15.10.1 (2015-11-27) - Bug 1514608: MySQL deadlock issues with simultaneous users - Bug 1340151: Consider a different approach to libxml_disable_entity_loader(true) in init.php - Bug 1510421: Better support for 3rd party blocktype icons in Mahara 15.10+ - Bug 1467255: When displayed the search box trunks the help text in it - Bug 1468137: Change default dummy Behat PW - Bug 1490569: Sort submitted pages "Most recently submitted" doesn't work - Bug 1496681: Login box lang strings don't change when language is switched - Bug 1506274: The list in "Shared with me" shows different results when using pagination - Bug 1506685: Long lines of text in a text block will overflow across block columns - Bug 1507777: Secondary email addresses aren't searched on in "User search" in admin area - Bug 1509605: Masquerading info bar not visible on small screens - Bug 1509606: Menu bar not fully visible in Default theme with skin on page - Bug 1509874: Incorrectly truncated message in "inbox" block - Bug 1511194: TinyMCE image selector is not working in 15.10 - Bug 1511536: Deleting blocks from page fails in some cases in 15.10 - Bug 1512528: Only 10 names / groups loaded on "Shared by me" - Bug 1512897: Embedded image in "Profile information" block's per-block introduction field, doesn't show after page is shared - Bug 1512901: Share with page not showing correct information - Bug 1513265: Modal failure on find friends page 15.10 - Bug 1513305: Anonymous comment author names not displaying in 15.10.0 - Bug 1513306: "Share page" link doesn't work from pages in collections - Bug 1513611: Problem with artefactchooser and dwoo template - Bug 1514272: Doing user search with 'email' option on breaks search - Bug 1514374: "Groups -> Members" page shows only first 10 group members - Bug 1514718: help icons don't work in modal windows - Bug 1514799: Theme switches to default on creating an institution - Bug 1515389: Collapsed edit page toolbar squashed icons - Bug 1515431: Missing templates for group report page - Bug 1515826: Export portfolio as html gives an "error" due to missing views.css file - Bug 1515929: Duplicate records in usr_custom_layout cause fatal crash when copying a collection - Bug 1516412: "Make a copy" on Note block is not visible enough - Bug 1519374: Copying institution page doesn't retain page title - Bug 1519976: User's name is not displayed when sending a message - Bug 1457663: Collection navigation disappears in HTML export of "All my data" - Bug 1482493: Accent colour in Raw theme is too low contrast - Bug 1507811: Add 'production' command line argument for gulp for easier debugging - Bug 1509888: Make display of "Latest forum posts" more compact on group homepage - Bug 1509891: "Copy page" button needs better alignment on group homepage - Bug 1511238: "My portfolios" block still says "X pages" - Bug 1511240: Comma between tags needs 1 space less - Bug 1512181: Description textarea does not reset in resume sections - Bug 1512525: Comments with attachments but no description look broken on large screen - Bug 1513274: Button groups on user profile page doesnt have any margin with the select box - Bug 1513307: Pointless "Copied 0 blocks and 0 artefacts from the page template" message every time you create a new page - Bug 1514281: No .table-responsive added to 'admin/site/menu.php" - Bug 1514299: MNet method "get_views_for_user()" returns full urls for collections when it should return partial - Bug 1515774: Add font page looks broken when fonts added - Bug 1516429: Info about a note being shared on multiple pages is not prominent enough - Bug 1517256: Update install documentation for the css/sass info - Bug 1489249: No search box label for some search boxes - Bug 1512542: Missing langstring "mobileuploadnotenabled" in MaharaDroid API - Bug 1514661: Textbox blocktype raising error when configdata['artefactids'] is not set - Bug 1517228: Undefined index: ticks - Bug 1517658: Upgrade to 1.10+ fails on Postgres <9.1 - Bug 739528: Export to HTML doesn't use selected theme 15.10.0 (2015-10-23) - New Features: - Using the Bootstrap framework for CSS and HTML and increasingly Javascript - New themes - Journals on group, institution and site level - Direct replies to feedback comments - Defining the default page template in the administration area - Displaying collections instead of collection pages on the dashboard, profile and in "Shared with me" - General usability improvements - MathJax and mhchem support in the visual editor - Statistics for active users by institution - Better email address management in the administration area - - Security bugs: - Bug #1447377: Stored XSS in user reports access lists, and shared tabs for user/group/institution - Bug #1472439 XSS in "add to watchlist" link on artefact detail screen - Bug #1480329 Session key is not checked during file upload - Bug #1460368 Even if you disallow anonymous comments at the site level, you can still place anonymous comments on artefacts - Bug #1463629 Prevent HTTP iframes on HTTPS sites - Bug #1470281 Use "nosniff" header to prevent potential XSS via untrusted files in IE - - Other bugs: - Bug #1461040: Page layout thumbnails are missing in languages that have changed the layout lang strings - Bug #1446036 Session changes in Mahara 15.04 can cause excessively large response headers - Bug #1450334 Prompt registered Mahara sites to re-register because we want to change the data registration policy - Bug #1480434 Can't install latest master - Bug #1483476 Truncate page / collection titles in select 2 box on "Edit access" - Bug #1483964 Copy button on page view makes a copy of whole collection instead of asking - Bug #1486763 Wrong comment is deleted - Bug #1489233 The "Search" button on "Pages" doesn't work - Bug #1497049 Need to compile css as part of build release for 15.10+ - Bug #1498702 Arrows for re-arranging auth methods are missing - Bug #1502373 Can't change image description in image selector in TinyMCE - Bug #1505016 cache the main menu - fail if you change language - Bug #1507928 "Login" link not shown on small screens when login box is not available - Bug #1508204 Unable to remove a tagged journal option in 15.10 - Bug #1508301 Fatal error in threaded comments sortorder upgrade script - Bug #1201174 allow and moderate comments not saving correctly for groups - Bug #1361005 "Ignore/Append/Add" settings are not being respected during interactive Leap2a import - Bug #1361450 Preview a collection in 'Copy a collection' page causes a dark screen - Bug #1420590 access denied error when editing group as group admin - Bug #1430567 Migrate away from Gitorious before its May 2015 shutdown - Bug #1432641 Changing view layout causes an error - Bug #1432988 Clean up the "Required profile fields" for social media - Bug #1436672 Upgrade from Mahara 1.4 -> 15.04 doesn't work - Bug #1439194 Notes and attached files - Bug #1440908 Clicking 'more' in friend request is not working - Bug #1440947 Imagebrowser tinymce plugin missing strings - Bug #1441945 "cancel" link shows up when you clink on a file thumbnail in Contents -> Files - Bug #1443280 No notifications for feedback on watched group pages, site pages, and institution pages - Bug #1443730 Install webservice & annotation blocks by default - Bug #1443732 Turn AJAX block-loading off except for blocks that need it - Bug #1443736 Sitewide option to turn off AJAX block-loading - Bug #1443770 "Content -> Files" accessibility links show up when attempting to drag and drop - Bug #1444229 Signal the AJAX block loader with a flag instead of empty block content - Bug #1446395 Behat tests: Removing duplicates and tidying tests - Bug #1446412 Webservice cron doesn't run due to missing function - Bug #1446485 Lang string review for 15.10 - Bug #1446912 elasticsearch not searching 'Text' block type - Bug #1447865 Include PHP version in mahara.org stats - Bug #1447892 Mahara setting the noreply@ email address wrong if on non 80 port - Bug #1448807 Show last modified date for a shared collection on the group homepage - Bug #1448948 Social media buttons are not visible to others - Bug #1449334 Behat: And I fill in the following step throwing error when I use it for drop down boxes - Bug #1449350 A 'loggedin' lang string not changed to 'registeredusers' in user reports - Bug #1450297 Creating page failing due to PluginArtefact not being found - Bug #1450705 TinyMCE disappears from feedback form after validation fails - Bug #1450995 allow loading of lang string into js strings object after page load - Bug #1451331 15.04 image picker requires PHP 5.3.6+ - Bug #1452450 Error when upgrading mahara from 1.8.2 to 15.04 - Bug #1452480 Problem editing notes in Content -> Notes - Bug #1455122 Upgrade form 1.10 to 15.04 fails if 3rd party plugins are not present - Bug #1455265 TinyMCE "full screen" button doesn't work in block config - Bug #1456849 Problem with prepared statements in stats functions - Bug #1457246 Pagination in group homepages does not work properly - Bug #1457867 Full-portfolio export doesn't include all artefacts - Bug #1460850 wysiwyg tinymce showing on logged out pages if config 'wysiwyg' is set to 'enable' - Bug #1460911 forgotpass page not working as expected - Bug #1464018 Lazyload of artefact chooser data throws warning - Bug #1464477 Leap2a import of "Just some of my collections" doesn't put the pages into the imported collection - Bug #1465511 No link to Resume introduction tab - Bug #1465913 No "More..." or "Topic" link on objectionable content notifications in inbox - Bug #1466700 Regression with block picker - post bootstrap merge - Bug #1466711 Installing mahara Admin bar at the top covers writing under it - Bug #1467245 Language label too far from the menu - Bug #1467248 A pipe | exists before the link « Lost username / password" - Bug #1467254 In admin plugin the "config" butons are not coherent - Bug #1467369 Failed log in text floats right when you fail. - Bug #1467378 "Browse" buttons are exceeding their boxes around them. - Bug #1468533 "My pages" block broken in 1510 - Bug #1471357 Links for method names don't work in web services - Bug #1474354 Retracted image / note block shows details bar - Bug #1474628 Leap2a: Collections being exported as individual pages - Bug #1476059 Full copy of blog block embedded image problem - Bug #1478724 Upgrading from 1.8 to 15.10 fails due to multirecipient change to module - Bug #1479178 Update of quota not working correctly - Bug #1479543 Upgrading from 1.9 to 15.04 in mysql can timeout on big sites - Bug #1480038 Account delete button showing when register allowed is off - Bug #1481452 Wrapping of page and collection titles on "Shared by me" - Bug #1482455 Dropdown menus are no longer keyboard-accessible - Bug #1482492 Hour and minute combo boxes in date picker have no labels - Bug #1483077 Problem with mysql upgrade - not escaping table name - Bug #1483084 Problem with upgrading to 15.04 - postgres and upgrade/limit - Bug #1484296 Typo in XML filter regex - Bug #1484751 Errors in sending a message after upgrading from 1.10 or 15.04 to master - Bug #1485763 Submissions to group; only last five submissions display - Bug #1485791 "Successfully installed Mahara" message displayed during Mahara installation process - Bug #1485801 Remove "small page headers" feature in Mahara 15.10+ - Bug #1485840 Don't allow replies to deleted comments - Bug #1486269 Need to make sure pieform lib is present in comment build_html() - Bug #1486699 Username character limit preventing login via SAML - Bug #1486766 Error message when searching for users in web services logs - Bug #1486813 Prompt for new stat data after upgrade needs a 'no thanks' option - Bug #1487052 Link to cron installation guide returns a 404 - Bug #1487222 Uploading an image in TinyMCE in a journal entry doesn't work - Bug #1487246 Close button on initial configure dialog does not delete block - Bug #1487292 Close buttons in help boxes don't have alt text - Bug #1487308 All inbox messages are ARIA-expanded by default - Bug #1487464 SAML Update user details on login option creating new email artefact on every login - Bug #1487922 Loading spinner missing when uploading a file via filebrowser - Bug #1488697 Users may not receive the registration email after approval - Bug #1489284 Warning message when deleting a blog - Bug #1491639 Need to update group 'shared with me' block config values on upgrade 15.04+ - Bug #1492081 Accessibility problems with select2 4.0 - Bug #1492102 Moving files with the keyboard no longer works - Bug #1492103 Numbers in pagination are read twice by screen readers - Bug #1492663 Minor language string fixes for Mahara 15.10 - Bug #1492666 Undefined lang string for user search filter result - Bug #1492674 Change block "My pages" to "My portfolios" - Bug #1492675 Change block "Latest pages" to "Latest changes I can view" - Bug #1492919 Deadlock issues when 20-30 users copying collections & pages at the same time - Bug #1493169 New wall post not updating page correctly via js - Bug #1493177 Skins don't work at all in 15.10dev - Bug #1494022 Pdf block not loading pdf in 15.10 - Bug #1494133 Fatal error upgrading 1.3->15.04 or 1.4->15.04 - Bug #1495200 White screen when session times out - Bug #1495328 Revert watchlist block heading back to "Watched pages" - Bug #1495353 Insert image with editor in full screen mode - 15.10 - Bug #1495364 Remove compiled CSS from git repository - Bug #1496139 Change the configurable theme to work with Bootstrap - Bug #1496207 "More" link on inbox block goes to old inbox and not multirecipient one - Bug #1497053 Cron error with over 65535 users - Bug #1497820 Licenses don't have images shown - Bug #1497821 Check for CSS files in Mahara sanity check - Bug #1498248 Warning when deleting queued portfolio - Bug #1499122 Threaded comments display in the wrong order - Bug #1499150 Anonymous author link not working - Bug #1499568 Mahara 15.04.3 upgrade issues - Bug #1500774 remove old session files doesn't work with adapted sessionpath - Bug #1501059 Position of the contextual help block is incorrect - Bug #1501185 drop down for pages in a collection - Bug #1501540 Update the overall Readme file - Bug #1502371 No proper alt text for images and replacing of alt text in images in TinyMCE - Bug #1503036 Plan pagination not working in block - Bug #1503885 elasticsearch not indexing collection info - Bug #1505873 Submit page to group has two dropdown options - Bug #1506034 Unable to scroll when editing Group Membership under My Friends. - Bug #1506188 Link in "Create" box in Dashboard is not correct - Bug #1506625 Change the default switchbox text to Yes/No - Bug #1507432 Messages in dashboard inbox block have special chars escaped twice - Bug #1507808 Image browser selected option not sticking - Bug #1508723 Have dedicated language strings for switchbox labels - Bug #1509129 Crash when posting a public comment that no one will be notified about - Bug #785472 Eliminate all raise_memory_limit() calls - Bug #1333424 Navigation block broken after Leap2a import - Bug #1338381 Switch from commandline zip/unzip to PHP ZipArchive class - Bug #1348024 users can stay logged into suspended institution - Bug #1358934 Leap2A issues - Bug #1360977 Error when import a blog via self-Leap2A import - Bug #1362182 "The 'c' parameter is not alphabetical only" error when picking a page theme in IIS - Bug #1374163 List of shared pages to a group not taking account of access date - Bug #1378581 Incomplete storage of admin's email at install - Bug #1384480 Update jquery-ui to version 1.11.4 - Bug #1384491 update tinymce to version 4.1.9 - Bug #1384492 update Pear to version 1.9.5 - Bug #1384498 Update Elastica to version 2.0.0 - Bug #1386670 Improve UI of secret URL auto-copy button - Bug #1387412 Eliminate links-that-look-like-buttons & buttons-that-look-like-links - Bug #1388664 Add focus for social