CHANGELOG.md 158 KB

1.12.9 (2016-03-06)

Contributors

  • Steve Clay (7)
  • Ismayil Khayredinov (2)
  • Jerôme Bakker (1)
  • Juho Jaakkola (1)

Bug Fixes

  • cache: internal Stash pool wrapper works again (ddc254e4, closes #9374)
  • css: buttons no longer get cropped in admin context (298ae0a8)
  • groups: correctly format the remove user from group menu item (8fdf21f5)
  • http:
    • cache handler sends 304 responses more reliably (873be892, closes #9427)
    • more resources sent with explicit UTF-8 charset (036a82bd, closes #9345)
    • make sure all pages/JS/CSS sent with explicit UTF-8 charset (3dab7d10, closes #9345)
  • js: AMD view filter handles short view names without / (c9ca8329)
  • search: eliminate 6 notices in search_users_hook (87b7011b)
  • settings: do not emit errors if form fields are not present (9f5111c9)
  • web_services: reject requests for unavailable formats (04aeaf7d, closes #9410)

1.12.8 (2016-01-31)

Contributors

  • Ismayil Khayredinov (1)
  • Juho Jaakkola (1)
  • Steve Clay (1)

Bug Fixes

  • access: fixes guid column name in metadata queries (b3427ccc)

1.12.7 (2016-01-03)

Contributors

  • Steve Clay (4)
  • Ismayil Khayredinov (1)
  • Juho Jaakkola (1)

Bug Fixes

  • logging: Log messages no longer discarded (5020c525, closes #9244)
  • menus: stricter type validation in menu item registration functions (c5554a75)
  • php: Suppress mysql_connect() deprecation warnings for core (40fe0a8f, closes #9245)
  • session: Session is again available in the shutdown event (2409d346, closes #9243)

1.12.6 (2015-12-14)

Contributors

  • Ismayil Khayredinov (4)
  • Juho Jaakkola (1)
  • Steve Clay (1)

Bug Fixes

  • a11y: display aalborg mobile site menu toggle in more browsers (e96f0798, closes #9110)
  • actions: send error HTTP header from action forward hook (d3344de7, closes #9027)
  • entities: update attribute when assuming container_guid value (a21dd95e, closes #8981)
  • menus: make sure entity passed to user hover menu hook is a user (f5bbcc65)
  • output: fixes handling of untrusted URLs in output/url (217e4df6, closes #9146)

Breaking Changes

  • Plugins that customized .elgg-button-nav (or the spans inside) will need to be altered. The .elgg-icon CSS is left in place but will be removed in Elgg 2.0. (e96f0798)

1.12.5 (2015-11-29)

Contributors

  • Steve Clay (5)
  • Juho Jaakkola (4)
  • Ismayil Khayredinov (3)

Performance

  • river: no longer needlessly render river responses (97df230f, closes #9046)

Bug Fixes

  • files: make sure method is callable on a concrete object instance (740d3108, closes #9010)
  • i18n: avoids using mbstring.internal_encoding in PHP >= 5.6 (c0ff79de, closes #9031)
  • memcache: don't store a copy of $CONFIG in file objects (beb90891, closes #9081)
  • pages: removes deprecated notices regarding input/write_access (fdcab74b, closes #8327)

1.12.4 (2015-09-20)

Contributors

  • Steve Clay (3)
  • Juho Jaakkola (2)
  • Matt Beckett (2)

Documentation

  • entities: Docs for type/subtype and associated ege() options (eb0e53fc)
  • releases: Manually check lang files for PHP errors before release (040079b7, closes #8924)

Bug Fixes

  • pages: Prevent public "Missing access level" in write access field (4174b774, closes #8905)
  • relationships: can now prevent relationships using event handler (9a275d9c, closes #8927)

1.12.3 (2015-09-06)

Contributors

  • Ismayil Khayredinov (3)
  • Juho Jaakkola (1)

Bug Fixes

  • files:
    • $file is not always an object with originalfilename property (cf0929c2)
    • now uses filename on filestore to detect mime (ab8086a6, closes #8846)

1.12.2 (2015-08-23)

Contributors

  • Jerôme Bakker (4)
  • Evan Winslow (1)
  • Juho Jaakkola (1)
  • Steve Clay (1)

Documentation

  • entities: Better docs for fetching relationships (e0d8f793)

Bug Fixes

  • friends: site_notifications have a clickable link to the new friend (55a0f9b0)
  • groups:
    • membership request accepted has link in site_notifications (6e0d6f4a)
    • group invite has link in site_notifications (61a8484d)
    • membership request has a link in site_notifications (ba53c509)

1.12.1 (2015-08-05)

Contributors

  • Evan Winslow (1)

1.12.0 (2015-07-07)

Contributors

  • Steve Clay (23)
  • Evan Winslow (11)
  • Ismayil Khayredinov (9)
  • Miloš (4)
  • Jeroen Dalsem (3)
  • Jerôme Bakker (2)
  • Jon Maul (1)
  • Juho Jaakkola (1)

Features

  • ajax:
    • elgg_ajax_gatekeeper for asserting resources as Ajax-only (4e0e1a5b)
    • Allows fetching form views wrapped by elgg_view_form() (ee7641c4)
  • annotations: Adds a more granular permission hook for canAnnotate (83da5f18)
  • cache: introducing a generic function to reset all caches (f526c479)
  • comments: Paging through comments/discussion replies jumps to content (b75fd8f8)
  • developers:
    • Devs can show loaded AMD modules in console (221bdf6a)
    • Adds a quick access icon for some admin settings (f22567b6)
  • events:
    • Adds static methods for returning common values (f080fed1)
    • allows dynamic method callbacks to be unregistered (08c773ba, closes #7750)
  • lightbox: More sensible handling of href options (765fcd05)
  • views: Users can jump directly to content via prev/next links (f90466c8)

Performance

  • developers: reduces boot queries when the developers mod is enabled (03aa096e)
  • engine: only update attributes/metadata if value is changed (8295e70a)

Documentation

  • ajax: Correct typo in code example (d55e4a3a)
  • code: Clarify interface naming convention (de03d372, closes #8293)
  • misc: Miscellaneous docs fixes (06e3557c)
  • permissions: Fix $params key name for permissions_check:annotate (1af6e3a2)
  • views: Better document outgoing elgg_get_view_location() (0a9059d6)
  • web_security: adds security warnings (d47fc5ed)
  • web_services: document the use of parameters in method declarations (750e31b9)

Bug Fixes

  • embed: embed link no longer leaves the page before events are set up (f50e9aa3, closes #8284)
  • http: More appropriate exception responses (e28f37e6, closes #6228, #8360)
  • legacy_urls:
    • adds missing forwarder for groups/forum/$guid (2b555f88, closes #8493)
    • unset __elgg_uri to prevent infinite loops (0c7687ac, closes #8494)
  • profile: Avatar cropper again can be moved immediately after uploading image (d8cf51b7, closes #8449)
  • relationships: Invalid relationship names throw properly (ac976e23)
  • search: Search treats "0" as a valid query (af58fa5d)
  • ui: prevent button jumping on widget add panel toggle (088de48d)
  • web_services: no longer uses deprecated export global (3a818d2b)

Deprecations

  • views:
    • elgg_get_view_location is going away in 2.0 (b4347fb4)
    • Support for custom template handlers will end soon (0dc67698)

1.11.5 (2015-12-13)

Contributors

  • Steve Clay (1)
  • Juho Jaakkola (1)

Bug Fixes

  • views: Sticky values now get passed into views extending register/extend (Fixes #8873)
  • memcache: don't store a copy of $CONFIG in file objects (Fixes #9081)

1.11.4 (2015-07-07)

Contributors

  • Ismayil Khayredinov (7)
  • Evan Winslow (5)
  • Miloš (4)
  • Steve Clay (4)
  • Jeroen Dalsem (1)

Documentation

  • misc: Miscellaneous docs fixes (06e3557c)
  • permissions: Fix $params key name for permissions_check:annotate (1af6e3a2)
  • web_security: adds security warnings (d47fc5ed)
  • web_services: document the use of parameters in method declarations (750e31b9)

Bug Fixes

  • legacy_urls:
    • adds missing forwarder for groups/forum/$guid (2b555f88, closes #8493)
    • unset __elgg_uri to prevent infinite loops (0c7687ac, closes #8494)
  • profile: Avatar cropper again can be moved immediately after uploading image (d8cf51b7, closes #8449)
  • relationships: Invalid relationship names throw properly (ac976e23)
  • ui: prevent button jumping on widget add panel toggle (088de48d)
  • web_services: no longer uses deprecated export global (3a818d2b)

1.11.3 (2015-06-14)

Contributors

  • Steve Clay (6)
  • Evan Winslow (4)
  • Juho Jaakkola (1)
  • Julien Boulen (1)
  • Marcus Povey (1)
  • Matt Beckett (1)

Documentation

  • code: Permit use of <?= PHP shortcut since we're on 5.4+ (453d8dcb)
  • hooks: Clarifies docs for the register, user hook (b877f61d, closes #8377)
  • install: Update cloud9 install instructions (616f2156, closes #8240)

Bug Fixes

  • IDE: Public APIs no longer marked with @internal (11ccf71c, closes #7714)
  • db: Will now validate invite codes that contain "-" characters. (6667c05f)
  • notification: Removes warning handling the email, system hook (91daee43, closes #8333)
  • relationships: Restores functionality of $inverse_relationship argument for get_entity_relationships (3cc06f11)
  • spinner: elgg/spinner delays a bit before displaying (70cfdd01, closes #8361)
  • users: admins are again able to reset user's password (2b4d599e)

1.11.2 (2015-05-25)

Contributors

  • Steve Clay (12)
  • Ismayil Khayredinov (5)
  • Evan Winslow (2)
  • Jeroen Dalsem (2)
  • Juho Jaakkola (2)
  • Ariel Abrams-Kudan (1)
  • Jerôme Bakker (1)
  • Juho Jaakkola (1)

Performance

  • views: No longer regenerates the $vars[‘user’] wrapper for each view (3c40971a)

Documentation

  • ajax: Adds more complete Ajax docs (bfbf0ff2, closes #8277)
  • amd: Overhauls the AMD docs with a lot more detailed instructions (e01996ab)
  • auth: Add basic APIs to the authentication docs (83d5f214)
  • guides: Alpha-sort the developer guides to make them more scannable (88a9d130)

Bug Fixes

  • ckeditor: also remove liststyle as a default loaded plugin (eb8235cb, closes #8195)
  • comments: Ajax-saved comments show proper server formatting (6f0f74cb, closes #8294)
  • file: Default file type icons again available in the theme sandbox (6892979f)
  • filestore: Fixed a crash when forms had a file input but no file was provided (2ada5d5a)
  • groups:
    • do not reassign container on ownership transfer if old container is not an old owner (57cf337a)
    • terminate edit action early if group can not be saved (3fe10452)
    • do not attempt to populate groups_entity table if base entity fails to save (f2cbb237)
  • menus: only display location menu item if value is string (e3a39167)
  • mysql: Use explicit ext/mysql resource in initial query/escaping (b7abe8eb, closes #8208)
  • notifications: fixed deprecation notice elgg-require-confirmation (79bf7d42)
  • river: Activity page for specific user shows that user’s owner block (5ecfe41d, closes #8257)
  • session: Remember me no longer results in occasional fatal errors (b91620c1, closes #8104)
  • ui: Checkboxes and labels are again separated by a space (1b62dd20, closes #8199)
  • widgets: validate get_list,default_widgets hook output (b1c16311)

1.11.1 (2015-04-27)

Contributors

  • Steve Clay (4)
  • Brett Profitt (2)
  • Ismayil Khayredinov (2)
  • Juho Jaakkola (2)
  • Jeroen Dalsem (1)
  • Per Jensen (1)

