Welcome to the Zikula community
You've reached the Zikula community website, the epicentre of Zikula development. If you're new here, you might find this a little overwhelming, so we recommend you check out www.zikula.org first for some documents explaining what Zikula is, as well as other useful information.
Otherwise, if you'd like to look around, you should register to get the most out of this website.
The most important new function is the introduction of generator settings: herewith you can control which features are generated for a certain model. Also it is possible to take influence on different behavioural aspects of the generator.
When using Doctrine in a project it is always a security critical component because it talks directly to your database. As such security is very important to us. In security however, context is important and providing you with query capabilities we have to expose you to the risk of SQL injections.
Doctrine cannot prevent you from building SQL injections into your applications and so can no other DBAL, because it would require hiding SQL completely. But hiding SQL completly is not wanted, because it is such a powerful language.
Therefore it is still your responsibility to make sure that you are using Doctrine correctly when working with SQL.
Read the rest of the article on the Doctrine website. Additional information on security concerns when utilizing Doctrine is now available in the respective repository's
SECURITY.md and also here: DBAL Security and ORM Security.
Zikula Core 1.3.7 is released as of 17 February 2014. This is a security release for the Core 1.3.x series as well as a bug fix release. All users of Core 1.3.0 - 1.3.6 are recommended to update as soon as possible.
In addition to addressing the security issue, the release combines all the recent "patches" that have been floating about in the community which attempted to address certain deficiencies in the 1.3.5/1.3.6 releases. Please update to this official package and discontinue using code from non-official sources.
Installation/Upgrade: (from Core 1.3.6) Be sure to backup files and database before any upgrade is attempted. Simply overwrite the files in your current installation with the new files , add your DB credentials to the config.php file and run the upgrade.php routine.
This release addresses Secunia Advisory SA56274 (article to be updated with link when published).
A full Changelog is available
- mesteele101 responded to »High Bandwith Usage« 21. Apr
- geoff responded to »zikula.com.au« 20. Apr
- craigh responded to »Numerous 404 errors on Zilkula site - what's up?« 18. Apr
- Paustian responded to »Migrating from PostNuke to Zikula« 01. Apr
- mesteele101 responded to »Zikula 1.2.10 - set default replyto address for new user email« 31. Mar
- portugao responded to »Redirect to specific page on login« 30. Mar
- localrags responded to »Broken RSS when running Mobile theme« 30. Mar