JUGCN BLOG

Once again the Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta 5 release, and Joomla 3.10 Alpha 3.

We invite you to download, install and test the package to improve quality assurance for the forthcoming 4.0 release and to discover the new features introduced in this major release.

Do you want to try Joomla 4.0 Beta without migrating one of your sites? Test it directly at launch.joomla.org

What is the difference between Beta 4 and Beta 5?

Joomla 4 Beta 5 contains:

• Renames “Control Panel” to “Home Dashboard”
• Fixes an error in Joomla 3 style plugins when their event contained an argument called $event
• Various doc-block updates
• Over 200 bugs squashed thanks to our PBF Contributors!

We invite you to test this version and will be very grateful to receive all feedback you can provide, in addition to reporting issues and bugs in the Joomla CMS Issue Tracker.

The Joomla! Project was founded on August 2005 and some people in the Community might have joined a few years later, not knowing which were the emotions felt or the challenges that were faced by the founders of the project. After 15 years and countless releases of Joomla, we're happy to take a moment to collect the memories of those people who started this Project and founded our amazing Community.

In this edition of the Joomla Community Magazine, we had the chance to ask a couple of questions to Brian Teeman, one of the foundersof Joomla.

Our aim is to include memories from other founders as soon as they come in, in the next editions of the JCM.

A month ago we were celebrating the 15th birthday of Joomla. You were there on August 17, 2005. What do you remember about that day?

It is strange but it both feels like yesterday and a very long time ago. That day was the culmination of a very intense few weeks. The team was split between Australia, Europe and the USA so I was kind of in the middle and acted as a conduit keeping everyone up to date. I slept in my office for quite a few nights as I had fast internet and free international phone calls. You have to remember that at this time most of us were still using dialup, ADSL was only about 1mb and a mobile phone was just for making calls.

It was a very stressful time for us as we were operating on little sleep and trying to do something no one had done before. Even 15 years later Joomla is one of just a handful of successful open source project forks. Because of the threat/promise of legal action against some of us we were advised that we couldn’t talk about anything outside of our small group. That was incredibly difficult as obviously there were a large number of people, both users and media, who were in constant contact wanting to know what was going on and we couldn’t say anything.

As a web agency, you may be looking for the CMS that fits your clients’ needs best, so you can create professional, powerful, secure, mobile-friendly and easy-to-maintain websites for them. Look no further: Joomla, time and time awarded as “best free CMS”, has it all. It’s versatile, flexible, easy to use, secure, and suitable for countless types of websites. And on top of all that it’s completely free. We give you ten reasons why you should try it today!

Easy to install

Some hosting providers have a one-click install from your hosting manager. That is fast and easy, but if your hosting provider doesn’t have that or you want to install it yourself, you simply download and unpack it, upload it to your server and follow the steps. It takes minutes to set up. Once it’s installed, you’re ready to start creating your client’s website.

Works out of the box

Joomla has all the features needed for most websites, built into the core. Combine articles with tags and custom fields and you have a whole world of possibilities, without having to install a single extension. Native features also include great SEO options, managing user access, multilanguage and using modules for showing content everywhere you want it. If the template you use is not too large (not packed with all kinds of extras), you’ll find the website loads really fast once you have it up and running.

Tweak it to your liking

Within Joomla, you have a lot of different ways to show article content. Features you need to install plugins for in other CMS are already present in the Joomla core, right from the beginning.

If you need to show information in a different way, you can create overrides for category blog pages, article views or content modules and change your article views into directories, a product catalogue or even a slideshow or gallery. Joomla has a lot of documentation on how to create overrides.

Joomla 3.9.21 is now available. This is a security release for the 3.x series of Joomla which addresses 3 security vulnerabilities and contains over 20 bug fixes and improvements.

What's in 3.9.21?

