Lifetype 1.2.3 is the third maintenance release from the 1.2 branch and in addition to bringing in even more new features, it also provides fixes for a cross-site scripting vulnerability detected in summary.php as well as other stability related issues. Please read on for the download links and information about issues addressed in this release, and report any issues or bugs via our bug tracking system and the project's support forums.
These are the links to the full LifeType 1.2.3 packages:
If upgrading from Lifetype 1.2.2, there are packages available which only include new or modified files and will allow you to upgrade to LifeType 1.2.2 only. These packages can not be used to upgrade from 1.1.x or 1.2 to 1.2.2:
The following features have been introduced in Lifetype 1.2.3:
Improvements to the Flash player
The Flash player introduced in Lifetype 1.2.2 is now being used even more:
- When uploading Flash videos (in FLV format), it is possible to get them easily embedded via the Flash player that was introduced in Lifetype 1.2.2 in posts. The size of the video will be calculated based on the information extracted form it so all that is needed is to click the "Insert video" link that will appear in the resources pop-up window.
- A new plugin for the TinyMCE editor allows to leverage the Flash player to play MP3 files stored in other servers, in addition to embedding MP3 files from our own resources.
File integrity checks
- Administrator users will now have access to a new functionality called "Versions" in the "Administration" area. This feature will first of all report the current version of Lifetype installed (available from version.php) but more interestingly, it will perform an integrity check on the core Lifetype files installed in the system to make sure that the current available version matches the expected version. The expected version of the files is claculated based on the contents of the file install/files.properties.php and is automatically provided by the development team in each new release. For users who have made customizations to the core code this will of course return differences (which can also be used to track down which files have been modified) but for the rest of users will be useful to know if all files were uploaded correctly (which was a cause of many issues in the support forums)
- Dailymotion is now available in the TinyMCE plugin that allows to insert videos from sources such as YouTube and Google Video.
Extracted from the project's bug tracking system, this is the full list of issues fixed in this release:
1324: EVENT_POST_PREVIEW is now correctly thrown when generating post previews.
1318: CSS class error in TinyMCE insertresource plugin.
1322: Font error after install hotfix for XSS.
1323: mms:// URLs are filtered.
1279: Add dailymotion in the video plugin.
1314: XSS in user registration page.
1316: Link to blog from blog list panel.
1312: Error posting comments if mail notification is active.
1311: MP3 player doesn't appear on IE.
1310: can't load class.smtp.php in 1.2.2.
1309: French adin local changes.
1307: getModificationTimestamp method not working as expected.