You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.
Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"
Download XenForo 2.2.15 Full Nulled Free
Hot on the heels of yesterday's XF 2.2.14 release and subsequent patches, we are today making XenForo 2.2.15 available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability, particularly if you already upgraded to XenForo 2.2.14.
As of this point, XenForo 2.2.14 and its patches are no longer available for download. We are still planning a final XF 2.2 release at some point around the release of XenForo 2.3!
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.2.15 include:
Current requirements
- Avoid setting duplicate List-Unsubscribe headers.
- Include first post QA schema items unconditionally.
- Make outdated PHP version notice in admin control panel clearer.
- Retain the original unsubscribeEmailAddress option for backwards compatibility.
- New unsubscribeEmailHandling option to replace the new unsubscribeEmail option and conclusively fix issues arising from yesterday's XF 2.2.14 release.
- Fix URL unfurls no longer unfurling.
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.2 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Download XenForo 2.2.13 Full Nulled Free
XenForo 2.2.13 Released
XenForo 2.2.13 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
In addition to the fixes listed below, we have a few other aces up our sleeves this time around.
Full iOS PWA compatibility with push notification support
iOS 16.4 finally introduced push notifications for iOS devices. To facilitate this, your members need to install your site as a PWA (by utilising the Add to Home Screen feature in Safari). XenForo 2.2.13 now satisfies all of the prerequisites for this to support push notifications which can be enabled by your members once they log in through the PWA and enable push notifications in their Preferences.
The PWA (progressive web app) has now been enhanced with additional gesture based or UI controls, including pull down to refresh and a floating back button.
Structured data metadata improvements
With many thanks to Ryan Levering from Google we have made a number of improvements to structured data metadata. Structured data enriches the pages we output with additional information which enables Google and other search engines to better understand the structure of the information that is rendered. This helps Google provide rich search results and helps provide additional context to users who may find your content during their Google searches.
Support for OAuth authentication for Microsoft 365 business email accounts
Microsoft has deprecated the ability to send emails over SMTP using traditional username/password authentication. This is similar to what Google did a while ago. In light of this we have now added an additional option when setting up either your email transport or automated mail handlers (automated unsubscribe/bounce handling) which will enable you to authenticate with OAuth.
Note: The set up for this is fairly complex, requiring you to set up an Azure Active Directory application within the Azure developer portal. There is a link to the documentation when setting this up.
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.2.13 include:
- Adjust several cookie third party identifiers
- Fix simple cookie notice flash for guests
- Update thread creation latest activity items when merging threads
- Add null checks when we're inspecting the result of the getPhraseGroup method of the Phrase entity.
- Add context to node permission list with node type icons.
- Don't attempt to access getCookieThirdParties on payment providers which may no longer exist.
- Update enable push option to reflect better browser support.
- Check search permissions when displaying the 'Your content' link in the visitor menu
- Restore "notes" phrase that was inadvertently deleted in the previous release
- Avoid leaking the email address linked to an account that is using email two-step verification
- Don't show the view more link on a member's recent content page for users who have no permissions to search
- Ensure wrapper display HTML value has whitespace trimmed
- Properly set custom titles when batch updating users
- When adding/editing nodes, the description for the URL portion field now refers to nodes rather than forums
- Fix a typo in the cookie_consent.cookie_description_dbWriteForced phrase
- Replace MaxCDN with jsDelivr as the CDN for Twemojis
- Ensure emojis are properly displayed in the chosen style
- More consistently set content key across different content types
- Fix error thrown when xf_consent cookie has an invalid value
- Escape backslashes when escaping SQL like clauses
- Do not prepare member stat results prior to caching
- Fix some entity collection return type hints
- Clamp input filterer float values
- Attempt to prevent browsers from autofilling credentials in the find member widget
- Rebuild permissions in batches to limit memory usage
- Display an error when an invalid URL is used to test URL unfurling
- Display content vote scores in LTR orientation
- Make stream closing attempts more robust when working with abstract files
- Fix type hint in Oembed subcontainer
- Gracefully handle Redis mget failures
- Only display flash message once when tags are edited
- Fix max length attribute of custom warning title input
- Perform validation on email address options
- Allow restricting forum RSS results by prefix IDs
- Do not attempt to decrement alert counters when a new alert is inserted
- Fix behavior of falsy code event listener hints
- Perform validation on error reply values
- Always include search query arguments when building search links
- Retain previous selection when changing poll votes
- Improve notice controller/action criteria validation
- Include support for embedding YouTube Live URLs
- Check thread visibility before redirecting for invalid post links
- Improve user IP lookup query performance
- Make user entity timezone verification more robust
- Remove dead code from vBulletin 5 authentication handler
- currencyFormat was changed to allow figures with no decimals to show without decimal places, but to show the decimals if any were present. In doing so, we managed to kill the ability to specify the number of decimals. Oopsie. So now you can do that again, and you can also now specify -1 precision in order to prevent number_format from limiting or artificially extending the decimal places at all.
