- Project Manager
- Reputation: 51
- From: England, United Kingdom
- Registered: 15-04-2015
- Posts: 512
We've released the very first version of Aura. This release is an Alpha release, which is aimed at integrating Panther into Aura. Not much has changed visibly in this release, however, there have been large scale changes behind the scenes, some of which do have impacts which pass over to the viewable interface of the forum. This version is built on the now redundant Panther 1.1.3 base code, and has been refactored significantly. That code has now been taken off the website, and will be uploaded to our new GitHub repository here over the next few days.
We will be doing a complete revamp of the Aura website, and then focusing on releasing the next version. The current website is just totally outdated and this should give us enough time to find any bugs that exist (albeit very few hopefully, because this release has been tested for a very long time now). The next release will be a Beta release. This will contain a new Aura design for the forum, installer, converter and a whole redesigned user interface. It was deemed that this was too much to handle in a single release, which is why this is being staggered in this way. Any other bug fixes will also come under this version, and possible code enhancements, too.
The current release has major improvements to the old Panther codebase. This includes to areas such as security, general bug fixing as well as other more important features. One of the new features is a new 'styles.xml' file for the forum. In prior releases, even though we were using Twig as our templating engine, there were still very minor lines and snippets of HTML in various files that were just impossible to edit or put into templates. To solve this, we've included this file which holds all of the individual lines of HTML which are too small to be placed into templates. This is configurable on a per-style basis, and, adds much more flexibility to any user-created style.
We've also fixed a whole load of problems with the automatic forum updater, which just was not working correctly. I've rewritten the whole thing and tested it numerous times, and it works completely as intended now. There are two ways you can install updated to your forum through the forum itself. The first is through a new page on the forum to upload a release, and the second is by letting the updater do it for you.
We have majorly improved the 'users in this topic' feature. The old code was based off my FluxBB mod, which, looped through every post in a topic or forum to see if the user was viewing it. Needless to say, there could have been a lot of problems with this as more posts were added. The new system does not do this. Instead, it is literally a case of getting the information from the database and just displaying it which is much faster and more efficient.
We've changed the language types, too. Before, English was under the ISO en and there was no display name for this language pack. We now use real country codes such as en_GB for the United Kingdom, and language packs also contain a new file inside their folder called locale.txt. This file contains nothing but a display name for the language pack which is installed, so that it is very easy for users to identify with their chosen language. In the same example I provided above, the display name for the English language pack is now English, United Kingdom.
The other major change we've made in this release is in the extensions system. Before this was quite poorly developed, and while it did work, it was quite "messy" and "uncomfortable" at times. We've fixed all this now, and, I'm pleased to say the extensions system is far better than ever before. You can now use your own templates with extensions. You can also use your own language files, with multiple languages, as well as including your own external extension files to include, and plugins. There is no difference between what the plugin did then, and does now, in terms of functionality. But the main difference is that extension files can now install them so users do not need to hand-upload plugins anymore. From now on we are removing plugins as external files, and all plugins will be uploaded to the administrative interface as extensions, which will be responsible for installing/removing the plugin file.
I've attached a new plugin I've made which is an Avatar Gallery for the forum. Administrators can allow users to choose their avatars from a list configured by the forum Administrator, as well as the other options which are available. I've also attached the existing language packs for German and Persian, which were for the old version. Because there have been a few language pack changes since the last release (and unfortunately I don't speak either language LOL) I can't officially include them with this release. However I don't want to lose those language packs so have included them here for now, until such time as we can get them updated.
