程序包 XenForo 2.2.17

Some of the changes in XF 2.2.6 include:

• Adjust file copying order of the one click upgrader to reduce issues with page breaks.
• Support youtube.com/shorts/{id} format URLs
• Change the CSS rules for inline spoilers to improve visibility
• Replace Accept header to use official v3 of GitHub API for connected account requests rather than its beta.
• Apply flood checking to thread create/reply pre-reg actions.
• If there is no editor/quick-reply element available, bail out of the quote-click JS handler early.
• Add some input placeholder styling to the stripe payment form.
• Prevent editing/display/use of some payment profiles when they are no longer active or the payment provider is no longer usable.
• When toggling comments with the profilePostCommentToggle style property enabled, ensure the editor placeholder is activated and, where possible, focus the editor.
• When getting global permission entries, process conditions correctly to only select the relevant records.
• Fix bad maxlength setting for warning definition titles and impose a maxlength for warning definition conversation titles.
• Prevent an error when trying to update reactions counts if we find a reaction content entry without a matching reaction definition.
• Implement the ability to add custom add/remove messages for the multi-quote button.
• Fix prefix function usage in alert/push_thread_reply_ban templates.
• Disable lightbox related output in RSS feeds.
• Allow member stats to be used in widgets regardless of overview_display option.
• Limit the size of each inline mod cookie to 3KB to avoid excessive header sizes.
• Add header 'Auto-Submitted: auto-generated' header by default to outgoing emails with the ability to override or unset if needed.
• Fix missing content type for contact form and protect against a PHP 8.0 issue if a content type phrase is empty.
• Fix unsupported operand error when validating a style archive if hashes.json fails to decode correctly.
• Add the ability to perform exact match email searches
• Remove duplicate itemprop attribute on a post's username link
• Validate usernames before trying to set them when creating threads as a guest
• Ensure phrases are properly returned as strings
• Wrap attachment action phrases that may not fit the thumbnail container
• Adjust description for the forum statistics widget
• Allow users to be reported regardless of their profile privacy settings
• Add a separate phrase for prefix searching on the admin panel's quick filter
• Ensure that non-ASCII characters are not in the local part of an email address.
• When analysing images, check image type against image extension map
• Allow alerts to be sent via an API super user key without a registered user.
• Validate a purchasable item exists during the callback stage of a payment.
• Ensure threads with a redirect thread type are included when batch updating threads or using a search forum
• Ensure post thread page action buttons are marked as nofollow
• Do not attempt to include a first_unread post in the API when the only unread posts in a thread are ignored.
• Ensure that phrases indirectly used in push and email templates use the correct language.
• Make the process of canceling recurring PayPal subscriptions clearer if the user does not have a PayPal account.
• Improve performance of loading icons on the add-on list.
• Use a new system for shortening strings that contain BB code so that they will not be cut off in the middle of BB code markup.
• Do not allow transparent or system colors to be used in the color BB code.
• Ensure that italics in user content are displayed as expected when using CJK languages.
• Do not attempt to link URLs or email addresses that contain censored words.
• Properly process Stripe subscription refunds in the payment system.
• Do not display the "insert" option on attachments in contexts where they cannot be inserted into an editor.
• Improve the display of message attribution rows with a large amount of content on smaller devices.

The following public templates have had changes:

• account_upgrades
• alert_thread_reply_ban
• attachments.less
• bb_code.less
• core_datalist.less
• core_setup.less
• delete_confirm
• fa.css
• font_awesome_setup
• forum_overview_wrapper
• forum_post_thread_chooser
• forum_view
• helper_attach_upload
• helper_js_global
• message.less
• message_macros
• multi_quote_macros
• payment_cancel_recurring_paypal
• payment_initiate_stripe
• post_macros
• profile_post_macros
• push_thread_reply_ban
• reaction_item_profile_post
• reaction_item_profile_post_comment
• reaction_list_row
• search_forum_view
• setup_fa.less
• thread_view
• whats_new_posts

