2.15.2

Change Log

Features

Security

• Escape validation error messages to avoid HTML tag rendering in the UI
• Prevent open redirect vulnerability
• Disable unserializing of classes. We should unserialize only array data
• Escape values in Lead and Report bundles to prevent html formatting

Enhancements

• #7482 Create company from ip lookup switch (@escopecz)
• #7475 Unsubscribed Manual segment filter (@kuzmany)
• #7465 Better logging of exceptions (@anton-vlasenko)
• #7439 Command to delete orphaned ip duplicates (@ondrejsibl)
• #7415 Option for custom popup name for loadNewWindow method (@kuzmany)
• #7332 7250: Fix for Email to Contact API request with assets (reference to … (@DanielCiochiu)

Bugs

• #7611 Fix travis builds on staging (@heathdutton)
• #7543 Allow HTML in signature by user API (@kuzmany)
• #7501 Or statement for get list of lead Ids by unique field data (@kuzmany)
• #7491 Delete unused IP command - adding a limit, renaming the command (@ondrejsibl)
• #7484 Date input type fix at preference center form (@escopecz)
• #7479 Bounce message correction (@moskoweb)
• #7470 Intl infinite loop fix (@escopecz)
• #7468 Added identical comparison for boolean for email dynamic content (@kuzmany)
• #7464 "Do not contact" property doesn't work during import (@anton-vlasenko)
• #7463 Duplicated leads are created by Salesforce sync (@anton-vlasenko)
• #7462 Bugfix - Postfix delivery reports being ignored (@josaiasmoura)
• #7457 Fix router for dev enviroment (@kuzmany)
• #7448 Fix issue with tooltip getting frozen in campaign UI and fix issue where campaign events were rescheduled in UTC rather than the configured hour (@alanhartless)
• #7446 Prevent PHP notice in configuration (@alanhartless)
• #7445 Fixed issue where campaign's email replies were not recognized (@alanhartless)
• #7443 Prevent an exception when a contact is deleted between the time logs … (@alanhartless)
• #7442 Use lead:leads as permissions for companies to match CompanyController (@alanhartless)
• #7441 Fixed sending scheduled reports through Sparkpost & Momentum (@alanhartless)
• #7440 Disable image resize in FileManager (@ondrejsibl)
• #7438 Fix integration modal closing in Safari (@hluchas)
• #7437 Add possibility for batch removing DNC record (@hluchas)
• #7436 Fix manually removed contact segments (@hluchas)
• #7435 Missing check if trackedContact is null in ContactRequestHelper (@ondrejsibl)
• #7434 Ensure the root URL field will always show up (@ondrejsibl)
• #7433 Contact timeline timezone fix (@escopecz)
• #7430 Fix sql syntax error in query build (@Noa83)
• #7418 Fix report scheduling form in specific report config (@escopecz)
• #7414 Add contact ID only if contact exists (@escopecz)
• #7413 Fix of campaign reschedule loop (@escopecz)
• #7412 Doc block fixes (@escopecz)
• #7410 DateTimeHelper threw an error when DateTimeImmutable was used. Fixed. (@escopecz)
• #7409 Correct cache handling for zero counts (Fix #7003) (@pjeby)
• #7407 Prevent destroyChosen call function on null (@kuzmany)
• #7406 Contact's company field token support for Email to users campaign action (@kuzmany)
• #7403 Fix maintenance cleanup with gdpr option (@Dcoutelle)
• #7401 Fix Sugar/Suite CRM sync for email addresses with an uppercase char (@tsummerer)
• #7388 Fixes issue with not recognizing IP ranges in the do not track list (@alanhartless)
• #7380 [BUGFIX] Adapt GoTo plugin for oauth2 authentication (@florianwessels)
