Jump to content

Invision Community Blog

We frequently encourage people to use custom CSS files when designing their themes. The reason for this is simple: it makes upgrading your site much easier because IPS4 can apply any changes to its own CSS files, and will leave your custom CSS files untouched. If instead you made edits to IPS4's CSS directly, it wouldn't be able to upgrade them automatically, which means more work for you, and a potentially broken UI on each upgrade.
Something that's not quite as common, but that we still strongly suggest, is using custom template bits as much as possible. The most common template you'd edit is globalTemplate, perhaps to include some extra resources in the <head>, a custom header, and maybe some footer pieces. The usual approach would be to simply add all of that custom HTML directly into globalTemplate, but my recommendation is that you instead create each piece as a custom template bit, and then include it.
With templates, it's not quite as much of a clear-cut benefit as with CSS; you'll still need to modify the original template in order to include your custom pieces of course. But there's still good reasons for doing so; it keeps your template as clean as possible, meaning if in a later upgrade you have to revert it to get the latest changes, reapplying your custom pieces is easy - you just add the template includes back in.
We've been taking this approach with all custom themes we've created since IPS4's release (dozens by my last count). We try and keep the naming convention consistent too. All custom templates are named _customABC.phtml and exist in the /front/global/ group in the core application. This puts them in an easy-to-find location, and because of the underscore prefix, they're shown at the top of the directory.

Example custom template bits in a custom theme
Using them is simple:
{template="_customHeader" group="global" app="core"}  
I hope this approach helps you keep your templates clean and more manageable! If you have any tips for working with your templates, please share them in the comments!
  • 3,296 views
Rikki
Our Pages app includes a powerful feature that allows you to create your own databases within the community. Within each database, you create custom fields (we support a number of custom types, from plain text fields, to YouTube embeds and more). And while we provide some generic, simple templates to display your data, custom templates allow you to more precisely control how your database looks in a manner best suited to your site.
Anyone who has created a Pages database will be familiar with using custom fields. You may have created a field for the title of your item, or an upload field so that the item contains a file for users to download. But beyond these straightforward uses, I wanted to explore some more advanced uses of custom fields. Fields don't necessarily have to be displayed to the user - or at least not in the usual way. We can use them as configuration options for our record display, or manipulate the data in order to show it in a different way. Let's take a look at some examples.
 
1. Adding an optional badge to records
We'll start with a fairly simple example. In our Guides section, we highlight guides that have a video tutorial by showing an 'Includes Video Guide' label on the listing:

We achieve this simply by having a Yes/No field that we turn on as needed. In the field format, we turn the Yes/No value into the label by setting the format to Custom and using this code:
{{if $formValue == 1}} <span class='ipsType_medium'><i class='fa fa-video-camera'></i> <strong>Includes Video Guide</strong></span> {{endif}}  
2. Using fields as a way to configure the record display
Fields don't necessarily need to be shown to users. Instead, we can use them as a means to configure the record display, giving us some really powerful flexibility in how we show records. In this contrived example, I'm going to create a field that changes the background color of the content.
Create a Select Box field. Each option key will be a hex color, while the value will be the name the record creator will choose. Set the field key to record_background Set the field formatting to Custom, and the format to simply: {$formValue}. This means it will output our hex value instead of the color name. In the display template assigned to this database for records, we can use the field like so: <div style='background-color: #{$record->customFieldDisplayByKey('record_background', 'listing')|raw}' class='ipsPad'> ...rest of the template... </div> Now, when you create a record, you can choose a color and that color will be used when the record is shown:
You can use this approach in others ways - toggles to control the layout of the record, or options for grid sizes, or even take an upload field for images and set the background of an element as that image.
 
3. Pass data to 3rd-party integrations
Pages has built-in support for several 3rd party integrations, such as Spotify, Soundcloud, YouTube and Google Maps. But using custom fields, you can pass data to other services too. Let's say we wanted to embed an iTunes album widget into each of our records - perhaps the album is relevant to the Pages record in some way and we hope to encourage some click-throughs. In this example, we'll use the embed.ly service. 
Create a URL custom field. Set the field key to itunes_album Set the field formatting to Custom, and the format to: <a class="embedly-card" href="{$formValue}">iTunes Album</a> <script async src="//cdn.embedly.com/widgets/platform.js" charset="UTF-8"></script> In your database display template, position the field as desired by adding: {$record->customFieldDisplayByKey('itunes_album', 'listing')|raw} Now when you add an iTunes album link to your record, you'll get an embed automatically!

