CHANGELOG.md

2.3.0 (2016-12-27)

Contributors

• Ismayil Khayredinov (4)
• Steve Clay (3)
• Jerôme Bakker (2)
• iionly (2)

Documentation

• core: Improve docs about creation of cache symlink (f984a051)

Bug Fixes

• ajax: elgg/Ajax view() and form() set $vars as expected (abf8a9ce, closes #10667)
• core: Check existence of cache symlink without usage of readlink() (3e4dc6a1)
• entities: entity is now loaded from cache during save operations (009f74da, closes #10612)
• files: mitigate issues with special chars in file names (4a7b74ea)
• forms: fieldset with a legend no longer overrides the class (726cca18)
• http: elgg/Ajax error responses with 200 status use Ajax wrapper (1cae50cf)
• notifications: incorrect use statement no longer throws (2a6d782b)
• web_services: handle string params with proper escaping (702ce46c)

2.3.0 (2016-11-09)

Contributors

• Ismayil Khayredinov (74)
• Steve Clay (34)
• Jeroen Dalsem (18)
• jdalsem (8)
• iionly (6)
• Jerôme Bakker (3)
• Ismayil Khayredinov (2)
• Brett Profitt (1)
• Matt Beckett (1)
• Pete L (1)
• V. Lehkonen (1)

Features

• account: login history is added to account statistics page (3e30ab26)
• admin:
  • add memcache stats to server info page (6b19ced0)
  • move plugin toggle buttons to title menu (5d75f6db)
  • single plugin toggles done via Ajax (c46ccb80)
  • makes it easier to navigate plugin dependencies (4caf7769)
• api: allow convenience methods to return ElggBatch as a result (5618d3c5, closes #6676)
• ckeditor: better control over ckeditor initialization and behavior (57ededb0, closes #9391)
• comments: entities can now inherit canComment permissions (b1614671)
• components: add inline tabs component with ajax support (4de1cd28)
• composer: brings back composer.lock (0b07d9a8, closes #9430)
• core: Use input/number input view for default_limit input field in basic settings form (3c6bce2d)
• css:
  • input/button with disabled state is now styled as disabled (3aec56a6)
  • elgg-state-disabled class now is applied to all buttons (bb70a507)
• developers:
  • explorer entity information in developer tools (251f4067)
  • add object full listing to theme sandbox (85b67b90)
  • add object summary listing view to theme sandbox (878dbc8e)
  • add custom attributes to image block sandbox view (92d86a67)
• entities: container logic is now checked before permissions (c87dc7d1, closes #9695)
• events: added elgg_clear_event_handlers function (110497b7)
• export: now triggers a generic to:object hook for annotation and metadata (5adc6771)
• files: adds new API for handling file uploads (09499677, closes #7778, #9876, #9934)
• forms:
  • replaces elgg_view_input, adds support for fieldsets (100bd412)
  • update login form to use new forms API (ef69171c)
  • update registration form to use new forms API (5eb8ce25)
  • adds input/number view for numeric values input fields (b7960635)
  • makes form views extendable by deferring footer rendering (bbb392e0)
• groups: break down groups/all page in smaller views (c6de14c2)
• http:
  • no longer sends HTTP headers to CLI requests (d95a5101)
  • now triggers before and after events for HTTP responses (42839af3)
  • adds API for handling HTTP responses (bfc860c8)
  • adds a service for signing and validating URLs (15071018, closes #9884)
• images: adds a new image manipulation service (9dcd7fb2)
• js: add support for inline popup modules (e467a755)
• lists: list item views are now aware of their position in the list (9dab204b)
• menus:
  • elgg_view_menu() can now render menus with custom views (1cd65c60)
  • elgg_view_menu() now accepts an array of menu items (7a8dad2b)
• notifications:
  • refactor notification system for improved usability (11dd562c)
  • make it easier to alter core instant notifications (094d63b2)
• passwords: strengthen change password link with a HMAC signature (6ad8ff94)
• php: Require PHP 5.6+ (e35f3ed0)
• plugins: adds static config file for plugins (8bf14546, closes #5947)
• profile: profile fields can contain more than 250 characters (2b6a7497)
• river: Adds hook-based permissions for river item delete action (364d7e94, closes #8936)
• tests: make it easier to bootstrap PHPUnit (c3ea0173)
• users: unifies login and registration URL generation (9e499f6a, closes #9896)
• uservalidationbyemail: validation URLs are now signed with a HMAC key (111f72d8)
• view: function to get the extensions for a view (a0f39b3e, closes #9921)
• views:
  • added elgg_parse_emails to output/longtext (c1a600ca, closes #7052)
  • more flexible output/longtext view (6229f811)
  • lists can be rendered as tables (d941fa83, closes #7684, #9629)
  • adds function for extracting $vars['class'] more cleanly (b0dab038)
  • object summary listing now accepts an icon (09649f57)
  • image block wrapper attributes can now be passed with $vars (8f6a5753)
  • improves usability of object listing views (8ae5b1da)
• walledgarden: convert walled garden JS to AMD (890b4a77)
• widgets: added a generic view for selecting 'number to display' (b845343f)

Performance

• db: no longer queries DB when entity access is predictable (5c93f07d)

Documentation

• core: Misc docs fixes (0c8e1acc)
• tutorials: updated Blog tutorial (9a813e86)

Bug Fixes

• cli: Application::run() returns a value for PHP CLI server to serve static files (a4fa2749)
• comments: comment redirector URL no longer contain double fragments (37f578e4)
• discussions: reply form is now only rendered when container permissions are satisfied (6ac48700)
• entities: classnames for entity subtypes can be up to 255 chars (45d7abbd, closes #6802)
• icons: cropping mode is now determined by actual cropping coords (5e4742e8)
• output: switch to Misd\Linkify library for parsing urls in text (e2baa855)
• pages: do not show duplicate title on full view of a page (a049586a)

Deprecations

• events: deprecates the pagesetup, system event (cf77fc07)
• metadata: metadata access control is deprecated (a9523d97)

2.2.3 (2016-11-08)

Contributors

• Jerôme Bakker (5)
• Steve Clay (4)
• Ismayil Khayredinov (1)
• Jeroen Dalsem (1)
• jdalsem (1)

Bug Fixes

• blog: correctly check if owner is a group in owner_block menu (7f253c58)
• cache: ElggFileCache now handles arbitrary cache keys (e60b8368)
• ckeditor: ensure basepath is set before CKeditor is loaded (d60389d2, closes #10304)
• composer: composer post-update script no longer crashes (be4235a0)
• groups: multiple membership requests don't trigger messages (287e6448)
• js: bind to correct element for inline comment edit (e15cba9d)
• likes:
  • notification subject too long (fc5667dc)
  • check for a valid entity in menu setup (9ae99e84)
• profile: allow admin menu items to be toggled (ba20ce42)
• reportedcontent: show spinner during ajax delete/archive (5de1c90a)

2.2.2 (2016-10-02)

Contributors

• Jerôme Bakker (4)
• Ismayil Khayredinov (2)
• Juho Jaakkola (2)
• Steve Clay (2)
• Jeroen Dalsem (1)
• iionly (1)

Documentation

• events: prefered use of the shutdown event vs shutdown function (c62b307d)
• install: warn composer users they have to "install" twice (7c8fd239)

Bug Fixes

• css: apply hidden class to menu items (5281199b)
• i18n: validate the translation key (76d7ac69)
• mysql: adds MySQL 5.7 compatibility (3198d84a, closes #8121)
• views: no results listing output should show if empty item views (a3d4f8c8)

2.2.1 (2016-09-21)

Contributors

• Steve Clay (16)
• iionly (5)
• Ismayil Khayredinov (2)
• Wouter van Os (1)

Documentation

• license: clarifies dual licensing in LICENSE.txt (1db4994f)
• support: updates support policy and tentative release schedule (71aab2c6)

Bug Fixes

• access: updates no longer mistakenly blocked in some scenarios (01f4f1df)
• boot:
  • boot cache now respects system cache setting (f90b1eb1)
  • make sure boot cache updated when subtype data changes (c80f6e64)
• core: boot no longer throws DB exception in some edge cases (c7c44763, closes #10119)
• discussions: removes site "Discussions" menu item added in 2.2.0 (34678299, closes #9731)
• js:
  • output deprecation messages to admins in browser console only (a8052f9c)
  • popup no longer reopens after a second click on the trigger (6dc8012b, closes #10063)
• likes: don't emit notice if a listing's $vars['list_class'] isn't set (f2882158)
• members: Don't rely on newest members tab set as default tab in pagehandler for members page (a78aa354)
• pages: operations keep track of more than 10 child pages (bc5f414b)
• plugins: Make activate/deactivate all plugins to work also on Firefox (915865b9)
• reportedcontent: Reported Content admin widget works again (739259fc, closes #10151)
• river: ensure unique comment form id (80e508ae)
• ui: hover menus no longer open outside viewport (edd3740a, closes #10214)
• views:
  • input/select view can select options more reliably (af103c7e, closes #10154)
  • some functions that use views fallback to default viewtype (5a58317e, closes #10114)
• web_services: create_api_user() and create_user_token() work again (1ee8fe96)

2.2.0 (2016-08-05)

Contributors

• Juho Jaakkola (3)
• Steve Clay (3)
• jdalsem (2)

Features

• iconservice: it is possible to save unaltered version of an image (7157a33f, closes #9970)

Bug Fixes

• js:
  • add missing elgg/lightbox#resize method (4f6a0174)
  • correctly report success in admin profile field reorder action (b63396a7)

2.2.0-rc.1 (2016-06-16)

Contributors

• Ismayil Khayredinov (43)
• Steve Clay (37)
• Jeroen Dalsem (22)
• jdalsem (6)
• Wouter van Os (2)
• Brett Profitt (1)
• Jerôme Bakker (1)
• V. Lehkonen (1)
• lehkonev (1)

Features

• ajax:
  • better elgg/Ajax handling of form data and URLs (8795b9f4, closes #9534, #9564)
  • Ajax service now loads required AMD modules (292dc391)
• avatar: user avatars are now served by serve-file handler (a55d746a)
• cache:
  • allow admin to attempt an automatic symlink to cache (b06a1cb3, closes #8639, #8638)
  • allows specifying cache directory in settings.php (4b2ed514)
• ckeditor:
  • improved elgg/ckeditor AMD module (a0ff70ec)
  • added editor autogrow plugin (771abac8)
  • allowed resizing of editor window (f43a6565)
• core:
  • added a CONFIG flag to control auto-disabling plugins (17363a50)
  • added a new function to check if system_cache is enabled (f3bbff32)
• cron: improved cron logging (5305b60d, closes #9474)
• db:
  • access sql parts are named in the clauses array (50ffcf24)
  • allows using parameterized queries in core DB functions (a9e51682)
• developers: add view_vars hook to views inspector (41e9e1ef)
• discussions:
  • added a site menu item for discussion/all (79809b78)
  • allow plugins to use custom discussion reply object class (ac55f8f4)
• embed:
  • adds elgg/embed AMD module (1f1dad12)
  • adds serve-icon page handler (e4d09f82, closes #9582)
• entities: adds user capabilities service (81f05058)
• file:
  • adds ElggFile::transfer() for reliable renaming of files (bf50c5d0)
  • more consistency in mime and simple type values (3e09fa15, closes #9614)
• files: update file plugin to new file serving API (a9d409ee)
• filestore:
  • bootstrap default filestore early in the boot sequence (c85fa0ee, closes #9873)
  • adds API to reliably set file modification time (476b6d29)
• forms:
  • Add new user now has an option to autogenerate the password (ee4758d3)
  • input/checkbox is now usable with elgg_view_input() (82bbf49b, closes #9808)
• gatekeeper: entity gatekeeper result can now be filtered (75af2fd5)
• groups:
  • group icons are now handled by the new icon service (e809f5fd)
  • introduced a hook to influence group tool options (b6617e5e)
  • allow the group river to be filtered by content type (0d8f9364)
  • group avatars now use serve-file handler (ac57e990)
• html:
  • allows cleaner elgg_format_element usage (425f57d7, closes #9766)
  • moves favicon registration to a hook (a4a35362)
• http: allow use of X-Sendfile/X-Accel web server feature (a88db207, closes #4898)
• icons:
  • udpate file plugin to use new icon service (2c9f5c0a)
  • user avatars are now handled by the icon service (36c8b465)
  • adds a service for handling entity icons (72b8a2c7)
• js:
  • Adds hooks to pass site and page-level data client-side (cec6b42b, closes #8997)
  • elgg/Ajax users get more access to underlying resources (39a3fbce, closes #9767)
  • elgg/spinner now supports optional text to be displayed (da5c5b06)
  • adds elgg/lightbox AMD module, loaded on all pages (9135ad26, closes #7895, #8309, #6991)
  • user hover menu now uses elgg/popup module (d0dffca6)
  • adds elgg/popup AMD module (fd75da60)
  • requiresConfirmation now returns false if not confirmed (cac5c0fd)
• menus:
  • elgg_register_title_button() can now check entity type and subtype (a0c118ad)
  • required AMD modules can now be defined at item registration (46c3ead8)
  • adds menu service for more orderly menu construction (38ecfc6b, closes #9508)
• reportedcontent: only load javascript when needed (29c39cd7)
• river: convert river JS to AMD modules (790a1a00)
• thewire: allow multiple add forms to exist on the same page (9f72e287)
• ui: Allows modifying system messages/errors (eee183c5)
• views:
  • view_vars handlers can preset view output (68fde7b6)
  • elgg_get_excerpt output now comes from a view (4d6ec3f2)
  • allows changing relative URLs in CSS files (70d3aab7)
  • allow multiple paths in views.php files (7672d754)
• web_services: allows API function to be given an associative array (cd80863a, closes #9411)
• widgets:
  • widget types can now be extended with a hook (3c76194c)
  • widget title and description can be autodetected (3c61e2f0)
  • added a helper class and factory for defining widgets (bc56fafd)
  • widget layout owner can now be set explicitly (b3bd2a84, closes #7023)
  • added isset on \ElggWidget objects to check settings (7b095208)
  • added unset on \ElggWidget objects to remove settings (f99e4f5d)

Performance

• db: improved session write db query for InnoDB (3b55226d)
• reportedcontent: only load JS if menu item is rendered (ececa98d)

Documentation

• core: fixes docs for ElggFilestore::seek return value (fe310c31)
• faqs: fixed typo in IDE section (a1ed1305)
• tutorials: updated Hello world (dc5a4ade, closes #9875)
• widgets: updated the widget registration documentation (3410e1ec)

Bug Fixes

• avatars: avatars are no longer served with public URLs in a walled garden mode (4c8a7ced)
• core:
  • get class from subclass instead of base (8b3e17fa)
  • allows ElggFile to append files not yet existing (ac0ba3f2)
• file: ElggFile::delete() now removes target files if filename is a symlink (facc13fe)
• files: use actual file modification time as an etag value (17c5dcaf)
• js: ui bindings now wait for system init event to fire (5794e027)
• mime: fall back to detection based on extension for octet-stream (0b1f4539)
• reportedcontent: forward to address if not submitted in lightbox (ee63b1d8)
• views: elgg_view_form now accepts class to be an array in form_vars (4133b516)

Deprecations

• db: deprecates many methods on the Application::getDb object (2ba9a876)
• entities:
  • adds entityCache service and deprecates old global (9fa45b62)
  • deprecate can_write_to_container (ee473b37)
• file: new file service deprecates file download and thumbnail handlers (90925fab)
• groups:
  • groups/js view deprecated by groups/navigation AMD module (975014bb)
  • new file service deprecated avatar/view resource (5c535271)
  • new file service deprecated groupicon page handler (0721023b)

2.1.3 (2016-08-05)

Contributors

• Ismayil Khayredinov (2)
• Steve Clay (1)

Bug Fixes

• output: attribute formatter now skips arrays with non-scalar values (fbe1cd34, closes #10010)
• views: issue unique IDs in elgg_view_input() (f20f0603, closes #9955)

2.1.2 (2016-06-13)

Contributors

• Steve Clay (5)
• Ismayil Khayredinov (4)
• Brett Profitt (1)
• Jerôme Bakker (1)
• iionly (1)

Documentation

• ajax: fixes constructor usage of elgg/Ajax (07c7ce49, closes #9533)

Bug Fixes

• core:
  • elgg_get_plugin_setting() respects defaults for values that haven't been cached or created. (1e141d46, closes #9781)
  • Elgg again uses the dataroot given in settings.php (64c23f70, closes #9602)
• errors: nested forward 404 calls are less likely to abruptly fail (068711fa, closes #9476)
• files: file service now sends 304 and 403 headers more reliably (c9af1790, closes #9571)
• js: deprecate elgg.ui.widgets more reliably (c25c5211, closes #9523)
• logger: logger no longer pollutes serve-file response (8209a38b, closes #9657)
• profile: able to store more information in tag fields (0467e3ff)
• reportedcontent:
  • report form opens in lightbox (6db794ac)
  • clicking on reported content links again opens lightbox (55fa9d5c)
• site: allow access to serve-file handler in walled garden mode (1a8d33a1)

2.1.1 (2016-03-20)

Contributors

• Steve Clay (4)
• Jeroen Dalsem (2)
• iionly (1)

Documentation

• contributing: clarifies release periods and branches for PRs (b82d1592)
• groups: removed discussion reference in groups manifest (249334ef)
• release: improves docs for release process (96681b5b)
• views: added page/components/list docs to elgg_view_entity_list (76fea973)

