Best Of
Vanilla 3.1 is now available
Missed the 3.0 release? Check out the upgrade & release notes here.
Hi everyone! The team has been hard at work over the last month fixing bugs and security holes and even squeezing in a new feature. There should be no breaking changes in this release so it should be a very straightforward update.
Upgrade Notes
- Vanilla 3.x requires PHP 7.1 which is a change from earlier versions. We strongly recommend upgrading to PHP 7.3 as soon as possible. Many hosting plans allow a seamless transition via their control panel.
- Follow the normal upgrade process, including running /utility/update.
- Follow additional specific upgrade instructions.
- Test your plugin & theme compatibility in a safe place before upgrading your production forum.
Download
Get over in the addon directory. https://open.vanillaforums.com/addon/vanilla-core-3.1
charrondev
Re: Passwords no longer work after update from 2.2
The category is closed for a reason: the version of Vanilla you are using has security issues. Any question concerning a Vanilla version prior to 3.0.2 (currently) can be answered with: "Update!"
Simple as that.
R_J
Re: How to install a plugin/addon/theme
You can download a theme from here and it will be a zip file.
It can be best explained by using a name, e.g. Groovy.
The file needs to be unzipped to your /themes folder. While normally simple unzipping is enough, you can check the following three things to be sure that the unzipping was correct:
- There is a folder
/themes/Groovy - In this folder is a file
about.phporaddon.json=>/themes/Groovy/about.php. If both files exist, the addon.json is the important file! - In the about.php there is the line
$ThemeInfo['Groovy'] =...or if there is a file addon.json, you need to find a line like"key": "Groovy",
The folder must be named exactly like the text you find in addon.json or about.php: "Groovy". If your zip file has been extracted to "Groovy", but in the addon.json/about.php you see it is spelled all lower case "groovy", you have to rename the folder.
If you cannot see the theme in the dasboard, delete /cache/theme-index.php and if there is a file /cache/theme/groovy.php or /cache/theme/Groovy.php, which is not probable, delete that, too
R_J
Vanilla 2.8.4 is now available for download - Important security patches
Get it right here: https://open.vanillaforums.com/addon/vanilla-core-2.8.4
This release contains CRITICAL security patches.
- Patched SSRF in HTTP client.
- Updated release file system permissions to be less permissive.
It has been brought to our attention that our file system permissions were far to open in our open source releases. These concerns were initially dismissed because in our version control repository and on all of our infrastructure the permissions were correct.
Thanks to the insistence of @R_J I discovered a bug in our OSS release build tool that reset all of the file permissions to 777 (very dangerous).
Starting in this release file system permissions are essentially 755 for directories and 644 for files.
Please upgrade to the latest version of Vanilla as soon as possible. No other changes from 2.8.3 are in this version.
charrondev
Re: Migration
Just try it! There is a porter script: https://open.vanillaforums.com/addon/porter-core
Run the porter script on your server, install a clean Vanilla version on your desktop pc, import that old forum and see if all the features you need are available.
Each forum software has a lot of features and you will find out that migrating from one forum to another always will bring some benefits but some other features are worse. Therefore I think it is necessary to test around a little bit.
R_J
Re: Vanilla running on FastComet.com or SiteGround.com hosting
I would advice against using installation scripts for following reasons:
- Vanilla is easy to install, they bring not much use.
- It will always take some time between an officially available Vanilla version and a softaculous update. In the meantime your forum might be open for known security issues.
- In order to work, they need to alter the Vanilla source code slightly. When any error occurs, it might be hard to give support because it might not be easy to tell if the installer/the hoster is causing the issue or Vanilla.
If you are searching for a forum solution and your provider offers a one click installer for Vanilla, then use it to try if Vanilla is the forum solution you are looking for. But after you've made your decision, free yourself from that bounds of the installer version and set up Vanilla by yourself. It's really easy.
R_J
Re: How do I upgrade?
Tell your provider that Php 7.0 is out of support: https://www.php.net/supported-versions.php
R_J
Re: How may Plugins Sorted?
Not sure if this is already correctly implemented, but in theory you can add a key to the PluginInfo: 'Priority' => 42,
If that's not working, you have to implement your own queue, I'd say.
R_J
Re: open typography.scss
Oh wait, font face isn't even set through _typographie.scss
There is the /src/scss/base/_variables.scss file which purpose is to gather all the common styles people might want to be able to easily change them. You definitly should chang the font face there and recompile the css
R_J
Re: 2.0.18.1 upgrade to 2.8.1 - Which versions to jump through?
No need to do it in increments. Disable all plugins, make a backup and then just upgrade normally. Visit utility/upgrade and utility/structure once you are done.
I would also consider removing everything except the /conf and /uploads folder before transfering the new files. This way you don't need to read through the update instructions of previous versions (old plugins and applications most likely won't work anyway).
