IPS Community Suite 4.6.12.1 Release | IPS 4.6 ENXF

IPS Released IPS Community Suite 4.6.12.1 Release | IPS 4.6 ENXF 4.6.12.1

No permission to download

IPS Community Suite 4.6.12.1​

Released 04/12/2022
This is a security release and we recommend all clients upgrade as soon as possible.

Key Changes​

This release is to fix a security issue our internal teams identified. It is specific to those that use the REST API and also uses a CDN to cache page output.

Additional Information​

Core
  • Fixed an issue where social icons may show in the header by default.
  • Fixed some issues with the lost password reset process relating to link expiry.
This is our April maintenance release.
Core
  • Added a setting to control the successful webhook log duration.
  • Added support for m4a audio files.
  • Added member warnings to the moderator log.
  • Updated the default robots.txt instructions to further reduce crawl wastage.
  • Fixed an issue where deleting an item would return an error when the item had no valid URL.
  • Fixed an issue where stream RSS Feeds may generate incomplete guest member account.
  • Fixed the broken "achievements to show" widget setting.
  • Fixed an issue where communities which were installed inside a directory where submitting an invalid keyLocation parameter to IndexNow .
  • Fixed the comment_deleted webhook which wasn't fired.
  • Fixed minor issue where the Upgrade AdminCP notification could throw an uncaught Error if the latest version request failed.
  • Fixed an issue in the achievements member filter, where the "any" option would result in no matches.
  • Fixed an issue search results could show an error under some circumstances.
  • Fixed an issue where images within a quote within a reply could generate extra whitespace
  • Fixed an issue where the onProfileUpdate Member Sync extensions wouldn' tbe called as expected.
  • Fixed an issue where "All / None" links were shown under the Followed Content section of notification options incorrectly.
  • Fixed an issue where DailyMotion short URLs would not embed.
  • Fixed an issue where long names can overlap the ... button in comments on small devices.
  • Fixed the fallback download link for Quicktime videos which Chrome will not display as a video.
  • Fixed an issue where the block submission word filter missed words or phrases with quotes and other HTML entities in them.
  • Fixed an issue where the ACP Profile - Points page could get broken because of achievements rules from deleted applications.
  • Fixed an issue where the REST API self-health check would suppress any errors caused when a friendly URL was used without the proper htaccess file.
  • Fixed an issue where daily subscriptions for streams with an author set may not work correctly.
  • Fix spam service filling up system logs if a license has expired.
  • Fixed an issue in the stream subscriptions, where the stream ignored the date from the last email, so it fetched all the content instead of only the recent one which was created after the last sent email.
  • Fixed a performance issue with the stream subscriptions task.
  • Fixed an issue where admin pages would still show for disabled applications.
  • Fixed an issue where uninstalling applications may leave orphan notifications.
  • Fixed an issue where rank images may not be moved when altering storage configurations.
  • Fixed some duplicate rel tags in share links.
  • Fixed an issue with image rotation when uploading.
  • Fixed an issue with the online widget cache.
  • Fixed an issue where the cleanup task may fail when run via cron.
  • Fixed an issue with PHP 8.0.17 by working around a zlib issue.
  • Fixed an issue where hidden status updates were incorrectly styled in the moderator control panel.
  • The social icons are now correctly shown on mobiles when the "Social Link Position" theme setting is set to "Header Background".
  • The rank progress in the mobile navigation panel will no longer overlap navigation links.
  • YouTube embeds will now load from the youtube-nocookie.com domain.
  • Removed some no longer required acp restrictions.
  • Removed orphaned 'Activity/Content Discovery' module.
  • Removed disabled applications webhook references.
Forums

  • Fixed an issue where Google rich results may not show the correct vote counts for answers.
  • Fixed an issue where forum specific themes would throw an exception once deleted.
Gallery

  • Fixed a potential database error when viewing followed images.
Pages

  • Fixed an issue where the record listing table would show the total count of items in the category + all it's child categories as total item count.
  • Fixed an issue where the cms records widget settings form would throw an exception when error reporting was enabled.
  • Fixed an issue where IP address tools would display all comments for every database.
  • Fixed an issue where toggling the use forum for comments database setting could alter approval status.
  • Fixed an issue where og:url is not set for category views.
Commerce

  • The business name input field is now shown globally instead only for EU countries.
  • Fixed an issue where attempting to purchase a product that isn't allowed for the member, didn't show an error message when signing in during checkout.
  • Fixed invalid JSON-LD product data when stock levels are based on custom field selections.
  • Fixed social logins bypassing purchasing a product or subscription when it is required on registration.
  • Fixed an issue using PayPal via Braintree.
  • Fixed an issue display Braintree transactions in the AdminCP that had been processed by GooglePay.
  • Fixed an issue where registering via Commerce may not log acceptance of terms and conditions.
  • Fixed an issue where paying with account credit can leave a pending amount less than minimum amount processable via Stripe.
  • Fixed an issue where the initial renewal term text may not update during checkout.
  • Fixed an issue where grace periods were not correctly added when manually invoicing from the admin control panel.
  • Removed the FX country code for france.
Calendar

  • Fixed the birthday output on the day view page.
  • Fixed an issue where the activity stream widget would show the wrong event date as result.
Converters

  • Optimised vBulletin 3/4 member conversion.
  • Fixed an issue where passwords from WPForo may not work following a conversion.
  • Fixed an issue converting smilies from vBulletin where a CDN was previously used.
  • Fixed an issue formatting XenForo URLs when "unfurls" were used.
  • Fixed an issue where downloads category counts were not calculated after a conversion.