Joomla 3.9.21 includes 3 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - XSS in mod_latestactions (affecting Joomla! 3.9.0 through 3.9.20) More information »
• Low Priority - Core - Open redirect in com_content vote feature (affecting Joomla! 3.0.0 through 3.9.20) More information »
• Low Priority - Core - Directory traversal in com_media (affecting Joomla! 2.5.0 through 3.9.20) More information »

Bug fixes and Improvements

• TinyMCE updated #30329
• CodeMirror updated #30370
• Upload Package File / Joomla Update : Upload file size check added #30190 #29895
• Actions Log: Log an event when Joomla is updated #30157 

Visit GitHub for the full list of bug fixes.

Download

Joomla 4 Media Manager was one of the first features upgraded and incorporated into Joomla 4 at the Alpha stage. Find out what’s improved.

I have a confession. 

Having used Joomla so long, I’ve never really liked nor used the core media manager. You’d have to go in and delete files before you could delete folders, and aside from uploading files, there wasn’t much else it was doing. I installed JCE, and have used the JCE File Browser for the better part of a decade now. It’s better, but still has things that could be improved. I think I even got a question wrong on my Joomla Certified Administrator exam as I answered it based on Joomla 1.5 when I last looked at the core Media Manager!

The Media Manager has evolved

In writing a few articles on Joomla 4’s new features over recent months, the Media Manager certainly piqued my interest, and further inspection for this article shows that the work of the New Media Manager team over recent years will be rewarding users in Joomla 4 in spades.

The core improvements are sure to make users of older versions of the Media Manager users happier, and they go a long way towards delivering an overall solution that I’ll happily switch to when I roll out Joomla 4 when it’s released soon.

Key Features

Here’s a quick tour highlighting several of the new features.

So what do you do when the state of New Jersey is on quarantine, and 15 teens want to learn web? You teach them Joomla!

I have taught Joomla for years through Joomla Training, virtual training classes, and with Rutgers, the State University of New Jersey. More recently, I taught Joomla 100% virtually to our Rutgers staff and administrators so they could continue maintaining their websites, even during the quarantine. But why teach Joomla to teens? The idea first came up at our Forum for the Future conference that I attended in Spain with about 80 other Joomla volunteers. I participated in the team for engagement, and one of our ‘takeaways’ was to work on ‘Educational Outreach’. The Educational Outreach group was officially revitalised in Spring of 2020.

Covid-19 basically put us all in a situation of the perfect storm. Teens were home with no sports, no activities. I was available to put together a curriculum and to teach it for 5 sessions with a total of 12 hours of classroom time. Cloudaccess.net donated free hosting space for the teens to work from. SD Williams assisted as a co-teacher for the class and as a support system to build our initial website and flyers.

Now that we know we want to teach, how should we get the students? I contacted the recreation department of East Brunswick, NJ, where I lived. They were very receptive, especially because I was offering it for free. They contacted the youth council where several teens were already chomping at the bit to build their own website to start their own small businesses, while they were home. We selected Zoom as the platform since the students were already comfortable with it. We created 5 sessions, each session focused on a different aspect of building the website. By the end of the class, the ultimate goal was for the students to feel comfortable to build their own websites.

I taught 3 week day sessions which were 2 hours each, and 2 Saturday sessions which were 3 hours each. The students agreed that the 3 hours sessions were too long, so if we were to teach again, we would be sure to keep all sessions to 2 hours. The first session was to focus on high-level Joomla. In session two, we dove into articles and content. In session three, we focused on menus; session 4 was modules and finally, in session five, we installed a variety of tools and templates to see how everything really worked together. I personally would have liked to have a session six, where we could have spent a little more time ‘fixing’ up the site.

Joomla 3.9.20 is now available. This is a security release for the 3.x series of Joomla which addresses 6 security vulnerabilities and contains over 25 bug fixes and improvements.

What's in 3.9.20?