Bug Fixes

• core: do not implode already imploded categories array in plugin object details view (666333cf)
• installer: no longer redirects in loop during installation (78d31799, closes #9486)

2.1.0 (2016-03-13)

Contributors

• Steve Clay (40)
• Ismayil Khayredinov (25)
• Juho Jaakkola (10)
• Jeroen Dalsem (2)
• Hereward Mills (1)
• Wade Benson (1)
• Wouter van Os (1)

Features

• actions: adds a generic delete action (4c35fe26)
• ajax:
  • improves the elgg/Ajax API and adds docs (4211155e, closes #9404)
  • Adds a new elgg/Ajax AMD module with unified API (2a132ae8, closes #8323)
• cron: allows for a more systematic way of calling cron using one url (3c947fc1)
• discussions: makes "last reply" text into a link (9c1d543a)
• engine:
  • use elgg_log prior to error_log in custom error handler (6b483b08)
  • also log to php error_log when log is shown on screen (9f630e58)
• entities: give access to original values of modified attributes (56ddabbc, closes #9187)
• files: adds a service for serving files from filestore (1d6b23c7)
• forms:
  • moves datepicker init to AMD and improves dev usability (15c2686b)
  • elgg_view_input() can now be used to render hidden inputs (8d996cd1)
  • allow custom required indicators for field labels (f29fbb6f)
  • adds elgg_view_input() to the views api (70b35bd7, closes #6356)
• groups: profile buttons can now be filtered with a hook (52e82943)
• js:
  • elgg.ui.toggle now triggers jQuery event (941b49ad)
  • adds plugin boot modules and modules based on system events (924355a7, closes #7131, #7926)
  • Allow canceling a previous elgg_require_js() call (375be5ff, closes #9074)
• menus: delete menu item now checks if delete action exists (84cbb151)
• metastrings: add function to get map of strings to metastring IDs (8d28a8dd)
• notifications: it's now easier to alter translations for notifications (4677d482)
• profiler: allow capture/display of crude profiling data (6ce01fad, closes #9293)
• routing: allow more reliable URL path rewriting (853fc0ef, closes #9388)
• rss: adds functions for adding/removing the RSS link (ae765e19)
• search: search hooks now preserve custom joins and wheres (65041619)
• views: add attributes to input select options (63b04d6a)

Performance

• boot: we order plugins in PHP because MySQL order by CAST is slow (c4b10c1c, closes #8183)
• files: ElggFile no longer queries metadata for filestore data (d9243002, closes #9138)
• http: serve-file URLs can respond without booting core (4f587df0)

Documentation

• js: modernizes the JS docs to emphasize AMD usage (d66cae64)

Bug Fixes

• actions: referrer path is now parsed correctly (6b1bfe26)
• ajax: iframe-based submissions can again be recognized as XHR requests (c25962a0, closes #8735)
• files: files with custom filestore can now be served via file service (1a2b0ca7)
• forms:
  • remove extra spacing between longtext field label and menu (23edb5ad)
  • elgg_view_input() now passes input type to the field view (63013725)
• i18n: admin-created accounts now get site language instead of admin's language (561bad37, closes #9454)
• js:
  • don't show ajax error message when aborting request (5aea301f, closes #9372)
  • client-side hooks can now handle periods in hook names (9f70099f, closes #9160)
• menus: delete menu item is only registered if canDelete is fullfilled (e13ba511)
• permissions: All permissions functions handle user fetches consistently (b875fd33, closes #8941, #8038, #8945)
• river: opening comment form auto-focuses input (5b68badc)
• search:
  • search hooks no longer reset subtypes (5d6987ce)
  • hooks no longer reset order_by clauses (b15b9e94)

Deprecations

• assets: Deprecates URLs like /js/ and /css/ in favor of simplecache (91daac90)
• config: deprecates config value "siteemail" (cdd4bb5f)
• entity: removes the tables_split and tables_loaded properties (4d469183)
• filestore: deprecates giving files custom filestores (0050b1db, closes #9352)

2.0.4 (2016-06-13)

Contributors

• Jeroen Dalsem (13)
• Ismayil Khayredinov (4)
• Steve Clay (2)
• iionly (2)
• jdalsem (1)

Bug Fixes

• ckeditor: do not draw a menu item if id is missing (edf382b0)
• core:
  • prevent undefined variable notices advanced caching form (f3459110)
  • view inspector now can use simplecache views again (6c39e573)
  • prevent inspector producing notices inspecting webservices (3862ffcd)
  • menu inspector provides id in longtext menu (61c0a549)
• css: correctly positioned the user hover menu icon (e5566c1a)
• developers:
  • replaced get_language with get_current_language (b6bcc579)
  • restores missing event/hook handlers in inspector (70ca4264, closes #9527)
• discussion: correctly check permissions before showing reply form (8e64d44d)
• embed: do not draw a menu item if id is missing (69ca6b51)
• i18n: prevent php notices about language translations missing (1f9916e7)
• js: replace deprecated jquery .attr usage with .prop (a95ecc6c)
• members: search page now has pagination (d42611c2)
• notifications:
  • use the correct way to check if checkbox is checked (4c7b8b65)
  • users are again unsubscribed when friendship and membership are deleted (8990ab53)
• pages: use elgg_extract to prevent php notice fetching parent_name (c8710c9b)
• views: passing 'default' to input/checkboxes now works (efa6395f)

2.0.3 (2016-03-06)

Contributors

• Ismayil Khayredinov (3)
• Steve Clay (3)
• Juho Jaakkola (1)
• Niraj Kaushal (1)

Bug Fixes

• comments: unifies behavior after adding new comment/discussion reply (8ff2b295, closes #8130)
• discussions: put new discussion page behind gatekeeper (a583f65b, closes #9383)
• events: the pagesetup event timing is more like 1.x (38b12288)
• groups:
  • clarify notification status strings (20059a89)
  • page owner is now correctly resolved prior to pagesetup (9a8ba277)
• web_services: web services again can output xml/php (9bf27a4b, closes #8053)

2.0.2 (2016-02-03)

Contributors

• Steve Clay (10)
• Juho Jaakkola (3)
• Ismayil Khayredinov (2)
• Wouter van Os (1)

Documentation

• events: Clarify scope of HooksRegistrationService::hasHandler (498abdde, closes #9325)
• js: warn devs that that elgg_define_js() configuration is cached (a078c030, closes #9302)
• notifications: Updated subject variable to body (0cde3006)
• routing: clarify use of default_page_owner_handler in core (5d647d18)

Bug Fixes

• installer:
  • don't fatal trying to rewrite the .htaccess file (5e74932b, closes #9334)
  • detect PDO MySQL extension instead of ext/mysql (98c8e418, closes #9313)
  • installer no longer fails on PHP 7 (4d796279, closes #9314)
• javascript: replaces calls to obsolete $.die() method with $.off() (82a08f56, closes #9309)
• menus: menu item labels now match page titles in tool settings (bc8f8dd3)
• notifications: set page context before pagesetup is fired (d4c86cde)
• profile: don't show removed description field (9846c4a4, closes #8984)
• views:
  • resources/error view now renders sanely within /admin (c0b1a703, closes #9327)
  • don't pass null to array arguments (for PHP 7) (e0d5433f, closes #9318)
  • locations specified in /engine/views.php are modifiable (3cc5b5b3, closes #9308)

2.0.1 (2016-01-03)

Contributors

• Matt Beckett (4)
• Juho Jaakkola (3)
• Ismayil Khayredinov (2)
• Juho Jaakkola (2)
• Steve Clay (1)

Bug Fixes

• admin: Allow plugins to extend js/admin but deprecate it (a5c2abdf, closes #9238)
• collections: only register collections menu items when logged in (1b88d43a, closes #9249)
• comments: validate array structure before calling elgg_extract() (1078b65d)
• entities: fix php notice when editing metadata while not-logged-in (64bb369f, closes #9256)
• groups: link to membership requests page is visible again (8e3bb84a)
• install: Set default timezone on installation (7d5a2b05, closes #8845)
• js: prevent multiple togglable menu item bindings (e7f33013, closes #9151)
• notifications:
  • default settings now get enabled also for new friends (e84fc160)
  • notifications about new friends work again (a23683ee)
• relationships: prevent sql exception on duplicate relationships race condition (9e469da9, closes #9179)
• simplecache: removes warning about using mkdir() when cache directory exists (3bae0bf5, closes #9219)

2.0.0 (2015-12-14)

Contributors

• Steve Clay (3)
• Juho Jaakkola (3)

Documentation

• notifications: documents workflow of the asynchronous notification system (209b6a51, closes #7496)

Bug Fixes

• a11y: aalborg mobile site menu uses the Font Awesome fa-bars icon (a6a512e3, closes #9110)

Deprecations

• file: Deprecates accessing filestore metadata (363b461d)

Breaking Changes

• In aalborg_theme, the view page/elements/navbar now uses an icon for the mobile menu selector (formerly an image). The bars.png image and supporting CSS for the 1.12 rendering has been removed.

Fixes #9110 (a6a512e3)

2.0.0-rc.2 (2015-11-29)

Contributors

• Steve Clay (10)
• Ismayil Khayredinov (4)
• Juho Jaakkola (4)

Performance

• river: no longer needlessly render river responses (97df230f, closes #9046)

Bug Fixes

• files: make sure method is callable on a concrete object instance (740d3108, closes #9010)
• i18n: avoids using mbstring.internal_encoding in PHP >= 5.6 (c0ff79de, closes #9031)
• likes: count is updated after liking/unliking (dae30cb7, closes #9100)
• memcache: don't store a copy of $CONFIG in file objects (beb90891, closes #9081)
• pages: removes deprecated notices regarding input/write_access (fdcab74b, closes #8327)
• river: floated river selector no longer breaks layout (2745c914, closes #9091)

Breaking Changes

• The report content icon is now a FontAwesome icon, however the GIF used in 1.x is still available. (96d258fa)
• Plugins that override the input/autocomplete view will need to include the source URL in the data-source attribute of the input element, require the new elgg/autocomplete AMD module, and call its init method. The 1.x javascript library elgg.autocomplete is no longer used. (2a0cf9a5)

2.0.0-rc.1 (2015-11-07)

Contributors

• Steve Clay (12)
• iionly (3)

Bug Fixes

• http: allows sending gzipped JavaScript on nginx < 1.5.4 (4c4b8ab7)
• likes: likes preloader and entity menus now consider likability (de81d7da, closes #9065)
• views: input/userpicker API more BC with 1.8 plugins (0651a5fd, closes #6079)

Breaking Changes

• To allow for usage of the z-index property for elements in the content area without the More menu dropdown being displayed behind these elements the z-index value in the elgg-menu site class has been increased to 50 (34af1d71)

2.0.0-beta.3 (2015-10-04)

Contributors

• Steve Clay (6)
• Juho Jaakkola (2)
• iionly (1)

Features

• views: allow getting all view locations (7a699f3c, closes #8947)

Bug Fixes

• bookmarks: bookmark pin copies title into form (50881370, closes #8995)
• file: thumbnails are visible again (7f46db8e)
• site_notifications: no ajax error without reason on auto-deletion of site notifications (7aa55a81)

2.0.0-beta.2 (2015-09-21)

Contributors

• Steve Clay (7)
• Juho Jaakkola (2)
• iionly (2)
• Matt Beckett (1)

Documentation

• upgrading: Warn site owners about MultiViews and /settings URLs (0ada89d6, closes #8806)

Breaking Changes

• Relationship deletions only fire the "delete", "relationship" event. (9c148994)

2.0.0-beta.1 (2015-09-06)

Contributors

• Juho Jaakkola (4)
• Juho Jaakkola (3)

2.0.0-alpha.3 (2015-08-23)

Contributors

• Evan Winslow (6)
• Jeroen Dalsem (3)
• Juho Jaakkola (3)
• Steve Clay (3)
• Jerôme Bakker (1)
• Juho Jaakkola (1)
• Matt Beckett (1)

Features

• developers: Always show human-readable translations (43c19644, closes #8834)
• i18n: abbreviations for months and weekdays (889617ed)
• views:
  • added html5 audio support to the file plugin (e5a32390)
  • Allow sites to specify views.php at root (625c1ddd)

Performance

• nginx: Turn on gzip by default (49f776d3)

Bug Fixes

• cli: Rewrite ::installDir() to Directory\Local::root() in CLI server (1e1f446b)
• discussions: Body of discussion notification mail is not empty anymore (23ab3e51)
• entities: Entity creation no longer needlessly checks owner container (5adf98fd, closes #4231)
• icons: sizes of Font awesome icons are now more consistent with old icons (11386003, closes #8733, #8861)

Breaking Changes

• If a plugin has removed or replaced messages_notifier to hide/alter the inbox icon, the plugin must instead do the same for the topbar menu handler (messages_register_topbar).

Fixes #8862 (67cff474)

• When creating within a group, ElggEntity::create used to always separately check if the current user can use the owner's account as a container. This made sure that one group member could not post to the group using another member as owner. This separate check led to confusion, as handlers of the container_permissions_check hook were told that the owner was to be the container, when it was actually the group.

Here we bypass the separate owner container check if the desired owner_guid is the logged in user GUID. This eliminates the check under all normal circumstances but leaves it in place in case a poorly coded plugin allows the impersonation described above.

This also denies creation if the owner/container GUIDs are set but can't be loaded. Before, create() would simply bypass the permissions check if it couldn't load the owner/container.

Fixes #4231 (5adf98fd)

• We've removed the "categories" plugin from core.

You may access it at https://github.com/Elgg/categories

Fixes #7584 (ba0c12f2)

• The zaudio plugin is no longer part of the bundled plugins. The plugin has been moved to a seperate repository. You can find it here: https://github.com/Elgg/zaudio (ace52256)

2.0.0-alpha.2 (2015-08-05)

Contributors

• Steve Clay (14)
• Evan Winslow (13)
• Jeroen Dalsem (4)
• Ismayil Khayredinov (3)
• iionly (1)

Features

• core: Makes several commonly-used functions public (4b58e4f5, closes #7838)
• groups: group owner transfer lists users alphabetically (a8bc79c2)
• hooks: Adds indication in container permissions hook of checking owner (298b5231, closes #8774)
• web_services: filter method output with a plugin hook (5ff308c5)

Documentation

• releases: Clarify BC policy for major releases (a636bf86, closes #7080)
• web_services: document ws hooks (5430e032)

Bug Fixes

• composer: Symlink plugins from root mod dir (436fb4a2)
• nginx: Update rewrite rules for 2.0 (aa082a5c, closes #8750)
• profile: Support composer for icondirect requests (7610552b)
• upgrade: Point UpgradeService to correct upgrades dir (b3a31868)
• web_services: do not leak internal function names via system.api.list method (9415c413, closes #8574)

Deprecations

• discussion: Deprecates the elgg:discussion library (bf741815, closes #8760)

2.0.0-alpha.1 (2015-07-07)

Contributors

• Steve Clay (64)
• Evan Winslow (55)
• Jeroen Dalsem (28)
• Jerôme Bakker (14)
• Juho Jaakkola (4)
• Ismayil Khayredinov (2)
• Paweł Sroka (2)
• Juho Jaakkola (1)
• Juho Jaakkola (1)

Features

• application:
  • Allows fetching dataroot statically from Application (bed2e09b, closes #8653)
  • adds elgg() and makes Application a service provider (d43de92f)
  • Introduces Elgg\Application for loading/booting Elgg (ae5ece22)
• assets:
  • Get rid of js/ and css/ directories (881e2128, closes #8382)
  • Move all core static assets to views (c44740d5, closes #5105)
• comments: Comment/reply timestamps are now permalinks (4596e00b, closes #8407)
• composer: Fully support installing Elgg as a composer dependency (fceafea6, closes #8431)
• discussions: discussions feature has been moved to its own plugin (a4e484e6)
• groups:
  • adds alphabetical sorting to all groups page (ba82c682)
  • sidebar members show recently joined members (fcf6e19a)
  • group members page can be sorted on newest members (2eb5e5ea)
  • Only submitted group profile fields are updated (c3d11285)
• hooks: a new function to clear all callbacks for a given hook (bd511763)
• icons: use FontAwesome icons (ea7b17d5)
• javascript: admin panel javascript is now loaded asynchronously (7141da5f)
• js: Adds temporary require() shim for deferring inline scripts (65fddb00)
• likes: Entities are no longer likable by default (cb6ebcc9, closes #5996)
• members: add alphabetical member listing (0ad75efe)
• memcache: support Memcache namespace prefix (8baae3f3)
• messages: recipient selection by userpicker (932e974c)
• php: Require PHP 5.5+ (52da9d98)
• plugins:
  • listing of 'my' content shows content you own (20e606b7, closes #4878)
  • (de)activate_all action defaults to (in)active plugins (0ea152f0)
  • Improved plugin listing (bde2c394, closes #8412, #4158, #4301, #6778)
• profile: only submitted profile fields are updated (fd7b8e0a)
• routing:
  • Removes /export and all secondary front controllers (ab3c879f, closes #8425, #5017)
  • Render blog pages with views (9f1d9316)
  • Render email validation page with view (b1060e52)
  • Render twitter_api interstitial with view (a06a7e27)
  • Render thewire pages with views (e126b2f6)
  • Render tagcloud page with view (ad0d4cc0)
  • Render site notifications page with view (5e3cb646)
  • Render search page with view (aff84bc7)
  • Render reportedcontent pages with views (315ce166)
  • Render profile pages with views (125844aa)
  • Render pages pages with views (ec060fb6)
  • Render notification pages with views (dcfb1761)
  • Render messages pages with views (91b52801)
  • Render messageboard pages with views (c77d4e03)
  • Render members pages with views (75c3fcda)
  • Render groups pages with views (89651a3a)
  • Render discussion pages with views (7dc40a16)
  • Render file pages with views (217e4222)
  • Render theme_sandbox shell with view (42013a5d)
  • Render dashboard page with view (f8530d13)
  • Render categories page with view (1ae65c53)
  • Render bookmarks pages with views (6c63b0df)
  • Move all core pages to resource views (2761e874)
  • Use the views system to render the index page (f1b75bbe)
• views:
  • added a generic by_line page element for content objects (1a5bcb64)
  • comments form value is now html5 required (ba9f4301)
  • login and register form now have html5 required fields (f8c505ca)
  • Allow mapping views dirs via views.php files (9ba31f20, closes #8546, #8550)
  • Nearly all plugin static resources are in views (b8a8864c)
  • Allow specifying exact view paths via views.php (f3881cf4, closes #6844, #8515, #8527)

