Hier finden Sie eine Übersicht aller bisherigen Änderungen. Contao unterscheidet zwischen Major-Releases (z.B. von Version 3 auf Version 4), Minor-Releases (z.B. von Version 3.4 auf 3.5) und Bugfix-Releases (z.B. von Version 3.4.4 auf Version 3.4.5).


Change log

4.4.29 (2018-11-22)

  • Do not convert line breaks in table cells if there are HTML block elements (see #159).
  • Automatically enable image sizes created by regular users (see #8836).
  • Handle unknown languages in the meta editor (see #127).

4.4.28 (2018-10-31)

  • Correctly rebuild the symlinks in the maintenance module (see #150).

4.4.27 (2018-10-31)

  • Check the member status when sending newsletters (see #8812).
  • Fix the markup of the breadcrumb menu (see #1561).
  • Allow to set the target directory when installing the web directory (see #142).
  • Correctly render the back end forms in Firefox (see #79).
  • Show the info messages in the DropZone uploader (see #83).

4.4.26 (2018-09-20)

  • Fix an error when creating new pages (see #63).

4.4.25 (2018-09-18)

  • Correctly detect Chrome on iOS in the environment class (see #61).
  • Optimize generating sitemaps (see #6830).
  • Use min-height for .w50 widgets in the back end (see #8864).
  • Prevent arbitrary code execution through .phar files (see CVE-2018-17057).

4.4.24 (2018-09-05)

  • Ignore the "uncached" insert tag flag in the unknown insert tags (see #48).
  • Make the ID of the subscription modules unique (see #40).
  • Use the correct table when handling root nodes in the picker (see #44).

4.4.23 (2018-08-28)

  • Replace the Set-Cookie header when merging HTTP headers (see #35).

4.4.22 (2018-08-27)

  • Do not merge the session cookie header (see #11, #29).
  • Update the list of countries (see #12).

4.4.21 (2018-08-13)

  • Correctly set the back end headline for custom actions (see #23).
  • Remove support for deprecated user password hashes (see #1608).
  • Fix the MySQL 8 compatibility (see #93).
  • Revert the intermediate maintenance mode fix (see #78).

4.4.20 (2018-06-26)

  • Make the session listener compatible with Symfony 3.4.12.

4.4.19 (2018-06-18)

  • Show the 404 page if there is no match in the set of potential pages (see #1522).
  • Correctly calculate the nodes when initializing the picker (see #1535).
  • Do not re-send the activation mail if auto-registration is disabled (see #1526).
  • Remove the app_dev.php/ fragment when generating sitemaps (see #1520).
  • Show the 404 page if a numeric aliases has no url suffix (see #1508).
  • Fix the markup so the breadcrumb is linked to the webpage (see #1527).
  • Reduce memory consumption during sitemap generation (see #1549).
  • Correctly handle spaces when opening nodes in the file picker (see #1449).
  • Disable the maintenance mode for local requests (see #1492).
  • Correctly blacklist unsubscribed recipients (see #21).
  • Use a given e-mail address in the unsubscribe module (see #12).
  • Delete old subscriptions if the new e-mail address exists (see #19).

4.4.18 (2018-04-18)

  • Fix an XSS vulnerability in the system log (see CVE-2018-10125).
  • Correctly highlight all keywords in the search results (see #1461).
  • Log unknown insert tag (flags) in the system log (see #1182).

4.4.17 (2018-04-04)

  • Correctly hide empty custom layout sections (see #1115).
  • Preserve the container directory when purging the cache.
  • Suppress error messages in production (see #1422).
  • Correctly duplicate recipients if a channel is duplicated (see #15).

4.4.16 (2018-03-08)

  • Correctly link to the picker from the TinyMCE link menu (see #1415).

4.4.15 (2018-03-06)

  • Do not make the response private when saving the session (see #1388).
  • Improve the folder hashing performance (see #8856).

