Skip to content

Releases: Schlaefer/Saito


07 Aug 07:15
Choose a tag to compare


  • + Adds .webp images to allowed upload mime-types #372
  • + Adds required PHP extensions to
  • ✓ Fixes Thread Collpase user setting not working in 5.x #371
  • ✓ Fixes URL with paranthesis pair omits closing on autolink #373
  • ✓ Fixes delete category and move existing posts
  • ✓ Fixes missing l10n de merge thread
  • ✓ Fixes text-field to submit-button alignment on simple search
  • ✓ Fixes spoiler tags are not revealed reliably
  • ✓ Fixes image compression is to aggressive #374


25 Mar 19:16
Choose a tag to compare


  • + Adds permission saito.core.user.lastLogin.view to see a user's last login (defaults to admin)
  • + Emit event saito.core.user.activate.after after user activation
  • + Emit event saito.core.user.register.after after user registration
  • + Adds plugin "Local" for local customization
  • ✓ Improves wrapping of long words and links in posting #365
  • ✓ Fixes localization in advanced search #364
  • ✓ Missing navigation links in search head
  • ✓ Internal error viewing posting where the thread starter was deleted
  • ✓ Fixes user-blocking not working
  • Δ Set default period for advanced search to the last 12 months #354
  • Layout
    • + Adds navigation to Mix-view on entries/view thread overview #370
    • Δ Change thread-tool menu on entries/index #367
    • Δ Switches Bota-theme night/day button icon #366
    • Δ Change avatar presentation entries/view
  • Uploader
    • + Default target-size for resizing images is configurable
    • Δ Default target-size for resizing images is reduced from 820 kB to 450 kB
  • Internal code changes
    • + Tests PHP 7.4 on travis-ci
    • + Run phpcbf and phpcs with multiple threads
    • + Improve error display before settings are loaded
    • ✓ Fixes phpstan deprecated warnings
    • Δ Improves scanning of JS localizaton strings
    • Δ Updates core JS-, CSS- and PHP-libraries
    • Δ Updates travis-ci environment from trusty to bionic
    • Δ Consolidates PHP event names updates documentation

Update Notes

Plugins subscribing to events may have to update event-names. See docs/ for available events.

The plugin Local in "plugins/local" allows extending the forum in a CakePHP fashion without running composer.


03 Jan 14:01
Choose a tag to compare


  • + Adds permission saito.core.posting.solves.set for marking a posting as solution/helpful (defaults to thread creator).
  • + Improves compatibility with PHP 7.3
  • + Improves browser detection for changes in the Bota theme CSS
  • + Improves logging of unauthorized access
  • ✓ Deleting a bookmark creates an empty area above the bookmarks
  • ✓ User roles with ID greater than 3 can't be assigned to category access control
  • ✓ Fixes link to default favicon if installed in subdirectory
  • Δ Adds "Saito" prefix to CSRF-cookie name
  • Δ Moves layout for viewing a posting and answering from center to the left
  • Δ Updates Saito default favicon
  • − Removes visiblity description for category in category-title hover
  • Search:
    • ✓ Internal error on simple search when results are sorted by rank
    • ✓ Internal error if search term contains multiple whitespaces
  • Improves dark theme:
    • ✓ Drop down menus aren't styled
    • ✓ Code inserts aren't styled
    • Δ Exchanges dark and light distinction between background and form areas
    • Δ Darkens border and dividiers
  • Uploader:
    • + Adds filter options
    • + Performance improvements for users with many (100+) uploads
    • + Adds permission saito.plugin.uploader.view for viewing uploads (defaults to upload owner and group admin).
    • + Adds permission saito.plugin.uploader.add for uploading new files (defaults to profile owner).
    • + Adds permission saito.plugin.uploader.delete for deleting uploads (defaults to upload owner and group admin).
    • + Adds "audio/ogg" and "audio/opus" to default allowed mime-types
    • ✓ Wrong error message is shown if no file was received on the server
    • Δ Layout improvements
  • Internal code changes:
    • + Minor changes for improved theming support
    • Δ Refactors creation, update and validation of postings
    • Δ Updates PHP and Javascript libraries
    • Δ Entries::Table throws RecordNotFoundException instead of returning null
    • Δ Update Apcu version in docker container to 5.1.18
    • Δ Drafts for new threads are stored with a pid of 0 instead of NULL
    • − Removes SaitoValidationProvider::validateAssoc with CakePHP build-in facility
    • − Removes abandonded Selenium test files


16 Nov 20:44
Choose a tag to compare


  • + Adds to keep track of changes
  • + Rewritten and expanded permission system:
    • + New, more fine grained permissions
    • + Permissions are configurable
    • + New role "Owner"
  • Uploader:
    • + Shows progress-bar when uploading a file
    • + Shows speed, time remaining and file size when uploading a file
    • + Adds button for canceling the current file-upload
    • + Cancel a running upload if the upload-dialog is closed
    • + Checks that file with same name isn't uploaded before upload starts
    • + Improved responsive layout
  • ✓ Fixes user's can't log-out if forum is installed in a subdirectory
  • ✓ Fixes login redirect issues if forum is installed in a subdirecotry
  • Δ Improves performance of background task runner
  • Internal code changes:
    • Δ Increases phpstan static code analysis from level 3 to 4
    • Δ Changes passing of current-user throughout the app
    • Δ Updates aura/di from 2.x to 4.x

Update Notes

Extended Permission System

Saito 5.0.0 introduced a new permission system which was rewritten and considerably extended in this release.


The configuration is exposed at config/permissions.php now.