Documentation

  • support: Added 1.11's dates of support. (4bd3144d)

Bug Fixes

  • aalborg_theme: removes unwanted margin from elgg-list-river items (c43371b5, closes #8124)
  • access: do not use default access if access options are passed to the input view (36a4d209, closes #8219)
  • core: check for correct minimal php version in installer (fcff9e5e, closes #8196)
  • deprecation: visible deprecation errors aren't displayed to admin anymore (2311d666)
  • navigation: Links to “Comments” again link directly to the comments section (caea1ab2, closes #8227)
  • plugins:
    • Unloadable owner doesn’t WSOD displaying groupforumtopic (8a082a3c)
    • Fixes HTML toggle for CKEditor (a45c4ca4, closes #8193)
  • session: Properly assigns PHP session settings from configuration (d1ec08f3, closes #8223)
  • tags: Corrected cases of tags having leading or trailing spaces. (67addf48, closes #8123)

1.11.0 (2015-04-13)

Contributors

  • Jeroen Dalsem (50)
  • Steve Clay (37)
  • Ismayil Khayredinov (15)
  • Jerôme Bakker (11)
  • Juho Jaakkola (6)
  • Evan Winslow (3)
  • Brett Profitt (2)
  • Matt Beckett (2)
  • Paweł Sroka (2)
  • Mariano Aguero (1)
  • Per Jensen (1)
  • ray peaslee (1)

Features

  • access: notify users when access change will affect comments (09691cb1, closes #8086)
  • admin: add a warning when a physical robots.txt is present (90ec514e)
  • comments:
    • link in email notification now takes directly to the correct page (914b492d)
    • allows setting comments per page via hook (879a3ef3)
    • river comments/discussion replies go to right page (364894e2, closes #7936)
  • context: adds API to get/set the entire context stack (d7ff355b)
  • core:
    • adds handling of 400 and 403 error codes (243ca408)
    • added a new admin widget to monitor cron jobs (aeb26236)
  • db: remove access collection (membership) when an entity is removed (f67d04fd)
  • developers:
    • added userpicker with limit 1 to theme sandbox (6d3ad5cf)
    • show total DB queries in the developer screen log (defbe1cc)
    • the inspector pages show a lot more info (a4384438, closes #4540)
    • improved readability of inspect pages (a3e7f09d, closes #6484)
  • discussions: link in email notification now takes directly to the correct page (4565cc86)
  • engine:
    • added a canDelete function to the entity class (6b12e45d)
    • added a trigger to elgg_view_menu to adjust menu vars (34ad5bee)
  • externalpages:
    • replaced tabs with menu on expages edit form (d4d03d0a)
    • added a link on the edit form to view page on site (1a6d8d79)
    • added an edit button to the view of an external page (cd1c58b8)
  • file:
    • Add upload button to sidebar search pages (290c498d, closes #8110)
    • show image thumbnail in a lightbox in full view (001e27eb)
  • groups: group tool options are now checkboxes (25532a91)
  • i18n:
    • added function to check if a language key exists (9684b37c)
    • allow option to force language with an url parameter (afd9ad34)
  • icons: allow ElggEntity::getIconURL to accept an array (7281ea01)
  • js:
    • added a hook to the AMD config to control the configuration (697bb841)
    • datepicker will now show month and year selector (1945c8ba)
    • adds a fixed Ajax spinner module (dd1b5bc2)
  • login_as: Added login_as plugin as bundled with the core. (7ca66011, closes #7958)
  • navigation: add hook to filter breadcrumbs (f7cb4878, closes #6419)
  • plugins: adds several reported content features (347683c1, closes #5379, #6082, #5380)
  • security:
    • Adds component to create and validate HMAC tokens (4c1b0740, closes #7824)
    • adds events around site secret regeneration (25f177a3, closes #6252)
  • ui: allows highlighting an element whose id is found from the URL (f7dd696a)
  • views:
    • added lazy loading of user hover menu (a0267469)
    • add first and last page number to pagination (4c9c1209)
    • added the ability to translation the usersettings title (00e9efce)
    • allow providing alternative views for list items (85c22f35)
    • support for extra variables in elgg_view_icon function (67006312)
    • move logged in check to topbar view (08ae23f6, closes #6582)
    • plugin hooks can modify view $vars (d493bf93, closes #7736)
    • added support for other entity types to tagcloud block (db0d9b04)
    • added container guid support to sidebar comments block (e70f2c98)
    • add container guid support to tagcloud block (de92b4ec)
    • passes more context info to input/access and access hooks (437f9649, closes #4695)

Performance

  • entities:
  • groups: makes group invitations scalable (6088b1a7)
  • i18n: only check for admin once during getInstalledTranslations (38dae267)
  • languages: improved js caching of languages by using simplecache (ab17ee54)
  • likes: ajax load liking users and show in lightbox (7a371477)
  • plugins: removes DB query to determine if a plugin is active (0ed117d3, closes #7661)
  • search: only query DB for fulltext min and max word length once (5f6e1176, closes #6707)

Documentation

  • rst: documents new list item view parameter (a4f51701)
  • upgrading: instructs how to enable comment highlighting in custom themes (60eebdc2)
  • views: improves docs for views (365f9058)

Bug Fixes

  • access: show all readable custom access collection names to admins (fd1637f5)
  • actions: action scripts can return falsey values without causing errors (35382fce, closes #7209)
  • annotations: simplifies ege* for annotation calculations (b123f06d, closes #7398, #4393)
  • ckeditor: updated to full ckeditor package version 4.4.7 (ada19c9d)
  • comments: keep comment access_id in sync with container (066102ab, closes #7807, #NaN)
  • css: Fix size of button elements in /admin (6cb602c5)
  • developers: append the developers log as late as possible (5b0d4c65)
  • engine:
    • eliminated potential deadloops in MenuBuilder::setupTrees (3e5cf89a)
    • return original val if not a string for string_to_tag_array (1ef2b9e3)
  • file: always download as attachment when using file download action (278fe010)
  • filestore: fixes file uploading broken by the transition to Symfony HttpFoundation (d315aaaa)
  • i18n:
    • ckeditor now uses user's own language instead of the site language (aa63a911)
    • do not let empty translation arrays disable plugins (10ba5d89)
    • make sure that all potential languages are loadable with js (cfa860e6)
  • js:
    • only show editor toggle link if editor is initialized (d18f95cc)
    • increased AMD config waitSeconds to prevent timeout issues (0bd6aef6)
    • correctly define amd dependencies for input/userpicker (48f5c00a)
  • messageboard:
    • provide correct link to users messageboard (04b86f56)
    • correctly register deletePost on ajax created posts (a50dbe3e)
  • navigation: strip tags before comparing menu item text (c021e6a9)
  • notifications: correctly use elgg_log instead of error_log (43661c90)
  • profile:
    • moved topbar profile menu registration to profile plugin (2100c494)
    • adds the prepare hook for the profile page’s owner menu (1d39ff8d, closes #6085)
  • security: Eliminates auto-casting within HMAC token building (2be74f05)
  • tests: fix failing SystemMessagesServiceTest (d52515ba)
  • views:
    • show spinner when ajax loading walled garden forms (1e503da4)
    • prevent direct calls to an ajax view (3b5993bb)
    • changed text of the # more comments text in the river (f2f3c1dd)
    • view can only exist if it is string (4452b614)
    • check item instance before rendering it (f927f462)
    • always show all system messages (success and error) (01156baa)
    • added avatar classnames to menu item for consistency (d803c1aa)
    • sidebar comments block data should be consistent with page (f9e6efb2)
    • switch tagcloud blocks to list tags based on container_guid (7915a668)

1.10.6 (2015-12-13)

Contributors

  • Jerôme Bakker (5)
  • Juho Jaakkola (2)
  • Evan Winslow (2)
  • Mariano Aguero (1)
  • akudan (1)
  • Steve Clay (1)
  • Jeroen Dalsem (1)

Bug Fixes

  • views: Sticky values now get passed into views extending register/extend (e241e82e, closes #8873)
  • memcache: don't store a copy of $CONFIG in file objects (beb90891), closes #9081)
  • messageboard: provide correct link to users messageboard (Fixes #8170)
  • notifications: correctly use elgg_log instead of error_log (Fixes #8039)
  • i18n:
    • ckeditor now uses user's own language instead of the site language
    • do not let empty translation arrays disable plugins (Fixes #8116)

Chores

  • notification: no more typehint errors when sending a notificationas an ElggGroup (Fixes #7949)
  • thewire: improved error handling when removing a wire post (Fixes #7003)
  • core: catch login exceptions during password change (Fixes #7948)

1.10.5 (2015-04-05)

Contributors

  • Per Jensen (1)
  • Steve Clay (1)

Bug Fixes

  • aalborg_theme: moves unextend/extend view into init (3c5fb39b, closes #8105)

1.10.4 (2015-03-22)

Contributors

  • Evan Winslow (3)
  • Jerôme Bakker (2)
  • Juho Jaakkola (2)
  • Matt Beckett (1)
  • Paweł Sroka (1)

Bug Fixes

  • core: don't trigger delete event when you can't edit the entity (83c69c09)
  • groups:
    • respect previous modifications to the write access in group context (11b55041)
    • Hides group profile fields that don't have a value (2bb13db8)

1.10.3 (2015-03-08)

Contributors

  • Juho Jaakkola (5)
  • Jeroen Dalsem (4)
  • Ismayil Khayredinov (1)
  • Jerôme Bakker (1)
  • Matt Beckett (1)
  • Cim (1)
  • Rodrigo (1)
  • Evan Winslow (1)

Documentation

  • helpers: Adds missing underscores to elgg_get_loggedinuser* functions (02ef5d7b)
  • views: documented the difference between page/elements/foot and footer (001be7e4)

Bug Fixes

  • upgrade: reset system cache before upgrade (468d1c40, closes #6249)
  • uservalidationbyemail: only forward to emailsent page if email sent (7d8cd3b8)
  • views:
    • always add the user guid param to the usersettings/save form (9e1661d4)
    • always submit element when there are no userpicker values (61e295c9)

1.10.2 (2015-02-21)

Contributors

  • Jeroen Dalsem (16)
  • Steve Clay (6)
  • Evan Winslow (2)
  • Jerôme Bakker (2)
  • Ismayil Khayredinov (1)
  • Juho Jaakkola (1)

Performance

  • stats: more efficient get_entity_statistics() (f5ac3602)

Documentation

  • install: Move environment-specific instructions to their own pages (1b750298, closes #7834)

Bug Fixes

  • datepicker: Prevents month navigation links from overlapping with other elements (fb1596da, closes #7542)
  • groups: also delete original icon when deleting group (b8d1612e)
  • js:
    • correctly init datepicker when ajax loaded (aecc0047)
    • fixes aalborg site menu by restoring 1.9 toggle behavior (8ece7dd8, closes #7790)
    • catch global ajax errors and report to the user (dd52baeb)
  • likes:
    • only allow likes to be deleted by owner (b47f0166)
    • correctly register like button for ajax action (d56b239d)
  • messages: forward to inbox after deleting a message (015baf62)
  • metadata: metadata values returned in more reliable order (36517715, closes #5603)
  • plugins: pages with no annotation no longer cause fatal errors (ffdb908d, closes #7793)
  • profile: consider potential split db in profile icondirect (bd8f3aed)
  • search:
    • prevent search form submit if empty query (becd5ba2)
    • correctly split search words on multiple spaces (2bde4af1)
    • only query user metadata if there are profile fields (6cdafa10)
  • ui: using site menu too early no longer results in 404 page (b11acee5, closes #7861)
  • views:
    • use named keys when registering meta tags and links in head (2cbaa770)
    • improved check on non existing array keys (bfc65a68)
    • adds excerpt to comments and discussions in activity context (4e09115a)
    • deprecated notice no longer shows up in the wrong version (3fcbee3f)
    • use correct page offset for divisors that have a modulo (cdc85dca)