media profile creation - Bug #1393734 Textbox/Note config form very slow to load - Bug #1407847 The text boxes aren't being cleared before Behat puts the new text in. - Bug #1407848 Behat cant click links when the duplicate ones are hidden. - Bug #1407854 New Behat step: And I expand "text" node - Bug #1417120 Non-English lang strings distributed with Themes & Plugins aren't loaded. - Bug #1417828 Malformed lang string in email digest notification emails - Bug #1421030 Behat broken fixture: And the following "pages" exist - Bug #1424916 Missing Alt/Title tag on a text box - Bug #1428364 Broken Behat test: Needs content->files ID's and labels tidied up - Bug #1428456 ID tag needed for setting icon on profile page config settings - Bug #1429647 Watchlist lets you watch and receive notifications about pages you don't have view access to - Bug #1429871 Link underlining in skins doesn't work - Bug #1434912 "Shared with me" lists my own pages - Bug #1436582 Secret URLs - From/To Eror Message - Bug #1436841 Add External Media - YouTube Video - Bug #1437083 Download zip file of home folder, can't be extracted in Windows - Bug #1437969 Behat test for configuration of general settings changes. - Bug #1438928 Registration page not allowing you to register - in behat - Bug #1442150 Replace "delete logo" switch with a checkbox - Bug #1444453 Allow the use of SVG files for the social media icons - Bug #1444784 Watchlist block needs tidying up - Bug #1444905 Elasticsearch doesn't search achievements - Bug #1444925 Admin can't see objectionable content in forums if not admin in the group - Bug #1446426 Bulk user export page has a redirect that doesn't work with subdirectories. - Bug #1446488 Wrong string identifier for image resizing - Bug #1449770 Allow main navigation to have an external link - Bug #1450680 Need better log_debug output from lib/db/upgrade.php - Bug #1454458 Navigation group pages - Bug #1455137 "Edit access" screen has trouble with jscalendar dates if you change calendar_dateFormat and/or strtimedatetimeshort - Bug #1457032 Remote avatar (Gravatar) does not adhere to site proxy settings - Bug #1457709 Elasticsearch plugin doesn't work with URL-based access control - Bug #1457712 More robust Elasticsearch data uploading - Bug #1462806 Improvement of user email addresses management - Bug #1465423 Elasticsearch confusion about indexing the firstname, lastname, email, preferredname values - Bug #1465485 Displaying message via clicking link in Inbox block is not working - Bug #1465918 Missing accessibility text on Inbox & Outbox notification "More..." links - Bug #1467368 cache the main navigation menu - Bug #1468144 Page layout thumbnails are broken if you use a locale that does commas for decimals - Bug #1468156 Migrate PluginArtefactMultirecipientnotification to a Module plugintype instead - Bug #1471604 Terms and conditions not showing on register page for multi institutions - Bug #1472443 Can't use method return value in write context error in forgotpass.php - Bug #1474143 Multiple journal error with image in description field - Bug #1474609 cannot delete page description - Bug #1474659 Leap2a: import/leap/lib.php:1117 unserialize: Error at offset 65512 of 65535 bytes" - Bug #1475813 installing plugins not showing success response correctly - Bug #1476925 Make ajax get_string work for logged-out users - Bug #1478339 Color scheme problem when editing pages in 15.10 - Bug #1478357 Miss aligment in the Settings area - Bug #1478361 Incoherence in the menu interface when adding a new "Social media account" - Bug #1478374 Fix syntax error in PHP 5.3 - Bug #1480731 Behat fixture for setting page/collection permissions - Bug #1482010 Leap2a collection pages are in the wrong order - Bug #1482410 Leap2A import problem: "simplexml_load_file()... parser error : PCDATA invalid Char value..." - Bug #1482437 Leap2a export: Filter out ASCII control characters that are not valid in XML - Bug #1482458 Bootstrap tabs are not accessible - Bug #1482469 Expand/contract accordion button has no accessible text - Bug #1482474 "Basic options" expander in layout editor is ARIA-collapsed by default - Bug #1482480 Add row button in custom layout creator should have focus management - Bug #1482491 Date picker checkbox needs a more descriptive label - Bug #1484361 New Behat step for visiting a specific view - Bug #1484779 Expanders in Site options are all ARIA-expanded by default - Bug #1486817 Incorrect label setup when creating custom layout - Bug #1487290 Better accessible text for inbox header link - Bug #1487294 Focus management needed in Resume forms - Bug #1487301 Selected tab not indicated in "Shared by me" - Bug #1487304 When creating a folder, focus should go to the new folder - Bug #1489243 Incorrect labels in user name filters (Admin -> User search) - Bug #1489245 Two-way list boxes (eg. in Site staff) have no button labels - Bug #1489700 Switches don't show 'disabled' state - Bug #1490231 skin.css is missing - Bug #1494565 Web services auth uses wrong lang string in auth list - Bug #1495676 The setting 'maxuploadsize' did not count - Bug #1496181 Undefined variable: groupid in editing blog - Bug #1496476 class typo in artefact:comment:edit.tpl - Bug #1496683 Unescaped 'title' strings used in pieforms elements - Bug #1496910 Problem with scaling in flowplayer - Bug #1499583 get_string_ajax() doesn't work properly with arguments - Bug #1500215 descending folders - setting does not carry to subfolders - Bug #1500290 Make plugin file search paths backwards-compatible - Bug #1501078 All user to set their theme to site default - Bug #1506695 Undefined theme index when upgrading to 15.10 - Bug #1507437 Allow all tinymce to be using the same set of plugins - Bug #1508728 Hard-coded language string in editfile.tpl - Bug #781002 Can't upload large file when /tmp is too small - Bug #1262892 Make responsive design work better for smaller devices - Bug #1358092 Improve SQL performance when deleting notifications - Bug #1363753 extract file gives error if there is not enough space for extraction - Bug #1383543 The js script 'artefact/multirecipientnotification/js/sendmessage.js' is not neccessary - Bug #1436573 Mouse pointer icon not displayed on Create, Share, Engage buttons - Bug #1438980 Pointer-style cursor displayed on Create, Share, Engage buttons when logged out - Bug #1445280 Show a green icon instead of a red one, for "Nothing to upgrade" message - Bug #1447449 Behat needs to be able to fill in a tinymce editor - Bug #1457710 Elasticsearch plugin is not reading the queue in order - Bug #1461741 Tinymce table has lost the advanced tab in version 4 - Bug #1464052 Set a default record limit for the elasticsearch cron job - Bug #1465882 Remove obsolete $_SERVER['MAHARA_LIBDIR'] option - Bug #1465928 Behat test for password attempts limit - Bug #1467339 Skin delete page missing $subheading test - Bug #1469569 Registration form reason box not displaying on form error - Bug #1473829 Behat test social_media_buttons.feature failing on MYSQL - Bug #1474136 Better warning message for cron when site is closed - Bug #1475104 Trying to add same access permission as a existing locked option gives error - Bug #1475731 Installer doesn't move to bottom of the page - Bug #1479434 missing SESSION global ref in progressbarform_validate - Bug #1480764 Transient login form can't handle array variables - Bug #1482447 Adjusting more checkboxes to switchboxes - Bug #1482448 Help links should include the form element they refer to in their alt text - Bug #1482456 Pages should include an ARIA "main" landmark - Bug #1482461 "Add block" accordion has useful descriptions only available to screen reader users - Bug #1482490 New toggles are confusing for screen reader users - Bug #1486262 Problem with isset() in a template file - Bug #1487815 Error message when theme cannot be found - Bug #1494908 Memory exhausted on cron import_process_queue - Bug #1496616 CLI script help output is incorrect - Bug #1497341 Pieforms "select" rule validation with optgroups fails - Bug #1497411 Feed logo image displays a broken image - Bug #1499100 Private comments should also update portfolio page's "last update" date - Bug #1499164 Don't autofill password reset field on user settings page - Bug #1504335 site statistics for groups throws an error if cron hasn't yet run - Bug #1504351 Custom layouts options not showing/hiding correctly - Bug #1508725 Warning icon on upgrade to 15.10 doesn't show - Bug #547332 Communal blog / group journal - Bug #547677 More Distinct Admin Navigation - Bug #634689 Paginator for My pages blocktype - Bug #853662 Use newer and flashier graphing framework to generate graphs in Mahara - Bug #884023 Threaded replies to feedback on views - Bug #1364703 Add caching of results to ArtefactType::get_plugin_name. - Bug #1373092 Increase length of page and collection titles on "Edit access" page - Bug #1396564 Add password recovery with CLI - Bug #1416890 Use SVG images and provide backward compatibility - Bug #1423406 Replace "Share page" checkboxes, with a Select2-based autoselect. - Bug #1423410 Eliminate automatic bulk permission syncing (i.e. ditch view.accessconf) - Bug #1426983 Converting Selenium tests to Behat tests - Bug #1434131 Add an option to show or hide the login side block - Bug #1442403 My portfolios log in is at the bottom of mobile app - Bug #1464858 Add MathJax and mhchem support to Mahara - Bug #1465107 Use the Bootstrap CSS framework - Bug #1472467 Add journal / blog to institution - Bug #1472889 Allow custom override of Chartjs graph defaults - Bug #1476491 Show collections in "Latest Pages" block - Bug #1476492 Show collections in "My pages" block - Bug #1476495 Show collections in "Shared with me" screen - Bug #1476496 Make View::view_search() supported combined listing of pages & collections - Bug #1483963 Statistics for active users by institution - Bug #1488255 Add a site default portfolio page - Bug #1492928 Put an edit button the group homepage 15.04.3 (2015-08-19) - Bug 1361005: "Ignore/Append/Add" settings are not being respected during interactive Leap2a import - Bug 1447865: Include PHP version in mahara.org stats - Bug 1449334: Behat: And I fill in the following step throwing error when I use it for drop down boxes - Bug 1450334: Prompt registered Mahara sites to re-register because we want to change the data registration policy - Bug 1452450: Error when upgrading mahara from 1.8.2 to 15.04 - Bug 1456849: Problem with prepared statements in stats functions - Bug 1464477: Leap2a import of "Just some of my collections" doesn't put the pages into the imported collection - Bug 1471357: Links for method names don't work in web services - Bug 1474628: Leap2a: Collections being exported as individual pages - Bug 1476059: Full copy of blog block embedded image problem - Bug 1479543: Upgrading from 1.9 to 15.04 in mysql can timeout on big sites - Bug 1480038: Account delete button showing when register allowed is off - Bug 1480329: Session key is not checked during file upload - Bug 1483077: Problem with mysql upgrade - not escaping table name - Bug 1483084: Problem with upgrading to 15.04 - postgres and upgrade/limit - Bug 1483094: Block config popup offset in safari is wrong - Bug 1484296: Typo in XML filter regex - Bug 1486269: Need to make sure pieform lib is present in comment build_html() - Bug 785472: Eliminate all raise_memory_limit() calls - Bug 1333424: Navigation block broken after Leap2a import - Bug 1388664: Add focus for social media profile creation - Bug 1397562: Error display on the admin menus (tabs) of theme 'primaryschool' - Bug 1407848: Behat cant click links when the duplicate ones are hidden. - Bug 1428364: Broken Behat test: Needs content->files ID's and labels tidied up - Bug 1457032: Remote avatar (Gravatar) does not adhere to site proxy settings - Bug 1474143: Multiple journal error with image in description field - Bug 1474609: Cannot delete page description - Bug 1479178: Update of quota not working correctly - Bug 1482010: Leap2a collection pages are in the wrong order - Bug 1482437: Leap2a export: Filter out ASCII control characters that are not valid in XML - Bug 1484361: New Behat step for visiting a specific view - Bug 1363753: Extract file gives error if there is not enough space for extraction - Bug 1383543: The js script 'artefact/multirecipientnotification/js/sendmessage.js' is not neccessary - Bug 1464052: Set a default record limit for the elasticsearch cron job - Bug 1474136: Better warning message for cron when site is closed - Bug 1479434: Missing SESSION global ref in progressbarform_validate - Bug 1421030: Behat broken fixture: And the following "pages" exist 15.04.2 (2015-07-10) - Bug 1451331: 15.04 image picker requires PHP 5.3.6+ - Bug 1460368: Even if you disallow anonymous comments at the site level, you can still place anonymous comments on artefacts - Bug 1460850: wysiwyg tinymce showing on logged out pages if config 'wysiwyg' is set to 'enable' - Bug 1460911: forgotpass page not working as expected - Bug 1461040: Page layout thumbnails are missing in languages that have changed the layout lang strings - Bug 1472439: XSS in "add to watchlist" link on artefact detail screen - Bug 1428456: ID tag needed for setting icon on profile page config settings - Bug 1438928: Registration page not allowing you to register - in behat Bug 1444925: Admin can't see objectionable content in forums if not admin in the group - Bug 1468144: layout thumbnails are broken if you use a locale that does commas for decimals - Bug 1471604: Terms and conditions not showing on register page for multi institutions - Bug 1472443: Can't use method return value in write context error in forgotpass.php - Bug 1358092: Improve SQL performance when deleting notifications - Bug 1461741: Tinymce table has lost the advanced tab in version 4 - Bug 1463629: Prevent HTTP iframes on HTTPS sites - Bug 1465928: Behat test for password attempts limit - Bug 1470281: Use "nosniff" header to prevent potential XSS via untrusted files in IE 15.04.1 (2015-05-29) - Bug 1446036: Session changes in Mahara 15.04 can cause excessively large response headers - Bug 1447377: Stored XSS in user reports access lists, and shared tabs for user/group/institution - Bug 1361450: Preview a collection in 'Copy a collection' page causes a dark screen - Bug 1420590: access denied error when editing group as group admin - Bug 1432988: Clean up the "Required profile fields" for social media - Bug 1446412: Webservice cron doesn't run due to missing function - Bug 1448948: Social media buttons are not visible to others - Bug 1450297: Creating page failing due to PluginArtefact not being found - Bug 1450705: TinyMCE disappears from feedback form after validation fails - Bug 1452450: Error when upgrad mahara from 1.8.2 to 15.04 - Bug 1455122: Upgrade form 1.10 to 15.04 fails if 3rd party plugins are not present - Bug 1455265: TinyMCE "full screen" button doesn't work in block config - Bug 1457246: Pagination in group homepages does not work properly - Bug 1457867: Full-portfolio export doesn't include all artefacts - Bug 1374163: List of shared pages to a group not taking account of access date - Bug 1378581: Incomplete storage of admin's email at install - Bug 1417120: Non-English lang strings distributed with Themes & Plugins aren't loaded. - Bug 1446426: Bulk user export page has a redirect that doesn't work with subdirectories. - Bug 1446488: Wrong string identifier for image resizing - Bug 1454458: Navigation group pages - Bug 1447449: Behat needs to be able to fill in a tinymce editor - Bug 1458703: The ADDITIONALHTMLTOPOFBODY and ADDITIONALHTMLFOOTER are missing from the microheader/microfooter templates 15.04.0 (2015-04-17) - - New Features: - Picking an internal Mahara image directly in the editor in text and note blocks and journal entries. - Adding