Updates to third-party libraries​

  • Updated Spectrum, a color picker library to the latest release version.
  • Updated jQuery UI components to 1.13.1.
  • Updated jQuery.nestedSortable.js to 2.1a.
  • Updated CKEditor to 4.18.0.

Changes affecting third-party developers and designers​

  • \IPS\Application::doMemberCheck() method added that can be added to subsequent subclasses which can force a user to perform an action before they may continue using the site.
  • Converters now generate profile photo thumbnails via background task.
This is our March maintenance release.
Core
  • Added a new 'block' feature to blocked words when posting. It will prompt the author to revise their content to remove the offending word.
  • Added the ability to limit club cover photo file size.
  • Added button to exit the Two Factor Authentication flow. Logs out if 2FA is required upon login. Goes to an unprotected location if 2FA is required only in that area.
  • Added the ability to upload maskable application icons for progressive web apps.
  • Upgraded plupload to 2.3.8.
  • Adjusted cache headers to make sure set-cookie response headers are not cached by CDN/Edge.
  • Fixed an issue where the close poll link may show to guests.
  • Fixed an issue where advanced member search limited by 'joined' returns all members.
  • Fixed an issue where searching for "Member Title" in the AdminCP returns a deprecated result.
  • Fixed an issue where the Follow Member achievement rule did not award points or badges.
  • Fixed an issue where group promotions with an achievements rule may not work correctly.
  • Fixed an issue where some posted images incorrectly held posts for approval if the filename had an email address-like format.
  • Fixed an issue where stored editor replies with lazy load embeds did not display correctly in the editor when applying.
  • Fixed an error shown when the deleteOrMove content task tries to move content to an item that no longer exists.
  • Fixed an issue where guests that do not have permission to see the site cannot view stream RSS feeds with a shared member ID and key.
  • Fixed an issue applying patches where there was only PHP changes.
  • Fixed an issue where missing images are shown when a mail client is unable to view SVG images.
  • Fixed the missing Zapier related REST API endpoint access permissions.
  • Fixed an issue where the all activity stream in condensed mode showed duplicate items when using ElasticSearch.
  • Fixed an issue where the Stream Subscriptions Task could time out.
  • Fixed an issue where themes may appear out of order in the theme selector.
  • Fixed an issue where uploading multiple files to Pages could cause Safari to crash.
  • Fixed the duplicate stream subscription emails.
  • Removed Mobile App logic.
Downloads

  • Improved performance for the downloads index page.
Forums

  • Fixed an issue where a topic in a Q&A forum may throw an uncaught error if it has zero posts (typically caused by the archive database link being broken)
  • Fixed an issue when splitting a topic with a solved post, the old topic still claims to be solved.
Blogs

  • Fixed an issue with blog entries not saving future publish dates.
  • Fixed an issue where a comment to an existing blog entry appeared as a new entry in streams.
Gallery

  • Fixed misleading language in streams used when other members uploaded into an owned album.
  • Fixed an issue where Gallery uploads could timeout when building thumbnails for animated gifs.
Pages

  • Fixed an issue where fetching the last post of a category could result in an error.
  • Fixed an issue where the custom keywords meta tag would not be used when viewing a category.
  • Fixed an issue where more than one block on a page of the same type would always show the same orientation.
  • Fixed an issue where block visibility settings would show incorrectly when creating blocks via the admin control panel.
  • Improved error message when creating a template group that already exists.
Commerce

  • Fixed the colors of the Commerce Overview widget in the ACP while using dark mode.
  • Fixed an edge case issue where a validating member that has purchased something may get automatically deleted.
  • Fixed an issue where a customer may not be able to pay for a custom product.
REST & Webhooks

  • Added new webhooks which are fired when a member joins or leaves a club.

