Yesterday he committed a major batch of new features to our code repository on GitHub, and I thought that it was significant enough to make it a special news!
This is the summary from Richard:
Conversion of kernel classes to Doctrine DBAL
The conversion required lengthy testing, and a variety of other changes that cover the same space have been included:
- User passwords hashes now use bcrypt ("blowfish") for increased security - Module update process now automatically performs schema updates - Patchwork UTF-8 libraries added to implement a "Unicode all the way" approach - SQL prepared statements and bound parameters implemented in core classes - Unified preloads/preload.php file now used reducing the number of files involved - Several improvements for some debugging tools
Note: running composer update is required for these changes as several packages were added and/or updated. (see this info to learn more about Composer, and how to install it. There is also this good article here)
Commit Summary - Add cURL to the recommended php extension list - Doctrine conversions, and Bcrypt ("Blowfish") password encryption. - Schema conversions comments and images modules - Fix a few inssues introduced in doctrine conversion - Implement a unified preload file in some modules - Allow absolute urls in button links - Add RotatingFileHandler option for logs versioned by date - Doctrine conversion missed earlier - Declare classes as abstract - More unified preload file changes - Start conversion of kernel classes to namespaces - A few module updates for recent namespace changes - A few fixes for issues found in testing of recent changes - Convert userconfigs to module from extension - Add caller info to deprecated message - Add transaction to add and update. Fix pass by ref error. - Fix incorrect grouping of some where clauses. - Move userconfigs from extension to module list - Fix namespace issues - Fix an odd expression case involving a null 'IN' clause. - Add schema synchronize step to module update process - Fix issues introduced in recent conversion. - Add Patchwork UTF-8 support - Update for PHP 5.5 compatibility
XOOPS Innovation Award - for people who create something very unique and innovative for XOOPS. This time the award goes to Charly Cobben (chco2) from Netherlands for his work on the QRCode and CuErPa modules.
XOOPSer of the Month Award: is given to XOOPS members who show extraordinary dedication to XOOPS, and go the extra mile for XOOPS. This month, it goes to Rodney Fulk (redheadedrod) from USA, for his work on MySQLi Connectors for Xoops 2.5.6 and 2.6 and continues support of our users on the XOOPS Forums.
This security patch fixes some potential XSS issues discovered by Mehdi Dadkhah and fixed by Richard Griffith.
While 2.5.6 Websites that have currently installed Protector are safe from this XSS vulnerability, we recommend strongly to apply this patch to ALL XOOPS 2.5.6 Websites.
It is not enough to stress that you should ALWAYS have Protector installed!!!
How to Apply the Patch: -------------------------- Just copy ALL the files from /htdocs folder in this Zip file to your XOOPS Website. No other action is needed.
============================================== For users of XOOPS Versions older than 2.5.6 ==============================================
Please update AS SOON AS POSSIBLE to XOOPS 2.5.6. As always, the current versions are always the most stable and safest, i.e. older versions might be open to vulnerabilities that has been already fixed in the current version.
As of today, all XOOPS 2.5.6 versions available for download have been all patched.
Building up on the awesome work on XOOPS 2.6.0 by Trabis, ForMuss , Mage and Dugris, Richard just did some major redesign of our Debugging/Logging system, making XOOPS the CMS with probably the best debugging/logging capabilities in the world! Something what all serious developers will truly appreciate!
- Our new logging mechanism in Core is now PSR-3 compliant, which currently only very, very few projects can claim!!!
- he has replaced our outdated Debug view with the awesome PhpDebugBar module, that will provide our developers with tons of useful information.
As you can see above, our new PhpDebugBar is actually a "PhpDebugBar on steroids" because it merges it with information that XOOPS provides. So now we'll have the same information as the old Debug, but much, much more, incl. Smarty info and the cool timeline! Check out the original PhpDebugBar to see the original limited version of the PhpDebugeBar, but if you want to see what Richard did, you need to download XOOPS 2.6.0
- we've converted our Legacy Logger to the new logging system
- and we've included Monolog module for professional logging capabilities!
- and Richard is almost done with reworking of Trabis' XMF (XOOPS Module Framework). We plan to use XMF as a migration tool for existing XOOPS modules. Once converted to XMF, the current modules should be able to run on XOOPS 2.6.x, with no or only very minimal modifications, which will keep with our tradition of easy migration for our users.
Oh, did we mentioned that we're already using PHP Composer and that in the future we'll be also fully utilizing Packagist?
Another work that we're doing is to have the whole XOOPS Core tested using PHPUnit. Alain91 from France, who is leading this effort, has written already majority of tests, and we also have already set up a dedicated website with Jenkins. This is still in a testing phase, but once we go live with it, all submitted Core code will have to go through Jenkins to be accepted into the central repository.
And Richard and his team are just warming up
So expect more cool things coming soon!
But why wait? Just join the XOOPS Development Team and start contributing to XOOPS, either in the Core area or in the Module Development area, or both!
We are pleased to announce that Ricardo Costa (Trabis) from Portugal and Nicolas Andricq (ForMuss) from France, have been inducted into the XOOPS Hall of Fame
XOOPS Hall of Fame has been created to recognize people who provided in the past extraordinary support and dedication for XOOPS, and helped to move XOOPS forward. It is just a small token of appreciation for all the hours they've spent on making XOOPS what it is today - one of the world's finest Web CMS solutions around!
Ricardo Costa (Trabis) - the Lead Developer of the XOOPS 2.4.x series and XOOPS 2.6.0. He also developed and updated countless modules. He is one of the finest and most pleasant developers to work with, respected and beloved by the whole XOOPS Community.
While due to new jobs and family responsibilities they had to scale down their XOOPS involvement, we hope that once their lives become less hectic, they'll be able to contribute again to XOOPS!
Please join us in thanking them for all the hard work, their support and dedication to XOOPS!!!!
Today we (Designburo.nl) release a beta version of the CuErPa module for XOOPS. This module allows the creation of Custom Error Pages for within your website.
This can be very handy in case e.g. a visitor enters your website using an url that does not exist. Normally they would get a File not found error, now they will be forwarded to an Url you can set using CuErPa (CustomErrorPages).
Please give it a try and lets us know if you find anything we need to address before we take it our of Beta. Version 1 will also include a set of error pages and a quick setup button.