This approach is great for a range of uses. Perhaps you have an Amazon Associates account and want to add a relevant product link to each of your records so that you earn a commission when users click through. Using database fields and templates in this way, it's easy to set up.
 
I hope that's given you some ideas of other ways you might use database fields in Pages. Share any interesting uses you've come up with in the comments!
  • 4,869 views
Rikki
For our self-hosted customers, we wanted to give you advanced notice that support for PHP 5.4 in the IPS Community Suite will be ending soon. IPS Community Suite 4.1.11 will be the last release to support this version of PHP.
PHP 5.4 was released in 2012 and reached 'end of life' in September 2015, and so we will be requiring at least PHP 5.5 from IPS Community Suite 4.1.12 onwards. We do recommend PHP 5.6 or greater as 5.5 is approaching end of life as well.
If you currently use PHP 5.4, please contact your host and ask them to upgrade to a supported version as soon as possible.
If you would rather not have to worry about server-level issues like this, consider switching to one of our Community in the Cloud plans. They include all of our suite apps and we take care of all of the server management for you, leaving you to focus on running your community. If you are currently self-hosting, we can transfer your community to a cloud plan for free, in most cases. Contact our sales team for more information.
  • 9,940 views
Rikki
Blocks are an extremely popular feature in IPS4, used by a huge number of customers to great effect. They range from feeds of topics, to statistics, to custom blocks that can contain anything you wish. They're a great way to add dynamic content to your community theme.
What many people don't know is that blocks you create with Pages can be used anywhere in your theme, not just in the designated block containers (in the header, footer & sidebar).
 
The {block} tag
It's really easy to do so. Here's the tag you'd use:
{block="block_key"} That's it! The block_key is the one you specify when you're creating the block in Pages (if you don't specify one manually, Pages will auto-generate one for you).
 
Where can you use them?
Block tags can be used anywhere that template logic is supported. That includes:
Theme templates Pages page content Other kinds of templates (e.g. database templates) Even within other blocks!  
What can you do with them?
The obvious benefit of blocks is that they are reusable, so in any situation where you need the same content duplicated, it makes sense to put the content in a custom block instead, and simply insert it wherever needed. Then if you need to update the content later, you have one place to do so. Custom menus are a great example of reusing blocks; since blocks have full use of template logic, you can build your menu HTML in a block, use HTML Logic to highlight the correct item, and insert the menu block on each of your pages. We use this approach on our feature tour section menu. Here's a snippet of the menu block HTML for that page:
<nav id='elTourNav'> <div class='container'> <ul class='ipsList_inline'> <li><a href='/features/apps' {{if \IPS\Request::i()->path == 'features/apps'}}class='sSelected'{{endif}}>Our Apps</a></li> <li><a href='/features/engagement' {{if \IPS\Request::i()->path == 'features/engagement'}}class='sSelected'{{endif}}>Engagement</a></li> <!-- ... --> </ul> </div> </nav>  
Blocks are useful beyond that, though. A couple of weeks ago, we showed you how to use HTML Logic to only show content to certain groups. Using blocks is actually an easier way to do this - simply add the content to a custom block, then check the groups who should see it. We use this technique to show a 'welcome to our community' message to guests on our own community. We created our welcome message as a custom Pages block, set it so that only guests have permission to view it, and then added it to our template header. Simple, effective and easy to manage.
That's just two ways you can use blocks - there's many other creative users too! If you've used blocks in an interesting way, share your example in the comments!
  • 5,749 views
Rikki
This is a maintenance and security release to fix reported issues and add refinement to existing features. In addition to bug fixes and performance improvements, it includes following new/changed features:
Instant notifications are now dismissible. The sidebar has been added back to the stream pages. You can now sort by most downloaded in Downloads app. The ModeratorCP and AdminCP IP Address Tools now allow you to track the IP addresses used to vote in polls. A new setting has been added to disable the RSS feed for activity streams. A new setting has been added to specify the minimum display name length. Adds a new "can unban" moderator permission separate to the "can edit profiles" permission being used previously. IP addresses now show in reports. There is now a constant-level setting to disable the ACP IP address check in case of being locked out of the ACP. Several improvements to Commerce to make some features clearer: the Shipping Rates configuration pages now indicate to the admin if a potential mistake has been made, the front-end indicates to admins if no support departments have been set up, and the renewal settings wording has been clarified. Check our Release Notes for full information and to keep up with releases in development. To be notified of updates as soon as they are available you can add an email address in your AdminCP under General Configuration.

