Skip to content

@azett azett released this Mar 20, 2021

The evolution of FlatPress continues with FlatPress 1.2 "Legato".

It brings FlatPress to PHP 7.4 (finally!) and PHP 8.0. Also, it contains some security fixes. We updated a few libraries, and the BBCode plugin knows some more tricks. Also, many bugs are fixed, thanks for reporting! And, to get FlatPress even more international, many language packs found their way into the standard distribution: French, Japanese, Brazilian Portuguese, Italian (finally!), and Spanish. Big shout out to all translators - thanks a lot!

Installation

Download 1.2.zip and follow the easy installation steps documented on the FlatPress download page.

Update

To update from 1.1 to 1.2, please use the update package 11to12.zip. You find update instructions on the FlatPress download page.

Detailled Changelog

General

  • FlatPress now runs smoothly with PHP 7.4 and PHP 8
  • Performance: Lazy loading for images
  • GDPR compatibility: Data of commenters are not stored in cookies any more
  • SEO: Added XML sitemap for search engines (details)
  • Leggero v2 is default theme (see #57)
  • Leggero v1 is now responsive
  • Updated Smarty to release 2.6.31
  • Added CONTRIBUTORS.md

Plugins

  • BBCode plugin:
    • Added image attribute "loading", default is "lazy"
    • Enhanced [video] element accepts video URLs for YouTube, Vimeo and Facebook
    • Added "mail" tag (replaces the Protected Mail Links plugin)
    • Selectboxes of attachments and images in the editor toolbar are sorted by name
  • jQuery plugin: Updated jQuery and jQuery UI to their current versions
  • CommentCenter plugin is part of the FP standard distribution
  • PrettyUrls and Comment Center are activated by default, LastComments and LastCommentsAdmin are not
  • Protected Mail Links plugin removed

Security

  • Overhauled v0.812.2 fix for local file inclusion vulnerability (more details)
  • Comments are sanitized properly (see #62)
  • Uploader checks for forbidden files more carefully
  • User password isn't hashed with MD5 any more (see #59)

Bugfixes

  • Mail adresses are accepted in a broader range (see #48)
  • HTTPS URLs in the contact form are now handled correctly (see #55)
  • Fixed redirects after login
  • Fixed "syntax error, unexpected '['" bug, reported here
  • Setup sets date and FP version for the freshly created static pages
  • Annoying translation error in German language pack fixed
  • ... and many more!

Translations

  • Added French language pack by Marc Thibeault and Dimitri Soufflet, reworked by Gee
  • Added Japanese Language Pack by NORTH HILL WORK STUDIO
  • Added Brazilian Portuguese language pack by randy
  • Added Italian language pack by Giacomo Margarito
  • Added Spansh language pack by karelv
  • Reworked German language pack by Detlef
Assets 3
Pre-release

@azett azett released this Feb 28, 2021

The evolution of FlatPress continues with the the second beta release of FlatPress 1.2 "Legato".

It brings FlatPress to PHP 7.4 (finally!) and PHP 8.0. Also, it contains some security fixes. We updated a few libraries, and the BBCode plugin knows some more tricks. Also, many bugs are fixed, thanks for reporting! And, to get FlatPress even more international, many language packs found their way into the standard distribution: French, Japanese, Brazilian Portuguese, Italian (finally!), and Spanish. Big shout out to all translators - thanks a lot!

This is a beta release. It is meant for testing, not for production use. Please report any bugs and glitches on the FlatPress support forum. Thank you!

Installation

Download 1.2.beta2.zip and follow the easy installation steps documented on the FlatPress download page.

Update

To update from 1.1 to 1.2.beta2, please use the update package 11to12beta2.zip. The 1.1 update instructions on the FlatPress download page apply for 1.2.

Detailled Changelog

General

  • FlatPress now runs smoothly with PHP 7.4 and PHP 8
  • Performance: Lazy loading for images
  • GDPR compatibility: Data of commenters are not stored in cookies any more
  • SEO: Added XML sitemap for search engines (details)
  • Leggero v2 is default theme (see #57)
  • Leggero v1 is now responsive
  • Updated Smarty to release 2.6.31
  • Added CONTRIBUTORS.md

Plugins

  • BBCode plugin:
    • Added image attribute "loading", default is "lazy"
    • Enhanced [video] element accepts video URLs for YouTube, Vimeo and Facebook
    • Added "mail" tag (replaces the Protected Mail Links plugin)
    • Selectboxes of attachments and images in the editor toolbar are sorted by name
  • jQuery plugin: Updated jQuery and jQuery UI to their current versions
  • CommentCenter plugin is part of the FP standard distribution
  • PrettyUrls and Comment Center are activated by default, LastComments and LastCommentsAdmin are not
  • Protected Mail Links plugin removed

Security

  • Overhauled v0.812.2 fix for local file inclusion vulnerability (more details)
  • Comments are sanitized properly (see #62)
  • Uploader checks for forbidden files more carefully
  • User password isn't hashed with MD5 any more (see #59)

Bugfixes

  • Mail adresses are accepted in a broader range (see #48)
  • HTTPS URLs in the contact form are now handled correctly (see #55)
  • Fixed redirects after login
  • Fixed "syntax error, unexpected '['" bug, reported here
  • Setup sets date and FP version for the freshly created static pages
  • Annoying translation error in German language pack fixed
  • ... and many more!

