Jump to content

1 Screenshot

About This File


IPS COMMUNITY SUITE - A new release of the popular IPS Community Suite forum engine has been released !


  • Fixed an XSS concern deleting members in the AdminCP.
  • Fixed an XSS concern managing Downloads versions from the changelog view.
  • Fixed a minor XXE possibility in blog RSS imports.


  • Upgraded CKEditor to 4.11.4.
  • Updated LinkedIn login handler to use the LinkedIn v2 API.
  • Improved performance when merging two comments with duplicated member reactions for large sites.
  • Improved performance when working with edit history logs.
  • Improved security of how passwords are handled in the code to decrease the likelihood of a password being included in an error log.
  • Improved the display of the upgrader confirmation page.
  • Improved performance of the latest activity stream shown on user profiles.
  • Improved anonymous log in tracking to resolve an issue with "Since my last visit" activity streams
  • Improved the UX configuring moderator permissions for clubs, including the ability to disable club-level moderators.
  • Improved database error reporting in certain error situations.
  • Improved performance of a 4.1.8 upgrader step.
  • Changed AdminCP notifications for "A new member has completed registration" and "A member is flagged as a spammer" to show all applicable members grouped into a single notification, rather than a separate notification for each member. This change gives a significant performance improvement for sites which have lots of new registrations.
  • Fixed multiple formatting concerns with custom profile fields.
  • Fixed an issue where restoring soft-deleted content would throw an exception under specific circumstances ( e.g. when there was no record in the soft deletion log ).
  • Fixed an issue where the member group restriction to require one piece of approved content before users can bypass content moderation was not correctly applied to posts made before registering.
  • Fixed an issue where deleting a member's content and then deleting the member may result in the content not being removed.
  • Fixed SVG images breaking when served through the built in image proxy.
  • Fixed an issue with profile completion if you choose not to upload a profile photo.
  • Fixed third party processor information not showing when users are forced to reaccept an updated privacy policy.
  • Fixed the "Remove followers from uncommented content" setting not working.
  • Fixed an issue where clicking to delete a member twice might result in all status updates being removed from the search index.
  • Fixed an issue where copying content from one area with an attached image and pasting into another area may result in a broken image.
  • Fixed an issue where allowing a user to moderate comments, but not items, would result in an error when using the multi-moderation menu.
  • Fixed inability to edit profile fields by members if the field was not displayed on the profile.
  • Fixed invalid HTML in the quick search form.
  • Fixed an issue where a comment or post made before registering which requires moderator approval after the registration is completed may not update the container flag to indicate that comments within the container require approval.
  • Fixed an error where the member view in the AdminCP may become broken if the member history for the user includes an old subscription group change and Commerce is not installed.
  • Fixed an issue where broken letter photos may be displayed in emails.
  • Fixed an issue with clean up tasks where they may try to delete a member that doesn't exist.
  • Fixed an error that can occur if you double click the "unfollow" button quickly.
  • Fixed autosaved content in the editor not clearing out when it was deleted within the editor.
  • Fixed an issue where MFA while the login would send 3 'new device' emails to the member instead of only one.
  • Fixed an issue where attachment links inserted into content may have a hard coded URL.
  • Fixed an upgrade issue where custom file storage configurations in 3.x may not be preserved correctly when upgrading to 4.x.
  • Fixed an uncaught exception when visiting a specifically malformed follow link.
  • Fixed attachment bbcode tags not converting correctly when upgrading from version 2.0 or older.
  • Fixed the About Me default custom field not showing on new installs.
  • Fixed email statistic charts so they report more accurately.
  • Fixed issues with performing advanced member searches in the AdminCP when multi-select custom profile fields are present.
  • Fixed a minor inconsistency with group name formatting.
  • Fixed an issue rebuilding certain meta data in Elasticsearch.
  • Fixed an issue where items and comments queued for deletion or submitted by a guest prior to registration are returned via the REST API.
  • Fixed an error when searching a specific search string.
  • Fixed a possible error that can occur during login when using the post before register feature.
  • Fixed the Notification Settings form in the Admin CP so that it can save properly.
  • Fixed an issue where Login Handlers were shown out of order.
  • Fixed an issue where the canonical link HTML tag may include unnecessary query string parameters (i.e. filters).
  • Fixed an issue where AdminCP settings search results were not always highlighted when clicked on.
  • Fixed an issue where the pagination for comment and review areas wouldn't link directly to the comments area when Javascript is disabled.
  • Fixed an issue where content item and comment widgets would show content from not specified categories.
  • Fixed an issue where editor auto saved content may not be removed.
  • Fixed an issue where some content may not show a report link.
  • Removed the hide signatures toggles from guests when they are able to see signatures.
  • Prevented search engine spiders from following the cookie notice dismissal link.
  • Removed poll votes from showing in the All Activity stream.
  • Removed ability to copy theme settings.
  • Removed the unread indicator in several widgets because it can't be used there because of the widget cache.
  • Removed the ability to toggle cover photos in clubs list when no image was uploaded.
  • Fixed an issue where the support tool could incorrectly report undiagnosed problems.
  • Fixed missing images when lazy loading is enabled in several areas.
  • Fixed an HTML validation issue with mini-pagination next to multi-page content item titles.
  • Fixed an uncaught exception which is thrown by the Admin Notification System.
  • Fixed member validation display issue in ACP notifications page while mobile.
  • Fixed attachments being added to an editor which has attachments disabled.
  • Fixed an issue where a display name sync error may be displayed on the AdminCP member profile.
  • Fixed two language strings where countries have changed their names: Macedonia is now North Macedonia and Swaziland is now Eswatini.
  • Fixed some broken messenger related links.