4.4.14 (2018-02-14)

  • Correctly render the article list if there are no articles (see #1351).
  • Do not log custom insert tags as "unknown" if they have been replaced (see #1295).
  • Show redirect pages with unpublished targets in the front end preview.
  • Log database connection errors (see #1324).
  • Remove "allow_reload" in favor of the "expect" header (see terminal42/header-replay-bundle#11).

4.4.13 (2018-01-23)

  • Quote reserved words in database queries (see #1262).
  • Correctly render external links in the event_teaser template (see #21).
  • Do not remove old subscriptions not related to the selected channels (see #8824).

4.4.12 (2018-01-03)

  • Do not resend activation mails for active members (see #1234).
  • Order the files by name when selecting folders in the file picker (see #1270).
  • Optimize inserting keywords into tl_search_index (see #1277).
  • The assets:install command requires the application to be set in Symfony 3.4 (see #81).

4.4.11 (2017-12-28)

  • Revert 'Quote reserved words in database queries (see #1262)'.

4.4.10 (2017-12-27)

  • Quote reserved words in database queries (see #1262).
  • Only add _locale if prepend_locale is enabled (see #1257).
  • Add the missing options array in the CommentsModel class (see #9).
  • Use the schema filter in the install tool (see #78).

4.4.9 (2017-12-14)

  • Show the "invisible" field when editing a form field (see #1199).
  • Only add pages requested via GET to the search index (see #1194).
  • Fix the Encrption class not supporting PHP 7.2 (see #8820).
  • Handle single file uploads in FileUpload::getFilesFromGlobal() (see #1192).
  • Do not always create a new version when an event is saved (see #26).
  • Use a simpler lock mechanism in the install tool (see #73).

4.4.8 (2017-11-15)

  • Prevent SQL injections in the back end search panel (see CVE-2017-16558).
  • Prevent SQL injections in the listing module (see CVE-2017-16558).
  • Support class named services in System::import() and System::importStatic() (see #1176).
  • Only show pretty error screens on Contao routes (see #1149).

4.4.7 (2017-10-12)

  • Show broken images in the file manager (see #1116).
  • Copy the existing referers if a new referer ID is initialized (see #1117).
  • Stop using the TinyMCE gzip compressor (deprecated since 2014).
  • Prevent the User::authenticate() method from running twice (see #1067).
  • Filter multi-day events outside the scope in the event list (see #8792).

4.4.6 (2017-09-28)

  • Bind the lock file path to the installation root directory (see #1107).
  • Correctly select the important part in the modal dialog (see #1093).
  • Correctly handle unencoded data images in the Combiner (see #8788).
  • Do not add a suffix when copying if the "doNotCopy" flag is set (see #8610).
  • Use the module type as group header if sorted by type (see #8402).
  • Fix the setEmptyEndTime() save_callback (see #10).
  • Correctly show multi-day events if the shortened view is disabled (see #8782).

4.4.5 (2017-09-18)

  • Fall back to the URL if there is no link title (see #1081).
  • Correctly calculate the intersection of the root nodes with the mounted nodes (see #1001).
  • Catch the DriverException if the database connection fails (see contao/managed-edition#27).
  • Fix the back end theme.
  • Check if the session has been started before using the flash bag.
  • Catch the DriverException if the database connection fails (see contao/managed-edition#27).

4.4.4 (2017-09-05)

  • Show the form submit buttons at the end of the form instead of at the end of the page.
  • Do not add the referer ID in the Template::route() method (see #1033).
  • Correctly read the newsletter channel target page in the newsletter list (see #7).

4.4.3 (2017-08-16)

  • Correctly assign the form CSS ID (see #956).
  • Fix the referer management in the back end (see #6127).
  • Also check for a front end user during header replay (see #1008).
  • Encode the username when opening the front end preview as a member (see #8762).
  • Correctly assign the CSS media type in the combiner.
  • Warm up the Symfony cache after the database credentials have been set (see #63).
  • Check if the Contao framework has been initialized when adding the UA string (see contao/standard-edition#64).

