XenForo 1.1.4 Released

XenForo 1.1.4 is the fourth maintenance release in the 1.1 series. While it's primary purpose is to fix bugs, this release also includes some small feature improvements as well. These are detailed below.

Amongst the bug fixes, there are several minor security improvements:
  • Images are checked for certain content to ensure that the image does not contain code that could be executed with incorrect server configuration (such as in Nginx). Thanks to Chris Deeming for reporting this.
  • 1.1.4 now mitigates clickjacking attacks using X-Frame-Options. Thanks to Vikram Pawar (w4rl0ck_d0wn) for reporting this.
  • Server error logs now more aggressively filter out passwords before logging. Thanks to Slink for reporting this.
We recommend all customers upgrade to 1.1.4 to benefit from the increased stability and security improvements.

Feature Improvements

Some of the feature improvements in 1.1.4 include:
  • Stronger spam prevention
  • Ability to see if there are any registrations that need to be approved from the moderator bar
  • Spam cleaning a user will automatically close any pending reports for their content
  • Read only access to registration date and last activity on profiles in the admin CP
  • Item count support for navigation tabs
  • Additional admin-only links on the front-end profile page
Bug Fixes

Some of the bugs fixed for 1.1.4 include:
  • No more blank pages when rebuilding templates
  • Improved PHP 5.4/5.5 compatibility
  • User group changes can be orphaned, leading to situations where automatic group changes fail
  • CSS arrows do not display nicely in Firefox in some situations
  • Added phrases used by the rating template
  • Incorrect/inconsistent CSS parsing for style properties
  • Improved handling of unknown CSS constructs for style properties
  • User confirmation records not pruned
  • Adjusted the Skype custom field to support Windows Live addresses (since they merged)
  • Conversation recipient_counts being changed in incorrect scenarios
  • Improved HTML parsing in RSS feed imports
  • Improved performance in calculating banned/discouraged IPs
  • Spam cleaner did not work correctly when used multiple times without reloading
  • Spam cleaner did not delete soft deleted posts
  • Performance improvements updating thread/attachment view counts
  • Improved performance when loading the style property editor
  • Required profile fields may be able to be skipped on registration
See the Resolved Bug Reports forum for the full list.

All licensed customers may now download XenForo 1.1.4 from the customer area.

More Stable

This release of XenForo 1.1.4 follows our principle that third-point (x.x.X) releases should always be more stable than the preceding version, so for the most part you will not find new features in 1.1.4. Major new features will be reserved for second point versions (x.X.x).

Installation and Upgrade Instructions

Full details for how to install and upgrade XenForo can be found in the XenForo Manual.
Templates Changed Since 1.1.3

The following templates have been modified since their release in XenForo 1.1.3.

The register_form template change is very important. If you do not apply the necessary changes, registration may not be possible!

The following changes provide functional improvements and fixes or cosmetic enhancements. We recommend that all users integrate these changes into their own templates if they have previously customized them by using the 'revert' controls. If you have not customized these templates, the changes will be automatically integrated when you upgrade to 1.1.4:

Structure of checkboxes changed to reflect how the code is implemented.​

Added overflow: hidden to the thumb.​

Check that $attachment has a value before using it (PHP 5.4+ fix).​

Remove the margin-right from nested BB code blocks.​

Add the primary content background to full size BB code images.​

Only show the user title if the recipient still exists.​

editor_dialog_code, editor_dialog_image, editor_dialog_link, editor_dialog_media
Adjust the order of the buttons to correct the display on IE8.​

Remove the padding removal from events.​

Add the footer_after_copyright template hook.​

Add an open graph type.​

Add open graph tags and minor tweaks.​

Use direct descendant selectors in the CSS as it matched too often before.​

Add help_index_extra template hook.​

Use the sentence-case "watch this thread" phrase.​

White-space: nowrap the individual links.​

Adjust the open graph tags and add additional admin-only links.​

Add a max length to the custom warning input.​

Add the message_below template hook.​

Add Firefox-specific border color CSS to workaround a bug in Firefox.​

Only show some user information if the message was posted by a registered member.​

Add "users awaiting approval".​

Add itemCount support to tabs, add classes to target specific tab links, nofollow the what's new link.​

Remove the accesskey from the status update submit form; it was being triggered when it shouldn't have been. Add a class to the logout link.​

Add missing params to the node_forum_level_2_before_lastpost template hook.​

Clean up an incorrect reference to $forum and adjust the title/description HTML.​

Add support for $ogType and $ogExtraHtml.​

Require message_simple.css​

The wrapping <ol> now has the messageSimple class.​

Tweaks to linkGroup CSS.​

Add support for the registration timer and add the reg_key input.​

Nofollow the recent threads link and change the offset on the advanced search button tooltip.​

Support "find older messages" on content-specific searches for a user.​

Ensure that editing a thread using inline controls is a JS only link.​

Add the thread_view_tools_links tab.​

Add text-size-adjust CSS, change the importantMessage CSS to not require a specific tag, add floatLeft/floatRight classes (to ensure correct changes are made for RTL).​

Remove any margin from form overlays.​
Top Bottom