glFusion v1.7.4 Released


As spring comes to an end and summer is ramping up, we decided it was time to make our next release of glFusion. We are please to announce the release of glFusion v1.7.4. This release continues our commitment to security, privacy and stability for glFusion. glFusion v1.7.4 contains several privacy enhancements, the usual array of bug and stability fixes and some minor security updates. We've added as many new capabilities as we could while still maintaining our commitment to supporting legacy PHP versions back to 5.3.3 and current releases of both PHP and MySQL. Read the rest of the article to get a full list of all the coolness in this release.

Security Updates

glFusion takes the security of our code very seriously. Security has always been more than a slogan, instead something we strive for every day. Once again, one of our awesome users has offered their services to glFusion and provided a Web Application Security scan of the glFusion system using HPE’s Fortify WebInspect. Results were excellent, only noting one item that we needed to be addressed, adding a Cross Frame scripting header. Of course, we also perform our internal audits as we work on glFusion and include security enhancements as needed.

Privacy Controls

Online privacy is getting a lot of attention these day. With the recent Facebook / Cambridge Analytica debacle and the European GDPR going into effect, user's privacy is getting a lot of focus these days. With glFusion v1.7.4 we have implemented a few additional privacy controls to allow site administrators more options in handling their user’s privacy. Please keep in mind, how you chose to implement privacy and privacy features is entirely your responsibility. Privacy control enhancements include:

Improved Account Deletion. With glFusion v1.7.4, we have enhanced the user delete function to fully scrub all information for the user. Their profile information is completely deleted. Submitted content such as comments, stories or forum posts are now fully anonymized, meaning their name, IP and any other identifying information that was stored with the post is now fully anonymized so there is no way to identify the poster. glFusion does not alter the contents of the post.

Anonymized IP Addresses: glFusion now stores IP addresses associated with content submissions in an anonymous format. This allows site administrators to still have visibility into general geographic / hosting data but prevents exact identification of a user. Spam logs still contain the full IP address of any content submissions or registrations that were flagged as spam.

New Privacy Plugin: We are releasing a new Privacy Plugin that adds a few new capabilities to glFusion. The Privacy plugin allows users to download all their personal data in XML format. Provides an option to require acceptance of the site’s Privacy Policy and / or Terms of Use prior to registering. Provides the ability to have a Cookie Consent bar to alert users that cookies are used on the site and provides links to more information.

Your User’s Privacy and Privacy of their data is ultimately your responsibility

glFusion offers several technical controls to help keep a user's data private. Ultimately, it is up to you to determine how your run your site and what you do with the data entrusted to you. It is important to have a comprehensive and clear Privacy Policy. glFusion provides a good starting point, but it is up to you to customize the provided Privacy Policy to your site. Check out the Privacy and Privacy Controls section of the wiki to better understand the configuration options provided in glFusion.

Database Support

MySQL v8.0 reached General Availability in April 2018. We have validated that glFusion v1.7.4 works fine with MySQL v8.0. There were a few SQL tweaks implemented to ensure proper compatibility. MySQL v8 contains a considerable number of bug fixes and several key performance improvements. Note There are still some issues with PHP to MySQL v8 compatibility - older versions of PHP not well supported. Sites running UTF8MB4 character sets may also see connection issues with PHP v7.0 and PHP v7.1.
We have also back-ported a feature from the glFusion Next General development code to provide PDO support for connecting / interacting with databases. This under-the-hood update provides improved performance for database access.

Database Administration

Based on community feedback, we have adjusted the Database Backup utility to be more efficient. Previously, the SQL backup files consisted of a single INSERT statement for every row in a database. On large sites, this would result in very slow imports when restoring a database. We now insert multiple rows with a single INSERT command, in many cases, reducing the restore time by as much as 80%.

Remote Login Improvements

Remote Logins, using services such as Facebook, Twitter, etc. have always been treated differently than a local login. With glFusion v1.7.4 we've added consistency to how logins work, regardless of the type. When a user logs in for the first time with a remote login, they will be redirected to a local glFusion registration screen after authenticating with the remote service. This allows glFusion to now perform spam checks and allows the user to validate / tweak the automatically generated username, update their email and any other information needed. This also allows full integration with plugins like the Custom Profile plugin so you can collect the same information you request for local logins from folks using remote logins. Once they have completed the registration screen, remote logins will simply log the user in.

Additional Updates

The awesome CKEditor which is used by glFusion to provide the WYSIWYG (What You See is What You Get) editing features has been upgraded to the latest release.
Finally, our great community found a few bugs and made some great recommendations for tweaking the usefulness of some features.

See the What's New Wiki Page for a full list of all tweaks in glFusion v1.7.4. The glFusion Wiki has been updated to reflect all the latest updates.

Wrap Up

As always, I would like to thank the glFusion community for all the feedback, bug reports, ideas and encouragement as we continue to evolve glFusion. I encourage everyone to Get Involved!


by Mark

Mark is the main developer on glFusion. When not doing his real job and playing with his family, he really enjoys working on glFusion and the collaboration with the glFusion community.

Share It

Be the first to comment