SocialEngine PHP 6.3.0 Security and Maintenance Release

    • Moderator
    • 6541 posts
    December 28, 2022 6:13 AM EST

    We are pleased to announce the release of SocialEngine PHP 6.3.0! This maintenance and security release fixes an important security issue, adds improvements, and addresses bugs posted by members of our community and staff. As this includes a jQuery security update, we strongly recommend everyone upgrade. Please read below for our requirements update.

    Improvements:

    • Security Update – jQuery was updated to address a vulnerability report.
    • NEW – MariaDB compatibility! SocialEngine PHP is now compatible with MariaDB 10.6. This is exciting news for those wanting to use MariaDB.
    • Improved – YouTube video sharing now does not require the YouTube API key. If no key is entered, videos will still share if you have the video plugin. If you choose to use a YouTube API key, that will also still work.
    • Improved – Profile photos now only create four copies, reducing the space used for storing these photos. This was a highly requested improvement.
    • Improved – Added missing labels for accessibility for screen readers. This will enhance website accessibility and provide for a much better user experience.
    • Improved – Iframely is now optional for link sharing. You can either use the Iframely API (provided from Iframely), or choose to disable Iframely and share links without it. 

    Bugs Fixed:

    • Fixed – Zend session destroyed, “Failed to decode session object. Session has been destroyed” error message.
    • Fixed – Video not displaying in new tab if using S3.
    • Fixed – Uploaded videos would not delete on PHP 8.
    • Fixed – Video Language file remove sss from end of line 50.
    • Fixed – Activity feed privacy selection box does not close when option is selected.
    • Fixed – Update tutorial links in admin panel that went to old kb.
    • Fixed – Finish removing socialengine warehouse from iframely setting.
    • Fixed – Public forums not viewable by the public user group if the default user group is blocked from viewing.
    • Fixed – Blog pagination not working.
    • Fixed – Null value issue in MySQL won’t allow pages in admin to save.
    • Fixed – Videos with italics in title are not showing correctly.
    • Fixed – Invite sends friend request when not checked to send.
    • Fixed – Searching in plugins was not working for “All Categories” and also was not pulling accurate results.
    • Fixed – Inspira banner images slow to load due to opacity.
    • Fixed – Inspira dark style login input white on white.
    • Fixed – Inspira LinkedIn icon.
    • Fixed – Inspira landing page banner strobing effect if no banners selected or if only one banner selected, text strobing effect if only one moving description exists.
    • Fixed – Inspira apostrophe breaks text scrolling in banner.
    • Fixed – Inspira profile question descriptions squished.
    • Fixed – Inspira profile photo distorted in Windows 10.
    • Fixed – Vimeo not working for self-hosted Iframely.
    • Fixed – Link sharing image issue.
    • Fixed – Email privacy to not send notifications not working.
    • Fixed – Emails are going to super admin and ignoring the email setting for new registration notifications.
    • Fixed – Group discussion losing formatting and getting javascript void.
    • Fixed – Cleaned up errors from install.log file.
    • Fixed – Cleaned up errors in warnings.log from group event.
    • Fixed – Subscription was canceled before the end date if PayPal subscription payment failed.

    A complete changelog is available for more details about the changes and fixes implemented in this 6.3.0 release. Please view our demo and explore 6.3.0! 

    Clients with v6 access can download version 6.3.0 from our client dashboard.  Clients who do not have access will need to purchase v6 access. 

    V6.3 has new requirements and recommendations. Please be sure to read them and have your server updated.

    As always we highly encourage all users to do a complete backup of both files and database before performing an upgrade. Please have the backup performed by your host or a developer if you’re not comfortable performing it yourself. 

    Important: There are special steps and patches for those upgrading from versions below v6. You will need to follow the special steps in the upgrading documents linked below before upgrading and applying the patches mentioned.

    Fresh installs should follow our installation tutorial or you can order an installation and our team will get it installed in no time. To upgrade from a previous version to 6.3.0, please view our upgrade documentation. 

    If you find any issues with this release, please let us know by filing a bug report in our Bug Tracker. We’d also like to encourage you to stay connected with the community.

    • Moderator
    • 6541 posts
    December 28, 2022 7:51 AM EST

    Our community is upgraded to 6.3.0 with no issues.

    • 105 posts
    December 28, 2022 5:48 PM EST

    Donna, thank you for everything you do!

    • 26 posts
    December 29, 2022 5:42 AM EST

    Great to see you working continously to improve the site since I myself have invested quite heavily in projects with your script.

     

    Do you have any idea when "display of blocks by level of members that would monetize the sites correctly" will be done?

    I also think you should publish a roadmap for development work, that would make sense, could be a forum post only?