  • 13,419 views
Charles
Security should never be an afterthought for your community. All too often, site owners consider beefing up their security only when it's too late and their community has already been compromised. Taking some time now to check and improve the security of your community and server could pay dividends by eliminating the cost and hassle of falling victim to hacking in the first place.
Let's run down 7 ways that you can protect your community with the IPS Community Suite, from security features you may not know about to best practices all communities should be following.
 
1. Be selective when adding administrators
Administrator permissions can be extremely damaging in the wrong hands, and granting administrator powers should only be done with great consideration. Granting access to the AdminCP is like handing someone the keys to your house, so before doing so, be sure you really trust the person and that their role requires access to the AdminCP (for example, would moderator permissions be sufficient for the new staff member?).
Don't forget to remove administrator access promptly when necessary too, such as the member of staff leaving your organization. Always be aware of exactly who has administrator access at any given time, and review regularly. You can list all accounts that have AdminCP access by clicking the List Administrators button on the System -> Security page.
2. Utilize Admin Restrictions
In many organizations, staff roles within the community reflect real-world roles - designers need access to templates, accounting needs access to billing, and so forth. IPS4 allows you to limit administrator access to very specific areas of the AdminCP with the Admin Restrictions feature, and even limit what can be done within those areas. This is a great approach for limiting risk to your data; by giving staff members access to only the areas they need to perform their duties, you reduce the potential impact should their account become compromised in future.
3. Choose good passwords
This seems like an obvious suggestion, but surveys regularly show that people choose passwords that are simply too easy to guess or brute force. Your password is naturally the most basic protection of your AdminCP there is, so making sure you're using a good password is essential.
We recommend using a password manager application such as 1password or LastPass. These applications generate strong, random passwords for each site you use, and store them so that you don't have to remember them.
Even if you don't use a password manager, make sure the passwords you use for your community are unique and never used for others sites too.
4. Stay up to date
It's a fact of software development that from time to time new security issues are reported and promptly fixed. But if you're running several versions behind, once security issues are made public through responsible disclosure, malicious users can exploit those weaknesses in your community.
When we release new updates - especially if they're marked as a security release in our release notes - be sure to update as promptly as you can so you receive the latest fixes. Your AdminCP will also let you know when a new version is ready for download.
5. Use .htaccess protection for your AdminCP
In addition to IPS4's own AdminCP login page, you can set up browser-level authentication, giving you a double layer of protection. This is done via a special .htaccess file which instructs the server to prompt for authentication before access to the page is granted. IPS4 can automatically generate this file for you - simply go to System -> Security in your AdminCP, and enable the "Add a secondary admin password" rule.
And it should go without saying, but to be clear: don't use the same username or password for both your .htaccess login and your admin account, or the measure is redundant!
6. Restrict your AdminCP to an IP range where possible
If your organization has a static IP or requires staff members to use a VPN, you can add an additional layer of security to your community by prohibiting access to the AdminCP unless the user's IP matches your whitelist. This is a server-level feature, so consult your IT team or host to find out how to set it up in your particular environment. If you're a Community in the Cloud customer, contact our support team if you'd like to set up this protection for your account.
7. Properly secure your PHP installation
Many of PHP's built-in functions can leave a server vulnerable to high-impact exploits, and yet many of these functions aren't needed by the vast majority of PHP applications you might run. We therefore recommend that you explicitly disable these functions using PHP's disable_functions configuration setting. Here's our recommended configuration, although you or your host may need to tweak the list depending on your exact needs:
disable_functions = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink,system Another critical PHP configuration setting you need to check is that open_basedir is enabled, especially if you're hosted on a server that also hosts other websites (known as shared hosting). If another account on the server is comprised and open_basedir is disabled, the attacker can potentially gain access to your files too.
Naturally, Community in the Cloud customers needn't worry about either of these steps - we've already handled it for you!
 