- Update the intl-tl-input JS library
- Fix CSS border radius shifting for RTL styling
- Increase entropy of temporary directory name generation to reduce the likelihood of race conditions
- Improve performance of \XF\Extension::resolveExtendedClassToRoot using an inverse lookup table
- Correctly replace urlencoded CSRF token values before returning cached pages to fix an issue with Advanced cookie management.
- Ensure that unsubscribing from emails also unsubscribes the user from activity summary emails
- Support embedding YouTube videos from youtube-nocookie.com
- Fix incorrect type hints in prefix and prompt group entities
The following public templates have had changes:
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- PAGE_CONTAINER
- account_confirm_resend
- account_connected_associate
- account_details
- account_email
- account_request_password
- account_two_step_authy_config
- account_visitor_menu
- app_body.less
- app_content_vote.less
- approval_item_user
- approval_queue_macros
- connected_account_macros
- contact_form
- content_vote_macros
- core.less
- core_button.less
- core_list.less
- custom_fields_macros
- editor_base.less
- email_stop_confirm
- google_analytics
- helper_js_global
- lost_password_confirm
- member_about
- member_recent_content
- member_view
- member_warn
- message_macros
- notice_confirm_email
- notice_email_bounce
- poll_macros
- post_macros
- post_question_macros
- register_confirm
- register_connected_account
- security_lock_resend
- security_lock_reset
- spam_cleaner
- tag_macros
- tel_box.less
- two_step_email
- widget_find_member
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Download XenForo v2.2.12 Full Nulled Free
XenForo 2.2.12 Released
XenForo 2.2.12 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
We're pleased to announce the introduction of two new features available in XenForo 2.2.12.
New CAPTCHA provider: Cloudflare Turnstile
In September, Cloudflare Turnstile was announced. You may have noticed that we quickly implemented this into the software and it has been running here now for a little while.
While on the surface this may seem like "just another CAPTCHA" option, we feel that Cloudflare has gotten a lot of things right in its approach to this product that is missing from many other providers including HCaptcha and Google reCAPTCHA. It's a much better experience for your users, respects your users privacy and with XF 2.2.12 also provides more granular logging in the Cloudflare dashboard so you can see analytics about where in the software a CAPTCHA is being used.
We encourage you to read more about Cloudflare Turnstile on their blog and consider signing your site up, for free, right here or if you are an existing Cloudflare user, get started in your Cloudflare dashboard.
Advanced cookie consent system
Starting with XF 2.2.12 you will be able to enable a new "Advanced" cookie consent system. This enables your users to have much more granular control over the specific cookies that are set, the purpose of each cookie and prevents certain cookies from being set at all until explicit consent is given.
As ever, this system is also extendable by add-on developers so that cookies set by an add-on can be appropriately categorised and also require consent before certain functionality is available.
This is not enabled by default and should currently be considered a Beta feature. If you wish to enable it, you can do so by searching for the cookieConsent option in your Admin control panel and setting the option to "Advanced". If you have feedback or further suggestions, please post a new thread in the XenForo suggestions forum, or if you notice any issues, please post a new thread in the Bug reports forum.
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically. For self-hosted customers, read on...
