3.5.30

Fixed

• Filter multi-day events outside the scope in the event list (see #8792).
• Correctly show multi-day events if the shortened view is disabled (see #8782).

3.5.29

Fixed

• Correctly handle unencoded data images in the Combiner (see #8788).
• Correctly show multi-day events if the shortened view is disabled (see #8782).
• Do not add a suffix when copying if the "doNotCopy" flag is set (see #8610).
• Use the module type as group header if sorted by type (see #8402).
• Always show the "show from" and "show until" fields (see #8766).
• Encode the username when opening the front end preview as a member (see #8762).

3.5.28

Fixed

• Prevent arbitrary PHP file inclusions in the back end (see CVE-2017-10993).
• Improve the accessibility of the CAPTCHA widget (see #8709).
• Fixed the iOS scrolling bug in the simple modal script (see #8708).
• Correctly cache the unique keys in the SQL cache (see #8712).

3.5.27

Fixed

• Revert the Punycode library changes (see #8693).

3.5.26

Updated

• Updated the Punycode library to version 2 (see #8693).

Fixed

• Prevent endless loops in the book navigation module (see #8665).
• Limit the maximum size of dimensionless SVGs in the back end (see #8684).
• Correctly handle custom namespaces when combining DCA files (see #8682).
• Also check the X-Forwarded-Proto header when determining HTTPS (see #8691).
• Correctly support 64 character template names everywhere (see #6819).
• Correctly use the en dash in the calendar modules (see #8690).
• Remove the UTF-8 BOM when combining files (see #8689).
• Do not add the CORS headers in the install tool (see #8681).
• Correctly move folders with an "@" in their name (see #8674).
• Correctly redirect to the last page visited upon login (see #8632).
• Back port the e-mail extraction improvements (see #8679).

3.5.25

Fixed

• Only show error messages to authenticated users in the install tool (see #8666).
• Always show the modal windows in full height (see #8631).
• Support cross domain requests when rebuilding the search index (see #8597).
• Correctly store numbers with leading zero in the Config class (see #4035).
• Delete an old search entry if the new URL is more canonical (see #8647).
• Also make Folder::$dirname an absolute path again (see #8325).
• Support using namespaces and use statements in DCA/config files (see #8635).

3.5.24

Fixed

• Correctly handle SVGZ files in the file manager (also fixes #8624).
• Revert the download element changes (see #8620).

3.5.23

Fixed

• Handle non-numeric values when calculating the image margin (see #8617).
• Correctly generate the download elements in the back end (see #8620).

3.5.22

Fixed

• Prevent an endless redirect loop if the page alias is "/" (see #8560).
• Correctly parse German dates with two digit years in MooTools (see #8593).
• Correctly add new resources to the user/group permissions (see #8583).
• Trigger the auto-submit function in the date picker (see #8603).
• Call the load callback when loading page/file picker nodes (see #7702).

3.5.21

Updated

Update SwiftMailer to version 5.4.5 (fixes CVE-2016-10074).