Additional Information​

Core

  • Added support for IndexNow.
  • Added ability to allow administrators to fire webhooks for specific events.
  • Added the ability to moderate or replace posted email addresses with an obfuscated placeholder in content.
  • Added the CSRF key to the dynamic chart delete link.
  • Implemented the banned IP addresses check for PBR content.
  • Improved the REST API self diagnostics test and returned errors.
  • Added few missing language strings for email stats.
  • Updated HTMLPurifier to 4.14.0.
  • Updated CKEditor to 4.17.1.
  • Improved security for iframe embedding.
  • Improved the default Robots.txt file to further increase crawl efficiency.
  • Improved error handling when unexpected errors are encountered in upgrader.
  • Fixed an issue where the AdminCP member history for posting restrictions may not show the correct length of time.
  • Fixed an issue where the ACP Moderator Stats can time out with too many moderators
  • Fixed an issue where cloud customers could see an incorrect cache error message.
  • Fixed an issue where Profile Settings would throw an error instead of showing a validation error.
  • Fixed an external link on the ACP gateway settings page to open in a new window.
  • Fixed an issue where the cleanup task would return an error when it was executed via a cron job because of the missing session.
  • Fixed an issue where awarding points or a badge wouldn't trigger the member sync and group promotion routines.
  • Fixed some missing headings and value formatting in statistic tables.
  • Fixed a display issue in the admin control panel for RSS import badges.
  • Fixed an issue where cloning groups could leave incorrect search index permissions.
  • Fixed sub-sub menu items showing in the wrong location when viewing the menu on mobile.
  • Fixed a niche issue when using Redis for view logging and the task runs before any views have been logged.
  • Fixed an issue where splitting multiple posts from a topic into a new one wouldn't update the search index properly.
  • Fixed an issue where banned members were shown in achievement widgets.
  • Fixed the broken link to status replies and comments inside the similar content widget.
  • Fixed an incorrect css variable (--dialog--boxSHadow).
  • Fixed an issue where copying an achievement rule wouldn't copy the additional language strings.
  • Fixed the duplicate rel attribute in the Twitter share widget.
  • Fixed an issue where personal messages were incorrectly awarded points.
  • Fixed an issue where streams limited by tags did not show any results when using Elastic Search.
  • Fixed an issue sending bulk mail when selecting one of the 'validating' options.
  • Fixed an issue where some AdminCP text editor tags may not show descriptions.
  • Fixed an issue where downloading a file may have the wrong filename when it has a long extension.
  • Fixed the style tag on the offline page.
  • Fixed an issue where banned and spammer member filter options were showing for bulk mail.
  • Fixed a missing language string in the related content widget.
  • Fixed an issue on the ACP - Social Media Promotion Page which returned the Permissions Warning even when no promotion services were available.
  • Fixed a broken language string on the re-authenticate login prompt.
  • Fixed social media promotion throwing an error if the Facebook or Twitter login handler is disabled.
  • Fixed an issue where hidden or non-approved content was shown in the "Similar Content" Elastic Search widget (note: it was only shown to those with permission to see it).
  • Fixed an issue where some emails may have two HTML wrappers.
  • Fixed an issue where moderator logs may show untranslated content types.
  • Fixed some issues upgrading from < 4.0.0 when using MySQL 8.0.2 or newer.
  • Fixed broken "reveal author" buttons when an anonymous user is deleted.
  • Fixed the broken ranks XML export.
  • Fixed an issue where streams configured to return only content items returned also comments and reviews.
  • Fixed the insert existing attachment page jump form not working in bulk mail.
  • Bing Sitemap Support was removed because they deprecated the service.
  • Fixed few issues in archived QA Topics.
  • Fixed an issue where the cleanup task could fail when cron was used to run the tasks.
  • Fixed an issue where expanding nodes in the advanced search form node selector element could be slow or time out.
  • Fixed an issue where achievement ranks and badges were not exporting using the correct language.
  • Fixed an issue where the Club::recountMembers() method would return the DB query instance instead of the value.
  • Fixed an issue where content may not be anonymized after deleting members.
  • Fixed some issues caused by badly formed dates in the leaderboard.
  • Fixed an issue with activity streams with the 'members I follow' filter on Elastic Search.
Blogs

  • Fixed the breadcrumb navigation inside Clubs.
Forums

  • Fixed an issue where JSON-LD may not show an author for Q&A topics.
  • Fixed an issue where solved statistics may not show correctly.
  • Fixed an issue where it was possible to create a redirect forum without setting a redirect target.
  • Fixed an issue where 'Unmark as Solution' moderator log was missing the post id.
Commerce

  • Fixed an issue where Tax wasn't shown in the subscription upgrade charge.
  • Fixed an issue where the 'new products' block on the Store page may not show accurate stock levels.
  • Fixed the HTML structure of the Featured Products widget, which previously resulted in a broken paragraph tag.
  • Fixed the customer page throwing an error if an application that implements a package type is uninstalled.
  • Removed stripe.js from non Commerce related pages.
Downloads

  • Fixed an issue with submitting file links without uploading a file when multiple files are not allowed.
Pages

  • Fixed an issue where search for templates did not return the correct results.
  • Fixed an issue where turning on template editing diff reduces the size of the editor.
Calendar

  • Fixed an error shown on the create event form when an invalid input date is provided.
  • Fixed an issue where the current date was not selected when creating an event from the day view.
Converters

  • Fixed a minor issue when converting soft deleted topics from MyBB.
REST & Webhooks

  • Added new webhooks which are fired when content is deleted.

Changes affecting third-party developers and designers​

  • Added backticks to table names in update and delete queries.
  • Updated the method definition for changesForHistory() in MemberRestriction extensions.
  • Fixed an issue with the template Hextorgb plugin throwing an error.
  • The member_edited webhook will now only be fired if there are any data in the $changes parameter.
  • Changed the $useWrapper parameter in \IPS\Email::buildFromContent() to a class constant instead of bool.
  • Removed \IPS\core\extensions\core\MemberFilter\Locked.
This contains bug fixes for our December releases

