XOOPS Cube Legacy "Package_Legacy" & "XCube core" Changelog ---------------------------------------- 2009/04/05: Package Revision 2.1.7 RC ---------------------------------------- [Bug Fix - From Bug Tracker] - Fix Bug #2491813 - SmileEditAction include multi byte comment. - Fix Bug #2491817 - SmileEditAction cannnot delete old file. - Fix Bug #2591041 - Typo Legacy_PublicControllerStrategy.class.php. - Fix Bug #2642879 - javascript error in admin area. - Fix Bug #2642959 - SQL Error in Legacy_Updater. - Fix Bug #2658360 - doubtful escaping in quoteString() - Fix Bug #2666693 - Error in /XUpgrade/admin/class/UpgradeProcessor.class.php - Fix Bug #2686374 - Bugs in class.phpmailer.php v2.0.2 (Updated PHPmailer to v2.0.3) - Fix Bug #2690736 - typo: X_ITEM_TILE (X_ITEM_TITLE?) default_notify.tpl - Fix Bug #2690739 - typo in /install/include/functions.php, line 38 - Fix Bug #2696701 - user_lostpass.html email maxlength too short - Fix Bug #2699408 - Specify 2nd argument of mysql_real_escape_string(). - Fix Bug #2724748 - XoopsMemberHandler::getUserByEmail() cannot get user object. [Bug Fix - From "XCube" Bug Tracker] - Fix Bug #2656854 - XC_CLASS_EXISTS loops infinity. - Fix Bug #2635869 - Abstracts difference of class_exists between two versions. [Patches - From Feature Request Tracker] - Request #2642992 - exclude extra trim() - Request #2662922 - DB Layer can be overridden. - Patch #2697022 - Package_Legacy\html\ - new portuguese translations - Patch #2697034 - extra_languages\ - new pt_utf8 translations - patch #2697044 - missing: XUpgrade and system pt language files - Patch #2701060 - Path disclosure in xoopsmailerlocal.php (pt_utf8) - Patch #2701140 - legacyRender: update for Portuguese Files [Other Changes/Enhancements] - Request #2682887 - MySQL Database Connection should specify the client_flags - Legacy Controller class provides LEGACY_MODULE_VERSION constant as phpversion. [Staff] - GIJOE - Gusagi - Hxrr - Marijuana - Mikhail - Minahito - Mumincacao - Onokazu - Roger - Salamander - Tohokuaiki - Tom_G3X ---------------------------------------- 2009/04/02: Package Revision 2.1.6a ---------------------------------------- [Bug Fix - From Bug Tracker] - Fix Bug IPA#74747784 / JPCERT#95042060 - XSS weakness - Fix Bug #2350320 - Possibility of script injection in ErrorHandler::show. ---------------------------------------- 2008/11/21: Package Revision 2.1.6 ---------------------------------------- [Bug Fix - From Bug Tracker] - Fix Bug #1833191 - lisense message of installer - Fix Bug #1865695 - XoopsToken Not in use. at legacy_comment_navi.html - Fix Bug #1978064 - users_group_link doesn't have unique key - Fix Bug #2014727 - Removed template variable code that is assigned many times. - Fix Bug #2015589 - genId typo in some handlers in kernel. - Fix Bug #2018226 - It's impossible to choose portuguese in the installer - Fix Bug #2018271 - ThemeListAction.class.php resulting Warning and Fatal Error. - Fix Bug #2018281 - xoopsmailer.php - path disclosure vulnerability. - Fix Bug #2018284 - path disclosure vulnerability in greek\charset_mysql.php. - Fix Bug #2018956 - xoops_redirect parameter: path disclosure vulnerability. - Fix Bug #2019640 - invalid / unnecessary files in portuguese translation. - Fix Bug #2019660 - "MSN" no longer exists. Replace with "Windows Live ID" - Fix Bug #2028663 - Update Callback is not called at pending