Note (added Dec. 02. 2006)
CB 1.0.2 is not compatible with Joomla 1.0.10. So, if you want to install or upgrade to CB 1.0.2, you need to upgrade to Joomla 1.0.11.
The CB Core Team has just released version 1.0.2 of the Joomla Community Builder Suite.
This security, performance and stability release can be found in the download area of Joomlapolis (here) and the project area on the forge (here).
All CB installations should be upgraded to this release as soon as possible as a number of low, medium and potentially high security issues have been addressed, as well as a number of anti-spamming hardenings have been made. Although there are no known exploits at release time for the security issues that have been found and fixed by CB core team, we strongly advise for an upgrade.
New features have been kept to a minimum to maximize stability and security.
These include:
- Compatibility with Joomla 1.5 beta 1 (for evaluation and test purposes only)
- CB Login support for Missus, PMS Enhanced and JIM.
- Core plugin support for PMS Enhanced and JIM.
- New tools option in CB backend to perform database checks on integrity of the CB database.
- Plugin API improvements.
- Many minor bug fixes.
- Expert installation package to preserve existing plugins (study readme very carefully!)
- For a complete list please see the artifacts list on the forge.
Due to the extensive improvements and optimizations, this release is expected to run much faster and to use less memory than previous releases. For example, the connections path tab can now be safely published and used on large sites.
The CB Core Team would like to thank the CB Testers that have been pounding away at the test builds in order to
make this release (as all previous ones) as solid as possible.
| {mos_sb_discuss:7} |
{mosimage}Joomla! core team released today Joomla! 1.5 beta, exactly one year after starting development, for community tests. Joomla! 1.5 is by no way a production site release, but is a big step forward for Joomla!
Community Builder team has participated in tests, debuging and some fixes to make sure that Community Builder interoperates well also with Joomla! 1.5 and has been one of the components used for testing the Joomla! 1.5 1.0 API legacy support.
As Community Builder uses some deep API functions of Joomla, a few adaptations have been needed for Joomla 1.5 beta and are currently in CB testteam. Please note that CB 1.0.1 does not run on Joomla! 1.5 beta. We will be releasing CB 1.0.2 maintenance release in the next days, with support for Joomla! 1.5, and some more to be announced soon. CB 1.0.2 will be a strongly recommended upgrade for all users, including Joomla 1.0.11 users and fixes also a few Mambo 4.6.1 API incompatibilities.
Stay tuned and happy playing with Joomla! 1.5 in the mean time.
Nov. 8th Update
Community Builder 1.0.2 build 3 has just been released to CB testteam for final tests. Expected date of release is currently Friday Nov 10th.
Nov. 10th Update
We found a few bugs in testteam build 3 of Community Builder 1.0.2 and are working on a new candidate build 4. Estimated date is moving to Monday/Tuesday Nov 13/14th for the stable release 1.0.2.
Nov. 14th Update
Community Builder 1.0.2 candidate build 4 has made its steps through testteam, and is now running on a few larger-sized live sites, which showed some last very annoying bugs, most of which got fixed. Although active CB-testteam members and CB dev team worked very hard in the last days, we didn't make it for today. Sorry about that, but... But we achieved something today which made us very happy, and will make most of you and your users also happy... weee...CB 1.0.2 flies. More at release time ;-) . Estimated date is now set to Confirmed Date status for Thursday Nov 16th for the stable release 1.0.2. Tomorrow, JoomlaPolis and test-sites will be updated with final build 5, and as soon as all fixes are fully tested, we will make the release. Thanks for your understanding and patience (and good night for today).
Nov. 19th Update
Community Builder 1.0.2 candidate build 5 is running on this site, as well as on a few other high-traffic sites. Almost all is ok now, and public release has been prepared, but a nasty last minute problem has been located on one of the live sites. We spent a few hours to down-drill the problem into a new security feature, using indirectly a php function, which we just found to be badly buggy in older but supported php releases. We are currently designing a work-around this nasty php engine bug, and as soon as it's tested, we will release. Hard to tell an exact release time yet, but we are trying to do our best to get this out the door asap. Sorry about the delay, but it's very very hard to predict when it will be ready for prime-time, as the work-around isn't trivial (actually no work-arounds are proposed for that php bug, except to update to latest. And as this is not an option for most hosted sites, we need to design our own workaround !
| {mos_sb_discuss:7} |
Another version release 2.0.4 of the Advanced Search Component for CB is available.
The following changes have been made:
- Works now with SEF
- The Userlist can be sorted by the visitor by clicking on the heading of the table
- The search forms have been relocated within the Navigation Tab System of Joomla
I have tested out the component both with and without SEF. On my system it worked fine. If you find any errors/bugs please inform me in the forum at www.emptorum.com. Thank you!
You can download the latest version within our Repository at www.emptorum.com
Just when you thought you were safe with PHP register_globals OFF ... NO! ... A post less than an hour ago brought to our attention that Joomla 1.0.10 still emulates register_globals ON by default, even if php-setting register_globals is OFF. See the Joomla forum post by Adam (aka Websmurf) for instructions on how to turn it off. So: if you didn't or can't turn that off in that file, you should update Community Builder immediately to security release 1.0.1.
UPDATE 3: Excellent article about website security and Joomla configuration. A must-read !
The following mass email has just been sent (actually in progress) to all Joomlapolitans ...
Fellow Community Builder Website Masters,
The CB Core team over at joomlapolis.com has been working hard during the past 48 hours on a security release 1.0.1 of the CB suite following the discovery of a vulnerability present in 1.0 RC2 and 1.0 stable on weakly configured web-servers. We have decided to release it as a highly-recommended critical security and stability update, as we had one report this morning and another one this afternoon for 2 sites where it got exploited to change files. Your site needs urgent update to CB 1.0.1 if ALL of these PHP settings are met: CB 1.0.1 will be released in the next hours and will be available on http://www.joomlapolis.com and on the Community Builder project area on forge.joomla.org.
Everyone is urged to upgrade asap, a REAME file is included in the release as usual.
Sites with the settings above are in danger.
If you want to stop receiving future messages of this type just visit your contact info tab on your joomlapolis profile and click on the "Don't email me critical vulnerability fixes" checkbox.
Thank you,
The CB Team on Joomlapolis.com
Update 1:
The security release 1.0.1 is now available as package on our project area on the forge and in the downloads area of Joomlapolis. If your hosting environment meets all 4 of the above prerequisites you must upgrade immediately! Either way all installations should be upgraded ASAP.
| {mos_sb_discuss:7} |
Enjoy, I hope it works for you! It displays all images uploaded by the user on the "My Gallery" Tab, ordered by category and with pagination! Unapproved images are hidden, but otherwise everything is shown (no private categories).
IMPORTANT: It is NOT compatible with the pony gallery plugin, However, if you need to have both tabs, then there is a solution hack here.