Additional Information​

Core
  • Added reputation titles & icons back to the Reputation Activity page in user profiles.
  • Changed value for prune_member_history setting from null to an empty string for Cloud.
  • Changed the modified file checker on the support dashboard to use the database version for checks.
  • Improved the club landing page for closed clubs to return an error with further information.
  • Fixed the design on the Zapier Integration page and added the clipboard copy button for easier data copying.
  • Optimized deletions from Redis after processing content views.
  • Fixed an issue where the topic summary may only show 3 top posts instead of 4 if the topic contains many guest posts.
  • Fixed an issue where deleting a club would return an error.
  • Fixed the badges for 'seven consecutive days' and 'Five Hundred Items'.
  • Fixed a bug where Nodes could be deleted if they are the target of another node's content.
  • Fixed a PHP warning on the ACP member profiles.
  • Fixed an issue where members requiring moderation could merge content with already existing replies without requiring approval.
  • Fixed opacity on form placeholders when using dark mode.
  • Fixed an issue where no default badge was shown in the admin control panel streams list.
  • Fixed an issue where creating an OAuth2 login method would result in an array with IN_DEV.
  • Fixed an issue where text direction was not set correctly in some emails.
  • Fixed an issue where it wasn't possible to delete the Apple startup icon.
  • Fixed unreliable sorting on the admin control panel tasks table.
  • Fixed an issue where email exceptions did not show the correct message in debug mode.
  • Fixed an issue where member group formatting may break the who's online and active user widgets.
  • Fixed a missing search keyword for block caching.
  • Fixed some missing rel=nofollow attributes on add new content links.
  • Fixed some missing email template titles.
  • Fixed a broken link when configuring VigLink.
  • Fixed an issue where editing anonymous items could change the author.
  • Fixed the duplicate rel attribute in the facebook share link.
  • Fixed a niche issue with the Marketplace interface showing an entity instead of dollar sign in some browsers.
  • Fixed an issue where the Recently Browsing widget may show '0 members' if you are the only one viewing the page.
  • Fixed an issue where RSS feeds were unavailable to readers when the site is not available to guests.
  • Fixed an issue where 'webp' was missing from the mod_rewrite rules.
  • Fixed an issue where some RSS feeds may not be valid when using Amazon S3 and enclosures.
  • Fixed an error on posting due to followers in specific situations.
  • Fixed an issue where banned users show in @mentions.
  • Fixed an issue where removing all followers of a content item does not immediately update the count.
  • Fixed an issue with the achievement rebuild progress bar when using a locale that uses a comma for the decimal separator.
  • Fixed an issue where the content promoter would get a badge instead of the content author.
  • Fixed an issue where report center links may point to a container rather than the reported item.
  • Fixed an issue where the 'rel' attribute content rebuild may break embedded images. Re-run to fix.
  • Fixed an issue where clicking 'None' would uncheck disabled checkboxes.
  • Fixed an issue where an error was not properly handled if the PHP mail function was not available.
  • Fixes multiple issues with Elasticsearch and updates the minimum version to 7.2.
  • Fixed an issue where a new rank email may not be sent.
  • Fixed a timezone issue with some date fields.
  • Fixed an issue when sending push notifications when content is recognized.
  • Removed no longer used sitemapLinks functions.
  • Fixed some missing language strings when setting permissions for editor buttons.
Forums

  • Fixed a broken getLastComment link in the forumRow template.
  • Fixed an issue displaying stats for "Solved Topics by Forum".
Pages

  • Fixed few potential issues caused by a record with an orphaned category.
  • Removed aggregateRating JSON-LD, although part of schema.org it isn't supported by Google for the 'article' type.
Downloads

  • Removed the option to add a Custom Field type of "Poll" to Downloads Files.
Commerce

  • Fixed a missing custom field language string in the 'pending shipment' block on invoices.
  • Fixed a missing language string in acp notifications of pending transactions.
  • Fixed an error shown if a shipping order is deleted for a no longer existing invoice.
  • Fixed an issue where it was possible to have more than one Subscription at a time.
  • Fixed an issue adding products to an invoice via AdminCP when it contains a Miscellaneous Charge.
  • Fixed an issue where using a Yes/No custom field as a purchase identifier caused an endless loop.
  • Fixed an error that occurs when attempting to upgrade between packages with no renewals.
Blog

  • Fixed an issue where pagination links could redirect to the wrong location when using Blog categories.
REST & Webhooks

  • New Webhook member_badge_awarded fired when a badge is awarded.
  • New Webhook club_deleted fired when a club is deleted.
  • New Webhook club_created fired when a club is created/approved.
  • New Webhook member_edited fired when a members data are changed.
  • New Webhook member_delete fired when a members gets deleted.
  • New Webhook calendarEvent_rsvp fired when a members sets / changes his RSVP state for an event.
  • The calendarEvent_create webhook is fired now also after ICalender imports.
  • REST API endpoint GET /core/clubs accepts a new parameter member_id which allows the endpoint to return only the visible clubs for this specific member.
Our November release contains over one hundred bug fixes and improvements including:

