· This release contains three important security enhancements.
· This release contains important security enhancements, so be sure to upgrade as soon as possible to keep your network safe.
· A white list for ajax actions. Developers, it is important that you use elgg_register_ajax_view() to register a view as being available for ajax.
· Group-specific search on a group's profile page
· Support for Etag headers for icons, JavaScript, and CSS files.
· Deprecation notices are now limited to admin users
· A server information page that makes it easier to figure out what version of PHP you are running and where PHP logging is located.
· Creation of default widgets when users register.
· Insertion of a very small thumbnail by the embed plugin.
· Missing links to site pages in the footer.
· Incorrect activity filtering.
· URL creation involving usernames with non-ASCII characters.
· User picker display raw HTML rather than a list of users.
· 197 tickets were closed between 1.8.0 and this release.
Enhancements:
· New group activity widget for user dashboard.
· Added more sprites.
· version.php information cached instead of loaded 100s of times.
· Added class elgg-autofocus to add focus on inputs when the page loads.
· Admins can edit user avatars again.
· Added a filter for non-bundled plugins in plugin admin.
· Improvements to admin area theme.
Bug fixes:
· Fixed site dropdown menu for IE.
· ElggEntity->deleteMetadata() no longer deletes all metadata ever if called on an unsaved entity.
· Fixed Embed plugin.
· Fixed river entries for forum posts that were lost if upgrading from 1.7.
· Fixed avatar cropping on IE 7.
· Bookmarks plugin accepts URLs with dashes.
· Menu links no longer have empty titles and confirm attributes.
· An easier, more robust installation. The installation is now simpler and provides more guidance throughout the installation process. It also checks for common server misconfigurations and other problems new users often encounter, offering suggestions on how to correct them.
· A new, more consistent default theme. The new theme is easier to use, standards compliant, and easier to customize. UI element patterns have been consolidated to ensure that the UI is consistent across the site and plugins.
· A redesigned administration section. The administration section has been redesigned from the ground up with usability in mind. Further, the admin theme has been separated from the site default theme, so problematic plugins should no longer break the admin area.
· Sticky forms and renewing security tokens. No longer will forms lose data because of expired security tokens. Also, if there's a problem while saving, the form's content will not be lost and will be displayed for the user to try saving again if the developer uses sticky forms.
· Filtering by content works again in the activity stream.
· Dragging works in IE 9 for profile widgets.
· Numerous UI bugfixes.
· Numerous admin area and plugin management improvements.
· Developer's plugin improvements.
· Numerous PHP Warnings corrected.
· Language string corrections and additions.
· Deprecated function use removed.
· Code cleanup.
· Dashboard is now a plugin.
· Embed plugin now works.
· Improvements to river views.
· Improvements to the menu system.
· Additional documentation added.
· Fixed problems some users experienced when upgrading from 1.7.X to 1.8.0.
Enhancements:
· Banned users are more apparent in user lists and profiles.
Bug fixes:
· TinyMCE: Using Elgg's default font to prevent small font sizes.
· Files: Optimizations to allow uploading and downloading larger files.
· Fixed bugs preventing users from adding and removing friends in Friends Collections.
· $CONFIG->lastcache is correctly set for pages that regenerate the cache.
API changes:
· Added can_edit_access_collection().
· Access collection functions no longer check permissions. Do this in actions instead.
· Admins can delete Pages again.
· TinyMCE upgraded to 3.4.2 to fix IE support.
· Autocomplete input works correctly.
· Fixed Message Board "all" posts.
· Fixed deleting internal messages on some non-English sites.
· Better feedback if an error occurs when saving widgets.
· Messages from deleted users no longer show the recipient's avatar.
· HTTPS logins on fully HTTPS sites work correctly.
· A new, more intuitive default theme.
· A redesigned admin area to help you more easily manage your network and users.
· Simpler HTML and CSS frameworks. This mean Elgg themers' lives just got easier!
· Better caching and easier inclusion of external CSS and JS.
· A new elgg.js object that allows quick and easy ajax integration, i18n, automatic security token renewal, and other advanced features.
· A new, more robust menu system.
· A new forms system including sticky forms to prevent content loss.
· More advanced plugin management features for developers.
Security Enhancements:
· Properly encoding search queries.
Bug Fixes:
· Blogs - Fixed disappearing blog draft issue.
· Groups - Editing a topic from discussion list page works now.
· Search - Group names used in titles.
· InviteFriends - Invitation link no longer shows up when logged out.
· Messages - Denormalized the message calculation for better performance.
· Sorting by time_created in relationship functions supported.
· Metadata and annotation names can now be updated.
· Fixed error with deleting a user with disabled entities.
· Removed unnecessary executable permissions on a number of files.
Security Enhancements:
· Only admins can view the unvalidated users page.
Bugfixes:
· Fixed deprecation notices for locales that use comma as radix point.
· Groups - Files can be completely disabled per group.
· Pages - Deleting and creating subpages is restricted to owner or group member.
· Groups - group icons deleted when group is deleted.
· Pagination will not display when all content id displayed.
· Fixed issue with get_context() when trailing slash is missing.
API Changes:
· Added $CONFIG->action_token_timeout.
· Added callback option to elgg_get_entities().
Find us on Google+
