Discuss Joomla! 3.9.25

A place to discuss recent announcements made by the Joomla! Core Team. Let's hear what you have to say.
User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20268
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Discuss Joomla! 3.9.25

Post by leolam » Mon Mar 08, 2021 6:47 pm

Just some facts.... Providers such as Namecheap demand for types of SSL-validation folders like
/.well-known/pki-validation
This means me think in the new code this will not be possible and people cannot validate their SSL so we need an urgent solution

Leo 8)
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Webmaster Services: gws-webmaster.services

User avatar
AMurray
Joomla! Champion
Joomla! Champion
Posts: 6608
Joined: Sat Feb 13, 2010 7:35 am
Location: Australia

Re: Discuss Joomla! 3.9.25

Post by AMurray » Mon Mar 08, 2021 10:04 pm

Given the RC for 3.9.25 was released a week before stable, I'm surprised the 'folders starting with numbers' issue was not picked up earlier....
Regards,
--------------------------------------------------------------
A Murray
Help you I can, yes!. Post your question, you should. Keep it on topic you must!
Use the Forc....Forum Post Assistant my young Padawan!

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 12010
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: Discuss Joomla! 3.9.25

Post by brian » Mon Mar 08, 2021 10:26 pm

@leolam
That is completely unrelated. As explained in the FAQ and directly to your post on github the only thing that is impacted is the one folder that you use as the "path to images" folder in the media manager options.

@amurray
Security issues are not included in release candidates for obvious reasons.

To repeat what I wrote on github and to stop people spreading blatantly incorrect information (which I still struggle to understand how they can even think that) here is a summary.

This is a bug. It is a backwards compatibility break. It should not have happened but sh*t happens and it did.

Only on a site that has done all of those will this unfortunate bug have any impact
  1. Changed the default path to images folder
  2. Changed it to a folder beginning with a number or other non a-zA-Z character
  3. Upgraded to 3.9.25
  4. Tried to change the options for the media manager
Because only on a site that has done all of those will this unfortunate bug have any impact

No other folder is impacted they can be called anything that you want
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

User avatar
sozzled
Joomla! Master
Joomla! Master
Posts: 10095
Joined: Sun Jul 05, 2009 3:30 am
Location: Canberra, Australia

Re: Discuss Joomla! 3.9.25

Post by sozzled » Mon Mar 08, 2021 10:53 pm

Thank you, @brian. Quite correct!
https://www.kuneze.com/blog
“If you think I’m wrong then say, ‘I think you’re wrong.’ If you say ‘You’re wrong!’, how do you know?” :)

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1246
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discuss Joomla! 3.9.25

Post by PhilTaylor-Prazgod » Mon Mar 08, 2021 11:08 pm

No other folder is impacted they can be called anything that you want
Factually incorrect, due to a separate bug you can no longer use any folder name that is shipped with Joomla such as /media or /cache

So your 2. should read:
Changed it to a folder beginning with a number or other non a-zA-Z character, or any folder or subfolder of any core Joomla folder such as /media, /cache, /tmp or any of the other root folders.

Details are here: https://github.com/joomla/joomla-cms/issues/32577
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1246
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discuss Joomla! 3.9.25

Post by PhilTaylor-Prazgod » Mon Mar 08, 2021 11:29 pm

the only thing that is impacted is the one folder that you use as the "path to images" folder in the media manager options
Sorry, factually incorrect again It also effects mod_random_image :)
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 20268
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Discuss Joomla! 3.9.25

Post by leolam » Wed Mar 10, 2021 7:01 pm

Wrong Brian,
brian wrote:
Mon Mar 08, 2021 10:26 pm
Sorry, factually incorrect again It also effects mod_random_image :)
Cheers
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Webmaster Services: gws-webmaster.services

User avatar
Maradona
Joomla! Apprentice
Joomla! Apprentice
Posts: 42
Joined: Fri Aug 30, 2013 2:08 pm

Re: Discuss Joomla! 3.9.25

Post by Maradona » Mon Mar 15, 2021 8:22 pm

Just read this https://github.com/joomla/joomla-cms/issues/32567.
This is sad...I'm not a coder but love using Joomla...using Joomla and this forum to report an error is way for me to contribute to Joomla development.

I think 6.3 mentioned by Robert here is clear enough; :pop
https://developer.joomla.org/development-strategy.html

Still not upgrading any sites to 3.9.25. I only know how to use Joomla by installing from Softacoulus. :-[ :laugh:

This might be minor issue for experts, but not for most of us. I'm sure they shouldn't be any issue if upgrading if we don't change images folder.

I'm just not upgrading because of that 6.3 ??? :'( :p

BillyS
Joomla! Intern
Joomla! Intern
Posts: 70
Joined: Sat Nov 26, 2005 9:10 pm

Re: Discuss Joomla! 3.9.25

Post by BillyS » Tue Mar 16, 2021 11:15 pm

Maradona wrote:
Mon Mar 15, 2021 8:22 pm
I think 6.3 mentioned by Robert here is clear enough;
Agree, someone needs to either read this or eliminate this:
6.3 Regressions
There will no doubt be occasions when a release unintentionally breaks backward compatibility. If one or more such backward compatibility regressions are found within a major series they will be fixed by making a patch release as soon as possible after their discovery.

User avatar
darb
Joomla! Ace
Joomla! Ace
Posts: 1732
Joined: Thu Jul 06, 2006 12:57 pm
Location: Stockholm Sweden
Contact:

Joomla 3.9.25 and php 8 compability?

Post by darb » Wed Mar 17, 2021 9:42 am

Hi

I just tested Joomla 3.9.25 with php 8 and in backend and frontend get this error:
An error has occurred.
0 explode(): Argument #2 ($string) must be of type string, array given

So seems that Joomla 3.9.25 is not compatible with php 8?

