Jump to content

Invision Community 4.4.6

Released 08/30/2019

This is a security release and we recommend all clients upgrade as soon as possible.

Key Changes

Version 4.4.6 is a maintenance update to fix issues reported since 4.4.5.

Additional Information

Security

  • Fixed an issue where a malicious user may be able to identify the full path to a file uploaded to a custom field.

Core

  • Added support for MySQL 8.
  • Improved security headers on error pages.
  • Changed the "Who follows this" page to instruct bots not to index the page for SEO purposes.
  • Moved the Club Members Box to the sidebar when the club information are shown in the sidebar.
  • Fixed an error visiting the full notifications screen when the user has no notifications.
  • Fixed an issue where old messenger links may not redirect correctly.
  • Fixed an issue where new comment notifications can show an incorrect read status.
  • Fixed club sorting preference being lost when navigating to another page of clubs.
  • Fixed an issue where the "Bypass word and link filters" setting was not honored for links.
  • Fixed attachments not being properly claimed when added to a Staff Directory member entry.
  • Fixed an issue where reordering social profiles may not show the reordered list after saving without reloading the page.
  • Fixed a potential error when an invalid sort parameter is passed in to certain pages.
  • Fixed an issue where certain tables of data may show an incorrect number of pages when filtering the table.
  • Fixed the Leaderboard popular content inconsistency when using ElasticSearch.
  • Fixed an issue where Pages blocks wouldn't show in the configuration form when using the block manager.
  • Fixed an issue where creating a club feature could result in a DB exception.
  • Fixed broken ACP tables on Internet Explorer 11.
  • Fixed an issue where Status Posts couldn't be deleted.
  • Fixed an issue where 0B may be displayed in place of the real Redis maximum memory amount on the support overview page.
  • Fixed an issue where using REDIS as session storage would return the wrong members for the online list.
  • Fixed an issue with lazy-loading where images with a custom aspect ratio set did not honor the ratio after loading.

REST & OAuth

  • Fixed OAuth Logins being broken because of a missing DB column.

Blogs

  • Fixed blog entries from clubs showing on the Blog applications Grid View when the "Show Club Content Areas" setting is set to "Only Within Clubs".
  • Fixed an error that can occur with some configurations when attempting to add or move a blog entry.

Pages

  • Fixed an issue where the wrong user may be notified of Pages database records being embedded in other content areas.
  • Fixed an issue where attachments in newly submitted database records would not be used when embedding records in other areas of the software.
  • Fixed an issue with Schema.org structured data tags in Pages when the site has a logo image applied to the theme.
  • Fixed an error searching databases in the AdminCP using the quicksearch input on the database listing page.
  • Fixed an issue in the Pageurl Output Extension which was catching a not existing exception.

Gallery

  • Fixed media sound continuing to play after closing the lightbox.
  • Fixed an error that can occur when attempting to view disk space statistics when there are none.

Calendar

  • Fixed an issue where all day ranged events reflect the wrong event end date in iCalendar exports.
  • Adjusted ical import process to ignore WKST values of 'MO' (which is the default) to reduce false-positive error reports.

Converters

  • Fixed some issues converting MyBB content including profile fields, avatars & attachments.

Commerce

  • Added ability for administrator to choose what to do after a dispute is won (previously would automatically re-approve the transaction).
  • Fixed an issue where the tax name in invoice emails could be missing.
  • Fixed potential uncaught exception if trying to view a product in the AdminCP that doesn't exist.
  • Fixed an issue where the description of new payment gateways wasn't saved successfully.

Third-Party / Developer / Designer Mode

  • Fixed an issue using the node form helper when not using $titleLangPrefix in the node model, and using apostrophies in a node's title.
  • Fixed an issue where the wrong member's AdminCP notification dismissals were referenced in \IPS\core\AdminNotification::notificationIdsForMember().
  • Fixed an issue where Nodes that do not implement permissions may still try to check them, resulting in an error in some situations.

Changes affecting third-party developers and designers

  • Added an ID to the mobile navigation sign in link elSigninButton_mobile.
  • All columns named member must now be escaped with backticks when querying the database in order to support MySQL 8.


×
×
  • Create New...