So there we go - a brief overview of 7 common-sense ways you can better protect your community and its users. As software developers, we're constantly working to improve the behind-the-scenes security of our software, but as an administrator, there's also a number of steps you should take to keep your community safe on the web.
If you have any tips related to security, be sure to share them in the comments!
  • 8,623 views
Rikki
When IPS4 encounters an error (be it a simple 404 Not Found or a more complex configuration issue), the user sees a standard built-in error page. That's fine in many cases, but did you know you can create your own error page using our Pages app?
This is a particularly good approach for communities that use Pages for their website too. If you have built a website theme, the standard error page may not fit with your visual style, so building your own error page allows you to improve it. You might want to show some helpful links to other parts of your website, for example.
 
Creating your error page
The first step is creating your error page in Pages. Note that for this page, you must create a manual page - the Page Builder tool can't be used in this case.
In order to show the error on your page, there's two special tags you should insert in the page content. When your page is shown in response to an error, Pages will swap out these tags for the relevant text. They are:
{error_code}
Replaced with the technical error code for this error. This code identifies the exact piece of code that triggered the error, and can be given to IPS support technicians to help diagnose problems. {error_message}
Replaced with a human-friendly description of the error that occurred.  
Configuring Pages to use the error page
Next, set Pages to display the error page. You do this in the Pages section; click the Advanced Settings button, and select your page from the list. Note that this will replace all error pages across the suite - not just errors triggered by Pages itself!
 
Have a request for a theme tip? Let us know in the comments and we'll try and help out in a future tip! 
 
  • 6,334 views
Rikki
We are wrapping up testing in preparation of version 4.1.10 release. This is a follow up to 4.1.9 which introduced a lot of great enhancements.
Changes in 4.1.10 include:
Instant notifications are now dismissible. The sidebar has been added back to the Activity Stream pages. You can now sort by most downloaded in Downloads app.  The ModeratorCP and AdminCP IP Address Tools now allow you to track the IP addresses used to vote in polls. A new setting has been added to disable the RSS feed for activity streams. A new setting has been added to specify the minimum display name length. Adds a new "can unban" moderator permission separate to the "can edit profiles" permission being used previously. IP addresses now show in reports. There is now a constant-level setting to disable the ACP IP address check in case of being locked out of the ACP. Several improvements to Commerce to make some features clearer: the Shipping Rates configuration pages now indicate to the admin if a potential mistake has been made, the front-end indicates to admins if no support departments have been set up, and the renewal settings wording has been clarified. And of course countless bugs fixed and performance enhancements. View our full release notes for more details.
If you are an existing IPS client and enjoy testing pre-release software, a beta release of 4.1.10 is available. We always appreciate help testing upcoming releases.
We are already well into development on 4.1.11 which include some larger feature changes and additions.
  • 4,164 views
Charles
HTML Logic is our name for the additional tags available in IPS4's templates that allow runtime logic to be executed. It comprises if/then/else statements as well as loops and more.
Since HTML Logic has access to all of the underlying PHP framework in IPS4, it's very powerful and a lot can be achieved with it. One common use is to limit certain content within a template to particular member groups. Let's see how that might be done.
 
Showing or hiding content only to guests
We'll first look at a simpler idea: showing or hiding content specifically to guests (i.e. anyone who isn't logged in). Within IPS4, the \IPS\Member::loggedIn() object contains information about the current user. Guests always have a member_id of NULL (i.e. no value), so we can simply check that value in our logic tag:
{{if \IPS\Member::loggedIn()->member_id === NULL}} This content *only* shows to guests, since they have a NULL member_id. {{endif}} {{if \IPS\Member::loggedIn()->member_id}} This content *only* shows to logged-in users since their member_id is a number, which will equal true. {{endif}}  
Showing content only to specific groups
Let's go a bit further and this time show content to specific (primary) member groups. First, you need to get the IDs for the group(s) you want to deal with. You can find this by editing the group in the AdminCP, and making a note of the id parameter in the URL. On my installation, the Administrator group is ID 4 so we'll use that in our example.
Once again, we're using the \IPS\Member::loggedIn() object, but this time we're using the member_group_id property.
{{if \IPS\Member::loggedIn()->member_group_id === 4}} This content only shows to members in the "Administrators" group (ID 4 in our example) {{endif}}  
Working with multiple groups at once
Following the code above, you could simply repeat the check against \IPS\Member::loggedIn()->member_group_id several times, for each ID you want to allow. However, since our templates allow arbitrary PHP expressions to be used, there's a neater way: use an array of member group IDs you want to allow, and check against that using PHP's in_array function. Here's an example where we only show content to group IDs 2, 4 and 6:
{{if in_array( \IPS\Member::loggedIn()->member_group_id, array( 2, 4, 6 ) )}} This content only shows to members in groups with the ID 2, 4 or 6. {{endif}}  
Have a request for a theme tip? Let us know in the comments and we'll try and help out in a future tip! 
  • 12,691 views
Rikki
We have released version 4.1.9 with many bug fixes, performance improvements, and feature enhancements. Our thanks to the QA team and all our clients who participated in the beta release.
This is also a security release so please upgrade as soon as possible. All Suites will see the red alert banner show.
To be notified of updates as soon as they are available you can add an email address in your AdminCP under General Configuration.
 
