e107 v.0.7.23 is now available. This
release is primarily aimed at reducing vulnerabilities and
increasing e107's protection against exploits. (a special thank you
to Justin Klein Keane ("MadIrish") for alerting us to the
vulnerabilities, and commenting on the fixes.) One of the changes
will also affect users who include youtube videos or other embedded
media within their site; please see the included readme for more
This release also includes some minor feature enhancements:
Flood Protection (simultaneous downloads)
Found in admin under downloads->options. Option to prevent a user
from downloading multiple files within a short time-period.
Allows you to easily add youtube videos to pages of your website. A
conversion script is provided for those who have utilized html-code
from Youtube already and wish to convert to the bbcode equivalent.
(see included README.txt for details). By default, 'dangerous' HTML
(such as the 'embed' code used with many media) is neutralised when
it is displayed. This traps malicious code that may have entered the
database before the latest updates were put in place. This filter
can be disabled through the preference 'Filter HTML content'.
Found in admin under languages->tools. For those who are
translating e107 into other languages, this tool will zip up your
core language files into the standard language-pack format so that
they can be shared easily with the e107 community.
for security include scripts.
e107 now supports 3rd-Party security includes such as ZB
Block without having to manually modify core scripts. Just
install them in your root directory as you would normally. To
include ZB Block, you would add the following to e107_config.php:
$CLASS2_INCLUDE = 'zbblock/zbblock.php'; . e107 would then
automatically include it in every page of your site.
The full changelog can be found here
We recommend that everyone upgrades to this new release as soon as
now to download e107 v0.7.23, either as an upgrade or
If you happen to find any bugs, please let us