Elgg 1.8.16 has been released to address a flaw with avatar handling. Thanks to Jerôme Bakker of ColdTrick for discovering and reporting this issue to us.
Keep your Elgg site running smoothly by upgrading today.
Other bug fixes include:
Contributing Developers:
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by Raül Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
the content of the php.ini inside the pub_html folder :
date.timezone = "America/Los_Angeles"
; Maximum size of POST data that PHP will accept.
; http://php.net/post-max-size
post_max_size = 64MB
;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 128M
;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;
; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit
memory_limit = 1024MB
the content of the php.ini inside the pub_html folder :
date.timezone = "America/Los_Angeles"
; Maximum size of POST data that PHP will accept.
; http://php.net/post-max-size
post_max_size = 64MB
;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
; Maximum allowed size for uploaded files.
; http://php.net/upload-max-filesize
upload_max_filesize = 128M
;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;
; Maximum amount of memory a script may consume (128MB)
; http://php.net/memory-limit
memory_limit = 1024MB
I still get the following error message:
Fatal error: Allowed memory size of 262144 bytes exhausted (tried to allocate 19456 bytes) in /home/belzlon0/public_html/engine/lib/elgglib.php on line 1358
@ionlly:I was not sure of the file extension to use on the " disabled" file you adviced me to create in the mod directory. I have created tried "disabled.rtf" but got the error report stated below:
Fatal error: Allowed memory size of 262144 bytes exhausted (tried to allocate 19456 bytes) in /home/belzlon0/public_html/engine/lib/elgglib.php on line 1358
I created "disable" file with the following extensions (.txt, .html, .php) and still got the same error response.
I have gone to the :/home/belzlon0/public_html/engine/lib/elgglib.php path and opened the elgglib.php file and at the line 1358 is have the following line of code:
str_replace($quotes, $encoded, $_SERVER['REQUEST_URI']);
I also checked the .htaccess file and noticed that the following lines of code were missing :
# PHP SETTINGS
<IfModule mod_php5.c>
# limit the maximum memory consumed by the php script to 64 MB
php_value memory_limit 64M
# register_globals is deprecated as of PHP 5.3.0 - disable it for security reasons.
php_value register_globals 0
# post_max_size is the maximum size of ALL the data that is POST'ed to php at a time (8 MB)
php_value post_max_size 8388608
# upload_max_filesize is the maximum size of a single uploaded file (5 MB)
php_value upload_max_filesize 5242880
# on development servers, set to 1 to display errors. Set to 0 on production servers.
php_value display_errors 0
</IfModule>
I added them and still have the same error report
The file must be named "disabled". No extension - or I would have mentioned it. The file name must match "disabled" exactly.
Check the content of htaccess_dist and compare it with your .htaccess file. Add the missing lines again and configure the php_values in .htaccess. The php.ini file in your public_html folder should not hurt but as far as I know it will only affect any scripts in the same folder - basically you would need a php.ini in every folder. Setting the values in .htacces instread should have the same effect though and it should work for the whole site (only in case your server is configured to use suexec and suphp the php_values configured via .htaccess are ignored - your hoster should be able to tell you if this is the case).
I have created the file titled "disabled",and yet could not load the site. How can I change the path to elgg data a s required during installation? I want to revert to a previous sub hosting I used to run the site for 2yrs before I copied the script to the root folder, which ran for about 3weeks before it was upgraded from 1.8.8 to 1.8.16 and developed errors shortly after.
I need to go back to the subhosting to check if the error in 1.8.16 is from script or hosting server.
@ iionly: what could be the effect of overwriting the 1.8.16 script with another lower version?this case has to be solved. If I can't get back to the subhosting it used before.
If downgrading is possible or not can't be said definitely. It might work without issues if there haven't been any changes in the database structure been made between these two versions but it could fail to work (and in the worst case you might not even notice the problems immediately but only at a later time).
Normally, downgrading is not necessary to get a site working again. The question is: have you correctly moved your site from the subdirectory to the main directory? Read http://docs.elgg.org/wiki/DuplicateInstallation. The same instruction would also be valid if your move your site back into a subdirectory.
The "disabled" file method must work if your problem is caused by a plugin. If your site fails to work for other reasons, it won't help. The memory limit problem might cause your site failing to work (the limit is much too low). Still, the memory limit issue is not necessarily caused by the Elgg installation itself but maybe due to some server misconfiguration. Try to find out if this low limit is set anywhere else.
@iionly: thanks,the problem was from server and I increased the memory limit to 300mb and the site is back on. It seems the 'disabled' file has kept the plugins inactive, even when I have deleted it.
Advice
The "disabled" file does not really deactivate the plugins but only stops them from being loaded. If you remove/delete the "disabled" file again, any plugins that are activated should be loaded again. But any plugins that already have been deactivated before you created the "disabled" file and any plugins you deactivated while the file is present will stay deactivated once you remove the "disabled" file again. Go to the plugin list in the admin area of your site and activate the plugins again the normal way.
@iionly: thanks it works!
I noticed that v1.8.16 auto validates new registrations and send validation emails without administrators prompt as usual
The bundled uservalidationbyemail plugin always sent validation emails automatically without the need of admins validating the new accounts manually. So, this behaviour is no difference to former versions of Elgg. In case the uservalidationbyemail plugin is disabled the new accounts will get activated without any validation emails. Also, if you have some 3rd party plugin installed that allows registration with external account credentials (like a Facebook or Twitter account) the given external account credentials are used (again without any action needed to be done by admins).