Performance

• engine:
  • Viewtype is auto-detected only once (541a5cd1, closes #8438)
  • Reduce method calls when fetching from service provider (5561fec9)
• js: Remove jquery-migrate and upgrade jquery to ^2.1.4 (8f58da98)
• scripts: Load all scripts in foot regardless of registered location (c91f1f3e, closes #2718)
• simplecache:
  • Faster serving in case symlink not used (85c2e888)
  • Allow 304 responses even with simplecache off (14bd68fb)
• views:
  • only draw menus when they are used (b9f85e4c)
  • Allow serving assets directly from filesystem (c4c5734d, closes #8381)

Documentation

• head: Remove out-of-date JS docs (23c3d036)
• icons: Add docs for Font Awesome changes in #8578 (eb9bcde3, closes #8625)
• routing: Update custom_index to demonstrate latest best practices (0142a5f0)
• upgrade: Clean up docs around PDO upgrade (fdfa4d7f)
• upgrading: documents comments hook return values (b9d975f0)

Bug Fixes

• actions: Misspelled action levels no longer treated as logged_in. (d936549a, closes #8337)
• admin: admin.js no longer fails on the plugin text file page (a4e2ce00)
• breadcrumbs: hide the last breadcrumb if it’s not a link (a1bec58f, closes #6419)
• comments: allow comments hook to return empty strings (37321a14)
• database: Uncallable callback arguments now throw exceptions (1e65aa10, closes #6937)
• events: All hook/event handlers are now weighted properly (3e6a2898, closes #1378)
• https: Drop login-over-https (c0e81a40, closes #5729)
• output: fewer view $vars will be output by accident (4560d389, closes #8218)
• river: Improves alignment of filter select and nests inside label (4f903c1e)
• site_notifications: correctly position site_notifications menu (22d14acb)
• ui: Eliminates FOUC in Firefox (8244ae61, closes #8328)
• views: do not drop elgg-button-submit class when using input/submit (1e8e3e6f)
• zaudio:
  • AudioPlayer now works via AMD module in IE9 (4b0768b8)
  • Convert zaudio JS to AMD modules (674899e0, closes #8283)

Breaking Changes

• To allow likes on your content you must permit the annotation to be created. Likes provides a new hook “likes:is_likable” to allow easily registering entities by type:subtype.

Fixes #5996 (cb6ebcc9)

• The plugins blog, bookmarks and file have been changed to have their content listing for "Mine" and "Friends" list content where they are the owner of. Previously it only listed content created in their container. This resulted in group content not showing in 'my' content listings.

Fixes #4878 (20e606b7)

• The functions blog_get_page_content_read and blog_get_page_content_friends are no longer available. (a437f952)
• The file mod/aalborg_theme/graphics/avatar_menu_arrows.png has been removed.

Fixes #8629 (ee7f14ed)

• Elgg no longer checks get_input(‘view’) and $CONFIG->view for every call of elgg_get_viewtype(). elgg_set_viewtype() must be used to change the global viewtype.

Fixes #8438 (541a5cd1)

• The forms/admin/plugin/change_state view is no longer available (796cafe7)
• Only profile fields that are passed to the profile/edit action via $_REQUEST will be updated. Omitted fields will not be cleared as it was before this change.

fixes #8582 (fd7b8e0a)

• Fields not submitted to the groups/edit action will no longer be acted upon. Previously they would be set to empty or default values. (c3d11285)
• dropped library elgg.markdown

The Markdown library is available as a composer package, this requires less maintenance by Elgg developers.

fixes #8597 (df68d986)

• The action widgets/upgrade is no longer available (c3273d1d)
• The deprecated functions $user->getSites(), $user->addToSite(), $user->removeFromSite(), $user->listFriends() and $user->listGroups() are removed. (3bde1718)
• This class is no longer used in Elgg. If you still need this, you need to provide your own version of this class. (4819c565)
• The deprecated function parameter support for $object->getSites() and $object->addToSite() are removed. Update to the parameter usage as defined in the ElggEntity functions. (5d02672b)
• If you use a reference to the physical Elgg sprites please update your plugin to use the FontAwesome icons.

Replace the Elgg sprites icons by FontAwesome icons, this allowes for more icons and easier styling of the icons

fixes #7239 (ea7b17d5)

• The plugin views are redesigned to display in a lightbox. This completely removes the views forms/admin/plugins/filter and forms/admin/plugins/sort. (bde2c394)
• Discussion feature has been pulled from the groups plugin into its own independent plugin.

The following views are not available anymore:

• object/groupforumtopic
• river/object/groupforumtopic/create

Also the [object, groupforumtopic] subtype has been replaced with the [object, discussion] subtype.

Nothing changes from the group owners' point of view. The discussions feature is still available as a group tool and all old discussions are intact.

Fixes: #5994 (a4e484e6) * See http://jquery.com/upgrade-guide/1.9/ for how to move off jquery-migrate.

If you'd prefer to just add it back, you can use this code in your plugin's init:

elgg_register_js('jquery-migrate', elgg_get_simplecache_url('jquery-migrate.js'), 'head');
elgg_load_js('jquery-migrate');

Also, define a jquery-migrate.js view containing the contents of the script. (8f58da98) * Great care has been taken to make this change as backwards-compatible as possible, so you should not need to update any view references right away. However, you are certainly encouraged to move your JS and CSS views to their new, canonical locations.

Certain uses of the view,$view_name and view_vars,$view_name hooks will not work. See the docs on "View aliases" for more info.

Refs #8381 Fixes #8382 (881e2128)

• The following views, functions and methods have been removed completely.

Removed views:

• canvas/layouts/*
• categories
• categories/view
• embed/addcontentjs
• groups/left_column
• groups/right_column
• invitefriends/formitems
• notifications/subscriptions/groupsform

Removed functions:

• count_unread_messages()
• delete_entities()
• delete_object_entity()
• delete_user_entity()
• elgg_validate_action_url()
• extend_view()
• get_entities()
• get_entities_from_access_id()
• get_entities_from_access_collection()
• get_entities_from_annotations()
• get_entities_from_metadata()
• get_entities_from_metadata_multi()
• get_entities_from_relationship()
• get_filetype_cloud
• get_library_files()
• get_views()
• is_ip_in_array()
• list_entities()
• list_entities_from_annotations()
• list_group_search()
• list_registered_entities()
• list_user_search()
• menu_item()
• make_register_object()
• search_for_group()
• search_for_object()
• search_for_site()
• search_for_user()
• search_list_objects_by_name()
• search_list_groups_by_name()
• search_list_users_by_name()
• test_ip()

Removed methods:

• ElggCache::set_variable()
• ElggCache::get_variable()
• ElggData::initialise_attributes()
• ElggData::getObjectOwnerGUID()
• ElggDiskFilestore::make_directory_root()
• ElggDiskFilestore::make_file_matrix()
• ElggDiskFilestore::user_file_matrix()
• ElggDiskFilestore::mb_str_split()
• ElggEntity::clearMetadata()
• ElggEntity::clearRelationships()
• ElggEntity::clearAnnotations()
• ElggEntity::getOwner()
• ElggEntity::setContainer()
• ElggEntity::getContainer()
• ElggEntity::getIcon()
• ElggEntity::setIcon()
• ElggExtender::getOwner()
• ElggFileCache::create_file()
• ElggSite::getCollections()
• ElggUser::getCollections()
• ElggUser::getOwner()

Also the following arguments have been dropped:

• ElggSite::getMembers()
  • 2: $offset
• elgg_view_entity_list()
  • 3: $offset
  • 4: $limit
  • 5: $full_view
  • 6: $list_type_toggle
  • 7: $pagination (852b2640)

• Several internal data structures are no longer stored within the plugin- accessible config space; the removed keys are listed in docs/guides/upgrading.rst. The long-deprecated remove_blacklist() function has also been removed. (2247ed80)
• Relationship additions only fire the “create”, “relationship” event. (3517bd0f)
• Elgg no longer allows customizing the views template handler. We don't think this ever really worked in the first place, so probably no one was using it, but since it's conceivable someone could be, we're leaving this warning.

Fixes #8440 (8ae86f16)

• If your theme or plugin was overriding or extending the 'css' view, you should override/extend the 'css/elgg' view instead. (51441706)
• The view js/admin and the namespace elgg.admin are not available anymore. (7141da5f)
• To ensure your handler is called last, you must give it the highest priority of all matching handlers. To ensure your handler is called first, you must give it the lowest priority of all matching handlers. Registering with the keyword “all” no longer has any effect on calling order. (3e6a2898)
• Several views that were deprecated in the 1.x series are being removed in 2.x. This helps us keep the codebase clean and our maintenance burden lower. (805ecb1d)
• This removes several views related to IE. If you need support for browsers not listed in our browser support policy, we encourage you to to do so with feature detection and polyfills rather than conditional comments and user-agent sniffing. (7fe9329e)
• If you use the class FilePluginFile in your plugin, replace this usage with ElggFile (for construction). Load files objects with get_entity().

Fixes #7763 (6be0f97c)

• Any code that relies of mysql_* functions (expecting an implicit connection) will fail. Also any handler functions passed to the execute_delayed_read/write_query() function will now receive a Doctrine\DBAL\Driver\Statement instead of an ext/mysql resource. (96453494)
• We are switching to Zend\Mail for sending emails in Elgg 2.0. It's likely that there are some edge cases that the library handles differently than Elgg 1.x used to. Take care to test your email notifications carefully when upgrading to 2.0.

Fixes #5918 (e9de196d)

• For the best security and performance, serve all pages over HTTPS by switching the scheme in your site's wwwroot to https at http://yoursite.tld/admin/settings/advanced

Fixes #5729 (c0e81a40)

• If you use any inline scripts that depend on scripts in head, you'll need to change them to external AMD modules and load them with elgg_require_js.

Fixes #2718 (c91f1f3e)

1.12.14 (2016-11-08)

Contributors

• Jerôme Bakker (3)

• Ismayil Khayredinov (1)

• Steve Clay (1)

• core:

  • outgoing email should have a message-id header (9953687f)
  • _elgg_send_email_notification respects other email handlers (80bd413d)
  • elgg_get_page_owner_entity will return ElggEntity (9f8e8dda)

• register: consistent forwarding upon login (a62410dd)

• relationships: ElggRelationship::save returns the ID (25754c76, closes #10373)

1.12.13 (2016-10-02)

Contributors

• Jerôme Bakker (3)
• Steve Clay (2)
• Sébastien Lemay (1)

Bug Fixes

• core: page owner entity only returns users/groups user can see (0d333100)
• docs: Fixed link to 'our supporters page' (fe144644)
• notifications: only prefetch subscribers for ElggEntities (65be05c5)
• profile: use correct default access for profile fields (63a01b6f)

1.12.12 (2016-08-05)

Contributors

• Steve Clay (11)
• Ismayil Khayredinov (2)

Bug Fixes

• blog: pass entity to the object/elements/full (134c5b83)
• groups: unfeaturing a group no longer leaves useless metadata (2f3cf28a)
• logging: make clearer exception numbers are timestamps (9c70596e, closes #9924)
• plugins: now checks plugin instances before parsing priorities (26d21f88)

1.12.11 (2016-06-13)

Contributors

• Ismayil Khayredinov (2)
• Steve Clay (2)
• Matt Beckett (1)
• ura soul (1)

Bug Fixes

• river: custom joins can now reference default joined tables. (a6590a9a, closes #8580)
• ui: improves usability of anchors within system messages (30e3ad6c)
• walled_garden: favicon.ico page handler is now treated as public (53f11c43)

1.12.10 (2016-05-29)

Contributors

• Steve Clay (13)
• Jeroen Dalsem (6)
• Ismayil Khayredinov (4)
• Jerôme Bakker (1)
• bruno-infotrad (1)
• iionly (1)
• jdalsem (1)

Documentation

• cron: added an example how to register a cron hook handler (4b54a099)
• i18n:
  • clarifies limitations of elgg.echo (83b2c106)
  • recommends an English translation for all new language keys (facc222b, closes #9375)

Bug Fixes

• annotations: fixes time-based annotations searches (6d5e1b78, closes #9785)
• autoload: fixes bugs in class map saving (18ea55fa)
• comments: email subject hook now validates array structure (5df7f40b, closes #9772)
• core: remove duplicate tags upon input (096cf4b8)
• css: only apply vertical padding on ajax loader of user hover menu (d9c8326e)
• file:
  • re-added cannotload language string for file plugin (6ba7e7b8)
  • better uploaded file handling and thumbnail serving (72140cfc, closes #9612, #9267, #6677)
• forms:
  • empty plugin settings forms no longer wrapped in a form tag (5f7dbcd0, closes #9704)
  • empty form body no longer wrapped in a form tag (dc68d04e)
• html: autop no longer ltrims next to a leading inline element (6785ee88, closes #9790)
• http: all unhanded exceptions send 500 status code (2f45c2ca, closes #9758)
• js:
  • elgg.echo recognizes empty translation strings (does not return key) (1d32b2c2)
  • action token refresh now correctly replaces tokens in urls (7b4e0db2)
  • do not trigger generic ajax error message for token refresh (e052481f)
  • prevent generic ajax error when user aborts the ajax call (1b5a765f)
• notifications: smtp thread headers only set if still possible (f3bb4ac4)
• site: adds robots.txt to public pages (824197b1)
• users: mitigate race conditions when deleting/disabling users (da45affe)
• views:
  • no breadcrumbs in error layout (b25324a3)
  • do not output empty string titles in page/elements/title (41eecbe3)

1.12.9 (2016-03-06)

Contributors

• Steve Clay (7)
• Ismayil Khayredinov (2)
• Jerôme Bakker (1)
• Juho Jaakkola (1)

Bug Fixes

• cache: internal Stash pool wrapper works again (ddc254e4, closes #9374)
• css: buttons no longer get cropped in admin context (298ae0a8)
• groups: correctly format the remove user from group menu item (8fdf21f5)
• http:
  • cache handler sends 304 responses more reliably (873be892, closes #9427)
  • more resources sent with explicit UTF-8 charset (036a82bd, closes #9345)
  • make sure all pages/JS/CSS sent with explicit UTF-8 charset (3dab7d10, closes #9345)
• js: AMD view filter handles short view names without / (c9ca8329)
• search: eliminate 6 notices in search_users_hook (87b7011b)
• settings: do not emit errors if form fields are not present (9f5111c9)
• web_services: reject requests for unavailable formats (04aeaf7d, closes #9410)

1.12.8 (2016-01-31)

Contributors

• Ismayil Khayredinov (1)
• Juho Jaakkola (1)
• Steve Clay (1)

Bug Fixes

• access: fixes guid column name in metadata queries (b3427ccc)

1.12.7 (2016-01-03)

Contributors

• Steve Clay (4)
• Ismayil Khayredinov (1)
• Juho Jaakkola (1)

Bug Fixes

• logging: Log messages no longer discarded (5020c525, closes #9244)
• menus: stricter type validation in menu item registration functions (c5554a75)
• php: Suppress mysql_connect() deprecation warnings for core (40fe0a8f, closes #9245)
• session: Session is again available in the shutdown event (2409d346, closes #9243)

1.12.6 (2015-12-14)

Contributors

• Ismayil Khayredinov (4)
• Juho Jaakkola (1)
• Steve Clay (1)

Bug Fixes

• a11y: display aalborg mobile site menu toggle in more browsers (e96f0798, closes #9110)
• actions: send error HTTP header from action forward hook (d3344de7, closes #9027)
• entities: update attribute when assuming container_guid value (a21dd95e, closes #8981)
• menus: make sure entity passed to user hover menu hook is a user (f5bbcc65)
• output: fixes handling of untrusted URLs in output/url (217e4df6, closes #9146)

Breaking changes

• Plugins that customized .elgg-button-nav (or the spans inside) will need to be altered. The .elgg-icon CSS is left in place but will be removed in Elgg 2.0. (e96f0798)

1.12.5 (2015-11-29)

Contributors

• Steve Clay (5)
• Juho Jaakkola (4)
• Ismayil Khayredinov (3)

Performance

• river: no longer needlessly render river responses (97df230f, closes #9046)

Bug Fixes

• files: make sure method is callable on a concrete object instance (740d3108, closes #9010)
• i18n: avoids using mbstring.internal_encoding in PHP >= 5.6 (c0ff79de, closes #9031)
• memcache: don't store a copy of $CONFIG in file objects (beb90891, closes #9081)
• pages: removes deprecated notices regarding input/write_access (fdcab74b, closes #8327)

1.12.4 (2015-09-20)

Contributors

• Steve Clay (3)
• Juho Jaakkola (2)
• Matt Beckett (2)