New or Changed Features
When your link auto-embeds in a post such as with an image, YouTube video, Twitter link, etc. an option will now display to revert the embed back to a plain text link if you do not want the embed. New setting to disable embedding. Facebook/Twitter integration improvements If you are an administrator and encounter a system error, additional debug output will now display. Regular members will see the normal error message. Custom Fields for Support Requests in Commerce now show on the front-end. If an advertisement is set up with a main image, but not smaller images for tablets/mobiles, the ad would not show at all on tablets/mobiles. This has changed so the main image will display on all devices unless smaller images are provided. Topics scheduled to automatically lock or unlock will now reflect this in the topic listing and when viewing the topic. Placing a link to a Facebook status will embed when possible. When viewing a report, the container (for example, the forum) the content is from is displayed. Three character searches are now allowed in the Admin CP Live Search. The Account Settings page now uses vertical rather than horizontal tabs to prevent overflow. If Gravatar is enabled, and a user has not defined an profile photo, then their email address will be used to fetch from Gravatar unless explicitly set not to. Gfycat embeds now use their oEmbed endpoint rather than their JS API. Using Amazon CloudFront as https provider will now be recognized as valid secure connection. The member REST API endpoint will now return custom fields. The Developer Center for Plugins now shows the filename in the list of hooks, and when editing a hook, a breadcrumb includes a link back to the list. Inline notifications can now be dismissed Efficiency improvements to the search index You can now close a poll independently of the topic You may want to read a bit more on our embed improvements:
And Activity Stream improvements:
We are well into development on version 4.1.10 which will follow along soon. Keep an eye on our Release Notes for updates on what will be coming in that release.
If you have any issues please open a support ticket. You can also submit reports to our bug tracker. Thank you!
  • 9,470 views
Charles
When you use custom templates for a Pages database, you'll often need custom CSS to go along with it to provide the styling. There's two main ways of doing this:
CSS files within Pages
Pages allows you to create CSS files, and then associate them with particular custom pages of your community (you create these in the AdminCP, under Pages > Templates > CSS). So simply create your CSS file, and associate it to the page that your database is displayed on.
The benefit of this method is it applies to all themes, so it's great if you want your database to look the same on all themes. Of course, this is also the drawback - you can't easily use it for per-theme customization.
Targeting the database classname in theme CSS
Alternatively, you can target the database classname in your normal theme CSS files. When a database is inserted into a page, IPS4 helpfully adds a classname to the body element, which makes it really simple to style that page in particular. If your database key is myDatabase, then the classname added to the body element would be cCmsDatabase_myDatabase. Use this in your selectors and you can style everything exactly how you need:
.cCmsDatabase_myDatabase .ipsButton_important { /* Style important buttons differently in this database, for example */ } Combine both methods!
Of course, you can use both approaches when it makes sense. Create a CSS file within Pages for the basic structural styling that will apply regardless of which theme the user uses, and then in each theme target the database classname to customize it for that particular theme - perfect for the colors, font family and so on.
  • 2,810 views
Rikki
Activity Streams were first introduced in version 4.1 and have been very well received by people who enjoy all the flexibility they create in filtering and sorting content in a community for easy discovery of what is being posted.
As with any new feature, we received a lot of feedback and have had time to take that in and make improvements to mature the Activity Streams with key changes in 4.1.9 being interface, performance, and bug fixes in the system.
One recurring theme we heard were people saying "the new Activity Streams cannot do..." when actually they could do it but the options were not obvious. We used to have the options in a large drop down box that users could edit and then save to update their Stream. This meant that options were not clearly visible and therefore people did not even know all the powerful settings available to them. So in 4.1.9 we have moved those options into a new dynamic filter bar.

