Contao Open Source CMS changelog
Version 3.3.7 (2014-11-24)
Fixed
Fixed a potential directory traversal vulnerability.
Fixed
Fixed a severe XSS vulnerability. In this context, the insert tag flags
base64_encode and base64_decode have been removed.
Fixed
Handle nested insert tags in strip_insert_tags().
Fixed
Correctly store the model in Dbafs::addResource() (see #7440).
Fixed
Send the request token when toggling the visibility of an element (see #7406).
Fixed
Always apply the IE security fix in the Environment class (see #7453).
Fixed
Correctly handle archives being part of multiple RSS feeds (see #7398).
Fixed
Correctly handle 0 in utf8_convert_encoding() (see #7403).
Fixed
Send a 301 redirect to forward to the language root page (see #7420).
Version 3.3.6 (2014-10-31)
Fixed
Always pass a DC object in the toggleVisibility callback (see #7314).
Fixed
Correctly render the "read more" and article navigation links (see #7300).
Fixed
Fix the markup of the form submit button (see #7396).
Fixed
Do not generally remove insert tags from page titles (see #7198).
Fixed
Consider the useSSL flag of the root page when generating URLs (see #7390).
Fixed
Correctly create the template object in BaseTemplate::insert() (see #7366).
Updated
Updated TinyMCE to version 4.1.6 and added the "lists" plugin (see #7349).
Fixed
Fixed the FAQ sorting in the back end (see #7362).
Fixed
Added the Widget::__isset() method (see #7290).
Fixed
Correctly handle dynamic parent tables in the DC_Table driver (see #7335).
Fixed
Correctly shortend HTML strings in String::substrHtml() (see #7311).
Updated
Updated MooTools to version 1.5.1 (see #7267).
Fixed
Updated swipe.js to version 2.0.1 (see #7307).
Fixed
Use an .invisible class which plays nicely with screen readers (see #7372).
Fixed
Handle disabled modules in the module loader (see #7380).
Fixed
Fixed the "link_target" insert tag.
Fixed
Correctly mark CAPTCHA fields as mandatory (see #7283).
Updated
Updated the ACE editor to version 1.1.6 (see #7278).
Fixed
Fix the Database::list_fields() method (see #7277).
Fixed
Correctly assign "col_first" and "col_last" in the image gallery (see #7250).
Fixed
Set the correct path to TCPDF in system/config/tcpdf.php (see #7264).
Version 3.3.5 (2014-08-27)
Fixed
Do not output an empty label tag (see #7249).
Fixed
Allow floating point numbers in "number" input fields (see #7257).
Fixed
Do not adjust the start time of past events (see #7121).
Fixed
Reset the image margins if it exceeds the maximum image size (see #7245).
Fixed
Reset $blnPreventSaving when a model is cloned (see #7243).
Fixed
Do not reload after storing CURRENT_ID in the session (see #7240).
Fixed
Correctly validate the page number of the versions menu (see #7235).
Fixed
Handle underscores in the Google+ vanity name (see #7241).
Fixed
Correctly handle the rem unit when importing style sheets (see #7220).
Fixed
Fix two issues with the extension repository theme.
Version 3.3.4 (2014-07-29)
Fixed
Restore permission to delete root pages for admin users (see #7135).
Fixed
Pass the file IDs instead of their UUIDs to the file picker (see #7139).
Fixed
Correctly handle double quotes in comments (see #7102).
Fixed
Ignore hidden files when building the internal cache (see #7098).
Fixed
Correctly pass the insert ID of the undo record (see #6234).
Fixed
Update the vendor libraries (fixes various issues).
Version 3.3.3 (2014-06-18)
Fixed
Convert insert tags before assigning the page title to the template (see #7097).
Fixed
Correctly render images in TinyMCE in the newsletter module (see #7089).
Version 3.3.2 (2014-06-04)
Fixed
Add the media query to the style sheets in debug mode (see #7070).
Fixed
Disable the debug mode in the extension creator (see #7068).
Fixed
Convert image source insert tags in the back end preview (see #7065).