1.10.1 (2015-01-26)

Contributors

  • Steve Clay (10)
  • Jerôme Bakker (2)
  • Ismayil Khayredinov (1)
  • Juho Jaakkola (1)

Documentation

Bug Fixes

  • blog: correctly handle the archive listing if there is no archive (71fbf79f)
  • css: add missing selector prefix (af3f003d)
  • http: don’t allow plugins to bypass a forward() call (ac2d9f1e, closes #7637)
  • notifications:
    • email replies again have “Re:” in subjects (632c57d3)
    • correctly unregister the default notifications save function (f2adb5e2)
  • plugins:
    • discussion replies no longer missing/reversed order on river (78af4b69, closes #7801, #7668)
    • re-hides the likes button for groups (f57d6ef8, closes #7724)
    • eliminates notices for missing GET keys in profile icon (98fb967d)
    • Eliminates deprecation notice on file plugin objects (a0240add, closes #7761)
  • travis: eliminates composer install failures (f96ea171)

1.10.0 (2015-01-11)

Contributors

  • Paweł Sroka (12)
  • Per Jensen (3)
  • Steve Clay (3)
  • Evan Winslow (2)
  • Arsalan Shah (1)
  • Juho Jaakkola (1)

Features

  • security: No longer ship with vendors that have security advisories (b193ebcf, closes #7738)
  • test: Added rewrite rules for builtin PHP cli server execution (a0ff98e2)

Documentation

  • nginx: Added sample nginx configuration and moved sample configs to install/config/ (dbcd7548)
  • requirements: Updated PHP version used in docs as requirement to 5.4 (5f4f8eea)

Bug Fixes

  • CSS: adds margin between a file's text and image (261e92b4, closes #7712)
  • amd: Added coverage tests and fixed minor bugs. (6250fd76)
  • blog: adds missing class to preview button (be3b559b, closes #7706)
  • http: Send a minimal 404 header for /favicon.ico requests (b8c8a280, closes #7261)
  • settings: It's again possible to set user specific setting for a plugin (80e0c904)

1.10.0-rc.1 (2014-12-15)

Contributors

  • Evan Winslow (64)
  • Steve Clay (30)
  • Jeroen Dalsem (24)
  • Per Jensen (10)
  • Jerôme Bakker (9)
  • Paweł Sroka (7)
  • Ismayil Khayredinov (5)
  • Matt Beckett (3)
  • Juho Jaakkola (1)
  • Jeff Tilson (1)
  • Bruno (1)
  • Satheesh PM (1)
  • Sem (1)

Features

  • aalborg_theme:
    • adds support for alert messages (2e410f71)
    • adds visual difference between submit and action buttons (691470e6, closes #6929)
    • comments use triangle indicator instead of text label (b2d55926)
    • adds support for .elgg-button-special and button sizes (2ca0dedd, closes #2954)
  • admin: Use elgg_view_menu to generate admin header (411a9f39)
  • cache: allows using ints as keys in Cache\Pool (c36ec89d)
  • core:
    • support for querying based on relationship create time (db27abbd)
    • adds edit avatar to admin section of user hover menu (a003d840)
  • developers: inspect menu item now has children for faster access (314616d1)
  • discussion: Added some extension points at discussion sidebars. These changes allow 3rd party plugins to extend discussion sidebar, and add there features like a subscribe (db46100a)
  • file: display file upload limit on file upload form (09001b9d)
  • filestore:
    • add elgg_get_file_simple_type() to core api (69e54e4c)
    • add a hook to fix detected mimetype (4ddc7843)
  • groups: Added featured groups as a tab along with groups, popular, discussions (f77356e3)
  • js: extended the usability of rel="toggle" (1d89418e)
  • messages: improved UI for messages listing (46821a62)
  • php: Require PHP 5.4+ (42b76d37, closes #7090)
  • plugins: added default param to elgg_get_plugin_user_setting (13000c98)
  • requirements: PHP 5.3.3+ is now required (3a555512, closes #6165)
  • router: add original params to route hook (1b1026c3)
  • settings: adds setting for default number of items per page (d1d0a4e1, closes #2650)
  • site_notifications: option to mass delete site notifications … (c28eaac7)
  • users: Username character blacklist can now be altered via plugin hook (7dc63eb2, closes #6189)
  • usersettings: every user setting has its own menu item (6c1631d1)
  • views:
    • output/tag supports all output/url options (d0c9c855)
    • allows rendering empty results using an anonymous function (a8f15ffa)
    • output readable access level for any access_id (c9c2e12c, closes #7133)
  • webapp: Add support for a basic WebApp Manifest file (27c9ef4a, closes #7493)

Performance

  • annotations: increased performance of egef_annotations (96e6bd37, closes #6638)
  • db: Disabled SQL DISTINCT in more cases. (98a99c83)
  • entities: preloads owners when drawing lists of entities/likes (82088d5e, closes #5949)
  • likes: reduces number of queries when showing likes in lists (90991256, closes #6941)
  • session: speed up elgg_is_admin_user() (aed21337)
  • sql: allows removing DISTINCT from some MySQL queries (293317f2, closes #4594)
  • views: remove unneeded view calls in river/elements/body view (4ef23b61)

Documentation

  • requirements: Document new rolling support policy for browsers (9ce72099, closes #5932)

Bug Fixes

  • ckeditor: ckeditor now prevents image drag/drop/paste in editor (47fecbea)
  • config: path is derived from PHP, not database (b756cbb4)
  • css:
    • strings together elgg-button and button sizes (3cbe5877)
    • removes link color from "comments" header in river, default theme (f140ffb9, closes #7137)
    • removes padding and margin from elgg-menu-entity items (e732645b)
  • db: elgg_get_metastring_id should always create an id (423f1f6d)
  • deprecation: deprecation warnings for 1.10 now work as expected (3d8ada59)
  • discussion: also search in discussion replies when searching discussion topics (604697f3)
  • entities: system files removed for all entities on delete (800d1f36, closes #7130)
  • forms: Login and account forms widened and centered by default (5fc81511, closes #6456)
  • groups:
    • replaced deprecated entity loading with new method (a8f73627)
    • adds wrapper to the message, This discussion is closed (a336db85)
  • pages: add canEdit to page deletion permission check (454deb63)
  • river:
    • allow everyone to look at everyones activity page (f15e7ff8)
    • rss layout supports mulitple installations in the same host (2e7262b4)
  • search: respect entity type/subtype instead of params type/subtype (758263a3)
  • session: correctly sets cookie params for sessions (565dd08c)
  • upgrade: no longer try to process upgrade files from before installation version (15c6f109)
  • views:
    • allows passing base_url through gallery view (fb32d683, closes #7669)
    • show different text on widgetpanel toggle button when opened (b4e63b45)
    • elgg_view_menu_item shows no link for items with null href (a64432cf)
    • move function and menu items out of file typecloud view (e28bcd9e)
    • makes admin panel mobile friendly (a8d9eeca, closes #6742)

Deprecations

  • access: deprecates elgg_get_access_object() and refactors access lib (d19cf2bf)
  • filestore: deprecate file_get_simple_type() and file_get_general_file_type() (c6042cbe)
  • plugins: formally deprecates use of $CONFIG in start.php (ee8f2edc)
  • view: deprecate output/confirmlink for consolidated output/url with 'confirm' option (6e5e3910, closes #5810)
  • views: deprecates use of the core/settings/tools view (239b730f)

Breaking Changes

  • The CSSMin class included via minify was renamed to CSSmin. If you were referring to it with capital M, you'll have to change that to lower-case m.

However, note that Elgg's dependencies are not considered public API, so this notice is only a courtesy. Please explicitly declare your dependencies on third party vendors, even ones that you know Elgg already includes. We may remove or update them at any time. (c3b0d8bc)

  • If you are checking out Elgg directly from GitHub, you will need to run composer install after git checkout to get your installation to a working state. (2e60327f)

1.9.8 (2015-01-11)

Contributors

  • Juho Jaakkola (1)
  • Matt Beckett (1)
  • Steve Clay (1)
  • iionly (1)

Bug Fixes

  • css: Correct z-index for autocomplete form field when opened in lightbox (e993141f)
  • notifications: subject of comment notification email always starts with "Re: " (b5175b56, closes #7743)
  • profile: admin defined profile fields are once again back-compatible (8e577be4, closes #7634)

1.9.7 (2014-12-14)

Contributors

  • Jerôme Bakker (5)
  • iionly (3)
  • Jeroen Dalsem (2)
  • Juho Jaakkola (2)
  • Matt Beckett (1)

Documentation

  • design: added the data model image from docs (680c3cf8)
  • general: moved pronuncation file from docs (3718dac7)
  • support: added documentation about the support policies of Elgg (bdd7855c)

Bug Fixes

  • core: deprecation notices thrown at login/logout even if there's no valid reason (d22a6406)
  • likes: Uses getDisplayName() instead of assuming the object has value in title property (7ece624f)
  • notifications: Verifies that a notification method is registered before using it (4eddf313, closes #7647)
  • pageowner: allow unsetting of page owner guid (a57e1fbe)
  • uservalidationbyemail: usage of deprecated ['login', 'user'] event (23939b80)
  • views: correctly close the comment form contents (0420bd00)

1.9.6 (2014-12-01)

Contributors

  • Jerôme Bakker (74)
  • Paweł Sroka (7)
  • Jeroen Dalsem (2)
  • Brett Profitt (1)
  • Juho Jaakkola (1)
  • iionly (1)