Joomla 3.9.20 includes 6 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - CSRF in com_installer ajax_install endpoint (affecting Joomla! 3.7.0 through 3.9.19) More information »
• Moderate Priority - Core - Missing checks can lead to a broken usergroups table record (affecting Joomla! 2.5.0 through 3.9.19) More information »
• Low Priority - Core - CSRF in com_privacy remove-request feature (affecting Joomla! 3.9.0 through 3.9.19) More information »
• Low Priority - Core - Variable tampering via user table class (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority - Core - Escape mod_random_image link (affecting Joomla! 3.0.0 through 3.9.19) More information »
• Low Priority - Core - System Information screen could expose redis or proxy credentials (affecting Joomla! 3.0.0 through 3.9.19) More information »

Bug fixes and Improvements

• Upload & Update tab of Joomla Update Component: Fix to allow upload of ZIP filetype only #29877
• Local database server: Allow optional port numbers #29567
• Beez3 Template: Markup fix for the Tabs layout of com_contact #29636
• Beez3 Template: Allow custom field editing on frontend #29577
• Backend cache cleared when purging updates #29603

Visit GitHub for the full list of bug fixes.

Download

The Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta 2 release.

We believe we can improve on what is already a great product.

Introducing Joomla 4, a brand new way for people to create and manage their content, developed and sustained by a global community of volunteers. Joomla 4 offers you a platform that is reliable, steady, secure and fully equipped with a wide variety of options to build any website.

We invite you to download, install and test the package to improve quality assurance for the forthcoming 4.0 release and to discover the new features introduced in this major release.

What’s new in Joomla 4.0?

We are genuinely committed to making the next generation of Joomla the best Joomla ever. Joomla 4 will provide simplicity and a better user experience while also being a more robust system for developers.

Joomla 3.9.19 is now available. This is a security release for the 3.x series of Joomla which addresses 5 security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.19?

Joomla 3.9.19 includes 5 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - XSS in modules heading tag option (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Low Priority - Core - Inconsistent default textfilter settings (affecting Joomla! 2.5.0 through 3.9.18) More information »
• Low Priority - Core - XSS in com_modules tag options (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Moderate Priority - Core - XSS in jQuery.htmlPrefilter (affecting Joomla! 3.0.0 through 3.9.18) More information »
• Low Priority - Core - CSRF in com_postinstall (affecting Joomla! 3.7.0 through 3.9.18) More information »

Bug fixes and Improvements

• Fix incomplete utf8mb4 conversion since 3.9.17 #29117
• Backport jQuery 3.5 security fixes #28948
• Frontend: Removal of the create/edit menu item buttons #29191
• Extend the checks to make sure only real user admins can create accounts #28948
• Mail: Support of dotless domains #28576
• Codemirror updated to its latest release #28691
• Improve translation system supporting better pluralization for languages like Welsh #28763

Visit GitHub for the full list of bug fixes.

Download

The Joomla Project is pleased to announce the availability of the Joomla 4.0 Beta release.

We believe we can improve on what is already a great product.

Introducing Joomla 4, a brand new way for people to create and manage their content, developed and sustained by a global community of volunteers. Joomla 4 offers you a platform that is reliable, steady, secure and fully equipped with a wide variety of options to build any website.

We invite you to download, install and test the package to improve quality assurance for the forthcoming 4.0 release and to discover the new features introduced in this major release.

Joomla 4 is getting closer with the Beta version expected for the end of this month, but, at the same time, Joomla's contributors are working hard to develop another important release: Joomla 3.10.

Joomla 3.10 has been announced as the "Bridge version", a release that has several purposes: being the final milestone of the Joomla 3.x series and act as the intermediate version for those websites that will migrate to the 4.x series. The major feature of Joomla 3.10 will be the so-called "Update Checker", a suite of controls and verifications to test the compatibility of the website with the Joomla 4.x series, in order to properly plan and deal with the migration to the new major version of the CMS.

Given the importance of these intermediate steps, in the preparation for the migration to Joomla 4, we decided to ask some questions about Joomla 3.10 to its Release Leader: Tobias Zulauf, a long-term Joomla contributor and developer.

First of all, thanks Tobias for your time answering our questions.

What is the main objective of Joomla 3.10?

