Attack against the community forums prior to 1.8.3 release

The recent 1.8.3 release fixes a high risk SQL injection vulnerability, it is critically important that users upgrade as soon as possible to ensure their systems are safe.

Unfortunately, we wish to inform users that this vulnerability was used against the community forums in the days before it was discovered and patched by our team. The attack was successful in accessing our database, however our logs indicate that only a very small portion of the database was obtained. While we know the size of what was downloaded, we have no way of knowing what data it contained and therefore we cannot rule out that the attacker downloaded a small portion of the users table. The attacker also had access to the ACP for a short period.

In light of this we recommend all community forum users take appropriate precautions on the assumption that their account was accessed. This includes changing your password and monitoring your account for any suspicious activity.

Our understanding is that the attacker used the SQL injection to reset Chris’ community forum password by retrieving the confirmation code, then discover the ACP directory name by searching PMs sent between team members. They were then able to edit the log settings in the ACP to write to a publicly accessible location and create a back-door script on the file-system. Upon discovering the attack we immediately took steps to prevent further access, and we are now confident that the system is secure having searched for any additional back-doors. We have also changed our ACP directory, adopted the new ACP PIN functionality added in 1.8, and used an isolated communication channel to distribute these new details to team members.

We’d like to reiterate that users running the latest version of MyBB are already secured against the vulnerabilities used to gain access to the ACP, and we’ll be using information learned from this attack to further improve security within the ACP in future releases.

Regards,

The MyBB Team.

MyBB 1.8.3 & 1.6.16 Released – Security Releases

MyBB 1.8.3

MyBB 1.8.3 is now available from the MyBB website. It fixes 1 high risk vulnerability, 2 medium risk vulnerabilities and 3 low risk vulnerabilities. We recommend everyone upgrades to this release immediately.

What’s added/changed in this version?

The vulnerabilities are:

  • High Risk: A SQL injection vulnerability in theme selection (reported by StefanT)
  • Medium Risk: A XSS vulnerability in calender.php (reported by -Acid)
  • Medium Risk: A XSS vulnerability in MyCode editor (reported by My-BB.Ir)
  • Low Risk: A XSS vulnerability related to post icons (reported by Destroy666)
  • Low Risk: unserialize may call PHP magic methods (reported by chtg)
  • Low Risk: PHP setting request_order can break register globals handling (reported by chtg)

Additionally we’ve fixed an issue with the video MyCode introduced with MyBB 1.8.2 (#1625) and revised the handling of data fetched from our website as a direct consequence of the compromised GitHub account (#1617). In addition to that, we’ve set the adminsid cookie as httpOnly (#1622). We also plan to add enhanced options to protect the Admin CP like two factor authentication with one of the next maintenance releases.

Please note, that you do not need to run the upgrade script for this version.
There are no database schema changes in this version.

Upgrading from 1.8.2 and Other Versions

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

To upgrade, follow the Upgrading process. The upgrade script is not required. There are no changes to language files. No templates have been changed or added.

If you’re using MyBB 1.8.1 or lower

  • Download and use the full 1.8.3 Release Package (MD5: 1f5d1246da4174f3b29799eca435d86c)
  • Follow the Docs Upgrading Instructions

MyBB 1.6.16

MyBB 1.6.16 is now available from the MyBB website. It fixes 5 low risk vulnerabilities.

What’s added/changed in this version?

The vulnerabilities are:

  • Low Risk: A XSS vulnerability related to post icons (reported by Destroy666)
  • Low Risk: A XSS vulnerability in admin/modules/style/templates.php
  • Low Risk: A XSS vulnerability in admin/modules/config/languages.php
  • Low Risk: unserialize may call magic methods (reported by chtg)
  • Low Risk: request_order can break register globals handling (reported by chtg)

Additionally we’ve revised the handling of data fetched from our website as a direct consequence of the compromised GitHub account (#1617). In addition to that, we’ve set the adminsid cookie as httpOnly (#1622).

Please note, that you do not need to run the upgrade script for this version.
There are no database schema changes in this version.

Upgrading from 1.6.15 and Other Versions

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

To upgrade, follow the Upgrading process. The upgrade script is not required. There are no changes to language files. No templates have been changed or added.

If you’re using MyBB 1.6.14 or lower

  • Download and use the full 1.6.16 Release Package (MD5: 98e84e5de337843f407a4b58d70253c9)
  • Follow the Docs Upgrading Instructions

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.