Core - Clubs

  • Fixed "Clubs" tab showing when splitting content even if clubs are disabled.
  • Fixed display issue with club tabs on mobile devices
  • Removed ability to reorder club tabs on mobile devices


  • Fixed a duplicated error code in the topics REST API endpoints.
  • Fixed images used in forum rules not displaying when image lazy loading is enabled.
  • Fixed a potential upgrade error when reformatting forum rules during the 4.0.0 upgrade routine.


  • Added an additional subtotal language phrase to the cart summary for localization flexibility.
  • Improved legacy parser to potentially allow conversions of tables in content.
  • Changed renewal terms to not allow $0 renewals.
  • Fixed an error occurring submitting new tickets when read/write database separation is enabled.
  • Fixed an issue where up/downgrading a purchase could result in an error or the expiry date changing incorrectly.
  • Fixed an issue where a cancelled subscription may still generate a renewal invoice (and subsequently charge the user).
  • Fixed tax class being lost with renewal terms in some cases.
  • Fixed an issue where images may not show in printable invoices if lazyload is enabled.
  • Fixed support stream date-based filters producing incorrect results.
  • Fixed stock action text not defaulting in the form when creating a new ticket from the AdminCP if you do not use a signature.
  • Fixed an issue where the password field on the store checkout form might disappear if using Chrome's password autofill feature.
  • Fixed an issue where invoices may not have a billing address set when one is available.
  • Fixed an issue where a template error may be thrown for non-recurring subscriptions.
  • Fixed a missing language string if you had servers configured prior to upgrading to 4.4.
  • Fixed adding a custom package to an invoice.
  • Fixed an exception being logged when rebuilding the search index if any custom packages have been created.
  • Fixed the PayPal Billing Agreements radio element not showing selected if BAs are enabled.
  • Fixed an issue where files uploaded to a custom field may not be downloadable.
  • Removed a stray HTML end tag.
  • Restored Braintree gateway option. Included a disclaimer about qualification process.


  • Fixed an issue where cloning a custom field would result in a database error.
  • Fixed an issue on the media page where the "File Overview" Tab was not set as activated and also not clickable when one or more files from the file list were selected.
  • Added last modified date to database category and record sitemaps.


  • Changed the reputation type flag for album comments and reviews to resolve bugs where the reputation may be mistakingly treated as if it belongs to an image comment or review.
  • Fixed an issue submitting images to an album if the category requires moderator approval.
  • Fixed an error that can occur when downloading the original image in Gallery if the original image is missing on disk by forcing the largest available size to download instead.
  • Fixed image lazy loading not working correctly in category rules, descriptions and custom error messages.
  • Fixed the submission dialog box potentially showing an incorrect dialog title.
  • Fixed an issue where uploaded videos could not be played in the lightbox.
  • Fixed editor showing twice for each image during submission.