artefact feedback directly on a page. - Displaying a "Copy" button directly on pages that you can copy. - Displaying journal entries based on multiple tags. - Saving the last order in which your sorted your pages. - Sending a message directly from your inbox. - Uploading a logo through the site administration that is used for the entire site. - Providing the infrastructure and first tests for our suite of automated functional tests. - Making web services available. - Automatically detecting the delimiter in CSV file uploads. - Linking objectionable artefacts to their actual artefacts in an email message. - Renaming "logged-in users" to "registered users". - Displaying unread messages first in the inbox. - Displaying shared pages based on their last updated date in a group. - Receiving a notification for comments that others have left on a page where you gave feedback. - Adding a new block, "Annotations" to facilitate a more structured approach of working with a portfolio (initial development work for a larger piece). - - Other bugs/changes: - - Bug #1353069: db_format_tsfield() returning time value with offset on Postgres 9.3 - Bug #1381811: Error when copying collection or editing collection title/description - Bug #1396565: Error when adding a Group pages block onto a group home page - Bug #1399464: SQL error when adding users by CSV - Bug #1405427: Group forums posts email don't show user name of who posted - Bug #1429518: Group homepage doesn't display all blocks anymore - Bug #1045138: Image disappears from Page Description when page shared to other users - Bug #1190788: Can cause arbitrary SWF files to execute in the browser - Bug #1267686: Group member can't access their own group file - Bug #1292301: Cannot delete a Google web font - Bug #1318432: Improve error reporting in Ajax installer/upgrader - Bug #1363873: Session Management Issue- Session is not invalidating after password change - Bug #1364170: Parent auth fails due to mixed case checking - Bug #1364609: Problem with windows wmv files having filetype video/x-ms-asf - Bug #1369343: Add to collection popup message odd on first addition - Bug #1369370: Clean expired passwords causes error when upgrading from 1.8 - Bug #1374184: My groups block pagination fails when clean urls are in play - Bug #1374879: Missing language string in user Settings - Bug #1375092: XSS in page content editor - Bug #1375515: new version of jquery not rendering the inline js on pieform elements correctly - Bug #1376997: Date picker not working for certain languages - Bug #1377371: Help text doesn't match functionality for "My groups" sidebar list - Bug #1377542: The calendar picker is visible directly when adding someone to page access - Bug #1377543: There shouldn't be a notification for gaining access to a group homepage - Bug #1377736: XSS Vulnerability adding pages into a collection - Bug #1380200: "System messages" and "Messages from other users" can be set to "None" - Bug #1380201: Access to a collection is sent as page access - Bug #1380203: Giving access to 2 pages only generates 1 access notification - Bug #1380434: An error appears when importing an extracted portfolio - Bug #1381715: adjust width in configure block - Bug #1381719: Help icon hard to find - Bug #1381738: Journal entry TinyMCE missing row toggle button - Bug #1382159: Profile -> contact information -> address textarea not displaying correctly - Bug #1382890: Message window too large on upgraded site - Bug #1383029: Page not accessible after reporting it as objectionable - Bug #1384467: CSS is not stripping out bad css attributes anymore - Bug #1384547: "Wall" block looks ridiculously narrow in Mahara 1.10.0 - Bug #1386010: Author not anonymised on "Shared with me" page and in "Latest pages" block - Bug #1387480: Can't report objectionable pages in responsive theme, on small screens - Bug #1387858: Draft journal entries are visible to others - Bug #1387903: Should not be able to execute CLI scripts from the web - Bug #1389906: Accepting friend request does not send notification to requester - Bug #1390318: Fatal error when trying to run CLI upgrade script after clean install of 15.04dev - Bug #1390833: File attachments aren't copied when note is copied - Bug #1393223: comment count is wrong when private comments are in play - Bug #1393530: Integrate the web services plugin into Mahara core - Bug #1393622: duplicate lang string identifier in webservices - Bug #1394056: When calling get_record_sql(), the parameter 'values' must be an array - Bug #1394330: Improper use of the parseInt javascript function - Bug #1394359: Adjusting webservices to use ctime, mtime syntax - Bug #1394732: pieform minvalue/maxvalue rule error - Bug #1394738: Text descriptions of image links on Edit Page need to be modified - Bug #1394820: SSRF in external feed - Bug #1395627: Visits counter not showing with "small headers" - Bug #1396433: When adding a new webservice service group have it disabled to begin with - Bug #1396435: Admin section navigation for webservices is clumsy - Bug #1397128: edit/delete links in webservices need to be buttons - Bug #1399246: PDF embeds fail in sites with subdomains for user pages - Bug #1399446: Need to properly concat lang strings for webservices - Bug #1400514: Unable to load page after submitting a comment on a view - Bug #1400524: Upgrading from 1.7 to 1.10 failed in big databases - Bug #1400595: PDFs not displaying in IE - Bug #1401269: Webservices tests need to be fixed up / made more robust - Bug #1401313: Command-line updater not detecting core & local upgrades - Bug #1401324: Broken sql queries post adodb upgrade - Bug #1401708: "Text" block no longer available on page builder, after upgrade 1.9 -> 15.04dev - Bug #1402911: Error posting a new forum topic - Bug #1403178: Need to fix Can't use function return value in write context in pieform multicolumntable.php - Bug #1403627: webservices serviceconfig page needs to be one form - Bug #1404012: Behat fixture for navigating mahara menu - Bug #1404117: XSS via uploaded XML - Bug #1405274: Behat step for checking if a form is processing - Bug #1407490: Can't add a feedback to a page - Bug #1408542: TinyMCE emoticons are not displayed in TinyMCE 4 - Bug #1410549: webservice/apptokens.php doesn't show the correct admin side main nav - Bug #1410570: Adding a group as non admin causes error - Bug #1410953: Warnings when access "Account settings" page - Bug #1412606: CAST type 'int' is not supported by MySQL - Bug #1414783: Reply to message link in Inbox block is not working after upgrade - Bug #1414828: The cron 'export_process_queue' does not run as the false alarm server_busy - Bug #1415246: Add an index for the field 'itemid' on 'search_elasticsearch_queue' table - Bug #1417319: Hanging when trying to export as a Standalone HTML website - Bug #1419539: ArtefactTypeMismatchException when you try to display a profile icon in an Image block - Bug #1422498: Behat step "I wait until the page is ready" does not work - Bug #1423027: Phpmailer class no longer includes SMTP class - Bug #1423299: Behat step "the following site settings are set:" - Bug #1423435: pdf.js menu doesn't use current language - Bug #1423768: Posting to a wall is failing in master - Bug #1424284: Files embedded in a note block did not show after copy a page - Bug #1424512: some block attachment expanders not working after ajax load of blocks was merged - Bug #1424862: Use the stable version of behat and its components - Bug #1425694: The block content in a public page does not show - Bug #1425728: Embedded images in 'Text' block did not show after copying or importing - Bug #1427027: EmbeddedImage::prepare_embedded_images() - Undefined variable: form - Bug #1427031: Mobile detect is being called too many times - Bug #1428266: Missing page description when export/import via Leap2a - Bug #1428358: Export leap2a not prompting for download file - Bug #1430111: New block order not set up when upgrading via CLI from 1.10 - Bug #1431540: allow plugins to register admin menu items - Bug #1431594: User registration throws errors - Bug #1431661: Annotation feedback for public users - Bug #1431668: Annotation "feedback" Javascript breaks on clean-urls and sites in subdirectories - Bug #1431679: Support for JS lang strings in artefact blocktypes - Bug #1432635: Changing view layout causes block removal - Bug #1432641: Changing view layout causes an error - Bug #1434935: Username is shown in "Inbox", "Sent messages", "Online users" and on page - Bug #1435355: Password reset shows blank screen - Bug #1435750: Google URLs changes - Bug #1436672: Upgrade from Mahara 1.4 -> 15.04 doesn't work - Bug #1437929: expired shared pages still display in groups - Bug #1438390: Error when allocating users to service groups and institutions - Bug #1439194: Notes and attached files - Bug #1440908: Clicking 'more' in friend request is not working - Bug #1440930: WYSIWYG editor image picker not showing tabs correctly - Bug #1440947: Imagebrowser tinymce plugin missing strings - Bug #1441945: "cancel" link shows up when you clink on a file thumbnail in Contents -> Files - Bug #1442130: Ajax block-loading doesn't work in "Copy a page" screen's page preview - Bug #1443280: No notifications for feedback on watched group pages, site pages, and institution pages - Bug #1443282: Feedback notifications list "System" for the "From" field - Bug #1443730: Install webservice & annotation blocks by default - Bug #1443730: Install webservice & annotation blocks by default - Bug #1443732: Turn AJAX block-loading off except for blocks that need it - Bug #1443736: Sitewide option to turn off AJAX block-loading - Bug #1443770: "Content -> Files" accessibility links show up when attempting to drag and drop - Bug #1444229: Signal the AJAX block loader with a flag instead of empty block content - Bug #1051844: when editing a file download artefact and the licence acceptance is on, the entire screen is used - Bug #1217827: Plan description is not displayed on a portfolio page - Bug #1254841: Embedded media files overlap block configuration pop-up - Bug #1286935: Allowed iframe check doesn't handle URLs with a question mark immediately after the domain name - Bug #1348024: users can stay logged into suspended institution - Bug #1352028: Upload users from CSV could do with a progress bar - Bug #1359109: Fail deleting long name groups - Bug #1364229: Uploadcsv email addr and username cache - Bug #1364687: Avoid query for existing artefact record when we know it's new. - Bug #1364691: Add support for getting multiple artefacts from an array - Bug #1366622: width of gallery not set correctly - Bug #1367077: Pagination in the page htdocs/group/report.php does not work - Bug #1373095: Rename "Logged-in users" on to "Registered users" - Bug #1373226: Missing plugins not disabled cleanly. - Bug #1373917: Inconsistent line break layout in notifications - Bug #1375521: Pieform form maharatable renderer doesn't respect the isescaped flag - Bug #1376503: Loading groups via csv throwing error Undefined index: allowarchives - Bug #1377540: TinyMCE displays all menu rows instead of only one for feedback - Bug #1378645: Google Maps "my maps" URLs breaking - Bug #1381868: XSS with institution full name on user profile page - Bug #1382902: Hard-coded lang strings in multirecipient messages - Bug #1383533: List of activity types should be sorted from A-Z - Bug #1384473: Update Adodb to 5.19 - Bug #1384478: Update pdf.js to version 1.0.1040 - Bug #1384482: Update Timepicker to version 1.5 - Bug #1384484: Update Select2 to version 3.5.2 - Bug #1384486: Update the zeroclipboard to version 2.1.6 - Bug #1384488: Update Dropzone to version 3.10.2 - Bug #1384489: update jscolor to version 1.4.3 - Bug #1384496: Update mobiledetect to 2.8.5 - Bug #1384497: Display the Mahara major version to non-admins - Bug #1384499: Update phpmailer to version 5.2.9 - Bug #1385818: Font size in "Feedback" block pop-up is too small - Bug #1386532: Gravatars not working for HTTPS sites - Bug #1386970: Missing title tag on file unzip button - Bug #1387341: Allowing tabs menus to have a 'title' attribute on the A tag - Bug #1387365: Have multirecipient tab menu use the submenu_items() structure - Bug #1387511: cancel button in sendmessage.php should bring user back to previous page - Bug #1388669: Change lang strings in export queue - Bug #1388678: Remove superfluous folder in archived submissions - Bug #1388682: Alphabetize notification settings - Bug #1390339: API for shortcut blocks - Bug #1391073: missing closing if-tag in topright.tpl template - Bug #1392700: Images not displayed - blog post by tag - Bug #1394758: cli not returning the 'nothing to upgrade' message when nothing to upgrade anymore - Bug #1396430: Allow enabling/disabling webservices options in a better graphical way - Bug #1396431: When editing a webservices service group the page you are taken to doesn't tell you which you are editing - Bug #1396845: Change user searches to autocomplete select boxes in webservices - Bug #1397005: Image Gallery option "square thumbnails" distorts displayed images when their width and height are not equal. - Bug #1397068: Flickr API now requires use of https for endpoint - Bug #1399311: SQL syntax error in cron_event_log_expire on key word SECONDS - Bug #1400199: Fixtures for creating pages in Behat - Bug #1400975: Add type hints to dml.php methods - Bug #1402491: Fix failing /webservice phpunit tests - Bug #1403238: Behat fixture for clicking a link/button on a list/table. - Bug #1403703: Switchbox pieform element doesn't work in block configs - Bug #1403718: webservice/testclient.php needs to check if webservices and servcie type is enabled - Bug #1405028: changing edit collection page to use divs - Bug #1405282: Simplifying the webservices log search - Bug #1407854: New Behat step: And I expand "text" node - Bug #1411070: Missing help for pages under 'Portfolio'/'Skins' - Bug #1414474: Sub navigation background color not used for sub navigation - Bug #1415713: Rewrite old view/artefact.php URLs to new artefact/artefact.php URLs - Bug #1419547: Annoying gray line shows up under images with no comments & no comments allowed - Bug #1419561: webservice menu shows even if pugin not installed - Bug #1419951: Skins not working on profile page - Bug #1419959: don't allow the choosing of skin for dashboard page - Bug #1421033: Elasticsearch indexing for large database is slow - Bug #1421444: Error trying to use an embed code with line breaks - Bug #1423761: The function artefact_get_descendants() should use the column 'path' - Bug #1424916: Missing Alt/Title tag on a text box - Bug #1425306: Users can delete submitted page through URL - Bug #1427046: Improving ADODB speed - Bug #1427845: ID tags needed on Edit Access and secret URL's on shared by me - Bug #1427901: Performance improvements for cron job - Bug #1428918: session_write_close() errors during Behat - Bug #1429647: Watchlist lets you watch and receive notifications about pages you don't have view access to - Bug #1429871: Link underlining in skins doesn't work - Bug #1429883: Display Problem on the page exported HTML "Profile Information" - Bug #1431569: Change check boxes into switchboxes where possible - Bug #1431673: Hard-coded language string in artefact/annotation/js/annotation.js - Bug #1432435: Needing slight design alterations for some webservices tables - Bug #1434922: Objectionable content box isn't responsive - Bug #1434927: Objectionable content inbox notification doesn't name reporter - Bug #1435103: Behat bug: Step "And I set the following fields to these values:" Is missing code - Bug #1436582: Secret URLs - From/To Eror Message - Bug #1436841: Add External Media - YouTube Video - Bug #1442150: Replace "delete logo" switch with a checkbox - Bug #946880: Broken html error message for no-reply email