Thanks,

MyBB Team

Note about updated package for 1.6.16

Due to a minor issue with the original packages an updated package set has been released.

If you installed or updated your forums using either the full or changed files packages prior to 18:00 p.m. on November 20, 2014 GMT please download a fresh package from the links above and replace the following file:

admin/modules/home/version_check.php
calendar.php (reverted to previous version)

You do not need to run the installer or make any further changes. You can use the file verification tool to determine whether you have the latest package, the file above will appear to be modified if you need to download an updated copy.

We apologise of any inconvenience.

[UPDATED – IMPORTANT] GitHub Account Compromised

UPDATE: Updated the page in which you should check for suspicious activity. It should be the Admin Logs page, not the Database Backups. You should also rebuild the cache (if you’re on 1.8) for ‘update_check’.

 

Hello,

Yesterday, 14th of November, my (Pirata Nervo) GitHub account was compromised. By taking advantage of that, the attacker made a commit to our GH pages, more specifically one which is retrieved by the MyBB software in order to process version checks. Unfortunately, the attack allowed the attacker to setup Database backups of any MyBB forum, without exception, via JavaScript.

In order for you to know if you were attacked, you must have accessed the Admin CP of your forum from 14th November 23:00 GMT to 15th November 15:30 GMT. If you accessed your AdminCP during this timespan, it is likely that you were attacked. Note that if you’re on 1.8, the version check task may have been executed during this period, which may still allow the attack if you login after this period.

To be sure about it, please log on to your AdminCP now and check your Database Backup Logs from ACP -> Tools & Maintenance -> Administrator Logs. If there is at least one log for a database backup made between that time span mentioned above, you were affected. We strongly recommend you to alert your users about it so they can change their passwords.

 

What you have to do: (in case you were attacked)

  • Alert your users to change password.
  • Change your password.
  • Clear your cookies.
  • ACP -> Tools & Maintenance -> Cache Manager -> Rebuild Cache for ‘update_check’.

 

I’ve already enabled 2 Factor Authentication on my GitHub account and changed my password. I deeply apologize for this event for it was never my intention to cause any harm to anyone but it should be my responsibility to keep my account as secure as possible.

 

My apologies,

Pirata Nervo

MyBB 1.8.2 Released – Security Release

MyBB 1.8.2 is now available from the MyBB website. It fixes 1 high risk vulnerability, 2 medium risk vulnerabilities and 2 low risk vulnerabilities. We recommend everyone upgrades to this release immediately.
MyBB 1.6.15 is not affected by these vulnerabilities.

What’s added/changed in this version?

The vulnerabilities are:

  • High Risk: A SQL injection vulnerability in member.php
  • Medium Risk: A XSS vulnerability in report.php
  • Medium Risk: A XSS vulnerability in inc/class_parser.php
  • Low Risk: A XSS vulnerability in admin/modules/style/templates.php
  • Low Risk: A XSS vulnerability in admin/modules/config/languages.php

Please note, that you do not need to run the upgrade script for this version.
There are no database schema changes in this version.

Upgrading from 1.8.1 and Other Versions

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

To upgrade, follow the Upgrading process. The upgrade script is not required. There are no changes to language files. No templates have been changed or added.

If you’re using MyBB 1.8.0 or lower

  • Download and use the full 1.8.2 Release Package (MD5: 4f6e49b7a457b72dbe8fb47ae5ded430)
  • Follow the Docs Upgrading Instructions

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.

Thanks,

MyBB Team

MyBB 1.8.1 & Merge System 1.8.1 Release

MyBB 1.8.1 – Maintenance Release

MyBB 1.8.1 is now available from the MyBB website and is a maintenance release.

What’s added/changed in this version?

This release fixes 74 reported issues causing incorrect functionality of MyBB. Please be aware that to be able to provide easy to manage updates not all issues have been fixed in this version.

Please view the 1.8.1 changes on the Docs site for more information about the changes in this version.

Please note, that you do need to run the upgrade script for this version.

Upgrading from 1.8.0 and Other Versions

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

To upgrade, follow the Upgrading process. The upgrade script is required. There are changes to 13 language files. 15 templates have been changed or added.

If you’re using MyBB 1.6.15 or lower

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.

MyBB Merge System 1.8.1

MyBB Merge System 1.8.1 is now available on the MyBB website and is a maintenance update to the MyBB Merge 1.8 series.

This release is to ensure that all users of MyBB Merge 1.8 have the latest fixes.