Translations

  • Added French language pack by Marc Thibeault and Dimitri Soufflet, reworked by Gee
  • Added Japanese Language Pack by NORTH HILL WORK STUDIO
  • Added Brazilian Portuguese language pack by randy
  • Added Italian language pack by Giacomo Margarito
  • Added Spansh language pack by karelv
  • Reworked German language pack by Detlef
Assets 3
Pre-release

@azett azett released this Feb 7, 2021

The evolution of FlatPress continues with the this first beta release of FlatPress 1.2 "Legato".
It brings FlatPress to PHP 7.4 (finally!) and PHP 8.0. Also, it contains some security fixes. We updated a few libraries, and the BBCode plugin knows some more tricks. Also, many bugs are fixed, thanks for reporting! And, to get FlatPress even more international, many language packs found their way into the standard distribution: French, Japanese, Brazilian Portuguese, Italian (finally!), and Spanish. Big shout out to all translators - thanks a lot!

This is a beta release. It is meant for testing, not for production use. Please report any bugs and glitches on the FlatPress support forum. Thank you!

Installation

Download 1.2.beta1.zip and follow the easy installation steps documented on the FlatPress download page.

Update

To update from 1.1 to 1.2.beta1, please use the update package 11to12beta1.zip. The 1.1 update instructions on the FlatPress download page apply for 1.2.

Detailled Changelog

General

  • FlatPress now runs smoothly with PHP 7.4 and PHP 8
  • Performance: Lazy loading for images
  • GDPR compatibility: Data of commenters are not stored in cookies any more
  • SEO: Added XML sitemap for search engines (details)
  • Leggero v2 is default theme (see #57)
  • Leggero v1 is now responsive
  • Updated Smarty to release 2.6.31
  • Added CONTRIBUTORS.md

Plugins

  • BBCode plugin:
    • Added image attribute "loading", default is "lazy"
    • Enhanced [video] element accepts video URLs for YouTube, Vimeo and Facebook
    • Added "mail" tag (replaces the Protected Mail Links plugin)
    • Selectboxes of attachments and images in the editor toolbar are sorted by name
  • jQuery plugin: Updated jQuery and jQuery UI to their current versions
  • CommentCenter plugin is part of the FP standard distribution
  • PrettyUrls and Comment Center are activated by default, LastComments and LastCommentsAdmin are not
  • Protected Mail Links plugin removed

Security

  • Overhauled v0.812.2 fix for local file inclusion vulnerability (more details)
  • Comments are sanitized properly (see #62)
  • Uploader checks for forbidden files more carefully
  • User password isn't hashed with MD5 any more (see #59)

Bugfixes

  • Mail adresses are accepted in a broader range (see #48)
  • HTTPS URLs in the contact form are now handled correctly (see #55)
  • Fixed redirects after login
  • Fixed "syntax error, unexpected '['" bug, reported here
  • Setup sets date and FP version for the freshly created static pages
  • Annoying translation error in German language pack fixed

Translations

  • Added French language pack by Marc Thibeault and Dimitri Soufflet, reworked by Gee
  • Added Japanese Language Pack by NORTH HILL WORK STUDIO
  • Added Brazilian Portuguese language pack by randy
  • Added Italian language pack by Giacomo Margarito
  • Added Spansh language pack by karelv
  • Reworked German language pack by Detlef
Assets 3
  • 1.1
  • 0b3fdc7
  • Compare
    Choose a tag to compare
    Search for a tag
  • 1.1
  • 0b3fdc7
  • Compare
    Choose a tag to compare
    Search for a tag

@azett azett released this Feb 22, 2019

With release 1.1, we took the time to fix a few more things, and to clean up a little bit. The BBCode toolbar has now graphical icons and knows a few more elements, some more languages are included, and a number of bugs and glitches have been fixed. Even one security fix is on board.

Installation

Download 1.1.zip and follow the easy installation steps documented on the FlatPress download page.

Update

To update from 1.0(.x) to 1.1, please use the update package 10to11.zip. You find update instructions on the FlatPress download page.

Detailled Changelog

General

  • Languages added: Greek, German, Czech (feel free to send in your language packs!)
  • Admin: Fancyfied editor toolbar with more BBCode elements
  • Changelog: Missing releases added

Plugins

  • Plugin added: Protected Mail Links
  • jQuery plugin: jQuery files are loaded locally now
  • Readmore plugin: Now localized (feel free to send in your translation!)
  • Searchbox plugin: Full text search enabled by default
  • Footnotes plugin: Usage how-to added
  • Lightbox plugin: Slimbox version updated, broken overlay fixed

Security

  • Security fix: Possible CSRF attack prevented (see details)

Bugfixes

  • Correct handling of special characters in URLs (see PR11)
  • HTTPS allowed in comment URLs
  • BBCode element "video" serves Youtube videos in iFrame instead of SWF object
  • Leggero theme: No more mixed content warning (see #31)
  • Update checker works with HTTPS URL (see #36)
Assets 3

@azett azett released this Jan 10, 2019

This release fixes the biggest pains we had with the quite outdated release 1.0.3:

  • Runs under PHP7
  • HTTPS support

Bonus: The very helpful plugins "Last comments admin" and "Media manager" are now included by default.

Installation

Download v1.0.3.php7.zip and follow the easy installation steps documented on the FlatPress download page.

Update

To update from 1.0.3 to 1.0.3.php7, please use the update package 103_to_103php7.zip. You find update instructions on the FlatPress download page.

Assets 3

@evacchi evacchi released this Jun 12, 2015

This release fixes an XSS (CVE-2014-100036).

Bonus: a new style for Leggero theme by @MarcThibeault and other UI enhancements by @MarcThibeault and @liquibyte

Assets 2

@evacchi evacchi released this Dec 11, 2013

Another bugfix release.

  • Fixes errors in the rushed patched vulnerability in v1.0.1.
  • Clears some issues with strict standards.
  • Timezone now defaults to UTC. You can set your own time offset in the configuration panel of the admin area
Assets 2

@evacchi evacchi released this Nov 21, 2013

Bugfix release. Addresses Issue #3 http://www.exploit-db.com/exploits/29515/

Assets 2