XenForo 1.1.4 Released

XenForo 1.1.4 is the fourth maintenance release in the 1.1 series. While it's primary purpose is to fix bugs, this release also includes some small feature improvements as well. These are detailed below.

Amongst the bug fixes, there are several minor security improvements:
  • Images are checked for certain content to ensure that the image does not contain code that could be executed with incorrect server configuration (such as in Nginx). Thanks to Chris Deeming for reporting this.
  • 1.1.4 now mitigates clickjacking attacks using X-Frame-Options. Thanks to Vikram Pawar (w4rl0ck_d0wn) for reporting this.
  • Server error logs now more aggressively filter out passwords before logging. Thanks to Slink for reporting this.
We recommend all customers upgrade to 1.1.4 to benefit from the increased stability and security improvements.

Feature Improvements

Some of the feature improvements in 1.1.4 include:
  • Stronger spam prevention
  • Ability to see if there are any registrations that need to be approved from the moderator bar
  • Spam cleaning a user will automatically close any pending reports for their content
  • Read only access to registration date and last activity on profiles in the admin CP
  • Item count support for navigation tabs
  • Additional admin-only links on the front-end profile page
Bug Fixes

Some of the bugs fixed for 1.1.4 include:
  • No more blank pages when rebuilding templates
  • Improved PHP 5.4/5.5 compatibility
  • User group changes can be orphaned, leading to situations where automatic group changes fail
  • CSS arrows do not display nicely in Firefox in some situations
  • Added phrases used by the rating template
  • Incorrect/inconsistent CSS parsing for style properties
  • Improved handling of unknown CSS constructs for style properties
  • User confirmation records not pruned
  • Adjusted the Skype custom field to support Windows Live addresses (since they merged)
  • Conversation recipient_counts being changed in incorrect scenarios
  • Improved HTML parsing in RSS feed imports
  • Improved performance in calculating banned/discouraged IPs
  • Spam cleaner did not work correctly when used multiple times without reloading
  • Spam cleaner did not delete soft deleted posts
  • Performance improvements updating thread/attachment view counts
  • Improved performance when loading the style property editor
  • Required profile fields may be able to be skipped on registration
See the Resolved Bug Reports forum for the full list.

All licensed customers may now download XenForo 1.1.4 from the customer area.


More Stable

This release of XenForo 1.1.4 follows our principle that third-point (x.x.X) releases should always be more stable than the preceding version, so for the most part you will not find new features in 1.1.4. Major new features will be reserved for second point versions (x.X.x).

Installation and Upgrade Instructions

Full details for how to install and upgrade XenForo can be found in the XenForo Manual.
 
Templates Changed Since 1.1.3

The following templates have been modified since their release in XenForo 1.1.3.

The register_form template change is very important. If you do not apply the necessary changes, registration may not be possible!

The following changes provide functional improvements and fixes or cosmetic enhancements. We recommend that all users integrate these changes into their own templates if they have previously customized them by using the 'revert' controls. If you have not customized these templates, the changes will be automatically integrated when you upgrade to 1.1.4:

account_privacy_dob
Structure of checkboxes changed to reflect how the code is implemented.​

attached_files.css
Added overflow: hidden to the thumb.​

attachment_editor_attachment
Check that $attachment has a value before using it (PHP 5.4+ fix).​

bb_code.css
Remove the margin-right from nested BB code blocks.​

bb_code_base.css
Add the primary content background to full size BB code images.​

conversation_recipients
Only show the user title if the recipient still exists.​

editor_dialog_code, editor_dialog_image, editor_dialog_link, editor_dialog_media
Adjust the order of the buttons to correct the display on IE8.​

events.css
Remove the padding removal from events.​

footer
Add the footer_after_copyright template hook.​

forum_list
Add an open graph type.​

forum_view
Add open graph tags and minor tweaks.​

help_bb_codes.css
Use direct descendant selectors in the CSS as it matched too often before.​

help_index
Add help_index_extra template hook.​

helper_thread_watch_input
Use the sentence-case "watch this thread" phrase.​

member_card.css
White-space: nowrap the individual links.​

member_view
Adjust the open graph tags and add additional admin-only links.​

member_warn
Add a max length to the custom warning input.​

message
Add the message_below template hook.​

message_user_info.css
Add Firefox-specific border color CSS to workaround a bug in Firefox.​

message_user_info
Only show some user information if the message was posted by a registered member.​

moderator_bar
Add "users awaiting approval".​

navigation
Add itemCount support to tabs, add classes to target specific tab links, nofollow the what's new link.​

navigation_visitor_tab
Remove the accesskey from the status update submit form; it was being triggered when it shouldn't have been. Add a class to the logout link.​

node_forum_level_2
Add missing params to the node_forum_level_2_before_lastpost template hook.​

node_page_level_2
Clean up an incorrect reference to $forum and adjust the title/description HTML.​

open_graph_meta
Add support for $ogType and $ogExtraHtml.​

profile_post_comment
Require message_simple.css​

profile_post_comments
The wrapping <ol> now has the messageSimple class.​

public.css
Tweaks to linkGroup CSS.​

register_form
Add support for the registration timer and add the reg_key input.​

search_bar
Nofollow the recent threads link and change the offset on the advanced search button tooltip.​

search_results
Support "find older messages" on content-specific searches for a user.​

thread_list_item
Ensure that editing a thread using inline controls is a JS only link.​

thread_view
Add the thread_view_tools_links tab.​

xenforo.css
Add text-size-adjust CSS, change the importantMessage CSS to not require a specific tag, add floatLeft/floatRight classes (to ensure correct changes are made for RTL).​

xenforo_overlay.css
Remove any margin from form overlays.​
 
Back
Top Bottom