Jump to content
Forum²

vBulletin Connect 5.5.6 is now available for download.


Recommended Posts

Guest Wayne Luke
Posted

[HEADING=1]vBulletin 5.5.6 Changes and Updates[/HEADING]

 

vBulletin 5.5.6 is now available to download customers. This version contains updates t o the content editor and security tools within the software.

 

[HEADING=1]Front End Changes[/HEADING]

 

[HEADING=2]CKEditor Update[/HEADING]

 

The version of CKEditor distributed with vBulletin is now 4.13. This brings the editor up to date with the vendor's distributed version. While the visible functionality will not have changed much, a lot has changed behind the scenes. For more information on changes p lease see the CKEditor changelog.

 

[HEADING=3]Emoji Support[/HEADING]

 

Emoji are similar to vBulletin's smilie functionality but are implemented via standard font characters instead of using images. When using a compatible database, you can enable UTF-8 Emoji within CKEditor. This allows over 1500 different emoji to be used by your users. Emoji can be selected from a panel in the Richtext Editor or by automatic lookup when the user is typing.

 

6d127664f953d86109b07f599bddaa5c._.png.69988e47360d585c5ee93ad098fd42d1.png

 

 

102cf69b3fb4929f0d956b34af426fe3._.thumb.png.f0a6fb25545c24b25596b24a95db40e5.png

 

 

 

 

Note: In order to use this feature, your database must use a UTF8MB4 character set and collation.

 

 

[HEADING=3]Drag and Drop Uploads[/HEADING]

 

You can now drag and drop allowed files within the editor window. This will give users more control over images uploaded to their content. To use this feature, users simply need to drag their attachments over the editor and drop them on the attachment panel. If the attachment panel is not open during the drag, it will automatically open.

 

5ba8313d66758a6e22a6f488978f947e._.thumb.png.a794274bdbab52c34ac1ad7040d918e1.png

 

 

 

 

 

 

[HEADING=1]Forum Listing Depth[/HEADING]

 

A depth setting has been added to the Activity Stream module (Forum Home Page) and the Sub-Channel Display module (used on individual channel pages). This setting allows a max depth of 1, 2, or 3 channels. The behavior varies depending on the use of Category channels at the top level. For example:

 


  1.  
  2. The home page allows showing Category (1) => Forum (2) => Subforum (3). If you don't use category channels and have it set to 3, it will still only show Forum => Subforum when depth is set to 3. This is due to current limitations in the template code. This can affect the display if you have a mix of Categories and Forums that are not in categories. Setting this value to 1 or 2 will hide subforum listings.
     
  3. Forum channels typically show two levels as in Forum (1) => Subforum (2). At this time, the template system will limit this to a depth of 2 even if the value is set to 3.
     

 

[HEADING=1]Other Issues[/HEADING]

 


  •  
  • Resolved an issue where the bread crumb links can be displayed off center in some them es.
     
  • Modules now scroll a page at a time in the Site Builder Page Editor.
     
  • Resolved an issue that resulted in large file sizes when resizing images.
     
  • Resolved an issue that resulted in images being rejected before resizing.
     

 


 

[HEADING=1]Back End / AdminCP Changes[/HEADING]

 

[HEADING=2]Notices[/HEADING]

 

To continue the merging of Notice and Announcement functionality, a number of enhanceme nts have been made to editing Notices in the AdminCP. These include:

 


  •  
  • Notices now support BBCode in addition to HTML.
     
  • Notices now support Smilie codes.
     
  • URLs within Notices will be automatically parsed as links when the Notice is saved.
     
  • Notices can be assigned to the "Home Page" channel in order to appear only o n the default home page.
     

 

[HEADING=2]Suspect File Diagnostics[/HEADING]

 

The suspect file diagnostics has been rewritten and expanded to provide better file dia gnostics. This utility allows you to quickly search for altered, missing, or extra files w ithin your vBulletin directory. With the output provided and your own personal deployment records, you can use the Suspect File Diagnostics to help secure your server and make sure vBulletin's files are up to date. Several changes have been implemented:

 


  1.  
  2. A list of the checksum files used for comparison will be displayed at the top of the o utput.
     
  3. A warning will be displayed if any of the checksum files are writable.
     
  4. It will scan all vBulletin directories. If a directory is unknown, you will be informe d of this fact.
     
  5. Static files (i.e images, javascript, and css files) will now be scanned.
     
  6. Problematic files will be listed at the top of the output.
     
  7. Safe directories will be collapsed to simplify the output.
     
  8. Additional file types will be checked. This includes .htaccess and image file extensio ns.
     

 

ed1731ca43c5423f807494b97926059e._.thumb.png.3fec258074c4253394a650530979d62d.png

 

 

 

 

 

[HEADING=3]Known Limitations[/HEADING]

 


  •  
  • Templates stored in the file system can trigger false positives. By default, these are stored in the [iCODE]/core/cache/template[/iCODE] directory. You can move these out of the vBulletin directory if you wish.
     
  • Some optional directories will be ignored. Notably, the directories used when storing CSS as files. These directories should be inspected manually if you suspect issues.
     