Documentation

• entities: Docs for type/subtype and associated ege() options (eb0e53fc)
• releases: Manually check lang files for PHP errors before release (040079b7, closes #8924)

Bug Fixes

• pages: Prevent public "Missing access level" in write access field (4174b774, closes #8905)
• relationships: can now prevent relationships using event handler (9a275d9c, closes #8927)

1.12.3 (2015-09-06)

Contributors

• Ismayil Khayredinov (3)
• Juho Jaakkola (1)

Bug Fixes

• files:
  • $file is not always an object with originalfilename property (cf0929c2)
  • now uses filename on filestore to detect mime (ab8086a6, closes #8846)

1.12.2 (2015-08-23)

Contributors

• Jerôme Bakker (4)
• Evan Winslow (1)
• Juho Jaakkola (1)
• Steve Clay (1)

Documentation

• entities: Better docs for fetching relationships (e0d8f793)

Bug Fixes

• friends: site_notifications have a clickable link to the new friend (55a0f9b0)
• groups:
  • membership request accepted has link in site_notifications (6e0d6f4a)
  • group invite has link in site_notifications (61a8484d)
  • membership request has a link in site_notifications (ba53c509)

1.12.1 (2015-08-05)

Contributors

• Evan Winslow (1)

1.12.0 (2015-07-07)

Contributors

• Steve Clay (23)
• Evan Winslow (11)
• Ismayil Khayredinov (9)
• Miloš (4)
• Jeroen Dalsem (3)
• Jerôme Bakker (2)
• Jon Maul (1)
• Juho Jaakkola (1)

Features

• ajax:
  • elgg_ajax_gatekeeper for asserting resources as Ajax-only (4e0e1a5b)
  • Allows fetching form views wrapped by elgg_view_form() (ee7641c4)
• annotations: Adds a more granular permission hook for canAnnotate (83da5f18)
• cache: introducing a generic function to reset all caches (f526c479)
• comments: Paging through comments/discussion replies jumps to content (b75fd8f8)
• developers:
  • Devs can show loaded AMD modules in console (221bdf6a)
  • Adds a quick access icon for some admin settings (f22567b6)
• events:
  • Adds static methods for returning common values (f080fed1)
  • allows dynamic method callbacks to be unregistered (08c773ba, closes #7750)
• lightbox: More sensible handling of href options (765fcd05)
• views: Users can jump directly to content via prev/next links (f90466c8)

Performance

• developers: reduces boot queries when the developers mod is enabled (03aa096e)
• engine: only update attributes/metadata if value is changed (8295e70a)

Documentation

• ajax: Correct typo in code example (d55e4a3a)
• code: Clarify interface naming convention (de03d372, closes #8293)
• misc: Miscellaneous docs fixes (06e3557c)
• permissions: Fix $params key name for permissions_check:annotate (1af6e3a2)
• views: Better document outgoing elgg_get_view_location() (0a9059d6)
• web_security: adds security warnings (d47fc5ed)
• web_services: document the use of parameters in method declarations (750e31b9)

Bug Fixes

• embed: embed link no longer leaves the page before events are set up (f50e9aa3, closes #8284)
• http: More appropriate exception responses (e28f37e6, closes #6228, #8360)
• legacy_urls:
  • adds missing forwarder for groups/forum/$guid (2b555f88, closes #8493)
  • unset __elgg_uri to prevent infinite loops (0c7687ac, closes #8494)
• profile: Avatar cropper again can be moved immediately after uploading image (d8cf51b7, closes #8449)
• relationships: Invalid relationship names throw properly (ac976e23)
• search: Search treats "0" as a valid query (af58fa5d)
• ui: prevent button jumping on widget add panel toggle (088de48d)
• web_services: no longer uses deprecated export global (3a818d2b)

Deprecations

• views:
  • elgg_get_view_location is going away in 2.0 (b4347fb4)
  • Support for custom template handlers will end soon (0dc67698)

1.11.6 (2016-06-12)

Contributors

• Steve Clay (3)

Breaking Changes

• The JS function elgg.security.setToken is now formally marked private and its parameters are not backwards compatible. (9d8ddecb)

1.11.5 (2015-12-13)

Contributors

• Steve Clay (1)
• Juho Jaakkola (1)

Bug Fixes

• views: Sticky values now get passed into views extending register/extend (Fixes #8873)
• memcache: don't store a copy of $CONFIG in file objects (Fixes #9081)

1.11.4 (2015-07-07)

Contributors

• Ismayil Khayredinov (7)
• Evan Winslow (5)
• Miloš (4)
• Steve Clay (4)
• Jeroen Dalsem (1)

Documentation

• misc: Miscellaneous docs fixes (06e3557c)
• permissions: Fix $params key name for permissions_check:annotate (1af6e3a2)
• web_security: adds security warnings (d47fc5ed)
• web_services: document the use of parameters in method declarations (750e31b9)

Bug Fixes

• legacy_urls:
  • adds missing forwarder for groups/forum/$guid (2b555f88, closes #8493)
  • unset __elgg_uri to prevent infinite loops (0c7687ac, closes #8494)
• profile: Avatar cropper again can be moved immediately after uploading image (d8cf51b7, closes #8449)
• relationships: Invalid relationship names throw properly (ac976e23)
• ui: prevent button jumping on widget add panel toggle (088de48d)
• web_services: no longer uses deprecated export global (3a818d2b)

1.11.3 (2015-06-14)

Contributors

• Steve Clay (6)
• Evan Winslow (4)
• Juho Jaakkola (1)
• Julien Boulen (1)
• Marcus Povey (1)
• Matt Beckett (1)

Documentation

• code: Permit use of <?= PHP shortcut since we're on 5.4+ (453d8dcb)
• hooks: Clarifies docs for the register, user hook (b877f61d, closes #8377)
• install: Update cloud9 install instructions (616f2156, closes #8240)

Bug Fixes

• IDE: Public APIs no longer marked with @internal (11ccf71c, closes #7714)
• db: Will now validate invite codes that contain "-" characters. (6667c05f)
• notification: Removes warning handling the email, system hook (91daee43, closes #8333)
• relationships: Restores functionality of $inverse_relationship argument for get_entity_relationships (3cc06f11)
• spinner: elgg/spinner delays a bit before displaying (70cfdd01, closes #8361)
• users: admins are again able to reset user's password (2b4d599e)

1.11.2 (2015-05-25)

Contributors

• Steve Clay (12)
• Ismayil Khayredinov (5)
• Evan Winslow (2)
• Jeroen Dalsem (2)
• Juho Jaakkola (2)
• Ariel Abrams-Kudan (1)
• Jerôme Bakker (1)
• Juho Jaakkola (1)

Performance

• views: No longer regenerates the $vars[‘user’] wrapper for each view (3c40971a)

Documentation

• ajax: Adds more complete Ajax docs (bfbf0ff2, closes #8277)
• amd: Overhauls the AMD docs with a lot more detailed instructions (e01996ab)
• auth: Add basic APIs to the authentication docs (83d5f214)
• guides: Alpha-sort the developer guides to make them more scannable (88a9d130)

Bug Fixes

• ckeditor: also remove liststyle as a default loaded plugin (eb8235cb, closes #8195)
• comments: Ajax-saved comments show proper server formatting (6f0f74cb, closes #8294)
• file: Default file type icons again available in the theme sandbox (6892979f)
• filestore: Fixed a crash when forms had a file input but no file was provided (2ada5d5a)
• groups:
  • do not reassign container on ownership transfer if old container is not an old owner (57cf337a)
  • terminate edit action early if group can not be saved (3fe10452)
  • do not attempt to populate groups_entity table if base entity fails to save (f2cbb237)
• menus: only display location menu item if value is string (e3a39167)
• mysql: Use explicit ext/mysql resource in initial query/escaping (b7abe8eb, closes #8208)
• notifications: fixed deprecation notice elgg-require-confirmation (79bf7d42)
• river: Activity page for specific user shows that user’s owner block (5ecfe41d, closes #8257)
• session: Remember me no longer results in occasional fatal errors (b91620c1, closes #8104)
• ui: Checkboxes and labels are again separated by a space (1b62dd20, closes #8199)
• widgets: validate get_list,default_widgets hook output (b1c16311)

1.11.1 (2015-04-27)

Contributors

• Steve Clay (4)
• Brett Profitt (2)
• Ismayil Khayredinov (2)
• Juho Jaakkola (2)
• Jeroen Dalsem (1)
• Per Jensen (1)

Documentation

• support: Added 1.11's dates of support. (4bd3144d)

Bug Fixes

• aalborg_theme: removes unwanted margin from elgg-list-river items (c43371b5, closes #8124)
• access: do not use default access if access options are passed to the input view (36a4d209, closes #8219)
• core: check for correct minimal php version in installer (fcff9e5e, closes #8196)
• deprecation: visible deprecation errors aren't displayed to admin anymore (2311d666)
• navigation: Links to “Comments” again link directly to the comments section (caea1ab2, closes #8227)
• plugins:
  • Unloadable owner doesn’t WSOD displaying groupforumtopic (8a082a3c)
  • Fixes HTML toggle for CKEditor (a45c4ca4, closes #8193)
• session: Properly assigns PHP session settings from configuration (d1ec08f3, closes #8223)
• tags: Corrected cases of tags having leading or trailing spaces. (67addf48, closes #8123)

1.11.0 (2015-04-13)

Contributors

• Jeroen Dalsem (50)
• Steve Clay (37)
• Ismayil Khayredinov (15)
• Jerôme Bakker (11)
• Juho Jaakkola (6)
• Evan Winslow (3)
• Brett Profitt (2)
• Matt Beckett (2)
• Paweł Sroka (2)
• Mariano Aguero (1)
• Per Jensen (1)
• ray peaslee (1)

Features

• access: notify users when access change will affect comments (09691cb1, closes #8086)
• admin: add a warning when a physical robots.txt is present (90ec514e)
• comments:
  • link in email notification now takes directly to the correct page (914b492d)
  • allows setting comments per page via hook (879a3ef3)
  • river comments/discussion replies go to right page (364894e2, closes #7936)
• context: adds API to get/set the entire context stack (d7ff355b)
• core:
  • adds handling of 400 and 403 error codes (243ca408)
  • added a new admin widget to monitor cron jobs (aeb26236)
• db: remove access collection (membership) when an entity is removed (f67d04fd)
• developers:
  • added userpicker with limit 1 to theme sandbox (6d3ad5cf)
  • show total DB queries in the developer screen log (defbe1cc)
  • the inspector pages show a lot more info (a4384438, closes #4540)
  • improved readability of inspect pages (a3e7f09d, closes #6484)
• discussions: link in email notification now takes directly to the correct page (4565cc86)
• engine:
  • added a canDelete function to the entity class (6b12e45d)
  • added a trigger to elgg_view_menu to adjust menu vars (34ad5bee)
• externalpages:
  • replaced tabs with menu on expages edit form (d4d03d0a)
  • added a link on the edit form to view page on site (1a6d8d79)
  • added an edit button to the view of an external page (cd1c58b8)
• file:
  • Add upload button to sidebar search pages (290c498d, closes #8110)
  • show image thumbnail in a lightbox in full view (001e27eb)
• groups: group tool options are now checkboxes (25532a91)
• i18n:
  • added function to check if a language key exists (9684b37c)
  • allow option to force language with an url parameter (afd9ad34)
• icons: allow ElggEntity::getIconURL to accept an array (7281ea01)
• js:
  • added a hook to the AMD config to control the configuration (697bb841)
  • datepicker will now show month and year selector (1945c8ba)
  • adds a fixed Ajax spinner module (dd1b5bc2)
• login_as: Added login_as plugin as bundled with the core. (7ca66011, closes #7958)
• navigation: add hook to filter breadcrumbs (f7cb4878, closes #6419)
• plugins: adds several reported content features (347683c1, closes #5379, #6082, #5380)
• security:
  • Adds component to create and validate HMAC tokens (4c1b0740, closes #7824)
  • adds events around site secret regeneration (25f177a3, closes #6252)
• ui: allows highlighting an element whose id is found from the URL (f7dd696a)
• views:
  • added lazy loading of user hover menu (a0267469)
  • add first and last page number to pagination (4c9c1209)
  • added the ability to translation the usersettings title (00e9efce)
  • allow providing alternative views for list items (85c22f35)
  • support for extra variables in elgg_view_icon function (67006312)
  • move logged in check to topbar view (08ae23f6, closes #6582)
  • plugin hooks can modify view $vars (d493bf93, closes #7736)
  • added support for other entity types to tagcloud block (db0d9b04)
  • added container guid support to sidebar comments block (e70f2c98)
  • add container guid support to tagcloud block (de92b4ec)
  • passes more context info to input/access and access hooks (437f9649, closes #4695)

Performance

• entities:
  • adds preload_containers option to elgg_get_entities (65fe534f, closes #7663)
  • loads more entities with a single query (31058a09, closes #7662, #7659)
• groups: makes group invitations scalable (6088b1a7)
• i18n: only check for admin once during getInstalledTranslations (38dae267)
• languages: improved js caching of languages by using simplecache (ab17ee54)
• likes: ajax load liking users and show in lightbox (7a371477)
• plugins: removes DB query to determine if a plugin is active (0ed117d3, closes #7661)
• search: only query DB for fulltext min and max word length once (5f6e1176, closes #6707)

Documentation

• rst: documents new list item view parameter (a4f51701)
• upgrading: instructs how to enable comment highlighting in custom themes (60eebdc2)
• views: improves docs for views (365f9058)

Bug Fixes

• access: show all readable custom access collection names to admins (fd1637f5)
• actions: action scripts can return falsey values without causing errors (35382fce, closes #7209)
• annotations: simplifies ege* for annotation calculations (b123f06d, closes #7398, #4393)
• ckeditor: updated to full ckeditor package version 4.4.7 (ada19c9d)
• comments: keep comment access_id in sync with container (066102ab, closes #7807, #NaN)
• css: Fix size of button elements in /admin (6cb602c5)
• developers: append the developers log as late as possible (5b0d4c65)
• engine:
  • eliminated potential deadloops in MenuBuilder::setupTrees (3e5cf89a)
  • return original val if not a string for string_to_tag_array (1ef2b9e3)
• file: always download as attachment when using file download action (278fe010)
• filestore: fixes file uploading broken by the transition to Symfony HttpFoundation (d315aaaa)
• i18n:
  • ckeditor now uses user's own language instead of the site language (aa63a911)
  • do not let empty translation arrays disable plugins (10ba5d89)
  • make sure that all potential languages are loadable with js (cfa860e6)
• js:
  • only show editor toggle link if editor is initialized (d18f95cc)
  • increased AMD config waitSeconds to prevent timeout issues (0bd6aef6)
  • correctly define amd dependencies for input/userpicker (48f5c00a)
• messageboard:
  • provide correct link to users messageboard (04b86f56)
  • correctly register deletePost on ajax created posts (a50dbe3e)
• navigation: strip tags before comparing menu item text (c021e6a9)
• notifications: correctly use elgg_log instead of error_log (43661c90)
• profile:
  • moved topbar profile menu registration to profile plugin (2100c494)
  • adds the prepare hook for the profile page’s owner menu (1d39ff8d, closes #6085)
• security: Eliminates auto-casting within HMAC token building (2be74f05)
• tests: fix failing SystemMessagesServiceTest (d52515ba)
• views:
  • show spinner when ajax loading walled garden forms (1e503da4)
  • prevent direct calls to an ajax view (3b5993bb)
  • changed text of the # more comments text in the river (f2f3c1dd)
  • view can only exist if it is string (4452b614)
  • check item instance before rendering it (f927f462)
  • always show all system messages (success and error) (01156baa)
  • added avatar classnames to menu item for consistency (d803c1aa)
  • sidebar comments block data should be consistent with page (f9e6efb2)
  • switch tagcloud blocks to list tags based on container_guid (7915a668)

1.10.6 (2015-12-13)

Contributors

• Jerôme Bakker (5)
• Juho Jaakkola (2)
• Evan Winslow (2)
• Mariano Aguero (1)
• akudan (1)
• Steve Clay (1)
• Jeroen Dalsem (1)

Bug Fixes

• views: Sticky values now get passed into views extending register/extend (e241e82e, closes #8873)
• memcache: don't store a copy of $CONFIG in file objects (beb90891), closes #9081)
• messageboard: provide correct link to users messageboard (Fixes #8170)
• notifications: correctly use elgg_log instead of error_log (Fixes #8039)
• i18n:
  • ckeditor now uses user's own language instead of the site language
  • do not let empty translation arrays disable plugins (Fixes #8116)

Chores

• notification: no more typehint errors when sending a notificationas an ElggGroup (Fixes #7949)
• thewire: improved error handling when removing a wire post (Fixes #7003)
• core: catch login exceptions during password change (Fixes #7948)

1.10.5 (2015-04-05)

Contributors

• Per Jensen (1)
• Steve Clay (1)

Bug Fixes

• aalborg_theme: moves unextend/extend view into init (3c5fb39b, closes #8105)

1.10.4 (2015-03-22)

Contributors

• Evan Winslow (3)
• Jerôme Bakker (2)
• Juho Jaakkola (2)
• Matt Beckett (1)
• Paweł Sroka (1)

Bug Fixes

• core: don't trigger delete event when you can't edit the entity (83c69c09)
• groups:
  • respect previous modifications to the write access in group context (11b55041)
  • Hides group profile fields that don't have a value (2bb13db8)

1.10.3 (2015-03-08)