Additional Information​

Core
  • Added a robots.txt generator, removed content redirect links for guests and added nofollow directives.
  • Added Achievement filters for bulk mail, group promotion and automatic moderation
  • Added a Limit of 1 to the First Comment query to improve performance.
  • Added member's rank and achievement point total to the member CSV export.
  • Allows audio files to be played natively in browser.
  • Added the option to compare with a theme's parent when editing templates.
  • Added the ability to report comments via the REST API.
  • Added the ability to react to comments (and Pages records) via the REST API.
  • Changed fetching comments via the REST API to show reactions given.
  • Improved the reliability and security of using the (S)FTP upgrade method in the AdminCP.
  • Fixed potential issue where duplicate notifications/digests are sent.
  • Fixed an issue where deleting members may leave orphan status update reports.
  • Fixed an issue where it was not possible to resend validation emails if internal logins were disabled.
  • Fixed an issue where word filters may not work correctly when editing titles inline.
  • Improved the achievement new rank and new badge emails.
  • Changed the activity stream subscription emails to filter only by the create date.
  • Fixed an issue where it was not possible to resend validation emails if internal logins were disabled.
  • Fixed an issue where, after splitting a hidden content item, the comments show as hidden without the option to un-hide from within the new content item
  • Fixed incomplete administrator logs when performing actions on achievement rules.
  • Fixed an issue where incoming emails may be rejected incorrectly when the x-auto-response-suppress header is set.
  • Fixed an issue where promoting content may cause items to appear twice in our picks.
  • Fixed an issue where deleting members may leave orphan status update reports.
  • Fixed an issue where task progress bars could show percent completion above 100%
  • Fixed an issue where the confirmation modal for stream subscriptions would show a broken confirmation description.
  • Fixed an issue where reviews may not be correctly indexed with Elastic Search.
  • Fixed an issue where importing the achievement rules xml file could fail during the upgrade.
  • Fixed an issue where insert attachment links in dark mode may show in the wrong color.
  • Fixed a rare issue where you may see the Service Worker Javascript after login.
  • Fixed an issue where the 'recently browsing' Javascript may not load properly.
  • Fixed an issue where insert attachment links in dark mode may show in the wrong color.
  • Fixed an issue where custom meta tags/titles may not always show on the community homepage.
  • Fixed an incorrect registration stats admin restriction.
  • Fixed an issue where multiple ACP notifications for the same item were visible.
  • Fixed incorrectly escaped node form helper titles.
  • Fixed admins not being able to ban or flag member as spammers via the ACP profile when warnings were disabled.
  • Fixed an issue where it was not possible to toggle the anonymous state of content items.
  • Fixed an issue where tag filtered content feeds would show incorrect results where a tag forms part of another tag.
  • Fixed an issue where task progress bars could show percent completion above 100%.
  • Fixed an error when moderators with permission to post anonymous content edit content of those that can't.
  • Fixed the ACP-Follower Statistics Page which was returning an IN_DEV error if no followed content was present.
  • Fixed an issue where PNG images could not be resized in the browser when using Firefox.
  • Fixed an issue with Activity Streams where the results may be incomplete when the 'Content I posted in' filter is used.
  • Fixed an issue where the easy mode editor was not able to select elements when using CDNs to serve CSS.
  • Fixed potential issue where duplicate notifications/digests are sent.
  • Fixed an issue where deleting a custom template would remove it from all themes.
  • Removed moderator permission setting for "Can edit poll votes?" in the AdminCP.
  • Changed the messaging when setting up the stock replies button to make it clear why it may not show.
  • Fixed an issue where achievements rewards were not given when a comment is approved for the first time.
  • Fixed an issue where Admin CP downloads (themes, etc) would download an 'admin.html' file when using Safari.
  • Fixed an issue in the search/filters template which would result in an error with IN_DEV being enabled.
  • Fixed an issue that can occur when sending a push notification for reviews needing approval.
  • Fixed an issue with PHP8 when checking profanity filters.
  • Fixed an issue where a checkbox item would not select when found using the search in a checkbox set.
  • Fixed an issue where the message permission check message for announcements linking to content may not display.
  • Changed the User-Agent header for the webhook requests to contain the IPS Longversion.
  • Fixed an issue in the Request Authentication method happening for CGI/FASTCGI users.
  • Fixed few issues on the profile page resulting in broken AJAX pagination and that tabs would load without the page container.
  • Fixed an issue where the item title may be missing when viewing who reacted to an item that has been promoted.
  • Fixed an issue where search may show the wrong results after changing page.
  • Fixed a broken link to our support community on the Support dashboard.
Forums
  • Fixed an issue where json-ld info can show the wrong author details after a display name change.
  • Fixed an issue where links to user profiles were shown in some circumstances where profiles could not be viewed.
  • Fixed an issue where it was not possible to copy the "Allow the topic starter to mark solved" forum setting.
  • Fixed an issue where the "participated in topic" icon was incorrectly positioned on small devices when both Fluid Forum View and Expanded Topic List View were both enabled.
  • Fixed an instance of invalid HTML with member badges in Expanded Topic List View, where a ul was a direct child of another ul.
  • Member badges and topic stats on Expanded Topic List View pages now wrap correctly on small mobiles.
Blog
  • Fixed an issue where Blog json-ld output may contain invalid HTML output.
Commerce
  • Added the ability to optionally require a billing address for subscriptions.
  • Added an achievements rule for product purchases.
  • Added some missing VAT territories to checkout form.
  • Fixed an error thrown when sending Easypost shipping notification emails.
  • Fixed an issue where a business name form field would show during checkout when consumer was selected.
  • Fixed an issue where removing a currency can cause errors in search results.
  • Fixed a PHP 8 type error when upgrading between Commerce packages.
  • Fixed an issue where a guest may see a CSRF error when trying to purchase a subscription.
  • Fixed an issue specific to Cloud where creating a ticket from the contact form may not work.
  • Fixed an issue where purchases and subscriptions could move members to not existing groups.
  • Fixed an issue where invoice warning emails may say the customer has an active PayPal Subscription when it has been cancelled.
Calendar
  • Fixed an issue where adding similar events could cause a blank cover photo to be saved.
  • Fixed an issue where setups with only one calendar wouldn't show the birthdays on the month view.
Gallery
  • Fixed a database error shown when managing followed content for Gallery images.
Downloads
  • Added an achievements rule for downloading files.
  • Improved the new version approval flow when the main file submission is also pending approval.
  • Fixed an issue where rejecting a pending new version may delete screenshot thumbnails that are in use.
Pages
  • Added AggregateRating Schema to record pages.
  • Fixed a minor link target issue with the add phrase button when editing blocks.
  • Fixed a database error shown if a user does not have permission to edit date fields.
  • Fixed orphan language phrases when deleting databases and custom fields.
  • Fixed an issue where the 'Use database name as page title' setting wasn't honoured when using a database without categories.
  • Fixed an issue where the template file list would be hidden when adding CSS/JS/templates in the Admin CP.
  • Fixed an issue where the custom fields form would show the Topic Format field for fields in databases where no topic syncronizazion is enabled.