     

    You can see here how KVS is doing it-I Am using that script for tube side of things since SE is not really good in supporting videos and that

    is not the purpose of SE Script. But with SSE you can share user database- so it is all good.

     

    https://forum.kernel-video-sharing.com/topic/274-kvs-550-discussion-and-poll/

     

    I like how they do it here for exmaple.

    • Moderator
    • 6541 posts
    December 29, 2022 5:50 AM EST

    When I was management at phpFox, we used to do it that way back in v2. We found that we ended up with features that destabilized the script (such as a dislike feature that destabilized the activity feed). We won't be using polls like that as we have such a diverse client base. The most wanted feature for adult sites wouldn't be the most wanted feature for church sites for example. However, we do find that feature requests that get a lot of interest (posting in that request by many clients) can get more attention from us. It's a good idea for you to post your interest in that feature request you mentioned. If it is an accepted feature, we will check to see how much interest is in it and if it'll fit in with development now. There are some feature requests that are accepted but need to wait for bigger database enhancements in order for us to do them. I don't know if that is one of them. 

    Thank you for your feedback.For the video issue, I can say that in the extended roadmap, we will be improving all of our plugins quite a lot. Each plugin is mapped for improvements. Our universal s3 feature is almost ready. We tried for 6.3 but we had to get it out for that security issue so we are working on it for 6.4. Maybe that will help. It'll work with BryZar s3 (our recommended host), Wasabi, Digital Ocean, Minio, etc.

    • 26 posts
    December 29, 2022 6:00 AM EST

    Thank Donna- I understand that. I am running a sports portal and adult sites as well- tell me about it. "display of blocks by level of members" is one i think would serve quite the general public (regardsless of subject). Non commercial sites- no.

     

    It is good if you try to improve the videos- but my conclusion is "Sutor, ne ultra crepidam", do not overfocus on videos. Your script is not a tube script but

    social network

     

    Bryzar is not in the game for me when it comes to bigger sites- sorry. (Meaning +100 TB Storage and 1 Petabyte traffic)

    Leaseweb.com

    fdcservers.net

    ucdn.com

    keycdn.com

    Share for people reading this. Those hosting providers are also quite friendly when it comes to DMCA request etc.

     

    Storage providers like wasabi- they do not like adult content, but not totally ban it either, but let us forget abt that. Problem overall with many of these "cheap" storage provider like wasabi is that they do not allow you to many egress/pull request, meaning you can store it there but if to much traffic, they wont like it. You can combine wasabi with a CDN though, that is all fine.

     

    Just to be aware when you implement diffretn storage provider. A family friend site with 5000 members will not have issues, but an more commercial oriented site with 100K Daily users, a popular video can have 50 000 request in a day, would not be something wasabi would love (trust me).

    • Moderator
    • 6541 posts
    December 29, 2022 6:22 AM EST

    BryZar, which I co-own, is DMCA friendly, has high availability set ups for large sites, and many other options. Large clients are already hosting there and some use bare metal as well as BryZar offers it.

    For issues not related to the 6.3 release, would you please open a new thread to keep this one on track.Thank you.

    • 21 posts
    January 5, 2023 6:37 PM EST

    Hi Donna,

    I updated to 6.3 today and it did not fix the bugs I reported:

    • profile question fields still showing up too large when there is a description with it
    • profile picture is still showing up as a smaller circle within the profile pic circle
    • IG and LinkedIn icons still not showing up in social links footer

    I verified everything said 6.3.

    Is there something else I need to do?

     

    Thanks,

    Cheryl

    • Moderator
    • 6541 posts
    January 6, 2023 5:15 AM EST

    Hi Cheryl, 

    Please make sure you:

    1. Didn't edit the Insignia theme files in the admin panel and instead worked on a clone. If you edited the theme files in admin, it will break the upgrade and the theme won't upgrade. 

    2. If you edited the theme files and not a clone, you would need to revert those changes by clicking to do that in the theme editor.

    3. Did you download the Inspira 6.3 files and upgrade that?

    4. Did you enable development mode and then disable development mode to get the changes?

    If you did all of that, then please post new bug reports and we will test again. I have to go upgrade the Inspira demo as I had not done that yet.

    • 122 posts
    January 7, 2023 2:42 AM EST

    Hello,

     

    may I ask if for that upgrade need to wait also 3rd parts scripters to upgrade their plugins from the previous 6.2.2 to this one?

    • Moderator
    • 6541 posts
    January 7, 2023 1:01 PM EST

    It would be best to check with the third party experts as the jquery update might mess with the jquery their plugins use.

    • 122 posts
    January 7, 2023 11:49 PM EST

    Great thank you Donna!