Want to allow moderators to contact a user no matter the user's contact-settings? You can do that. Want to disable new registrations? You can do that. Want to allow users to change their email-address? You can do that. And a lot more.

Permissions are intended to offer flexibility by tweaking the exiting forum behavior to your needs. While possible it is not recommended to start a brand new permission-configuration from scratch.

If you make changes in config/permissions.php don't forget to carry them over if you update to new releases in the future.

The Owner Account

This update introduces a new user-role Owner. The following changes apply to the default configuration:

  • On new installations the first account created is an Owner instead of an Administrator
  • The Owner lives "above" the Administrator inheriting all their rights
  • The "lower" roles are not allowed to change the role, block or delete an Owner
  • Only an Owner can promote (or demote) a user to Administrator or Owner

The update is not going to change accounts on existing installations and, because this is the whole point, it isn't possible to promote an account to Owner from an Administrator account. To promote an user on an existing installation execute manually in the database:

UPDATE users SET user_type='owner' WHERE username='TheUserName';
"Lock User" Setting

The setting for enabling user-locking is removed from the admin-backend and controlled by permissions now. The default behavior is unchanged: moderators may lock, locking status is visible to every user.


20 Oct 13:22
Choose a tag to compare

Noteworthy Changes

  • ✓ Changing a user name isn't reflected in search results or "edited by" information
  • ✓ Improves reliability of executing background maintenance tasks
  • ✓ Fixes internal error caused by read-postings garbage collection for registered users
  • Δ Improved performance of read-postings garbage collection for registered users

Update Notes

Don't miss to add:

Full change-log


12 Oct 06:39
Choose a tag to compare

Noteworthy Changes

  • + Inserts an additional whitespace after closing BBCode tag #360
  • + Improves mime-type detection in Uploader
  • ✓ Fixes issues where errors-messages were displayed without theme
  • ✓ Fixes issues where an API-error didn't result in a proper error-response
  • Code improvement:

Update Notes

Full change-log


21 Sep 08:06
Choose a tag to compare

Noteworthy Changes

  • ✓ Fixes issues that prevent editing a posting as moderator

Update Notes

Full change-log


06 Sep 12:45
Choose a tag to compare

Noteworthy Changes

  • Δ Smiley menu is placed below menu buttons in posting form #349

Update Notes

Full change-log


01 Sep 12:45
Choose a tag to compare

Noteworthy Changes

  • ✓ Category order of select input in posting form is wrong #345
  • ✓ Force browser to load an updated language .json file #346
  • ✓ 5.3 updater fails on pre 5.2 installations if uploads without title exist #347
  • ✓ Editing a posting doesn't trigger an autoresize on the textarea #348

Update Notes

Full change-log


17 Oct 16:56
Choose a tag to compare

Noteworthy Changes

From the Changelog

  • + Send posting before moving on from posting form #338
  • + Save drafts while composing a new posting
  • + Browser warns the user before navigating away from a posting form with input
  • + Favicon-indicator shows number of unread postings on background tabs with autoreload #95
  • + New setting answeringAutoSelectCategory to control category-selection in posting-form
  • − Removes support for embedding new Flash videos (<object>...) #326
  • ✓ Uploading PNG images allows double-uploads #343
  • ✓ Fixes several bugs causing Internal Error issues
  • ✓ Don't autolink file:// URIs #341
  • ✓ Internal posting-hashtag in parenthesis isn't linked #337
  • Δ Changes the default DB engine for the entries table from MyISAM to InnoDB #322
  • Δ Keeping track of online users is more accurate while requiring less resources
  • Δ Font files for default theme are served locally instead from Google (everything is served locally now)
  • Δ Disables Security component on login #339
  • Δ PHP code maintenance
    • Δ Improves code quality so it passes phpstan static code analysis on level 3 (was 1)
    • Δ Declares all src/ and plugins/ PHP files as strict
    • Δ Refactors handling of current user's state
  • Δ Core library updates (CakePHP 3.8, TypeScript 3)

Never Lose A Posting Again

5.3.0 refactors and improves a lot of code including keeping track of the current user and posting a new entry. Both touches important functionality and our oldest code paths (reaching back even before the git init of this repository). They accumulated a lot of cruft over the years.

This was also the occasion to introduce exciting new features:

In the past sending the posting-form was mainly a simple HTTP POST request. If something went wrong the content was gone. The browser's back button wasn't much of a help. From now on a posting is sent in the background before leaving the posting-form. If there's a server error or a connection problem the user is notified and won't lose the posting staring at a blank page.

While composing a new posting the content is continuously saved as a draft in the background. On the chance that something is going wrong while composing a posting the draft is restored when the user opens the posting form again.

Update Notes

New Setting answeringAutoSelectCategory

There's a new setting answeringAutoSelectCategory in config/saito_config.php. It allows to select a default category for new postings.

If true the first available category (by category-order and accessibility according to user rights) is preselected as default category in the posting form. If false the user is forced to select a category.

Default: false (same behavior as in previous versions).

Changing Entries Table from MyISAM to InnoDB #332

This update changes the last and biggest table - containing all postings - from MyISAM to the modern InnoDB database-engine. According to my benchmarks this switch shouldn't impose a major performance impact anymore.

The updater is going to convert the table automatically, but be aware that your PHP-script runtime is limited on a shared-hoster. The conversion may take several minutes depending on the number of postings and exceed that period. So you might end up sitting in front of a blank page wondering what happened. If your forum contains more than 100.000 postings I recommend converting the table manually before starting the updater. Execute e.g. in phpMyAdmin:


As always: Backup your database before performing an update.

Full change-log