  • Added a group setting that will allow users to bypass download restrictions when downloading a file that's been purchased.
  • Added the ability to shut off version numbers per-category.
  • Improved the header styling on the homepage.
  • Improved performance, especially of the index page.
  • Reduced top spacing (margin) of the sidebar when viewing the index page.
  • Fixed an issue where custom fields may show out of order.


  • Fixed an issue where the previous and next link under the blog entry could link to hidden or soft deleted entries.
  • Fixed some minor UI issues with the "Blogs" widget.


  • Added an option to prevent edits and RSVPs for events that have passed.

REST & OAuth

  • Fixed the search REST API endpoint.


  • Improved vBulletin archive redirects.
  • Improved vBulletin blog conversions to retain the date the blog or blog entry was followed.
  • Fixed an issue where converted members won't be marked as completed.
  • Fixed an issue when trying to convert from a platform with converters for apps that are not installed.
  • Fixed an issue where PM replies may be duplicated when converting from vBulletin.
  • Fixed an issue with converting comments from Vanilla.


  • Fixed an edge case issue where some legacy customers may be unable to use the AdminCP upgrader.

Changes affecting third-party developers and designers
Backwards-incompatible changes that may affect third party applications / plugins:

  • Methods that handle passwords in login handlers (authenticateUsernamePassword(), authenticatePasswordForMember(), changePassword()) now receive an object which can be cast to a string, rather than a normal string, for the password. This reduces the likelihood of a password being included in an error log.
  • The onPassChange MemberSync callback now receives an object which can be cast to a string, rather than a normal string, for the password. This reduces the likelihood of a password being included in an error log.

Enhancements / fixes for developers:

  • Added a new constant \IPS\DEV_LOG_HEADERS which allows you to log all headers being sent during responses.
  • Better abstracted code that dynamically builds class paths for areas that are no longer using iterators.
  • Improved some extension skeleton files to not cause a ParseError once the extension is created.
  • Fixed color fields not initializing for new rows added in a manageable matrix.

Fixes that only affect developer mode or third party apps/plugins:

  • Fixed some functions not being called from the root namespace and throwing warnings when in developer mode.
  • Fixed an undefined index loading form to add a new hosting server in Commerce.

Code-level fixes that may have been causing bugs in third party apps/plugins:

  • Added code comments to all of the default constant values in init.php explaining what they all do.
  • Ensured all default wizard instances are cast as a string before being sent to the output handler.
  • Fixed an issue when pluralization and sprintf functionality is used together and the placeholder is used in the pluralized string.
  • Fixed an issue with post before register where it was assumed content items would have a container.
  • Fixed an exception when post before registering is checked against a content item that supports reviews but not comments.
  • Fixed some ambiguous column concerns with the \IPS\Content\Item::_comments() method.
  • Fixed an issue editing titles via Ajax when the item class does not use containers.
  • Fixed an issue where the release date may not show correctly for third party plugins or themes.
  • Fixed some functions not being called from the root namespace and throwing an IN_DEV warning.
  • Fixed the widget configuration form being called twice which may result in some form elements duplicating.
  • Improved some extension skeleton files to not cause a ParseError once the extension is created.