This release fixes several reported issues since the release of 1.8.0, which caused some incorrect functionality of the Merge System. These bugs have been fixed to provide a more stable version of the Merge System for public use.

What’s new in this version?

  • 7 bug fixes (View all)
    • Including a big update to the BBCode Parser
  • We decided to readd the vBulletin 3 module after some requests. It’s now fully supported again

Thanks,

MyBB Team

MyBB Merge System 1.8

The MyBB Merge System for 1.8 is now available from the MyBB website.

What’s new in this version?

First we decided to drop some old modules which aren’t supported by their developers:

  • BBPress 1
  • IP.Board 2
  • Mingle
  • phpBB 2
  • vBulletin 3

And of course we’ve added more new modules (including some which you requested fairly often in the past)

  • BBPress 2
  • WoltLab Burning Board Lite 2
  • WoltLab Burning Board 3
  • WoltLab Burning Board 4
  • IP.Board 3
  • IP.Board 4 (Based on the latest Preview Release)
  • vBulletin 4
  • FluxBB
  • XenForo

And yes, we fixed finally a lot of known issues with the merge system: Fixed Bugs
But (as always) there’re still some Known Bugs.

Translations and the Merge System

Till now the Merge System was only available in english, however we decided to make the Merge System translatable too. The language file is located at “merge/language/”.

Help us!

You can report bugs and help us with the development at GitHub but even if you can’t code you can help us with sending us some sample databases (more infos on the forums).

MyBB 1.8 Released

It is with the highest honor that we release MyBB 1.8 Gold to the general public.

Our team, and you the community, have been on a fantastic journey since that April Fools day in 2012 when MyBB 1.8 development was first announced to the public. Now here we are, 2 years and 5 months on, proudly showing you our completed product. It may have taken longer than first anticipated but we are sure you’re going to love what has been produced at the end of the line.

As said in the initial announcement of 1.8, it is the bridge to MyBB 2.0; this has not changed. Because now, hidden away in our lair, we’ve been drawing up plans and discussing the development of 2.0. These discussions and plans are to be put into action now so the development of 2.0 is really getting going.

As you may have noticed the new MyBB website and documentation have been launched. This new design is courtesy of Justin S, our lead designer, which we’re very proud of. Unfortunately the new documentation for 1.8 is a bit threadbare, however most of the 1.6 Docs still apply to 1.8; so while we’re working on the new documentation you can continue to use the 1.6 Docs.

Download

You can find the download link here (MD5: a36ab62236a24caeb827b769bf493f26). If you’re upgrading, make sure to backup your database and files first.

Updating from previous versions

Be warned that with the following release:

  • Despite our attempts to keep theme changes to a minimum there are still several changes to templates which will need to be addressed by you upon upgrading to 1.8. You’ll need to run the “Find Updated Templates” tool in the Templates & Style section of your Admin CP to update templates to be 1.8 compatible. This can be found Admin CP -> Templates & Style -> Templates -> Find Updated Templates.
  • Most plugins and code modifications will need to be updated to work with MyBB 1.8. Make sure you disable your plugins before upgrading and make sure updated copies compatible with MyBB 1.8 are available.
  • Custom language packs from earlier versions will also need to be updated.

Before you attempt to upgrade, ensure you have a database backup and a copy of the files currently in use on your board. This is so you can revert back to your earlier version if you need to or something goes horribly wrong with the upgrade process.

This is a moderately long upgrade process. Please make sure you don’t refresh pages whilst they’re loading, and don’t click the “Next” button more than once (if you don’t have JavaScript enabled). You should plan your upgrade before attempting to perform it.

Follow the general Upgrading guide outlined on the MyBB Documentation to complete the upgrade process.

Changes

Color legend:

  • Dark Blue – Small (new) feature/change
  • Light Blue – Enhancement
  • Orange – New Feature

Admin CP & Front-End

  • Remove PHP Closing tags - #979
  • Performance improvement: intval to (int) conversion - #491
  • Update 3rd part libraries - #957
  • Warnings class/datahandler - #922
  • Hide signtature of users to certain groups - #949
  • Hide website links/buttons from certain groups - #922
  • Add more hooks #555 #882
  • Allow custom flash messages - #881
  • Allow website field for certain groups only - #808