One-click upgrade to XenForo 2.2.12
Directly from your admin control panel
Some of the changes in XF 2.2.12 include:
- Always default to an empty array when IPv6 lookup fails
- Fix a server error when guests tried to access non-existent search results
- Include some missing entries in the hashes file
- Suppress warnings when converting invalid IP addresses on older versions of PHP
- Implement suggested password normalization for PhpBb3 authentication
- Check for "Manage add-ons" permission when viewing or triggering a file health check
- Fix not being able to follow users in an email bounced user state
- Fix custom user titles set to falsy values not being displayed
- Add missing pagination when searching for a user's reported content
- Only sign emails if DKIM setup has been verified
- Properly account for falsy values in wholeWordTrim and snippetString functions
- Fix PHP 8.1 compatibility issue when performing a search with no keywords
- Update Swiftmailer to v6.3.0 for PHP 8.1 support
- Make adjustments to Facebook media site to support new pfbid IDs
- Add support for detecting utf8mb3 and treating it the same as utf8 thus ensuring unicode mismatch detection and table conversion to utf8mb4 is working correctly.
- Add missing CSS to the comment macro in the profile_post_macros template
- When trying to unapprove a deleted thread, undelete it and put it in the approval queue
- Prevent configuration of two-factor authentication when it is disabled via the config.php switch
- Fix outdated link in the you_can_preview_icons_and_their_names_here phrase
- Fix typo in legacy Instagram embed template
- Re-implement Instagram embeds without a reliance on the oEmbed endpoints and support reel links.
- Adjust template Parser to allow for more precise parentheses placement in some previously ambiguous usages.
- If guest content is awaiting approval, show the username the content was submitted under
- Fix PHP 8.1 compatibility issue when rebuilding a thread's first post information
- Remove extraneous line breaks from the news feed option description
- If a user is also a moderator, update the URL on their admin profile page to only show forums they moderate
- Exclude nodes where a user can't view thread content from search queries
- When importing from an RSS feed and posting as a particular user, respect their auto-watch preferences
- Add support for 3GP encoded videos
- Fix $fromEmail variable not being set correctly when sending emails
- Fix accidentally exposing thread content to guests without the "View threads by others" permission when the thread starter's account has been deleted
- Ensure error logging isn't silently skipped if stacktrace arguments contain invalid utf-8.
- Adjust CSS for Spotify media embed.
- Adjust Select2 and native auto-completer to accept tab key as selecting a result.
- Support node_name / URL portion for categories (relevant if categoryOwnPage option enabled)
- Remove reference to non-existent reaction_text column
- Fix typo in mail template rendering exception message
- Fix connected account providers not appearing on the login form in some cases
- More accurate way of parsing byte values from PHP config values.
- Ensure only valid users are able to change their username.
- Better support cross platform directory separator trimming in ComposerAutoload
- Mark XF\Payment\CallbackState as allowing dynamic properties.
- Include PHP 8.2 compatibility fixes in non-vendor classes and utf8.php
- Fix Vimeo embed start timestamp behavior
- Use late static binding in utility classes to make them easier to extend
- Ensure job max run-time checks occur at end of loops
- Dynamically build link to front-end in the control panel
- Include content IDs in extra data when performing spam checks
- Include content IDs in extra data when performing spam checks
- Improve the extensibility of spam trigger log request data
- Add validation to widget display conditions
- Fix validation for negative whole number custom fields
- Adjust title attributes on bookmark links and buttons
- Adjust line height of inline mod go button to match select height
- In Text::copy return a Text element rather than Tag.
- Properly escape regex when rendering a BB code table.
- Disable PSR class path inspection in extension_hint.php
- In the ChangeLoggable behaviour add a new option to force a change to be from a specific user ID. In contexts where actions are performed from an email link, such as email stop or password resets, this allows us to ensure the password reset change log is attributed to the correct user.
- Update flow.js to the latest version, remove legacy FustyFlow for ancient IE fallback.
- Apply recommended fix for wrapping selection text in different editor functionality.
- Return a HTTP 404 error code when trying to view a tag with no viewable content
- Handle null arguments when stripping BBcode from strings
The following public templates have had changes:
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- PAGE_CONTAINER
- _help_page_cookies
- _media_site_embed_oembed
- _media_site_legacy_embed
- account_confirm_resend
- account_security
- app.less
- app_inlinemod.less
- approval_queue_macros
- bookmark_macros
- captcha
- captcha_turnstile
- contact_form
- core_bbcode.less
- core_utilities.less
- editor_base.less
- forum_post_quick_thread
- forum_post_thread
- google_analytics
- helper_attach_upload
- login
- lost_password
- misc_cookies
- notice_cookies
- notices.less
- register_form
- report_search
- thread_list_macros
- thread_reply
- thread_view
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Download XenForo 2.2.9 Full Nulled Free
XenForo 2.2.9 Released
XenForo 2.2.9 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
In addition to the usual bug fixes and improvements, we've continued to improve compatibility with PHP 8.1 and added support for self-hosted licenses to more easily sign outgoing emails with DKIM as per this recent suggestion by @digitalpoint.