What's New in Version 4.4.10   See changelog


IPS Community Suite 4.4.10
  • Added support for PHP 7.4
  • Added support for [Emoji 12.0](https://emojipedia.org/emoji-12.0/) and [Emoji 12.1](https://emojipedia.org/emoji-12.1/) emojis
  • Removed support for Gfycat embeds due to ongoing unaddressed security concerns on their end.
  • Adjusted advertisement CSS classes to use a dynamic class name.
  • Added a reset to the "upgrade in progress" flag when the upgrader is reached but there are no applications to upgrade.
  • Added caching to the "Who's Online" widget.
  • Improved progress indicator in "Complete My Profile".
  • Improved ElasticSearch error logging.
  • Added an empty alt attribute to reaction images in streams, which validators may flag as invalid HTML.
  • Upgraded CKEditor to 4.13.1.
  • Upgraded PHPUserAgent to 0.15.0, which resolves an issue with detection of the latest Opera browser releases.
  • Updated Firefox & Edge logos on device management pages.
  • Disabled database read/write separation for tasks.
  • Disabled tasks being triggered by AJAX requests.
  • Blew Lindy's mind.
  • Fixed clubs showing up in some places when users did not have permission to access the clubs module.
  • Fixed signature edit field showing for moderators when editing a user when signatures are disabled globally.
  • Fixed an issue with member history logs when a user logs in from a new device but has not completed 2FA (when required).
  • Fixed a javascript error triggered by browser notifications on Android devices.
  • Fixed an issue where users that do not have permission to view Clubs, can still visit content item URL's directly.
  • Fixed display issues with coub.com embeds.
  • Fixed an issue detecting the visitor's country in some cases when using address form inputs.
  • Fixed an issue with dates adjusting incorrectly when crossing over DST threshold in some areas.
  • Fixed an issue using arrows in the editor after an emoji is inserted in some cases.
  • Fixed an issue where some items could be missing from the leaderboard.
  • Fixed an issue where disabled apps could still attempt to process custom URLs.
  • Fixed an issue paginating in tables when certain special characters were included in the URL.
  • Fixed an issue where cookies set by javascript designed to "stick" would expire in Jan 2020.
  • Fixed AdminCP notification that a member is validating not disappearing if the member is flagged as a spammer rather than banned directly.
  • Fixed SendGrid failing to work when using a dedicated IP pool.
  • Fixed an issue where non-required profile completion steps may not be shown after required steps in some cases.
  • Fixed an issue where re-entering the profile completion process after completing it once, but taking an action that requires completion again, may not place you on the correct profile completion step.
  • Fixed javascript errors preventing most javascript from working in IE11.
  • Fixed moderators encountering an error when removing a reaction from a profile status update or status reply made by another user.
  • Fixed an issue where a required profile completion step to supply values for profile fields that do not display on the a user's profile may result in endless loop.
  • Fixed an issue where a user will see an option to skip required profile completion steps, which will just reload the step.
  • Fixed multi-moderation actions so that they redirect back to the page you are currently on.
  • Fixed an issue that can occur when searching by member and changing between result pages.
  • Fixed an issue that caused images to not show properly in poll options.
  • Fixed an issue where sitemaps may show a distant past last modified date for content that doesn't have a valid last modified date.
  • Fixed an issue where animated GIF images may not be properly identified as animated.
  • Fixed an issue where profile photos would not be saved during profile completion if file uploads was the only available option.
  • Fixed an issue rebuilding topic content for areas such as Downloads and Pages that cross post to the forums.
  • Fixed an issue displaying certain locale-specific characters (such as the thousands separator, and the currency symbol) on Windows.
  • Fixes a visual issue on dropdowns in webkit-based browsers.
  • Fixed favicon icon not applying to the AdminCP correctly.
  • Fixed potential broken images when the image filename contained parenthesis characters.
  • Fixed the Safari Mask Icon not working in some server environments.
  • Fixed an issue where using long URL's in an announcement can cause a MySQL error.
  • Fixed an issue using custom WHERE clauses with an external database login handler.
  • Fixed unapproved comments incorrectly being counted on forums where the item has been moved and a link to the item has been left in its place.
  • Fixed an issue embedding Flickr albums in posts.
  • Removed 'nofollow' tag from status updates when member has no other content.
  • Added clarification that a billing address is required for automatic renewals when deleting the primary billing address.
  • Added a currency selector to the subscriptions listing.
  • Adjusted the payment method deletion process to prompt the administrator for confirmation if there are active PayPal Billing Agreements, and to cancel those Billing Agreements prior to deletion.
  • Fixed error approving or voiding transactions which were held for approval which were from a PayPal Billing Agreement.
  • Fixed an issue where the AdminCP notification indicating your PayPal payment gateway is not set up correctly may erroneously trigger.
