What's new in CMS Made Simple 2.1.5
Sep 9, 2016
- Core General:
- Fix fatal error if an extcss stylesheet was placed in the Admin theme.
- Another minor fix to clearing cached files.
- Fixes problems where all files (including dot files) had to be writable before creating a module XML file.
- Fixes minor notice in user operations.
- Fixes for namespaced modules.
- Fixes an issue in CmsLayoutTemplate when creating a template from a type.
- Fixes an issue where a 404 handler error page would not be rendered correctly if for some reason the route did not specify a page id to load.
- More fixes to cms_url class.
- Improve the way page aliases are munged when they are supplied.
- Improve the error generated when a page alias cannot be generated.
- Minor fixes to the form_start plugin.
- Minor fixes to generation of moduleinfo.ini.
- Fix an error message in the autorefresh JavaScript class.
- Fix problems that could result in uid=1 becoming inactive, and not a member of other groups when edited by another user.
- Fix query problem in CmsLayoutStylesheetQuery with Mysql 5.7.
- #11080 Parameter $adding in GetContentBlockFieldInput always FALSE.
- #11093 Bad error message in jquery.cmsms_autorefresh.js.
- Content Manager:
- Improve error handling in Edit Content.
- Fix a problem with the call to GetTabElements.
- Design Manager:
- Fix problem with resetting a template back to factory defaults, or creating a new template from factory defaults.
- Module Manager:
- Improve the way modules with dependencies are installed and upgraded. (Got rid of the queue stuff).
- AdminSearch:
- Use 'Manage Stylesheets' permission, not 'Modify Stylesheets' when searching stylesheets.
- Phar Installer:
- Adds missing 'Manage Stylesheets' permission that would not be created on upgrade from 1.12.
New in CMS Made Simple 1.12 (Apr 15, 2015)
- Core - General:
- Now require that register_globals be OFF. This may generate errors for some sites, you MUST change their PHP config if register_globals is on! [Security fix]
- Smarty template security fix
- Replace stub file for function.process_pagedata.php
- Fixes Admin homepage issue (Note: current homepage must be reset!)
- Adds the CmsAdminUtils class (new utility class for Admin requests). Currently with two static methods
- Fixes to HTML entity decoding
- PHP 5.2.x compatibility issues
- Remove the html_entity_decode_utf8 function (should only have been used in the core). We now have one standard cms_html_entity_decode function
- Minor fix to {cms_selflink}
- Remove some extra whitespace from editcontent and edittemplate
- Increase Image Manager height
- Fixes issue with French locale string
- Fixes #9598 - Issues with cancel button in changegroupperm and changegroupassign
- News:
- Remove {eval} from factory default display templates (will not effect existing installs) [Security fix]
- Fixes #10129 - DoS by specifying extra-large pagelimit (now maximum of 1000) [Security fix]
- Fixes #10452 - Browsecat counting articles that do not start yet
New in CMS Made Simple 1.11.13 (Feb 21, 2015)
- Core - General:
- Minor fix to index.php wrt regular expressions
- Minor fix to cms_url class
- Fixes path disclosure vulnerability in page functions
- Fixes minor XSS issue in add bookmark
- Adds minor casts and type safeness in change group permissions
- News - 2.15:
- Security feature, now the fesubmit action (which is still deprecated) must be explicitly enabled in the News module options
- Fixes XSS issues in the News module fesubmit action
- MicroTiny:
- Improvements to URL handling when inserting links and images
New in CMS Made Simple 1.11.12 (Jan 13, 2015)
- Core - General:
- Fixes ShowMessage() and ShowErrors() when using the NCleanGrey Admin theme
- now determine SSL requests in a centralized, and consistent manner
- dynamic root_url calculations now correctly determine schema
- Using HTTPS by default now works for new pages
- Minor fix for default content type selection when loading an object
- Rationalize HTTPS request detection
- Adds a new 403 exception
- Adds a new method IsPermitted in the Content base class
- Ensure that 404 and 403 errors do not cache
- Fixes to caching of block plugins
- Fixes to caching of content blocks on non cachable pages
- now set a global variable CMSMS_GENERATING_XML when generating an XML file
- Core - MicroTiny:
- Improvements to URL generation
- Core - Bug Reports:
- #10170 Incorrect setting for session_cache_limiter() in include.php
New in CMS Made Simple 1.11.11 (Aug 12, 2014)
- Core - General:
- Minor improvements to module loading
- Minor fix to error console
- xajax now cleans buffers before outputting anything
- Improvements to behavior of the 'label' parameter on content_module blocks
- Enable adodb transactions
- Fix minor security issue with changegroupperms
- Minor bug fixes wrt static routes
- Now update dependencies when a module is upgraded
- Fixes #10135
- Core - Installer:
- Minor change to timezone handling
- Core - Module Manager:
- Fixes problem with displaying help and about
- Core - News:
- Fixed sorting by category
- Core - MicroTiny:
- Updated to tinymce 3.5.11 to fix IE11 issues
- Now use "forced_root_block: 'p'" to ensure that newlines generate paragraphs, and ctrl+enter generates tags.
New in CMS Made Simple 1.11.10 (Feb 4, 2014)
- Core - General:
- New versions of jquery, jquery-ui, blueimp-uploader
- Makes security key 16 characters long
- Smarty template engine upgraded to version 3.1.16
- Fixes to function signatures, and fix a notice in cms_module_smarty_plugin_manager.
- Core - MicroTiny:
- Minor fix to MicroTiny
- Core - FileManager:
- Fix and cleanup filemanager templates
- Core - News:
- Fix potential SQL injection vulnerability wrt the sortby parameter.
New in CMS Made Simple 1.11.9 (Oct 18, 2013)
- Core - General:
- Fixes version.php to represent new schema
- Users with 'Modify Any Page' and 'Remove Content' can delete almost any page
- Fixes minor issue with event handlers
- Removes a debug limit on caching in contentoperations
- Robots don't index Error Console pages
- Only show technical details on the Error Console page to logged in administrators
- Entropy improvement in the cookie used to stay loggedin.
- Core - Search:
- Fixes PHP 5.3 dependency
- Core - Bug Reports:
- #9549 CMSMS 1.11.8 performance regression
- Core - CMSMailer:
- No longer send SMTP password in plain text.