Contributors

• Juho Jaakkola (5)
• Jeroen Dalsem (4)
• Ismayil Khayredinov (1)
• Jerôme Bakker (1)
• Matt Beckett (1)
• Cim (1)
• Rodrigo (1)
• Evan Winslow (1)

Documentation

• helpers: Adds missing underscores to elgg_get_loggedin_user_* functions (02ef5d7b)
• views: documented the difference between page/elements/foot and footer (001be7e4)

Bug Fixes

• upgrade: reset system cache before upgrade (468d1c40, closes #6249)
• uservalidationbyemail: only forward to emailsent page if email sent (7d8cd3b8)
• views:
  • always add the user guid param to the usersettings/save form (9e1661d4)
  • always submit element when there are no userpicker values (61e295c9)

1.10.2 (2015-02-21)

Contributors

• Jeroen Dalsem (16)
• Steve Clay (6)
• Evan Winslow (2)
• Jerôme Bakker (2)
• Ismayil Khayredinov (1)
• Juho Jaakkola (1)

Performance

• stats: more efficient get_entity_statistics() (f5ac3602)

Documentation

• install: Move environment-specific instructions to their own pages (1b750298, closes #7834)

Bug Fixes

• datepicker: Prevents month navigation links from overlapping with other elements (fb1596da, closes #7542)
• groups: also delete original icon when deleting group (b8d1612e)
• js:
  • correctly init datepicker when ajax loaded (aecc0047)
  • fixes aalborg site menu by restoring 1.9 toggle behavior (8ece7dd8, closes #7790)
  • catch global ajax errors and report to the user (dd52baeb)
• likes:
  • only allow likes to be deleted by owner (b47f0166)
  • correctly register like button for ajax action (d56b239d)
• messages: forward to inbox after deleting a message (015baf62)
• metadata: metadata values returned in more reliable order (36517715, closes #5603)
• plugins: pages with no annotation no longer cause fatal errors (ffdb908d, closes #7793)
• profile: consider potential split db in profile icondirect (bd8f3aed)
• search:
  • prevent search form submit if empty query (becd5ba2)
  • correctly split search words on multiple spaces (2bde4af1)
  • only query user metadata if there are profile fields (6cdafa10)
• ui: using site menu too early no longer results in 404 page (b11acee5, closes #7861)
• views:
  • use named keys when registering meta tags and links in head (2cbaa770)
  • improved check on non existing array keys (bfc65a68)
  • adds excerpt to comments and discussions in activity context (4e09115a)
  • deprecated notice no longer shows up in the wrong version (3fcbee3f)
  • use correct page offset for divisors that have a modulo (cdc85dca)

1.10.1 (2015-01-26)

Contributors

• Steve Clay (10)
• Jerôme Bakker (2)
• Ismayil Khayredinov (1)
• Juho Jaakkola (1)

Documentation

• routing: Adds RST docs on routing (fc3b0642, closes #7337)

Bug Fixes

• blog: correctly handle the archive listing if there is no archive (71fbf79f)
• css: add missing selector prefix (af3f003d)
• http: don’t allow plugins to bypass a forward() call (ac2d9f1e, closes #7637)
• notifications:
  • email replies again have “Re:” in subjects (632c57d3)
  • correctly unregister the default notifications save function (f2adb5e2)
• plugins:
  • discussion replies no longer missing/reversed order on river (78af4b69, closes #7801, #7668)
  • re-hides the likes button for groups (f57d6ef8, closes #7724)
  • eliminates notices for missing GET keys in profile icon (98fb967d)
  • Eliminates deprecation notice on file plugin objects (a0240add, closes #7761)
• travis: eliminates composer install failures (f96ea171)

1.10.0 (2015-01-11)

Contributors

• Paweł Sroka (12)
• Per Jensen (3)
• Steve Clay (3)
• Evan Winslow (2)
• Arsalan Shah (1)
• Juho Jaakkola (1)

Features

• security: No longer ship with vendors that have security advisories (b193ebcf, closes #7738)
• test: Added rewrite rules for builtin PHP cli server execution (a0ff98e2)

Documentation

• nginx: Added sample nginx configuration and moved sample configs to install/config/ (dbcd7548)
• requirements: Updated PHP version used in docs as requirement to 5.4 (5f4f8eea)

Bug Fixes

• CSS: adds margin between a file's text and image (261e92b4, closes #7712)
• amd: Added coverage tests and fixed minor bugs. (6250fd76)
• blog: adds missing class to preview button (be3b559b, closes #7706)
• http: Send a minimal 404 header for /favicon.ico requests (b8c8a280, closes #7261)
• settings: It's again possible to set user specific setting for a plugin (80e0c904)

1.10.0-rc.1 (2014-12-15)

Contributors

• Evan Winslow (64)
• Steve Clay (30)
• Jeroen Dalsem (24)
• Per Jensen (10)
• Jerôme Bakker (9)
• Paweł Sroka (7)
• Ismayil Khayredinov (5)
• Matt Beckett (3)
• Juho Jaakkola (1)
• Jeff Tilson (1)
• Bruno (1)
• Satheesh PM (1)
• Sem (1)

Features

• aalborg_theme:
  • adds support for alert messages (2e410f71)
  • adds visual difference between submit and action buttons (691470e6, closes #6929)
  • comments use triangle indicator instead of text label (b2d55926)
  • adds support for .elgg-button-special and button sizes (2ca0dedd, closes #2954)
• admin: Use elgg_view_menu to generate admin header (411a9f39)
• cache: allows using ints as keys in Cache\Pool (c36ec89d)
• core:
  • support for querying based on relationship create time (db27abbd)
  • adds edit avatar to admin section of user hover menu (a003d840)
• developers: inspect menu item now has children for faster access (314616d1)
• discussion: Added some extension points at discussion sidebars. These changes allow 3rd party plugins to extend discussion sidebar, and add there features like a subscribe (db46100a)
• file: display file upload limit on file upload form (09001b9d)
• filestore:
  • add elgg_get_file_simple_type() to core api (69e54e4c)
  • add a hook to fix detected mimetype (4ddc7843)
• groups: Added featured groups as a tab along with groups, popular, discussions (f77356e3)
• js: extended the usability of rel="toggle" (1d89418e)
• messages: improved UI for messages listing (46821a62)
• php: Require PHP 5.4+ (42b76d37, closes #7090)
• plugins: added default param to elgg_get_plugin_user_setting (13000c98)
• requirements: PHP 5.3.3+ is now required (3a555512, closes #6165)
• router: add original params to route hook (1b1026c3)
• settings: adds setting for default number of items per page (d1d0a4e1, closes #2650)
• site_notifications: option to mass delete site notifications … (c28eaac7)
• users: Username character blacklist can now be altered via plugin hook (7dc63eb2, closes #6189)
• usersettings: every user setting has its own menu item (6c1631d1)
• views:
  • output/tag supports all output/url options (d0c9c855)
  • allows rendering empty results using an anonymous function (a8f15ffa)
  • output readable access level for any access_id (c9c2e12c, closes #7133)
• webapp: Add support for a basic WebApp Manifest file (27c9ef4a, closes #7493)

Performance

• annotations: increased performance of egef_annotations (96e6bd37, closes #6638)
• db: Disabled SQL DISTINCT in more cases. (98a99c83)
• entities: preloads owners when drawing lists of entities/likes (82088d5e, closes #5949)
• likes: reduces number of queries when showing likes in lists (90991256, closes #6941)
• session: speed up elgg_is_admin_user() (aed21337)
• sql: allows removing DISTINCT from some MySQL queries (293317f2, closes #4594)
• views: remove unneeded view calls in river/elements/body view (4ef23b61)

Documentation

• requirements: Document new rolling support policy for browsers (9ce72099, closes #5932)

Bug Fixes

• ckeditor: ckeditor now prevents image drag/drop/paste in editor (47fecbea)
• config: path is derived from PHP, not database (b756cbb4)
• css:
  • strings together elgg-button and button sizes (3cbe5877)
  • removes link color from "comments" header in river, default theme (f140ffb9, closes #7137)
  • removes padding and margin from elgg-menu-entity items (e732645b)
• db: elgg_get_metastring_id should always create an id (423f1f6d)
• deprecation: deprecation warnings for 1.10 now work as expected (3d8ada59)
• discussion: also search in discussion replies when searching discussion topics (604697f3)
• entities: system files removed for all entities on delete (800d1f36, closes #7130)
• forms: Login and account forms widened and centered by default (5fc81511, closes #6456)
• groups:
  • replaced deprecated entity loading with new method (a8f73627)
  • adds wrapper to the message, This discussion is closed (a336db85)
• pages: add canEdit to page deletion permission check (454deb63)
• river:
  • allow everyone to look at everyones activity page (f15e7ff8)
  • rss layout supports mulitple installations in the same host (2e7262b4)
• search: respect entity type/subtype instead of params type/subtype (758263a3)
• session: correctly sets cookie params for sessions (565dd08c)
• upgrade: no longer try to process upgrade files from before installation version (15c6f109)
• views:
  • allows passing base_url through gallery view (fb32d683, closes #7669)
  • show different text on widgetpanel toggle button when opened (b4e63b45)
  • elgg_view_menu_item shows no link for items with null href (a64432cf)
  • move function and menu items out of file typecloud view (e28bcd9e)
  • makes admin panel mobile friendly (a8d9eeca, closes #6742)

Deprecations

• access: deprecates elgg_get_access_object() and refactors access lib (d19cf2bf)
• filestore: deprecate file_get_simple_type() and file_get_general_file_type() (c6042cbe)
• plugins: formally deprecates use of $CONFIG in start.php (ee8f2edc)
• view: deprecate output/confirmlink for consolidated output/url with 'confirm' option (6e5e3910, closes #5810)
• views: deprecates use of the core/settings/tools view (239b730f)

Breaking Changes

• The CSSMin class included via minify was renamed to CSSmin. If you were referring to it with capital M, you'll have to change that to lower-case m.

However, note that Elgg's dependencies are not considered public API, so this notice is only a courtesy. Please explicitly declare your dependencies on third party vendors, even ones that you know Elgg already includes. We may remove or update them at any time. (c3b0d8bc)

• If you are checking out Elgg directly from GitHub, you will need to run composer install after git checkout to get your installation to a working state. (2e60327f)

1.9.8 (2015-01-11)

Contributors

• Juho Jaakkola (1)
• Matt Beckett (1)
• Steve Clay (1)
• iionly (1)

Bug Fixes

• css: Correct z-index for autocomplete form field when opened in lightbox (e993141f)
• notifications: subject of comment notification email always starts with "Re: " (b5175b56, closes #7743)
• profile: admin defined profile fields are once again back-compatible (8e577be4, closes #7634)

1.9.7 (2014-12-14)

Contributors

• Jerôme Bakker (5)
• iionly (3)
• Jeroen Dalsem (2)
• Juho Jaakkola (2)
• Matt Beckett (1)

Documentation

• design: added the data model image from docs (680c3cf8)
• general: moved pronuncation file from docs (3718dac7)
• support: added documentation about the support policies of Elgg (bdd7855c)

Bug Fixes

• core: deprecation notices thrown at login/logout even if there's no valid reason (d22a6406)
• likes: Uses getDisplayName() instead of assuming the object has value in title property (7ece624f)
• notifications: Verifies that a notification method is registered before using it (4eddf313, closes #7647)
• pageowner: allow unsetting of page owner guid (a57e1fbe)
• uservalidationbyemail: usage of deprecated ['login', 'user'] event (23939b80)
• views: correctly close the comment form contents (0420bd00)

1.9.6 (2014-12-01)

Contributors

• Jerôme Bakker (74)
• Paweł Sroka (7)
• Jeroen Dalsem (2)
• Brett Profitt (1)
• Juho Jaakkola (1)
• iionly (1)

Documentation

• admin:
  • moved the finding plugins page from docs (d054a5fd)
  • moved the plugin order page from docs (dfb68cb0)
  • moved the getting help page from docs (2546fc9f)
  • moved duplicate installation from docs (53dfaca8)
  • moved backup and restore page from docs (e66a2432)
• design: moved the Loggable page from docs (02f68068)
• faq:
  • moved the Javascript not working page from docs (94a00252)
  • moved the Deprecation warnings page from docs (66374e0f)
  • moved the No images page from docs (2b261c8f)
  • moved the File is missing an owner page from docs (46f71887)
  • moved the Copy a plugin page from docs (a0b4b27a)
  • moved the session length page from docs (c337b834)
  • moved Emails don't support non-Latin characters from docs (c6001fba)
  • moved the What variables are reserved by Elgg page from docs (2d5a2a16)
  • moved the IE login problem page from docs (7445c19c)
  • moved the page not found page from docs (d0435c55)
  • move the Should I edit the database manually page from docs (d04a1383)
  • moved the css is missing page from docs (5b54b38c)
  • moved the filtering page from docs (68baa0e6)
  • moved the When I upload a photo or change my profile picture I get a white screen page from docs (ffbdd0d2)
  • moved the security faq from docs (627ff4f5)
  • moved the 500 - Internal Server Error page from docs (68a8ce19)
  • moved the What events are triggered on every page load page from docs (be493213)
  • moved the Using a test site page from docs (dc2fe2a7)
  • moved the Https login turned on accidently page (aeb32f65)
  • moved the debug mode page from docs (6b2d18e3)
  • split the faq page into different files for readability (bb1de6a6)
  • moved Manually add user from docs (0fa6c070)
  • moved How do I change PHP settings using .htaccess from docs (0defcaaa)
  • moved how does registration work page from docs (13ac44d3)
  • moved How do I find the code that does x from docs (ef30d048)
  • move the I don't like the wording of something in Elgg page from docs (9c13832b)
  • moved the Changing registration page from docs (6d7e4f48)
  • moved the changing profile fields page from docs (151d25a0)
  • moved What should I use to edit php code from docs (375869d1)
• features: added a link to the Elgg showcas page (334d2010)
• general: adds contents indexes to long pages (ebf316c9)
• guides:
  • moved Walled Garden page from docs (4100ccef)
  • moved the Accessibility Guidelines from docs (5b687a42)
  • moved the systemlog page from docs (de73bb22)
  • moved the How to restrict where widgets can be used from docs (17ec2d35)
  • moved the javascript hooks page from docs (71551797)
  • moved the PluginDependencies from docs (e37d79a2)
  • moved hmac authentication page from docs (7b37f083)
  • moved don't modify core page from docs (c99e0008)
  • moved the ajax page from docs (b758c731)
  • moved Engine/Controllers/BestPractices from docs (26f77b0d)
  • move plugin coding guidelines from docs (9c4ee9f9)
  • moved the gatekeeper page from docs (686fb7b2)
  • moved simplecache from docs (a2d9b474)
  • moved the authentication page from docs (0e928075)
  • moved the permissions check documentation from docs (d9a6a88a)
  • moved the plugin (user)settings documentation from docs (bf2d984d)
  • moved the context documentation from docs (87bd91f9)
  • moved the helper functions page from docs (96d7d374)
  • moved the page handler documentation from docs (e327d354)
• guids: moved page ownership from docs (223d668a)
• pdf: Added LaTeX build testing to Travis (021a95c5)
• plugins:
  • moved the System diagnostics page from docs (df2062a7)
  • moved the diagnostics page from docs (b69c978c)
  • completed the list of bundled plugins (2a886a84)
  • moved the thewire plugin description from docs (5443e715)
  • moved the blog plugin description from docs (722d1202)
  • moved the messages plugin description from docs (450c00b5)
  • moved the messageboard plugin description from docs (5d06e409)
  • moved the pages plugin description from docs (47f9d2c8)
  • moved the profile plugin description from docs (3fd4168c)
  • moved the groups plugin description from docs (0e1a6bdb)
  • moved the file plugin description from docs (140fb7ba)
  • moved the dashboard plugin description from docs (2b17c2ce)
  • moved the plugin skeleton documentation (d8ae89c7)
• travis: Added validation of translated docs sources for es language to Travis (40d284e1)
• views: moved the page structure best practices page from docs (c441a3f1)

Bug Fixes

• core: getFilenameOnFilestore() returns empty string if an ElggFile object has no filename set (a03591e7)
• docs:
  • Fixed docs elements not allowing LaTeX builds to succeed. (659d5796)
  • Fixed docs syntax for the PDF builds. (e3683683)
• forms: Removes icon and title links from autocomplete results (aff7e69e, closes #5583)
• livesearch: removed custom queries with ege* functions (d3656fa2)
• plugins: trigger plugin hooks when saving plugin settings (19c31361, closes #6820, #7502)
• session: Explicitly closing the session in the shutdown hook to work around APC session problems. (7dbe7c6d, closes #7186)
• views: allow numeric 0 values to show on user and group profile (edee47e5)

1.9.5 (2014-11-17)

Contributors

• Jeroen Dalsem (18)
• Brett Profitt (7)
• Steve Clay (7)
• Evan Winslow (3)
• Ismayil Khayredinov (3)
• Juho Jaakkola (3)
• Per Jensen (3)
• Jerôme Bakker (2)
• Paweł Sroka (2)
• Stian Liknes (2)
• Diego Andrés Ramírez Aragón (1)
• Matt Beckett (1)
• iionly (1)

Performance

• db: correctly re-enable query cache after ElggBatch run (a8c3fbd9)
• river: only fetch comments if comment_count > 0 (db64e16d)