XF 2.2.4中的更改包括：

• Ensure multi-quote system does not overwrite unintended parts of the attachment upload request.
• Allow the "must login or register to reply" button to wrap if needed.
• Prevent an error from being sporadically triggered when cleaning up the filesystem cache.
• Prevent an error when checking if a conversation can be started with a user who is unexpectedly missing part of their profile data.
• Ensure that "click to expand" links are treated as buttons and are keyboard-navigation accessible.
• When logging in via an API generated token, allow the existing logged in user to be replaced (if logged in as a different user) with the new user if force=1 appended to the URL.
• When an account that does not have a password set is requesting a new password, ensure some amount of rate limiting is imposed to avoid repeat requests.
• Add support for using $context inside widget display condition field.
• Properly maintain the full table markup when selectively quoting only part of a table.
• Fix search result highlighting issues with certain non-ASCII characters.
• Prevent double conversion of CSS rules to BB code equivalents in some situations.
• When viewing the registerd members list, ensure unviewable member stat categories are filtered out from the sidebar.
• Ensure toggle:hidden event is triggered correctly when hiding toggle elements.
• Clean up news feed records belonging to posts when their thread is hard deleted.
• If a thread as multiple sort options, ensure the additional links are marked as nofollow
• Mark go-to links in quotes as nofollow
• When viewing the latest activity of an ignored member, show a link to view ignored content
• Prevent HTML errors outputting from Xdebug in some cases.
• When searching within a specific forum, ensure child forums are included in all cases.
• Adjust Auth::actionPost API documentation to recommend the login/password parameters should be passed into the request body to go along with a general recommendation in our development documentation that this should generally be done for all non-GET requests.
• When a pre-registration action is triggered, only show the welcome message if this is newly registered user.
• Correctly pass state of $forceCaptcha to contact_form template
• Disable a table quick insert button that sometimes appears in the rich text editor.
• Update phpdoc on entityColumnsToJson method to indicate the correct return type.
• If the unregistered group has the view permission revoked ensure that failed CAPTCHAs can successfully be reloaded in the event of an error.
• Fix an issue preventing installs from the command line when using PHP 8
• Avoid unexpected layout shifts when embedded images/attachments have known dimensions.
• Throw a required input missing error if the avatar file is not included in the request. PHPdoc updated to reflect the requirement in the online API docs.
• Ensure user rejection reasons can't exceed the 200 character limit
• Update PhpBb3 authentication handler to support verifying passwords using native PHP methods where possible.
• Render phrases presented as $value to XML createDomElement()
• Don't merge identical sibling URL and EMAIL bbcode tags
• For consistent behavior across PHP versions, explicitly trigger a notice if an array is passed in to XF::escapeString
• When inserting multiple attachments, allow the "thumbnail" button to insert audio/video attachments which do not support thumbnails.
• Maintain the single thread search constraint when returning to the advanced search form.
• Ensure that about and signature are not censored before rendering as BB code.
• In question and suggestion forums, ensure that all tab constraints are maintained in the filtering menu.
• Save undo points in the RTE when triggering certain actions such as quoting a message.
• Prevent an error on some browsers when inserting a video through the rich text editor.
• When importing users, if the primary user_group_id also appears in the secondary_group_ids field then remove it.
• Create a new POST post/{id}/mark-solution endpoint, to toggle/switch the solution post. Returns old_solution_post and new_solution_post to allow switching behaviours.
• Adjust universal lightbox option explanation
• Properly escape some phrases in HTML attributes
• Fix group sorting of field cache data
• Add a note about step dependencies to the import step chooser
• Don't throw an error when trying to add an admin on PHP 8
• Check permissions before displaying add-on control links
• Display option values when editing the current email transport method
• Trigger events when toggling the display of disabler containers
• Adjust new thread and search forum widget expanded display explanation
• When autolinking post content do not autolink if we match www. followed by an additional dot.
• When installing XF via the command line if the confirm password doesn't match the original password then go back to the original password prompt.
• Allow 'sort' to be passed to profile-posts/{id}/comments in order to get posts in asc/desc date order

以下公共模板已更改：

• PAGE_CONTAINER
• alert_macros
• alert_post_pre_reg
• alert_user_pre_reg_failed
• approval_queue_macros
• bb_code_tag_quote
• bookmark_macros
• connected_account_associated_facebook
• contact_form
• core_bbcode.less
• editor_dialog_media
• editor_insert_gif
• forum_filters_type_question
• forum_view_type_question
• forum_view_type_suggestion
• helper_attach_upload
• member_latest_activity
• member_macros
• member_recent_content
• member_tooltip
• member_view
• nestable.less
• offline.less
• post_article_macros
• post_macros
• post_question_macros
• push_post_pre_reg
• push_user_pre_reg_failed
• search_form_macros
• search_form_post
• service_worker_offline
• thread_view

除了通常的错误修复和改进之外，还有数据库架构更改，在某些情况下，可能需要一些时间才能执行。如果您运行的MySQL版本低于5.7（或等效版本），并且具有特别大的xf_thread表（几百万条记录），则建议执行CLI升级。