Documentation

  • admin:
    • moved the finding plugins page from docs (d054a5fd)
    • moved the plugin order page from docs (dfb68cb0)
    • moved the getting help page from docs (2546fc9f)
    • moved duplicate installation from docs (53dfaca8)
    • moved backup and restore page from docs (e66a2432)
  • design: moved the Loggable page from docs (02f68068)
  • faq:
    • moved the Javascript not working page from docs (94a00252)
    • moved the Deprecation warnings page from docs (66374e0f)
    • moved the No images page from docs (2b261c8f)
    • moved the File is missing an owner page from docs (46f71887)
    • moved the Copy a plugin page from docs (a0b4b27a)
    • moved the session length page from docs (c337b834)
    • moved Emails don't support non-Latin characters from docs (c6001fba)
    • moved the What variables are reserved by Elgg page from docs (2d5a2a16)
    • moved the IE login problem page from docs (7445c19c)
    • moved the page not found page from docs (d0435c55)
    • move the Should I edit the database manually page from docs (d04a1383)
    • moved the css is missing page from docs (5b54b38c)
    • moved the filtering page from docs (68baa0e6)
    • moved the When I upload a photo or change my profile picture I get a white screen page from docs (ffbdd0d2)
    • moved the security faq from docs (627ff4f5)
    • moved the 500 - Internal Server Error page from docs (68a8ce19)
    • moved the What events are triggered on every page load page from docs (be493213)
    • moved the Using a test site page from docs (dc2fe2a7)
    • moved the Https login turned on accidently page (aeb32f65)
    • moved the debug mode page from docs (6b2d18e3)
    • split the faq page into different files for readability (bb1de6a6)
    • moved Manually add user from docs (0fa6c070)
    • moved How do I change PHP settings using .htaccess from docs (0defcaaa)
    • moved how does registration work page from docs (13ac44d3)
    • moved How do I find the code that does x from docs (ef30d048)
    • move the I don't like the wording of something in Elgg page from docs (9c13832b)
    • moved the Changing registration page from docs (6d7e4f48)
    • moved the changing profile fields page from docs (151d25a0)
    • moved What should I use to edit php code from docs (375869d1)
  • features: added a link to the Elgg showcas page (334d2010)
  • general: adds contents indexes to long pages (ebf316c9)
  • guides:
    • moved Walled Garden page from docs (4100ccef)
    • moved the Accessibility Guidelines from docs (5b687a42)
    • moved the systemlog page from docs (de73bb22)
    • moved the How to restrict where widgets can be used from docs (17ec2d35)
    • moved the javascript hooks page from docs (71551797)
    • moved the PluginDependencies from docs (e37d79a2)
    • moved hmac authentication page from docs (7b37f083)
    • moved don't modify core page from docs (c99e0008)
    • moved the ajax page from docs (b758c731)
    • moved Engine/Controllers/BestPractices from docs (26f77b0d)
    • move plugin coding guidelines from docs (9c4ee9f9)
    • moved the gatekeeper page from docs (686fb7b2)
    • moved simplecache from docs (a2d9b474)
    • moved the authentication page from docs (0e928075)
    • moved the permissions check documentation from docs (d9a6a88a)
    • moved the plugin (user)settings documentation from docs (bf2d984d)
    • moved the context documentation from docs (87bd91f9)
    • moved the helper functions page from docs (96d7d374)
    • moved the page handler documentation from docs (e327d354)
  • guids: moved page ownership from docs (223d668a)
  • pdf: Added LaTeX build testing to Travis (021a95c5)
  • plugins:
    • moved the System diagnostics page from docs (df2062a7)
    • moved the diagnostics page from docs (b69c978c)
    • completed the list of bundled plugins (2a886a84)
    • moved the thewire plugin description from docs (5443e715)
    • moved the blog plugin description from docs (722d1202)
    • moved the messages plugin description from docs (450c00b5)
    • moved the messageboard plugin description from docs (5d06e409)
    • moved the pages plugin description from docs (47f9d2c8)
    • moved the profile plugin description from docs (3fd4168c)
    • moved the groups plugin description from docs (0e1a6bdb)
    • moved the file plugin description from docs (140fb7ba)
    • moved the dashboard plugin description from docs (2b17c2ce)
    • moved the plugin skeleton documentation (d8ae89c7)
  • travis: Added validation of translated docs sources for es language to Travis (40d284e1)
  • views: moved the page structure best practices page from docs (c441a3f1)

Bug Fixes

  • core: getFilenameOnFilestore() returns empty string if an ElggFile object has no filename set (a03591e7)
  • docs:
    • Fixed docs elements not allowing LaTeX builds to succeed. (659d5796)
    • Fixed docs syntax for the PDF builds. (e3683683)
  • forms: Removes icon and title links from autocomplete results (aff7e69e, closes #5583)
  • livesearch: removed custom queries with ege* functions (d3656fa2)
  • plugins: trigger plugin hooks when saving plugin settings (19c31361, closes #6820, #7502)
  • session: Explicitly closing the session in the shutdown hook to work around APC session problems. (7dbe7c6d, closes #7186)
  • views: allow numeric 0 values to show on user and group profile (edee47e5)

1.9.5 (2014-11-17)

Contributors

  • Jeroen Dalsem (18)
  • Brett Profitt (7)
  • Steve Clay (7)
  • Evan Winslow (3)
  • Ismayil Khayredinov (3)
  • Juho Jaakkola (3)
  • Per Jensen (3)
  • Jerôme Bakker (2)
  • Paweł Sroka (2)
  • Stian Liknes (2)
  • Diego Andrés Ramírez Aragón (1)
  • Matt Beckett (1)
  • iionly (1)

Performance

  • db: correctly re-enable query cache after ElggBatch run (a8c3fbd9)
  • river: only fetch comments if comment_count > 0 (db64e16d)

Documentation

  • actions: Migrated actions section from old Getting Started docs and cleaned up related sections. (d47a980f)
  • admin: Migrated Getting Started guide from wiki. (11e589f6)
  • all:
  • coding: improves docs for commits/amending/standards (e8166d78)
  • database: updated and expanded information on entity icons (7bb60185)
  • events: Updated event list and cleaned up existing event docs. (433ed90c)
  • faqs: Started migrating some FAQs. (cd3afdcc)
  • hook: Updated hooks docs. (327ecb48)
  • menus: improve docs for menu item factory (61751db6)
  • notifications: documentation for the notifications system (ac12ac99, closes #7308)
  • style: documents trailing whitespace policy and script (798810c7)

Bug Fixes

  • aalborg: More robust grid reflows for smaller screens (8d8155e7, closes #7393)
  • access: always display readable access level for ACCESS_* constants (a74421f9, closes #6801)
  • core:
    • renaming to _elgg_namespace_plugin_private_setting forgotten in unsetAllSettings (782b75f2)
    • prevent sql exception when metastring is interpreted as very large number in egef_metadata (bab43d60, closes #7009)
  • css: markdown code blocks should not should nested borders (8c736c2f)
  • friends: show friends collections menu item in friend context (5073deeb)
  • i18n:
    • Commit docs/*.mo files on release so docs can be translated (8ca2b6b6, closes #7034)
    • improved removing profile field delete failure notice (a6f561e2)
    • grammar fix in upgrade warning (f5d4d35f)
  • login: also allow login by email in maintenance mode (4258bc3d)
  • menu: only show access entity menu item if logged in (714b0834)
  • menus: allow max depth of 20 to prevent losing menu items (d3e33db3)
  • pagination: removes hard-coded arrows from php file (eb136ef1, closes #5298)
  • plugins: trigger plugin hooks when saving plugin settings (5afadfc8, closes #6820)
  • relationships: distinct ege* results when relationship_guid is not set (4d87b950, closes #5775)
  • release: Corrected release script Windows system compatibility. (00012389)
  • upgrade:
    • Rechecks that all annotation comments have been migrated to entities (7d81094c, closes #7486)
    • Ensure that $CONFIG is always available to upgrade scripts (c102a713, closes #7457)
  • uservalidationbyemail: makes emailsent page public (70bbdd65, closes #7334)
  • views:
    • Revert erroneous changes made to input/userpicker (e4008c65)
    • input/userpicker can now remove all users on edit (4cf113ab, closes #6982)
    • comma separating links to text files in plugin list (4e9b8ad1, closes #7420)
    • usersettings form now has correct userguid set (2c204200)
    • use elgg-button-action class on all cancel buttons (857df27a)
    • prevent output of empty heading when there is no page title (c3f7f225)
    • add apple-touch-icon (3e4d2164, closes #6176)
  • widgets: determine default values for num display in content view (bd20730d)

1.9.4 (2014-10-20)

Contributors

  • Juho Jaakkola (6)
  • Jeroen Dalsem (4)
  • Steve Clay (4)
  • Per Jensen (3)
  • Stian Liknes (3)
  • Jerôme Bakker (1)

Documentation

  • plugins: Information on activation/deactivation (4e58ad4d)
  • web_services: Documentation for Elgg 1.9 (7cf0f8fd)

Bug Fixes

  • aalborg_theme: display search when logged out (31d3d190)
  • bookmarks: fixes more link in group bookmarks widget (adb46369, closes #6583)
  • css:
    • stop CSS from overwriting the width and height added in CKEditor (428234c0, closes #7269)
    • removed datepicker fixed width causing visual bug (803e05f5)
    • prevent select box from overflowing its container (3b7e94d5, closes #7290)
  • database: More robust sql script execution. (0c5ed4f2)
  • db: query cache properly handles more callable types (b8e58304)
  • discussion: discussion replies respect previous subscribers (d699fe63)
  • i18n:
    • improved change password email subject and body text (ade6d1c1)
    • translate notification messages to the recipient's language (071b2989, closes #7241, #NaN)
    • allow core to load translations for a specific language on-demand (6417d213)
  • install: prevent WSOD caused by site default language not being defined early enough (3b9dc902)
  • search: keep container param intact when navigating search results (3dd87ec1)

1.9.3 (2014-10-06)

Contributors

  • Juho Jaakkola (3)
  • Jeroen Dalsem (1)
  • Steve Clay (1)

Documentation

  • js: Adds docs for more JS functions, improves docs for elgg.echo (fa0d0fa8)
  • menus: document how to use menus (18ac4008)

Bug Fixes

  • icons: some elgg icons were not using internal view (493e5c9f)

1.9.2 (2014-09-21)

Contributors

  • Juho Jaakkola (8)
  • Steve Clay (2)

Documentation

  • manifest: document how to use manifest.xml (f4fa7487)
  • river: adds documentation on how to use the river (d8be198c)
  • upgrade: clarifies upgrade instructions about updating Elgg codebase (6a8fec02, closes #7225)
  • views: adds documentation for the views system (ff6cf55b)

Bug Fixes

  • install: confirm that settings.php exists and is readable before including it (aaa828ed)
  • style: ordered list markers now always visible (ecccafc3, closes #7206)
  • upgrades: now stores ElggUpgrade by paths instead of full URLs (39cf72f0, closes #6838)

1.9.1 (2014-09-12)

Contributors

  • Juho Jaakkola (2)

Bug Fixes

  • upgrade: fixes erroneous values in the list of processed upgrades (c6ebbdb2, closes #7198)

1.9.0 (2014-09-07)

Contributors

  • Juho Jaakkola (3)
  • Ismayil Khayredinov (1)
  • Matt Beckett (1)

Bug Fixes

  • embed: embed jquery target is now searched for instead of assuming last class (cfe605d4)
  • i18n: system cache now supports regional designators in language codes (735ceb4e, closes #7187)
  • messages: use recipient's language in the notification (ee88054f, closes #6902)

1.9.0-rc.7 (2014-08-25)

Contributors

  • Steve Clay (5)
  • Juho Jaakkola (3)
  • Paweł Sroka (2)
  • Per Jensen (2)
  • Brett Profitt (1)

Bug Fixes

  • aalborg_theme: broken layout on small screens (a2e88157, closes #7175)
  • access:
    • has_access_to_entity() now respects ACLs also when set to be ignored (bac9a80a, closes #7159)
    • get_access_array() works correctly when logged out (7fb67a29)
  • css: removes padding and margin from elgg-menu-entity items (04c5e61f)
  • discussion: Fixes inline edit of replies temporarily changing applied styles to the text (fa8572cb, closes #6879)
  • notification: avoids fatal error if notification event lacks object (5dfa343d, closes #7157)
  • output: elgg_normalize_url no longer mistakes querystrings for domains (505d249b)
  • profile: Making banned users more obvious when using custom profile fields. (c8c7098a)

1.9.0-rc.6 (2014-08-11)

Contributors

  • Juho Jaakkola (6)
  • Evan Winslow (5)
  • Ismayil Khayredinov (5)
  • Brett Profitt (2)
  • Jerôme Bakker (2)
  • Per Jensen (1)

Features

  • ckeditor: add "clear formatting" button (0f5525df, closes #7105)
  • likes: improves compatibility with notification plugins (ccfb65c3)
  • notifications: site_notification about an annotation can now have an URL (124190eb, closes #7055)

Documentation

  • all:
    • improves formatting and comprehensibility of docs (de3837be)
    • fixes typos and improves readability (a7ac76ce)
  • contribute: Updated recommendations on which branch to submit against (b84269ce, closes #6964)
  • cron: adds RST documentation about cron jobs (65b10fd8)
  • js: corrects function name to shim AMD modules (091c8b2e, closes #7072)
  • notifications: Adds docs for 'object', 'action' and 'summary' params used by notify_user() (ad00612f)