For your "hardcore" coders among us the full changelog is displayed below:
Increased length of CSRF token when installing the forum from 16 characters to 64
Slightly altered and optimised parts of the Panther Forum installer
Fixed problem with the headers messing with AJAX requests when an error occurs and is dealt with by the error handler
Prevented error handling from being sent in HTML if the CLI interface is using the forum and an error occurs
Fixed undefined variable 'posts' if a topic has no posts in (only possible caused by the user deleting posts through the database)
Added new hook for forum passwords if an entered password is invalid
Fixed incorrect attachments root path when installing the forum
Fixed problem when installing using a Windows server where the file path slashes being the incorrect way could cause problems
Fixed problem which prevented non-latin characters from being used in the 'Email name' of the board
Fixed mising 'register rules' language strings from the registration page
Installer now attempts to CHMOD config.php to 0644
An alert now appears on the admin dashboard if file permissions are greater than 0644
Added new locale system for languages to display a formatted language name when choosing from languages
Fixed problem where the default language is not selected on the registration page automatically
Fixed problem on register page where the language you have chosen is not selected again if errors are present in the registration form you have submitted
Fixed false-positive of administrator restrictions on the index showing that administrators were unrestricted even if they were - this was due to attempting to load the cache twice
Fixed problem with title 'Member' always being showed due to attempting to load the ranks cache twice in the fucntion get_title()
Fixed 20 missing templates from the 1.1.2 version of the forum
Fixed undefined variable when pruning users in admin/maintenance.php
Changed length of salt from forum passwords from 12 characters to 16
Added brute force protection when logging in to a forum using a forum password
Fixed a timing attack vulnerability when using forum passwords
Stopped passing $db as a parameter and used a global variable instead for the function check_queue() - this is easier until such time as the code can be rewritten to avoid this
Added support for multiple language directories
Renamed language directory from 'lang' to 'languages'
Changed language codes from two letters (e.g. en) to country codes (e.g. en_GB)
Fixed installer problem where the default style column receives a default value of the default language
Fixed installer problem where if a different language was selected other than the default language it would not appear as selected in the language selection dropdown
Optimised 'stopwords' cache generation by removing while loop and handling the actual generation of the data through the language handler
Removed redundant query in moderate.php and relied on caches instead
Stopped loading the cached forums on every page and now load them on-demand
Optimised and normalised database structure of forum moderators and added ability for entire user groups to moderate a forum
Prevented new members from being able to post links in subjects, post images and post links in messages in a default installation in order to help combat any spam on the forum
Added new user group option to check if a subject line contains a link and block posts containing links in subject lines
Forced all guests to answer robot verification tests when posting in a default installation (guest posting still remains turned off)
Stopped loading cached groups on every page and only loaded now on-demand
If a non-default language is selected during installation, this language is now pre-selected when setting up the first board administrator account
Added a new XML Parser using DomDocument - the XML Parser now parses XML files into arrays and arrays into XML files
Fixed problem where if a non-default language pack or style was selected during installation, the default language pack or style would still be installed as the default
Added default groups information, configuration, tasks, smilies & ranks to external XML files which are parsed and inserted into the database during the installation
Fixed undefined index for the user profile in extern.php when rewritten URLs are used
Optimised avatar generation
Added new 'config.xml' file for each style on the forum. The file allows style develpers to change never before editable HTML, such as hyperlinks. As a result, no html now exists in any php file on the forum
Fixed missing argument for generating cache when editing permissions
Fixed undefined variable 'topics' in moderate.php if a forum contained no topics
Optimised cache generation of emoticons
Renamed class 'language_handler' to 'lang'
Moved several classes into new 'include/classes' folder and now use spl_autoload_register() to avoid having to include the class into the script
Optimised & lightened email class script
Optimised usage of sending emails using the email class script
Fixed issue with 'delete' cache method missing off .php file extension
Fixed problem with the admin update page only showing when the update type was not set to 'do not download or install'
Renamed file admin/updates.php to admin/update.php
Fixed many issues with the automatic updater, and optimised it greatly
Fixed various issues & optimised various things with updating the user group of a user through the administration interface
Fixed various issues with deleting a user from the administration interface and optimised deletion process
Fixed problem with error handler where if headers had already been sent a different error would be shown regarding the headers opposed to the actual error causing the problem
Fixed problem with 'additional menu items' setting in the administration center, where no validation could crash the forum if an invalid input was entered
Fixed undefined variable '$this->now' when creating a new task
Fixed timing vulnerability when logging into the administartive interface (could only have been exploited by an already logged-in administrator anyway)
Greatly optimised storage of current user location on the forum
Optimised retrieval and displaying of current user location
Greatly optimised the 'current users in this forum/topic' feature by no longer collecting all posts from a forum in order to check where a user is and reduced code making it much more efficient and noticeably faster
Fixed an issue with the 'current users in this forum/topic' system where users from other topics or forums could inadvertedly be included within that list in very specific circumstances
Fixed an issue with the 'current users in this forum/topic' system where to some guests, users who were in the topic may not actually be shown as viewing that forum/topic, either or both in specific circumstances
Fixed issue with reputation abuse system altering the incorrect username, but correct profile link when reputation abuse is found
Added ability for forum administrators to completely customise date and time formats for the forum
Changed date formatting when a user is banned to include the full date & time, not just day of unban
Fixed problem with fetching a user title where for every call of the function get_title() if the ban list is empty, a new loop is used (left over from FluxBB)
Removed plugin file extensions in URL when loading plugins which limits plugins to only php files
Fixed error when dropping a database table
Added missing CSRF check when uninstalling an extension
Updated extensions system, significantly improved extension checking and added ability to install plugins & templates from extensions
Added hook into profile "personality" section
Added ability for extensions to add custom profile pages
Optimised generation of profile avatar links
chris [at] get-aura [dot] org