But I see and guess that Joomla 4 is php 8 compatible..

Cheers!

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 13416
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: Discuss Joomla! 3.9.25

Post by toivo » Wed Mar 17, 2021 10:48 am

darb wrote:
Wed Mar 17, 2021 9:42 am
I just tested Joomla 3.9.25 with php 8 and in backend and frontend get this error:
If that can be reproduced in an out-of-the-box Joomla 3.9.25, please use the debug option to find out where this error comes from and report it as a new item in Joomla! Issue Tracker - CMS.
Toivo Talikka, Global Moderator

User avatar
darb
Joomla! Ace
Joomla! Ace
Posts: 1732
Joined: Thu Jul 06, 2006 12:57 pm
Location: Stockholm Sweden
Contact:

Re: Discuss Joomla! 3.9.25

Post by darb » Wed Mar 17, 2021 11:51 am

Thks Toivo checked and its a plg from Nordmongraph that causing this issue. :)

Thks.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 13416
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: Discuss Joomla! 3.9.25

Post by toivo » Wed Mar 17, 2021 1:10 pm

Thank you! In other words, the explode() message came from a third party extension.
Toivo Talikka, Global Moderator

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1246
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discuss Joomla! 3.9.25

Post by PhilTaylor-Prazgod » Sat Mar 20, 2021 5:48 pm

While I have no control over the Release Date or Joomla 3.9.26 to fix this b/c issue, all I can do is scrutinise the proposed fix for it, as Joomla JSST has chosen to develop it in public here:

-- https://github.com/joomla/joomla-cms/pull/32718

As you can see, this is now merged and *IS* the fix that Joomla 3.9.26 will have in it (If the Joomla Project chooses to release a Joomla 3.9.26 after saying 3.9.24 would be the latest version - again, out of my hands).

There are also now unit tests to cover this code to prevent a regression again (

- Joomla 3 - https://github.com/joomla/joomla-cms/pull/32723/files
- Joomla 4 - https://github.com/joomla/joomla-cms/pull/32724

There is a Joomla 3.9.26 milestone here: https://github.com/joomla/joomla-cms/milestone/67 and as you can see here are a lot of quality changes related to my findings in Joomla 3.9.25, and most now are fixed.

As for the last 4 open Issues in that milestone

- Im looking at 31473 today, probably already fixed by another PR last month
- 32452 has stalled because the proposed fix is blatantly incorrect.
- 31008 has been kicked down the line for the last 4 releases (3?) and so I dont expect it to be merged,
- https://github.com/joomla/joomla-cms/pull/30787 has not been tested enough to be merged - you can test that.

So, and its not my call, I dont see Joomla 3.9.26 being that far off :-)
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

User avatar
JurajB
Joomla! Explorer
Joomla! Explorer
Posts: 402
Joined: Fri Oct 02, 2015 3:28 pm

Re: Discuss Joomla! 3.9.25

Post by JurajB » Sun Mar 21, 2021 12:09 pm

Wow PhilTaylor-Prazgod you have got monitoring so many websites, why you don't make an RC site version to offer (site content with plugins and DB copied into a testing environment) so everybody can test if his site will work on next update so you can be a participator of the beta testing

User avatar
PhilTaylor-Prazgod
Joomla! Ace
Joomla! Ace
Posts: 1246
Joined: Sat Aug 20, 2005 12:32 pm
Location: Jersey, Channel Islands
Contact:

Re: Discuss Joomla! 3.9.25

Post by PhilTaylor-Prazgod » Sun Mar 21, 2021 1:03 pm

version to offer (site content with plugins and DB copied into a testing environment) so everybody can test if his site will work on next update so you can be a participator of the beta testing
Because some web hosts suck.. long story.

The Joomla Project publishes a nightly build that you can download and test from here https://developer.joomla.org/nightly-builds.html

The nightly builds are snapshots of the development activity for upcoming Joomla! releases and include new features and bug fixes scheduled for these releases. These releases are made available to make it easier for users to test their websites and extensions for potential issues with an upcoming release or to test new features and provide feedback on ways to improve them before being released to the Joomla! community.

------

I have checked approx 62,450 Joomla sites, and the sites effected by the two b/c breaks in Joomla 3.9.25 are:

- only 35 sites were affected by the b/c changes in Joomla 3.9.25 due to a-zA-Z issue
- only 36 use the templates folder
- only 23 use the media folder
- only 1 uses the includes folder

So on the basis of that (small sample) statistically analysis, it would be crazy not to update to Joomla 3.9.25 right now, and then again to 3.9.26 when it's released. (Even though
Phil Taylor
Founder, Lead Developer, Idiot.
- https://mySites.guru - Manage Multiple Joomla/WordPress Sites In One Dashboard for Security, Audits, Backups and more....
- https://www.phil-taylor.com/

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 13416
Joined: Thu Feb 15, 2007 5:48 am
Location: Sydney, Australia

Re: Discuss Joomla! 3.9.25

Post by toivo » Sun Mar 21, 2021 1:08 pm

@JurajB, check the Joomla! CMS tracker activity and you will see that @PhilTaylor-Prazgod is one of the most prolific contributors of both reports and code for Joomla 4.0 Beta and 3.x. There are only 24 hours in a day.
Toivo Talikka, Global Moderator

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 39698
Joined: Sat Apr 05, 2008 9:58 pm

Re: Discuss Joomla! 3.9.25

Post by Webdongle » Sun Mar 21, 2021 11:00 pm

http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"When I'm right no one remembers but when I'm wrong no one forgets".


Post Reply

Return to “Announcements Discussions”