Changes affecting third-party developers and designers​

  • Cleaned up some defunct code relating to AdminCP default theme settings.
  • Fixed an issue where it was not possible to create new default database inserts in the developer center.
  • Fixed an issue where adding a hook to the topic sidebar would shift the sidebar to underneath the topic.
  • Fixed an issue where adding a hook can cause CSS selectors with a colon (eg: ipsFlex:4) to be broken (eg: ipsFlex---cln---4)
  • The ACP Member Profile Template will remove the left column if there are no blocks to show.
  • Updated no-cache headers to include max-age=0.
  • The GroupForm extension can now have a new method canDelete() which can be used to set specific groups not deletable (e.g. if it is used for target after a purchase).
  • Removed core/extensions/core/Sitemap/Applications.php and core/extensions/core/Sitemap/Profiles.php sitemap extensions.
  • Unapproved content push notifications now use definateArticle() for item titles
Core
  • Added Stream Subscriptions.
  • Added the ability for public sections to be created in closed clubs.
  • Added Zapier Support for self-hosted licenses.
  • Added Stock Replies to all editors.
  • Improved online member widgets to show the viewing user when they are not anonymous when the block is cached.
  • Fixed an issue where background images in Promoted Streams sometimes didn't load properly
  • Fixed an issue where a specially crafted URL could cause an uncaught exception.
  • Fixed an issue where profile fields are not properly formatted.
  • Fixed a potential issue adding tags to content when using PHP 8.
  • Fixed an issue where the validating information was missing in the 'all' Admin Control Panel member list.
  • Fixed an issue with the Frontend Theme Editor occurring with PHP8.
  • Fixed an issue that could cause a slow query to run when sending email if a large number of emails have previously failed.
  • Content item message form defaults to private, with a colored border around the editor to signify the privacy status.
Commerce
  • Fixed a niche issue where an error could occur if a PayPal Subscription notification arrives after the Subscription is cancelled.
  • Fixed an issue where it wasn't possible to edit a subscription expiry date.
Converters
  • Updated XenForo converter for 2.2.x.
  • Changed the default character set for conversion sessions from utf8 to utf8mb4.
  • Fixed an issue importing attachments from XenForo if you had previously converted to XenForo from another platform.
  • Fixed an error that could occur if the Converter tried to delete a content link.
  • Fixed an issue where converted mentions may contain a static URL (breaking them if you change your domain).
  • Fixed an issue with tag statistics immediately after a conversion.
  • Fixed an issue with some topics not being hidden (but their posts were) after converting from vB5.
Pages
  • Fixed an issue with the display of the Page Builder: Upload Images widget when used with a set block height.
Calendar
  • Fixed an issue where deleting events would fail when called via the cron job.
  • Fixed an issue with the profile field member filter where date fields would return false for group promotions.
Forums
  • Fixed an issue where rebuilding a members content count could fail with broken Archived DB connection settings.
Downloads
  • Fixed the broken "Buy" link inside file embeds.

Changes affecting third-party developers and designers​

  • Switched the parameter order for \IPS\convert\Library\Core::convertRssImported() (PHP8)
Core
  • Improved catching errors that 3rd party hook may throw.
  • Added grouping to approved content push notifications.
  • Changed lost password reset links to be valid for 1 hour.
  • Upgraded CKEditor to 4.16.2.
  • Fixed some missing language strings in Member History when looking at badges/points.
  • Fixed an issue with the SQL toolbox pagination when a table prefix was being used.
  • Fixed an issue where achievement excluded groups still show in the widgets.
  • Fixed an issue where required profile fields may be skipped from profile completion.
  • Fixed an issue where it was not possible to post status updates if the ability to follow a member was disabled.
  • Fixed an issue where videos attachments that are not supported by a browser may not be downloadable.
  • Fixed an issue where some admin control panel profile blocks could show if the features were disabled.
  • Fixed an error when a restricted admin attempted to add moderators.
  • Fixed an issue where following a member can send a notification if you choose to follow anonymously.
  • Fixed an issue where a view update task may attempt to connect to Redis when Redis is not used.
  • Fixed an issue where search statistics in the ACP can be slow to generate.
  • Fixed an issue where the 'follow member' achievement rule didn't calculate milestones correctly.
  • Fixed an issue where WebP may be shown as an accepted extension when not fully supported by the server.
  • Fixed editor becoming unresponsive when inserting attachments into the editor.
  • Fixed an issue where an automatically deleted notice may be shown on a member in AdminCP but the account isn't queued for deletion.
  • Fixed an issue where a failed file move could delete the filenames of Reactions.
  • Fixed an issue with the REST API where it may be possible for hidden comments to be seen.
  • Fixed a minor typo when processing an RSS import.
  • Fixed an issue where the AdminCP member list may be slow to load.
  • Fixed an issue where saving changes to an Easy Mode theme might fail due to an error.
  • Fixed an issue where the health dashboard error log chart may not be accurate.
  • Fixed an issue where Achievements notifications loaded via the REST API may be attributed to a guest.
  • Fixed social login buttons not working on the register form when using quick registration.
  • Fixed an error being generated when viewing Member history.
  • Fixed the group search flood control setting not showing the correct value.
  • Fixed an issue where search pagination can lose quick search and node parameters.
  • Fixed issue where the AdminCP Search Activity statistics restriction wouldn't cause a corresponding in the menu to appear.
  • Fixed an issue where the 'solutions' table on a members profile would not paginate.
  • Fixed an issue where content controllers wouldn't find comments that are archived and stored in a separate archive database.
  • Fixed an issue where the new rank mobile notification throws an error.
  • Fixed an issue in the Achievements Rebuild Routine which would result in an exception while the rebuild.
  • Fixed an issue where creating a member moderator with a visible badge could break the view.
  • Fixed an issue sending a push notification when a new badge is earned.
  • Fixed an issue where created_externally flagged accounts may be deleted when awaiting validation, where it may be desirable to keep them.
  • Fixed an issue where the widget data weren't updated while application upgrades.
  • Removed few occurrences from the in 4.6 removed notification sounds setting.
  • Fixed an issue where creating a member moderator with a visible badge could break the view
  • Fixed an issue with the AdminCP menu manager not displaying dropdowns in some situations.
Downloads
  • Fixed an issue where a large file description may not save if it is larger than 64kb.
  • Fixed the group wait time setting not showing the correct value.
  • Fixed an issue re-activating a purchased file if the original invoice or currency does not exist.
Forums
  • Improved performance of hiding/unhiding/deleting topics.
  • Fixed an issue where not all forums could show when creating topic and post feed widgets.
  • Fixed an issue where archived posts aren't counted towards a member's total post count
Calendar
  • Fixed an issue where weekly recurring events with no end date could display one day off.
  • Fixed birthdays not showing on the initial Calendar view when only one calendar is present.
  • Fixed an issue where rare badges calculated with all members, and not just those permitted to use achievements.
Pages
  • Fixed an issue where the topic sync background task may get stuck in a loop.
  • Fixed an issue where category edit permissions would override the moderator edit permission.
Converters
  • Fixed an issue running a conversion on PHP 8.
  • Fixed an issue where long group username styles in Xenforo could cause a database error.
Gallery
  • Fixed an issue upgrading from a really old version of Gallery.
Commerce
  • Changed new PayPal subscriptions to not collect previous period charge on next cycle if the previous cycle failed.
  • Fixed a database error caused by long shipping service names.
  • Fixed an issue where the CVC/Address/ZIP checks were unavailable on Stripe payment intents in the AdminCP.
  • Fixed an issue where upgrading to a package with a longer initial term would not extend the expiry date.
  • Fixed an issue where deleting a product filter wouldn't delete all the language strings.
  • Fixed an issue where Google/Apple/Microsoft pay transactions would show a red 3DSecure error on transactions.
  • Fixed a PHP 8 specific issue that could cause an exception when viewing a product with reviews.
  • Fixed an issue where Stripe JS may be loaded more than once.
  • Fixed an issue where it was possible to receive multiple subscription free trials.

