Zenario 8.8.53370
This update contains fixes for security vulnerabilities in Organizer and the admin back-end, where it was possible for an administrator to launch a SQL injection attack.
We recommend that anyone running Zenario applies this update.
Also included in this update are fixes for several other minor issues.
Zenario now requires at least PHP version 7.2
We are now asking server admins that they are running at least PHP version 7.2 as a hard requirement.
This is due to the fact that several third party tools and libraries that we use now also require at least PHP version 7.2.
However please note that you should be running at least PHP version 7.3 if you are able to, as PHP 7.2 and earlier have reached their end of life, and no longer receive security updates.
Support for later versions of PHP
This patch fixes a few error messages that could appear when trying to do a fresh install when running using PHP 7.4.
We're also starting to work towards supporting PHP 8, and this patch contains some initial changes that allow Zenario to run on PHP 8 without encountering fatal PHP errors.
Bug fixes
- Fixed a bug where the word count of the home page was reported as 0 immediately after doing a fresh install or a site reset.
- Fixed a bug in our migration scripts that was preventing anyone still running a Zenario 7 site from updating to version 8.
- Fixed a bug where Zenario stored multiple cached copies of SVG images by display size. (SVG images are vector images, their file contents is identical regardless of the size
they are displayed at.) - Fixed a bug where certain JavaScript libraries would not load if you had enabled the Show menu structure in friendly URLs option in the site settings.
- Fixed a bug where the caching debug button did nothing when clicked, due to a coding error.
- Fixed a bug that sometimes prevented you from saving the plugin settings of a Multiple Image Container plugin.
- Fixed a mistake in the message when changing a content item's alias, which incorrectly claimed that capital letters could not be used.
- Fixed a bug in Organizer where administrators saw a buggy menu of options when selecting multiple content items at the same time.
- Fixed a bug where administrators could not change the layouts of multiple content items at once.
- Fixed a bug where you could not view a preview of a layout.
- Fixed a display issue in Grid Maker, where the yellow toolbox could not be dragged around the screen as intended.
- Fixed a bug where you could not upload
.encryptedbackup files using the admin interface in Organizer.