setting - Bug #1044288: Provide link to objectionable artefact in notification - Bug #1053804: Lists of pages and collections on the /export/index.php need to be sorted - Bug #1255222: Error message missing for deleted wall post - Bug #1262928: Add users by CSV - enforce browse for file button only accepts csv files - Bug #1271420: Duplicate newlines in forum post notifications if you turn off the HTML editor - Bug #1298553: Site settings choosing search type problem - Bug #1299993: Improvements to notification system - Bug #1323859: Institution statistics page links are not fully accessible by screen readers - Bug #1333096: Password reset key leaked via HTTP "Referer" field - Bug #1367539: When quota notification threshold is changed, send notifications to users who are now over threshold - Bug #1370830: download checkbox shown as already ticked on folder block when first enabled - Bug #1373093: Decapitalize "Journal" and "Journal entry" in journal blocks - Bug #1373670: The length of a message for a new friend request should be limited - Bug #1381807: external media not returning an error for bad non url input - Bug #1383995: Move all core plugin theme files into the /theme directory - Bug #1384009: Cookie lacking "secure" flag for HTTPS sites - Bug #1384481: Minor version number displayed in JS, CSS links - Bug #1384495: Removing "massey" and "rhmoodle" CSS styles from raw theme - Bug #1384529: Comments pagination is off by one - Bug #1385564: Secret URLs used on public computers leak access to later users of the same browser - Bug #1385812: Help text is not fully visible on "Advanced" tab for skin creation - Bug #1389913: Accepting a friend request adds message to sent folder - Bug #1391686: Generated layout images should use file permissions setting - Bug #1393584: getting quotausedpercent can cause 'divide by zero' error - Bug #1393621: split the webservices/functions.php into user / group / institution functions for better code separation - Bug #1394754: calling _get_cli_params() when no params present needs fixing - Bug #1395919: TinyMCE spellchecker gives Error: General - Bug #1396364: Overflowing table in the Admin Notifications page - Bug #1396426: Use application/javascript instead of text/javascript - Bug #1396434: Change readonly checkboxes on the webservices configuration page to be tick/cross icons - Bug #1396437: Some webservice functions have the wrong explanatory comments - Bug #1396837: Error when layout options are changed in Firefox - Bug #1399063: Compose message window does not have any required fields marked - Bug #1400511: Cannot cancel comment form after validation fails - Bug #1402485: "deleteblockinstance" event type not added on clean install - Bug #1402912: Warning message when posting a new Text block - Bug #1408438: Remove "Journal" option from profile completion - Bug #1409545: RSS block: "Invalid array key 'url'" messages when using an atom feed - Bug #1410009: Help icon missing on edit page - Bug #1410409: Allow dashboard page to have submenus - Bug #1411459: Update reCAPTCHA terminology to "site key" and "secret key" - Bug #1413547: Change default "You are logged in from" text - Bug #1414628: strptime on OS X always returns 0 for tm_wday and tm_yday - Bug #1414770: Māori macrons needed for tinymce charmap - Bug #1415709: "Deprecated" warning coming from BBCode parser - Bug #1416147: MySQL error in ORDER BY clause in get_artefactchooser_artefacts() - Bug #1416935: Incorrect debug message - Bug #1422232: elasticsearch - reset and indexing - Bug #1422480: Allow the filebrowser upload field filter by file type - Bug #1425424: Minor Bugs found in 15.04 - Bug #1426980: Getting Undefined index: QUERY_STRING from behat in multirecipientnotifications section - Bug #1427019: Need to add an id to the inbox link for behat test - Bug #1433342: Admins don't see all activity filter types in inbox/outbox - Bug #1433769: Plan task list and plan block don't show the task tags - Bug #1436573: Mouse pointer icon not displayed on Create, Share, Engage buttons - Bug #1438475: The returned 'nothing to upgrade' message has an error icon - Bug #1438980: Pointer-style cursor displayed on Create, Share, Engage buttons when logged out - Bug #547696: Notifications improvement: sort by unread/read - Bug #745418: Put a "copy" button on a copyable page - Bug #792670: Open external RSS feeds in new window - Bug #809297: Missing help icons in portfolio tab Edit - Bug #836382: Ability to easily pick a local image in the html editor - Bug #844457: suckypasswords check is very limited, could be expanded - Bug #1037531: Make comments / feedback directly on artefacts on the page - Bug #1087227: Allow administrator to enable multiple journals globally - Bug #1236102: More logical ordering of blocks in the Page Builder - Bug #1317343: Ability to display journal entries using multiple tags - Bug #1353516: Site option to prevent display of usernames - Bug #1360535: Set default sort order for page sorting - Bug #1374674: Feedback notification from own comment - Bug #1377377: Make $cfg->renamecopies = false; the default config value - Bug #1382905: Do not show "Delete" check box for notifications that can't be deleted - Bug #1385412: Adding 'Send message' to inbox and outbox - Bug #1386937: Change Mahara release numbering from pseudo-"Semantic Versioning" (1.11.0) to Ubuntu-style (15.04.0) - Bug #1387330: Inbox 'reply to' and 'reply all' links be in own columns - Bug #1389450: Duplicate text and Image blocks - Bug #1392096: Generate SVG image preview for page layouts - Bug #1393472: CSV-Import: auto-test for separation character: Semicolon - Bug #1397759: SmartEvidence: Annotations - Bug #1399054: Improved TinyMCE image selector - Bug #1401210: Watching a page with a journal block - Bug #1408473: Upload site logo through front end - Bug #1409369: Add the "Max. items to show" drop-down menu to "Shared with me" - Bug #1409370: Use the "new" paginator on "Shared with me" - Bug #1409967: Make drag and drop work for touch devices for edit content page - Bug #1410638: Allow a theme to specify that it has *no* parent - Bug #1411004: Pages that are shared with a group are still visible after the user has been removed from the group - Bug #1411090: Update view's "last updated" time (mtime) when view block contents change - Bug #1415183: Pending friend request page needs date/time of request - Bug #1415711: Replace BBCode in the Wall block with TinyMCE - Bug #1417357: Allow "group pages" block to be sorted by date last updated - Bug #1417362: Reduce the size of the "retractable" block settings - Bug #1419399: Improve page rendering speed by loading block contents via AJAX - Bug #1427898: Command-line script to convert 1.9 "text box" artefacts to 1.10 "text" blocks - Bug #1428369: Show last changed date for shared pages on the group homepage - Bug #1417364: Remove the check for SQL "from" and "join" from minaccept script - Bug #1215662: Check for correct version.php numbers in pre-commit script 1.10.2 (2015-01-13) - - Bug 1396565: Error when adding a Group pages block onto a group home page - Bug 1405427: Group forums posts email don't show user name of who posted - Bug 1380203: Giving access to 2 pages only generates 1 access notification - Bug 1384467: CSS is not stripping out bad css attributes anymore - Bug 1387858: Draft journal entries are visible to others - Bug 1394738: Text descriptions of image links on Edit Page need to be modified - Bug 1395627: Visits counter not showing with "small headers" - Bug 1399246: PDF embeds fail in sites with subdomains for user pages - Bug 1400524: Upgrading from 1.7 to 1.10 failed in big databases - Bug 1401313: Command-line updater not detecting core & local upgrades - Bug 1408542: TinyMCE emoticons are not displayed in TinyMCE 4 - Bug 1385818: Font size in "Feedback" block pop-up is too small - Bug 1392700: Images not displayed - blog post by tag - Bug 1394758: cli not returning the 'nothing to upgrade' message when nothing to upgrade anymore - Bug 1397068: Flickr API now requires use of https for endpoint - Bug 1399311: SQL syntax error in cron_event_log_expire on key word SECONDS - Bug 1400511: Cannot cancel comment form after validation fails 1.10.1 (2014-11-26) - 1.10.0 (2014-10-21) - New Features: - - Streamlined easier-to-use "Text" block - - The new "Note" block retains all the removed features of the Text block - - Streamlined rich text editor, with a toggle button to access advanced features - - "Messaging" profile tab replaced with "Social media" tab with newer options - - User messages can be sent to multiple recipients - - Added a "sent" box alongside the inbox for user messages - - Groups: "Objectionable content" button for forum posts - - Groups: Forum moderators can relocate forum posts between forums - - Groups: Option to auto-create a LEAP2a archive of submitted pages - - Groups: More control over which group members receive feedback & shared page notifications - - Admins can customize the templates used for group homepages and new user dashboards and profile pages - - Site option to send users a notification when they're near their file storage quota - - Site option to allow users to hide author name on Pages - - Site admins can disable new user self-registration for all institutions - - API changes: - - Support for generic "module" plugins - - Plugins can include a pre-install "sanity check" method - - New /local/lib.php method for adding sideblocks - - Plugins can add top-level menu items to the main nav menu and the top-right nav menu - - Theme API changes: - - Plugin theme files can be located under /theme - - Themes can have their own lang files - - Support for /local override of theme files - - See https://wiki.mahara.org/index.php/Customising/Themes/1.10 for more info - - Other bugs/changes: - - Bug #548021: Option to not have a display name on Views - Bug #605749: Improvements for "Edit Profile": other messaging services - Bug #681210: Clicking on blog post in tag result list goes to edit mode of blog post - Bug #723225: Collections shared with groups not identified as such - Bug #738263: faulty contact us form with noreplyaddress configdirective - Bug #897586: Searching by user in Shared Pages - Bug #1009262: User passwords logged when LDAP misconfigured - Bug #1024872: Objectionable content button for forum posts and topics - Bug #1036556: Embed PDF - Bug #1070019: Make it more obvious when adding a page to a collection that same access rules apply - Bug #1080518: ID numbers are not aligned with their institution in /admin/users/suspended.php - Bug #1191576: Decrease the text and make it clearer in fewer words who has access to a page by default - Bug #1206306: uninstalled plugins should be listed at top of extensions page - Bug #1208328: Document everything that can go in the /local directory - Bug #1231316: Move posts between forums within groups - Bug #1231755: Allow /local and custom theme override of Plugin templates - Bug #1246702: Notification to more than one recipient - Bug #1250302: A site admin who belongs to an institution with skins disabled, gets an error trying to edit site skins - Bug #1254841: Embedded media files overlap block configuration pop-up - Bug #1259762: Wall posts should use semantic elements - Bug #1259768: Sending a message with a friend request should be more obviously optional - Bug #1261240: Form legends should be made into headings - Bug #1262040: Problems with group artefact permissions due to misuse of $USER->can_view_artefact and $USER->can_edit_artefact - Bug #1262928: Add users by CSV - enforce browse for file button only accepts csv files - Bug #1265097: Navigation links in Administration should be more distinct - Bug #1266586: Thumbnails style image galleries display incorrect - Bug #1266913: "Export users in CSV format" link should have more descriptive text - Bug #1266920: Initials when searching for users should have descriptive hidden text - Bug #1266924: Column headers in User search should have descriptive text added - Bug #1267239: Replace jscalendar with JQuery UI calendar - Bug #1268746: Squelch PHP 5.4+ strict standards errors - Bug #1271778: Orphaned labels should be removed (changed to non-label tags) - Bug #1275581: Update jQuery and jQuery UI to latest compatible versions - Bug #1279996: Separators between items in user menu should be in CSS, not HTML - Bug #1282341: TinyMCE should be upgraded to 4.X - Bug #1285896: "Hide" links in Plugin administration should be made more descriptive - Bug #1287922: error when deleting a journal entry - Bug #1292301: Cannot delete a Google web font - Bug #1295422: Windows 8.1 Touch, drag and drop not working - Bug #1296472: The reset password link should expire - Bug #1297079: When you delete a blog entry, count of blog entries doesn't update - Bug #1297510: Deleting fonts causes 'Invalid Parameter' error - Bug #1297516: Font preview page did NOT display properly - Bug #1298855: Sanity check for plugin installation - Bug #1299993: Improvements to notification system - Bug #1300289: commentlist shows logged in user's icon for anonymous comments - Bug #1300544: retracted blocks shouldn't load content until expanded - Bug #1300741: installation doesn't save email address - Bug #1300997: Add id field to institution table - Bug #1301109: Remove pre-1.1.0 sections of the core plugins' update scripts. - Bug #1302251: MS Office files being seen as zip archives - Bug #1302297: Sort portfolio pages on portfolio page overview - Bug #1303491: Update the Mahara-Moodle assignment plugin to work with the Moodle 2.3+ assignment module - Bug #1303551: Allow new user default view templates to be edited - Bug #1304053: Sort / limit size of mygroups displayed in profile page - Bug #1305275: custom theme goes white on save - Bug #1305308: Site admin should not add background images to site skins - Bug #1305361: Pages are not displayed in many themes except 'default' - Bug #1305451: Content editor sidebar doesn't work on Chrome - Bug #1305481: Adding content to page buggy on Firefox - Bug #1306365: when copy page the originators profile picture carries over - Bug #1307240: on delete of font alert if being used - Bug #1307247: No notifications on pages/artefacts for groups/institutions - Bug #1307294: Disable self-registration by default - Bug #1307760: Problems saving view layout - no option selected by default - Bug #1307777: Improvements to phpunit testing suite - Bug #1307935: notification when a user is about to reach his quota - Bug #1308294: Error in profile_icon_url call - Bug #1308305: Remove IE6 related code - Bug #1308479: License help not found for blocks - Bug #1308792: institution data daily cron failing - Bug #1310761: public group and allow submissions problem - Bug #1310861: marking page objectionable now allows feedback - Bug #1311428: admin homepage alert to new plugins - Bug #1311454: Update lang string for shared page notification - Bug #1311458: Error message when admin adds user to institution and quota is full - Bug #1311860: textbox block config form attachment chooser closed by default - Bug #1311876: textbox attachment chooser tabs cause the config form to shrink - Bug #1311940: Error shown when changing your profile icon to default "Standard or external avatar" - Bug #1311963: Undefined index - Bug #1313963: Pagination in Groups/Topics does not work - Bug #1314012: Document local/lib.php functions - Bug #1314020: wishlist: usability: When listing collections to copy list once - Bug #1314397: Forum "no indent" style sorts posts incorrectly - Bug #1314416: admin account settings page needs success messages - Bug #1314440: Deleting an institution which has user's registrations causes error - Bug #1314460: Progress completion bar giving errors - Bug #1314465: Local hook for adding custom sideblocks - Bug #1314890: Button to reliably copy secret URLs - Bug #1315226: Can't