Changes affecting third-party developers and designers​

  • When building applications on Windows, Javascript/Themes imports will use \n line endings.
  • Fixed an issue editing hooks IN_DEV when using PHP 8.

IPS Community Suite 4.6.6 Nulled​

Released 09/08/2021

Key Changes​

This is a maintenance release for Invision Community 4.6.

Additional Information​

Core
  • Improved catching errors that 3rd party hook may throw.
  • Added grouping to approved content push notifications.
  • Changed lost password reset links to be valid for 1 hour.
  • Upgraded CKEditor to 4.16.2.
  • Fixed some missing language strings in Member History when looking at badges/points.
  • Fixed an issue with the SQL toolbox pagination when a table prefix was being used.
  • Fixed an issue where achievement excluded groups still show in the widgets.
  • Fixed an issue where required profile fields may be skipped from profile completion.
  • Fixed an issue where it was not possible to post status updates if the ability to follow a member was disabled.
  • Fixed an issue where videos attachments that are not supported by a browser may not be downloadable.
  • Fixed an issue where some admin control panel profile blocks could show if the features were disabled.
  • Fixed an error when a restricted admin attempted to add moderators.
  • Fixed an issue where following a member can send a notification if you choose to follow anonymously.
  • Fixed an issue where a view update task may attempt to connect to Redis when Redis is not used.
  • Fixed an issue where search statistics in the ACP can be slow to generate.
  • Fixed an issue where the 'follow member' achievement rule didn't calculate milestones correctly.
  • Fixed an issue where WebP may be shown as an accepted extension when not fully supported by the server.
  • Fixed editor becoming unresponsive when inserting attachments into the editor.
  • Fixed an issue where an automatically deleted notice may be shown on a member in AdminCP but the account isn't queued for deletion.
  • Fixed an issue where a failed file move could delete the filenames of Reactions.
  • Fixed an issue with the REST API where it may be possible for hidden comments to be seen.
  • Fixed a minor typo when processing an RSS import.
  • Fixed an issue where the AdminCP member list may be slow to load.
  • Fixed an issue where saving changes to an Easy Mode theme might fail due to an error.
  • Fixed an issue where the health dashboard error log chart may not be accurate.
  • Fixed an issue where Achievements notifications loaded via the REST API may be attributed to a guest.
  • Fixed social login buttons not working on the register form when using quick registration.
  • Fixed an error being generated when viewing Member history.
  • Fixed the group search flood control setting not showing the correct value.
  • Fixed an issue where search pagination can lose quick search and node parameters.
  • Fixed issue where the AdminCP Search Activity statistics restriction wouldn't cause a corresponding in the menu to appear.
  • Fixed an issue where the 'solutions' table on a members profile would not paginate.
  • Fixed an issue where content controllers wouldn't find comments that are archived and stored in a separate archive database.
  • Fixed an issue where the new rank mobile notification throws an error.
  • Fixed an issue in the Achievements Rebuild Routine which would result in an exception while the rebuild.
  • Fixed an issue where creating a member moderator with a visible badge could break the view.
  • Fixed an issue sending a push notification when a new badge is earned.
  • Fixed an issue where created_externally flagged accounts may be deleted when awaiting validation, where it may be desirable to keep them.
  • Fixed an issue where the widget data weren't updated while application upgrades.
  • Removed few occurrences from the in 4.6 removed notification sounds setting.
  • Fixed an issue where creating a member moderator with a visible badge could break the view
  • Fixed an issue with the AdminCP menu manager not displaying dropdowns in some situations.
Downloads
  • Fixed an issue where a large file description may not save if it is larger than 64kb.
  • Fixed the group wait time setting not showing the correct value.
  • Fixed an issue re-activating a purchased file if the original invoice or currency does not exist.
  • Removed the ability to submit new versions of files when the file itself has not yet been approved. This was unintended functionality and can cause issues.
Forums
  • Improved performance of hiding/unhiding/deleting topics.
  • Fixed an issue where not all forums could show when creating topic and post feed widgets.
  • Fixed an issue where archived posts aren't counted towards a member's total post count
Calendar
  • Fixed an issue where weekly recurring events with no end date could display one day off.
  • Fixed birthdays not showing on the initial Calendar view when only one calendar is present.
  • Fixed an issue where rare badges calculated with all members, and not just those permitted to use achievements.
Pages
  • Fixed an issue where the topic sync background task may get stuck in a loop.
  • Fixed an issue where category edit permissions would override the moderator edit permission.
Converters
  • Fixed an issue running a conversion on PHP 8.
  • Fixed an issue where long group username styles in Xenforo could cause a database error.
Gallery
  • Fixed an issue upgrading from a really old version of Gallery.
Commerce
  • Changed new PayPal subscriptions to not collect previous period charge on next cycle if the previous cycle failed.
  • Fixed a database error caused by long shipping service names.
  • Fixed an issue where the CVC/Address/ZIP checks were unavailable on Stripe payment intents in the AdminCP.
  • Fixed an issue where upgrading to a package with a longer initial term would not extend the expiry date.
  • Fixed an issue where deleting a product filter wouldn't delete all the language strings.
  • Fixed an issue where Google/Apple/Microsoft pay transactions would show a red 3DSecure error on transactions.
  • Fixed a PHP 8 specific issue that could cause an exception when viewing a product with reviews.
  • Fixed an issue where Stripe JS may be loaded more than once.
  • Fixed an issue where it was possible to receive multiple subscription free trials.