One-click upgrade to XenForo 2.2.9
Directly from your admin control panel
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.2.9 include:
The following public templates have had changes:
- Fix fatal error when viewing debug page on PHP 8.1
- Revert previous change so that actioning conversation message report still relies on the 'warn' permission.
- Reset file hash when pruning proxied images
- Correctly remove duplicated relations when fetching the user entity within the Member controller
- Ensure there's a breadcrumb to return to the help pages list when modifying a help page
- When a suggested answer only contains an attachment, make sure the suggested schema text isn't blank
- Update various phrases to point to the new location of Google's Developer Console
- Fix an error that could occur when navigating search results after performing an exact match search for users but not providing a value for the username or email
- When registering with a connected provider, correctly redirect to the specified return URL
- When writing before registering but then logging in with an existing account, redirect to the newly created content
- When sending a push notification about a post being merged, avoid rendering the prefix as HTML
- Correctly mark the use_tfa field as a boolean value in the API documentation
- Patch Froala to workaround an issue which prevents "recently used" smilies from being stored as expected.
- Include $template in $params sent to email container templates
- Workaround a potential issue when upgrading from older versions due to new code in newer versions.
- Improve accessibility of inline spoilers.
- Fix Vimeo time-based links and support unlisted videos via the key portion of the URL.
- Append content link and title to report closure alerts.
- Workaround an undefined array key error that may happen during upgrade
- Do not display view count for directly viewed attachments (video and audio).
- When opening a page in an overlay that contains share buttons, override the page URL to the URL of the overlay loaded.
- Update Asia/Novosibirsk timezone to UTC+7
- Adjust job-related type hints to int|float.
- Log payment callbacks that come from an unknown source
- Document where scrolling notices are located
- Implement __isset() in the Finder class
- Make it easier to load additional relations with the search forum user cache
- Improve cross-table data consistency when threads are created
- Allow feed reader entries without a title to fallback to the description, and vice-versa
- Pass referrer through poll creation form
- Default to the first option value for read-only select inputs
- Improve PHP 8.1 compatibility when logging payment callbacks
- Fix null query parameter handling on the debug page
- Correct the IRR currency precision
- Include a content setter for report entities
- Fix attributes on the registration defaults option not referring to unique inputs
- Don't re-save avatars if the crop positioning hasn't changed
- Redirect to page 1 if a non-number value is passed to the "Go to page" form
- List the events a Stripe webhook endpoint should listen for
- Improve PHP 8.1 compatibility within the Register controller
- Work around an upstream issue in WinCache
- Always throw an exception when a file fils to copy to an abstracted file path
- Attempt to determine first proxyable favicon when fetching page metadata
- Canonicalize proxied thread cover image URLs
- Prevent search engines from attempting to index thread preview URLs
- Throw an exception when add-on requirement errors or warnings are not arrays
- Update watch notifier getDefaultWatchNotifyData method visibility to match parent class
- Fix route normalization in policy acceptance bypass check
- Improve PHP 8.1 compatibility in template trim tag/function
- Add response documentation to the POST posts/ API route
- Adjust maximum width of board title in control panel header
- Normalize root breadcrumb URL before checking if it matches the current page
- Make unfurl usage analysis more robust
- Improve PHP 8.1 compatibility within template filters
- When logging a failed email exception, include the from email in the exception message
- Add embed support for public Spotify playlists
- Make the default cookie same-site behavior configurable
- Always allow top-level categories which are not displayed in the node list to be accessed at their dedicated URL
- Fix article preview text fade not applying to articles without a cover image
- Strip AJAX query params from password confirmation redirects
- Avoid decreasing user message count twice when moving a thread in/out of a forum that does not count messages
- Improve PHP 8.1 compatibility within the API docs generator
- Fix potential stale recompilation of grouped phrases
- Include some missing entries in the hashes file
- Ensure zlib output compression is disabled to prevent interference with XF output compression
- Hide the article forum snippet length option when using the preview display style
- Correct the description for the user_content_change_init code event description
- Reword the "this_accounts_email_is_already_associated_with_another_member" phrase
- Add option to disable appending a CAPTCHA provider's privacy policy to the site's privacy policy
- Only send certain moderator action alerts when the content is or was visible to the author
- Improve PHP 8.1 compatibility within the unsharp image mask algorithm
- Improve PHP 8.1 compatibility within the route filter entity
- Remove stray XF.Element.register() in password_box.js
- Improve PHP 8.1 compatibility when resizing and cropping an image
- When converting tables to utf8mb4, only show the prompt to add fullUnicode to config.php if the value isn't set already
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- PAGE_CONTAINER
- alert_user_report_rejected
- alert_user_report_resolved
- attachment_macros
- browser_warning_macros
- core_block.less
- core_datalist.less
- core_menu.less
- core_tab.less
- editor_base.less
- login_password_confirm
- member.less
- message.less
- page_nav
- poll_create
- post_article_macros
- progress_bar.less
- progress_bar_macros
- push_user_post_merge
- push_user_report_rejected
- push_user_report_resolved
- thread_preview
- widget_html
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Installation and upgrade instructions
Full details of how to install and upgrade XenForo can be found in the XenForo 2 Manual. We strongly recommend upgrading directly from within your control panel.
