FUDforum 3.0.5

IMPORTANT: Users running FUDforum 3.0.0, FUDforum 3.0.1, FUDforum 3.0.2, FUDforum 3.0.3 or FUDforum 3.0.4 can upgrade to this release. Users on older FUDforum 2.x releases must first upgrade to version 3.0.0 before they can upgrade to subsequent releases.

FUDforum 3.0.5 was released on 6 October 2013. Support for this release ended on 2 February 2015. Users still running 3.0.5 should upgrade their forums to FUDforum 3.0.9 ASAP!

New requirements

The new system requirements to run FUDforum will be:

• PHP 5.3 or higher (PHP 5.2 will no longer be supported).
• MySQL 5.0.2 or higher (support for other databases will remain unchanged).

Upgrading

• If you use the ldap plugin, you will have to reconfigure it after upgrading to this release ('ldap.ini' will be replaced, don't restore a backup, reconfigure it!)
• Custom themes will have to be updated. See section about theme changes below.

Known problems

Please apply these patches after installing/upgrading to FUDforum 3.0.5 - https://sourceforge.net/p/fudforum/code/5707

New features

• New PATH_INFO_SEO theme to display more SEO friendly URL's for forums and threads (by Ernesto, Elmer_Fudd, and Cpreston).
• Allow cron to be triggered via URL, typically index.php?t=cron.
• Link to quickly reject all posts from a spammer.
• Introduce new [indent] BBcode tag.
• Ability to show announcements to only anonymous or logged in users.
• Add 'References:' headers to mailing list emails (patch by Cpreston).
• New Stop Forum Spam plug-in (validate registrations against http://stopforumspam.com).
• The ldap plugin now support SSL connections (LDAPS) (by Argure).
• The irc bot now supports NickServ and IRCS connections (by Argure).
• Update jQuery v1.7.2 to v1.9.1 and jQuery UI v1.8.19 to v1.10.3.
• Option in Global Settings Manager to enable detailed logging without having to go into full debugging mode.
• New Email_Obfuscate.plugin (by Cpreston)
• New ACP to analyze forum sessions. See Forum Sessions.
• The File Manager ACP can now unzip files.
• Rework the ckeditor.plugin.
• Add support for Vimeo videos (part of the Youtube plugin).
• Validate forum backup files before restoring them.

Security

• Apply security patch provided by High-Tech Bridge Security Research Lab (unlikely null-byte code injection vulnerability).
• Eliminated an early return case from ses_get() which was causing the possible DoS attack reported here http://fudforum.org/forum/index.php?t=msg&th=120684
• Validate and sanitize custom user profile fields.
• Fix some minor cross-site scripting vulnerabilities.

Theme changes

• Remove support for Internet Explorer 6 (IE6) web browsers. If you have custom themes, you will have to replace '{DEF: img_ext}' with '.png' in all your *.tmpl files.
• Introduce theme.ini files. Initial application is to override the traditional inheritance chain. This will allow users to base a theme on another theme, for example to base "twilightgrey" on "path_info_seo" instead of "default".
• Add missing text direction (dir="{DIR}") to the twilightgrey template set.
• Better HTML5 support.

Localization

• New Tarandíne (roa-tara) translation - available under Sicilian (scn).
• New Urdu (اردو) translation
• New Sinhala (සිංහල) translation
• New Kirghiz (Кыргызча) translation
• New Georgian (ქართული) translation
• New Javanese (Basa Jawa) translation
• New Hebrew (עברית) translation
• New Irish (Gaeilge) translation
• New Faroese (føroyskt) translation
• Numerous localization updates from http://translatewiki.net.

Database changes

• Improved MYSQL database slave support (by eclipsewebmaster).
• Fix for PostgresQL tables crated without OIDs.
• Remove NOT NULL and DEFAULT '0' from fud30_users.reset_key.
• Increase useragent field in fud30_ses from VARCHAR(32) to VARCHAR(64).
• If available, the installer will now use MySQLi instead of the deprecated mysql module.

Converter

• Fix importing of phpBB2 messages posted by anonymous users.

Fixes

• Fix error "The file you are trying to upload does not match the allowed file types" while posting a PM without attachments.
• Reintroduce display of password reset message on login screen (broken after removal of apparent debugging code).
• Deal with some nasty URL's caused by bad bots.
• Fix PHP Notice: Undefined index: reg_sig.
• Use current year if birth year is not specified.
• Fix RSS/ATOM validation with HTML Chars in forum description.
• Improved compiler error messages.
• Resolved SQL error due to registration IP address not being quoted.
• Resolved fatal SQL error and php division by zero when a moderator uses the move selected button (see bug report http://fudforum.org/forum/index.php?t=msg&th=120609)
• A better fix for usernames containing "invalid" characters by Multitool.
• Some e-mail clients (like Thunderbird) ignore HTML base tag (patch by LeCoyote, details at http://fudforum.org/forum/index.php?t=msg&goto=168106)
• Various other smaller fixes.