Topic: Monstra 1.3.0 - Release

Monstra 1.3.0 - Release

http://i.minus.com/izSuyV2XY7DuZ.png

- Improve Multi-user system. Front-end registration, authorization, password recover, profile editing added.
   Usage: <?php Users::getPanel(); ?> Displays User Panel
- Improve Default Monstra theme.
- Security: Fix Script Insertion Vulnerability.
- Blocks and Snippets plugins code fix. Issue #35, Issue #34
- XMLDB: new method updateField()
- Plugin API: path updates.
- Dir Helper: new method size()
- Filesmanager: shows directory size.
- Security Helper: update safeName() method.
- Pages Plugin: new method children() Get children pages for a specific parent page.
  Usage: <?php $children = Page::children('downloads'); ?> Return array of pages
- Update translates.
- And a lot of general engine improvements.

Download: Monstra 1.3.0


Update to 1.3.0
update:
/admin/
/monstra/
/plugins/
/index.php

Re: Monstra 1.3.0 - Release

Nice job

nakome's Website

Re: Monstra 1.3.0 - Release

Monstra 1.3.1 - Important bugs fixes.
Download: Monstra 1.3.1

Update to 1.3.0 to 1.3.1:
Update: /plugins/ folder

Re: Monstra 1.3.0 - Release

Awilum wrote:

Monstra 1.3.1 - Important bugs fixes.
Download: Monstra 1.3.1

Greetings and thank you for this update.
I have one concern regarding the use of administrator username on page /monstra/users.
What's the point of giving away the administrator login name to the public?

Re: Monstra 1.3.0 - Release

RedStar, You can see administrator here on this forum, too)

6 (edited by RedStar 2012-09-11 11:28:29)

Re: Monstra 1.3.0 - Release

Awilum wrote:

RedStar, You can see administrator here on this forum, too)

Maybe I did not make myself clear or maybe my concerns are unprofounded.
What I ment was that the login name is public for the administrators and all users.
Security wise it's maybe not the best option to have it published to the public, but instead use "display name"? I am maybe wrong......

And one other question (maybe I should make a new thread under a different subject?)
What if I just want to update monstra to just get the seciurity fixes and not all the new features such as "multi user" system?
How do I do that and is it possible at all?

Maybe split updates with fixes and features?

Think I need to start learn PHP smile

Re: Monstra 1.3.0 - Release

check the login is not required in the template can be put on and off, but for some people it is necessary and safety is the same I think.

It is an opinion.

nakome's Website

Re: Monstra 1.3.0 - Release

Maybe I did not make myself clear or maybe my concerns are unprofounded.

All CMS use this practice. Everything is ok.

You can turn off Users Plugin Frontend at all if you want.
/plugins/box/users/users.plugin.php

write

    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    null,
                    'box');

instead of

    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    'users',
                    'box');

In next update would be ability to turn off frontend user registration.

Maybe split updates with fixes and features?

yes, I will look at this issue

9 (edited by RedStar 2012-09-25 05:33:21)

Re: Monstra 1.3.0 - Release

Awilum wrote:
    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    null,
                    'box');

instead of

    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    'users',
                    'box');

In next update would be ability to turn off frontend user registration.

Maybe split updates with fixes and features?

yes, I will look at this issue


I was on my way to post a new topic but you allready have answered my questions long time ago. A big thank you mastah!
Btw instead of writing "null" ok to leave blank since when writing "null" it will display "null" link in sitemap...?

Have started to learn PHP but its a steep mountain to climb in the begging but I am getting there....I think *gulp*

Re: Monstra 1.3.0 - Release

>>Btw instead of writing "null" ok to leave blank since when writing "null" it will display "null" link in sitemap...?
No, you must write null

Correct:

    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    null,
                    'box');

Wrong:

    Plugin::register( __FILE__,                    
                    __('Users', 'users'),
                    __('Users manager', 'users'),  
                    '1.0.0',
                    'Awilum',                 
                    'http://monstra.org/',
                    'null',
                    'box');