Assets 2

This update contains a patch for a security vulnerability with the Document Container module. If you are using a Document Container on your site then we strongly recommend that you download and install the patch.

This release also includes some fixes for some problems with page caching, and various other bug-fixes and tweaks.

Assets 2

This update contains a patch for a security vulnerability with the Document Container module. If you are using a Document Container on your site then we strongly recommend that you download and install the patch.

Assets 2

This update contains a patch for a security vulnerability with the Document Container module. If you are using a Document Container on your site then we strongly recommend that you download and install the patch.

Assets 2

This update contains a patch for a security vulnerability with the Document Container module. If you are using a Document Container on your site then we strongly recommend that you download and install the patch.

Assets 2

This update contains a patch for a security vulnerability with the Document Container module. If you are using a Document Container on your site then we strongly recommend that you download and install the patch.

@TribalSystems TribalSystems released this Aug 30, 2018 · 1 commit to latest-public-release since this release

Assets 2

A new branch of Zenario is now publicly available, with some small improvements in a few areas of the CMS.

Better security for admin logins

If you have signed up for an API key for Google ReCAPTCHA, there's now an option to enable a CAPTCHA on Zenario's admin login screen.

The administrators panel in Organizer now shows which admins are currently logged in.

Improvements for managing items in Organizer

If your screen is wide enough, selecting an item no longer hides the buttons for a panel. When an item is selected, you will see the buttons for the selected item alongside the buttons for the panel.

We've added quick links from the Content Items Panel and the Users Panel to the site settings that affect those panels.

Customise phrases used by plugins

You can now customise any phrase that a plugin uses directly from its settings box.

(Note that this is a separate feature to translating phrases, and that if you have a multilingual site you can customise phrases and then also translate the customise phrases separately.)

Common header and footer in email templates

Email templates have had a small redesign. They can now use a common header and footer.

Using a common header/footer means that you can easily achieve consistency in all of the emails that your site sends, without needing to edit multiple email templates to keep them in sync.

Minor changes

  • The plugin settings boxes have had a small redesign. Where a plugin has a mode selector, the mode selector now appears at the top right of the settings box.
  • Change Password plugin now has an option to send an email confirmation to the user when their password is changed.

Notes for hosting providers

Email alerts for PHP warnings and notices

If a PHP warning/notice appears on a page, you'll now receive an email to the support address (limited to one email per web-request).

Changes to email encoding

By default, Zenario will no longer send emails using base-64 encoding.

If this change causes problems, you can switch this back on in the Email site settings after updating to this version.

Notes for developers

Changes to how missing frameworks are handled

If a plugin uses a custom framework, and the custom framework is missing in the filesystem, Zenario will no longer silently fall back to the default framework when displaying the plugin. Instead an error message will be displayed on the page.

Controlling the email alerts for PHP warnings and notices

We've added two new functions to help control the email alerts mentioned above:

ze::ignoreErrors()
  • You can call this this function to disable the "PHP error at" emails from being sent.
ze::noteErrors()
  • You can call this function to re-enable the error emails.

You can use these functions if you have a bit of PHP code that regularly generates random warnings/notices, and you don't want an email being sent to the support mailbox each time.

You should call ze::ignoreErrors() to start suppressing errors, and ze::noteErrors() afterwards when you are done.

Note that these calls can be nested; i.e. if ze::ignoreErrors() is called twice then ze::noteErrors() must also be called twice before errors stop being ignored.

@TribalSystems TribalSystems released this Aug 30, 2018 · 2 commits to latest-public-release since this release

Assets 2

This release contains a few minor bugfixes.

@marcin-szczerba marcin-szczerba released this Jul 13, 2018 · 3 commits to latest-public-release since this release

Assets 5

This release fixes a security vulnerability, where an attacker could exploit the caching mechanism in User Forms to get personal data.

@marcin-szczerba marcin-szczerba released this Jul 13, 2018 · 1 commit to 8.1 since this release

Assets 5

This release fixes a security vulnerability, where an attacker could exploit the caching mechanism in User Forms to get personal data.

@marcin-szczerba marcin-szczerba released this Jul 13, 2018 · 1 commit to 7.7 since this release

Assets 5

This release fixes a security vulnerability, where an attacker could exploit the caching mechanism in User Forms to get personal data.