Changes affecting third-party developers and designers​

  • When building applications on Windows, Javascript/Themes imports will use \n line endings.
  • Fixed an issue editing hooks IN_DEV when using PHP 8.
Applications.jpg

Security

  • Increased the strength of the obfuscation hash appended to non-safe files and increased security on iFrame based embeds in posts.*
Core

  • Added support for Brightcove video embeds.
  • Improved MySQL efficiency when deleting members.
  • Set a default value for the search flood time when creating a member group.
  • Improved logging for errors returned by Elastic Search.
  • Added delete & merge logic for the logins log on member deletion and when 2 accounts are merged.
  • Fixed an issue when upgrading to 4.5.0 with duplicate keys when consolidating the referrer tables.
  • Fixed downloading files with non-latin character downloaded with corrupt characters in Edge and Chrome.
  • Fixed broken links in the our picks widget.
  • Fixed an issue where the Oauth1 Login Handler would use a not existing method to log any upcoming errors.
  • Fixed the rank title not displaying correctly in new rank notification emails.
  • Fixed an issue where it was not possible to alter file storage configurations in some circumstances.
  • Fixed an issue where achievements would show in a hovercard for a member in a group that has achievements disabled.
  • Fixed an issue where badge images could be uploaded with the same name, thus deleting one could delete many.
  • Fixed an issue where ranks show on the AdminCP member list when Achievements are disabled.
  • Fixed an issue where anonymous users may be cached in Who's Online blocks.
  • Fixed an issue where a reserved keyword is used (specific to MySQL 8.0.17/18)
  • Fixed an issue with Elastic Search not being able to index anonymous content.
  • Fixed incorrect timezone detection for users in Argentina.
  • Fixed an issue where the notifications page could throw an exception while trying to return notification data from plugins or not existing notification extensions.
  • Fixed inability to upload WebP images to Group Icons and Ranks/Badges.
  • Made a minor change to ensure the registration page is not cached by a web browser.
  • Expired warning points are now differentiated between active warning points in member profiles for improved clarity.
Pages

  • Fixed an issue when creating a record in the Admin CP and choosing another member as the author would not fire achievements for that author.
  • Fixed an error attempting to copy a topic to a database that is not on a page.
  • Fixed some missing language strings which would result in a failure while creating a review.
Forums

  • Fixed an issue where Topics would not refresh when selecting Forums in Fluid view.
  • Fixed malformed JSON-LD markup for archived topics.
  • Fixed an issue where parent was required but not marked required when updating a forum via REST API.
  • Fixed an issue where legacy deleted posts are not removed correctly when upgrading from Invision Community 3.x.
Downloads

  • Fixed an issue where copying a topic to a database would result in an IN_DEV CSRF key warning.
  • Set a default value for the 'Time user must wait before download starts' group setting while creating a member group.
  • Fixed an issue where a large file description may not save if it is larger than 64kb.
Converters

  • Added Invision Community converters for Downloads & Gallery.
  • Fixed some minor issues encountered during an Invision Community conversion.
Commerce

  • Fixed an issue where the Billing Agreements synchronisation task wouldn't check payments via PayPal Subscriptions API.
REST / OAuth

  • Fixed the members/follows POST endpoint which would return an error when trying to follow some content.
Calendar

  • Fixed an issue where copying a calendar event with a broken cover image would result in an exception.
* An independent security researcher, Simon Scannell, has reported this vulnerability to the SSD Secure Disclosure program
Top