If you want to make sure that only accounts get activated that you activate yourself as admin, you would need to install the uservalidationbyadmin plugin and disable the bundled uservalidationbyemail plugin. Also, you most likely can't use any plugins that allow registration with external account credentials.
Hi,
I am a newbie to Elgg and got Elgg 1.8.15 installed through godaddy. Now, when I try to upgrade it to Elgg 1.8.16 as I want to install the plugin tidypics I am getting completly lost. I checked with the documents on how to upgrade and saw that I need to delete some files and plugins from my server.
The confusion is where are these files located, are they located in different directories from where I need to delete them.
Please guide me to where these files are located which I need to delete. Also, should I just copy the code that's in htaccess_dist to .htaccess file.
Thanking you for your kind help,
Regards,
Ajay
Elgg 1.8.16 Released
I guess by "installed through godaddy" you mean that you used some installer offered by them to install Elgg. I can't tell you where this installer installed Elgg on your webspace. If this installer does not offer Elgg 1.8.16 and you want to upgrade on your own, I would suggest to ask godaddy support first to make sure that this is possible without getting problems. For example I don't think that you will be able to use the automatic installer at any later point again to manage any future updates.
But updating Elgg on your own is not too difficult. You will have to find out where the Elgg install directory is located in your webspace. Additionally, there's also the data directory and the Elgg database. Before starting the update I would suggest to backup the install directory, the data directory and the database to be able to restore the site in case something goes wrong during the update. For the update you won't need to make any changes in the data directory or the database on your own. Only the install directory is where you would need to make changes.
The quickest way is to simply copy the new version of Elgg into the install directory and overwrite the old version. "Deleting some plugins" would rather refer to an update for example of Elgg 1.7 to Elgg 1.8 while it's not necessarily required when doing a minor update. Still, you could remove the files of the old version of Elgg before copying the new version on the server to make sure no old files remain. In this case you would need to keep any additional plugins in the mod directory that are not part of the Elgg core packet. Also you would not delete the file .htaccess in the main directory of the Elgg installation folder and the file settings.php in the engine folder.
The file htaccess_dist is the template used during installation for creating the file .htaccess. If there are any differences in htaccess_dist between the old version of Elgg installed on your server and the new version you intent to install, you would need to manually add these changes to your .htaccess file. Any other differences in your .htaccess file from the original htaccess_dist are to be kept though (as they are specific to your site).
The settings.php file contains the connection parameters to the database of your site. The settings.php file is also created during installation. You could compare the template settings.example.php from the old and new version to know if there are any changes. But there shouldn't be any in case of updating from Elgg 1.8.15 to 16.
So, the basic procedure of upgrading is:
@iionly:thanks for the explanation
Hi,
I have installed 1.8.16 succcesfully, but the issue is that when a user registers to the website he is not getting a verification email to his email account. I have checked this out personally and after going through some topics I tried to deactivate other plugins but it was of no use.
Website is successful of sending notification emails for comments and messages but not of validation emails.
Could you please help me out with this....
Thanking you in advance for your kind help and time
With regards,
Ajay
Hi,
I have installed 1.8.16 succcesfully, but the issue is that when a user registers to the website he is not getting a verification email to his email account. I have checked this out personally and after going through some topics I tried to deactivate other plugins but it was of no use.
Website is successful of sending notification emails for comments and messages but not of validation emails.
Could you please help me out with this....
Thanking you in advance for your kind help and time
With regards,
Ajay
Hi,
As stated earlier, my website is unable to send verification email to new users. Please help.....
@Ajay:
http://docs.elgg.org/wiki/Missing_emails
http://docs.elgg.org/wiki/No_emails_%28including_validation_emails%29_are_being_sent
Hi iionly,
Thank you for sharing those links,
I have checked those links and found that
"The registration email may end up in the person's spam folder and in others it may not arrive at all. There are many reasons why this might be happening:
I belive that there is something that I have to do with the points that are mentioned. Could someone please guide me with it.
If it's only the verification emails that fail to receive the users, you can try changing the wording within the email body to see if it helps. But I won't expect too much of this - it might help on short term but the spam filters of the email providers will learn and you will have the same problem again at some time in future (rather sooner than later). Also, changing anything in the email header seems not promising to me - after all the other notification emails do reach their destination, so it's not a general problem with the email header.
The most promising point is "server is not trusted". There are ways to improve the credibility of your server but it depends on your server config, if you can use them. You mentioned in another thread that you use the PHP mailer plugin to send the emails from your Elgg site via Gmail. In this case you have no change to improve the credibility of your server because the emails are sent via Google and you can't influence the credibility. Instead you would need to use your own mail server on your own server (or webspace). Do you host your site on some webspace? In case you do, you can ask your hoster about ways to improve credibility, e.g. using the SPF framework, domain keys and setting up a valid PTR record.
Dear iionly,
As per your suggestion I have changed the content of the verification email and now users are receiving the emails and this happened after I deactivated "PHPmailer" plugin. But, I am afraid as this is only a temporary solution.
Have even asked Godaddy support team to resolve the issue and am waiting for their revert.