4.4.2 (2017-07-25)

  • Adjust the command scheduler listener so it does not rely on request parameters (see #955).
  • Rewrite the DCA picker (see #950).

4.4.1 (2017-07-12)

  • Prevent arbitrary PHP file inclusions in the back end (see CVE-2017-10993).
  • Correctly handle subpalettes in "edit multiple" mode (see #946).
  • Correctly show the DCA picker in the site structure (see #906).
  • Correctly update the style sheets if a format definition is enabled/disabled (see #893).
  • Always show the "show from" and "show until" fields (see #908).
  • Correctly set the "overwriteMeta" field during the database update (see #888).

4.4.0 (2017-06-15)

  • Fix the "save and go back" function (see #870).

4.4.0-RC2 (2017-06-12)

  • Update all Contao components to their latest version.
  • Regenerate the symlinks after importing a theme (see #867).
  • Only check "gdMaxImgWidth" and "gdMaxImgHeight" if the GDlib is used to resize images (see #826).
  • Improve the accessibility of the CAPTCHA widget (see #8709).
  • Re-add the "reset selection" buttons to the picker (see #856).
  • Trigger all the callbacks in the toggleVisibility() methods (see #756).
  • Only execute the command scheduler upon the "contao_backend" and "contao_frontend" routes (see #736).
  • Correctly set the important part in "edit multiple" mode (see #839).
  • Remove the broken alias transliteration (see #848).

4.4.0-RC1 (2017-05-23)

  • Tweak the back end template.
  • Add the "allowed member groups" setting (see #8528).
  • Hide the CAPTCHA field by default by adding a honeypot field (see #832).
  • Add the "href" parameter to the article list (see #694).
  • Show both paths and UUIDs in the "show" view (see #793).
  • Do not romanize file names anymore.
  • Improve the back end breadcrumb menu (see #623).
  • Correctly render the image thumbnails (see #817).
  • Use the "file" insert tag in the file picker where applicable (see #8578).
  • Update the Punycode library to version 2 (see #748).
  • Always add custom meta fields to the templates (see #717).
  • Notify subscribers of replies (see #8565).
  • Ignore tables not starting with "tl_" in the install tool (see #51).
  • Re-add the "sqlCompileCommand" hook (see #51).
  • Purge the opcode caches after deleting the Symfony cache (see contao/contao-manager#80).
  • Show a "no results" notice if a search does not return any results (see #7705).

4.4.0-beta1 (2017-05-05)

  • Warn if another user has edited a record when saving it (see #809).
  • Optimize the element preview height (see #810).
  • Use the file meta data by default when adding an image (see #807).
  • Use the kernel.project_dir parameter (see #758).
  • Disable the "publish" checkbox if a parent folder is public (see #712).
  • Improve the findByIdOrAlias() method (see #729).
  • Make sure that all modules can have a custom template (see #704).
  • Remove the popupWidth and popupHeight parameters in the file manager (see #727).
  • Remove the cron.txt file (see #753).
  • Allow to disable input encoding for a whole DCA (see #708).
  • Add the DCA picker (see #755).
  • Allow to manually pass a value to any widget (see #674).
  • Only prefix an all numeric alias when standardizing (see #707).
  • Support using objects in callback arrays (see #699).
  • Support importing form field options from a CSV file (see #444).
  • Add a Doctrine DBAL field type for UUIDs (see #415).
  • Support custom back end routes (see #512).
  • Add the contao.image.target_dir parameter (see #684).
  • Match the security firewall based on the request scope (see #677).
  • Add the contao.web_dir parameter (see #40).
  • Look up the form class and allow to choose the type (see #8527).
  • Auto-select the active page in the quick navigation/link module (see #8587).
  • Extended reporting if the script handler fails (see #27).
  • Set prepend_locale to false (see #785).
  • Change the maintenance lock file path (see #728).
  • Add basic security (see contao/standard-edition#54).