Bug Fixes

  • embed:
    • Checking for lightbox and embed before loading JS libs when requested through AJAX. (e8c1b4fd)
    • Manually load CSS/JS libs for embed when editing comments on the activity page. (6cc585c6, closes #6422)
  • groups: removes ACCESS_PUBLIC from visibility options if walled garden is enabled (70c911ee)
  • js: elgg.normalize_url no longer modifies urls that begin with a recognized scheme (b6dc613e, closes #6000)
  • notification: extract notification summary from $params (c966fcae, closes #6885)
  • pages: Stop registering undefined upgrade event callback (53eba1e0, closes #6780)
  • views: respect icon_sizes config values when rendering icons (54858e97)
  • walled_garden: ACCESS_PUBLIC no longer available in group context (7c4ec694)

1.9.0-rc.5 (2014-07-10)

Contributors

  • Matt Beckett (3)
  • Jerôme Bakker (1)

Bug Fixes

  • core: output/iframe made to the w3c standard (cb25d684)
  • river: add enabled col to river table, update on enable/disable of referenced entities (eb041ebd, closes #6022)
  • upgrade: use correct table prefixes on river upgrade script (1c5c2b63, closes #7033)

1.9.0-rc.4 (2014-07-10)

Contributors

  • Evan Winslow (9)
  • Paweł Sroka (6)
  • Matt Beckett (3)
  • Jeroen Dalsem (2)
  • Paul Shepel (2)
  • Steve Clay (2)
  • Adrián Chaves Fernández (Gallaecio) (1)
  • JoseLGM (1)
  • Per Jensen (1)

Features

  • discussions: Added email SMTP headers for better thread grouping. (91755a86, closes #6894)

Documentation

  • i18n: internationalized the documentation (ff5fd9be, closes #5899)
  • upgrading: Added upgrade instructions for 1.8 to 1.9 (001e3ffa, closes #5900)

Bug Fixes

  • aalborg_theme: selected page menu does not collapse sub menu (53f696ce, closes #6979)
  • collections: make urls work regardless of username (76827f22, closes #6059)
  • core: Added missing options array support for ElggUser methods (30d98c67, closes #6994)
  • deprecation: the deprecation wrapper correctly handles array access (264fc5f2, closes #7017, #6917)
  • discussion: no longer show entity menu items on non-discussions (d3c7c953, closes #6508)
  • file:
    • destroy output buffer before sending file (007021ff)
    • download adds header Content-Length (8375eb09)
  • groups: give feedback if a user cannot be added to a group (07cddc61, closes #6081)
  • install: Make installer usable on smartphones (b528d988)
  • members: prevent members search with empty query (12f7b88f)
  • notifications: Corrected html entities handling for email subject and body (4bfb849e, closes #6905)
  • release: Corrected release script Windows system compatibility (18f78403)
  • router: Can return 'handler' param in 'route', $identifier hook again (6e09758f, closes #6696)
  • rss: River entries include their full correct summaries again (96679d8b, closes #6901)
  • thewire: More effective textarea change detection (e07f6975)
  • ui: Corrected bad stretching of non-square, large avatars. Now upscaling by width. (71ea155b, closes #5602)
  • upgrade: test for ability to connect to localhost if rewrite test fails (7c49e4ce, closes #6888)

1.9.0-rc.3 (2014-06-23)

Contributors

  • Evan Winslow (4)
  • Paweł Sroka (1)
  • Per Jensen (1)
  • RiverVanRain (1)

Bug Fixes

  • a11y:
    • Add semantic structure to installer page layout (f446e6f1)
    • Use HTML5 form features on install forms (434efa22)
    • Label form fields in installer correctly (dff254a9)
  • aalborg_theme: removes unwanted margins (b972402d)
  • replies: Show reply's link on river (5fc031a5)

1.9.0-rc.2 (2014-06-09)

Contributors

  • Evan Winslow (11)
  • Per Jensen (4)
  • Paweł Sroka (2)
  • Jeroen Dalsem (1)
  • John Supplee (1)

Bug Fixes

  • UserPicker: no messages in userpicker due to lack of i18n (7d7a7d5e)
  • aalborg_theme:
    • emphasizes sidebar navigation (6ae2148c, closes #6874)
    • Support fullscreen mode if user adds app to homescreen (2a193078, closes #6896)
    • show dashboard menu item only when logged in (c3e0fcb8)
    • inconsistency between owner-block and page menu (f54048a5)
    • only pass body_attrs if they are set (6ab77862)
  • deprecated: Corrected invalid deprecation notice and added more details to few others (5d78e2b1, closes #6869)
  • docs: Inline refs use @link instead of @see (50b0e39e)

1.9.0-rc.1 (2014-05-19)

Contributors

  • Cash Costello (689)
  • Steve Clay (226)
  • Evan Winslow (150)
  • Paweł Sroka (136)
  • Sem (91)
  • Brett Profitt (68)
  • Jeroen Dalsem (59)
  • Juho Jaakkola (54)
  • Per Jensen (23)
  • Ismayil Khayredinov (23)
  • RiverVanRain (16)
  • Matt Beckett (12)
  • hellekin (12)
  • Jerôme Bakker (8)
  • Aday Talavera (7)
  • Jeff Tilson (7)
  • Marcus Povey (5)
  • Rasmus Lerdorf (5)
  • Brad Smith (5)
  • Hayden Shaw (3)
  • Ben Werdmuller (3)
  • András Szepesházi (2)
  • slyhne (2)
  • Facyla (2)
  • ManUtopiK (1)
  • Emmanuel (1)
  • Centillien (1)
  • twentyfiveautumn (1)
  • Janek Lasocki-Biczysko (1)
  • Ash Ward (1)
  • Arsalan Shah (1)
  • Angel Gabriel Vargas Beltran (1)
  • Tantek Çelik (1)
  • Team Webgalli (1)
  • bwoodnz (1)
  • Danny Navarro (1)
  • EC2 Default User (1)
  • Kody Peterson (1)
  • Liang Lee (1)

Features

  • admin: Admin notices are removed when the actions requested actions has been taken. (e6a46a84, closes #6453)
  • amd: added some utils to Elgg_Amd_Config class (c45d4d18)
  • comments: Added separate edit page for generic comments (a5c73b6e, closes #6666)
  • core:
    • better registration of usersettings handlers (6469d55d)
    • allow custom local scripts to trigger on uncaught exceptions #6586 (7e0794ca)
    • Allowing upgrade.php to forward to custom URLs. (e5c11d8c, closes #6442)
  • externalpages: page layout changed to one_column (909536f9)
  • graphics: make logos transparent (2fc838c0)
  • lightbox: added binding for elgg-lightbox-photo CSS class (6eb22a2d)
  • output: Added second parameter to elgg_strip_tags. (39f8d80c)
  • search: Allows filtering/reordering types returned in search (5eebf1e6, closes #6118)
  • ui:
  • upgrade: Added ElggUpgrade object. (3aae56b4)
  • users: making nicer lost password process (d7c6f850, closes #5886)
  • uservalidationbyemail: forwarding to an info page after registration (6fbb8c93, closes #6247)
  • ux: Failed file uploads give better error messages. (8eb652c2, closes #6593)
  • views: bypasses minification for views like -min/.min (0462bdff, closes #6260)

Performance

  • groups: remove redundant filter of user-owner group acls (a65df346, closes #6434)
  • upgrade:

Documentation

  • aalborg_theme: document change of content order (0ed207d9, closes #5787)
  • about: Add contributing, history, releases, and values docs (1b67f575)
  • admin: Created new admin section for admin-specific docs (abc55ef1)
  • all: Cut fluff (bae2d199)
  • amd: Separated design and guides for AMD docs. (d0ebcb7a)
  • appendix: move about => appendix; add contribute guide (118bfa16)
  • autoloader: more accurate docs for autoloader (5fdbc181)
  • changelog:
    • Fully updated CHANGELOG.md (to 1.9.0-dev) (31d757dd, closes #5798)
    • Better markdown formatting (9e66e428)
    • Move CHANGES.txt to CHANGELOG.md (d13673c9)
  • code:
    • fix whitespace warnings (110a6844)
    • add docs on testing and cleanup (d9f2cdca)
    • merge coding_standards into contribute/code.rst (b752e6dd)
  • config: document custom exception handling (7dde7bf4)
  • contribute:
    • add instructions for translators (feb16f6a)
    • add instructions for rewriting commit messages (4e5d6e3c)
    • clean up PR instructions (16308a46)
    • expanded contributors section (b969080c)
  • events: Reword docs for hooks (3cb690fe)
  • fix: Fixing MD links for new docs. (04c399f3)
  • guides: add web services dev guide (400a2453)
  • hooks: Corrects docs syntax error (69ae152d)
  • i18n: Add minimal i18n documentation ported from wiki (6b0e58df)
  • js: use proper title markup (77146f46)
  • moved: use :orphan: instead of lying toctree (6544176d)
  • outline: make titles consistent with each other (d554e9b0)
  • performance: add suggestions for performance and scalability (76e3ecd1)
  • plugins: added instructions on upgrading plugins for Elgg 1.9 (b1c501c4)
  • release: add release process workflow (5df29847)
  • releases: add commit access as requirement (9821089c)
  • rewrite: Finish migration from what we had in GDocs (ce8c40b3)
  • security: Add security rst docs (fc52baf3)
  • themes: converts theming docs to rst (fddd7686)
  • tutorials: Add blog, indexpage, widget, and wysiwyg (faafc2e2)
  • updates: Updating contributing docs to point to feedback and planning group and to mentio (c10f09f8)
  • views: Updated docs for elgg_extend_view() to address uniqueness of extended views. (06c95e4b, closes #6661)