expand "Share with other users and groups" for sharing institution pages - Bug #1315956: Members of a group should be listed based on their role - Bug #1315960: get_default_category() not robust enough - Bug #1316372: Upgrade flowplayer.audio to version 3.2.11 - Bug #1316375: Merge flowplayer 3.2.18 into mahara-flashplayer - Bug #1316407: Update pdf.js to version 1.0.21 - Bug #1316421: Update csstidy to 1.5.2 - Bug #1316425: Update slimbox to 2.05 - Bug #1316912: Update mobiledetect to 2.8.0 - Bug #1317265: Move the setting for "Confirm registration" into institution settings - Bug #1317295: Problem with pagination and plan blocks - Bug #1318290: "Set spam probation:" has a colon too many - Bug #1318430: php max execution time needs to be increased for install - Bug #1318959: add page title to new-page-access notification - Bug #1318995: File import of zipped PDF does not detect filetype correctly - Bug #1319226: The static pages not greying out tinymce when the 'Use site default' option is ticked - Bug #1319243: Translations for the new TinyMCE "toggle toolbar" button - Bug #1319302: Mahara not detecting Tinymce lang packs correctly - Bug #1319601: Error when moving users into instution - Bug #1319634: deleting users via bulk delete causes error - Bug #1320006: Show shared collections on the group homepage - Bug #1320027: Editing a group home page can cause warnings - Bug #1320716: allow collection's page list to be drag/drop sortable - Bug #1321053: Better way to fetch template for some json files - Bug #1321444: Leap2A self-import throws warnings - Bug #1321499: Can't stop masquerading as user if they have a profile field required - Bug #1321941: Include the pagination for submissions in group homepage - Bug #1321972: When placing multiple feedbacks, previous feedback text shows up in text field - Bug #1322387: Allow user csv upload to ignore non-essential mandatory fields - Bug #1323163: Don't let locked views be added to collections - Bug #1323495: Google Maps URLs not working in Google Apps block - Bug #1323911: institution.id column breaks "auth_get_auth_instances_for_wwwroot()" function - Bug #1323921: Provide autocomplete pieforms elements - Bug #1324347: Links for hiding/showing more content need accessibility info - Bug #1324748: Tests broken by changes to set_quota_triggers - Bug #1326160: Artefact file plugin config getting crowded - Bug #1326174: Creating a new group causes warnings using MySQL - Bug #1326205: Error installing triggers for new mahara site in MySQL with dbprefix - Bug #1326593: Group pages paginator and display different for group members compared to group admins - Bug #1326597: Warning of undefined setlimit in blogs - Bug #1327738: Rearrange user quota info - Bug #1327920: Editing a page can be frozen if its content has ".row" element - Bug #1327921: Plugin config params in config.php throw a strict standards notice: "Creating default obect from empty value" - Bug #1328310: Let /local theme files override core theme files - Bug #1328319: Why don't plugin theme directories have a "template" subdirectory? - Bug #1328388: Remove most of the "reply" buttons when a forum is set to "no indent" - Bug #1328705: Other active sessions should be destroyed after changing password - Bug #1328739: Wishlist: Journal's list of entries should show the tags for each entry - Bug #1328740: Table properties cannot be edited in IE10 - Bug #1328768: Wishlist: Generic plugin type - Bug #1329136: Add deletion confirmation message for all files - Bug #1330277: Make add_key() and drop_key() consistent with other DDL functions - Bug #1331319: Using Persona login at the transient login page, does not return you to the page you requested - Bug #1331863: Warning when adding an authentication plugin to an institution - Bug #1333071: htmlpurifier sets different permissions in dataroot - Bug #1334127: Error upgrading from vanilla 1.7 to master - Bug #1334501: Cannot edit HTML code of text box in the block configuration - Bug #1334870: Obsolete js calls need removing - Bug #1335670: Allow submitted work to be archived as a leap2a file - Bug #1335888: Typo in string 1274 - Bug #1336111: Error: class 'ArtefactTypeComment' does not have a method 'validate_config_options' - Bug #1336514: Progress bar sideblock missing 'weight' attribute - Bug #1336529: Buttons don't respond when editing content on 1.9.2 - Bug #1337013: Make block title retract/expand collapsible blocks - Bug #1337547: Static function 'X' should not be abstract - Bug #1337614: Deleting a forum topic works but reports an error - Bug #1337626: Generate page content before initialising smarty - Bug #1337664: Remove warning about ActiveDirectory on LDAP auth "Update user info on login" - Bug #1338394: Tinymce editor can incorrectly appear in profile edit page - Bug #1338410: Duplicate primary key upgrading from Mahara 1.1 - Bug #1339113: simple non-copyable textbox - Bug #1341413: can't add textbox to page in IE10 - Bug #1341427: textbox on advanced tab in skin/design.php overlaps footer in 1.10 - Bug #1343930: Usability improvement: Add 'Edit dashboard' button to home page - Bug #1346926: blockquote displays vertical line - Bug #1347362: bug: Profile progress bar disappears - Bug #1348428: Profile completion: make a friend bug - Bug #1348476: Multirecipientnotification artefact should not be a progressbar option - Bug #1348485: Date fields - Bug #1348595: IE Error in Content/ File management - Bug #1349311: Select All - Bug #1350254: upgrade complains of duplicate cron row - Bug #1350595: bug in error lib file - Bug #1352027: Uploadcsvusers broken fields - maildisabled and authinstance - Bug #1353153: upgrade to 1.9 error when logged in and belonging to an institution - Bug #1353759: Google maps embed not working in Google Apps block - Bug #1353802: Upload users from CSV performance improvements. - Bug #1354266: No need for extra search box on copy page/collection page - Bug #1354286: Allow image map to be rendered by htmlpurifier - Bug #1355572: Blocktype JS includes not loaded correctly on https sites using subdirectory for wwwroot - Bug #1356563: Example plugin issue - Bug #1356672: Main navigation hides behind text box - Bug #1358481: admin account settings page success message broken for self on institution join - Bug #1358582: Group edit and delete buttons should only have the group name in the alt tag but not on the button itself - Bug #1358912: Syntax error when using a logo by id for theme logo - Bug #1359531: Artefact path is not being calculated correctly on file rename - Bug #1360050: IMAP language string for 'Port' is missing - Bug #1360943: In admin extensions the save_config_options function lacks the $form attribute - Bug #1362410: Skins fetching of default 'no thumb' thumb image problem - Bug #1362832: The list of group pages in the group homepage should be paginated - Bug #1362871: Allow a theme lang file - Bug #1364164: Remove IE6 check in help icon function - Bug #1364690: Fix the missing argument in print_export_footer - Bug #1365224: resume pages with tinymce break responsive design on mobile - Bug #1366664: admin page not showing site information block when upgrades available - Bug #1367539: When quota notification threshold is changed, send notifications to users who are now over threshold - Bug #1367998: Errors installing/upgrading 1.10dev via CLI - Bug #1368091: Broken html-tags in report.tpl - Bug #1369315: Can't edit group homepage template on upgraded site - Bug #1369830: Comments in CSS disappear in page skins Custom CSS - Bug #1370830: download checkbox shown as already ticked on folder block when first enabled - Bug #1371460: Missing translations in js/customlayout.js - Bug #1372188: upgrade problem with having the settings array - Bug #1372322: CLI upgrader can't handle plugin forced-installs - Bug #1372536: PluginModule-menu items appear in two menus - Bug #1373170: Description of a skin should be html escaped - Bug #1373917: Inconsistent line break layout in notifications - Bug #1374184: My groups block pagination fails when clean urls are in play - Bug #1374879: Missing language string in user Settings - Bug #1375092: XSS in page content editor - Bug #1375515: new version of jquery not rendering the inline js on pieform elements correctly - Bug #1375521: Pieform form maharatable renderer doesn't respect the isescaped flag - Bug #1376503: Loading groups via csv throwing error Undefined index: allowarchives - Bug #1376997: Date picker not working for certain languages - Bug #1377371: Help text doesn't match functionality for "My groups" sidebar list - Bug #1377377: Make $cfg->renamecopies = false; the default config value - Bug #1377542: The calendar picker is visible directly when adding someone to page access - Bug #1377543: There shouldn't be a notification for gaining access to a group homepage - Bug #1377544: Group member receives page access notification for page they created - Bug #1377556: Shared with - Bug #1377736: XSS Vulnerability adding pages into a collection - Bug #1377764: No visual indicator for where you can drop the first page into a collection - Bug #1378543: Profile picture not showing in forum posts when remote avatar is on - Bug #1378645: Google Maps "my maps" URLs breaking - Bug #1379060: error message shows span tag escaped - Bug #1379086: Change the "Access permissions have changed" notification from a JS popup to an inline CSS thing - Bug #1380003: Forum moderators should be able to move forum topics - Bug #1380201: Access to a collection is sent as page access - Bug #1380433: error with profile icon and gravitar - Bug #1380434: An error appears when importing an extracted portfolio - Bug #1380829: Default notification setting not kept from Mahara 1.9 to 1.10 - Bug #1381715: adjust width in configure block - Bug #1381719: Help icon hard to find - Bug #1381729: Scoial profile and Social Profiles - Bug #1381738: Journal entry TinyMCE missing row toggle button - Bug #1381811: Error when copying collection or editing collection title/description - Bug #1381868: XSS with institution full name on user profile page - Bug #1382159: Profile -> contact information -> address textarea not displaying correctly - Bug #1382890: Message window too large on upgraded site - Bug #1382896: Cannot go to page that has been reported as objectionable - Bug #1382899: Regular user can't see "Objectionable content in forum" as notification type - Bug #1382902: Hard-coded lang strings in multirecipient messages - Bug #1383029: Page not accessible after reporting it as objectionable - 1.9.0 (2014-04-15) - New Features: - Accessibility! W3C WCAG 2.0 level AA (except for some admin pages) - Profile completion progress bar - Institutions can customise static pages (Dashboard, Terms & Conditions, etc) - Institutions can customise their default language - Support for reCAPTCHA on self-registration page - "New user probation" system to discourage spam - "Cookie Consent" system for compliance with the EU cookie law - "Post now" option for forum posts, to bypass post delay - Support for Creative Commons 4.0 licenses - New "Feedback" block, allows placing feedback as a block intead of at the bottom of the page - Can now show image descriptions in "Image Gallery" block - Can specify the sort order of files in a "Folder" block - "Folder" block can now have "Download all as zip" link - Improvements to watchlist notifications - Notification sent to admins when an institution reaches its allowed member limit - "New group page" notification - Elasticsearch shows forum post dates in search results - Elasticsearch plugin now works with MySQL - API: Blocks can provide a custom stylesheet - API: Themes can disable Page Skins - - Security bugs: - Security Bug #1266976: Update to HTMLPurifier 4.6.0 - Security Bug #1284876: Suspended users can log in via password reset email - - Other bugs: - Bug #778254: Split multiple user activity notifications into chunks - Bug #1058416: Copying page in a collection only gives "untitled" title for clean URLs - Bug #1081947: Use of CAST() causes extreme slowdown in large MySQL sites - Bug #1237198: Make Elasticsearch plugin work with MySQL - Bug #1239271: Skin description is not displayed - Bug #1247715: Upgrade to 1.8.0 fails - can't connect to mysql - Bug #1248307: Content chooser panel doesn't work on tablet - Bug #1249123: Users who are in "No Institution" can't use skins - Bug #1249858: Mahara can't figure out mime types because of a finfo() bug - Bug #1252497: editing a skin deletes the creation time from db - Bug #1254394: Can't change auth method on /admin/users/edit.php - Bug #1256118: elasticsearch install hangs if ElasticSearch Server not running - Bug #1257953: public group forum info do not show up in elasticsearch - Bug #1259359: Use of tabindex is confusing for screen readers - Bug #1259378: Profile pictures have inconsistent alt text - Bug #1259393: Required form fields are not obvious to screen readers - Bug #1259397: Dropdown navigation is not accessible - Bug #1259408: The status of notifications in "Recent Activity" is not accessible to screen readers - Bug #1262867: Site search box does not have a label - Bug #1262870: Textarea for posting to a user's wall does not have a label - Bug #1262933: Drag-and-drop page editor is not keyboard-accessible - Bug #1264105: Problem with deleting skins that are attached to a portfolio page - Bug #1265049: forum post notifications have escaped
in message in inbox - Bug #1265629: elasticsearch setup by mahara causes Elasticsearch Server status to go from green to yellow - Bug #1266317: Institution/group ownership of custom flexible layouts - Bug #1267668: Add a "Cookie Consent" link to the Admin Home page. - Bug #1268788: mobile_api_json_reply sends extra stuff at the top, making it invalid json - Bug #1270752: "shared with me" pagination fails with IE 9 - Bug #1270846: no message when incorrect username entered - Bug #1270987: Modal dialogs are not accessible - Bug #1271301: Search and filter forms need labels - Bug #1273492: Group members list cannot be sorted when using elasticsearch - Bug #1275995: Navigation and tabs are broken in IE11 - Bug #1278013: LDAP sync enter list of groups - Bug #1278428: No groups and group files visible although there must be many in 1.8.1 - Bug #1279468: Error with saving extensions - > artefact -> file configuration - Bug #1279523: "Use content from another text box" stops working if pagination is used - Bug #1279530: Attachments section for Text box blocks is not accessible - Bug #1281787: Artefacts not locked in in submitted view - Bug #1283869: page editor adds blank block and screen goes black - Bug #1284878: external feed rss not updating - Bug #1287350: New Google Drive URL - Bug #1287922: error when deleting a journal entry - Bug #1288490: upgrade from 1.8 error - Bug #1288542: Can't open feedback form when HTML editor is turned off - Bug #1290156: spelling mistake in view/index.php 'offest' - Bug #1290649: fonts not working under https - Bug #1292303: Clicking 'All' and 'None' does not work in 'User search' page - Bug #1293803: Adding an profile picture as a background image for a skin causes errors - Bug #1296915: settings page error Undefined index: licensedefault - Bug #1297510: Deleting fonts causes 'Invalid Parameter' error: - Bug #1298717: Saving a customised color in a skin does not work - Bug #1300741: installation doesn't save email address - Bug #1302251: MS Office files being seen as zip archives - Bug #1305275: custom theme goes white on save: - Bug #1305308: Site admin should not add background images to site skins - Bug #1305361: Pages are not displayed in many themes except 'default' - Bug #1305451: Content editor sidebar doesn't work on Chrome - Bug #1305481: Adding content to page buggy on Firefox - Bug #1306365: when copy page the originators profile picture carries over - Bug #661602: Dates on