XenForo 2.2.13 Released
XenForo 2.2.13 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.In addition to the fixes listed below, we have a few other aces up our sleeves this time around.
Full iOS PWA compatibility with push notification support
iOS 16.4 finally introduced push notifications for iOS devices. To facilitate this, your members need to install your site as a PWA (by utilising the Add to Home Screen feature in Safari). XenForo 2.2.13 now satisfies all of the prerequisites for this to support push notifications which can be enabled by your members once they log in through the PWA and enable push notifications in their Preferences.The PWA (progressive web app) has now been enhanced with additional gesture based or UI controls, including pull down to refresh and a floating back button.
Structured data metadata improvements
With many thanks to Ryan Levering from Google we have made a number of improvements to structured data metadata. Structured data enriches the pages we output with additional information which enables Google and other search engines to better understand the structure of the information that is rendered. This helps Google provide rich search results and helps provide additional context to users who may find your content during their Google searches.Support for OAuth authentication for Microsoft 365 business email accounts
Microsoft has deprecated the ability to send emails over SMTP using traditional username/password authentication. This is similar to what Google did a while ago. In light of this we have now added an additional option when setting up either your email transport or automated mail handlers (automated unsubscribe/bounce handling) which will enable you to authenticate with OAuth.Note: The set up for this is fairly complex, requiring you to set up an Azure Active Directory application within the Azure developer portal. There is a link to the documentation when setting this up.
One-click upgrade to XenForo 2.2.13
Directly from your admin control panelIf you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.2.13 include:
- Adjust several cookie third party identifiers
- Fix simple cookie notice flash for guests
- Update thread creation latest activity items when merging threads
- Add null checks when we're inspecting the result of the getPhraseGroup method of the Phrase entity.
- Add context to node permission list with node type icons.
- Don't attempt to access
getCookieThirdParties
on payment providers which may no longer exist. - Update enable push option to reflect better browser support.
- Check search permissions when displaying the 'Your content' link in the visitor menu
- Restore "notes" phrase that was inadvertently deleted in the previous release
- Avoid leaking the email address linked to an account that is using email two-step verification
- Don't show the view more link on a member's recent content page for users who have no permissions to search
- Ensure wrapper display HTML value has whitespace trimmed
- Properly set custom titles when batch updating users
- When adding/editing nodes, the description for the URL portion field now refers to nodes rather than forums
- Fix a typo in the cookie_consent.cookie_description_dbWriteForced phrase
- Replace MaxCDN with jsDelivr as the CDN for Twemojis
- Ensure emojis are properly displayed in the chosen style
- More consistently set content key across different content types
- Fix error thrown when xf_consent cookie has an invalid value
- Escape backslashes when escaping SQL like clauses
- Do not prepare member stat results prior to caching
- Fix some entity collection return type hints
- Clamp input filterer float values
- Attempt to prevent browsers from autofilling credentials in the find member widget
- Rebuild permissions in batches to limit memory usage
- Display an error when an invalid URL is used to test URL unfurling
- Display content vote scores in LTR orientation
- Make stream closing attempts more robust when working with abstract files
- Fix type hint in Oembed subcontainer
- Gracefully handle Redis mget failures
- Only display flash message once when tags are edited
- Fix max length attribute of custom warning title input
- Perform validation on email address options
- Allow restricting forum RSS results by prefix IDs
- Do not attempt to decrement alert counters when a new alert is inserted
- Fix behavior of falsy code event listener hints
- Perform validation on error reply values
- Always include search query arguments when building search links
- Retain previous selection when changing poll votes
- Improve notice controller/action criteria validation
- Include support for embedding YouTube Live URLs
- Check thread visibility before redirecting for invalid post links
- Improve user IP lookup query performance
- Make user entity timezone verification more robust
- Remove dead code from vBulletin 5 authentication handler
- currencyFormat was changed to allow figures with no decimals to show without decimal places, but to show the decimals if any were present. In doing so, we managed to kill the ability to specify the number of decimals. Oopsie. So now you can do that again, and you can also now specify
-1
precision in order to prevent number_format from limiting or artificially extending the decimal places at all. - Update the intl-tl-input JS library
- Fix CSS border radius shifting for RTL styling
- Increase entropy of temporary directory name generation to reduce the likelihood of race conditions
- Improve performance of \XF\Extension::resolveExtendedClassToRoot using an inverse lookup table
- Correctly replace urlencoded CSRF token values before returning cached pages to fix an issue with Advanced cookie management.
- Ensure that unsubscribing from emails also unsubscribes the user from activity summary emails
- Support embedding YouTube videos from youtube-nocookie.com
- Fix incorrect type hints in prefix and prompt group entities
The following public templates have had changes:
- PAGE_CONTAINER
- account_confirm_resend
- account_connected_associate
- account_details
- account_email
- account_request_password
- account_two_step_authy_config
- account_visitor_menu
- app_body.less
- app_content_vote.less
- approval_item_user
- approval_queue_macros
- connected_account_macros
- contact_form
- content_vote_macros
- core.less
- core_button.less
- core_list.less
- custom_fields_macros
- editor_base.less
- email_stop_confirm
- google_analytics
- helper_js_global
- lost_password_confirm
- member_about
- member_recent_content
- member_view
- member_warn
- message_macros
- notice_confirm_email
- notice_email_bounce
- poll_macros
- post_macros
- post_question_macros
- register_confirm
- register_connected_account
- security_lock_resend
- security_lock_reset
- spam_cleaner
- tag_macros
- tel_box.less
- two_step_email
- widget_find_member
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.