Fixed
Render all root nodes in the page and file picker (see #6844).
Fixed
Add the "scssphp-compass" library to support Compass functions.
Fixed
Support adding multiple TinyMCE instances to the same page (see #7061).
Version 3.3.1 (2014-05-30)
Fixed
Grant access to static files inside the vendor folder.
Fixed
Do not make the FormRadioButton options an array (see #7060).
Fixed
Support adding ACE and TinyMCE in subpalettes (see #7056).
Fixed
Only use the DropZone uploader where Ajax uploads can be processed (see #7046).
Fixed
Make the viewport field 255 characters long (see #7050).
Fixed
Restore the "submit_container" class in the FormSubmit widget (see #7055).
Fixed
Correctly generate the CSS classes of the FormSelectMenu widget (see #7045).
Fixed
Use a more precise UUID detection in the FilesModel class (see #7054).
Fixed
Use pack() instead of hex2bin() to be compatible with PHP 5.3 (see #7010).
Version 3.3.0 (2014-05-26)
Fixed
Correctly show the comments in the "comments" element (see #7040).
Fixed
Correctly store the file selection in "edit multiple" mode (see #7028).
Update
Update Compass to version 0.12.6.
Fixed
Improve the UUID validation to prevent false positives (see #7010).
Fixed
Correctly sort by date in the listing module (see #5609).
Fixed
Fix the back link in the "single article" view (see #6955).
Fixed
Never cache insert tags if the output is not used on the website (see #7018).
Fixed
Strip forbidden HTML tags in the markdown content element (see #7021).
Fixed
Prevent parallel execution of the new command line scripts.
Fixed
Also set the sql_mode in the MySQLi driver (see #6996).
Fixed
Purge the script cache if a style sheet is edited (see #7005).
Fixed
Disable the maintenance screen if a back end user is logged in (see #7009).
Fixed
Correctly set the textarea value in the template (see #6995).
Fixed
Make sure the security questions gets always generated (see #6990).
Fixed
Do not use date_default_timezone_get() in the configuration file (see #6989).
Fixed
Correctly generate absolute URIs in Controller::generateFrontendUrl().
Fixed
Fix the link button padding (a.tl_submit).
Version 3.3.0-RC2 (2014-05-09)
Update
Update TinyMCE to version 4.0.26.
Fixed
Correctly set and explain the page title field (see #6953).
Fixed
Correctly show the template sources (see #6875).
Fixed
Support input tags without a "type" attribute in the CSS framwork (see #6902).
Fixed
Import the tinymce.css style sheet in TinyMCE (see #6970).
Fixed
Catch Swift exceptions when sending form data via e-mail (see #6941).
Fixed
Try all locale variations when loading TinyMCE (see #6952).
Fixed
Correctly overwrite the article template (see #6938).
Fixed
Correctly wrap long labels in the tree view (see #6954).
Fixed
Correctly add the WAI-ARIA attributes (see #6217).
Version 3.3.0-RC1 (2014-05-02)
New
Allow to override the default form field template (see #4547).
Changed
Only pass the current form data to the "processFormData" hook (see #6705).
New
Add a DropZone-based file uploader (see #6064).
New
Add permissions to import and export themes (see #5835).
Improved
Make the fields of the meta wizard configurable in the DCA (see #4327).
Improved
Also show the preview image when editing multiple files (see #6643).
Improved
Show the file location below the "name" field in the file manager (see #6503).
Improved
Add some basic WAI-ARIA attributes to the navigation menu (see #6217).
Improved
Automatically convert file paths in TinyMCE into insert tags (see #5965).
Changed
Move the custom layout section markup into template files (see #6531).
Improved
Move the form field markup into the template files (see #6834).
New
Add template inheritance and template insertion (see #6508 and #6934).
New
Add a flexible back end theme.
Update
Update colorbox to version 1.5.8.
Update
Update mediaelement.js to version 2.14.2.
Update
Update jQuery to version 1.11.0 and jQuery UI to version 1.10.4.
Update
Update the color picker to version 1.4.
Changed
Use the "bootstrap" theme for the date picker (see #6692).