Bug Fixes

  • a11y: keep focus outlines by default (56add7a6, closes #6319)
  • aalborg_theme: standardize padding on input and a buttons (dbc510d7)
  • admin:
    • show plugin settings menu on markdown page (19e3e8d3)
    • fixed javascript error on toggle simple cache checkbox (0533f2a3, closes #6529)
  • amd: removed elgg_require_js for backwards compatibility (76584089, closes #6496)
  • autocomplete: use group summary instead of profile view (82c6871c)
  • ckeditor:
    • create a new input element was re-enabling other input fields (04ab5b65)
    • makes sure basepath is set early enough (9b84b0c2)
  • comments:
    • give comment authors edit privileges (68c6ded7, closes #6724)
    • fixes cancel button and forward URL on edit comment page (2b76dad7)
    • makes ElggComment E_STRICT compliant (3f5f4728)
  • core:
    • prevents upgrade scripts from attempting to create the same ElggUpgrade more tha (3d5fc912, closes #6824)
    • no longer strip slashes on $_FILES and $_SERVER (4a32796b, closes #6777)
    • Updated upgrade file for remember me cookies for 1.9's new table. (c4b53e4f, closes #6629)
    • MenuBuilder sortByName should use strnatcmp (9f373b3e)
    • Not redirecting in plugin and site entity views. (1c027648, closes #4439)
    • fault in ElggPlugin contructor (41053468)
  • css:
    • selected page menu does not collapse sub menu (f9af6a66)
    • add hover classes to hover icons (fb2e9a36, closes #6737)
    • reposition powered by elgg (9b3d43fc)
    • prevent stretching images in IE8 (61ac1874)
    • Added CSS for elgg-state-selected menu items in theme sandbox. (e5741ce5)
  • developer_tools: Added all of the defined icons to the theme preview. (d0ccfc1b)
  • docs:
    • Fixed links in mediawiki format instead of reST. Removed reference to Transifex (b5c9f419)
    • fix a couple of typos (e34f57d7)
  • embed:
    • show error when when uploading too large file in embed form (a661c65c, closes #4591)
    • file embedding wasn't working for textareas (4f1ffdec, closes #6160)
    • Allows embedding files from the containing group (d5aea243)
    • make pagination in embed colorbox usable (4aeafa70)
    • make tabs in colorbox popup usable (16ca1fd1)
  • entities: reverts to 1.8 behavior of ElggEntity->subtype reads (2fa7c6ce, closes #5920)
  • events: makes the plugin_id parameter reliable for plugin events (8b62fb8e)
  • gatekeeper: stop treating being logged out as an error state (03df35cd)
  • git: Igorning revert commits in Travis and in commit-message git hook. (36acbbf0)
  • groups:
    • Run discussion reply migration regardless if groups plugin is enabled. (02023f45, closes #6729)
    • check if handler is set in params before calling it (9e2bcb6d)
    • forces content accessibility to members_only for invisible groups (47a8c7ab)
    • fix the group acl id in write access array (de2b6a68)
    • displays correct group content access options for each content access mode (b99f475a)
  • hooks:
    • handlers returning null/undefined don't change returnvalue in javascript (b1af0b6d, closes #6531)
    • return values defaults to null in javascript (ff095943, closes #6499)
    • remove event handler registration (dbcf8b48, closes #6410)
  • htmlawed: Setting the params argument to a defaut of null in htmlawed_filter_tags(). (d337ceee, closes #6614)
  • http: makes HTTP request/parameter bag PHP 5.2 compatible (21719be9)
  • install:
    • assume port 443 means HTTPS is in use (df76005c, closes #6190)
    • Put all themes at bottom of plugins list during installation. (ec5458d1, closes #6530)
    • fatal exception during installation (7993273d)
  • invitefriends:
    • make invite form sticky (74b1556c)
    • check if registration is allowed before display menu item and pages (c83630ce, closes #6400)
  • js: Separated elgg_load_js() and elgg_define_js(). (a73838d9)
  • lightbox:
    • setting fancybox's z-index for colorbox (51231f46)
    • make lightbox scrollbar look better (aeaafa6d)
    • CKEditor was weird in lightbox (0e4e3dd1)
    • Correctly applies color box options on each element (b2950027, closes #6107)
    • lightbox wasn't shown when generated from ajax view. (937c8d1e, closes #6304)
  • memcache: Better logging of save/hits/misses (6448bb95, closes #6243)
  • pages: memory leaks in large page trees (ab6ef0df, closes #6477)
  • plugins: Stops junk log entries created on plugins page (f76312fd, closes #6066)
  • rewrite_tester: more reliably sniffs active rewrite rules (3090bf08, closes #6656)
  • routing:
    • prevent upgrade if .htaccess needs updating (1fdbf2dc, closes #6521)
    • URL-decodes path segments like Elgg 1.8 (6de77faa, closes #6218)
  • session:
    • session unavailable in shutdown functions (3d6c33e4)
    • fixes remember me functionality broken in 1.8.19 merge (659ea108)
  • site_notifications: added correct key for menu item (186e7174)
  • tests: Corrected the way the commit message tests are run. (9e0183f4, closes #6507)
  • thewire:
    • Restores functionality of JS max length limit parametrization (66e478f5, closes #6646)
    • Fix word count JS events tapping (d3e3a30b)
  • ui:
    • mispositioned editor when editing a comment that contains a floated image (5f52eb75, closes #6576)
    • use correct logo in favicon (1c98fdac, closes #6446)
    • Added CSS to make the site menu show up correctly in theme sandbox. (e7ac3aeb)
  • upgrade:
    • Corrects query to clear admin remember me cookies (7ee022b6)
    • Adds an admin notice when a new ElggUpgrade object is created (84959e75)
    • Corrected the way ignore access and show hidden entities is applied (ccec25ac)
    • Added upgrade to deactivate TinyMCE and activate CKEditor. (b6970f1c, closes #6653)
    • Fixed a typo in the comments upgrade that broke the ajax upgrade. (fa0340ad)
    • Only running comment migration timestamp fix if comments exist. (5901995d, closes #6621)
    • Correctly settings container guids' last_action times during comment migration. (9df2367c, closes #6528)
    • Setting time_updated and last_action for migrated comment and discussion entitie (ed7cf3bc, closes #6395)
  • uservalidationbyemail: do not show email sent page to logged in users. (5534a576, closes #6649)
  • ux: Server-side validation for email fields in profile edit action. (7d70c6df)
  • vendors: corrected version for requirejs (22cf6d64, closes #6735)
  • views:
    • removes notices from views used in theme sandbox (9141ecd1)
    • fix typo in $attrs var name (224a7729)
    • only pass body_attrs if they are set (3749dda1)
    • check if body_attrs are set before attempting to format them (baf2df93, closes #6298)
    • Using sitedescription in meta description tag. (66f06919)
    • Correct default title for confirmlink (dd1e83c3, closes #6375)

Performance

  • Using dataroot and simplecache_enabled if set in settings.php
  • Changes simplecache caching so that it is performed on demand
  • Adds support for simplecache minification of CSS and JavaScript
  • Adds ability to enable the query cache after being disabled
  • Don't call getter after a previous count call returned 0 items
  • Make sure Apache2 is configured so .ico can be cached
  • Adds deflate Apache filter to SVG images
  • Log display no longer emit deprecation warnings and uses fewer queries
  • speeds up user location upgrade
  • Progress toward HHVM compatibility

UI changes

  • Lots of spit and polish
  • New responsive theme - aalborg_theme
  • Drops support for IE6
  • Replaces fancybox lightbox with colorbox
  • Replaces Tinymce editor with CKEditor
  • Liking and friending use ajax
  • Removes topbar Elgg logo and made "powered by" themable
  • Allows keeping group content limited to the group
  • Site notifications moved into separate plugin from messages
  • Shows owner block when viewing own content
  • Focus styles for accessible keyboard navigation
  • Improved theme sandbox
  • Session expired message
  • Ajaxified the discussion reply edit form.
  • Alphabetize friends/friends-of, group notifications, group owned/member lists
  • Added support for greying out the label of disabled input
  • Added more microformats to the profile page
  • Automatically configure autocorrect and autocapitalize for input views
  • Using unified language strings for several plugins
  • Adds focus outlines to all focusable elements

Admin changes

  • Adds new notification system
  • Makes the wire message length configurable
  • Changes user directories use GUIDs rather than join date
  • Adds banned user widget
  • Adds legacy_url plugin for supporting legacy URLs
  • Adds robots.txt configuration
  • Adds maintenance mode
  • Added automatic configuration of RewriteBase during fresh install.

New developer features

  • HTML5
  • New mysql-based async queue
  • AMD modules using require.js
  • New notification system
  • New class loader that is PSR-0 compliant
  • Improves control over cookies
  • Adds plugin manifest fields (id, php_version, contributors)
  • Static files recognized as views
  • Adds support for multi-select
  • JSON rendered through views system rather than using global
  • Links in login box use menu system
  • Upgrades jQuery and includes the jquery migrate plugin
  • Widgets can set their titles
  • New JavaScript unit test library
  • Front page and actions go through page handling system
  • Group edit form easier to extend
  • More specific list item classes
  • Page layouts more standardized with same elements
  • Allows customizing colorbox instances
  • Views system recognizes static files as views in addition to PHP files
  • Adds ability to turn off query cache
  • Can change time_created if set explicitly
  • Allows update event to alter attributes and checks canEdit() on DB copy
  • add more specific list item classes
  • moved elgg_view_icon html to own view for more flexibility
  • Allow body attributes
  • Eases extending the input/view view
  • Split group edit form into seperate parts
  • Moved group_activity widget from dashboard to groups plugin
  • Adds warnings for uncallable handlers in hooks/events.
  • Members list pages (tabs/content/titles) can now be extended via plugins
  • Adds configuration support for remember me cookie

API changes

  • Comments and discussion replies are entities
  • New notification system
  • Changes elgg_register_widget_type() to expect contexts to be an array
  • New session API accessible via elgg_get_session()
  • Moves many functions into methods on ElggEntity and related classes
  • Adds support for returning translations as arrays from language files
  • Adds ElggEntity::getDisplayName()
  • Adds ElggEntity::toObject()
  • Adds target_guid to the river
  • Adds elgg_get_entities_from_attributes()
  • Adds ElggMenuItem::addItemClass()
  • Adds elgg_get_menu_item()
  • Adds elgg_format_element() for creating HTML elements
  • ElggFile::getSize() replaces ElggFile::size()
  • Defaults to full_view = false in elgg_list_entities* functions
  • Allows views to be accessed via URL and cacheable
  • Columns added to entity query functions are available in returned entities
  • Separates some events into :before/:after
  • Adds elgg_entity_gatekeeper()
  • get_online_users() and find_active_users() now use $options arrays
  • Adds default option to elgg_get_plugin_setting
  • namespaced the gatekeeper functions (but made it optional)
  • Added URL fragment (#anchors) support to elgg_http_build_url
  • made elgg_unregister_menu_item() more useful

New hooks/events

  • plugin hook: simple_type, file
  • plugin hook: default, access
  • plugin hook: login:forward, user
  • plugin hook: layout, page
  • plugin hook: shell, page
  • plugin hook: head, page
  • plugin hook: get_sql, access
  • plugin hook: maintenance:allow, url
  • notifications plugin hooks
  • event: init:cookie, name

Deprecated functionality

  • calendar library (was not maintained)
  • web services library (now plugin distributed with Elgg)
  • export, import, and opendd libraries (see ElggEntity:toObject())
  • location library
  • xml library
  • Split logout event to before/after events
  • Split login event to before/after events
  • Added a deprecate notice to the elgg_view_icon use of a boolean
  • Deprecated get_annotation_url() in favor of ElggAnnotation::getURL()
  • Deprecated full_url() in favor of current_page_url()
  • Deprecated "class" in ElggMenuItem::factory in favor of "link_class"
  • Deprecated passing null to ElggRelationship constructor
  • Deprecated .elgg-autofocus in favor of HTML5 autofocus
  • Deprecated ElggUser::countObjects (part of Friendable interface)
  • Deprecated favicon view in favor of head, page plugin hook
  • Deprecated analytics view in favor of page/elements/foot
  • Deprecated availability of $vars keys (url, config) and $CONFIG
  • Deprecated ElggEntity::get()/set() in favor of property access
  • Deprecated cron, reboot event
  • Deprecated add_to_river() in favor of elgg_create_river_item()
  • Renames many functions to begin with "elgg_" (with deprecated versions)

Removed functionality

Documentation

Security Enhancements

  • Using SSL for setting password when https login enabled
  • Make several views files non-executable

Bugfixes

  • HTMLawed Strips html comments and CDATA from input
  • Hundreds of miscellaneous fixes
  • users can edit metadata that they created by default
  • removes special check to allow access override
  • if no container, default to false for writing to container
  • fixes default user access
  • returning false to create events forces delete regardless of access
  • Fix json and xml views broken by wrap view of developer tools
  • Do not use link with file icon when using full_view.
  • made page shells consistent for $vars parameters
  • show owner block also if looking at owned pages
  • Pagination uses HTTP referrer as default base_url for Ajax requests
  • Added several missing translation strings
  • standardizes layouts so that they all have title buttons and the same basic sections
  • entity list limit respects passed limits and just provides defaults
  • fixes setting page owner due to routing change
  • Fixed batch install usage of createHtaccess
  • fixed typo that prevented context for front page from being set
  • Make sure empty string return is interpreted as "handling" the list hook
  • replaced double search box with a single box and a single searchhook
  • Login, user event code can use elgg_get_logged_inuser*()
  • Make sure user has access to both river object and target
  • Uses correct default value for find_active_users 'seconds' parameter
  • Added jquery map file and unminified version to make Chrome dev tools happy and not throw 404 error
  • Corrects container write permissions bug
  • Sends correct Content-Length with profile icon
  • Getting correct client IP behind proxy.
  • Fixed old function name for batch metastring operations
  • allow full access to the metadata API through setMetadata() rather than requiring use of create_metadata()
  • catching when the base entity is not created due to permissions override
  • message if no results found
  • all link should reset entity type/subtype
  • forces lastcache to be an int
  • Many more miscellaneous improvements...

v1.8.19 (March 12, 2014)

Contributing Developers

  • Brett Profitt
  • Centillien
  • Evan Winslow
  • Ismayil Khayredinov
  • Jerome Bakker
  • Juho Jaakkola
  • Matt Beckett
  • RiverVanRain
  • Sem
  • Steve Clay
  • pattyland

Security enhancements

  • Implements stronger remember me cookie strategy to prevent brute force attacks.

