Welcome to Geeklog Wednesday, May 27 2015 @ 03:40 AM EDT
Paypal plugin now allows you to sell access to some of the content of your site or to establish management paying members of a club or association.
This new version 1.2 introduces a new type of product, subscritions. This feature allows you to create membership for one or several days, weeks, months or years. Users who subscribe online are automatically added to a group you specify. Group members can then access content reserved for them during the entire period of their membership. Once it is completed, the member is automatically removed from the group.
Many other new features are available with this release. Please refer to the wiki page for more details.
Starting with Geeklog 1.8.0, Geeklog will require PHP 5.2.0 or later to run. The last version of Geeklog to run on older PHP versions will be 1.7.2, to be released in early 2011.
To put things into perspective: Support for PHP 4 by the PHP development team offically ended on December 31, 2007. A last official release, PHP 4.4.9, was made on August 8, 2008. Since then, no security or other bugfixes have been released for PHP 4.
Some Linux distributions with long-term support, most notably Red Hat Enterprise Linux 4 (RHEL 4) and CentOS 4, shipped with PHP 4 at the time they were released and have therefore committed to continue PHP 4 support until the end of their support period. Therefore, unfortunately, there are still "supported" PHP 4 installations out there.
As a compromise and service to those of our users being "stuck" on such a setup, the Geeklog Team will continue to provide security fixes for the Geeklog 1.7 branch in a timely manner until February 29, 2012 (which coincides with the "End of Production 3 phase" for RHEL 4). Where by "timely", we mean "as soon as possible, but not necessarily on the same day as the then-current release". The further versions drift apart, the more work will it be for us to backport fixes.
Overall, however, we would really suggest that you switch to a host running PHP 5.2 or later, if at all possible and as soon as possible.
Geeklog 1.7.1sr1 addresses an XSS in the Configuration admin panel, reported by Aung Khant of the YGN Ethical Hacker Group. Due to the built-in CSRF protection this weakness is somewhat harder to exploit but we would nonetheless advise that you secure your site by installing this update ASAP.
In addition to the complete 1.7.1sr1 tarball, there are also update files for Geeklog 1.7.1 and for Geeklog 1.6.1sr1 that contain only a fixed version of the affected file (see the included README file for installation instructions).
Users of older Geeklog releases should consider upgrading to Geeklog 1.7.1sr1 soon (use the complete 1.7.1sr1 tarball to upgrade from any older version).
If you need help in setting up or using Geeklog, please see the documentation, the FAQ, the Wiki, try our search page or browse through the Support Forum. Chances are someone else already had the same problem.
More resources are listed on the support page.
If you still can't find an answer, feel free to post in the forum.
Need help now? Try our web-based IRC chat.