XenForo 2.2.8 Patch 1 Released
Shortly after releasing 2.2.8, we became aware of an issue that may affect the expected operation of the image proxy system which may cause cached images to no longer refresh as expected.
For more details on the issue, please see this bug report.
You may now upgrade from your admin control panel or grab the new version from the customer area.
XenForo Cloud customers can also trigger an upgrade to this version from the customer area.
Fixed the API calling URL
XenForo 2.2.8 Released
XenForo 2.2.8 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
XenForo 2.2.8 brings initial PHP 8.1 support to XenForo. We do not currently recommend upgrading to PHP 8.1 in production but would encourage, where possible, running XF 2.2.8 and PHP 8.1 together on your staging sites/servers if possible.
One-click upgrade to XenForo 2.2.8
Directly from your admin control panel
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
Some of the changes in XF 2.2.8 include:
The following public templates have had changes:
- Do not wrap iconic inputs when directly adjacent to other inline items
- Generate PhpStorm metadata for validator classes
- Optionally normalize a URL passed into getRoutePathFromUrl to exclude the script part of the URL if it is passed in.
- Fix further JavaScript regression in editor.js that affected older browsers.
- Fix undefined variable $option when failing to refresh an OAuth email access token.
- If the location field is required at registration, indicate so on the account details page
- Correctly mark Applebot as a robot
- Fix the type hint in AbstractDriver for the imageFromFile method
- Ensure report comments are ordered consistently
- Allow API thread filtering by prefix_id when the specific forum is unknown
- Add support for podcast episodes to the Spotify BB code media site
- Adjust the way answers are counted and represented within the JSON-LD schema for question threads
- If the forum used for reports is deleted, revert back to using the report centre
- Throw a prettier error if downloading an XF upgrade package fails
- When sending a payment receipt for user upgrades, display the price paid and not the current price of the user upgrade
- Fix an issue preventing numeric custom fields from being searched
- Remove itemprop attribute from the fnUsernameLink templater function
- Silence errors when a template doesn't exist
- Patch a regression in Froala which caused images inside clipboard data to no longer be uploaded as expected.
- Consistently nest date of birth privacy options in the admin control panel user edit page.
- Fix password strength meter background color bleed.
- coerce the lbThumbsAuto option value to a boolean to ensure it works as expected.
- Fix vertical alignment of sort order indicator inside filter bar toggles.
- Remove CSS rule that inadvertently increases the size of the text of some form row elements.
- When requesting a new attachment key and hitting a permission error, make the error more clear.
- Fix an issue with the wrong reaction sprite displaying when switching between reactions on different sprite sheets.
- Support adding data attributes to <xfptgroup> elements inside <xf:checkbox> and <xf:radio> elements.
- Remove orphaned buttons from the button manager and correctly indicate button visibility
- When using ImageMagick, correctly set its temp directory to tempDataPath
- Include 'all' filter within page navigation when batch updating threads
- Improve handling for batch updating a large number of records in one go
- Add .opus as a supported audio file extension
- Ensure advanced flag for options is both imported and exported correctly
- Restore the default tab for a node when deleting its associated navigation tab
- Disable page load scroll adjustment on browsers supporting native scroll anchoring
- Filter removed buttons from editor dropdowns
- Inhibit scroll button click event when clicking between buttons
- Avoid truncating long widget descriptions
- Make it easier to extend valid image proxy mime types
- Fix layout shift when profile posts not visible on user profiles.