Admin CP

  • New theme#561
  • AdminCP PIN#38
  • Improved Newsfeed#562
  • Replace CodePress with CodeMirror#37
  • Stylesheet Display order#562
  • Inactive/active Plugin list#573
  • Ability to create own template groups#588
  • Added Enabled/Disabled indicators to Promotions and MyCodes#457
  • Template groups updates#452
  • Disable Attachments Globally#495
  • ACP Banning Improvements – #628 #554
  • Selectable areas for group/forum settings.#428
  • Warning for marked vulnerable plugins.#0147b08
  • ACP shouldn’t reset $mybb->input#754
  • Admin CP language#690
  • Disable Default MyCodes#686
  • More recount tools#494
  • Option to disable contact details - #900
  • Log all ‘locked out’ failures in ACP - #859
  • Add reported posts stats to ACP - #858
  • Delayed moderation improvements - #440
  • New Promotion rules - #429

Front-end

  • New Theme – #571
    • CSS buttons, PNG images, Sprite images, Fugue icons#571
    • Attachable base colors for themes#580
    • Relative Time#558
    • Prototype to jQuery Conversion (yay!)#251
    • Attachment Types Name#442
    • CSS Minification#564
  • Add ltrim() to search users input#590
  • Change trim() in templates to rtrim()#584
  • A tool to rebuild reputation#591
  • Contact Page#592 #715
  • Ability to delete default help topics#589
  • If user is invisible & permissions disallow, hide all public data#593
  • Post reputation should include thread subject#594
  • Remove Gallery; Integrate Gravatar#582 #586
  • Delete post on full edit should not show if no permission to delete#595
  • Add option to stick/unstick to custom tools#435
  • PM thread author in custom tools for threads#581
  • Users cannot rate their own posts#570
  • format_avatar() function#569
  • Whitelist of avatar upload extensions#568
  • Preview announcements#567
  • Minimum post length to exclude MyCode#566
  • IPv6 features#565
  • APC cache handler#574
  • $cache->delete method#575
  • is_member() function#576
  • delete_user() function#408
  • IP addresses in PMs#563
  • Don’t ask for validation if validation is disabled#577
  • Slow reply posting in long threads#578
  • Soft Delete#560
  • Login Datahandler#572
  • Add theme selector to footer#496
  • Forum redirect icon#453
  • Permission to reply to own threads#409
  • ModCP banned users list descending by default#138
  • Quick Reply PM#437
  • Poll Updates (Add poll link to thread page; limit of time before a thraed author can no longer add a poll)#456
  • Update contact fields#455
  • Are You a Human CAPTCHA#443
  • Report Center #556
  • Ability to sort Private Messages in inbox and other folders#70
  • Recount Warning Points#85
  • Warning points as a Group Promotion criteria#88
  • Registration date and last active time as mass mail criteria#100
  • Display profile fields on posts - #133
  • Add “Display posts in classic mode” option when editing user in Admin CP#107
  • Move Edit Time Limit and Max Post Per Day to group settings#114
  • Recount Private Messages#132
  • Hide members from the Member List#142
  • Force redirect page#550
  • Searching plugins will highlight vulnerable ones (requires new Mods site)Commit Link
  • Update $groupzerogreater array#809
  • CDN Compatbility - #776
  • Goodbye Spammer - #775
  • Add Time Zones#764
  • Thread Count#761
  • Buddy System Enhancements#757
  • Remove Hardcoded HTML#756
  • Database optimization#738
  • Overqualified Selectors#976 #700
  • Subscription PM notification option#689
  • Expand Forum Moderator permissions#688
  • Add profile fields on registration#687
  • Admin and Email activation option#685
  • Publicly shown poll end date#587
  • CAPTCHA Improvements#557
  • Search Help Files#497
  • Invite-only joinable groups#493
  • Maximum Nested Quote Tags for PMs#492
  • Hide stuff users don’t have permission to use#454
  • Edit Reason#451
  • Add to mycode#450
  • User option to disable images/videos#449
  • Moderation Tools Improvements#435
  • Forum Statistics Improvements#434 #824
  • Profile Fields Enhancements#433
  • Using update_query with BIT(1) fields#360
  • inline_moderation.js friendly to table-less themes - #915
  • Memberlist sorting - #914
  • Force Login - #906
  • Add class to smilies - #905
  • AJAX for security questions - #894
  • Add get_user_by_username() helper function - #893
  • find_replace_templates() accepts SID - #889
  • $this->options in class_parser.php - #880
  • Add class to announcements - #879
  • Make forum friendly to outside pages - #878
  • Change showthread.php icons to sprite - #877
  • Add rebuild settings to cache tools - #875
  • Add email description editing to editor - #869
  • Add video sites to editor - #862
  • Check new members against StopForumSpam - #860
  • Jump to Page in pagination - #857
  • send_pm() should consider users’ language - #834
  • Image re-scaling and long words/text wrapping CSS/HTML changes - #816
  • Moderate Groups - #439
  • Portal Improvements - #436
  • Moderation Notifications - #430
  • Thread Prefix system improvements - #427
  • Ability to Stop tracking all messages - #364
  • Settings description on installation - #197
  • Add Template::render method - #1344

