Skip to content

v0.32.0.0

Latest
Latest

Choose a tag to compare

View all tags
@bertugfahriozer bertugfahriozer released this 02 Jun 21:57
· 4 commits to master since this release
0.32.0.0
bef25c4

This release introduces an inline page status toggle, strengthens user management security, completes the Menu module's internationalization, and upgrades elFinder to 2.1.67.

✨ Added

  • Pages: Inline Status Toggle — Activate or deactivate pages directly from the listing via a new isActive() AJAX endpoint. Deactivating a page automatically removes it from the navigation menu and flushes the per-locale menu cache.
  • Pages: Homepage Badge — The pages DataTables listing now displays a visual "Home" badge on the current homepage, updating in real time when the selection changes.
  • Users: Superadmin Delete Protectionuser_del() now requires superadmin privileges and prevents deletion of any superadmin user, returning a localized error message.
  • Menu Module: Full i18n — All hardcoded Turkish strings in views and JavaScript have been replaced with lang() calls backed by new EN/TR language keys.
  • Sitemap Stylesheet — New public/sitemap.css provides a clean, browser-friendly layout for the XML sitemap.

🔄 Changed

  • elFinder → 2.1.67 — JS, CSS, and all i18n files updated. Three new help files added (fr, zh_CN, zh_TW). Script tags include ?v=2.1.67 cache-busters.
  • elFinder CSRF Bypass — Internal CSRF validation disabled via anonymous class override since CI4 Shield's session auth and backendGuard already protect the connector.
  • Frontend: Inactive Pages HiddenHome controller now enforces isActive = 1 when resolving pages, preventing deactivated content from appearing on the public site.
  • Sitemap: Single-Language ModeBlogModel and PagesModel sitemap methods now respect App.siteLanguageMode, emitting only default-locale records in single-language configurations.
  • Users: CSRF Exemptions — AJAX endpoints (removeFromBlacklist, blackList, forceResetPassword, user_del) added to UsersConfig::$csrfExcept.
  • Backup AJAX Flow — Create/delete operations use proper .done()/.fail()/.always() promise chains with deferred DataTables reload.
  • Menu: refreshLeftList() → GET — Read-only sidebar refresh no longer sends a POST request, eliminating unnecessary CSRF token injection.
  • Filters.php Simplification — Template filter path resolved via simple concatenation instead of resolve_template_path().

🐛 Fixed

  • Users: DataTables Search — Removed erroneous $like = [] reassignment that silently discarded search input.
  • Pages: Stale Homepage BadgehomePageId JavaScript variable now updates immediately after toggling the homepage via AJAX.
  • Backup & Users Views — DataTable instance variable moved to module scope so external handlers can call table.ajax.reload() without ReferenceError.

📋 Upgrade Notes

  • No database migrations required for this release.
  • If you have customized modules/Menu/Views/menu.php or modules/Menu/Language/*/Menu.php, merge the new lang() keys manually.
  • elFinder assets are vendored; no manual download needed — the staged files include the complete 2.1.67 bundle.
  • Clear your cache after upgrading: php spark cache:clear.

Full Changelog: 0.31.11.0...0.32.0.0

Assets 2
Loading