Mahara 1.2.7

Milestone information

Stacey Walker
Release registered:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata


Assigned to you:
No blueprints or bugs assigned to you.
3 Richard Mansfield
No blueprints are targeted to this milestone.
3 Fix Released

Download files for this release

After you've downloaded a file, you can verify its authenticity using its MD5 sum or signature. (How do I verify a download?)

File Description Downloads
download icon (md5, sig) release tarball 56
last downloaded 40 weeks ago
download icon mahara-1.2.7.tar.bz2 (md5, sig) release tarball 48
last downloaded 40 weeks ago
download icon mahara-1.2.7.tar.gz (md5, sig) release tarball 27
last downloaded 40 weeks ago
Total downloads: 131

Release notes 

Mahara 1.2.7 Release Notes

This is a stable release of Mahara 1.2. Stable releases are fit for
general use. If you find a bug, please report it to the tracker:

This release includes an upgrade path from 1.0. If you wish to
upgrade, we encourage you to make a copy of your website and test the
upgrade on it first, to minimise the effect of any potential
unforeseen problems.

Changes from 1.2.6:

 * Blogs get deleted without sesskey check (CVE 2011-0440)
 * XSS in select box validation (CVE 2011-0439)
 * Fix PHP 5.3 incompatibility
 * Add support for both Leap2A versions (2009-03 and 2010-07)


View the full changelog

Check sesskey when deleting blogs (bug #676336)
Escape error message in select box validation (bug #710428)
html export: create dirs for static files overridden in themes (bug #672806)
Corrected the relationship value "is_supported_by" to "supported_by". Since
this typo has already been introduced with the first LEAP2A implementation,
the import had to be adapted to allow both versions for backwards
Fixed encoding issue in LEAP2A export: Accented characters in views were
garbled in the export.
Fixed some problem in the LEAP2A export: - added missing namespace in
attribute value - changed attribute value 'is_supported_by' to the correct
Leap2: Fixed category namespace in import as well as export
leap2a: added trailing / on the end of categories namespace in xml header
Removing code I inadvertantly committed that wasn't originally in 1.2
leap2a another 1.2/1.3 refactor regression
leap2a fix backport: fixing a regression related to unrefactored stuff in 1.2
Put back all the |escape in the leap2a templates after the rebase of 1.3
leap2a: import the contents tag into a file description
leap2a import: removed a non used line of code from a refactor
use the leaptype namespace on import to check rdf type, not leap2 namespace
leap2: improved some error reporting for importing content
Made the blog attachment importer use the static method to detect files
Made static LeapImportFile::is_file method public
The categories namespace is now stored in a property since it is dependent on
the leap2a version. A method was added to return the categories namespace.
removed xpath query that caused namespace warnings
fixed hard coded namespace attribute
Leap2A support for files inside enclosures
php 5.3 bugfix: accessing child member variables has changed
Pass exporter links to static method by reference when exporting comments (bug
added capability to import publications as defined in leap2a version 2010-07
changed the rdf type for books to publication added the new element myrole
leap2a update: change membership from activity to affiliation
added the "updated" field to the entry for persondata in the leap2a export
fixed a syntax error in the template
added the "updated" field to all export elements in the resume
leap2a updates: change the exporter to use links with enclosure
added missing phpdoc to chagend and new functions
adapted the LEAP2A import to handle both LEAP2A versions (2009-03 and 2010-07)
changed namespaces to comply with LEAP2A 2010-07, added a version element to
the atom feed
Leap2a xhtml support: removed unecessary <tmp> elememnt
Leap2a xhtml support:
leap2a xhtml fix: when replacing images, close them with />
Leap2a fix for inline images with resize parameters:
Fixes to the leap2a entry export template:
Added an optional parameter to clean_html to use xhtml.
leap2a: export has_part relationships inside structured content with the
correct namespace
leap2a: changed fields in the base import class to protected, as they should
leap2a #528423 changed the structured content replacement to deal with
leap2a #528423 make the blog importer import attached files
Leap importer: fixed the default fallback import strategy a bit
Make the MaharaException constructor take optional arguments.
leap import: fixed a weird problem where some artefact libraries weren't
getting included

0 blueprints and 3 bugs targeted

Bug report Importance Assignee Status
676336 #676336 Blogs get deleted without sesskey check 3 High Richard Mansfield  10 Fix Released
710428 #710428 XSS in select box validation 3 High Richard Mansfield  10 Fix Released
672806 #672806 html export fails when copying static images from child themes 4 Medium Richard Mansfield  10 Fix Released
This milestone contains Public information
Everyone can see this information.