With the new filter bar you see all your options available right there. We also changed the interface so Streams instantly update when you make a change. You no longer have to click save and update, wait for interface to collapse, and so on. Now your changes instantly update your Stream.
When you do change your Stream settings a save button appears prompting you to save your new selection. You can choose to save if you like the new options or not if it is just a temporary change you made. If you edit filters on a stream you do not own then it will prompt you to save your options as a new stream.
 
We hope you enjoy this more dynamic approach to Activity Streams.
  • 3,868 views
Charles
Many of the regular visitors to our community won't have failed to notice the new look we launched last week. Now that the dust has settled, I thought it was a good time to explain why we've made the change.
Streamlined access to everything we offer
Ever since IPS was founded in 2002, our community has been distinct from our website. The community is also where we kept all kinds of resources, from guides to the Marketplace. For those customers who know us well and enjoy hanging out in our community (and we have many who have been with us since that day in 2002!), this is no problem. Unfortunately, the downside is many new and potential customers didn't see everything we have to offer: all the wonderful addons our contributors offer, additional support resources, plentiful advice from other community administrators, and more.
In addition, we've always used the default theme that our software ships with, but with our self-service demo system now being the primary way new customers get to try out our software, this has become less important.
So, we took the decision to move some parts of the community to the website for more exposure and easier discovery by new visitors. We made some tweaks to our navigation so that finding these areas is easier than before. And, of course, we've brought the website header over to the community, giving it a fresher look and more consistent navigation, wherever you happen to be on our website.
Of course, all of our website is built in IPS4, as you would expect. Whereas before our website existed on a separate installation, as part of the update we merged our community and website together. This means you can sign in from anywhere, see your notifications and so on.
This is just the first step we've taken on improving what we offer and how we offer it. We have many plans in progress. You may have seen the theme tip we posted this week, which is the first in a series of regular tips we'll be sharing to help you get the most out of the IPS Community Suite. We'll also be highlighting some of the incredible work our customers do, whether it's a unique use of our software, or something in our Marketplace that adds a great feature.
Stay tuned!
  • 4,565 views
Rikki
Several clients have asked how we placed the Twitter feed block on the sidebar of our News page. It's really quite easy and a great demo of how you can place custom HTML in our system. Here is how it was done:
Get the embed code from Twitter Create a custom HTML block in our Pages app Drag and drop that block into the sidebar That really is it! Here is a video walkthrough:
This is a basic example of a custom HTML block that you can use in so many different ways. You could create a "call to action" the only shows to Guests to get them to register. You might also create text that only displays to your staff with quick links to areas they need.
Here we demo dragging the block into the sidebar. You can also put blocks right in theme templates and use them in many more ways. That will be covered in future theme tips.
  • 5,998 views
Charles
We have updated a few of our embed options in version 4.1.9. Our goal was to make the embeds more user friendly and give admins more control over embed in general.
When you paste in a link from common services like YouTube, Twitter, and so on the system tries to embed a nice box instead of just a link. For example, if I pasted in this link:
https://twitter.com/invisionps/status/708019275521363968 It would create this box:
New in version 4.1.9 you can now optionally choose to revert the automatic embed back to a simple text link.
So in the above example, when I pasted in my Twitter link, I saw a bar come up giving me the option to revert back to a link. This is useful when you do not want a formatted embed box but instead simply want to reference something and get the visitor to click the link. It is also useful when you want to reference something as part of a single sentence and not have a break in the flow that an embedded content box creates.
There is also a new AdminCP setting to completely disable embeds across your entire Suite. Some clients have communities where they like to keep things down to just simple, plain text. You could always disable formatting option button in the editor and now you can also disable automated embeds.
As a reminder, the following formats are supported with our embed system. Simply paste a link to any of these services and you will get a nice, rich embed experience that really encourages engagement on your community.
College Humor Facebook Flickr Gfycat Google+ Hulu Instagram SoundCloud Spotify Ted Twitter Vimeo Vine YouTube You can also embed links to anything inside of the IPS Community Suite. So you could paste a link to another forum topic in the comment on a Gallery image and it will show a preview of that topic rather than a simple link.
We are always open to suggestions so feel free to post in our feedback forum. Thank you!
  • 9,986 views
Charles
We are releasing a patch for IP.Board 3.4.x to address a potential cross-site scripting (XSS) issue.