Update
Update the back end date picker to version 2.2.0.
Update
Update ACE to version 1.1.3.
Improved
Use the widget attributes instead of the DCA in the picker widgets (see #6881).
Improved
Enable the interlace bit when creating image thumbnails (see #6529).
Improved
Assign articles to layout sections with an article module only (see #6094).
New
Add the "parseDate" hook (see #4260).
New
Make the title tag configurable in the page layout (see #6783).
New
Add helper methods to generate markup depending on the output type:
Template::generateStyleTag()Template::generateInlineStyle()Template::generateScriptTag()Template::generateInlineScript()Template::generateFeedTag()
New
Add the "customizeSearch" hook (see #5223).
New
Add a button to generate article aliases via "edit multiple" (see #6628).
New
Add a pagination menu at the listing bottom (see #6377).
Fixed
Only override element and module templates in the front end (see #6878).
Changed
Use the html5shiv-printshiv.js script in the front end (see #6293).
New
Added the "getLanguages" hook (see #6545).
Changed
Render the table summary as <caption> in HTML5 (see #6295).
Changed
Also convert paths without delimiter in Combiner::fixPaths() (see #6417).
New
Add the "colorizeLogEntries" hook (see #5803).
New
Added an "oncut_callback" and "oncopy_callback" to DC_Folder (see #6814).
Improved
Support optional dependencies in the module loader (see #6835).
New
Mark the beginning and end of each template in debug mode (see #6841).
New
Added the insert tag flags "urlencode" and "rawurlencode" (see #6859).
Improved
Add files and folders to the database in details view (see #6880).
Version 3.3.0-beta1 (2014-04-11)
New
Add version control for editable files.
New
Add a configurable "viewport" field to the page layout (see #6251).
New
Split the layout builder CSS code into a static and a responsive style sheet, so the responsive behaviour can be disabled (see #6251).
New
Added more static convenience methods to the Config class:
set(): temporarily set a configuration valuepresist(): permanently store a configuration valueremove(): permanently remove a configuration value
A static get() method has been available already.
Update
Update TinyMCE to version 4.0.20 (see #1495).
New
Handle .scss and .less files in the Combiner. This also allows to add SCSS
or LESS files as external style sheets to the page layout.
New
Allow to override the default module or content element template (see #4547).
Improved
Create a new version if a member changes their data in the front end.
Improved
Shorten the file paths in the FileTree widget (see #6488).
Improved
Hide the details page link in the listing module if the details page condition is not met (see #6332).
New
Make the file system synchronization available on the command line (see #6815).
New
Make the Automator methods available on the command line (see #6815).
Changed
Moved the asset version constants to $GLOBALS['TL_ASSETS'] (see #5759).
New
Added a "preview front end as member" button (see #6546).
Changed
Hide forward pages if they point to unpublished target pages (see #6376).
Changed
Only enable the debug mode in the FE if there is a BE user (see #6450).
Changed
Do not require MooTools or jQuery for the command scheduler (see #6755).
Changed
Use the new Google Universal Analytics code snippet (see #6103).
Improved
Add $parent as fourth parameter to the "compileDefinition" hook (see #6697).
Update
Update TCPDF to version 6.0.062.
Changed
Enable the maintanance mode by default (see #6758).
New
Added a markdown content element (see #6052).
Changed
Merged the "newsarchive" and "newsarchive_empty" templates (see #6647).
Changed
Make the following functions public static (see #6351):
Controller::getArticleController::getContentElementController::getFormController::getFrontendModule
New
Support editing the front end preview page via the "url" parameter (see #6471).
Improved
Do not combine .js and .css files when running in debug mode (see #6450).
New
Added a DcaLoader class to decouple the DCA loading process (see #5441). DCAs
can now be loaded anywhere using Controller::loadDataContainer().
Changed
Convert slashes to hyphens in the standardize() function (see #6396).
Improved
Add a getModel() method to modules, elements and hybrids (see #6492).
Improved
Support the "HAVING" command in the Model\QueryBuilder class (see #6446).
Changed
Use class constants for BackendUser::isAllowed().