Cotonti / Open Source PHP Content Management FrameworkContent Management Framework

Download / Cotonti Siena 0.9.19

Long-awaited 19th release of Siena

#1. About Siena

If you are a new to Cotonti — please read a brief info about this CMF and its requirements.

See detailed instructions for first-time install or updating guides.

 

#2. Release info

Last time we faced with the lack of Cotonti core developers and testers, so it tooks one and a half year to release a new version of Cotonti.
Nevertheless weak development we still continue to fix and improve Cotonti. This release incorporates 217 commits for over 85 issues.

We start use a new release scheme with intermediate pre-releases. And first Release Candidate for current version was published this spring. Brief info for changes since RC1 can be found here.

For the full list of files updated from 0.9.18.1 please see this diff and click "Files Changed".

 

#3. Complete changes list

#3.1. Overall changes

  • Extensions version numbering scheme changes (#1464)
  • CoTemplate can use classes and class properties in template callbacks (14d52fb) and vardumps (404a804)
  • Extended config types (see #1368#1056f5ee937)
    • fix custom config type (read the docs)
    • extending radio config type to allow custom list (see doc page)
    • extending callback type to support value=>title assoc. arrays (see doc page)

 

#3.2. Requirements and software support

MySQL

Compatibility fixes (#1505 and #1510) for version MySQL 5.7:

  • Default values must be set and cant be NOT NULL (Page module affected: bc98c567603b03)
  • Some types can't have default values (6b0bdf5)
  • No zero dates supported anymore, NULL used instead (Users module affected: 39734a2a093ac2,3cff686)

PHP

  • Finally we drops support of PHP 5.2, now minimal requirements is PHP 5.3.3 (#1395)
  • #1411 Fixed some PHP 5.4 related bug

 

#3.3. Security updates

  • #1431 security aspects based on reports of Acunetix Web Vulnerability Scanner:

    • Prevent XSS by use of canonical URL (as side effect results in #1435 )
    • Solves error messages on input variable type spoofing
    • Eliminates direct access to some internal files
    • Reduce clickjacing danger
  • #1436 Unexpected session data sharing for different installs bug

  • #1442 Unexpected rights reset in Structure
  • #1474 Omit default port 443 in Canonical and Base URL for HTTPS mode
     

#3.4. New extensions

indexnews — next gen. news plugin as replacement to currently outdated and corny news
 

#3.5. Functions related (new, update, fix)

  • new cot_page_enum() [page API] — Generates page list widget
  • new cot_url_sanitize() [API - Functions] — Sanitize given URL to prevent XSS ()
  • new cot_themes_info() [API - Functions] — Returns themes info data ()
  • new cot_lang_determine() [API - Functions] — Returns a exists language fromHTTP_ACCEPT_LANGUAGE (b3453e4)
  • new cot_extrafield_title() in Extrafields API
  • improved cot_rmdir() (1312f10076d820)
  • reworked cot_schemefile() — #1493
  • extended cot_load_structure() with cot_load_structure_custom() (#1466)
  • improved cot_selectbox_structure() (149e3d4)
  • fix CotDb::update() working with booleans in some cases (aac6e79)
  • fix cot_infoget() breaks data if addition = sign found bug minor ( #1469 )
  • fix cot_safename() for causing duplicate filenames ( #1420 )
  • fix cot_plugin_active() as returns modules list ( #1471 )
  • fix cot_selectbox_theme() treats empty folder as a valid theme bug (#1485)
     

#3.6. Enhancements

  • #1491 Hides User's profile theme selector in force default theme mode
  • #1426 Added Theme and language selectors for user edit
  • #1401 Option to remember language selection in cookie for i18n
  • #1398 Default Admin resources rearranged
  • #1112 Аnti_xss parameter «x» can be switched off for certain forms
     

#3.7. Extensions related

«User Images» renew

  • #1500#1496: Def. avatar is not displayed
  • #1462 User avatar not cleared in row cycle
  • #1423 Allow admin to upload users images in edit mode + fix redirect after image had been deleted.
  • #1422 deleting old image on new uploads.
  • #1421 unexpected overwriting files
  • #1407 Avatar is not displayed for guests

«I18n» updates and fixes

  • display search results content on current locale
  • search only in main and user selected locale (not show «junk» locales)
  • First display results with user locale

  • #1455 i18n loads incorrect lang file

  • #1449 Search in pages with i18n
  • #1428 fatal error if no ID

«Search» plugin:

  • #1475 breaking markup on results page
  • #1450 Fix custom date range usage
  • #1434 Search plugin: SQL error bug

«Tags» plugin:

  • #1459 Enchanced plugin meta tags generation
  • #1457 duplicates tags on Tags cloud pagination
  • #1439 Pagination on «all tags» page

«CKEditor»

  • #1516 updated to version 4.5.9
  • #1440 CKEditor initialization fail
  • #1482 Fix CSS loading (baseref related)

«Page» module:

  • #1507 Fix not displayed «sorting links» in some pages list
  • #1477 Add {DESC_OR_TEXT_CUT} tag
  • #1454 Page module: fatal error on some outdated sorting modes
  • #1433 Page list: SQL query inconsistency (page count and pagelist)
  • #1432 Page: Administration: filtering pages list
  • #1406 Page: form data reset on error

«URLEditor»

  • #1498 URLEditor + I18n: not consider omit language parameter flag
  • #1478 admin page: breaks markup after saved with AJAX bug UX

«HTMLpurifier»

  • #1497 updated to v4.7.0 

Other Extension related:
  • #1523 Users list page fixes
  • #1512 Added new page.admin.validate.done hook (e9c8996)
  • Forums module: clean up HTML from code (e77091c)
  • #1479 Star Ratings Ajax Error
  • #1417 PFS files attachments in Forums
  • (0484bea) MarkitUp preview fix
     

#3.8. Resources Class fixes

#3.9. Category structure related:

  • #1514 Fixes breadcrumbs in admin structure
  • #1502 Fixes category structure editing (bug with empty titles)
  • #1453 Structure config defaults rewrites values for individual categories while update
     

#3.10. Extrafields related

  • #1402 Uploaded exrtafield file with set the custom directory
  • #1517 Fixed hardcoded title prefix used in cot_import_extrafields()
  • #1509 Improved error messages on Extrafields import
     

#3.11. Other fixes

  • Fixed CotDb::update() working with booleans in some cases (aac6e79)
  • #1501 Fixes not initialized values on install stage
  • #1492 User selected Scheme not override with force def. theme
  • #1470 cot_get_extensionparams() called with wrong params
  • #1414 Publication with the same name as the category
  • #1397 Dealing with memory_limit
  • (66e61e1) fix cot_import(). ['REQUEST_METHOD'] is undefined in cli mode
  • (f839607) RSS fix
  • (6ffc2cb) ajaxPageLoad fix

 

#4. Updating from previous versions

  • For updating from previous Siena version — see instructions here.
  • For upgrading from Genoa — see this document (you will also need files from cotonti-legacy to perform the upgrade).

« Previous page: Cotonti Siena 0.9.18


No comments yet
Only registered users can post new comments