miniBB ® 

miniBB

®
Support Forums
  
 | Start | Register | Search | Statistics | File Bank | Manual |
News miniBB Support Forums / News /  
 

miniBB 3.0.2 released

 
Author Paul
Lead Developer 
#1 | Posted: 22 May 2013 12:30 
The release provides some post-fixes and issues discovered after upgrading older versions of miniBB to 3.0.1. Some of them include just the default layout changes, which are not mandatory to update for existing forum owners. There are, however, some significant improvements regarding location redirection (Refresh vs. Location option), Right-To-Left Override character fix (so called "profanity issue"), and a little Statistics page fix.

Most important are the following fixes and additions:

- 'rheader' option is not a mandatory one, and it could basically have just 2 values: 'Location:' and 'Refresh:0;url=', which are used in 'header' function of PHP. In the ancient times, Refresh was introduced in miniBB to support IIS servers, which do not work with Location. However this may appear as the out-of-standards approach, thus sometimes Refresh may be disabled on some "extremely" valid Linux servers, and Location may work relatively faster. In the current version, it's possible to specify it on the optional level. If $rheader option is not set (under setup_options.php), "Location:" is used by default and embedded in index.php (this works in most cases).

- "Profanity issue" of miniBB - by now, you may Google it and find a related thread, posted by '3vilp4wn'; not sure if it will live forever, but anyway, this is a place where the investigation of this problem has been started from, not mentioning miniBB demo forums, where we were having a related thread. The problem was the following: if you type & # 8238; ("Right-To-Left Override" symbol, all chars together with no spaces), it will put the whole text reversed, which could lead to security bugs. It worked in miniBB like any other Unicode character in HTML. This is done intentionally to provide possibility to post some characters which may be not present in ISO encoding. In the current version, miniBB will try to cut off this symbol from the posted messages.

There is an interesting story about this issue, as it appears quite fresh to all developers. At the moment of my investigation, it even bugged Google, i.e. if you would type '& # 8238;' with no spaces in the Google search field just couple of days ago, it would put the search phrase in reverse with an interesting effect on the screen; this issue has been fixed on Google just recently, they were abnormally quick on this update :)

As 3vilp4wn reported me, he discovered this issue by accident when he was looking at this xkcd comic:

U+202e - profanity issue comic by xkcd

If you want more infos, you can contact 3vilp4wn directly: ENH [AT] lavabit [DOT] com .


This would be all at the moment.
As usually, you will find the history of changed files under Updating History package of miniBB.

Feel free to download the updated miniBB, and upgrade today!

Author Prince
Partaker
#2 | Posted: 22 May 2013 18:12 
Thanks Paul for updating miniBB, keeping it safe and secure!

Do we need to change templates also or just php files?

Author Paul
Lead Developer 
#3 | Posted: 22 May 2013 18:33 
Check in Updating History -> in below of the !UPDATE.txt file and you will find the answer.
Not only for this version, but for any other :)

Actually, only .php files are needed to update for this small intermediate release.

Author Prince
Partaker
#4 | Posted: 22 May 2013 18:46 
Thanks! :)

Author Paul
Lead Developer 
#5 | Posted: 23 May 2013 11:07 
Sorry to everybody who downloaded the update yesterday - it seems the black mouse eaten some string in the update file,
there should be mentioned bb_func_txt.php to update for 'customized_conversion' function and profanity issue.

Please update this file as well amongst others mentioned.

News miniBB Support Forums / News /
 miniBB 3.0.2 released
 Share Topic's Link

Your Reply Click this icon to move up to the quoted message


  ?
Post as a Guest, leaving the Password field blank. You could also enter a Guest name, if it's not taken by a member yet. Sign-in and post at once, or just sign-in, bypassing the message's text.


Before posting, make sure your message is compliant with forum rules; otherwise it could be locked or removed with no explanation.

 

 
miniBB Support Forums Powered by Forum Software miniBB ® Home  Features  Requirements  Demo  Download  Showcase  Gallery of Arts
Compiler  Premium Extensions  Premium Support  License  Contact Us
Install the Captcha add-on: protect your miniBB-forums from the automated spam and flood.


  ⇑