  • Fixed an issue where custom fields may incorrectly show up when checking out as a guest while quick registration is enabled.
  • Fixed a possible error when applying changes to subscription plans to existing purchases.
  • Fixed an issue where converting a product with a tax to a subscription failed.
  • Fixed invoice title not showing for transactions in Authorize.Net's control panel.
  • Fixed possible error taking Authorize.Net payments
  • Fixed an issue where images from upsold products in the add to cart dialog may not be styled or sized correctly.
  • Fixed transactions using the "Manual (check, bank wire, etc.)" payment method not showing in the list of transactions requiring attention.
  • Fixed an issue where testing settings would just output the card types when using Braintree.
  • Fixed an error during the upgrade when no default currency is set.
  • Fixed an error that occurs when creating or editing a coupon code and unchecking the "No end date" option but not providing an end date.
  • Fixed an issue where profile completion could be triggered during checkout in some circumstances.
  • Fixed possibility of setting up Stripe without a valid webhook.
  • Fixed subscriptions bypassing the payment confirmation screen.
  • Fixed a styling issue with the Member Subscriptions widget.
  • Fixed a styling issue with the "Best Sellers" and "Latest Products" widgets in some cases.
  • Fixed referrals not working when the site is not accessible to guests.
  • Fixed an issue where checking a Braintree webhook URL from the Braintree control panel would report a 500 server error incorrectly.
  • Improved the conversion process when disabling a conversion step that another step required to run first.
  • Added conversion of article tags to vBCMS.
  • Added conversion of extra article categories in vBCMS, extra categories will be converted as tags.
  • Added conversion of meta tag keywords and descriptions when converting records from vBCMS.
  • Reordered some background tasks that run after a conversion is complete to prevent an SQL error during processing.
  • Improved vBulletin 4 conversion to retain user validating status where possible.
  • Improved vBulletin conversions to convert more PMs where they may not have previously been converted (due to parent messages being deleted).
  • Improved URL redirects for some vBulletin URLs including Social Groups, Social Group Discussions & Blog Entries.
  • Fixed an issue where some vBulletin Blog comments may be skipped during conversion.
  • Fixed an exception that can occur if Pages was selected as a conversion, but all options were disabled.
  • Fixed product filters displaying in the store using the "internal" name instead of the "public" name.
  • Fixed IP address information not converting with vBulletin Blog.
  • Fixed certain user preferences not converting with vBulletin 4.
  • Fixed some PHP notices that can occur in vBCMS converter with specific data.
  • Fixed an issue where Gift Card email links may not work correctly when email statistics are enabled.
  • Removed URL redirection for vBCMS records since required data is not available to support this.
  • Fixed an issue where the moderation history link wasn't shown for deleted topics.
  • Fix Safari not scrolling to the reply box when clicking the "Reply to this topic" button at the top of a topic.
  • Fixed REST API documentation showing the wrong endpoints for categories.
  • Fixed sidebar not showing Club content correctly when the "Show Club Content Areas" setting is set to "Throughout the community"
  • Fixed an issue submitting images with capitalized file extensions when movies have maximum allowed filesizes.
  • Fixed multiple issues adding, editing and repositioning image notes.
  • Fixed an incorrect gap between the tabs and reviews/comments while viewing an image.
  • Improved database permission configuration forms to better indicate if a group won't be able to access the database due to page-level permissions.
  • Fixed bullet points using the wrong style (unfilled circle rather than filled circle) in database records.
  • Fixed a (potential) issue moving database records files when adjusting the file storage configuration method for database records.
REST / OAuth
  • Fixed an uncaught exception in the member notifications REST API endpoint when an orphaned piece of content is present.
  • Fixed certain `notificationData` entries returning `NULL` in the member notifications REST API endpoint.
  • Fixed an issue where address lines in REST API calls may be returned as an object instead of an array.
Third-Party / Developer / Designer Mode
  • Fixed an issue using the node form helper when not using `$titleLangPrefix` in the node model, and using apostrophies in a node's title.
  • Advertisements no longer use the .ipsAdvertisement_* class names, and instead use dynamic classnames unique to each community. Themes that restyle advertisements should update their CSS to use `.ips{expression="mb_ucfirst(\IPS\SUITE_UNIQUE_KEY)"}` instead.
  • Adjusted the abstract class definition for `\IPS\Content\Search\Index::hashesWithPermission()` to match the docblock.
  • Fixed an issue where Database table helpers could allow a blank advanced search value in specific situations.
  • Fixed an error using reviews with content items but not containers when post before registering is enabled.
  • Removed an extra parameter being passed to `_comments()` in some cases which could interfer with third party plugins.
  • Removed some unused code in `\IPS\Output::error()`.


User Feedback

You may only provide a review once you have downloaded the file.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.