  • Several files will not be checked. These include [iCODE]/.htaccess[/iCODE], [iCODE]/config.php[/iCODE], and [iCODE]/core/includes/config.php[/iCODE]. You will need to manually inspect these files if you suspect changes.
     

 

If you do not know how to manually inspect and update these files, the best course of a ction is to replace the files with new copies. If you need assistance please create a new topic in the appropriate forum.

 

[HEADING=2]Style Variable Editor[/HEADING]

 

The Style Variable Editor has been enhanced.

 


  •  
  • The default view will only show variable groups. This simplifies the display and allow s administrators to select a group of variables easier.
     
  • The system will expand and contract the groups as you use them.
     
  • When you search for one or more style variables, only the matches will be shown in a s implified list. Groups without a match will be hidden.
     

 

7d370b5b6aaadc08d025c485b515d2f1._.thumb.png.459ad92d01c755a200553a135b0aa640.png

 

 

 

 

 

 

[HEADING=2]User Profile Fields[/HEADING]

 

An option has been added to the User Profile Field editor to show the field and its lab el in the User Info block of topic starters and replies. You can set this option by editing your existing User Profile Fields in the AdminCP.

 

 

Note: If you are using template hooks to display these, you would need to inactivate/delete those hooks to prevent the double display of fields.

 

 

[HEADING=1]Security[/HEADING]

 

[HEADING=2]New Password Scheme[/HEADING]

 

Support for the Argon2ID password hashing algorithm has been added to the system. This will be utilized if the server supports it. The server must be using PHP 7.3 or higher. PH P must be configured to allow the Argon2ID algorithm. More information can be found here. If Argon2ID is not available, the system will continue to use the BCrypt algorithm for password storage. The cost for BCrypt has been increased to account for newer processors.

 

For more information on password hashing please see the PHP documentation.

 

These changes should be transparent to end users.

 

[HEADING=2]Password Reset[/HEADING]

 

A tool to invalidate all user passwords has been added to the AdminCP. This will update the password of all users except the currently logged in Administrator. Users will not be able to log in until they create a new valid password. This tool is located under Maintenance -> General Update Tools. For security purposes, this will only appear while the site is in Debug Mode.

 

a7b87f6ba68806ebe62ee2038bf2c267._.thumb.png.d065ca31c95911ba565fd901aa011624.png

 

 

 

 

 

 

 

[HEADING=2]File Permissions[/HEADING]

 

We recommend making the vBulletin directories and files write-protected for security purposes. If you need assistance with this, please contact your hos ting provider.

 

[HEADING=2].htaccess[/HEADING]

 

The .htaccess file has been rewritten to help improve security of the file system. The changes prevent direct access of PHP files in a number of directories. This will not affec t normal operations of vBulletin. It is recommended to use this file if you're using share d hosting.

 

The use of .htaccess files within sub-directories has been changed. This has resulted in the removal of these files in some directories as well as the addition of .htaccess files in others.

 

[HEADING=3]AdminCP Directory[/HEADING]

 

The [iCODE]/admincp/[/iCODE] directory in the vBulletin root has been removed for new installations. This directory is not needed for vBulletin to function properly. If you use the new .htaccess file pro vided in 5.6.0, you will need to delete this directory when upgrading.

 


 

[HEADING=1]Additional Information[/HEADING]

 

All resolved issues can be seen in the issue tracker roadmap.

 

[HEADING=2]Install / Upgrade[/HEADING]

 

 

Note: When upgrading to 5.5.6, make note of the changes to the file structure. Most not ably, the /admincp directory has been removed. In addition to this, it is important to review the changes to the .htaccess file so that your site is as secure as possible.

 

 

 

[HEADING=2]File Cleanup[/HEADING]

 

After upgrading your vBulletin system, you should delete any possible obsolete files. You can obtain more information on why this is needed and instructions on how to do this in this topic in the vBulletin 5 Installs & Upgrades forum.

 

[HEADING=2]System Requirements[/HEADING]

 

Minimum System Requirements

 


  •  
  • PHP Version: 7.1.0, See End of Life note below.
     
  • MySQL Version: 5.6.10
     
  • MariaDB Version: 10.0.0
     

 

Recommended System Requirements

 


  •  
  • PHP Version: 7.4 or higher
     
  • MySQL Version: 8.0 or higher
     
  • MariaDB Version: 10.3+
     

 

For more information see vBulletin Connect System Requirements.

 

[HEADING=3]PHP 7.1 End of Life[/HEADING]

 

Please note that PHP 7.1.X is now end of life. It is recommended that you upgrade to PHP 7.2 or higher as soon as possible.

 

[HEADING=2]Current Version Support Schedule[/HEADING]

 


  •  
  • Active Version - 5.5.6
     
  • Security Patch - 5.5.5
     
  • Security Patch - 5.5.4
     
  • No Patch Release - 5.5.3 or earlier.
     

 

[HEADING=2]Discussion[/HEADING]

 

 

If you have any questions about these changes you may discuss them here: https://forum.vbulletin.com/node/4428540

 

If you find an issue with the software or wish to place a feature request please visit our tracker.

 

In order to receive support for your vBulletin Product please visit our community forums.

 

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...