- Workaround an issue that could allow certain registration moderation requirements to be bypassed.
- Prevent posts from being moved or copied to threads that a moderator cannot view
- Ensure node ID constraints are always in a numerical array when searching for posts
- Re-work session activity updates to reduce locking pressure
- When encountering an invalid cost amount error with PayPal, expand the error message with a hint to check for additional shipping and handling charges
- Display the correct image for certain emojis containing a zero width joiner
- Record image proxy file hashes, and do not overwrite files if their hashes have not changed
- When replying to a thread that has been deleted during the reply, throw a clearer error message
- When filtering for unsolved questions, encourage MySQL to use a better index
- Prevent member tabs from overlapping the avatar when member stats aren't being displayed
- Add global template data to the API templater
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- PAGE_CONTAINER
- account_details
- alert_user_report_rejected
- core_datalist.less
- core_filter.less
- core_formrow.less
- core_input.less
- core_menu.less
- core_meter_bar.less
- editor_base.less
- helper_user_dob_edit
- member.less
- member_view
- message_macros
- poll_macros
- thread_type_fields_article
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Installation and upgrade instructions
Full details of how to install and upgrade XenForo can be found in the XenForo 2 Manual. We strongly recommend upgrading directly from within your control panel.
XenForo 2.2.7 Released
XenForo 2.2.7 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
Notably, XenForo 2.2.7 includes a fix for a potentially significant issue surrounding IP address spoofing in very specific circumstances using previously trusted IP address ranges. Thanks to NamePros for taking the time to report this issue.
One-click upgrade to XenForo 2.2.7
Directly from your admin control panel
If you are a XenForo Cloud customer, your upgrade will be scheduled automatically.
In addition to the usual bug fixes and improvements, there is a database schema change which may take significant time to perform. If you have a particularly large xf_attachment and xf_attachmet_data table (several million records) then we recommend performing a CLI upgrade.
XenForo 2.2.7 is also the first version to support cleaning up files that belong to uninstalled add-ons. You can read more about that here.
Some of the changes in XF 2.2.7 include:
The following public templates have had changes:
- Update add-on list filter bar to use the correct prefix search phrase.
- Output XenForo version when running cmd.php --version or -V
- Change [MEDIA] BB code tag example to point to a valid video.
- Ensure the input element for token inputs inherit the expected font color.
- Disable caching for the birthdays member stat. The results could be different for each user depending on time zone so caching won't be effective.
- Workaround a browser quirk to do with sticky navigation and the staff bar when the border width is an odd number. This removes the bottom border entirely.
- Workaround an issue that could be caused by mail queue entries that fail to unserialize.
- Avoid n+1 queries when filtering profile posts from banned users in the find new system
- Patch loose string comparisons such as !$username and in_array($username, $usernames) that can result in unexpected behaviors when wierd strings are used.
- When permanently deleting threads, ensure associated records are deleted too
- When generating RSS feed entries for threads, set the guid attribute to the thread ID
- Only overwrite push notification opt-out preferences if the visitor has permission to use push notifications.
- Allow unassociated attachment deletion cutoff to be extended inline with draft save lifetime, plus refresh temporary attachments when saving a draft.
- Trim excess whitespace from the beginning of Font Awesome icon classes
- Fix compatibility issue with type checking when rendering prefixes
- Add a new registration default to control whether push notifications should be sent for new conversation messages.
- Fix an issue preventing guests from creating polls
- When updating content reactions, check if reactions actually exist in the cache
- Properly coerce URLs that may not begin with "www."
- Fix casing for the metadata logo URL phrase
- Don't allow retaining IDs when importing reaction content records
- Use correct type hint for the getTitle method in the Report entity
- When editing admin navigation items, properly save the development_only value
- Adjust the query for determining who should receive a report closure notification to only return distinct and non-zero user IDs
- If using PHP 7.1 or above, allow the image proxy to fetch and store webp images.