comments approval - Fix Bug #2062535 - css.php doesn't work perfectly. - Fix Bug #2073613 - Problem of parse_url(). - Fix Bug #2084802 - Users' posts should not be increased at the control panel - Fix Bug #2101729 - Typo comment in Legacy_ModulePhasedUpgrader - Fix Bug #2115390 - GPL V2 License Link is changed - Fix Bug #2115634 - $db->query() cannot handle only limit query. - Fix Bug #2121388 - Missing translation in japanese language file. - Fix Bug #2123870 - register.php :: missing user_mail_ok - Fix Bug #2129194 - A typo of SID's connector in redirect_header - Fix Bug #2178519 - "showall" of the search feature doesn't show correct URL - Fix Bug #2173864 - ModuleInstaller set invalid group permission. - Fix Bug #2200366 - Cannot set block_read permission. - Fix Bug #2205261 - A typo in user activation - Fix Bug #2201567 - Some mistakes in japanese and ja_utf8 - Fix Bug #2209139 - JVN#20502807 - Fix Bug #2216013 - Doesn't assign reference in groupperm.php - Fix Bug #2235005 - User_RegisterEditForm includes needless fields - Fix Bug #2282727 - Controller cannot parse request path on IIS - Fix Bug #2283070 - XoopsObjectGenericHandler cannot insert/update null value. [Bug Fix - From "XCube" Bug Tracker] - Fix Bug #2225372 - Bug in delegate signature checking - Fix Bug #2232981 - Slight typo on error [Other Changes/Enhancements] - Patch #2062644 - Re-draw /html/images - Patch #2120194 - Smarty 2.6.19 & phpmailer 2.0.2 - Patch #2223209 - simplified Chinese language file - Some URLs description was changed for new lisence URLs. - The Kick Start Guide was translated for Japanese. [Staff] - 10key - argon - GIJOE - gusagi - hypweb (nao-pon) - kilica - Marijuana - masarap - Mikhail - minahito - mumincacao - nor - okuhiki - ohwada - onokazu - orrisroot - pcboy - sacchan - slayer_cg - suin - tohokuaiki - tomoro - Tom_G3X ------------------------------------- 2008/7/29: Package Revision 2.1.5 ------------------------------------- [Bug Fix - From Bug Tracker] - Fix Bug #1950018 - charset Problem in css.php - Fix Bug #1950017 - PathDisclo in legacyRender/admin/css.php - Fix Bug #1944713 - PATH Disclosure ? in Legacy_Controller::_parseUrl() - Fix Bug #1939992 - Invalid xhtml templates in legacy module. - Fix Bug #1938443 - ID is multiple defined in TplsetList - Fix Bug #1924223 - The request which includes URL cannot be processed. - Fix Bug #1971682 - Could not read PM from a removed user. - Fix Bug #1971718 - cookie path always becomes '/'. - Fix Bug #1987219 - Remove invalid files from the extra directory. - Fix Bug #1989801 - cleanup to notice reference variable in class/tree.php. - Fix Bug #1990481 - Invalid Regexp at User_AbstractUserEditForm class. - Fix Bug #1992732 - $xoopsConfig doesn't referer mXoopsConfig in some cases. - Fix Bug #2003440 - X_UACTLINK is missing used in some languages. - Fix Bug #2008857 - user level empty when editing user whose level not in 0,1,5 - Fix Bug #2010090 - Missing Content-Type in MailHeader by #1729813. - Fix Bug #2011775 - When a user deletes his account, principal is not created. - Fix Bug #2017164 - Can't register new account by #2011775. [Other Changes/Enhancements] - Patch #1868259 - add alt to smaily icons@legacy_xoopsform_opt_smileys.html - Patch #1897607 - html/install/include/functions.php - Patch #1961603 - portuguese translations: bug fix and enhancements. - Patch #1992777 - xoopsmailerlocal.php for