No announcement yet.

vBulletin 2.2.9 Released

  • Filter
  • Time
  • Show
Clear All
new posts

  • vBulletin 2.2.9 Released

    vBulletin 2.2.9

    vBulletin 2.2.9 includes several bug-fixes, and also a few small security fixes for (hard to exploit) XSS issues. We recommend you upgrade as soon as possible.

    This release is now the latest stable release.

    Backing up forums

    Please be sure to check your backups, that they are complete before continuing with an upgrade. We had reports that PHP was causing time out errors when creating the back up SQL, and this was causing for incomplete or corrupted backups. The safest way to do a backup is to use the mysqldump utility through telnet, as it will not suffer from any such problems.

    Installation / Upgrade Instructions

    These are available in the Members Area.
    Templates changed: (from 2.2.8)
    • error_previewtoomanyimages - new template to show error when too many images are included in preview
    • forumdisplay_multipagenav_pagenumber - add a perpage value to url
    • newpost_postpreview - added $toomanyimages to allow for showing error if too many images are in preview

    Bug Fixes
    • Main Directory:
    • forumdisplay.php; include perpage in url
    • global.php; XSS Fix
    • member.php; logic error with updating profile
    • member.php; use a new function to strip session hash
    • member.php; fix a security problem with emailing users
    • member2.php; fix XSS issue
    • memberlist.php; urlencode letter for passing in navigation
    • newreply.php; Use a new function to strip session hash
    • newreply.php; show error when previewing with too many images
    • newthread.php; Use a new function to strip session hash
    • newthread.php; show error when previewing with too many images
    • online.php; hide email button if 'Display email addresses' is set to no
    • poll.php; wrong id being set in cookie when user posts
    • poll.php; update forum last post time as well as thread if user has update on poll vote set in settings
    • postings.php; make copying a thread correct
    • private.php; strip session from messages if included in url
    • search.php; sort a endless loop when a single character is surrounded by quotes
    • showgroups.php; hide forums which are inactive
    • Admin Directory:
    • adminlog.php; remove showing password in admin panel for config.php example
    • functions.php; new function to strip session hash
    • global.php; XSS Fix
    • misc.php; new optiom to remove orphan threads and posts
    • sessions.php; dont show forumjump when password is wrong
    • Mod Directory:
    • global.php; XSS Fix
    • user.php; select styleid from table

    Files changed: (from 2.2.8)
    • Main Directory: forumdisplay.php, global.php, member.php, member2.php, memberlist.php, newreply.php, newthread.php, online.php, poll.php, postings.php, private.php, search.php
    • Admin Directory: admin/adminlog.php, admin/functions.php, admin/global.php, admin/misc.php, admin/sessions.php
    • Mod Directory: mod/global.php, mod/user.php
    • And the usuals (all for just the version number): admin/install.php, admin/upgrade1.php, admin/upgrade22.php

    In conclusion...

    vBulletin 3 is very nearly here now, but we would recommend that you still upgrade to 2.2.9 for the best vBulletin experience.

    Edited by Kier - typo
    Last edited by John; Wed 27th Nov '02, 7:55am.
    John Percival

    Artificial intelligence usually beats real stupidity ;)

  • #2
    Bug Fixes
    • Main Directory:
    • editpost.php; use a new function to strip session hash
    • member.php; fix XSS issue
    • member2.php; fix XSS issue
    • memberlist.php; fix XSS issue
    • online.php; 2 semi colons instead of 1
    • register.php; no username in modeation email
    • search.php; fix XSS issue
    • sendtofriend.php; fix a security problem with emailing users
    • Admin Directory:
    • misc.php; orphan thread wont select ids
    • Mod Directory:
    • moderate.php; remove hardcoded link to forumdisplay.php

    Files changed: (from 2.2.9 RC)
    • Main Directory: editpost.php, member.php, member2.php, memberlist.php, online.php, private2.php, register.php, search.php, sendtofriend.php
    • Admin Directory: admin/misc.php
    • Mod Directory: mod/moderate.php

    Any downloads before 22:35 BST on the 27th of November should be deleted and the latest version fetched from the members area. - Scott
    Last edited by Scott MacVicar; Thu 28th Nov '02, 2:12pm.
    John Percival

    Artificial intelligence usually beats real stupidity ;)


    widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.