New Features / Tweaks
- Login Plus: added support of Single Sign-On. Two methods - One Login, LDAP;
- New Feature: Auto-Updater - to not spend time on system updates;
- Performance: Rewritten Events, rebuilt config files, improved I/O, zend as HotFile;
- For Developers: Extended error & crash reports;
- Installer: improved installation process with less actions;
- Widgets: now there is option to search right inside widget;
- Extended text area with more options and visual improvements;
- Replaced replies with response views on detailed page of response;
- History: now you can track the progress of the response in the right panel;
- Update subscribers while changing official answer;
- Improved tagging system;
- Cleaning Cache: now you can clean system cache from Administration page;
- Sorting Options: integrated Move to and from top features to sort responses on home page;
- Activation/Deactivation of any module to not loose your data;
- SuperCache: you can turn it on in config file to cache full home page.
Bug Fixes
- Themes: Fixed minor bugs in simple theme;
- Activity Logs: fixed Last Month filter;
- User Profile: users could access links/filters of other users that had guest role;
- User Configs: if registered user didn't change profile, he had some invalid settings;
- Side Widget: rebuild generation of image inside widget to make it compatible with most servers;
- Roles Management: if title field was empty, after submit all page content disappeared;
- When updating response, status has been dropped to default.
- Moderation module: browse feature too long on big communities;
- People: filtering took too long on big communities.
Security Fixes
- High Risk: Input passed via the "content" parameter to comments/add is not properly sanitized before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.