XenForo 2.x.x Nulled By skripters.net 2.0.12

Спойлер: Список изменений XenForo 2.0.12 (ENG)

• Improve PHP 7.3 compatibility.
• If available and different from the server version, grab a more detailed version for the Server environment report.
• If the $_SERVER['SERVER_SOFTWARE'] value isn't available or valid then just don't display that entry in the report, because it's mostly not essential.
• Adds some additional phrases for the "Server environment report"
• Fix an issue which affects building add-on releases on Windows where local paths included a leading slash.
• Incrementally update the job state of the Sitemap job so that a fatal error shouldn't disrupt the process and introduce corrupted/duplicate items.
• Adjust error message given when attempting to edit a user's permissions for a content type without a valid user_id.
• Standardize the locale information used by PHP.
• Use a different approach to loading icons on the add-ons list in the Admin CP. To avoid issues with multiple database connections, the icon image data is instead converted to a data URI.
• User upgrades should not check canPurchase() before processing a payment that has been received, as this method is really only for limiting the UI/purchase setup.
• Add some additional trusted IP ranges for Google.
• Ensure 'nullable' entity property is reflected in generated code
• Ensure node navigation entries use their assigned title
• Ignore custom field errors during admin edit and include custom field title with errors
• Convert warning notes field to structured text
• Correctly apply admin user message leave options
• Prevent new messages being duplicated in Firefox
• Ensure multi quote quotes are inserted into the correct editor
• Hide 'Start a new conversation' link if visitor doesn't have permission to start conversations.
• Allow permanent redirects to be stickied and unstickied.
• Ensure xf:pagenav tags use correct router.
• Remove extra save call when ignoring member
• Remove UTC check from server environment report and link PHP version to phpinfo page
• Prevent loading of Setup.php if addon.json requirements aren't met
• Make xf-dev:entity-class-properties CLI command correctly handle subdirectories
• Return 'complete' response from UserGroupPromotion job if no active promotions are found.
• Ensure 'From name' and 'From email' fields are applied when batch emailing users
• Hide editor draft menu from guests
• Ensure cron entries run at zero valued time units if multiple time values are selected.
• Check for missing hash in IPSForums3x authentication handler.
• Add missing hint parameter to discouraged checkbox on user edit page
• Remove invalid relation from SpamTriggerLog entity
• Use content type phrase when rebuilding the search index
• Fix incorrect URL on conversation message likes list
• Fix broken 'Delay duration' option for floating notices
• Allow invalid users to be unfollowed
• Re-add explain text in the user_edit form to clarify non-valid user states behaviour.
• Include table name in message for any exception occurring in SchemaManager methods.
• Implement custom stack trace builder to mask passwords in method arguments
• Add deleted item styling to news feed items
• When restoring spam cleaned threads, ensure threads which were originally moved are restored back to the correct forum.
• Return an error phrase upon invalid callback validation when performing spam clean actions. Note that the method name switches to ucfirst(\XF\Util\Php::camelCase($action)) in XF 2.1 but remains as ucfirst($action) in XF 2.0.
• When handling a Stripe webhook that is missing required metadata, when attempting to find a previous related log, ensure said log actually contains a purchase_request_key.
• Improve BB code parsing of incomplete tags within plain-child tags.
• Migrate user field criteria during upgrade from XF 1.x to 2.x
• By default, do not allow cookies to be retrieved as arrays to prevent unexpected behavior. (Array support can now be opted into explicitly.)
• Prevent an error when trying to delete a payment profile when there is an invalid purchasable definition.
• Track when a preview is pending to prevent multiple simultaneous preview loads.
• Prevent a PHP notice when deleting a poll for a thread started by a guest
• Include breadcrumb in edit history view and compare templates.
• Pass unused $ellipsis variable into wholeWordTrim.
• Prevent long select options from causing overflow on iOS.
• Enable the HTML to BB code simplification process to handle additional situations
• Resolve some situations where the new messages indications while composing a reply wouldn't take you to the expected location.
• Validate advertisement html before saving.
• Prevent tel/sms links being converted to bbcode
• Remove the insert icode option when extended text formatting is disabled. Allow end user modification to the "allow this BB code in signatures" option on add-on-defined custom BB codes.
