Tiki CMS/Groupware 18.104.22.168
Tiki CMS/Groupware (aka TikiWiki) is a powerful open-source Content Management System.
Major features include articles, forums, newsletters, blogs, a file/image gallery, a Wiki, drawing, trackers, a directory, polls/surveys and quizzes, a FAQ, chat, a banner management system, Webmail, a calendar, Ephemerides, maps, charts, Mobile Tiki (PDA and WAP access), RSS feeds, a category system, a theme control center, workflow, live support, Shoutbox, ACLs, and more.
Here are some key features of "Tiki CMS Groupware":
· The Wiki
· Image Gallery
· Articles and submissions
· JgraphPad drawings
· Mobile Tiki
· Voice Tiki
· Banner ads
· Dynamic Content System
· File Galleries
· Featured Links
· Communications center
· Category system
· RSS feeds
· HTML pages
· HTML pages dynamic
· Live Support System
· Galaxia Workflow Engine
· My Tiki section
What's New in This Release:
· Improving input sanitizer. Thank you to Fortify softwareexternal link for reporting a cross-site scripting (XSS) vulnerability in tiki-edit_article.php. Note: Until you upgrade, workaround is to not permit non-trusted users to add/edit articles, or to deactivate the articles feature altogether.
· New pre-emptive securitycheck.php script. This check, which is now part of the release procedures, checks every single potentially dangerous file (.php, .sh, etc) to make sure it follows some basic checks (such as: a feature check, permission check, verify that it can't be called directly if it shouldn't, etc.). If you are not using feature X you will no longer potentially be affected in a security issue which is discovered in a feature using that file. If you are using that feature, you can turn it off until you upgrade.
· Adding feature and permission checks to all files to comply with the securitycheck.php script described above.
· Developer scripts now have extra protection to make sure they can't be run from the web (on a badly configured server).
· Some useless files were deleted.
· Fix a username/password/registration bug issue which was introduced in 1.9.9.
· Image Gallery: Fixed the next-prev glitch which was introduced recently.
· Various fixes to Live Support feature.
· Various fixes to InterTiki feature
· Forums: Prevent forum pruning from removing comments as well, or from other forums.
· Fixes to "thumbnail" plugin
· Better handling of usernames with special characters
· tiki-contact.php has anti-bot protection
· Some administrative fixes and enhancements to the release, security and developer scripts.
· New "superscript" plugin to make easy superscript in wiki page, without using html, like subscript plugin.