Popular Articles
- Populating custom forms with data from other components
- Creating a Two-Column Content Layout
- How To Add Style to Joomla! System Messages
- Mediabox: How to implement with Joomla!
- How To Add a Background to Your Joomla! Site
- Template Tricks: Testing For the Front Page
- Joomla! 1.5.9 [Vatani] Released
- Setting Up 301 Redirects from www to Non-www...
- Scheduling a MySQL Database Backup on your VPS
- New Site Launch, New Free Templates For Download
Recommended Reading
Here is a selection of some of our favourite and most-read blogs out there:
Joomla! 1.5.9 [Vatani] Released // News
Time to upgrade those Joomla! 1.5 sites again, following security update 1.5.9, released today (10th January, 2009). Need some help updating? We offer a comprehensive backup, test and deploy service to give complete piece of mind to those wishing to update. Drop us a line to find out more.
"This is a security release and users are strongly encouraged to upgrade immediately"
From Joomla.org:
The Joomla Project announces the immediate availability of Joomla 1.5.9 [Vatani]. This is a security release and users are strongly encouraged to upgrade immediately.
Check the Joomla 1.5.9 Post-Release Notes to see if there are important items and helpful hints discovered after the release.
Security
One low-level and one high-level security issue were fixed in this release:
- High Priority: Directory Traversal. A crafted request can allow an attacker to view directory trees on the server. Note: contents of files cannot be edited or deleted, just viewed. More information »
- Low Priority: SSL Session Token Disclosure. When running a site as SSL ONLY, if a non-SSL request is made, an attacker can obtain the session token. There is NO risk for Web sites that use both HTTP and HTTPS. More information »
For additional information, visit the Joomla Security Center.
Components
- Fixed Contact Page so that a blank page is not displayed when vCard is not enabled, but is selected in the Contact Parameters (10680)
- Resolved problem with Category View Table where filter did not work when cache was enabled (10840)
- vCard no longer displays excess spaces (11871)
- Small change in components/com_banners/models/banner.php (12577)
- Resolved invalid XHTML 1.0 Transitional issues introduced in 1.5.7 for the Contact form (12868)
- Fixed problem that resulted in erroneous '404 - Contact not found' page for dropdown in Contact View (12989)
- Fixed Contact Category URL problems (13045)
- Fulltext Search for Uncategorized and Archived Articles is now working (13490)
- onPrepareContent issue for non-com_content Components resulting in a warning message has been resolved (13505)
- 'Change Contact Details' link now loads correct page (13542)
- Contact image not displaying in front end (13643)
- Front-end article submission no longer auto-populates, finish publishing date with same date as start publishing (13673)
- Media Manager Javascript error: "Object doesn't support this property or method" that presented for IE has been fixed (13761)
- Space between meta keywords no longer removed when saving Articles (13794)
- com_installer Module View now correctly displays Author e-mail and URL (13942)
- Robots and Author meta retained when copying Articles (13949)
- Article Archive pagination fixed (14070)
- Correction so that unregistered site visitors can no longer access PDF for registered Articles (14196)
- Hits filter in Category List fixed (14390)
- Resolved problem where "Register to read more" incorrectly redirected to Front Page, rather than Article (14392)
- Poll error message resolved (14394)
- Resolved problem where Category List failed to retain Column Sort preference when navigating to a different page (14398)
- Resolved problem in Category List where changing Display # to All in page 2 of list would display no results (12932)
- Category List now correctly shows filtering option in use (14402)
- Corrected 404 error that resulted when menu access was set to Public and Contact Item is Registered (14412)
Modules
- New modules can now be added, even when there are no modules entries already defined (11874)
- Inconsistency removed for Login/Logout Redirection page of mod_login (13611)
- JMenu getMenu() doc error corrected (13617)
- Archive Module Count Parameter and Tool Tip corrections (13694)
- STRPOS error corrected when editing Alias Menu Item (13909)
- Toolbar Image now points to an existing image (14171)
Plugins
- OpenID upgraded to 2.0 protocol, now works with Yahoo (12217)
- plgSystemCache plugin now respect site and page language (12115)
- Page string in plugins/content/pagebreak.php is now properly externalized (12730)
- Legacy Plugin - Login Timeout resolved (13662)
- Access level for Plugins fixed (14106)
- Fixed OpenID Transition issues (14433)
Legacy
- No issues fixed for this release
Templates
- RTL feeds PARAM is now saved in database which corrects RTL feeds in Milkyway and Beez (11235)
- CSS and XHTML valid error in JA_Purity resolved, as was invalid CSS validator link (12887)
- JA_Purity default status for Modules defined for right position now collapse correctly, when unused (12925)
- Fixed CSS errors in rhuk_milkyway/css/template_rtl.css (13517)
- Missing H1 text-align in rhuk_milkyway/css/template_rtl.css fixed (13570)
- Beez template override for com_search now displays error messages correctly (13584)
- Corrected Last Updated date for Beez Template (13632)
- Resolved inconsistencies for Beez Template Override Page Titles (13634)
- Contact image changes for Beez override (13700)
- Incorrect File Reference corrected for Beez Template (13859)
- Short PHP Notation in Beez Windows hosting bug introduced in 12798 has been fixed (14313)
- en-GB.com_statistics.ini are now correctly deleted (14391)
- Removed unnecessary string in JA_Purity template (14414)
- Removed unnecessary strings in rhuk_Milkyway template (14415)
Language
- Language INI files that were incorrectly encoded using UTF-8 with BOM have been fixed (13499)
- Untranslated strings in en-GB.ini after SVN 11236 are fixed (13514)
- Fixed untranslated strings in com_weblinks (13608)
- Fixed untranslated strings in com_contact (13626)
- Fixed untranslated Strings in admin/mod_feed (13666)
- Spacer values are now translatable (14308)
- Fixed issue with JA_Purity spacer so that it is now translatable (14360)
- Resolved remaining English string hard-coded in mod_search (14374)
- String missing in en-GB.com_installer.ini (14389)
- Resolved untranslated language string for "Email a Friend" feature (14395)
- Tooltip language string in com_config corrected (13633)
Administrator
- Added better tooltip text for the Help Server Reset button in Global Configuration System Settings (12023)
- Toolbar & value fixed for Media Manager button (12841)
- JInstallerHelper Class Function description has been corrected (13574)
- Help screens made (13616)
- Remove default filter for Super Admininistrator and fix filter whitelist problem (13770)
- Corrected error where Editor deleted content for default filter; UTF-8 compatibility is now enforced with JInputFilter (13901)
- Removed old dev.joomla.org links (14227)
System
- query_batch corrected for SQL error (12247)
- uri.php changes made in 1.5.7 no longer break back-end URLs if $live_site=Http has an uppercase H (12812)
- JFolder::delete bug fixed when folder contain symbolic links on folders (12939)
- Typo in sample_data.sql resolved (13549)
- License correction for PHPMailer in CREDITS.php (13811)
- Fixed error that resulted from invoking JDatabase::Query() more than once (13860)
- Cache space is now correctly released (14317)
- String bug for strspn() resolved (14339)
- Weird characters removed from LICENSES.php file (14408)
- Removed outdated link in the installer language file (14410)
- Fixed typo in Cache Manager (14434)
- Updated Archive_Tar to relicensed BSD version (12746)
(Source: http://www.joomla.org/announcements/release-news/5226-joomla-159-security-release-now-available.html)