Documentation

• actions: Migrated actions section from old Getting Started docs and cleaned up related sections. (d47a980f)
• admin: Migrated Getting Started guide from wiki. (11e589f6)
• all:
  • Cleanup docs. (914fa69a)
  • Added getting started for developers. (848d0d51)
• coding: improves docs for commits/amending/standards (e8166d78)
• database: updated and expanded information on entity icons (7bb60185)
• events: Updated event list and cleaned up existing event docs. (433ed90c)
• faqs: Started migrating some FAQs. (cd3afdcc)
• hook: Updated hooks docs. (327ecb48)
• menus: improve docs for menu item factory (61751db6)
• notifications: documentation for the notifications system (ac12ac99, closes #7308)
• style: documents trailing whitespace policy and script (798810c7)

Bug Fixes

• aalborg: More robust grid reflows for smaller screens (8d8155e7, closes #7393)
• access: always display readable access level for ACCESS_* constants (a74421f9, closes #6801)
• core:
  • renaming to _elgg_namespace_plugin_private_setting forgotten in unsetAllSettings (782b75f2)
  • prevent sql exception when metastring is interpreted as very large number in egef_metadata (bab43d60, closes #7009)
• css: markdown code blocks should not should nested borders (8c736c2f)
• friends: show friends collections menu item in friend context (5073deeb)
• i18n:
  • Commit docs/*.mo files on release so docs can be translated (8ca2b6b6, closes #7034)
  • improved removing profile field delete failure notice (a6f561e2)
  • grammar fix in upgrade warning (f5d4d35f)
• login: also allow login by email in maintenance mode (4258bc3d)
• menu: only show access entity menu item if logged in (714b0834)
• menus: allow max depth of 20 to prevent losing menu items (d3e33db3)
• pagination: removes hard-coded arrows from php file (eb136ef1, closes #5298)
• plugins: trigger plugin hooks when saving plugin settings (5afadfc8, closes #6820)
• relationships: distinct ege* results when relationship_guid is not set (4d87b950, closes #5775)
• release: Corrected release script Windows system compatibility. (00012389)
• upgrade:
  • Rechecks that all annotation comments have been migrated to entities (7d81094c, closes #7486)
  • Ensure that $CONFIG is always available to upgrade scripts (c102a713, closes #7457)
• uservalidationbyemail: makes emailsent page public (70bbdd65, closes #7334)
• views:
  • Revert erroneous changes made to input/userpicker (e4008c65)
  • input/userpicker can now remove all users on edit (4cf113ab, closes #6982)
  • comma separating links to text files in plugin list (4e9b8ad1, closes #7420)
  • usersettings form now has correct userguid set (2c204200)
  • use elgg-button-action class on all cancel buttons (857df27a)
  • prevent output of empty heading when there is no page title (c3f7f225)
  • add apple-touch-icon (3e4d2164, closes #6176)
• widgets: determine default values for num display in content view (bd20730d)

1.9.4 (2014-10-20)

Contributors

• Juho Jaakkola (6)
• Jeroen Dalsem (4)
• Steve Clay (4)
• Per Jensen (3)
• Stian Liknes (3)
• Jerôme Bakker (1)

Documentation

• plugins: Information on activation/deactivation (4e58ad4d)
• web_services: Documentation for Elgg 1.9 (7cf0f8fd)

Bug Fixes

• aalborg_theme: display search when logged out (31d3d190)
• bookmarks: fixes more link in group bookmarks widget (adb46369, closes #6583)
• css:
  • stop CSS from overwriting the width and height added in CKEditor (428234c0, closes #7269)
  • removed datepicker fixed width causing visual bug (803e05f5)
  • prevent select box from overflowing its container (3b7e94d5, closes #7290)
• database: More robust sql script execution. (0c5ed4f2)
• db: query cache properly handles more callable types (b8e58304)
• discussion: discussion replies respect previous subscribers (d699fe63)
• i18n:
  • improved change password email subject and body text (ade6d1c1)
  • translate notification messages to the recipient's language (071b2989, closes #7241, #NaN)
  • allow core to load translations for a specific language on-demand (6417d213)
• install: prevent WSOD caused by site default language not being defined early enough (3b9dc902)
• search: keep container param intact when navigating search results (3dd87ec1)

1.9.3 (2014-10-06)

Contributors

• Juho Jaakkola (3)
• Jeroen Dalsem (1)
• Steve Clay (1)

Documentation

• js: Adds docs for more JS functions, improves docs for elgg.echo (fa0d0fa8)
• menus: document how to use menus (18ac4008)

Bug Fixes

• icons: some elgg icons were not using internal view (493e5c9f)

1.9.2 (2014-09-21)

Contributors

• Juho Jaakkola (8)
• Steve Clay (2)

Documentation

• manifest: document how to use manifest.xml (f4fa7487)
• river: adds documentation on how to use the river (d8be198c)
• upgrade: clarifies upgrade instructions about updating Elgg codebase (6a8fec02, closes #7225)
• views: adds documentation for the views system (ff6cf55b)

Bug Fixes

• install: confirm that settings.php exists and is readable before including it (aaa828ed)
• style: ordered list markers now always visible (ecccafc3, closes #7206)
• upgrades: now stores ElggUpgrade by paths instead of full URLs (39cf72f0, closes #6838)

1.9.1 (2014-09-12)

Contributors

• Juho Jaakkola (2)

Bug Fixes

• upgrade: fixes erroneous values in the list of processed upgrades (c6ebbdb2, closes #7198)

1.9.0 (2014-09-07)

Contributors

• Juho Jaakkola (3)
• Ismayil Khayredinov (1)
• Matt Beckett (1)

Bug Fixes

• embed: embed jquery target is now searched for instead of assuming last class (cfe605d4)
• i18n: system cache now supports regional designators in language codes (735ceb4e, closes #7187)
• messages: use recipient's language in the notification (ee88054f, closes #6902)

1.9.0-rc.7 (2014-08-25)

Contributors

• Steve Clay (5)
• Juho Jaakkola (3)
• Paweł Sroka (2)
• Per Jensen (2)
• Brett Profitt (1)

Bug Fixes

• aalborg_theme: broken layout on small screens (a2e88157, closes #7175)
• access:
  • has_access_to_entity() now respects ACLs also when set to be ignored (bac9a80a, closes #7159)
  • get_access_array() works correctly when logged out (7fb67a29)
• css: removes padding and margin from elgg-menu-entity items (04c5e61f)
• discussion: Fixes inline edit of replies temporarily changing applied styles to the text (fa8572cb, closes #6879)
• notification: avoids fatal error if notification event lacks object (5dfa343d, closes #7157)
• output: elgg_normalize_url no longer mistakes querystrings for domains (505d249b)
• profile: Making banned users more obvious when using custom profile fields. (c8c7098a)

1.9.0-rc.6 (2014-08-11)

Contributors

• Juho Jaakkola (6)
• Evan Winslow (5)
• Ismayil Khayredinov (5)
• Brett Profitt (2)
• Jerôme Bakker (2)
• Per Jensen (1)

Features

• ckeditor: add "clear formatting" button (0f5525df, closes #7105)
• likes: improves compatibility with notification plugins (ccfb65c3)
• notifications: site_notification about an annotation can now have an URL (124190eb, closes #7055)

Documentation

• all:
  • improves formatting and comprehensibility of docs (de3837be)
  • fixes typos and improves readability (a7ac76ce)
• contribute: Updated recommendations on which branch to submit against (b84269ce, closes #6964)
• cron: adds RST documentation about cron jobs (65b10fd8)
• js: corrects function name to shim AMD modules (091c8b2e, closes #7072)
• notifications: Adds docs for 'object', 'action' and 'summary' params used by notify_user() (ad00612f)

Bug Fixes

• embed:
  • Checking for lightbox and embed before loading JS libs when requested through AJAX. (e8c1b4fd)
  • Manually load CSS/JS libs for embed when editing comments on the activity page. (6cc585c6, closes #6422)
• groups: removes ACCESS_PUBLIC from visibility options if walled garden is enabled (70c911ee)
• js: elgg.normalize_url no longer modifies urls that begin with a recognized scheme (b6dc613e, closes #6000)
• notification: extract notification summary from $params (c966fcae, closes #6885)
• pages: Stop registering undefined upgrade event callback (53eba1e0, closes #6780)
• views: respect icon_sizes config values when rendering icons (54858e97)
• walled_garden: ACCESS_PUBLIC no longer available in group context (7c4ec694)

1.9.0-rc.5 (2014-07-10)

Contributors

• Matt Beckett (3)
• Jerôme Bakker (1)

Bug Fixes

• core: output/iframe made to the w3c standard (cb25d684)
• river: add enabled col to river table, update on enable/disable of referenced entities (eb041ebd, closes #6022)
• upgrade: use correct table prefixes on river upgrade script (1c5c2b63, closes #7033)

1.9.0-rc.4 (2014-07-10)

Contributors

• Evan Winslow (9)
• Paweł Sroka (6)
• Matt Beckett (3)
• Jeroen Dalsem (2)
• Paul Shepel (2)
• Steve Clay (2)
• Adrián Chaves Fernández (Gallaecio) (1)
• JoseLGM (1)
• Per Jensen (1)

Features

• discussions: Added email SMTP headers for better thread grouping. (91755a86, closes #6894)

Documentation

• i18n: internationalized the documentation (ff5fd9be, closes #5899)
• upgrading: Added upgrade instructions for 1.8 to 1.9 (001e3ffa, closes #5900)

Bug Fixes

• aalborg_theme: selected page menu does not collapse sub menu (53f696ce, closes #6979)
• collections: make urls work regardless of username (76827f22, closes #6059)
• core: Added missing options array support for ElggUser methods (30d98c67, closes #6994)
• deprecation: the deprecation wrapper correctly handles array access (264fc5f2, closes #7017, #6917)
• discussion: no longer show entity menu items on non-discussions (d3c7c953, closes #6508)
• file:
  • destroy output buffer before sending file (007021ff)
  • download adds header Content-Length (8375eb09)
• groups: give feedback if a user cannot be added to a group (07cddc61, closes #6081)
• install: Make installer usable on smartphones (b528d988)
• members: prevent members search with empty query (12f7b88f)
• notifications: Corrected html entities handling for email subject and body (4bfb849e, closes #6905)
• release: Corrected release script Windows system compatibility (18f78403)
• router: Can return 'handler' param in 'route', $identifier hook again (6e09758f, closes #6696)
• rss: River entries include their full correct summaries again (96679d8b, closes #6901)
• thewire: More effective textarea change detection (e07f6975)
• ui: Corrected bad stretching of non-square, large avatars. Now upscaling by width. (71ea155b, closes #5602)
• upgrade: test for ability to connect to localhost if rewrite test fails (7c49e4ce, closes #6888)

1.9.0-rc.3 (2014-06-23)

Contributors

• Evan Winslow (4)
• Paweł Sroka (1)
• Per Jensen (1)
• RiverVanRain (1)

Bug Fixes

• a11y:
  • Add semantic structure to installer page layout (f446e6f1)
  • Use HTML5 form features on install forms (434efa22)
  • Label form fields in installer correctly (dff254a9)
• aalborg_theme: removes unwanted margins (b972402d)
• replies: Show reply's link on river (5fc031a5)

1.9.0-rc.2 (2014-06-09)

Contributors

• Evan Winslow (11)
• Per Jensen (4)
• Paweł Sroka (2)
• Jeroen Dalsem (1)
• John Supplee (1)

Bug Fixes

• UserPicker: no messages in userpicker due to lack of i18n (7d7a7d5e)
• aalborg_theme:
  • emphasizes sidebar navigation (6ae2148c, closes #6874)
  • Support fullscreen mode if user adds app to homescreen (2a193078, closes #6896)
  • show dashboard menu item only when logged in (c3e0fcb8)
  • inconsistency between owner-block and page menu (f54048a5)
  • only pass body_attrs if they are set (6ab77862)
• deprecated: Corrected invalid deprecation notice and added more details to few others (5d78e2b1, closes #6869)
• docs: Inline refs use @link instead of @see (50b0e39e)

1.9.0-rc.1 (2014-05-19)

Contributors

• Cash Costello (689)
• Steve Clay (226)
• Evan Winslow (150)
• Paweł Sroka (136)
• Sem (91)
• Brett Profitt (68)
• Jeroen Dalsem (59)
• Juho Jaakkola (54)
• Per Jensen (23)
• Ismayil Khayredinov (23)
• RiverVanRain (16)
• Matt Beckett (12)
• hellekin (12)
• Jerôme Bakker (8)
• Aday Talavera (7)
• Jeff Tilson (7)
• Marcus Povey (5)
• Rasmus Lerdorf (5)
• Brad Smith (5)
• Hayden Shaw (3)
• Ben Werdmuller (3)
• András Szepesházi (2)
• slyhne (2)
• Facyla (2)
• ManUtopiK (1)
• Emmanuel (1)
• Centillien (1)
• twentyfiveautumn (1)
• Janek Lasocki-Biczysko (1)
• Ash Ward (1)
• Arsalan Shah (1)
• Angel Gabriel Vargas Beltran (1)
• Tantek Çelik (1)
• Team Webgalli (1)
• bwoodnz (1)
• Danny Navarro (1)
• EC2 Default User (1)
• Kody Peterson (1)
• Liang Lee (1)

Features

• admin: Admin notices are removed when the actions requested actions has been taken. (e6a46a84, closes #6453)
• amd: added some utils to Elgg_Amd_Config class (c45d4d18)
• comments: Added separate edit page for generic comments (a5c73b6e, closes #6666)
• core:
  • better registration of usersettings handlers (6469d55d)
  • allow custom local scripts to trigger on uncaught exceptions #6586 (7e0794ca)
  • Allowing upgrade.php to forward to custom URLs. (e5c11d8c, closes #6442)
• externalpages: page layout changed to one_column (909536f9)
• graphics: make logos transparent (2fc838c0)
• lightbox: added binding for elgg-lightbox-photo CSS class (6eb22a2d)
• output: Added second parameter to elgg_strip_tags. (39f8d80c)
• search: Allows filtering/reordering types returned in search (5eebf1e6, closes #6118)
• ui:
  • adds fallback png favicons (5168a576)
  • add svg favicon (6c84d2f3)
• upgrade: Added ElggUpgrade object. (3aae56b4)
• users: making nicer lost password process (d7c6f850, closes #5886)
• uservalidationbyemail: forwarding to an info page after registration (6fbb8c93, closes #6247)
• ux: Failed file uploads give better error messages. (8eb652c2, closes #6593)
• views: bypasses minification for views like -min/.min (0462bdff, closes #6260)

Performance

• groups: remove redundant filter of user-owner group acls (a65df346, closes #6434)
• upgrade:
  • ajaxifies data directory migration (031b77fc, closes #6202)
  • speeds up migrating remember me codes (52f9fa4c, closes #6204)

Documentation

• aalborg_theme: document change of content order (0ed207d9, closes #5787)
• about: Add contributing, history, releases, and values docs (1b67f575)
• admin: Created new admin section for admin-specific docs (abc55ef1)
• all: Cut fluff (bae2d199)
• amd: Separated design and guides for AMD docs. (d0ebcb7a)
• appendix: move about => appendix; add contribute guide (118bfa16)
• autoloader: more accurate docs for autoloader (5fdbc181)
• changelog:
  • Fully updated CHANGELOG.md (to 1.9.0-dev) (31d757dd, closes #5798)
  • Better markdown formatting (9e66e428)
  • Move CHANGES.txt to CHANGELOG.md (d13673c9)
• code:
  • fix whitespace warnings (110a6844)
  • add docs on testing and cleanup (d9f2cdca)
  • merge coding_standards into contribute/code.rst (b752e6dd)
• config: document custom exception handling (7dde7bf4)
• contribute:
  • add instructions for translators (feb16f6a)
  • add instructions for rewriting commit messages (4e5d6e3c)
  • clean up PR instructions (16308a46)
  • expanded contributors section (b969080c)
• events: Reword docs for hooks (3cb690fe)
• fix: Fixing MD links for new docs. (04c399f3)
• guides: add web services dev guide (400a2453)
• hooks: Corrects docs syntax error (69ae152d)
• i18n: Add minimal i18n documentation ported from wiki (6b0e58df)
• js: use proper title markup (77146f46)
• moved: use :orphan: instead of lying toctree (6544176d)
• outline: make titles consistent with each other (d554e9b0)
• performance: add suggestions for performance and scalability (76e3ecd1)
• plugins: added instructions on upgrading plugins for Elgg 1.9 (b1c501c4)
• release: add release process workflow (5df29847)
• releases: add commit access as requirement (9821089c)
• rewrite: Finish migration from what we had in GDocs (ce8c40b3)
• security: Add security rst docs (fc52baf3)
• themes: converts theming docs to rst (fddd7686)
• tutorials: Add blog, indexpage, widget, and wysiwyg (faafc2e2)
• updates: Updating contributing docs to point to feedback and planning group and to mentio (c10f09f8)
• views: Updated docs for elgg_extend_view() to address uniqueness of extended views. (06c95e4b, closes #6661)