external feed entries are not shown - Bug #974855: "Generate sitemap" option has empty help file - Bug #993676: Members did not show up in second search if the first search found no results - Bug #1013022: Wishlist : enabling to download an entire folder - Bug #1051500: Warning message before deleting journal - Bug #1053708: A full list of Pages don't show up - Bug #1058850: Warning when editing note that all instances are changed - Bug #1064780: Default journal of a Persona auth account doesn't have user's name - Bug #1070046: select query uses more than MAX_JOIN_SIZE on mysql: - Bug #1085744: Could not remove tags with special characters - Bug #1086569: Lang string misleading when inst. staff doesn't have stats access - Bug #1089136: "Add me as friend" results in error message - Bug #1099811: group files error after upgrade - Bug #1145156: Improve resume usability - Bug #1174623: Correct schema drift during 1.0 -> 1.8 upgrades - Bug #1187212: Handle timezone mismatch between webserver and DB (MySQL) server - Bug #1224750: Site files located in a subfolder cannot be accessed by normal users - Bug #1237177: Elastic Search does not find media in a group - Bug #1239928: Prezi doesn't load - Bug #1240244: Deleting an image used for a skin should give a popup warning - Bug #1242220: Show file description on Leap2a import screen - Bug #1245638: elasticsearch 'textbox' results should be under text rather than media - Bug #1246576: Upgrade MobileDetect library to 2.7.1 - Bug #1246580: Upgrade PHPMailer to 5.2.7 - Bug #1247722: Update PEAR libraries for 1.9.0 - Bug #1252885: Hide suspended users' pages from the "Latest Pages" block - Bug #1254396: Skins description textbox should be expandable - Bug #1255361: Error adding files to Institution pages - Bug #1255378: Fill in the missing "key_exists()" method in ddl.php - Bug #1255780: copying collection needs to sort table by collection - Bug #1258970: "Menu" is hardcoded when viewed on small device - Bug #1259372: "Edit Access" image has missing string for alt text - Bug #1259373: HTML editor is not disabled when leaving feedback - Bug #1259377: Explanation when there are no tasks in a plan is unclear - Bug #1259379: Delete buttons need a descriptive (and consistent) value - Bug #1259387: Tabs should include textual information to show their state - Bug #1259388: Input help text should be linked using ARIA - Bug #1259394: Help links in forms are not keyboard-accessible - Bug #1259395: HTML lang attribute is not specified - Bug #1259405: Screen readers are confused by Unsubscribe button in forums - Bug #1259409: "Delete" and "Mark Read" checkboxes in Inbox need labels - Bug #1259411: Table headers in Inbox are not read properly by screen readers - Bug #1259685: Datepicker is not accessible to screen readers - Bug #1259746: Username links are not always read out when using a screen reader - Bug #1259764: Feedback form should use focus management - Bug #1261239: Expanders in forms should use focus management - Bug #1261610: JSDetector adds output to command-line scripts - Bug #1261694: remember the limit parameter on view pages - Bug #1262483: Forms should consistently have errors above the top-level heading - Bug #1262903: The alt text of icons in the file browser should be changed - Bug #1262904: Files cannot be moved from one folder to another without using the mouse - Bug #1262918: Add/Edit buttons in Resume should use focus management - Bug #1262932: Bad data in the DB can cause the schema correction SQL to throw a fatal error - Bug #1263440: Improve lang strings for Cookie Consent - Bug #1264014: Collection Navigation should be a list not a table - Bug #1264429: Set up an institution_config table for configuring institutions - Bug #1265086: "Completed" column for tasks is unclear for screen reader users - Bug #1265102: Focus is not visually apparent when tabbing through the page - Bug #1265104: spelling mistake in additionalhtmlfooter config variable - Bug #1265696: Can't edit access to profile after "Logged-in profile access" turned on - Bug #1265982: Add Creative Commons 4.0 as licence types to CC block - Bug #1266923: Focus should be set to search results if they are loaded with AJAX - Bug #1266934: Institution option for dropdown menus should take precedence over site option - Bug #1267311: Elasticsearch page doesn't have textual description of tab state - Bug #1267861: Page shared to group: notification to page owner - Bug #1268746: Squelch PHP 5.4+ strict standards errors - Bug #1271779: Resume layout on mobile devices - Bug #1272297: Authentication plugin up/down and delete links should be buttons - Bug #1273448: "Attachments" icon in Resume needs alt text - Bug #1273841: Specific form errors should be linked with ARIA - Bug #1273937: Skins form needs to use label elements - Bug #1274083: View an artefact with related skin or theme - Bug #1275481: Dwoo doesn't support Smarty's nl2br syntax - Bug #1276397: Edit and delete buttons need descriptive alt text - Bug #1277276: Results per page combobox needs a label - Bug #1277290: Resume attachments form element should be made accessible - Bug #1277297: Radio buttons in email selector need labels - Bug #1278198: Close button in homepage information should be made accessible - Bug #1278202: Skin previews need descriptive alt text - Bug #1278216: Checkboxes when editing permissions for a page need labels - Bug #1278238: Radio buttons used when importing need labels - Bug #1278667: Two error messages when uploading files without accepting upload agreement - Bug #1279943: Textbox attachments not showing on htdocs/view/artefact.php page - Bug #1280009: Skin edit form should use responsive tabs - Bug #1281877: Colour contrast needs to be improved for accessibility (default theme) - Bug #1282214: Move "Edit site pages" under institution menu - Bug #1282219: Rename "Edit site pages" to "General pages" to "Static pages" - Bug #1283839: institution general pages not set as site default on upgrade - Bug #1284869: Suspended user login attempts show up in "Online Users" list - Bug #1286941: double call of language_select_form() - Bug #1287262: unable to create group home page - Bug #1300289: commentlist shows logged in user's icon for anonymous comments - Bug #1307240: on delete of font alert if being used - Bug #1307294: Disable self-registration by default - Bug #609167: Add group categories default action is page submit, not add - Bug #620161: Distinction between Name and Profile not clear - Bug #633658: Shouldn't viewing and downloading files have the same process? - Bug #646691: Blog account settings still available when blog disabled - Bug #707161: opensslcnf not set (on rhel at least) - Bug #731062: Feedback ratings are not exportable - Bug #731647: Ignore duplicates in CSV upload - Bug #746418: Institution authentication plugin option doesn't exist when creating new institution - Bug #852304: Sending a friend request should return you to the page you were previously on - Bug #892684: Remove the Contact Info block - Bug #898470: Inconsistent "required field" behavior on institution membership page - Bug #995761: Use the same paginator throughout - Bug #996337: Forum post delay setting only sticks after you clicked "Save" - Bug #1034213: When editing the group editablity times with a end date before the start date both dates are greyed out after validation - Bug #1047481: Groups menu 'I want to join' - improvement - Bug #1053223: Publish/Unpublish a journal's entry should change the background - Bug #1064219: "Add page to watchlist" not clear on artefact page - Bug #1067550: /admin/users/bulk.php shows submit button for changing auth method even if only 1 auth method - Bug #1067724: Unable to read language directory - Bug #1075760: reporting objectional material with no message doesn't get sent to admin with digest emails - Bug #1115638: Empty masquerading report needs "none found" type string - Bug #1195120: Delete superflous fullstop on /admin/groups/uploadcsv.php - Bug #1196213: Linking of tags in tag search - Bug #1203082: Change password warning contains escaped html - Bug #1212541: GoogleSpell has been discontinued -- remove it from TinyMCE spellchecker - Bug #1220410: MNet with port number requires port to be in wwwroot - Bug #1220943: Warning when creating a new auth instance in 1.8dev - Bug #1231920: Duplicate tags in page creation gives error message - Bug #1240306: Styling error on add user page if there's a very long institution name - Bug #1246024: error message disappears too fast - Bug #1246573: Upgrade htmlpurifier to 4.5.0 - Bug #1246933: image slider display error - Bug #1247729: Elastic Search: Set the second column to sort by to score - Bug #1247729: Elastic Search: Set the second column to sort by to score - Bug #1250235: View gives error if user could make skins then had option revoked - Bug #1250239: Saving 'no institution' institution gives errors - Bug #1250256: Support for changing the session directory - Bug #1251089: Invalid value for licensedefault - Bug #1253462: Undefined property: stdClass::$urlid after doing feedback - Bug #1253835: Make profile page tabs design responsive - Bug #1259366: Title of 'Tasks' page should be capitalised - Bug #1259401: Dashboard info (Create and Collect, ...) is hard to understand when using a screen reader - Bug #1259402: "Learn more" link when posting on a Wall is not descriptive - Bug #1259689: Skin metadata lightbox is not keyboard-accessible - Bug #1259757: Gender radio buttons need descriptive labels - Bug #1261231: Allow a VERP "bounceprefix" that's not exactly 4 characters - Bug #1261233: Allow a VERP "bounces_ratio" of 0 - Bug #1262487: Row headers in "Edit Access" table are confusing for screen reader users - Bug #1262490: Add buttons in "Edit Access" should have more descriptive text - Bug #1262899: Add buttons in "Edit Access" should move focus to the inserted row - Bug #1262911: In-page tabs should use focus management - Bug #1265061: Add support for regional languages to TinyMCE language detection - Bug #1265088: Description of dual listbox (in Admin) is unclear to screen reader users - Bug #1265091: Pieforms date elements should have "Not specified" before the date picker - Bug #1265098: Register site page title should be more descriptive - Bug #1265099: Some form elements in Administration area need labels - Bug #1265101: License icons need alt text - Bug #1266300: hover over unselected tabs in admin -> users ->reports not showing pointer cursor - Bug #1266624: When using small headers, action buttons break the logical ordering of the page - Bug #1267240: Clicking on new change layout icon needs to warn if navigating away without saving - Bug #1267296: Focus should be set to search results if loaded with AJAX (Administration) - Bug #1267633: It's confusing to hide the "copy for new users" site page access option - Bug #1271391: focus on help box close button in chromium has gap - Bug #1275617: Allow CLI api to specify exit code - Bug #1279529: All attachments tables should be collapsable - Bug #1281121: Method view_has_token uses uninitialized variable - Bug #1282872: Top right "Settings" image should not have alt text - Bug #1285414: User search column headers should include text to explain sort order - Bug #1285890: Set focus to new row when adding a group category - Bug #1285892: Title of "Group categories" page should be made more descriptive - Bug #1290672: PluginArtefactResume should extend PluginArtefact - Bug #1297516: Font preview page did NOT display properly - Bug #1298129: Multicolumntable pieform help is broken - Bug #1298671: The link in the skin thumbnail header should be not displayed in Chromium - Bug #1301096: Eliminate redundant &obsolete get_mime_type() function - Bug #817372: Override forum post delay for individual groups and/or forums - Bug #817373: Add ability to 'send now' on a forum post - Bug #833867: Add "Show Description" to Image Gallery - Bug #1027260: Warning when deleting a page that is used in a collection - Bug #1041228: Improve watchlist notifications - Bug #1204699: Mahara does not notify administrators if institutional membership is full - Bug #1223069: Site files accessible in "Links and resources" sidebar - Bug #1233896: Sort files in the "Folder" block - Bug #1237013: Allow theme to turn off skins - Bug #1245679: Place feedback for a view in a block rather at base of page - Bug #1246547: Give a different error message for an expired registration key than for an invalid registration key - Bug #1248318: Allow $SESSION messages to be displayed in alternative places - Bug #1252098: Wishlist: reCAPTCHA support - Bug #1252101: Wishlist: Prevent new users from taking spammy actions - Bug #1254299: Institutional Specific Dashboard - Bug #1258130: Directive on Privacy and Electronic Communications - Bug #1259538: "Progress bar" based on Institution selected preferences - Bug #1259741: "Jump to Content" link should be included for screen reader users - Bug #1259773: Having group links as a bulleted list in sidebar is confusing for screen reader users - Bug #1262477: First column in Inbox should have a hidden header - Bug #1266320: Feature request: Institution-specific default languages - Bug #1266907: Edit/Add License page titles should be more descriptive - Bug #1272240: New group page notification - Bug #1273542: Add Creative Commons 4.0 as licence types to the admin-controlled licenses - Bug #1273931: It is impossible to add custom CSS for blocks - Bug #1281364: Let users from controlled-registration institutions delete their accounts - Bug #1281847: Elasticsearch: Show forum post dates in search results 1.8.2 (2014-04-03) - Bug 1239461: External feed has duplicate rows causing problems - Bug 1249858: Mahara can't figure out mime types because of a finfo() bug - Bug 1256118: elasticsearch install hangs if ElasticSearch Server not running - Bug 1257953: public group forum info do not show up in elasticsearch - Bug 1262050: Same profile picture used on "Shared with me" - Bug 1264105: Problem with deleting skins that are attached to a portfolio page - Bug 1265049: forum post notifications have escaped