- Ensure control panel attachment manager date boundaries are inclusive
- Open off-canvas sub-navigation menu when tapping a heading with no link
- Do not attempt to query for uncached content permissions after the global cache has already been run
- Remove duplicated templates for node permissions management
- Support specifying multiple content types when rebuilding the search index
- Change "Edit own thread title" permission to "Edit own thread" as this permission allows multiple thread properties to be edited.
- Improve legibility of thread prompt placeholder on the title input while using a narrow display when creating a new thread.
- Do not offset the sticky submit row in overlays to account for bottom fixed notices that are behind the overlay.
- Hover variants based on saturate() won't work with greys or near greys, so let's focus on xf-intensify() instead, and raise the value somewhat to compensate for the loss of the hover saturate
- When merging users, carry over previous username change logs too.
- Remove redundant file existence check when loading templates
- Remove redundant file existence check when loading phrase groups
- When autolinking emails expand the range of word characters permitted in additional domain parts.
- Adjust Vimeo BB code media site to not match profile URLs unintentionally.
- Impose a limit on the maximum number of keywords that can be searched for (default: 1024) and allow XFES to fetch the max_clause_count configuration value where possible to avoid a shard exception.
- Steps to avoid accessing a Less mixin from one file defined in another. Move to setup.less but retain reference to the original for backwards compatibility for now.
- When unfurling URLs using unfurl.php ensure we're using the correct style for the user and passing in the default template params.
- Update timezone data
- Add Sri Lanka to the list of locales
- Handle a race condition where proxy images get pruned in the middle of a request more gracefully
- When moving the first post out of a thread with no other visible posts, correctly set the state of the new first post and original thread record
- Use the number of replies in a question thread as the number of answers instead
- Allow toggling the direction of date sort orders on user upgrade lists
- Avoid throwing an error when sending an activity summary that has a section title containing a dot.
- Resolve a number of rich text editor quirks when pasting various content.
- When fetching metadata from a URL improve checks to ensure we get a valid charset encoding where possible and prevent against an Error exception thrown if an invalid character set encoding is encountered.
- When copy/pasting content that contains quotes, tidy up the output and ensure it outputs correctly with the appropriate attributes to maintain quote author and content.
- When parsing a color string (such as for the metaThemeColor property usage) normalize the color to its hex value by default.
- When typing conversation recipients allow a min length value of 1 for single character usernames.
- Improve performance of the attachment manager when working with mind-boggling numbers of attachments
- Workaround a tooltip displaying potentially in the wrong language in the editor draft button drop down.
- Use text-shadow to give a stroke effect to usernames whilst avoiding a wrapping issue
- Remove reference to zxcvbn.min.js source mapping to avoid 404 error.
- Skip some parts of the _preSave method in Thread entity if thread does not have a forum.
- Prevent iconic labels from overflowing their container
- Introduce a code event for manipulating the current page cache ID
- When uninstalling content type data during an add-on uninstall set the attachment content_id to 0 as well as unassociated to avoid conflicts if reinstalling. The files will be cleaned up later.
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- _help_page_bb_codes
- bb_code_tag_quote
- conversation_add
- conversation_invite
- core_blockmessage.less
- core_datalist.less
- core_input.less
- core_overlay.less
- editor_base.less
- forum_post_thread
- member.less
- member_tooltip
- member_tooltip.less
- member_view
- select2.less
- setup.less
- thread_list_macros
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
Current requirements
Please note that XenForo 2.2 has higher system requirements than earlier versions.
The following are minimum requirements:
- PHP 7.0 or newer (PHP 8.0 recommended)
- MySQL 5.5 and newer (Also compatible with MariaDB/Percona etc.)
- All of the official add-ons require XenForo 2.2.
- Enhanced Search requires at least Elasticsearch 2.0.
Installation and upgrade instructions
Full details of how to install and upgrade XenForo can be found in the XenForo 2 Manual. We strongly recommend upgrading directly from within your control panel.
XenForo 2.2.6 Patch 2 Released
XenForo 2.2.6 included support for YouTube embeds which contain a playlist ID which allows an embedded video to be viewed within the context of the playlist it is part of. While this was working perfectly fine, YouTube seemingly made a change yesterday which prevented all YouTube embeds from displaying because many of them would have had an empty list parameter in the embed URL.
This only affects customers who have already upgraded to XenForo 2.2.6 or XenForo 2.2.6 Patch 1. XenForo 2.2.6 Patch 2 resolves this issue.
