LinkBack URL
About LinkBacks
There is a new version of PHP-Nuke...
Can anyone tell me how long it will be before PHP-Nuke 7.7 will be made available for upgrade?
Here is the list of changes:
PHP-Nuke: Advanced Content Management System
============================================
April 2005: Version 7.7
=======================
- Added Users Karma System. This system lets you edit the karma of any user and restrict content publication to
anyone that's annoying you and your visitors. There are 4 Karma values, as follow:
0: Good Karma (Default value for all users)
1: Regular Karma (Marked with a red flag, user activity isn't restricted but you need to pay atention)
2: Bad Karma (Marked with a warning icon. All comments of this user are moderated from the admin panel, these
users are notified that their comments are moderated)
3: Devil Karma (Very bad/evil user. All comments from this user are ignored, never published, without any notice)
Additionaly Users marked with Bad and DEvil Karma can't post comments in Downloads nor Web Links modules.
Moderation of bad Karma users comments are done using a new administration module called: Moderation.
It's in your hands and discretion to use or not this system. Karma system will help to have a little more
control over abusers.
- Reviews module comments for anonymous users is now subject to the general preferences of the system.
- IP Ban system has been modified to use * wildcard in the last digits of any IP address. Know that if you ban
an IP using a wildcard as the last digit you're banning a complete Class C network (255 IP addresses). Be
careful using it and do as an extreme measure.
- Journal module textarea fields size increased to fit the new WYSIWYG editor layout
- Comments moderation system now works at 100% in both News and Surveys modules
- Comments moderation form submit button replaced with a block with information on how to moderate and a text
button instead. This is for both News and Surveys modules.
- Send to Friend function in the News detail pages are now only for registered users and user name and email
options can't be changed. This to increase site's security and to minimize possible mailbomb attacks.
- Fixed some variables validation in Downloads and Web Links modules
- Fixed XSS vulnerability in banners.php
- Fixed a bad SQL call variable name in banners.php
- Fixed SQL injection vulnerability in Top modules
- Fixed several XSS vulnerabilities in Downloads and Web Links modules
- Fixed a Http Response Splitting Vulnerability in Surveys module. (Thanks to dcrab from http://digitalparadox.org)
- Fixed some minor HTML issues in Topics, Feedback and Submit News modules.
- Fixed an include bug in News and Surveys comments system (Thanks to anoopjohn from http://www.myindiagov.com)
- Simplified the module AvantGo. File print.php has been integrated into index.php
- Enhanced the backend.php output by adding <description> field to the generated RSS feed.
- Added new database support for SQLite, which is a database server included with PHP5. (Thanks goes to phpBB team)
- Added new constant (MODULE_FILE) to modules.php to define a module instead to check if the module has been loaded
by module.php. Old method still compatible but encouraged to use the new one. For examples see the first lines
of any included module. (Thanks to Chatserv from http://www.nukeresources.com)
- Added a great WYSIWYG text editor to ALL PHP-Nuke's textarea fields. Compatible with Mozilla, MSIE and FireFox.
For this was used the great tinyMCE made by MoxieCode Systems AB (http://tinymce.moxiecode.com). TinyMCE is free
software released under the LGPL. All credits are untouched on the files (/includes/tinymce/).
You don't need to do anything if you want your module to use the editor, it automaticaly replaces all and any
<textarea> tags all over the place with the wysiwyg editor. This is what I call "easy of integration". Better
configuration, implementation and cosmetic changes will come in future releases.
- Added graphic icons to all administration functions (edit, delete, activate, deactivate, add, show, etc).
- Fixed a bug in headlines function in Your Account module
- Added missing counter when you click on a topic icon to display specific news.
- Added graphic security code to the article's rating system to avoid voting/rating flood attacks
- Added last IP address check to article's rating system for extra security to avoid flood attacks
- Article's rating cookie life time extended from 1 hour to 1 day
- Added graphic security code to the Recommend Us form to avoid email robots attacks
- Security code image background is now theme sensitive. Located at /themes/Your_Theme/images/ folder with the
filenames code_bg.jpg and code_bg_little.jpg for login screens and article's rating respectively.
- Fixed a duplicated header file include's call in Topics module that gives an error when non topics are found
- Updated the full spanish language translation (Thanks to Eduardo Shelley)
- Added BBtoNuke Forums version 2.0.14 with several fixes (Thanks to Chatserv from http://www.nukeresources.com)
- Added a new feature to blocks administration to add more days to the current expiration date
- Fixed SQL injection vulnerability in Encyclopedia module
- Fixed SQL injection vulnerability in FAQ module
- Fixed SQL injection vulnerability in Search module
- Fixed a bug in admin logout function cookie removal (Thanks to Loris)
- All credits headers in the source has been remade the way they should be. Non big changes to the code will
have their credits on this file or in the piece of code changed instead of main header. I had files sent by
users that for even a single character it carries a copyright note. If a file was "based" on others work or if
the file has considerable changes or a partial rewrite it will have the credits on the header, otherwise the
credits should go embeded on the modified code or in this file. This is to have a little more order. Source
headers were out of control until now.
- All .php files has been indented to make the source code more human readable.
- Increased topicimage field length in nuke_topics table from 20 to 100 (Thanks to mtougeron for the suggestion)
- Changed/Fixed administration bug on Forums module that checked for SCRIPT_NAME instead of PHP_SELF which gives problems in certain conditions
- Added a check in the Downloads and Web Links modules to stop floods attacks (Thanks to flooders )
- Fixed a bug in 7.3 to 7.4 upgrade file (Thanks to Marcus Maciel <marcus@underlinux.com.br>)
- All themes logo graphics changed to match the new design, same for the powered buttons
Thanks!
CodeMonkey
Reply With Quote
thank you good work. 