Bug Fixes

• a11y: keep focus outlines by default (56add7a6, closes #6319)
• aalborg_theme: standardize padding on input and a buttons (dbc510d7)
• admin:
  • show plugin settings menu on markdown page (19e3e8d3)
  • fixed javascript error on toggle simple cache checkbox (0533f2a3, closes #6529)
• amd: removed elgg_require_js for backwards compatibility (76584089, closes #6496)
• autocomplete: use group summary instead of profile view (82c6871c)
• ckeditor:
  • create a new input element was re-enabling other input fields (04ab5b65)
  • makes sure basepath is set early enough (9b84b0c2)
• comments:
  • give comment authors edit privileges (68c6ded7, closes #6724)
  • fixes cancel button and forward URL on edit comment page (2b76dad7)
  • makes ElggComment E_STRICT compliant (3f5f4728)
• core:
  • prevents upgrade scripts from attempting to create the same ElggUpgrade more tha (3d5fc912, closes #6824)
  • no longer strip slashes on $_FILES and $_SERVER (4a32796b, closes #6777)
  • Updated upgrade file for remember me cookies for 1.9's new table. (c4b53e4f, closes #6629)
  • MenuBuilder sortByName should use strnatcmp (9f373b3e)
  • Not redirecting in plugin and site entity views. (1c027648, closes #4439)
  • fault in ElggPlugin contructor (41053468)
• css:
  • selected page menu does not collapse sub menu (f9af6a66)
  • add hover classes to hover icons (fb2e9a36, closes #6737)
  • reposition powered by elgg (9b3d43fc)
  • prevent stretching images in IE8 (61ac1874)
  • Added CSS for elgg-state-selected menu items in theme sandbox. (e5741ce5)
• developer_tools: Added all of the defined icons to the theme preview. (d0ccfc1b)
• docs:
  • Fixed links in mediawiki format instead of reST. Removed reference to Transifex (b5c9f419)
  • fix a couple of typos (e34f57d7)
• embed:
  • show error when when uploading too large file in embed form (a661c65c, closes #4591)
  • file embedding wasn't working for textareas (4f1ffdec, closes #6160)
  • Allows embedding files from the containing group (d5aea243)
  • make pagination in embed colorbox usable (4aeafa70)
  • make tabs in colorbox popup usable (16ca1fd1)
• entities: reverts to 1.8 behavior of ElggEntity->subtype reads (2fa7c6ce, closes #5920)
• events: makes the plugin_id parameter reliable for plugin events (8b62fb8e)
• gatekeeper: stop treating being logged out as an error state (03df35cd)
• git: Igorning revert commits in Travis and in commit-message git hook. (36acbbf0)
• groups:
  • Run discussion reply migration regardless if groups plugin is enabled. (02023f45, closes #6729)
  • check if handler is set in params before calling it (9e2bcb6d)
  • forces content accessibility to members_only for invisible groups (47a8c7ab)
  • fix the group acl id in write access array (de2b6a68)
  • displays correct group content access options for each content access mode (b99f475a)
• hooks:
  • handlers returning null/undefined don't change returnvalue in javascript (b1af0b6d, closes #6531)
  • return values defaults to null in javascript (ff095943, closes #6499)
  • remove event handler registration (dbcf8b48, closes #6410)
• htmlawed: Setting the params argument to a defaut of null in htmlawed_filter_tags(). (d337ceee, closes #6614)
• http: makes HTTP request/parameter bag PHP 5.2 compatible (21719be9)
• install:
  • assume port 443 means HTTPS is in use (df76005c, closes #6190)
  • Put all themes at bottom of plugins list during installation. (ec5458d1, closes #6530)
  • fatal exception during installation (7993273d)
• invitefriends:
  • make invite form sticky (74b1556c)
  • check if registration is allowed before display menu item and pages (c83630ce, closes #6400)
• js: Separated elgg_load_js() and elgg_define_js(). (a73838d9)
• lightbox:
  • setting fancybox's z-index for colorbox (51231f46)
  • make lightbox scrollbar look better (aeaafa6d)
  • CKEditor was weird in lightbox (0e4e3dd1)
  • Correctly applies color box options on each element (b2950027, closes #6107)
  • lightbox wasn't shown when generated from ajax view. (937c8d1e, closes #6304)
• memcache: Better logging of save/hits/misses (6448bb95, closes #6243)
• pages: memory leaks in large page trees (ab6ef0df, closes #6477)
• plugins: Stops junk log entries created on plugins page (f76312fd, closes #6066)
• rewrite_tester: more reliably sniffs active rewrite rules (3090bf08, closes #6656)
• routing:
  • prevent upgrade if .htaccess needs updating (1fdbf2dc, closes #6521)
  • URL-decodes path segments like Elgg 1.8 (6de77faa, closes #6218)
• session:
  • session unavailable in shutdown functions (3d6c33e4)
  • fixes remember me functionality broken in 1.8.19 merge (659ea108)
• site_notifications: added correct key for menu item (186e7174)
• tests: Corrected the way the commit message tests are run. (9e0183f4, closes #6507)
• thewire:
  • Restores functionality of JS max length limit parametrization (66e478f5, closes #6646)
  • Fix word count JS events tapping (d3e3a30b)
• ui:
  • mispositioned editor when editing a comment that contains a floated image (5f52eb75, closes #6576)
  • use correct logo in favicon (1c98fdac, closes #6446)
  • Added CSS to make the site menu show up correctly in theme sandbox. (e7ac3aeb)
• upgrade:
  • Corrects query to clear admin remember me cookies (7ee022b6)
  • Adds an admin notice when a new ElggUpgrade object is created (84959e75)
  • Corrected the way ignore access and show hidden entities is applied (ccec25ac)
  • Added upgrade to deactivate TinyMCE and activate CKEditor. (b6970f1c, closes #6653)
  • Fixed a typo in the comments upgrade that broke the ajax upgrade. (fa0340ad)
  • Only running comment migration timestamp fix if comments exist. (5901995d, closes #6621)
  • Correctly settings container guids' last_action times during comment migration. (9df2367c, closes #6528)
  • Setting time_updated and last_action for migrated comment and discussion entitie (ed7cf3bc, closes #6395)
• uservalidationbyemail: do not show email sent page to logged in users. (5534a576, closes #6649)
• ux: Server-side validation for email fields in profile edit action. (7d70c6df)
• vendors: corrected version for requirejs (22cf6d64, closes #6735)
• views:
  • removes notices from views used in theme sandbox (9141ecd1)
  • fix typo in $attrs var name (224a7729)
  • only pass body_attrs if they are set (3749dda1)
  • check if body_attrs are set before attempting to format them (baf2df93, closes #6298)
  • Using sitedescription in meta description tag. (66f06919)
  • Correct default title for confirmlink (dd1e83c3, closes #6375)

Performance

• Using dataroot and simplecache_enabled if set in settings.php
• Changes simplecache caching so that it is performed on demand
• Adds support for simplecache minification of CSS and JavaScript
• Adds ability to enable the query cache after being disabled
• Don't call getter after a previous count call returned 0 items
• Make sure Apache2 is configured so .ico can be cached
• Adds deflate Apache filter to SVG images
• Log display no longer emit deprecation warnings and uses fewer queries
• speeds up user location upgrade
• Progress toward HHVM compatibility

UI changes

• Lots of spit and polish
• New responsive theme - aalborg_theme
• Drops support for IE6
• Replaces fancybox lightbox with colorbox
• Replaces Tinymce editor with CKEditor
• Liking and friending use ajax
• Removes topbar Elgg logo and made "powered by" themable
• Allows keeping group content limited to the group
• Site notifications moved into separate plugin from messages
• Shows owner block when viewing own content
• Focus styles for accessible keyboard navigation
• Improved theme sandbox
• Session expired message
• Ajaxified the discussion reply edit form.
• Alphabetize friends/friends-of, group notifications, group owned/member lists
• Added support for greying out the label of disabled input
• Added more microformats to the profile page
• Automatically configure autocorrect and autocapitalize for input views
• Using unified language strings for several plugins
• Adds focus outlines to all focusable elements

Admin changes

• Adds new notification system
• Makes the wire message length configurable
• Changes user directories use GUIDs rather than join date
• Adds banned user widget
• Adds legacy_url plugin for supporting legacy URLs
• Adds robots.txt configuration
• Adds maintenance mode
• Added automatic configuration of RewriteBase during fresh install.

New developer features

• HTML5
• New mysql-based async queue
• AMD modules using require.js
• New notification system
• New class loader that is PSR-0 compliant
• Improves control over cookies
• Adds plugin manifest fields (id, php_version, contributors)
• Static files recognized as views
• Adds support for multi-select
• JSON rendered through views system rather than using global
• Links in login box use menu system
• Upgrades jQuery and includes the jquery migrate plugin
• Widgets can set their titles
• New JavaScript unit test library
• Front page and actions go through page handling system
• Group edit form easier to extend
• More specific list item classes
• Page layouts more standardized with same elements
• Allows customizing colorbox instances
• Views system recognizes static files as views in addition to PHP files
• Adds ability to turn off query cache
• Can change time_created if set explicitly
• Allows update event to alter attributes and checks canEdit() on DB copy
• add more specific list item classes
• moved elgg_view_icon html to own view for more flexibility
• Allow body attributes
• Eases extending the input/view view
• Split group edit form into seperate parts
• Moved group_activity widget from dashboard to groups plugin
• Adds warnings for uncallable handlers in hooks/events.
• Members list pages (tabs/content/titles) can now be extended via plugins
• Adds configuration support for remember me cookie

API changes

• Comments and discussion replies are entities
• New notification system
• Changes elgg_register_widget_type() to expect contexts to be an array
• New session API accessible via elgg_get_session()
• Moves many functions into methods on ElggEntity and related classes
• Adds support for returning translations as arrays from language files
• Adds ElggEntity::getDisplayName()
• Adds ElggEntity::toObject()
• Adds target_guid to the river
• Adds elgg_get_entities_from_attributes()
• Adds ElggMenuItem::addItemClass()
• Adds elgg_get_menu_item()
• Adds elgg_format_element() for creating HTML elements
• ElggFile::getSize() replaces ElggFile::size()
• Defaults to full_view = false in elgg_list_entities* functions
• Allows views to be accessed via URL and cacheable
• Columns added to entity query functions are available in returned entities
• Separates some events into :before/:after
• Adds elgg_entity_gatekeeper()
• get_online_users() and find_active_users() now use $options arrays
• Adds default option to elgg_get_plugin_setting
• namespaced the gatekeeper functions (but made it optional)
• Added URL fragment (#anchors) support to elgg_http_build_url
• made elgg_unregister_menu_item() more useful

New hooks/events

• plugin hook: simple_type, file
• plugin hook: default, access
• plugin hook: login:forward, user
• plugin hook: layout, page
• plugin hook: shell, page
• plugin hook: head, page
• plugin hook: get_sql, access
• plugin hook: maintenance:allow, url
• notifications plugin hooks
• event: init:cookie, name

Deprecated functionality

• calendar library (was not maintained)
• web services library (now plugin distributed with Elgg)
• export, import, and opendd libraries (see ElggEntity:toObject())
• location library
• xml library
• Split logout event to before/after events
• Split login event to before/after events
• Added a deprecate notice to the elgg_view_icon use of a boolean
• Deprecated get_annotation_url() in favor of ElggAnnotation::getURL()
• Deprecated full_url() in favor of current_page_url()
• Deprecated "class" in ElggMenuItem::factory in favor of "link_class"
• Deprecated passing null to ElggRelationship constructor
• Deprecated .elgg-autofocus in favor of HTML5 autofocus
• Deprecated ElggUser::countObjects (part of Friendable interface)
• Deprecated favicon view in favor of head, page plugin hook
• Deprecated analytics view in favor of page/elements/foot
• Deprecated availability of $vars keys (url, config) and $CONFIG
• Deprecated ElggEntity::get()/set() in favor of property access
• Deprecated cron, reboot event
• Deprecated add_to_river() in favor of elgg_create_river_item()
• Renames many functions to begin with "elgg_" (with deprecated versions)

Removed functionality

• xml-rpc library (now plugin: https://github.com/Elgg/xml-rpc)
• xml, php, and ical views (now plugin: https://github.com/Elgg/data_views)
• foaf views (now plugin: https://github.com/Elgg/semantic_web)
• Default entity page handler

Documentation

• Shiny new rST docs (hosted at http://learn.elgg.org)
• Various improvements to source code comments

Security Enhancements

• Using SSL for setting password when https login enabled
• Make several views files non-executable

Bugfixes

• HTMLawed Strips html comments and CDATA from input
• Hundreds of miscellaneous fixes
• users can edit metadata that they created by default
• removes special check to allow access override
• if no container, default to false for writing to container
• fixes default user access
• returning false to create events forces delete regardless of access
• Fix json and xml views broken by wrap view of developer tools
• Do not use link with file icon when using full_view.
• made page shells consistent for $vars parameters
• show owner block also if looking at owned pages
• Pagination uses HTTP referrer as default base_url for Ajax requests
• Added several missing translation strings
• standardizes layouts so that they all have title buttons and the same basic sections
• entity list limit respects passed limits and just provides defaults
• fixes setting page owner due to routing change
• Fixed batch install usage of createHtaccess
• fixed typo that prevented context for front page from being set
• Make sure empty string return is interpreted as "handling" the list hook
• replaced double search box with a single box and a single searchhook
• Login, user event code can use elgg_get_logged_in_user_*()
• Make sure user has access to both river object and target
• Uses correct default value for find_active_users 'seconds' parameter
• Added jquery map file and unminified version to make Chrome dev tools happy and not throw 404 error
• Corrects container write permissions bug
• Sends correct Content-Length with profile icon
• Getting correct client IP behind proxy.
• Fixed old function name for batch metastring operations
• allow full access to the metadata API through setMetadata() rather than requiring use of create_metadata()
• catching when the base entity is not created due to permissions override
• message if no results found
• all link should reset entity type/subtype
• forces lastcache to be an int
• Many more miscellaneous improvements...

v1.8.19 (March 12, 2014)

Contributing Developers

• Brett Profitt
• Centillien
• Evan Winslow
• Ismayil Khayredinov
• Jerome Bakker
• Juho Jaakkola
• Matt Beckett
• RiverVanRain
• Sem
• Steve Clay
• pattyland

Security enhancements

• Implements stronger remember me cookie strategy to prevent brute force attacks.

Bugfixes

• Fixed numerous PHP warnings.
• Groups: Corrected breadcrumb for group discussion pages.
• Fixed RSS validation for the River RSS feed.

Improvements

• Moved Site Secret update to configure -> advanced.
• Added more comprehensive tests for HTMLAwed.

Documentation

• Added better deprecation warnings for use of certain attributes in views.

v1.8.18 (January 11, 2014)

Contributing Developers

• Juho Jaakkola
• Steve Clay

Bugfixes

• Fixes notify_user() broken in 1.8.17

v1.8.17 (January 1, 2014)

Contributing Developers

• Brett Profitt
• Cash Costello
• Ed Lyons
• Evan Winslow
• Jeroen Dalsem
• Jerome Bakker
• Juho Jaakkola
• Matt Beckett
• Paweł Sroka
• Sem
• Steve Clay

Security Fixes

• Specially-crafted request could return the contents of sensitive files.
• Reflected XSS attack was possible against 1.8 systems.
• The cryptographic key used for various purposes may have been generated with weak entropy, particularly on Windows.

Bugfixes

• URLs with non-ASCII usernames again work
• Floated images are now properly cleared in content areas
• The activity page title now matches the document title
• Search again supports multiple comments on the same entity
• Blog archive sidebar now reverse chronological
• URLs with matching parens can now be auto-linked
• Log browser links for users now work
• Disabling over 50 objects should no longer result in an infinite loop
• Radio/checkbox inputs no longer have border radius (for IE10)
• User picker: the Only Friends checkbox again works
• Group bookmarklet no longer shown to non-members
• Widget reordering fixed when moving across columns
• Refuse to deactivate plugins needed as dependencies

Enhancements

• Group member listings are ordered by name
• The system_log table can now store IPv6 addresses
• Web services auth_gettoken() now accepts email address
• List functions: no need to specify pagination for unlimited queries
• Htmlawed was upgraded to 1.1.16

v1.8.16 (June 25, 2013)

Contributing Developers

• Brett Profitt
• Cash Costello
• Jeff Tilson
• Jerome Bakker
• Paweł Sroka
• Steve Clay

Security Fixes

• Fixed avatar removal bug (thanks to Jerome Bakker for the first report of this)

Bugfixes

• Fixed infinite loop when deleting/disabling an entity with > 50 annotations
• Fixed deleting log tables in log rotate plugin
• Added full text index for groups if missing
• Added workaround for IE8 and jumping user avatar
• Fixed pagination for members pages
• Fixed several internal cache issues
• Plus many more bug fixes

v1.8.15 (April 23, 2013)

Contributing Developers

• Cash Costello
• Ismayil Khayredinov
• Jeff Tilson
• Juho Jaakkola
• Matt Beckett
• Paweł Sroka
• Sem
• Steve Clay
• Tom Voorneveld

Bugfixes

• Not displaying http:// on profiles when website isn't set
• Fixed pagination display issue for small screens
• Not hiding subpages of top level pages that have been deleted
• Stop corrupting JavaScript views with elgg deprecation messages
• Fixed out of memory error due to query cache
• Fixed bug preventing users authorizing Twitter account access
• Fixed friends access level for editing pages
• Fixed uploading files within the embed dialog

Enhancements

• Added browser caching of language JS files
• Adding nofollow on user posted URLs for spam deterrence (thanks to Hellekin)
• Auto-registering views for simplecache when their URL is requested
• Display helpful message for those who have site URL configuration issues
• Can revert to a previous revision with pages plugin
• Site owners can turn off posting wire messages to Twitter
• Search results are sorted by relevance

Removed Functionality

• Twitter widget due to changes in Twitter API and terms of service
• OAuth API plugin due to conflicts with the Twitter API plugin

v1.8.14 (March 12, 2013)

Contributing Developers

• Aday Talavera
• Brett Profitt
• Cash Costello
• Ed Lyons
• German Bortoli
• Hellekin Wolf
• iionly
• Jerome Bakker
• Luciano Lima
• Matt Beckett
• Paweł Sroka
• Sem
• Steve Clay

Security Fixes

• Fixed a XSS vulnerability when accepting URLs on user profiles
• Fixed bug that exposed subject lines of messages in inbox
• Added requirement for CSRF token for login

Bugfixes

• Strip html tags from tag input
• Fixed several display issues for IE7
• Fixed several issues with blog drafts
• Fixed repeated token timeout errors
• Fixed JavaScript localization for non-English languages

Enhancements

• Web services fall back to json if the viewtype is invalid

v1.8.13 (January 29, 2013)

Contributing Developers

• Cash Costello
• Juho Jaakkola
• Kevin Jardine
• Krzysztof Różalski
• Steve Clay

Security Fixes

• Added validation of Twitter usernames in Twitter widget

Bugfixes

• CLI usages with walled garden fixed
• Upgrading from < 1.8 to 1.8 fixed
• Default widgets fixed
• Quotes in object titles no longer result in "qout" in URLs
• List of my groups is ordered now
• Language string river:comment:object:default is defined now
• Added language string for comments: generic_comment:on

Enhancements

• Added confirm dialog for resetting profile fields (adds language string profile:resetdefault:confirm)

v1.8.12 (January 4th, 2013)

Contributing Developers

• Brett Profitt
• Cash Costello
• Jerome Bakker
• Matt Beckett
• Paweł Sroka
• Sem
• Steve Clay

Bugfixes

• Added an AJAX workaround for the rewrite test.
• Code cleanup to prevent some notices and warnings.
• Removed "original_order" in menu item anchor tags.
• Site menu's selected item correctly persists through content pages.
• Static caches rewritten and improved to prevent stale data being returned.
• Installation: Invalid characters in admin username are handled correctly.
• Messages: Fixed inbox link in email notifications.
• The Wire: Fixed objects not displaying correctly when upgrading from 1.7.