zh-tw. - Patch #2011199 - Czech message catalog for XCL. - Patch #2016023 - Package Legacy 215rc patch FR and PT typo. - (Exception Patch) Improve LostPassAction. [Staff] - aaki - fugafuga - GIJOE - gusagi - JardaR - jidaikobo - kilica - marijuana - MAT - mikhail - minahito - nbuy (aka nobu) - nobunobu - okuhiki - onokazu - tohokuaiki - Tom_G3x ------------------------------------- 2008/3/22: Package Revision 2.1.4 ------------------------------------- [Bug Fix - From Bug Tracker] - Fix Bug #1779754 - cannot POST extraParams on XOOPS Comment integration - Fix Bug #1833191 - [lang] lisense message of installer - Fix Bug #1867504 - showall anchor text must be urlencoded (Search Func) - Fix Bug #1868269 - Notice[PHP] at japanese/xoopsmailerlocal.php - Fix Bug #1880410 - Too strict checking for block's weight - Fix Bug #1887557 - XoopsObjectGenericHandler::getCount has doesn't use variable - Fix Bug #1888226 - Bio in users table doesn't use Validator - Fix Bug #1895776 - Installer settingmanager.php - Fix Bug #1897588 - Language misrecognition on Install - Fix Bug #1899424 - Could not work sort perfectly in image manager - Fix Bug #1899947 - 2nd Installer never activate blocks - Fix Bug #1908649 - missing file_exists arg in helpimage modifiers - Fix Bug #1901153 - tell a friend doesn't work - Fix Bug #1901334 - Wrong module version display in the module list - Fix Bug #1904092 - redirect_header failed keep session - Fix Bug #1908539 - Smarty "regex_replace" Modifier Template Security Bypass - Fix Bug #1885392 - Cannot get cookiePath rightly - Fix Bug #1897588 - Language misrecognition on Install - Fix Bug #1897089 - xoops_redirect argument too match escape - Fix Bug #1804621 - admin.php + mainfile writeable = path disclosure vulnerabili - Fix Bug #1900435 - ClickableConvert miss email address - Fix Bug #1911181 - The danger where session ID leaks exists - Fix Bug #1911191 - $GLOBALS['xoopsTpl'] is overwritten - Fix Bug #1912990 - Use REQUEST_URI instead of PHP_SELF - Fix Bug #1914480 - default_charset in the installer - Fix Bug #1914552 - Adding DEFAULT CHARACTER SET into installer ( -> Revert this patch. ) - Fix Bug #1905910 - Wrong dependencies in templates for 2nd Installer [Bug Fix - From "XCube" Bug Tracker] - Fix Bug #1833146 - Typo : "Lisence" on Xcube_Theme.Class.php - Fix Bug #1835831 - Locale namespace - Fix Bug #1902823 - Controller cannot set extra root path at site config? - Fix Bug #1738936 - Mail address which conforms to RFC2822 is refused Validation [Patches - From Feature Request Tracker] - Request #1905593 - Needs IsReverseProxy in site_default.ini.php - Request #1898144 - Modifying 2nd Installer [Other Changes/Enhancements] - Added Traditional Chinese Message Catalogs (language pack). - Patch #1875606 - Added Portuguese Message Catalogs (language pack by Mikhail Miguel) - Patch #1897498 - Password charactor check [Staff] - Gigamaster (xoopserver) - GIJOE - gusagi - hiro1173 - jidaikobo - kilica - Mikhail - minahito - mumincacao - nbuy (aka nobu) - nobunobu - okuhiki - tohokuaiki - tokitam - tom_g3x - wanderer ------------------------------------- 2008/1/5: Package Revision 2.1.3 ------------------------------------- [Bug Fix - From Bug Tracker] - FIX Bug #1833172 - A compatible problem of Admin textarea StyleSheet - Fix Bug #1818826 - showallbyuser links to showall (Search function) - Fix Bug #1800095 - XOOPS_URL . "./viewpmsg.php" (TYPO) - Fix Bug #1709883 - TFatal error on ShadeSoap_NusoapServer - Fix Bug #1709881 - Blank screen of dead, when the theme doen't exist - Fix Bug #1833213 - "/register.php? Action=UserRegister "with redirect error - Fix Bug #1801906 - In IPbanningFilter, the Regular expression doesn't work - Fix Bug #1830755 - Typo in french installer translation - Fix Bug #1800075 - ini_set( 'mbstring.func_overload', 0) doesn't give effect - Fix Bug #1806969 - Fatal error of User_UserRegister_confirmAction - Fix Bug #1852823 - legacy_xoopsform_dhtmltextarea.html missing getExtra - Fix Bug #1852239 - Legacy_TextFilter.class.php Escape isn't completed - Fix Bug #1852242 - japanese/global.php encode bug - Fix Bug #1818803 - EditUser displays PM option, whether PM mod is active [Bug Fix - From "XCube" Bug Tracker] - Fix Bug #1852244 - XCube_PageNavigator can't work reference variables perfectly - Fix Bug #1786674 - return value in ArrayProperty of XCube_ActionForm - Fix Bug #1807245 - Typo : XCube_Controller.class.php - Fix Bug #1807263 - Unreachable Code : XCube_PageNavigator.class.php - Fix Bug #1835532 - Namespace of XCube_Session is Legacy? - Fix Bug #1795564 DOA: set() for String/Text Property - Fix Bug #1856634 - Sigunature checker of XCube_Delegate doesn't work completely [Patches - From Feature Request Tracker] - Request #1789833 - The user indication number of "Assign a member" - Request #1718508 - User Data Protection (extra-preload) - Request #1718516 - Add a new delegate for "Keep username after account deletion visible" - Request #1845295 - Assign block id to template - Request #1856594 - Skip Duplicated blocks on update the module [Other Changes/Enhancements] - Patch #1820991 - Russian Language files ------------------------------------ 2007/ 9/29: Package Revision 2.1.2 ------------------------------------ [Bug Fix - From Bug Tracker] - Fix Bug #1713628 - Custom Session is not available - Fix Bug #1719025 - Search func of XC Legacy doesn't work properly - Fix Bug #1719891 - ModuleUpdate can't handle $modversion['blocks'][0] perfectly - Fix Bug #1721593 - Some bugs of Comment Management! - Fix Bug #1722319 - GroupPerm Action doesn't list up any Custom block! - Fix Bug #1729813 - some bugs in xoopsmailerlocal.php - Fix Bug #1730013 - Bugs related to image management/manager - Fix Bug #1733843 - Some bugs of GroupPermAction.php - Fix Bug #1733844 - Some bugs related with GroupPermAction - Fix Bug #1734677 - Fatal Error in GroupDeleteAction.php - Fix Bug #1748531 - Block Weight parameter's max value is 255 - Fix Bug #1738481 - small typo in notification from X2 - Fix Bug #1738590 - typo Legacy_ModuleInstallUtils - Fix Bug #1743994 - Missing ':' in legacy admin stylesheet - Fix Bug #1748531 - Is max of block weight 255 ? - Fix Bug #1748545 - The ImgUploader leaves an old file at ImageEdit - Fix Bug #1749522 - Bugs Lost your Password - Fix Bug #1751030 - Raise notice on Legacy_Controller::_setupConfig() - Fix Bug #1758828 - TYPO UserSearchFilterForm.class.php. - Fix Bug #1762017 - Banners at some settings are moved to finishbanner soon - Fix Bug #1763398 - Argument miss in Legacy_ModuleInstallUuninstallBlockTemplate. (Patch from tohokuaiki) - Fix Bug #1766227 - mb_language() receive invalid value - Fix Bug #1767396 - XoopsMailer::send() doesn't need flush() - Fix Bug #1768449 - FF2.0 could not load CSS in the control panel - Fix