First beta of Bolt released.

As we've posted about last week, we're working on Pivot 4, as well as a new project named Bolt. We've just released the first public beta of that new project on it's own shiny new website. Please visit bolt.cm, as well as the page about the announcement for the first beta.

Posted by Bob den OtterTuesday 02 October 20126
shareshare

Coming soon: Pivot 4 and Bolt!

A whole new Pivot and the introduction of her little brother Bolt

We’ve been working with PivotX for some years now and we feel like an update is long overdue. That’s why we decided to make it an upgrade! This January we’ll be releasing the totally new Pivot: Pivot 4. But even before that is a fact we will present you Pivot’s little brother, Bolt.

Read More »

Posted by Bob den OtterTuesday 25 September 201224
shareshare

PivotX 2.3.3 released.

We've just released an incremental update for PivotX 2.3. It contains minor updates and fixes, as well as patches for two recently discovered security issues. While these issues can not be exploited when someone is not logged in in PivotX, we nevertheless recommend this update for all PivotX users. For more information about the security issues / patches, see the page dedicated to Security issues.

These are the changes since PivotX 2.3.2:

  • Added some extra sanitychecks to the various file-operations in media-management.
  • Bugfix: Closing file disclosure vulnerability reported by Secunia Research. This vulnerability can only be exploited by administrators and hence Secunia decided to not make an advisory for it.
  • Bugfix: Closing cross-site scripting vulnerability reported by High-Tech Bridge.
  • Updated jQuery to 1.7.2.
  • Updated: PHP Markdown to version 1.0.1o.
  • Replaced "echo" with "debug" in set_entry when warning about pasting directly from Word.
  • Bug fix: Insert dialogs for the editor is now using the current user's language, not the default installation language.
  • Relaxing validation for comment notify email field so it allows multiple addresses (like we intended to).
  • Added: when the feed_entry and feed_comments hooks return an empty array, the entire entry/comment is skipped in the Feed.
  • Added: If config option upload_max_filesize is lower than the server value, use that one
  • Changed: MAX_KEYS in spamkiller is now set to 1000
  • Added: 'return' parameter to [[category_list]]
  • Added: debug statement when an upload is blocked because of wrong file type.
  • Fixed: Minor layout fix for the category_list format parameter.
  • Fixed: the TimThumb config so it works for multi-site setups again.
  • Added: style to hr extended element in tinyMCE / removed 1 of the double defined extended element iframe
  • Added: some file extensions so a better download icon is selected when using [[download]]
  • Fixed: Correcting widgets page to be similar to extensions page in light of translated strings, display of version
  • Fixed: Made the extension check case insensitive in the image preview.
  • Added: [[getpage]]now accepts uid / type in textile link
  • Fixed: only ignore Smarty cache file if they are in the cache directory

The PivotX 2.3.3 release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer.tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.

Posted by Bob den OtterSunday 13 May 20122
shareshare

PivotX 2.3.2 released.

Hi! It's been pretty quiet here for a while, but that doesn't mean we haven't been busy. We're hard at work on the next major version of PivotX, and in the meantime we've released PivotX 2.3.2 as a maintenance release for all PivotX users. It contains a bunch of minor fixes, improvements and updates, as you can see below.

Important: If you are still running PivotX 2.2.6 or older, you might be vulnerable to a security exploit, that was patched previously. Version 2.3.0 already fixed this issue, but any older version of PivotX might be vulnerable. To fix this, you should do one of the following:

  • Either update your old installs to PivotX 2.3.2.
  • Or just replace the faulty timthumb.php. Download timthumb_2011-10-14.zip, extract it, and replace the file timthumb.php in pivotx/includes/

For more information about security issues / patches, see the page dedicated to Security issues.

These are the changes since PivotX 2.3.0:

  • Refactored loading/saving of configuration files, to prevent config file corruption
  • Rewritten Hashcash implementation: works better, and more transparent for the user.
  • Added hidden setting to set a custom hashcash message.
  • Enabled our "first line of defense" (against spam) again.
  • Bug fix: ensuring that uploaded files and thumbnails get the correct file permission.
  • Fixed the image preview, when selecting an existing file by browsing when inserting an image or a popup image in the editor.
  • Added: [[getpage]] can now also retrieve a page by uid.
  • Fixed bug: only show published entries in [[category_list]].
  • Some improvements to [[category_list]] : Added %count% to formatting and added 'category', 'start' and 'end' parameters to the tag.
  • Some amendments for [[category_link]].
  • Updated Plupload to version 1.5.2
  • Updated jQuery UI to 1.8.17.
  • Updated jQuery to version 1.7.1.
  • Updated TinyMCE to version 3.4.7.
  • Updated timthumb to version 2.8.4, which is a complete rewrite from the previous version 1.35.
  • Split timthumb's config to a seperate file to facilitate upgrades.
  • Fixed an issue where 'latest comments' would show too few comments.
  • Made the filepaths to jQuery and jQueryUI more consistent.
  • Fixed a bug in renderSpecial related to the before_parse hook.
  • Fixed the before_parse issue in renderTag.
  • [[tagcloud]] description updated.
  • Removed (deprecated) split() call and replaced with preg_split().
  • Fixed bug for paging inside a weblog when using mod_rewrite.
  • Updated/improved Spanish translation.
  • Updated/completed Hungarian translation.
  • Added "ignorearchive" parameter to subweblog so you can have a subweblog displaying entries outside the archive period on an archive page.
  • Removing additional %foo% parameters from [[comments]]-blocks.
  • Fixed a (nasty) bug in the flatfile implementation of read_entries where the offset didn't work because of 'timed publish' entries.
  • Fixed various issues related to the comment moderation queue.
  • Changed the way jQuery.noConflict() works. Now even less conflicting!
  • Fixed standard search-weight function so it cannot return negative values anymore.
  • Added 'addtoTopMenu' for extensions.
  • Fixed bug in MagPie's RSS fetching to stop display warnings on screen.
  • Fixed bug for Atom feeds. Using the entries year in the id tag, not the current year.
  • Now automatically clearing the cache when website comes back online, after it was set to 'offline'
  • Now rewriting HTML before writing to cache, fixing an issue where cached files were not parsed fully.
  • Added filters to outputsystem, Minify now goes through an outputsystem filter. fixes problems where minify wasn't working
  • Slightly tweaked the replacement for leftover %tags%, to allow percentage signs in comments.
  • Fix for canonicals in our 'smart' global smarty_link() call.
  • Fixed bug for multiple selects in formclass that actually have multiple selected values
  • Added additional search text hooks
  • Added 'author user' ability. You can now set *any* user as 'author user'.
  • Added X-UA-Compatible header for Internet Explorer.
  • Removed the offline message from the html if the site is online and add a backup message.

The PivotX 2.3.2 release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer.tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.

Posted by Bob den OtterThursday 08 March 20125
shareshare

Timthumb update for older PivotX installs.

If you are still running PivotX 2.2.6, you might be vulnerable to a security exploit, that was patched previously. Version 2.3.0 doesn't have this issue, but any older version of PivotX might be vulnerable. To fix this, you should do one of the following:

  • Either update your old installs to PivotX 2.3.0
  • or just replace the faulty timthumb.php. Download timthumb_2011-10-14.zip, extract it, and replace the file timthumb.php in pivotx/includes/

We're close to releasing PivotX 2.3.2, so if you're planning to wait for that release, just replace your existing timthumb.php with the version linked above. 

For more information about security issues / patches, see the page dedicated to Security issues.

Posted by Bob den OtterFriday 14 October 20114
shareshare

PivotX 2.3.0 Released

We've released PivotX 2.3 as a recommended upgrade to all PivotX users. We've decided to bump the version to 2.3.0, since we feel enough has been changed since 2.2 to warrant this change. 
Changes since 2.2.6: 
  • Added: Less obscure 'ajaxy' saving, more consistency in showing a 'save' button for editing config and weblogs.
  • Notify the user when leaving a configuration page, 'Edit entry' or 'Edit Page', when there are unsaved changes.
  • Added: template tag [[user_list]] that lists users/authors in your PivotX.
  • Added an option in hidden settings to make the search always do an "AND" for keywords, instead of making a guess between "OR" and "AND".
  • Added parameter request_method to search tag so you can select between GET or POST.
  • Added a [[nocache]] template block (as can be found in Smarty 3).
  • Added "%counter%" formatting tag to the [[archive_list]] template tag.
  • Added new configuration setting timthumb_zc, to specify what kind of zoom crop you want timthumb to execute as default.
  • Added template tag [[sitedescription]]
  • Added new position to add html to: LOC_TITLEEND
  • Added an 'explode' modifier to Smarty.
  • Reworked latest/moderate comments part, they are now separated.
  • Updated and improved the Hashcash spam protection.
  • Fixed the underscore=" " option in [[tags]].
  • Updated timthumb to version 1.35, fixing a possible security issue.
  • Updated jQuery to version 1.6.2.
  • Updated jQueryUI to 1.8.14.
  • Updated TinyMCE to version 3.4.3.2.
  • images produced by timthumb.php aren't broken by PHP warnings.
  • Bug fix: The only parameter of category_list was not checked against the category display name (in addition to the internal name).
  • On the entries overview, don't wrap the status over two lines (if the status is more than one word in a translation).
  • Bug fix: fixed the comment_after_parse hook.
  • Bug fix: Events going through ajaxhelper.php are saved with the correct username, not "A visitor".
  • Bug fix: Don't output the username for user fields that doesn't exist.
  • Fixed a database setup inconsistency.
  • Fixed: [[getpage]]/[[resetpage]] would be at fault when used within a subweblog loop on weblog pages.
  • Fixed: "view weblog"-links weren't opening in new window.
  • Fixed: A lot of 'optional' or 'non optional' fields in setup, configuration and weblog configuration work more consistently.