 

The New Mods site

Along with the new website, the much awaited new Mods Site has also hit action on the MyBB Community Forums. This may come as a surprise but we have come to the decision that the new Mods Site will only contain 1.8 compatible plugins and themes. Worry not for the old Mods Site will still be accessible at mods.mybb.com, as it is being archived for a short while allowing for the continued use of 1.6 resources. Developers will, therefore, have to manually port their resources from 1.6 to 1.8 in order for them to be approved on the new Mods Site.

To find out more about the Mods site, please check the documentation.

 

What’s Next

With the release of 1.8.0, our focus will now turn into two different directions: 1.8.1 and 2.0. Some people will prefer to stick to 1.8.1 development while some will prefer to work on 2.0 (or even both).

Merge System

The Merge System will be released soon but we concentrated on releasing MyBB 1.8 during the last months so there may be a slight delay before we have the Merge System working to merge your forum to 1.8. In the meantime, you can use the 1.6 Merge System to merge to 1.6 and then upgrade to 1.8.

 

Contributors

We’d like to thank all who have helped us make 1.8 a reality, but following contributors, have been exceptional during the 1.8 development:

 

If you want to help us out and become a Contributor, be sure to read this blog post. If you’d rather join the team, feel free to contact us through Private Inquires. The project would be nothing without the team and contributors. If you want to help improve MyBB, now is the time.

 

Celebrating

Everyone is welcome in the #mybb IRC channel at Freenode to celebrate the release of 1.8! We also encourage you to spread the word of social media to help everyone running a MyBB forum to share this fantastic new release!

MyBB 1.6.15 Released – Security & Maintenance Release

MyBB 1.6.15 is now available from the MyBB website and is a security and maintenance release. This is the last maintenance release of the 1.6 series.

What’s added/changed in this version?

This release fixes 1 vulnerability and 26 reported issues causing incorrect functionality of MyBB. Please be aware that to be able to provide easy to manage updates not all issues have been fixed in this version.

Please view the 1.6.15 changes on the Docs site for more information about the changes in this version.

Please note, that you do not need to run the upgrade script for this version.
There are no database schema changes in this version.

Upgrading from 1.6.14 and Other Versions

Before performing any upgrade please remember to backup your forum’s files and database and store them safely. If you have edited core files, including language files, please make sure you make a changelog for these changes so you can make them again (if necessary) once the upgrade is complete.

To upgrade, follow the Upgrading process. The upgrade script is not required. There are changes to 5 language files. No templates have been changed or added.

If you’re using MyBB 1.6.13 or lower

  • Download and use the full 1.6.15 Release Package (MD5: c841982de03104ebb402b958294711d3)
  • Follow the Docs Upgrading Instructions

Reporting MyBB security vulnerabilities

If you think you’ve found a vulnerability in MyBB, we advise you not to publicly post it on these forums or publicly release information about it elsewhere until we’ve had time to prepare and release a patch.

As always, you can send through security related messages on the MyBB website from the Contact Us page or in our Private Inquiries forum – where you can start a new thread that only you and the MyBB Team can see.

Thanks,

MyBB Team

Note about updated package

Due to a minor issue with the original packages an updated package set has been released.

If you installed or updated your forums using either the full or changed files packages prior to 12:30 p.m. on August 8, 2014 GMT please download a fresh package from the links above and replace the following file:

modcp.php

You do not need to run the installer or make any further changes. You can use the file verification tool to determine whether you have the latest package, the file above will appear to be modified if you need to download an updated copy.

We apologise of any inconvenience.

MyBB 1.8 Beta 3 Released

Guess what? The 3rd and last Beta version of MyBB 1.8 is out! After this version (unless something very bad or unexpected happens), we’re rolling out 1.8.0 Stable/Gold for all of you. We need your help testing Beta 3 though so we can release 1.8.0 as stable as possible.

