- Minor XSS fixes.
Release notes: There are no database changes in this release. Changed files:
/themes/flow/js/global.js
/themes/flow/templates/partial/_account_home_javascript.inc.php
/themes/flow/templates/delete_file.html
/themes/blue_v2/templates/delete_file.html
/core/includes/uploader.class.php
v4.5.1
- General Data Protection Regulation (GDPR):
- Added checkbox onto registration page to confirm acceptance of terms.
- Added privacy policy and linked it into the site footer.
- Added optional cookie notice to front-end pages. Enabled by default, control via the admin area, site settings.
- Added checkbox on account edit page to unsubscribe from site mailing list.
- Set all users to be unsubscribed by default, as per GDPR requirements. Users must opt in to subscribe.
Release Notes: There are database changes within this release. See /install/resources/upgrade_sql_statements/v4.5 - v4.5.1.sql. To patch only changed files, see \install\resources\upgrade_file_diffs\V4-5_to_V4-5-1_DIFF.txt.
v4.5
- Bundled payment gateway API with support for over 50 gateways using Omnipay. Includes:
- Stripe, BitPay, PaySera, WebMoney, Coinbase & lots more.
- Replacement of mcrypt functions with OpenSSL for PHP7.2+.
- API changes - New admin only endpoints:
- /account/create
- /account/edit
- /account/delete
- /package/listing
- Added optional CDN support for image previews and thumbnails. (via file server management)
- Added optional captcha to user login screen.
- Added optional captcha to admin login screen.
- Big changes to how the delete file process works within the code:
- All deletes are now scheduled within the file action queue, including FTP, S3 and Flysystem adapters.
- Better management of file server paths - stored against the file server in the admin area.
- Removal of ajax calls to remote storage server on delete, significant performance improvement.
- User file manager changes:
- Added folder ordering.
- Added select folder option, support for multiple as per files.
- Added multi folder delete & drag and drop to move.
- Added empty trash button to trash toolbar.
- Hold ctrl+click to select folders.
- Admin area changes:
- Moved "Max File Uploads Per Day" into account packages.
- Moved "Accepted Upload File Types" into account packages.
- Moved "Blocked Upload File Types" into account packages.
- Addedn option to auto clear trash items older than x days in account packages.
- Better feedback on login failures for the admin area.
- Added privacy option on file edit.
- Better handling of core FTP storage when passive mode is enabled.
- Improvements to how the account avatar is loaded to avoid restrictions on certain servers.
- Fix to Amazon S3 storage configuration issue.
- File server option to download over different protocol compared with main site.
- Moved the local storage path from _config.inc.php into the file server admin.
- All database tables changed to 'InnoDB' & 'utf8mb4_general_ci' to allow for MySQL clustering support.
- FTP Upload Plugin:
- Automatic import of FTP uploaded files.
- Admin user interface to view and delete FTP credentials.
- Social Login:
- Updated LinkedIn integration due to changes on their site.
- Media Player:
- Added option to show direct link to video file.
- Media Converter:
- Added option to prioritise conversions on paid users.
- Added option to choose when to capture the video screenshot, either in seconds or % of the video.
Release Notes: There are database changes within this release. See /install/resources/upgrade_sql_statements/v4.4.1 - v4.5.sql.
v4.4.1
- Updated social login plugin - Fixed Facebook not working due to API changes.
- Minor fixes to file manager breadcumbs & folder reloading.
- Facebook login - removed the request for date or birth, town and about me, in permissions.
- Added additional database indexes to improve performance.
- Fixed session notice in later versions of PHP - session_write_close(): Failed to write session data (user).
- Fixed SMTP sending issues caused by debug being enabled within email sending library.
- Fixed issue with folder zip download not being fully recursive.
Release Notes: There are database changes within this release. See /install/resources/upgrade_sql_statements/v4.4 - v4.4.1.sql. For code difference with v4.4 see \install\resources\upgrade_file_diffs\V4-4_to_V4-4-1_DIFF.txt.
v4.4
- Flysystem integration. Core script initial support for file storage on:
--- SFTP
--- Amazon S3
--- Rackspace Cloud Files
--- FTP (via Flysystem, possible future replacement of core FTP storage)
- File Upload API:
--- Account Operations: Get account info, get account package info (max upload size, account limits etc).
--- File Operations: Upload, Download, Get info, Edit meta data, Delete, Move, Copy.
--- Folder Operations: Create, List (Files and Folders), Get info, Edit meta data, Delete, Move.
- PayPal subscriptions support. Optional within PayPal plugin settings, default disabled. If enabled the user will automatically be setup with a subscription and rebilled when their account is due to expire.
- 3 additional plugins now included as standard with the core script:
--- Social Login
--- Document Viewer
--- Newsletter Manager
- Admin Area:
--- Admin area interface rewrite so it's now using Bootstrap 3. Compatibility library added to aid with migration of older plugins.
--- Bulk import tool. Within the admin area bulk import files into an account from on a folder on your server.
--- Added update checker to plugin listing page. Any new releases to plugins are immediately shown on this page.
--- Added option to bulk remove files by copying and pasting a list of urls.
--- Added user avatar to manage users page.
--- Added option to remove or set avatar on add/edit user.
--- Fix to add/edit user password setting. Now uses the global password rules.
--- Added check for minimum required version number when adding a plugin.
--- Added clean up of any failed tasks in the remote download queue. Limits issues with the queue getting full and new items not working.
--- Added support for default folders on new account creation/registration. Can be set via the admin, site settings.
- Support for SolveMedia captcha.
- Improvements to stats logging performance and sync between the stats count and file.visits value.
- Fixed issue with jwplayer fullscreen mode in Chrome.
- Added upgrade page package names into translations.
- Improvement to ipToCountry checking for larger IP ranges.
- Better support for prepared arguments in the database layer.
- File download pages / upgrade pages now show the file description and keywords, if set.
- Update of PHPMailer to fix recently announced security issue -
https://github.com/PHPMailer/PHPMailer/releases/tag/v5.2.22
- Integration of composer for ease of management of third party libraries.
- Minor improvements to RTL layout.
- Rewards:
--- Improvement to PPD logging when using Nginx and download managers.
--- New advice for PPD complete download log for Nginx and CloudFlare.
- Media Converter:
--- Improved concurrent conversions option to work per server.
--- Removed use of ereg function for PHP7.
- Media Player:
--- Added JWPlayer 7 as an available media player.
Release Notes: There are database changes within this release. See /install/resources/upgrade_sql_statements/v4.3 - v4.4.sql. To enable the API you will need to apply the new rewrite rules to Nginx or .htaccess, if you're using Apache. This script now requires minimum PHP v5.5.