Bug #1769765 - xhtml violation: id repeated - Fix Bug #1769768 - The language file is not read in ImageUploadForm.class.php - Fix Bug #1770825 - Can't use EditAvatar in some case - Fix Bug #1783113 - Missing flag check in CacheInformation::hasSetEnable(). - Fix Bug #1786123 - Banner impressions are increased always. - Fix Bug #1789875 - XoopsDatabaseFactory is not singleton - Fix Bug #1797641 - "@include" in mainfile.php hides the cause of bugs - Fix Bug #1797651 - Normal users cannot logout when site is closed - Fix Bug #1803005 - Session is killed at editing preferences of legacy - Adjusted Bug #1709886 - Can not login through SSL [Patches - From Feature Request Tracker] - Patch #1744593 - Add block-edit link to each block at group-admin - Patch #1782041 - admin::user_edit.html patch - Patch #1784585 - Admin can not edit user's avatar [Other Changes/Enhancements] - Update French language pack (message catalog) UTF-8 edition ------------------------------------ 2007/ 6/19: Package Revision 2.1.1 ------------------------------------ [XCube Core Bug Fix - From Bug Tracker] - Fix Bug #1719020 - XCube_HttpRequest should not use $_REQUEST. - Fix Bug #1712718 - Operation when 'class.php' is included in the file name. [Bug Fix - From Bug Tracker] - Fix Bug #1739508 - typo(Legacy_Utils.class.php ) - Fix Bug #1736295 - Command injection of phpmailer - Fix Bug #1734678 - TYPO ( BlockEditAction.class.php ) - Fix Bug #1734677 - Fatal Error in GroupDeleteAction.php - Fix Bug #1734676 - Garbage in customblock_edit.html - Fix Bug #1734674 - tiny bugs in GroupPropertyAction - Fix Bug #1731829 - TYPO Lagacy_AdminRenderSystem.classlphp - Fix Bug #1730013 - Bugs related to image management/manager - Fix Bug #1730012 - Some TYPOs in Legacy modules - Fix Bug #1730010 - garbage in comment_list.html - Fix Bug #1727006 - TYPO in legacy_search_results.html (Duplicate #1723406) - Fix Bug #1725379 - Module Update problem - Fix Bug #1724892 - NOT define errorMsg in admin's stylesheet - Fix Bug #1723899 - Bug of MailjobEdit Action - Fix Bug #1723898 - Bug of UserSearchList Action - Fix Bug #1723893 - Legacy_Module.class.php - Fix Bug #1723891 - Legacy_TextFilter.class.php - Fix Bug #1723406 - Typo of search template - Fix Bug #1722161 - NOT output echo statement - Fix Bug #1721051 - Bug of CommentEdit Action - Fix Bug #1720139 - Bug of UserView Action of User Management - Fix Bug #1720502 - legacy_search_showall.html : link error (Dupticate #1719025) - Fix Bug #1719057 - calling $root in legacy/language/*/global.php - Fix Bug #1719026 - TYPO in comment_delete.html - Fix Bug #1713629 - TYPO in imagecategory form - Fix Bug #1712901 - style.cursor error - Fix Bug #1712563 - not carried escap of url to admin theme and sidemenu - Fix Bug #1710643 - Can't render [size=xx-small][/size] tag [Patches - From Patch Tracker] - Patch #1726645 - Legacy >> Language >> english >> admin.php - Patch #1719822 - japaneseutf [Other Changes/Enhancements] - Package_Legacy got Korean language files (EUC-KR & kr_utf8). - Package_Legacy got ja_utf8 language files. (patch #1719822) - Preference of Legacy got to take languages files including number characters. - Package_Legacy got Greek language files. - Package_Legacy got French language files (french & fr_utf8). - Package_Legacy got Traditional Chinese language files. - Legacy module's help image files are replaced more better files.