in message in inbox - Bug 1266317: Institution/group ownership of custom flexible layouts - Bug 1266976: Update to HTMLPurifier 4.6.0 - Bug 1268788: mobile_api_json_reply sends extra stuff at the top, making it invalid json - Bug 1270752: "shared with me" pagination fails with IE 9 - Bug 1284876: Suspended users can log in via password reset email - Bug 1284878: external feed rss not updating - Bug 1287350: New Google Drive URL - Bug 1290649: fonts not working under https - Bug 1064780: Default journal of a Persona auth account doesn't have user's name - Bug 1070046: select query uses more than MAX_JOIN_SIZE on mysql - Bug 1086569: Lang string misleading when inst. staff doesn't have stats access - Bug 1099811: group files error after upgrade - Bug 1239928: Prezi doesn't load - Bug 1259377: Explanation when there are no tasks in a plan is unclear - Bug 1262932: Bad data in the DB can cause the schema correction SQL to throw a fatal error - Bug 1278667: Two error messages when uploading files without accepting upload agreement - Bug 1284869: Suspended user login attempts show up in "Online Users" list - Bug 1287262: unable to create group home page - Bug 1064219: "Add page to watchlist" not clear on artefact page - Bug 1067724: Unable to read language directory - Bug 1195120: Delete superflous fullstop on /admin/groups/uploadcsv.php - Bug 1203082: Change password warning contains escaped html - Bug 1231920: Duplicate tags in page creation gives error message - Bug 1253462: Undefined property: stdClass::$urlid after doing feedback - Bug 1267240: Clicking on new change layout icon needs to warn if navigating away without saving 1.8.1 (2013-12-18) - Bug 1247715: MySQLi driver errors out with non-default port number - Bug 1246024: Error message fading too fast to read - Bug 1053708: Problems when changing the page size in the paginator - Bug 1058416: Properly setting the clean URL for copied pages - Bug 1255361: Error when a site admin tries to attach a file to an institution page - Bug 1250239: Errors while changing settings for "No Institution" - Bug 996337: Forum post delay not properly displayed - Bug 974855: Missing help file for "generate sitemap" option - Bug 1248307: When device detection is on, show radio button - Bug 1254394: User auth method can't be changed - Bug 1255378: Fill in missing "find_key-name()" method implementation - Bug 1081947: Removing usage of CAST() for MySQL optimization - Bug 1174623: Sites upgraded from 1.0 missing some keys and indexes - Bug 1067550: On bulk user edit page, don't show "change auth" if there's only 1 auth - Bug 1075760: Empty objectionable material reports not included in digest emails - Bug 1196213: On "my tags" page, tags not linked for most users - Bug 1237177: Elasticsearch: not including group content - Bug 1245638: Elasticsearch: Textboxes should be indexed as text rather than media - Bug 1247729: Elasticsearch: Set 2nd column to sort by score/relevance - Bug 1252497: Skins: creation date overwritten on edit - Bug 1249123: Skins: Allow to specify where "No Institution" should allow skins - Bug 1239271: Skins: description not displayed - 1.8.0 (2013-10-24) - New features: -- Turned the block chooser vertical and scrolling, to accomodate longer Pages -- The Image block and Text Box block are now conveniently at the top of the block chooser -- Page layouts can now have rows as well as columns -- Users can import leap2a files into their existing Mahara account -- PDF block allows PDFs to be viewed inline in a Page -- Resume elements can have attachments -- Notes (and text box blocks) can have attachments -- Users are notified when they try to navigate away from a page with unsaved changes -- Many more types of user content can have tags -- Resume entries for electronic publications can now be hotlinks -- Drag-and-drop to upload files -- Page skins, which give individual users the ability to change the CSS of their Pages -- Admins can search for users with duplicate email addresses -- Admins can filter user search by auth method -- Elasticsearch search plugin -- "Additional HTML" config option for things such as Google Analytics -- A cron job in the LDAP auth plugin to synchronize Mahara accounts with LDAP - Security Bug #1034180: A group member with no access rights to folder can still view it - Security Bug #1236636: Can attach other users' Folders to your Image Gallery block - Bug #1180625: Update ADOdb library to version 5.18 - Bug #1187964: Use adodb "mysqli" instead of "mysql" - Bug #1180624: Add support for SQL temp tables - Bug #1184450: Add mysql collation mode to pre-install sanity check - Bug #1235305: Image slideshow fails first time when selecting 'Style: Slideshow' - Bug #1045563: Email address in the 'Required profile fields' form must be validated - Bug #1097565: Automatic account expiry doesn't happen - Bug #1140836: 'Max. items per page' doesn't work for group pages - Bug #1160093: Don't display a remote username on /admin/users/edit.php if no remote username exists - Bug #1187963: Updating group members by CSV caused existing group admins removed - Bug #1211621: Centralized license and copyright info from file headers into README - Bug #1214124: Improve stylesheet cacheing - Bug #1239539: Registration: Force Terms and Conditions - error text - Bug #993676: Members did not show up in second search if the first search found no results - Bug #1046114: Errors when adding new institution members - Bug #1127801: consecutive deleted forum posts for same user should be grouped - Bug #1158086: Forum: error after deleting a post that is the child of another deleted post - Bug #1187571: Updating groups by CSV caused 'Not found' page - Bug #1193757: Institution admin needs tob e able to change auth method "No institution" to one of their own - Bug #1203965: Increase number of characters in collection tabs - Bug #1204309: Edit forum post error if parent is deleted - Bug #1220639: mp4 file has wrong icon - Bug #1223063: Deleting display name does not remove it - Bug #1234487: Put the system requirements for each Mahara release into README - Bug #1238407: Mahara 1.0 upgrade path depends on no-longer-supported "ENGINE=INNODB" - Bug #1240746: Plans page displaying 1 block of text when I used 3 paragraphs - Bug #1242263: Switch suspension reason and "Suspend" button around - Bug #703980: personal information pulled into add resume even if there is nothing in it - Bug #959926: No warning when deleting a profile picture that is used in a portfolio page - Bug #1017281: The pagination drop down shows when less than 10 entries on the page. - Bug #1078591: ClamAV path missing/not detected. No option to provide path to Clamav - Bug #1114790: masqueradingreasonrequireddescription string is misleading about settings - Bug #1165300: Year not shown for post dates on "Topics" - Bug #1166578: auth/session.php incorrectly multiplies $cfg->session_timeout by 60 - Bug #1168422: clamdscan permission issues - Bug #1182649: uploading multiple files - only last one gets marked complete - Bug #1191605: blocktype/externalfeed/lib.php throws array_chunk errors - Bug #1201052: Notification to anonymous user when comment was submitted - Bug #1201055: Change lang string for updated comments when moderation is turned on - Bug #1208287: Clarify error message in Mahara syntax checker about table names with {} - Bug #1211161: Creating a new group with cleanurls active, throws a warning - Bug #1220108: 'usersuniquebyusername' config option not in lib/config-defaults.php - Bug #1222200: Make the masquerade "Log in anyway" link more noticeable to admins - Bug #1230044: Wording in password reset phrase in English - Bug #547386: Linking to electronic publications - Bug #680710: Revive the Solr plugin using elasticsearch - Bug #1036556: Embed PDF - Bug #1046750: Show more of the file name - Bug #1050297: drag & drop content from desktop - Bug #1073625: Add additional html interface - Bug #1083263: Filter by auth method in "User search" - Bug #1103942: Allow uploading attachments to Resume composites - Bug #1117237: Allow uploading attachments to Textboxes/Notes - Bug #1166499: Filter out accounts with duplicate email address - Bug #1168213: Wishlist/Feature Request: Customise page themes (skins) - Bug #1180622: Integrate Patrick Pollet's ldap sync plugin into the core auth/ldap plugin - Bug #1180997: Add tagging feature for all user's content - Bug #1182739: Display a warning message when navigating away without saving - Bug #1183612: Make it easier to change a user's profile picture - Bug #1185209: Allow existing users to import LEAP2A content into their portfolio - Bug #1190720: Edit access page needs default share with text - Bug #1194672: Drop-down navigation option be overridden at institutional level - Bug #1197154: Hide or move the "Retractable" and "Automatically retract" controls for blocks - Bug #1201258: artefact chooser panel - Bug #1193936: License info is NOT updated when using content from other text boxes - Bug #1235813: "Your entire resume" should be "My entire resume" - Bug #959926: No warning when deleting a profile picture that is used in a portfolio page 1.7.3 (2013-10-03) - Bug #1211758 Security bug: Arbitrary image download - Bug #1175446 Security bug: user supplied $_SERVER['HTTP_HOST'] can be used for injections - Bug #1233500 Security bug: Not checking ownership of blocks before editing them - Bug #1158625 Make profile information not avaialble for public when not shared - Bug #1207140 The embedded iframe filter doesn't support scheme-relative URLs such as "//youtube.com" (now used in the YouTube and Vi$ - Bug #1218091 Pager in search in a block doesn't work - Bug #1195489 After installation, make the installer "jump" to the "Continue" link at the bottom of the page - Bug #1214647 When an auth instance is deleted, disable it as a parent authority - Bug #1215190 LDAP support for non-standard port LDAP Urls - Bug #1215702 Reduce false positives in syntax checker for unbracketed SQL tables - Bug #1218684 Alt tag in the artefact chooser panel only says "Preview" - Bug #1219499 Some RSS feed channel images are rendered too large in External feeds block - Bug #1222368 Missing lang string for group page with clean URL - Bug #1227372 Missing lang string for existing URL on allowed iframes - Bug #1095208 uploading a file - "Loading" message remains - Bug #1165592 "Cron is not running" not displayed in red anymous - Bug #1188001 Page view throws headdata warning, if group submissions enabled - Bug #1213908 Undefined variable $id in group/report.php - Bug #1072972 Internal search ignores 'KATAKANA-HIRAGANA PROLONGED SOUND MARK' 1.7.2 (2013-07-25) - Bug #1177187: program code error when create new rss feed in mahara 1.7.1 - Bug #1130990: creating a journal with licence requirements on causes errors - Bug #1132660: "invite user to group" form on user profile page throws headdata error - Bug #1166879: Multiple blogs parameter uncheck when profile is updated - Bug #1171310: Can bypass comment moderation by editing a comment - Bug #1180194: Changing the auth method requires info about remoteuser getting lost - Bug #1180243: Installation hangs with "Mahara requires InnoDB tables" on mysql 5.6 - Bug #1190186: Masquerading sessions report fails if database tables have prefix - Bug #1191453: Don't show password in cleartext - Bug #1171365: Resume: Let user set gender to "unspecified" - Bug #1179299: "Other (enter URL" not translatable for license - Bug #1180263: Help not shown in edit note/text box form - Bug #1185661: HTML export doesn't list Pages on the index page - Bug #1195269: Resume "birthdate" field, if empty auto-fills to 1 Jan 1970 - Bug #1150831: Trailing slash missing in directory URL 1.7.1 (2013-05-02) - Bug #1171714: Bug that can cause RSS feeds to be randomly copied between users - Bug #1016253: Don't include RSS block passwords in Leap2A archives - Bug #1016253: Fix terminal error when there's a mistake in an authenticated RSS feed - Bug #1016253: Don't send RSS block passwords to the browser in plain text - Bug #1172096: If the URL of an RSS feed block is changed, force password re-entry - Bug #1088609: Fix moderation of anonymous comments - Bug #1170587: Potential artefacts installation issue - Bug #1171641: Correct license code's support for $cfg->dbprefix - Bug #1168617: Add missing tooltip text to group admin page - Bug #1165587: Updating YouTube favicon for externalmedia block - Bug #788882: Fix decompression of ZIP files containing subdirectories - Bug #1173440: Address bug in group edit form when cleanurls toggled on & off - Bug #1051792: Fix a warning when uploading users via CSV - Bug #1101984: Make filebrowser error messages have a red background - Bug #1174540: Fix warnings when licenses are disabled - Bug #1039865: Remove explicit CAST to improve MySQL performance during upgrade - 1.7.1 (2013-05-02) - Bug #1171714: Bug that can cause RSS feeds to be randomly copied between users - Bug #1016253: Don't include RSS block passwords in Leap2A archives - Bug #1016253: Fix terminal error when there's a mistake in an authenticated RSS feed - Bug #1016253: Don't send RSS block passwords to the browser in plain text - Bug #1172096: If the URL of an RSS feed block is changed, force password re-entry - Bug #1088609: Fix moderation of anonymous comments - Bug #1170587: Potential artefacts installation issue - Bug #1171641: Correct license code's support for $cfg->dbprefix - Bug #1168617: Add missing tooltip text to group admin page - Bug #1165587: Updating YouTube favicon for externalmedia block - Bug #788882: Fix decompression of ZIP files containing subdirectories - Bug #1173440: Address bug in group edit form when cleanurls toggled on & off - Bug #1051792: Fix a warning when uploading users via CSV - Bug #1101984: Make filebrowser error messages have a red background - Bug #1174540: Fix warnings when licenses are disabled - 1.7.0 (2013-04-19) - Bug 1100187: First option under "manage institutions", institution is not capitalised - Bug 1100024: Relocate "Shared pages" menu item - Bug 1095499: License metadata for every artefact - Bug 1085566: Add logged in filter to admin search - Bug 1081194: Add 'groups I can join' to groups search condition and make it default - Bug 1051868: Add support for "retractable" blocks - Bug 1040337: Upgraded TinyMCE to 3.5.8 - Bug 1033070: Increase limit on group members block - Bug 1027574: Improve logging of what admins do while masqueraded - Bug 939299: Display more collections on the overview page - Bug 1100030: Take out word-break in the CSS - Bug 1057259: Add year to forum post dates - Bug 1051497: Correct word spacing between posts and entries on journal page - Bug 1050655: forum post notification subject should be the post subject not the topic subject - Bug 1021653: Ensure length of input fields is sufficient for required data - Bug 1006706: Missing lang strings in view/urls.php - Bug 952625: Pending registrations have an unreasonable expiry time - Bug 920263: Make "Institution expiry date" column not be in italics - Bug 913320: Separate "Suspend / delete user" on /admin/users/edit.php - Bug 1100104: Account deleted notice to include contact information - Bug 1100066: dwoo function str doesn't take extra arguments that are "0" - Bug 1073136: Fix ordering of forums when there are more than 10 forums - Bug 1072850: Facebook doesn't pick up Mahara's Facebook logo - Bug 1069811: Quota exceeded message for groups - Bug 1069664: "Text on background" does not change for top right-hand corner in configurable theme - Bug 1068962: "Delete users" button should be red on /admin/users/suspended.php - Bug 1051529: Activating spellchecker brings up warning - Bug 1046617: hard-coded plural logic on /group/find.php - Bug 1023834: Refactor login form elements code duplication - Bug 1154928: Warning when adding a new user or add users via CSV - Bug 1145178: Warning after installing other language packs - Bug 1095834: Wrong result when searching for the special string: '0' - Bug 1089730: Plain editor not available in Resume area instead of WYSIWYG editor - Bug 1081309: export fails if files missing from dataroot - Bug 1079451: split function is deprecated but still used - Bug 1074974: WMV files are not recognized by Internal Media block when uploaded directly in the block - Bug 1072967: Add user-unique message IDs to forum emails - Bug 1069274: "Allow copying" is not shown on the institution and site access list - Bug 1068952: Update of user information brings warnings - Bug 1056544: The number of topics on /interaction/forum/view.php doesn't count the sticky topics - Bug 1111066: define('CLI') should bypass auth_setup() in init.php - Bug 1091506: Allowed iframe sources page doesn't allow sideblocks - Bug 1091504: Suspended and expired users page is not displayed as selected in menu - Bug 1031560: json_headers change to use application/json - Bug 1046647: Warnings when access "Group files" tab - Bug 1046641: "Group files" tab does not show up until the user re-login. - Bug 900983: Notification after user has been masqueraded 1.6.4 (2013-04-15) - Bug #1153423 Stored XSS in TinyMCE editor - Bug #1141446 Google presentation embed code doesn't work 1.6.3 (2013-02-15) - Bug #1082416 XMLRPC with Firefox 17.0 not possible - Bug #1091764 Cross site Scripting(XSS) Vulnerability in notes page - Bug #1103748 included flowplayer 3.2.7 is vulnerable - Bug #1113180 Delete Wall Post Throws 404 Error - Bug #1115832 collection navigation links break after "show more" with cleanurls - Bug #1089282 Pagination links are broken due to encoding of encoded ampersands - Bug #1090203 Double encoding