For more details on the issue, please see this bug report.
You may now upgrade from your admin control panel or grab the new version from the customer area.
If you are a XenForo Cloud customer the upgrade to XenForo 2.2.6 Patch 2 has been scheduled for you automatically or you can trigger it now from the customer area.
(Note: XenForo Cloud customers did not receive XenForo 2.2.6 Patch 1 previously as the changes were only relevant to legacy XF installations).
XenForo 2.2.5 is now available for all licensed customers to download. We strongly recommend that all customers running previous versions of XenForo 2.2 upgrade to this release to benefit from increased stability.
This release changes the default CAPTCHA method from reCAPTCHA to hCaptcha. If you were using the default CAPTCHA settings, you will automatically be switched over to hCaptcha. If you provided your own reCAPTCHA keys or chose a different CAPTCHA method, your existing CAPTCHA settings will be retained. If you are unable to upgrade to this release, you may need to change CAPTCHA settings to avoid disruption. Please see our separate CAPTCHA changes announcement.
One-click upgrade to XenForo 2.2.5
Directly from your admin control panel
Some of the changes in XF 2.2.5 include:
- Bail out of Less color parsing if we already have a valid-CSS color.
- Adjust Request::isHostLocal to only return true for loopback addresses (and add a further explanation about its intended usage).
- Ensure that HTML is not shown in node bookmark descriptions.
- Improve checks that control whether a user's "about" section is shown.
- Do not require a custom statement descriptor when setting up Stripe, unless we can't derive a valid descriptor automatically.
- Ensure that clicking "open link" in the RTE always opens the link in a new tab.
- If a custom privacy policy or terms URL is selected but not provided, ensure that they are never shown as accessible help pages.
- In the RTE, maintain single leading spaces on new lines (particularly for code blocks).
- Fix faded out text display in article previews in RTL languages.
- Ensure that all pending rebuilds are triggered before asking about statistic collection when upgrading via the CLI.
- Allow embedded attachments with a height resize only to maintain the correct aspect ratio.
- Prevent a JS error related to app badge updates if the input value isn't the expected type.
- Ensure that user ignore caches are rebuilt correctly when merging users.
- Change the thread type selector to reduce the amount of wasted space on mobile and flip to a horizontally scrollable system when needed.
- Support additional phrase modifiers in option format parameters.
- When encountering a SMTP server error while sending email, attempt to establish a fresh connection before sending any further messages.
- Prevent an error when deleting a user if they have voted for content that relates to a disabled add-on.
- Use an alternative reCaptcha URL to ensure better availability.
- Check the correct scope when marking alerts as read via the API.
- Improve accessibility of radio and checkbox rows using ARIA roles.
- When editing custom field values, ensure that labels are associated with the related input for accessibility purposes.
- Ensure that inputs are associated with their labels whenever possible to improve accessibility of certain forms.
- Fix performance regression with emoji conversion and skip emoji conversion code entirely if using natively-styled emoji.
- Only skip spam cleaning via the approval queue if the user was spam cleaned recently.
- Do not cache the edit tags overlay to workaround an issue with tags duplicating in the tags editor.
- Add missing phrase for 'x_weeks' and fix issue with time based phrases not displaying the correct count.
- Limit the width of embedded Facebook content to be consistent with other embeds.
- Reduce peak memory usage when executing certain template/phrase rebuild jobs.
- Correctly handle errors when inlining CSS into emails with PHP 8.
The following public templates have had changes:
Where necessary, the merge system within the "outdated templates" page should be used to integrate these changes.
- account_privacy
- attachment_macros
- bookmark_item_node
- captcha_recaptcha
- color_picker_macros
- core.less
- core_datalist.less
- core_filter.less
- core_formrow.less
- core_input.less
- core_menu.less
- custom_fields_macros
- date_input
- forum_post_thread
- helper_js_global
- helper_user_dob_edit
- inline_mod_actions
- input_extended.less
- member_about
- notice_enable_push
- poll_macros
- post_article_macros
- post_macros
- prefix_macros
- rating_macros
- search_form_post
- setup.less
- tag_macros
- two_step_backup
As always, new releases of XenForo are free to download for all customers with active licenses. You may now upgrade from your admin control panel or grab the new version from the customer area.
We get it, advertisements are annoying!
However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.
If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.