Bugfixes

  • Fixed numerous PHP warnings.
  • Groups: Corrected breadcrumb for group discussion pages.
  • Fixed RSS validation for the River RSS feed.

Improvements

  • Moved Site Secret update to configure -> advanced.
  • Added more comprehensive tests for HTMLAwed.

Documentation

  • Added better deprecation warnings for use of certain attributes in views.

v1.8.18 (January 11, 2014)

Contributing Developers

  • Juho Jaakkola
  • Steve Clay

Bugfixes

  • Fixes notify_user() broken in 1.8.17

v1.8.17 (January 1, 2014)

Contributing Developers

  • Brett Profitt
  • Cash Costello
  • Ed Lyons
  • Evan Winslow
  • Jeroen Dalsem
  • Jerome Bakker
  • Juho Jaakkola
  • Matt Beckett
  • Paweł Sroka
  • Sem
  • Steve Clay

Security Fixes

  • Specially-crafted request could return the contents of sensitive files.
  • Reflected XSS attack was possible against 1.8 systems.
  • The cryptographic key used for various purposes may have been generated with weak entropy, particularly on Windows.

Bugfixes

  • URLs with non-ASCII usernames again work
  • Floated images are now properly cleared in content areas
  • The activity page title now matches the document title
  • Search again supports multiple comments on the same entity
  • Blog archive sidebar now reverse chronological
  • URLs with matching parens can now be auto-linked
  • Log browser links for users now work
  • Disabling over 50 objects should no longer result in an infinite loop
  • Radio/checkbox inputs no longer have border radius (for IE10)
  • User picker: the Only Friends checkbox again works
  • Group bookmarklet no longer shown to non-members
  • Widget reordering fixed when moving across columns
  • Refuse to deactivate plugins needed as dependencies

Enhancements

  • Group member listings are ordered by name
  • The system_log table can now store IPv6 addresses
  • Web services auth_gettoken() now accepts email address
  • List functions: no need to specify pagination for unlimited queries
  • Htmlawed was upgraded to 1.1.16

v1.8.16 (June 25, 2013)

Contributing Developers

  • Brett Profitt
  • Cash Costello
  • Jeff Tilson
  • Jerome Bakker
  • Paweł Sroka
  • Steve Clay

Security Fixes

  • Fixed avatar removal bug (thanks to Jerome Bakker for the first report of this)

Bugfixes

  • Fixed infinite loop when deleting/disabling an entity with > 50 annotations
  • Fixed deleting log tables in log rotate plugin
  • Added full text index for groups if missing
  • Added workaround for IE8 and jumping user avatar
  • Fixed pagination for members pages
  • Fixed several internal cache issues
  • Plus many more bug fixes

v1.8.15 (April 23, 2013)

Contributing Developers

  • Cash Costello
  • Ismayil Khayredinov
  • Jeff Tilson
  • Juho Jaakkola
  • Matt Beckett
  • Paweł Sroka
  • Sem
  • Steve Clay
  • Tom Voorneveld

Bugfixes

  • Not displaying http:// on profiles when website isn't set
  • Fixed pagination display issue for small screens
  • Not hiding subpages of top level pages that have been deleted
  • Stop corrupting JavaScript views with elgg deprecation messages
  • Fixed out of memory error due to query cache
  • Fixed bug preventing users authorizing Twitter account access
  • Fixed friends access level for editing pages
  • Fixed uploading files within the embed dialog

Enhancements

  • Added browser caching of language JS files
  • Adding nofollow on user posted URLs for spam deterrence (thanks to Hellekin)
  • Auto-registering views for simplecache when their URL is requested
  • Display helpful message for those who have site URL configuration issues
  • Can revert to a previous revision with pages plugin
  • Site owners can turn off posting wire messages to Twitter
  • Search results are sorted by relevance

Removed Functionality

  • Twitter widget due to changes in Twitter API and terms of service
  • OAuth API plugin due to conflicts with the Twitter API plugin

v1.8.14 (March 12, 2013)

Contributing Developers

  • Aday Talavera
  • Brett Profitt
  • Cash Costello
  • Ed Lyons
  • German Bortoli
  • Hellekin Wolf
  • iionly
  • Jerome Bakker
  • Luciano Lima
  • Matt Beckett
  • Paweł Sroka
  • Sem
  • Steve Clay

Security Fixes

  • Fixed a XSS vulnerability when accepting URLs on user profiles
  • Fixed bug that exposed subject lines of messages in inbox
  • Added requirement for CSRF token for login

Bugfixes

  • Strip html tags from tag input
  • Fixed several display issues for IE7
  • Fixed several issues with blog drafts
  • Fixed repeated token timeout errors
  • Fixed JavaScript localization for non-English languages

Enhancements

  • Web services fall back to json if the viewtype is invalid

v1.8.13 (January 29, 2013)

Contributing Developers

  • Cash Costello
  • Juho Jaakkola
  • Kevin Jardine
  • Krzysztof Różalski
  • Steve Clay

Security Fixes

  • Added validation of Twitter usernames in Twitter widget

Bugfixes

  • CLI usages with walled garden fixed
  • Upgrading from < 1.8 to 1.8 fixed
  • Default widgets fixed
  • Quotes in object titles no longer result in "qout" in URLs
  • List of my groups is ordered now
  • Language string river:comment:object:default is defined now
  • Added language string for comments: generic_comment:on

Enhancements

  • Added confirm dialog for resetting profile fields (adds language string profile:resetdefault:confirm)

v1.8.12 (January 4th, 2013)

Contributing Developers

  • Brett Profitt
  • Cash Costello
  • Jerome Bakker
  • Matt Beckett
  • Paweł Sroka
  • Sem
  • Steve Clay

Bugfixes

  • Added an AJAX workaround for the rewrite test.
  • Code cleanup to prevent some notices and warnings.
  • Removed "original_order" in menu item anchor tags.
  • Site menu's selected item correctly persists through content pages.
  • Static caches rewritten and improved to prevent stale data being returned.
  • Installation: Invalid characters in admin username are handled correctly.
  • Messages: Fixed inbox link in email notifications.
  • The Wire: Fixed objects not displaying correctly when upgrading from 1.7.

Enhancements

  • Performance improvements and improved caching in entity loading.
  • Added upgrade locking to prevent concurrent upgrade attempts.
  • Replaced xml_to_object() and autop() with GPL / MIT-compatible code.
  • Error messages (register_error()) only fade after being clicked.
  • Groups: Added a sidebar entry to display membership status and a link to group notification settings.
  • Groups: Added pending membership and invitation requests to the sidebar.
  • Groups: Better redirection for invisible and closed groups.
  • Search: User profile fields are searched.
  • Pages: Subpages can be reassigned to new parent pages.
  • Twitter: Login with twitter supports persistent login and correctly forwards after login.

v1.8.11 (December 5th, 2012)

Bugfixes

  • Fixed fatal error in group creation form

v1.8.10 (December 4th, 2012)

Contributing Developers

  • Krzysztof Różalski
  • Lars Hærvig
  • Paweł Sroka
  • RiverVanRain
  • Sem
  • Steve Clay

Security Enhancements

  • Cached metadata respects access restrictions to fix problems with profile field display.
  • Group RSS feeds are restricted to valid entities

Enhancements

  • UX: Added a list of Administrators in the admin area
  • UX: Limiting message board activity stream entries to excerpts
  • Performance: Prefetching river entries
  • Performance: Plugin entities are cached

Bugfixes

  • Removed superfluous commas in JS files to fix IE compatibility.
  • API: Fixed Twitter API.
  • Performance: Outputting valid ETags and expires headers.

v1.8.9 (November 11, 2012)

Contributing Developers

  • Brett Profitt
  • Cash Costello
  • Evan Winslow
  • Jeroen Dalsem
  • Jerome Bakker
  • Matt Beckett
  • Paweł Sroka
  • Sem
  • Steve Clay

Security Enhancements

  • Sample CLI installer cannot break site
  • Removed XSS vulnerabilities in titles and user profiles

Enhancements

  • UX: A group's owner can transfer ownership to another member
  • UX: Search queries persist in the search box
  • Several (X)HTML validation improvements
  • Improved performance via more aggressive entity and metadata caching
  • BC: 1.7 group profile URLs forward correctly

Bugfixes

  • UX: Titles containing HTML tokens are never mangled
  • UX: Empty user profile values saved properly
  • UX: Blog creator always mentioned in activity stream (not user who published it)
  • UI: Fixed ordering of registered menu items in some cases
  • UI: Embed dialog does not break file inputs
  • UI: Datepicker now respects language
  • UI: More reliable display of access input in widgets
  • UI: Group edit form is sticky
  • UI: Site categories are sticky in forms
  • API: Language fallback works in Javascript
  • API: Fallback to default viewtype if invalid one given
  • API: Notices reported for missing language keys
  • Memcache now safe to use; never bypasses access control
  • BC: upgrade shows comments consistently in activity stream

v1.8.8 (July 11, 2012)

Contributing Developers

  • Cash Costello
  • Miguel Rodriguez
  • Sem

Enhancements

  • Added a delete button on river items for admins

Bugfixes

  • Fixed the significant bug with htmlawed plugin that caused duplicate tags

v1.8.7 (July 10, 2012)

Contributing Developers

  • Cash Costello
  • Evan Winslow
  • Ismayil Khayredinov
  • Jeroen Dalsem
  • Jerome Bakker
  • Matt Beckett
  • Miguel Rodriguez
  • Paweł Sroka
  • Sem
  • Steve Clay

Enhancements

  • Better support for search engine friendly URLs
  • Upgraded htmlawed (XSS filtering)
  • Internationalization support for TinyMCE
  • Public access not available for walled gardens
  • Better forwarding and messages when they cannot view content because logged out

Bugfixes

  • Fatal errors due to type hints downgraded to warnings
  • Group discussion reply notifications work again
  • Sending user to inbox when deleting a message
  • Fixed location profile information when it is an array
  • Over 30 other bug fixes.

v1.8.6 (June 18, 2012)

Contributing Developers

  • Cash Costello
  • Evan Winslow
  • Ismayil Khayredinov
  • Jeff Tilson
  • Jerome Bakker
  • Paweł Sroka
  • Sem
  • Steve Clay

Enhancements

  • New ajax spinner
  • Detecting docx, xlsx, and pptx files in file plugin
  • Showing ajax spinner when uploading file with embed plugin

Bugfixes

  • Fixed some language caching issues.
  • Users can add sub-pages to another user's page in a group.
  • Over 30 other bug fixes.

v1.8.5 (May 17, 2012)

Contributing Developers

  • Brett Profitt
  • Evan Winslow
  • Sem
  • Steve Clay
  • Jeroen Dalsem
  • Jerome Bakker

Security Enhancements

  • Fixed possible XSS vulnerability if using a crafted URL.
  • Fixed exploit to bypass new user validation if using a crafted form.
  • Fixed incorrect caching of access lists that could allow plugins to show private entities to non-admin and non-owning users. (Non-exploitable)

Bugfixes

  • Twitter API: New users are forwarded to the correct page after creating an account with Twitter.
  • Files: PDF files are downloaded as "inline" to display in the browser.
  • Fixed possible duplication errors when writing metadata with multiple values.
  • Fixed possible upgrade issue if using a plugin uses the system_log hooks.
  • Fixed problems when enabling more than 50 metadata or annotations.

