[DBTech] DragonByte Security 5.0.0

Update highlights​

This version is now considered stable. No issues were discovered during the testing phase.

Complete Change Log​

Version bump

Update highlights​

!!!This version requires PHP 8.0+!!!

This version mainly introduces compatibility with XenForo 2.3. The add-on has been fully updated, meaning no compatibility layers such as loading jQuery or other such patches are required for this add-on.

One important thing to mention; The WebAuthn integration has been removed, since this is now natively supported in XenForo 2.3.

Furthermore, a few reported bugs since the release of the last version for XenForo 2.2 have also been resolved.

Complete Change Log​

Change: Reduced query count due to new XenForo 2.3 functionality
Change: Remove WebAuthn support (natively supported in XF 2.3)
Change: Update entity references to use class-string
Change: Updated macros to XF 2.3 format
Change: Updated fingerprinting library to a newer version
Change: Updated password rules functionality to XF 2.3
Change: Replace various references with class-string<T> equivalents
Change: Update code for PHP 8.0
Change: Add compatibility with new XenForo 2.3 Beta 6 feature
Change: Remove "XenForo" from copyright footer
Change: Necessary changes for the new XenForo 2.3 coding style
Change: Automatically clean up files on upgrade
Fix: Fixed template modifications
Fix: Fix inconsistent confirmUrl behaviour with deletion
Fix: Fix missing content type phrases
Fix: Improve performance of Security Session table lookup

Update highlights

!!!This version requires PHP 7.4+!!!

This version improves the display shown to users when reviewing their login sessions, as the user agent is now parsed to display more human-readable information such as browser/version and operating system.

There is also new options to exclude users with Two-Factor Authentication enabled when performing batch user update actions from DB Security.

This version also refactors some backend code and fixes a compatibility issue with PHP 8.2 / 8.4.


Complete Change Log

Feature: Improved session information display, now parses browser and OS
Feature: Optionally exclude TFA-enabled users from batch update actions
Change: Refactored backend code
Change: Bump minimum PHP version to 7.4 and recommended version to 8.2
Change: Update dependencies to the latest version(s)
Fix: User agent is now updated for login sessions
Fix: Bad Behavior would run on PHP versions newer than it supports
Fix: Fix PHP 8.2 compatibility issues
Fix: Fix PHP 8.4 compatibility issue

Update highlights

This version fixes an issue where certain custom entries in the config.php file would produce a server error if the "Config Tamper" security watcher was enabled.


Complete Change Log

Fix: Fix Config Tamper watcher producing a server error when running on XenForo Cloud / with certain config.php additions

Update highlights

This version fixes an issue where an old, unused block of code could be used to delete other users' "Remember Me" records.


Complete Change Log

Fix: Fixed an issue where it was possible to delete other users' "Remember Me" records

Update highlights

This version fixes an issue where a server setup using replication could experience performance degradation on a guest's first visit.

Furthermore, an issue where the BadBehavior integration could cause a server error has been addressed.


Complete Change Log

Change: Improve compatibility with databases setup for replication
Fix: Fix "Constant BB2_CORE already defined" error in the Bad Behavior logs

Update highlights

This version changes some internal functions to no longer rely on deprecated XenForo functions, and fixes a server error that could occur with certain maliciously crafted URLs.


Complete Change Log

Change: Change UTF-8 related functions
Fix: Certain URLs could cause a server error in dispatcherPostRender

Update highlights

This version fixes an issue with "Always show CAPTCHA when logging in to: front-end" option if the login form was loaded via AJAX (i.e. in an overlay).


Complete Change Log

Fix: The "Always show CAPTCHA when logging in to: front-end" option would not function correctly if the login form was loaded via AJAX

Update highlights

This version fixes an issue wherein modifying the "Master Style", such as while upgrading add-ons, would attempt to send invalid emails when the "Email webmaster on template changes" option is turned on.

"Master Style" changes are no longer subject to email notifications.


Complete Change Log

Fix: Fix potential server error while upgrading other add-ons

Update highlights

This version fixes a couple of issues with the new Login Captcha feature, as well as an issue with the new Security Lock feature in XenForo 2.2.


Complete Change Log

Fix: "You must be logged in to do that" pages did not have captcha properly applied on first load
Fix: Fix incompatibility with 3rd party add-ons that also extend certain View classes
Fix: Using the new XF2 security locking feature in a Security Watcher could fail to apply the lock in certain scenarios