• #7377 Fix SugarCrm sync priority (@Enc3phale)
• #7375 Add multiselect length validator class (@hluchas)
• #7364 Prevent exceptions if a campaign jump target is removed. (@heathdutton)
• #7358 Bugfix: Bind each search value as its own parameter in the query builder (@dongilbert)
• #7347 Fix autofill boolean fields (@kuzmany)
• #7346 Prevent destroySlots for code mode If builder was never loaded (@kuzmany)
• #7318 Fix cache warmup on first load (@Enc3phale)
• #7311 Do not record unnecessary isPublished changes (@escopecz)
• #7310 Fix "check all" checkbox for tables loaded via ajax (@escopecz)
• #7309 Add query string to the base URL for the pagination limit select as the pagination buttons does it (@escopecz)
• #7307 Support multiple templates of the same type (@escopecz)
• #7303 Fix DNC enable/disable channel from Mautic prefs center (@kuzmany)
• #7299 Fix api datetime format (@Enc3phale)
• #7297 Fixes SQL to pass tests when SQL strict mode is enabled (@alanhartless)
• #7283 Custom field with type text requires string shorter than 256 chars (@hluchas)
• #7274 Fix for "Send Email" campaign action randomly selecting a different email upon edit (@dongilbert)
• #7266 Handle aggregator fields on subscribed (emailed) reports. (@scottshipman)
• #7262 Check ignore_user_abort in php.ini (@kuzmany)
• #7244 Segments - date relative local timezone (@Maxell92)
• #7236 Fix segment filters without object (@kuzmany)
• #7222 Fix import ip address duplicates (@hluchas)
• #7218 Sparkpost error handling update (@escopecz)
• #7204 Fix menu depth condition (@hluchas)
• #7197 Prevents an exception for DWC and focus requests that aren't tracked (@alanhartless)
• #7195 Prevent exception if ct comes in empty which prevents the redirect (@alanhartless)
• #7193 Use site_url to build form cache (@alanhartless)
• #7192 Prevent $connector from getting serialized into the $details array (@alanhartless)
• #7158 "Reschedule Events" in Contact Record not persisting (@anton-vlasenko)
• #7110 Multiple value on List-Unsubscribe header (@KalleVuorjoki)
• #7102 Catch not found cache item (@escopecz)
• #7036 Fix lead fields being overwritten by empty values when editing unique ids via REST API (@atbrowne)
• #6984 Fix default Gravatar URL for non-Apache servers (@pjeby)
• #6983 Reject erroneous page_hit queue messages (@maxlawton)
• #6706 Fix Warning: Illegal offset type with m:s:u command (@Enc3phale)
• #6655 Bugfix: queued redirect (@jojomnky)
• #6404 Allow use any form on preference center (@kuzmany)
• #6159 fixes html issues in preference center (@mtahiue)
• #6045 Changed path for mautic tracking cookies to / (@shershennm)

Developer notes

SHA1 2.15.2.zip: 4452818b3a806b7eaac9fe507717564229da5fef
SHA1 2.15.2-update.zip: fec2e421d1161021c2e953f350c2e06c6afd0dc4

A big thank you to the following community members for contributing to this release either by code or bug report: @alanhartless, @anton-vlasenko, @atbrowne, @billybobilly, @cceruti, @DanielCiochiu, @Dcoutelle, @dongilbert, @Drukmistrz, @dsp76, @enableit, @Enc3phale, @escopecz, @florentpetitjean, @florianwessels, @GosuTeacher, @heathdutton, @hluchas, @imihandstand, @jnewton001, @johbuch, @jojomnky, @josaiasmoura, @KalleVuorjoki, @kuzmany, @LevryKurniawan, @maheshprabhu2010, @Maxell92, @maxlawton, @moskoweb, @mtahiue, @MyBpoConsultant, @Noa83, @npracht, @ondrejsibl, @online-expert, @pjeby, @rbagley0310, @rkaartikeyan, @scottshipman, @shershennm, @taewookim, @tsummerer, @vesper8, @YosuCadilla