="https://www.vbulletin.com/forum/node/4391348">Installation Instructions</a></li>
    <li><a href="https://www.vbulletin.com/forum/node/4391346">Upgrade Instructions</a></li>
    </ul>
    <h3>File Cleanup</h3>
    <p>After upgrading your vBulletin system, you should delete any possible obsolete files. You can obtain more information on why this is needed and instructions on how to do this in this <a href="https://www.vbulletin.com/forum/node/4391346"><strong>topic</strong></a> in the vBulletin 5 Installs &amp; Upgrades forum.</p>
    <h3>System Requirements</h3>
    <h4>Minimum System Requirements</h4>
    <ul>
    <li>PHP Version: 7.1.0</li>
    <li>MySQL Version: 5.6.10</li>
    <li>MariaDB Version: 10.0.0</li>
    </ul>
    <h4>Recommended System Requirements</h4>
    <ul>
    <li>PHP Version: 7.3 or higher</li>
    <li>MySQL Version: 8.0 or higher</li>
    <li>MariaDB Version: 10.3+</li>
    </ul>
    <p>For more information see <a href="https://www.vbulletin.com/forum/node/4391344">vBulletin Connect System Requirements</a>.</p>
    <h3>Current Version Support Schedule</h3>
    <p>It is recommended to use the latest version of vBulletin at all times.</p>
    <ul>
    <li>Active Version - 5.5.3</li>
    <li>Security Patch - 5.5.2</li>
    <li>Security Patch - 5.5.1</li>
    <li>No Patch Release - 5.5.0 or earlier.</li>
    </ul>
    <h3>Discussion</h3>
    <p>If you have any questions about these changes you may discuss them here: https://forum.vbulletin.com/node/4419735 </p>
    <p>If you find an issue with the software or wish to place a feature request please visit our <a href="https://tracker.vbulletin.com">tracker</a>.</p>
    <p>In order to receive support for your vBulletin Product please visit our <a href="https://www.vbulletin.com/forum/">community forums</a>.</p>

    View the full article

  10. XenForo 2.1.3 Released

    XenForo 2.1.3 is now available for all licensed customers to download. We recommend that all customers running previous versions of XenForo 2.1 upgrade to this release to benefit from increased stability.

    Download XenForo 2.1.3

    Some of the changes in XF 2.1.3 include:
    • Don't log when a push notification hits a 406 error as this is a temporary rate limiting issue.
    • Update the...

    XenForo, Media Gallery, Resource Manager 2.1.3 and Enhanced Search 2.1.2 released

    View the full article

×
×
  • Create New...

Important Information

This website uses cookies and shit. Deal with it or GTFO!