of & in 'url' for pagination causes pagination links to be broken - Bug #1085569 Link to user profile takes on comment ID - Bug #1097788 forum next page link - 1.6.2 (2012-11-23) - Bug #1079498: Fix XSS in pagination URL - Fix the rss image exceptions preventing updating (Bug #1081431) - Check originals directory before iterator in upgrade (Bug #1080498) - Fix mnet jump-back link regression (Bug #1079260) - Escape table names in profile image query (Bug #1077013) - 1.6.1 (2012-10-24) - Fix regression with mobile upload token (Bug #1057878) - 1.6.0 (2012-10-19) - A new "responsive theme", designed to work fluidly on many screen sizes; especially mobile devices - Members of multiple institutions can decide which theme to use - Basic support for theming logged-out users - Option for images to be resized at upload time - Ability to add journal entries directly from a page - Tagged journal entries block can show full entries - Collections can be submitted to groups - Mobile uploads support multiple devices - Mobile API support for journal entries and attaching files to journal entries - Mobile API support for syncing messages, tags, files, and journals - Breadcrumbs in small headers are visible at all times - New "Unpublish" button for journal entries - Optional "Clean URLs" for user profiles, portfolio page, groups and group pages with support for subdomains - More sorting options on member's listing in a group - Collections are available for groups, institutions and on the site level - Group information expanded to include number of forums, topics and posts - Group admins can enable and view participation reports within groups - Editability of group content can be limited with a start and end time - Pagination for forum topics - Statistics for institutions and more statistics at the site level - Cron error message appears red for visibility - Option to add institution staff rights during registration approval - Configurable SafeIframe site list - Option to allow self registration process for users authenticating via Persona - Cron can poll an imap inbox for mail bounces - Option to allow local customisation of "Edit site pages" list - "User search" in the admin area links to profile pages - 1.6rc1 (2012-09-17) - - First Release Candidate for 1.6.0 1.5.2 (2012-07-31) - Logged-in user's name unescaped in top right header - BrowserID changed login URL - Textbox upgrade inserts too many rows per query in MySQL - sprintf function problems with pluralrule - "Copy page" button on group homepage to always copy page into personal portfolio 1.5.1 (2012-05-04) - Use MySQL database collation for string literals (bug #985608) - Make download.php publicly accessible (bug #979538) 1.5.0 (2012-04-17) - A new theme for younger students called "Primary School" - Optional drop-down menus for the site navigation - Support for institution logos to replace the site header logo - New institution theme with configurable colours - Reusable text boxes, a.k.a. "Notes" - Block to display journal entries with a particular tag - Block to display a user's watchlist - Improvements to online users sideblock (e.g. limit on number of users to display) - Image gallery displays external galleries (flickr, Panoramio, Photobucket, Picasa, Windows Live) - Support for embedding content from Glogster, Prezi, Slideshare, Vimeo, Voki and WikiEducator - Add an option to include feedback in HTML export - Implementation of the SafeIFrame feature of HTML Purifier to facilitate the use of specified iFrames - Copying of collections - Pages and collections can be shared with institutions - Allow original author of a copyable page to retain permission to see copies of the page - More search options on "Shared pages" - Added and updated many help texts and descriptions - Improvements to search usability - WYSIWYG fullscreen option - Profile pictures are available in the files area - Multiple file uploads - Institution landing page listing institution admins and staff - Users can suggest and invite others to groups - Group admins can hide members - Group and group member CSV uploads - Group file quotas - Admins can suspend, delete, and change the authentication method for multiple users in one action - Admin report on user pages access lists - Support for custom links in the footer menu - User file quotas are configurable by institution and visible on the user accounts page - Set general account preferences when adding users for internal authentication - Allow institutions more control over access to user profiles - Allow site admin to specify a default notification method for new users - MNet key regeneration button and functions to export dashboard info to Moodle - User CSV upload can make updates to existing users - Sitemap generation - CLI install and upgrade abilities for unattended installations - BrowserID authentication method - More user-friendly password policy with password salts, bcrypt storage and brute force prevention - Student ID and display name can be set from LDAP - Confirmation of new user registrations via self-registration method prior to account creation 1.4.2 (2012-03-06) - Fix PHP Fatal Error in user/view.php (Bug #885588) - Fixes to Selenium tests - Blog block pagination bug prevents images from being displayed (Bug #886581) - Fixed youtube filter Bug #884438 - Ensure that default SAML behaviour is to match user to remote user name (Bug #932909) - Update the registration URL to support SSL (Bug #943772) 1.4.1 (2011-11-01) - XSS in unvalidated URI attributes (CVE-2011-2771) - Information disclosure exposing private messages (CVE-2011-2774) - DoS via invalid or excessively large images (CVE-2011-2773) - CSRF to trick admins into adding a user to an institution (CVE-2011-2773) - Fix broken links on export page - Fix problems with blog, plan and comment pagination, and comment deletion - Fix embedding issues with google docs and multimedia content - Fix issues preventing tinymce and pieforms javascript loading for text areas - Fix fatal errors for collections and image galleries - Fix issues with settings for search plugin and mail preferences - Ensure that bulk imported users are forced to change passwords 1.4.0 (2011-06-14) - new Google Apps and Image Gallery blocks - star ratings with comments - easier page for sharing content with others - ability to add comments on file artefacts - support for SSL-based SMTP and LDAP servers - administration interace for mail server configuration - remote avatar (Gravatar) support for HTTPS sites - "views" are now "pages" and "blogs" are now "journals" - lots of small changes to make the interface more consistent - pages can now display more than one embedded video at a time - added a fullscreen button to the internal video player - added spellchecker and undo button to the WYSIWYG editor - spam checks now also performed on forum posts - support for new Youtube Iframe embed code - optional site-wide maximum quota - working start/stop overrides on pages - removal of the obsolete and broken Solr search plugin - removal of the httpswwwroot setting - removal of the .htaccess file 1.3.6 (2011-05-10) - Privilege escalations (CVE-2011-1402) - Fixes to session key validation (CVE-2011-1403) - Information disclosure in AJAX calls (CVE-2011-1404) - Sanitisation of HTML emails (CVE-2011-1405) - https to http downgrade (CVE-2011-1406) 1.3.5 (2011-03-29) - Upgrade to HTML Purifier 4.3.0 (includes security fixes) 1.3.4 (2011-03-24) - Blogs get deleted without sesskey check (CVE 2011-0440) - XSS in select box validation (CVE 2011-0439) - Leap2A fixes - Fix for out of memory errors 1.3.3 (2010-11-07) - Fix for XSS vulnerability (CVE-2010-3871) - Fixes to category namespaces and encoding in Leap2a import/export - Updates to selenium tests - Fixes to permissions in secret URL views and feedback attachments - Fixes in view creation wizard, embedded media block, js calendar 1.3.2 (2010-10-08) - Bug fixes to group homepage, blogs, LDAP authentication, view themes, and embedded video. 1.3.1 (2010-09-17) - Bug fixes in upgrade from 1.2.x - Browse user files while in group views - Reporting of max file size errors on upload - Fix missing logged out language selector - Minor fixes in UI workflow, themes & default language pack 1.3.0 (2010-09-10) - User-configurable home page (Dashboard View) - Simpler main navigation - Basic Mahara information & help on home page - View/artefact feedback enhancements: - Collections (sets of Views that are linked to one another) - Plans (task lists) - Users can change the theme for individual views - Support for Gravatar profile icons - Configurable number of items in external feed, blog blocks - New block types: notifications, recently modified views, recent forum posts - More user-friendly notifications & help text - Show entire thread when replying to personal messages - External objects that have or tags can be embedded into blog posts, text boxes or uploaded within an HTML file - Locking of blogposts and files in submitted views - Atom feeds for public blogs and forums - new flash-based video player with support for .mp4 files (H.264) - Moodle Repository plugin support (allows a user's Mahara files to be accessed from their Moodle account) - Portfolio API to allow import of artefacts from Moodle over MNET. - Configurable group home page (Group Homepage View) - Improved ways to add/invite users to invite only and "course membership" groups: - View submission from group page and from the view itself - Group categories for use in group searches - Admin group management page for group deletion/assignment of group admins - Groups can disable new view access notifictions - View access to group only notified when the view owner also belongs to the group - Bulk user import & export (experimental) - CAPTCHAs replaced with new anti-spam features to make form-filling difficult for bots & check urls in content against known spam blacklists - Site statistics & graphs in admin area - Admin page shows link to latest Mahara release & status of cron - Admin site options grouped into sections - Record number of page hits on views & display these to the owner - Facility to disable email addresses after receiving multiple bounces. - Footer links can be disabled/enabled - Online users can be disabled - Indenting of threads can be disabled per-forum - Active user sessions revoked on suspension - Full security review of all db queries & templates; automatic template escaping enabled - New version of HTMLPurifier allows safe and tags in user html content - Search options to make users always searchable by their real names & usernames - Leap2a support updated to version 2010-07 1.2.6 (2010-09-01) - Better mimetype detection - New flash-based video player - Bug fixes including upgrade from 1.0.x, blogpost image button - 1.2.5 (2010-07-02) - Multiple XSS vulnerabilities (CVE-2010-1667) - Multiple CSRF vulnerabilities (CVE-2010-1668) - SQL Injection (CVE-2010-1669) - Removal of dangerous auth plugin configuration options (CVE-2010-1670) - New version of HTML Purifier fixing an IE-only XSS (CVE-2010-2479) - Better handling of cron events to avoid sending duplicate emails - Fix problems when mime_content_type() is missing - Improved detection of https on Windows - Set the correct envolope sender for emails sent on cron - Set the locale in Mahara instead of in language packs 1.2.4 (2010-04-06) - Bug fixes 1.2.3 (2010-02-08) - New authentication plugin: SAML - Various Internet Explorer Fixes - Blog post deletion fixes 1.2.2 (2009-12-08) - Fix for broken upgrade in 1.2.1 1.2.1 (2009-12-08) - Bug fixes 1.2.0 (2009-11-16) - Mahara now ships with six themes: Aqua, Default, Fresh, Raw, Sunset, Ultima - Site admins can now disable artefact and blocktype plugins - Files section rewritten: works without javascript, uploading is easier - Can extract .zip, .tar.gz and .tar.bz2 files in the files area - Full Import/Export system with LEAP2A suport, and static HTML export - Support for submitting views to MNET Peers for assessment (e.g. Moodle) - View interface sped up, files can be uploaded on the View screen - UTF8 database now required for new installs (old installs will continue to work) - Allow more group type/join type combinations, and more control over group creation - Simplifications to the blog (all users get one blog to start with) - Added a new blocktype for specifying a license for a View - RTL language pack support - Upgraded tinyMCE to version 3.2.5 - Replaced Smarty with Dwoo 1.1.7 (2009-10-29) - Upgraded HTMLPurifier to 4.0.0 - Fix creation of duplicate user accounts when using LDAP and XMLRPC authentication - HTTPS logins supported - Improvements to MNET: windows profile icon importing & links in emails - Implemented "update user info on login" flag for LDAP - CVE-2009-3298: Privelege escalation vulnerability - CVE-2009-3299: Cross site scripting in resume - Several bug fixes and minor translation updates across Mahara 1.1.6 (2009-08-04) - Forum e-mail notifications now have a cleaner format, and allow users to unsubscribe immediately. - Enforce UTF8 database upon installation. - Upgraded bundled XML feed reader to 1.0.3, multiple bug fixes to RSS handling. - Wall posts now have a configurable character limit. - Fixed a very slow query affecting My Groups and user profile pages. - Many bug fixes across all areas of Mahara. 1.1.5 (2009-06-22) - Czech strings for Pieforms library - Bug fixes for embedded media block, multibyte character string handling, - public forums, email notifications - Security fixes: multiple xss bugs and information disclosure bug for user files. 1.1.4 (2009-06-11) - Dutch and Slovenian translations of pieform strings. - Spanish translation of TinyMCE. - Increase number of users shown on the admin/staff pages, and sort listing. - List user institutions on profile page and search results. - Bugfixes to view feedback, embedded media mimetypes, SSO, and more. 1.1.3 (2009-04-22) - Fixed XSS vulnerabilities in user views (CVE-2009-0664) - Prevent arbitrary code execution in html2text library (CVE-2008-5619) - Allow course groups with membership by request - Many minor improvements and bug fixes 1.1.2 (2009-03-10) - Fixed multiple XSS vulnerabilities in user profile data and blogs (CVE-2009-0660) - minor fixes to portfolio import, html validation, default theme and upgrade path from 1.0 - added support for embedding slideshare widgets 1.1.1 (2009-02-27) - a few fixes to the upgrade path from 1.0 1.1.0 (2009-02-26) - raft of new features over the 1.0 series of Mahara - ability to copy Views - many improvements to Groups - ability to import content from other systems (such as Moodle 2.0) - user profile pages such as Views - many other smaller improvements and bugfixes have been made. 1.0.9 (2009-01-29) - small bugfixes and minor layout improvements - fixes the blank screens some people were seeing upon installation - filters HTML that is used in the forums 1.0.8 (2009-01-07) - fixes a bug that prevented email from being sent - makes it much easier to install new language packs 1.0.7 (2008-12-23) - increases the memory limit available to Mahara - adds a 'powered by mahara' icon and link to the footer - a few bugfixes 1.0.6 (2008-11-04) - security fixes for vulnerabilities in 3rd party libraries 1.0.5 (2008-09-25) - bug and stability fixes around user authentication and MNET 1.0.4 (2008-06-25) - bug and stability fixes around the administration section 1.0.3 (2008-06-13) - HTTP level performance improvements - some MySQL fixes - improvement to "login as" functionality - some other bugfixes 1.0.2 (2007-04-28) - more usability work for the Views interface - bugfixes for videos in Views - RSS blocktype is greatly improved, with the ability to show the feed icon and a full view of the feed - bugfixes for SSO, authentication, and search. 1.0.1 (2008-04-09) - minor bugfixes to the Resume, SSO, and MySQL support