Enhancements

• Performance improvements and improved caching in entity loading.
• Added upgrade locking to prevent concurrent upgrade attempts.
• Replaced xml_to_object() and autop() with GPL / MIT-compatible code.
• Error messages (register_error()) only fade after being clicked.
• Groups: Added a sidebar entry to display membership status and a link to group notification settings.
• Groups: Added pending membership and invitation requests to the sidebar.
• Groups: Better redirection for invisible and closed groups.
• Search: User profile fields are searched.
• Pages: Subpages can be reassigned to new parent pages.
• Twitter: Login with twitter supports persistent login and correctly forwards after login.

v1.8.11 (December 5th, 2012)

Bugfixes

• Fixed fatal error in group creation form

v1.8.10 (December 4th, 2012)

Contributing Developers

• Krzysztof Różalski
• Lars Hærvig
• Paweł Sroka
• RiverVanRain
• Sem
• Steve Clay

Security Enhancements

• Cached metadata respects access restrictions to fix problems with profile field display.
• Group RSS feeds are restricted to valid entities

Enhancements

• UX: Added a list of Administrators in the admin area
• UX: Limiting message board activity stream entries to excerpts
• Performance: Prefetching river entries
• Performance: Plugin entities are cached

Bugfixes

• Removed superfluous commas in JS files to fix IE compatibility.
• API: Fixed Twitter API.
• Performance: Outputting valid ETags and expires headers.

v1.8.9 (November 11, 2012)

Contributing Developers

• Brett Profitt
• Cash Costello
• Evan Winslow
• Jeroen Dalsem
• Jerome Bakker
• Matt Beckett
• Paweł Sroka
• Sem
• Steve Clay

Security Enhancements

• Sample CLI installer cannot break site
• Removed XSS vulnerabilities in titles and user profiles

Enhancements

• UX: A group's owner can transfer ownership to another member
• UX: Search queries persist in the search box
• Several (X)HTML validation improvements
• Improved performance via more aggressive entity and metadata caching
• BC: 1.7 group profile URLs forward correctly

Bugfixes

• UX: Titles containing HTML tokens are never mangled
• UX: Empty user profile values saved properly
• UX: Blog creator always mentioned in activity stream (not user who published it)
• UI: Fixed ordering of registered menu items in some cases
• UI: Embed dialog does not break file inputs
• UI: Datepicker now respects language
• UI: More reliable display of access input in widgets
• UI: Group edit form is sticky
• UI: Site categories are sticky in forms
• API: Language fallback works in Javascript
• API: Fallback to default viewtype if invalid one given
• API: Notices reported for missing language keys
• Memcache now safe to use; never bypasses access control
• BC: upgrade shows comments consistently in activity stream

v1.8.8 (July 11, 2012)

Contributing Developers

• Cash Costello
• Miguel Rodriguez
• Sem

Enhancements

• Added a delete button on river items for admins

Bugfixes

• Fixed the significant bug with htmlawed plugin that caused duplicate tags

v1.8.7 (July 10, 2012)

Contributing Developers

• Cash Costello
• Evan Winslow
• Ismayil Khayredinov
• Jeroen Dalsem
• Jerome Bakker
• Matt Beckett
• Miguel Rodriguez
• Paweł Sroka
• Sem
• Steve Clay

Enhancements

• Better support for search engine friendly URLs
• Upgraded htmlawed (XSS filtering)
• Internationalization support for TinyMCE
• Public access not available for walled gardens
• Better forwarding and messages when they cannot view content because logged out

Bugfixes

• Fatal errors due to type hints downgraded to warnings
• Group discussion reply notifications work again
• Sending user to inbox when deleting a message
• Fixed location profile information when it is an array
• Over 30 other bug fixes.

v1.8.6 (June 18, 2012)

Contributing Developers

• Cash Costello
• Evan Winslow
• Ismayil Khayredinov
• Jeff Tilson
• Jerome Bakker
• Paweł Sroka
• Sem
• Steve Clay

Enhancements

• New ajax spinner
• Detecting docx, xlsx, and pptx files in file plugin
• Showing ajax spinner when uploading file with embed plugin

Bugfixes

• Fixed some language caching issues.
• Users can add sub-pages to another user's page in a group.
• Over 30 other bug fixes.

v1.8.5 (May 17, 2012)

Contributing Developers

• Brett Profitt
• Evan Winslow
• Sem
• Steve Clay
• Jeroen Dalsem
• Jerome Bakker

Security Enhancements

• Fixed possible XSS vulnerability if using a crafted URL.
• Fixed exploit to bypass new user validation if using a crafted form.
• Fixed incorrect caching of access lists that could allow plugins to show private entities to non-admin and non-owning users. (Non-exploitable)

Bugfixes

• Twitter API: New users are forwarded to the correct page after creating an account with Twitter.
• Files: PDF files are downloaded as "inline" to display in the browser.
• Fixed possible duplication errors when writing metadata with multiple values.
• Fixed possible upgrade issue if using a plugin uses the system_log hooks.
• Fixed problems when enabling more than 50 metadata or annotations.

API

• River entries' timestamps use elgg_view_friendly_time() and can be overridden with the friendly time output view.

v1.8.4 (April 24, 2012)

Contributing Developers

• Adayth Talavera
• Brett Profitt
• Cash Costello
• Evan Winslow
• Ismayil Khayredinov
• Janek Lasocki-Biczysko
• Jerome Baker
• Sem
• Steve Clay
• Webgalli

Security Enhancements

• Fixed an issue in the web services auth.get_token endpoint that would give valid auth tokens to invalid credentials. Thanks to Christian for reporting this!
• Fixed an that could show which plugins are loaded on a site.

Enhancements

• UI: All bundled plugins' list pages display a no content message if there is nothing to list.
• UI: Site default access is limited to core access levels.
• UI: Showing a system message to the admin if plugins are disabled with the "disabled" magic file.
• UI: Added transparent backgrounds for files and pages icons.
• External (Site) Pages: If in Wall Garden mode, Site Pages use the Walled Garden theme when logged out.
• UI: Database errors only show the query to admin users.
• UI: Cannot set the data path to a relative path in installation or site settings.
• UI: Cleaned up notifications for bundled plugins.
• UI: Hiding crop button if no avatar is uploaded.
• UI: Bundled plugins are displayed with a gold border in the plugin admin area.
• UI: Can see all the categories a plugin belongs to.
• Web Services: Multiple tokens allowed for users.
• API: More efficient entity loading.
• API: Added IP address to system log.
• API: Languages are cached.
• API: ElggBatch supports disabling offsets for callbacks that delete entities.
• API: Cleaned up the boot process.
• API: Fixed situation in which the cache isn't properly cleared if a file can't be unlinked.

Bugfixes

• UI: Tags display in the case they were saved.
• UI: Friendly titles keep -s.
• UI: Removed pagination in friends widget.
• UI: Profile settings actions correctly displays error messages as errors.
• UI: Tag search works for tags with spaces.
• UI: Fixed river display for friending that happens during registration.
• Groups: Link for managing join requests is restored in the sidebar.
• Walled Garden: Cron and web services endpoints are exposed as public sites.
• The Wire: UTF usernames are correctly linked with @ syntax.
• The Wire: No longer selecting the "Mine" tab for users who aren't you.
• Blogs: Notifications restored.
• Message Board: Fixed delete.
• Groups: Forwarding to correct page if trying to access closed group.
• API: entities loaded via elgg_get_entities_from_relationship() have the correct time_created.
• API: Deleting entities recursively works when code is logged out.
• API: Fixed multiple uses of deprecated functions.

v1.8.3 (January 12, 2012)

Enhancements

• Adds a white list for ajax views
• Improved navigation tab options
• Added group specific search
• Added button for reverting avatar
• Improved documentation for core class attributes
• Adds a server info page under administer -> statistics
• Improving caching of icons and js/css
• Deprecation notices not displayed to non-admin users

Bugfixes

• Fixed upgrade scripts for blog posts and groups forum posts
• Can now delete invitations to invisible groups
• Fixed several widget bugs
• Fixed access level on add to group river item
• Fixed recursive entity enabling
• Fixed limit on pages in sidebar navigation
• Fixed deletion of large numbers of annotations

v1.8.2 (December 21, 2011)

Enhancements

• Added a 404 page
• Widgets controls now using the menu system
• Admins can edit users' account information
• Embed uploader supports uploading into groups
• Add a control panel widget for easy access to cache flushing and upgrading
• Comments now have a unqiue URL with fragment identifier
• JavaScript language files are cacheable
• jQuery form script only loaded when required

Bugfixes

• Fixed default widgets
• Fixed activity filtering
• Embedding an image now inserts a medium sized image
• Search plugin only uses mbstring extension if enabled
• Site pages links returned to footer
• Fixed URL creation for users with non-ASCII characters in username
• The wire username parsing supports periods in usernames
• Returned the posting area to the main wire page
• Fixed layout issue on pages with a fragment identifier in URL
• Added support for call elgg_load_js() in header and footer
• Fixed user picker
• Fixed uservalidationbyemail plugin ignoring the actions of other plugins
• Fixed bug preventing the creation of admin users
• Fixed deleting a widget with JavaScript disabled
• Fixed many bugs in the unit/integration tests

v1.8.1 (November 16, 2011)

Enhancements

• Completed styling of user validation admin page
• Adding rel=nofollow for non-trusted links
• Added direct icon loading for profile avatars in profile plugin
• Improved the structure of content views to make styling easier
• Updated version of jQuery to 1.6.4
• Added basic support for icon size customization
• Added a toggle for gallery/list view in file plugin
• Added support for passing CSS classes to icon views
• Added support for non http URLs to Elgg's normalize functions
• Added better support for the 404 forward if a page handler does handle a request

Bugfixes

• Fixed autocomplete and userpicker
• Fixed RSS and web service-related view types
• Fixed walled garden display issues
• Added work around for IE/TinyMCE/embed insert problem
• Implemented ElggUser.isAdmin() JavaScript method
• Fixed the date views and JavaScript datepicker
• Fixed horizontal radio buttons styling
• Modules only display header if there is content for it

v1.8.1b (October 11, 2011)

Enhancements

• New group activity widget for user dashboard.
• Added more sprites.
• version.php information cached instead of loaded 100s of times.
• Added class elgg-autofocus to add focus on inputs when the page loads.
• Admins can edit user avatars again.
• Added a filter for non-bundled plugins in plugin admin.
• Improvements to admin area theme.

Bugfixes

• Fixed site dropdown menu for IE.
• ElggEntity->deleteMetadata() no longer deletes all metadata ever if called on an unsaved entity.
• Fixed Embed plugin.
• Fixed activate and deactivate all plugins.
• Fixed URL for group membership request in notification email.
• Fixed log browser plugin's admin area display.
• Fixed RSS icon not showing up on some pages.
• Fixed river entries for forum posts that were lost if upgrading from 1.7.
• Better displaying of errors when activating, deactivating, or reordering plugins.
• Fixed Developer Plugin's inspection tool.
• Fixed avatar cropping on IE 7.
• Bookmarks plugin accepts URLs with dashes.
• "More" menu item on site menu hidden if items are manually specified.
• Fixed hover menu floating if unrestrained.
• JS init, system fired when DOM and languages are read.
• Fixed the date picker input view.
• Fixed stack overflow when calling elgg_view() from a pagesetup event.
• Menu links no longer have empty titles and confirm attributes.
• Fixed crash when attempting to change password to an invalid value.
• Fixed "More groups" link for groups widget.
• Fixed output/confirmlink to use a default question if not specified.
• Added missing language strings. Also added "new", "add", and "create".
• Registered security token refresh page as external to avoid token refresh problems on Walled Garden sites.
• Displaying more accurate message if uploading an avatar fails.
• "Leave group" button doesn't display for group owners.
• Request group membership button displays only when logged in.
• Fixed the number of displayed items for Bookmarks widget.
• Fixed fallback to deprecated views for widgets.

API Changes

• Menus names must be unique to the entire menu, not just section.
• Input views that encode text use the option 'encode_text'.
• Added ElggPlugin->getFriendlyName().
• elgg_view_icon() accepts a class.
• Added hook output:before, page.
• Added hook output:before, layout.
• elgg_get_entities() and related functions return false if passed valid options with invalid values.
• Can disable the user hover menu by passing hover => false to elgg_view_icon(). Previously it was override => true.
• Embed plugin uses menu system. See readme for embed plugin.
• Manifest attributes are no longer translated via elgg_echo().
• Fixed livesearch ajax endpoint.
• Fixed site unit test.
• Unit tests tidy up after themselves better.
• forward() throws an exception if headers are already sent.
• Better errors if adding a user through admin area fails.
• Localized profile fields.
• Added 'is_trusted' parameter output/url to avoid escaping and filtering. Defaults to false.
• Added elgg_unregister_action()
• Fixed ElggPriorityList::rewind().
• Fixed forwarding after login for login-protected pages.
• get_site_by_url() respects class inheritance for subclassing ElggSite.

Internal changes

• Updated deprecated uses of internalname/id.
• Using wwwroot instead of www_root because of inconsistencies.

v1.8.0 (Jackie) (September 5th, 2011)

Notes

Elgg 1.8 contains the most changes in Elgg since the transition from Elgg 0.9 to Elgg 1.0. The core team tried to make the transition as smooth as possible, but in the interest of following standards and simplifying the development process for core and third party developers, we have made changes that will require updating plugins. We believe these changes will help Elgg development be easier for everyone.

It is unreasonable and unhelpful to list the full details of all changes in this file. Instead, we will list the high level, overarching changes to systems. If you are interested in the specifics, Elgg 1.8's source code is highly documented and serves as a good guide and the git commit log can provide excruciating details of what has changed between 1.7 and 1.8.

Please post your feedback, questions, and comments to the community site at http://community.elgg.org. As always, thank you for using Elgg!

--The Elgg Core Development Team

A tip about updating plugins:

It's not difficult to update 1.7 plugins for 1.8. There is a detailed document outlining this process on the wiki: http://learn.elgg.org/en/stable/guides/upgrading.html#from-1-7-to-1-8

The basic process is:

1. Clean up the plugin to make sure it conforms to coding standards, official structure, and best practices.
2. Update any uses of deprecated functions. Functions deprecated in 1.7 will produce visible notices in 1.8!
3. Use the new manifest format.
4. Use the new menu functions.
5. Use the new JS features.
6. Update the views to use core CSS helper functions and classes instead of writing your own.

The documentation directory and the wiki has more information.

User-visible changes

• New default theme.
• New installation.
• Separate and updated admin interface.
• Updated plugin themes.

Generic API changes

• Improved the markup and CSS.
• Restructured and simplified the views layouts.
• Added a new menu system.
• Added new CSS and JS file registration functions.
• Added a JS engine.
• Added a breadcrumb system.
• Added a sticky forms system.

New plugins

• Dashboard - The activity stream is now the default index page. A 1.7-style dashboard is provided through the dashboard plugin.
• Developers Plugins - Developer tools.
• Likes - Allows users to "like" other users' content.
• oAuth API - A generic, reusable oAuth library.
• Tag Cloud - A widget-based tag cloud generator.
• Twitter API - A generic Twitter library that allows signin with Twitter and pushing content to tweets. Replaces twitter_service.

Deprecated plugins

• captcha - Captchas have long since stopped being useful as a deterrent against spam.
• crontrigger - Real cron should be used.
• default_widgets - This functionality is now part of core.
• friends - This functionality is now part of core.
• riverdashboard - Displaying the river (activity stream) is default in core. The original dashboard can be restored by the new Dashboard plugin.
• twitter_service - Replaced by Twitter API.

Elgg 1.8.0.1 was released immediately after 1.8.0 to correct a problem in installation.