• Call the canPurchase method instead of can_purchase in UserUpgrade::getFilteredUserUpgradesForList.
• Correctly combine multiple custom field-related limits to the user and thread searchers.
• Correctly apply the "not in secondary groups" user search condition (users cannot be in any of the listed groups).
• When building a release and testing a JSON, only consider an error if decoding the build.json does not return an array.
• When submitting spammers to StopForumSpam, convert binary IP address to readable string.
• When saving style templates through the admin UI, force version/last_edit_date to be updated like XF 1.x
• When merging threads, always redirect to the target thread.
• Fix currency code for Belarusian Ruble (BYR => BYN)
• No longer cache the preview container object in the PreviewClick handler. If there are multiple handlers per page, the cached container becomes incorrect if using different handlers.
• When form filling, if the control is a textarea with a textarea-handler, trigger its update method to ensure the textarea is resized appropriately.
• Prevent an array-to-string conversion when throwing a bulkInsert exception if a missing column is detected.
• Ensure that the user following cache cannot include your own user ID.
• Add missing mod_log.thread_poll_reset phrase.
• Attempt to exclude dot files/directories from our vendor dependencies.
• Number boxes are too wide and cause units to overflow their container, fixed with max-width.
• Add "Please do not reply to this message" text to outgoing conversation emails.
• Reassign user group changes when merging users
• Ensure PasswordChange service errors on any UserAuth error.
• Fetch more threads for new threads widget
• Ensure exceptions in sub-processes stop execution, and always exit with non-zero error code on error.
• Make Disabler system compatible with select options.
• Ensure FieldAdder handles Disabler elements correctly
• Ensure prefix of destination thread is shown in moved post alert.
• Trigger change event on select when prefix selected
• Remove the "mixed" stuff from CodeMirror's PHP mode so that the opening tag is no longer required.
• Update broken link to Apple support in cookie help page text (and in XF 1.5).
• Adjust top border radii of blocks within overlays.
• Allow non-user selectable styles to be used for the email style. Also, add several email-related style properties to allow email colors to be overridden more directly, without creating a new style.
• Implement a "notice watcher" system for bottom fixed notices. This calculates the total visible notice height in the bottom fix location and adds a footer margin to the same value so that no content can be covered by the notice(s).
• Adjust how we parse search query modifiers to be more strict. (- and + require whitespace before and none after, | requires whitespace on both sides. Don't parse doubled up modifiers.)
• Adjust trophies phrase capitalization
• Include no_date_limit in the rel=canonical link for forums when needed
• Attempt to reduce cases where conversation reply_count values could potentially get out of sync. Allow the reply count and other parts to be rebuilt via the conversation rebuild tool.
• By default, reject email addresses as invalid if there are no dots in the domain part.
• Add a bit of left padding on contentRow-suffix elements.
• Include the forum a thread is in in the RSS feeds (only for global feeds)
• Fix add-on development data not being removed as expected when the last entry of a type has been removed. (The metadata JSON file must still exist.)
• Relax URL validation a tiny bit, notably don't block adjacent path separators in the path section.
• Ensure phrase is escaped in HTML attribute.
• Ensure usage of phrase within HTML attribute is escaped.
• In the AbstractSearcher ensure that the day end value is converted properly to the end of the day.
• Never allow the XF add-on to appear in add-on lists.
• Handle avatar deletes via the spam cleaner for gravatars too.
• Make add-on action finalization more robust when uninstalling legacy add-ons.
• When importing dev output, ignore any invalid columns.
• Add some block border radius to the member header block so that it fits within its parent block.
• Ensure permissions are rebuilt on add-on active change.
• Update child navigation entries directly when the parent ID changes to ensure dev output is written correctly.
• Use the correct maxlength value for the public navigation structure. Additionally, bump AdminNavigation ID lengths up to 50 from 25.
• Add support for partial indexes to schema manager conflict resolution system
• Fix multiple issues that make it hard to use XF\Import\Data\AbstractEntityData
• Consistently use code paths which result in the canView method of the report entity (rather than the handler) being used.