It has been brought to our attention that specifically crafted posted content followed by specific user actions can cause a scenario where untrusted javascript can execute.  A patch is being released to address this potential issue.  This download also includes a patch for an email issue previously reported to us.


To apply the patch
Simply download the attached zip and upload the files to your forum server.   This single zip file includes the patch files for both IP.Board as well as IP.Gallery.
 
patch_2016_1_21.zip
 
If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade.

If you install or upgrade to IP.Board 3.4.9 after the date and time of this post, no further action is necessary as we have already updated the main download zips.
We would like to thank @newbie LAC for responsibly disclosing this issue to us.
  • 8,370 views
bfarber
IP.Board 3.4.9 is now available in the client area
This is a maintenance release to consolidate security updates released since 3.4.8, release additional security updates, and fix some minor bugs impacting many clients. We recommend you upgrade to ensure you have all security updates in place.
You can download in the client area and upgrade as normal.
 
We would like to thank newbie LAC for responsibly reporting a potential CSRF (cross-site request forgery) issue related to warnings resolved with the release of 3.4.9.
 
Support Notes
IPS will no longer provide upgrade services for self-hosted licenses on the 3.x series. You can do the upgrade yourself (it's very easy) but our support will only do upgrades for you to IPS Community Suite 4. If you are a IPS Cloud client we will still do the upgrades for you.
IP.Board 3.4.x will reach "End of Support" status soon and we strongly encourage all clients to upgrade to the 4.x Community Suite.
  • 24,632 views
bfarber
There is a lot to be excited about with PHP7 - the performance gains are significant and we are eagerly awaiting mainstream adoption. With that said, IPS4 utilizes several third party libraries to provide functionality across the suite -- one of these libraries is HTMLPurifier. The developers of that library are not yet supporting PHP7 and are specifically recommending PHP5. While we have resolved any known IPS specific issues within the suite for the next release, we too must recommend that you remain with PHP 5.4, 5.5 or PHP 5.6 until which time third party library developers update their libraries with full PHP7 compatibility. We will provide an update as soon as full support for PHP7 is given. 
Please note that IP.Board 3.x does not work at all on PHP7. There are no plans to release a PHP7 compatible update to IP.Board 3.x at this time.
 
  • 19,988 views
Lindy
We are releasing a patch for IP.Board 3.4.x and IP.Gallery 5.x to address a potential cross-site scripting (XSS) issue.

It has been brought to our attention that specifically crafted posted content followed by specific user actions can cause a scenario where untrusted javascript can execute.  A patch is being released to address this potential issue.  This download also includes a patch for an email issue previously reported to us.


To apply the patch
Simply download the attached zip and upload the files to your forum server.   This single zip file includes the patch files for both IP.Board as well as IP.Gallery.
 
patch_12_15_15.zip
 
If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade.

If you install or upgrade to IP.Board 3.4.8 or IP.Gallery 5.0.5 after the date and time of this post, no further action is necessary as we have already updated the main download zips.
We would like to thank @newbie LAC for responsibly disclosing this issue to us.
  • 7,271 views
bfarber
The adoption rate of IPS4 has far surpassed our initial expectations. In response to this as well as client feedback, we are refocusing more internal resources on supporting and solidifying the IPS4 platform. As such, we are revising our product cycle dates for IP.Board (3.4.x) as follows: 
March 1, 2016 - End of advanced technical support and development. Basic / limited technical support will continue. 
June 1, 2016 - End of all technical support. Only security updates will be provided. 
April 1, 2017 - Complete product End of Life (EOL) 
 
  • 22,437 views
Lindy
IPS is pleased to offer a 15% discount from now through December 4, 2015 (11:59PM Eastern.) This offer extends to all self-hosted software licenses as well Community in the Cloud packages. Whether you've been wanting to add a new component to your current IPS Community Suite license, have been waiting for the right opportunity to renew your license or are considering IPS for the first time, simply use the coupon code BF2015 at checkout to take advantage of this offer.
Note: Offer extends to currently expired licenses or licenses that will expire during the promotion. Sorry, may not be used on early renewals but we will be running more holiday promotions.
  • 9,044 views
Lindy
IPS is seeking knowledgeable and industrious individuals to join its support team as product specialists. 