NOTE THAT THIS IS NOT READY TO BE USED ON A LIVE WEBSITE.

You can see the currently open issues for Gold here.

Color legend:

  • Dark Blue – Small (new) feature/change
  • Light Blue – Enhancement
  • Orange – New Feature

 

We’re not mentioning bug fixes below (the same bug fixes applied to the 1.6 branch are also applied to 1.8 as of now and the bugs for 1.8 only are not mentioned as that would only be important if 1.8 was already stable.), only small feature changes, enhancements and entirely new features.

Some of the enhancements mentioned below are related to the previous Beta versions (1st and 2nd) of 1.8 and they should appear as one only in the final list of enhancements for MyBB 1.8.

 

AdminCP and Front-end

  • Remove PHP Closing tags - #979
  • Performance improvement: intval to (int) conversion - #491
  • Update 3rd part libraries - #957
  • Warnings class/datahandler - #922
  • Hide signtature of users to certain groups - #949
  • Hide website links/buttons from certain groups - #922
  • Add more hooks v2 - #882
  • Allow custom flash messages - #881
  • Allow website field for certain groups only - #808

AdminCP

  • Option to disable contact details - #900
  • Log all ‘locked out’ failures in ACP - #859
  • Add reported posts stats to ACP - #858
  • Delayed moderation improvements - #440
  • New Promotion rules - #429

Front-end

  • Overqualified selectors v2 - #976
  • inline_moderation.js friendly to table-less themes - #915
  • Memberlist sorting - #914
  • Force Login - #906
  • Add class to smilies - #905
  • AJAX for security questions - #894
  • Add get_user_by_username() helper function - #893
  • find_replace_templates() accepts SID - #889
  • $this->options in class_parser.php - #880
  • Add class to announcements - #879
  • Make forum friendly to outside pages - #878
  • Change showthread.php icons to sprite - #877
  • Add rebuild settings to cache tools - #875
  • Add email description editing to editor - #869
  • Add video sites to editor - #862
  • Check new members against StopForumSpam - #860
  • Jump to Page in pagination - #857
  • send_pm() should consider users’ language - #834
  • Forum statistics improvements - #824
  • Image re-scaling and long words/text wrapping CSS/HTML changes - #816
  • Moderate Groups - #439
  • Portal Improvements - #436
  • Moderation Notifications - #430
  • Thread Prefix system improvements - #427
  • Ability to Stop tracking all messages - #364
  • Settings description on installation - #197

 

Download

ONCE AGAIN, THIS IS NOT READY TO BE USED ON A LIVE WEBSITE! DO NOT UPGRADE YOUR LIVE WEBSITE TO THIS VERSION.

The download can be found here.

 

Upgrade

You are NOT supposed to upgrade any 1.6 boards to 1.8 Beta 3 hence why we do not provide upgrading instructions. This is because you will not be able to upgrade from any of the Betas to 1.8. While we’ve done some work on the upgrader to guarantee that users no longer experience errors, this hasn’t been tested thoroughly. This is our number one priority in the next development phase.

 

Bug Reports

Found a bug? (or perhaps a few more…) Please post your detailed bug report in the 1.8 Bug Reports forum.

Please always double-check if the issue hasn’t been reported already.

 

Themes and Plugins Assistance

If you have any development questions about possible issues you may have while upgrading your themes or your plugins – or issues you may actually be having – please post in this forum.

 

Contributors

We’d like to thank the following contributors, they have been exceptional during the 1.8 development:

They have created many Pull Requests, they helped us out solving bugs and finishing features and took part in many discussions on GitHub. MyBB is no longer a product developed by the team only, but by the community as well.

If you want to help us out and become a Contributor, be sure to read this blog post. If you’d rather join the team, feel free to contact us through Private Inquires.

 

Best Regards,
The MyBB Group

MyBB Merge System 1.6.14

MyBB Merge System for 1.6.14 is now available from the MyBB website and is a maintenance update to the MyBB Merge 1.6 series.

What’s new in this version?

  • 10 bug fixes (View all)
  • Version jump to 1.6.14

Unfixed issues

Future development

We decided that 1.6.14 will be the last update for the MyBB Merge 1.6 series. At the moment everyone on the team is working on 1.8 so the next Merge Release will be after the gold release of 1.8.

How to help?

We moved the merge system to GitHub so everyone is able to help us with the development.
But even if you can’t help us with the code, you can still send us your database so we can test our modules with different databases.