The release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer.tgzfiles). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.

Posted by Bob den OtterMonday 15 August 20114
shareshare

PivotX 2.2.6 released

We've released PivotX 2.2.6, as a maintenance release for PivotX 2.2. This update contains some smaller improvements, updates to used libraries and various other bugfixes and tweaks. The list of changes is as follows:

  • Added: [[subweblog]] now has an ignoreuser option.
  • Added: Search OR can be disabled if AND doesn't give any results.
  • Changed: is_object is now an allowed function in Smarty templates.
  • Changed: Extra attributes for [[paging]].
  • Changed: Output system can now also add just after the </title> tag (LOC_TITLEEND).
  • Changed: Minor improvements and fixes to built-in validations.
  • Updated: Plupload updated to v1.4.3.2.
  • Updated: bgiframe fix. This fixes problems with modal popups in Internet Explorer 9.
  • Updated: jQuery updated to v1.5.2 and jQuery-UI to v1.8.11.
  • Updated: TinyMCE updated to v3.4.1.
  • Updated: Timthumb updated to the latest version.
  • Plus, quite a few other smaller fixes and changes.

Note: Some people missed the announcements earlier, but we've dropped support for PHP 4, starting with PivotX 2.2. This release will not work on PHP 4! If you're still stuck on PHP 4, you should really put some pressure on your hosting provider to upgrade your environment.

The release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (orpivotx.net/files/pivotx_latest.tgz, if you prefer .tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.

Posted by marcelfwWednesday 25 May 2011Comment
shareshare

PivotX 2.2.5 released

We've just released PivotX 2.2.5 as a highly recommended update for all PivotX users. (If your site already has been hacked, read the recovery guide in the forum.) The release contains important bugfixes, updates for used libraries and some minor enhancements.

  • The feature most users will appreciate is that we've improved the way that the Dashboard fetches the newsfeed from our site. If our site is unreachable for whatever reason, the process will not block, which will keep the Dasboard responsive.
  • We've replaced the jQuery Masked Input plugin with Input Mask, which works smoother with the other jQuery libraries that we use.
  • Enhancement: Added a title attribute to [[link]] so it's easier to see where the link will take you.
  • Updated: jQuery library has been updated to version 1.5.
  • Updated: Plupload library has been updated to version 1.4.1.
  • Bug fix: Added default upload path in setPaths to avoid rendering the site unusable in case someone accidentally clears the "File Upload Path".
  • Bug fix: Inserting new HTML5 iframe embeds works better in TinyMCE now.
  • Bug fix: If the standard PHP mail function doesn't work, the password reset mail is no longer displayed directly on the screen.
  • Bug fix: The password reset functionality has been improved.
  • Bug fix: Fixed a Plupload problem when filesize was specified in bytes, instead of kilobytes or megabytes.
  • Bug fix: Removing empty logo element from Atom feeds to avoid warnings.

Note: Some people missed the announcements earlier, but we've dropped support for PHP 4, starting with PivotX 2.2. This release will not work on PHP 4! If you're still stuck on PHP 4, you should really put some pressure on your hosting provider to upgrade your environment.

The release can be downloaded from this location: pivotx.net/files/pivotx_latest.zip (or pivotx.net/files/pivotx_latest.tgz, if you prefer .tgz files). For setup instructions, we point you to our documentation: Getting the files & installing. If you're having trouble downloading the files, you can also download them from our sourceforge mirror.

Posted by Bob den OtterWednesday 16 February 20115
shareshare