XF 2.2.3中的一些更改包括：

• 置顶/取消置顶标题时，请确保正确更新了子控件。
• 使用文章论坛预览显示时，使用不间断的字符串防止文本溢出。
• 确保使用正确的行样式并且仅在潜在相关的情况下显示文章封面图像通知。
• 修复了与推送通知有关的PHP 8兼容性问题。
• 搜索时，更有效地获取无法查看的论坛列表。
• 调整允许的附件文件扩展名选项的措词更加清晰。
• 如果文章预览论坛中显示的主题缺少第一个帖子关系，请防止出现错误。
• 在poll_macros模板中删除多余的花括号。
• 将“旋转框”短语重命名为“数字框”。
• 修复查看文章论坛时的N + 1查询问题。
• 修复“重点突出时编辑器背景”中的拼写错误。
• 在垃圾邮件触发日志中显示内容类型时，请确保用词表达。
• 解决了在查看尝试查找新的个人资料帖子时出现的N + 1查询问题。
• 在启用开发模式的情况下，确保我们加载select2库的最小版本。
• 查看概要文件评论的反应的完整页面列表时，请确保面包屑数组的格式正确且相关。
• 将词组编辑字段更改为普通文本字段，以解决某些设备访问特定标点或字符的问题。
• 确保内联代码块内的换行符不加倍。
• 优化标记多个论坛一次阅读。
• 确保CLI请求收到合理的请求路径值（用于生成URL）
• 调整“每页展开的文章”措词，以使其更清楚地应用于预览和展开的文章论坛视图。
• 扩展对边缘地址栏中粘贴内容的处理，以确保仅粘贴URL部分。
• 在关闭建议后正确显示一条消息（类似于在执行建议时）。
• 防止与搜索论坛缓存生成相关的竞争条件引起的错误。
• 当显示在子论坛下拉列表中时，显示搜索论坛的图标。
• 不需要控制面板中用户名自动完成功能的完整用户管理权限。
• 在代码标签上使用“选择引用”时，防止JS错误。
• 自动填充用户名时，请在使用转义字符时维护突出显示的组件。
• 对于要求来宾指定用户名的API操作（例如发布消息），请通过api_guest_username参数进行全局设置
• 运行作业/缓存重建时，防止出现零除错误。
• 改进针对特定类型的MP4视频文件的视频验证。
• 确保在构建指向外部数据目录的URL时，我们始终相对于根XF目录构建URL。
• 修复了Safari将重定向到服务工作者JS文件的情况。
• 自动聚焦菜单中的输入时，防止Safari滚动到页面底部。
• 修复了从IPS导入时解析图像标签和基本URL时不一致的行为。
• 扩展StopForumSpam API密钥的允许格式。
• 调整帐户隐私页面上的标签以提高一致性。
• 增加线程的Discussion_type字段的长度，以考虑长线程类型ID。
• 修复论坛过滤器弹出窗口上的班级名称中的错字
• 调整“最大可扩展BB代码块高度”样式属性的描述，以更好地说明其行为。
• 如果剪贴板API不可用（例如，由于缺少HTTPS），请确保“复制到剪贴板”按钮处于隐藏状态
• 确保移动导航触发器具有可访问的名称
• 在XF.Nestable中使用findRelativeIf查找输入
• 使用个人资料发布和个人资料发布评论内容标题修复短语参数
• 如果GIPHY API返回错误，请不要抛出异常，而是返回更漂亮的错误消息。
• 允许为Stripe付款配置文件设置自定义对帐单描述符。

以下公共模板已更改：

• PAGE_CONTAINER
• account_privacy
• app_nav.less
• bb_code_tag_img
• bookmark_macros
• core_button.less
• core_menu.less
• forum_filters
• 无信息
• node_list.less
• node_list_search_forum
• poll_macros
• thread_type_fields_article
• token_input

必要时，应使用“过时的模板”页面中的合并系统来集成这些更改。

Maintenance time! XenForo 2.2.2 has hatched, fledged and is ready to fly the nest directly to your community via one-click upgrade.

In addition to the changes listed below, 2.2.2 has some invisible changes to improve performance, stability and compatibility with the newly released PHP 8, which we look forward to supporting fully in future.

The following public templates have had changes:

• PAGE_CONTAINER
• _help_page_bb_codes
• account_alert_toggle
• account_alerts_mark_read
• attachments.less
• bb_code.less
• codemirror.less
• conversation_mark_unread
• core.less
• core_bbcode.less
• editor.less
• editor_base.less
• fa.css
• font_awesome_setup
• forum_post_thread
• member.less
• member_macros
• member_tooltip
• member_tooltip.less
• member_view
• message.less
• node_list.less
• node_list_forum
• notice_macros
• post_article_macros
• post_macros
• setup_fa.less
• thread_type_fields_poll
• thread_view_type_question

Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.

此版本修复了XenForo中的两个潜在安全漏洞。

问题是XSS漏洞。XSS（跨站点脚本）问题允许脚本和恶意HTML注入到页面中，从而潜在地允许数据盗窃或未经身份验证的访问。

模板变更：

• alert_post_pre_reg
• app_nav.less
• attachment_macros
• content_vote_macros
• message.less

正式版发布啦

解决已知bug

候选版本发布正式版不远了

修复bug

修复海量bug