API

  • River entries' timestamps use elgg_view_friendly_time() and can be overridden with the friendly time output view.

v1.8.4 (April 24, 2012)

Contributing Developers

  • Adayth Talavera
  • Brett Profitt
  • Cash Costello
  • Evan Winslow
  • Ismayil Khayredinov
  • Janek Lasocki-Biczysko
  • Jerome Baker
  • Sem
  • Steve Clay
  • Webgalli

Security Enhancements

  • Fixed an issue in the web services auth.get_token endpoint that would give valid auth tokens to invalid credentials. Thanks to Christian for reporting this!
  • Fixed an that could show which plugins are loaded on a site.

Enhancements

  • UI: All bundled plugins' list pages display a no content message if there is nothing to list.
  • UI: Site default access is limited to core access levels.
  • UI: Showing a system message to the admin if plugins are disabled with the "disabled" magic file.
  • UI: Added transparent backgrounds for files and pages icons.
  • External (Site) Pages: If in Wall Garden mode, Site Pages use the Walled Garden theme when logged out.
  • UI: Database errors only show the query to admin users.
  • UI: Cannot set the data path to a relative path in installation or site settings.
  • UI: Cleaned up notifications for bundled plugins.
  • UI: Hiding crop button if no avatar is uploaded.
  • UI: Bundled plugins are displayed with a gold border in the plugin admin area.
  • UI: Can see all the categories a plugin belongs to.
  • Web Services: Multiple tokens allowed for users.
  • API: More efficient entity loading.
  • API: Added IP address to system log.
  • API: Languages are cached.
  • API: ElggBatch supports disabling offsets for callbacks that delete entities.
  • API: Cleaned up the boot process.
  • API: Fixed situation in which the cache isn't properly cleared if a file can't be unlinked.

Bugfixes

  • UI: Tags display in the case they were saved.
  • UI: Friendly titles keep -s.
  • UI: Removed pagination in friends widget.
  • UI: Profile settings actions correctly displays error messages as errors.
  • UI: Tag search works for tags with spaces.
  • UI: Fixed river display for friending that happens during registration.
  • Groups: Link for managing join requests is restored in the sidebar.
  • Walled Garden: Cron and web services endpoints are exposed as public sites.
  • The Wire: UTF usernames are correctly linked with @ syntax.
  • The Wire: No longer selecting the "Mine" tab for users who aren't you.
  • Blogs: Notifications restored.
  • Message Board: Fixed delete.
  • Groups: Forwarding to correct page if trying to access closed group.
  • API: entities loaded via elgg_get_entities_from_relationship() have the correct time_created.
  • API: Deleting entities recursively works when code is logged out.
  • API: Fixed multiple uses of deprecated functions.

v1.8.3 (January 12, 2012)

Enhancements

  • Adds a white list for ajax views
  • Improved navigation tab options
  • Added group specific search
  • Added button for reverting avatar
  • Improved documentation for core class attributes
  • Adds a server info page under administer -> statistics
  • Improving caching of icons and js/css
  • Deprecation notices not displayed to non-admin users

Bugfixes

  • Fixed upgrade scripts for blog posts and groups forum posts
  • Can now delete invitations to invisible groups
  • Fixed several widget bugs
  • Fixed access level on add to group river item
  • Fixed recursive entity enabling
  • Fixed limit on pages in sidebar navigation
  • Fixed deletion of large numbers of annotations

v1.8.2 (December 21, 2011)

Enhancements

  • Added a 404 page
  • Widgets controls now using the menu system
  • Admins can edit users' account information
  • Embed uploader supports uploading into groups
  • Add a control panel widget for easy access to cache flushing and upgrading
  • Comments now have a unqiue URL with fragment identifier
  • JavaScript language files are cacheable
  • jQuery form script only loaded when required

Bugfixes

  • Fixed default widgets
  • Fixed activity filtering
  • Embedding an image now inserts a medium sized image
  • Search plugin only uses mbstring extension if enabled
  • Site pages links returned to footer
  • Fixed URL creation for users with non-ASCII characters in username
  • The wire username parsing supports periods in usernames
  • Returned the posting area to the main wire page
  • Fixed layout issue on pages with a fragment identifier in URL
  • Added support for call elgg_load_js() in header and footer
  • Fixed user picker
  • Fixed uservalidationbyemail plugin ignoring the actions of other plugins
  • Fixed bug preventing the creation of admin users
  • Fixed deleting a widget with JavaScript disabled
  • Fixed many bugs in the unit/integration tests

v1.8.1 (November 16, 2011)

Enhancements

  • Completed styling of user validation admin page
  • Adding rel=nofollow for non-trusted links
  • Added direct icon loading for profile avatars in profile plugin
  • Improved the structure of content views to make styling easier
  • Updated version of jQuery to 1.6.4
  • Added basic support for icon size customization
  • Added a toggle for gallery/list view in file plugin
  • Added support for passing CSS classes to icon views
  • Added support for non http URLs to Elgg's normalize functions
  • Added better support for the 404 forward if a page handler does handle a request

Bugfixes

  • Fixed autocomplete and userpicker
  • Fixed RSS and web service-related view types
  • Fixed walled garden display issues
  • Added work around for IE/TinyMCE/embed insert problem
  • Implemented ElggUser.isAdmin() JavaScript method
  • Fixed the date views and JavaScript datepicker
  • Fixed horizontal radio buttons styling
  • Modules only display header if there is content for it

v1.8.1b (October 11, 2011)

Enhancements

  • New group activity widget for user dashboard.
  • Added more sprites.
  • version.php information cached instead of loaded 100s of times.
  • Added class elgg-autofocus to add focus on inputs when the page loads.
  • Admins can edit user avatars again.
  • Added a filter for non-bundled plugins in plugin admin.
  • Improvements to admin area theme.

Bugfixes

  • Fixed site dropdown menu for IE.
  • ElggEntity->deleteMetadata() no longer deletes all metadata ever if called on an unsaved entity.
  • Fixed Embed plugin.
  • Fixed activate and deactivate all plugins.
  • Fixed URL for group membership request in notification email.
  • Fixed log browser plugin's admin area display.
  • Fixed RSS icon not showing up on some pages.
  • Fixed river entries for forum posts that were lost if upgrading from 1.7.
  • Better displaying of errors when activating, deactivating, or reordering plugins.
  • Fixed Developer Plugin's inspection tool.
  • Fixed avatar cropping on IE 7.
  • Bookmarks plugin accepts URLs with dashes.
  • "More" menu item on site menu hidden if items are manually specified.
  • Fixed hover menu floating if unrestrained.
  • JS init, system fired when DOM and languages are read.
  • Fixed the date picker input view.
  • Fixed stack overflow when calling elgg_view() from a pagesetup event.
  • Menu links no longer have empty titles and confirm attributes.
  • Fixed crash when attempting to change password to an invalid value.
  • Fixed "More groups" link for groups widget.
  • Fixed output/confirmlink to use a default question if not specified.
  • Added missing language strings. Also added "new", "add", and "create".
  • Registered security token refresh page as external to avoid token refresh problems on Walled Garden sites.
  • Displaying more accurate message if uploading an avatar fails.
  • "Leave group" button doesn't display for group owners.
  • Request group membership button displays only when logged in.
  • Fixed the number of displayed items for Bookmarks widget.
  • Fixed fallback to deprecated views for widgets.

API Changes

  • Menus names must be unique to the entire menu, not just section.
  • Input views that encode text use the option 'encode_text'.
  • Added ElggPlugin->getFriendlyName().
  • elgg_view_icon() accepts a class.
  • Added hook output:before, page.
  • Added hook output:before, layout.
  • elgg_get_entities() and related functions return false if passed valid options with invalid values.
  • Can disable the user hover menu by passing hover => false to elgg_view_icon(). Previously it was override => true.
  • Embed plugin uses menu system. See readme for embed plugin.
  • Manifest attributes are no longer translated via elgg_echo().
  • Fixed livesearch ajax endpoint.
  • Fixed site unit test.
  • Unit tests tidy up after themselves better.
  • forward() throws an exception if headers are already sent.
  • Better errors if adding a user through admin area fails.
  • Localized profile fields.
  • Added 'is_trusted' parameter output/url to avoid escaping and filtering. Defaults to false.
  • Added elgg_unregister_action()
  • Fixed ElggPriorityList::rewind().
  • Fixed forwarding after login for login-protected pages.
  • get_site_by_url() respects class inheritance for subclassing ElggSite.

Internal changes

  • Updated deprecated uses of internalname/id.
  • Using wwwroot instead of www_root because of inconsistencies.

v1.8.0 (Jackie) (September 5th, 2011)

Notes

Elgg 1.8 contains the most changes in Elgg since the transition from Elgg 0.9 to Elgg 1.0. The core team tried to make the transition as smooth as possible, but in the interest of following standards and simplifying the development process for core and third party developers, we have made changes that will require updating plugins. We believe these changes will help Elgg development be easier for everyone.

It is unreasonable and unhelpful to list the full details of all changes in this file. Instead, we will list the high level, overarching changes to systems. If you are interested in the specifics, Elgg 1.8's source code is highly documented and serves as a good guide and the git commit log can provide excruciating details of what has changed between 1.7 and 1.8.

Please post your feedback, questions, and comments to the community site at http://community.elgg.org. As always, thank you for using Elgg!

--The Elgg Core Development Team

A tip about updating plugins:

It's not difficult to update 1.7 plugins for 1.8. There is a detailed document outlining this process on the wiki: http://learn.elgg.org/en/stable/guides/upgrading.html#from-1-7-to-1-8

The basic process is:

  1. Clean up the plugin to make sure it conforms to coding standards, official structure, and best practices.
  2. Update any uses of deprecated functions. Functions deprecated in 1.7 will produce visible notices in 1.8!
  3. Use the new manifest format.
  4. Use the new menu functions.
  5. Use the new JS features.
  6. Update the views to use core CSS helper functions and classes instead of writing your own.

The documentation directory and the wiki has more information.

User-visible changes

  • New default theme.
  • New installation.
  • Separate and updated admin interface.
  • Updated plugin themes.

Generic API changes

  • Improved the markup and CSS.
  • Restructured and simplified the views layouts.
  • Added a new menu system.
  • Added new CSS and JS file registration functions.
  • Added a JS engine.
  • Added a breadcrumb system.
  • Added a sticky forms system.

New plugins

  • Dashboard - The activity stream is now the default index page. A 1.7-style dashboard is provided through the dashboard plugin.
  • Developers Plugins - Developer tools.
  • Likes - Allows users to "like" other users' content.
  • oAuth API - A generic, reusable oAuth library.
  • Tag Cloud - A widget-based tag cloud generator.
  • Twitter API - A generic Twitter library that allows signin with Twitter and pushing content to tweets. Replaces twitter_service.

Deprecated plugins

  • captcha - Captchas have long since stopped being useful as a deterrent against spam.
  • crontrigger - Real cron should be used.
  • default_widgets - This functionality is now part of core.
  • friends - This functionality is now part of core.
  • riverdashboard - Displaying the river (activity stream) is default in core. The original dashboard can be restored by the new Dashboard plugin.
  • twitter_service - Replaced by Twitter API.

Elgg 1.8.0.1 was released immediately after 1.8.0 to correct a problem in installation.