Successful applicants will be responsible for answering general support tickets, including providing customers with information, troubleshooting problems and performing maintenance. You would be expected, where appropriate, to interact with other technicians and developers to resolve issues. 

Requirements:
Must be familiar and have extensive experience with IPS applications. Must have a basic knowledge of PHP and MySQL. Must be able to effectively telecommute. Must speak fluent English and possess strong verbal and written communication skills. Experience with working in customer support.
Preferred, but not required:
Knowledge of server administration and experience working for a web hosting company. Knowledge of additional web technologies such as JavaScript, CSS, JSON, XML, etc.
All positions are part-time with full-time opportunity. Schedules are flexible and salary will be based on knowledge and experience. 
Applications are now closed. Thank you to everyone that applied and those who were not contacted will remain on file for first-contact for future positions! 
  • 6,829 views
Lindy
Version 4.1 of IPS Community Suite is nearly ready for its supported release. We have fixed hundreds of issues leftover from the 4.0 versions, introduced dozens of new features, and made the system run much faster.
Check out the release notes and preview blogs for more information.
When you upgrade from version 4.0 to 4.1 there are a few things to know and we will touch on the big points here. Be sure to read the release notes for a complete list.
Theme Changes
There are quite a few theme changes in 4.1 but most will not destroy 4.0 themes completely. You may need to update some areas though. If you used the custom CSS feature or the easy mode theme editor then most of those settings will be preserved in the upgrade. Note that the globalTemplate did change, specifically to remove the "utilitiesMenu" template bit. The upgrade system will attempt to handle all this for you but if there are any issues you can either update your theme or revert any templates causing issues. The system will show you a warning if there are any problems.
You can check out out theme difference tool to see all changes. Most 4.0 themes will work just fine on 4.1 and those that do not generally just require small updates. Be sure to do a test upgrade on a backup first to see how it goes.
Menu Manager
The new Menu Manager in IPS Community Suite 4.1 is a powerful new feature that gives you much more flexibility in your top level menu structure. When you upgrade, the system will make its best guess on how the menu should be shown. Of course you may not like this layout but you can easily change it in the AdminCP under the Menu Manager. Just drag and drop to whatever menu setup works best for you!
Activity Streams
Many older areas like View New Content, My Content, and more are now merged into the new Activity Streams feature. You can still replicate all that those old areas did and we actually ship with some default Streams to get you started. You can also, if you like, set an admin-default stream that shows in the upper right area automatically. Your members can override that with their own defaults if they find they like their own custom streams better.
 
For example, every morning when I get online I first check a custom Stream I created that I named "Home" which I selected as my default. By checking the default icon, a link always shows in the upper right.

Admins can also define a selection of available streams and set a global default. Here is an example that creates an unread content stream.

 
There are tons of new features, fixes, and enhancements in 4.1. We hope you enjoy!
  • 15,911 views
Charles
We have had IPS Community Suite 4.1 running on our own community site for several weeks now and are very happy with how it's taking shape. All the feedback has been very helpful and we have made many refinements to the new features and are looking forward to seeing what everyone does with them.
The first two public betas have gone very well with no major bugs - just the normal sort of issues you expect to see in a large update. In fact, the betas have gone so well that we have actually fixed more bugs leftover from 4.0 than have been reported for 4.1!
We originally planned on releasing 4.1 later this week but have decide to delay the release until the end of October so we have a couple more weeks to do more betas and further refine this release. Version 4.1 not only introduces many features but it also includes many low-level changes to enhance performance and be more robust with error handling. We have been very happy with the pace that we are implementing fixes and enhancements so we want to keep that up and think just a couple weeks of delay is well worth it for all.
If you are interested in helping to test beta releases they are now available in the client area. Just keep in mind we do not provide support for betas and you cannot upgrade from beta to the final release. They should only be on test copies.
Thank you for all the feedback! We are excited for 4.1 and know that a lot of you are waiting for it with great anticipation.
  • 16,267 views
Charles