Сегодня мы выпускаем XenForo 2.0.9 для решения проблемы безопасности из-за потенциальной уязвимости (XSS), которую мы обнаружили. Мы рекомендуем всем пользователям, работающим с XenForo 2.0 обновиться до версии до версии 2.0.9, как можно скорее.

Имеется очень большое количество изменений, большинство из которых являются исправлениями, и многие из них останутся незамеченными, но вот некоторые основные моменты:
Поиск в панели управления администратора теперь поддерживает практически все типы контента и навигационные области, а также поддерживает навигацию вверх/вниз/ввод для кнопок на клавиатуре, так что в сочетании с ярлыком клавиатуры / его полностью можно использовать без мыши.

XenForo redirects для vBulletin (XF301VB) - это плагин, рекомендуемый для использования всеми, кто выполнил импорт из vBulletin. Система позволяет осуществлять плавную переадресацию с любого поддерживаемого URL, сгенерированного vBulletin версии 3, 4 и 5, включая "дружественные" URL-адреса. Это дополнение легко настраивается и полностью задокументировано в руководстве по XenForo 2.

Чтобы помочь нам планировать будущие версии XenForo, включая XenForo 2.1, мы также добавили новый процесс в этот релиз, чтобы собрать определенную статистику с Вашего сервера. На данный момент эти статистические данные включают в себя только вашу версию PHP, версию MySQL и версию XF. Эти статистические данные являются полностью анонимными и не могут использоваться для идентификации какого-либо сайта, лицензии или клиента. Если в какой-то момент в будущем мы изменим данные, которые будут собраны, мы сообщим Вам об этом. При обновлении до XF 2.0.2 Вам будет предоставлена возможность отказаться от сбора статистики. Вы также можете включить или отключить эту функцию в разделе "Настройки" > "Статистики и метрики".

Спойлер: Исправлены следующие ошибки:

• Масштабное обновление импортёра vBulletin и исправления, которые устранили следующие ошибки:
  • Double UTF8 conversion and text handling issues are now resolved
  • Performance is dramatically improved for the vB5 importer
  • vB4 blog attachments are now handled (and in fact, importing from vB4 with blog into XF2 will actually recover the vB3-blog attachments that went missing when you upgraded to vB4!)
  • Previously missed content is now fetched
  • vB5 conversations are properly imported
• Улучшена совместимость со стандартами schema.org
• Image resizing errors fixed
• Improved handling of legacy user upgrade purchases
• Improved purchase cancellation handling
• Added missing code language phrases
• Improved keyboard shortcut handling
• Fixed canonicalisation of URLs under IIS
• Fix for webkit browsers related to h-scroller
• Display of attachments in quick thread fixed
• Fixed handling of AJAX filtering when no results are returned
• Fixed Tweet embed handling
• Fixed potential infinite loop in the colour picker system
• Improved IE flexbox handling
• Fixed reference to non-existent post_above ad position
• Support for setting javaScriptUrl in config.php
• Fixed post edit history handling
• Handle spam-cleaner-deleted users better
• Fixed error relating to moving deleted/moderated posts
• Added an index on xf_conversation_master.start_date for improved performance
• New filters zerofill() and pad() available in the Templater
• Twitch media embed handling improved
• Fixed calls to CONVERT (%s USING utf8) to use utf8mb4 when necessary
• Fixed invisible thread prefixes imported from XF1 to be visible
• Add-on releases can now include .htaccess files
• Fixed select-to-quote tooltip for mobile browsers
• Редактор Froala обновлён до версии 2.7.4, исправлено множество ошибок

Были изменены следующие шаблоны:

• PAGE_CONTAINER
• app.less
• app_body.less
• approval_item_resource_version
• base_custom_field_list
• bb_code_preview
• conversation_message_macros
• core.less
• core_hscroller.less
• core_labels.less
• core_tooltip.less
• editor_base.less
• forum_post_quick_thread
• google_analytics
• helper_action
• helper_criteria
• helper_user_search_criteria
• import_index
• import_step_config_vbulletin
• log_sitemap_list
• log_spam_cleaner_list
• log_spam_cleaner_restore
• member_stat_edit
• message.less
• node_list.less
• option_macros
• option_template_registrationWelcome
• payment_profile_paypal
• post_macros
• thread_view
• tools_rebuild
• user_title_ladder_list
• user_upgrade_active_downgrade
• user_upgrade_manual
• widget_members_online

XenForo 2.0 - это значительное обновление с 1.x. Плагины и изменения, сделанные в XenForo 1.x, не будут совместимы. Настройки стилей должны быть отменены и не будет поддерживаться после обновления. Мы настоятельно рекомендуем сделать резервную копию перед попыткой обновления.

Системные требования:
Обратите внимание, что XenForo 2.0 имеет более высокие требования к системе, чем XenForo 1.x. В ближайшее время мы обновим скрипт проверки совместимости. Ниже приведены минимальные требования:

• PHP 5.4 или новее
• MySQL 5.5 и новее
• Все официальные плагины требуют XenForo 2.0.
• Enhanced Search требует последнюю версию Elasticsearch 2.0.

Были изменены следующие шаблоны:

• account_avatar
• account_two_step
• account_visitor_menu
• app.less
• bb_code.less
• bb_code_tag_code
• connected_account_associated_facebook
• connected_account_macros
• conversation_list
• core.less
• core_blocklink.less
• core_button.less
• core_input.less
• custom_field_macros
• edit_history_index
• edit_history_view
• editor.less
• editor_base.less
• forum_new_posts
• notice_email_bounce
• payment_cancel_recurring_paypal
• profile_post_comment_edit
• quick_reply_macros
• register_macros
• thread_view
• watched_threads_list