The main objective for Joomla 3.10 is that it is the last minor release of 3.x, a dedicated compatibility release and the starting point for any Joomla 3 to Joomla 4 upgrade.

For many companies and roles, COVID-19 has brought unexpected closure and job loss. However, for others, it’s been a way to get creative on how to keep their doors open, including moving to a virtual model of business. 

For others, work has actually increased, such as those that already worked remotely like content writers, online marketers, and developers. Now, website creators, many of whom already work as freelancers from home, see a significant opportunity to do more. Here’s why and how to tap into the growth potential as an in-demand service during COVID-19. 

Open For Business (Online)

Although many businesses already had a presence online through a business website, they may not have updated it or relied on it as much as they need to now. Some even had their website just serve as a placeholder with little content. Those businesses are now scrambling to refresh their websites because it is the only storefront they have during this pandemic. 

As a lifeline to their customer base and target audience, these companies seek website creators that can help them expand their presence through a more engaging design with additional content, an online scheduling system, and additional ways to shop and order. They may need to revamp their website to have a digital storefront.  

Joomla 3.9.18 is now available. This is a bugfix release for the 3.x series of Joomla which addresses one bug.

What's in 3.9.18?

Joomla 3.9.18 addresses one bug:

Bug fixes and Improvements

• Fixes the single tag view incorrectly showing a 404 page #28746

Visit GitHub for the full list of bug fixes.

Download

Joomla 3.9.17 is now available. This is a security release for the 3.x series of Joomla which addresses three security vulnerabilities and contains over 40 bug fixes and improvements.

What's in 3.9.17?

Joomla 3.9.17 includes 3 security vulnerability fixes and addresses several bugs, including:

Security Issues Fixed

• Low Priority - Core - Incorrect access control in com_users access level editing function (affecting Joomla 3.8.8 through 3.9.16) More information »
• Low Priority - Core - Missing checks for the root usergroup in usergroup table (affecting Joomla 2.5.0 through 3.9.16) More information »
• Low Priority - Core - Incorrect access control in com_users access level deletion function (affecting Joomla 2.5.0 through 3.9.16)More information »

Bug fixes and Improvements

• Removal of an unneeded file added to 3.9.16 #28307
• Multilingual Associations: Fix for the Edit Associations buttons in Menu Items #28339 and in Category #28678
• PHPMailer upgraded to its latest version #28398
• 'New' MVC classes depreciation notice for 4.0 instead of 5.0 #28366
• Facilitate the usage of help system by third parties #13286
• PostgreSQL: Fix for module loading #28278

Visit GitHub for the full list of bug fixes.

Download

We are living in a weird period, in which we are obliged to practice “social distancing” and we cannot crowd together to meet or get things done. We saw many local and international events cancelled due to the pandemic emergency. And in this period, everyone spends more time to reflect and re-evaluate the importance of many things that we claimed were “normal” for so long.

In this edition of the Community Magazine, we wanted to put people first, remembering that Joomla exists only thanks to “its people” and we wanted to take a moment to appreciate them and their contributions.

This issue will include several interviews with Community Members, from the newly elected (or re-elected) Board members to the “hidden gems”, those volunteers who contribute to Joomla but are not really visible or enough exposed. 

Joomla is entirely run by volunteers and their work is precious to keep the project and all its operations running smoothly.

Together we are stronger and we will succeed! #stayhome and #contributetojoomla 

Joomla, one of the world’s most popular Content Management Systems (CMS), announced today its partnership with Report URI, the Application Security and Health Monitoring leader.

Report URI and Joomla are pleased to announce a new partnership where Joomla will be using the industry leading solution to continuously monitor the multitude of joomla.org websites, analyze the results and improve security for website visitors. For Report URI this partnership means helping build a more secure open internet by serving one of the world’s most prominent open source organizations and further helping to enhance the security of open source projects.

Joomla’s HTTP Security Headers journey for the joomla.org network of sites started back in March 2018 and since then we have constantly improved that to now set most of the available headers which result in an A grade on SecurityHeaders.com for joomla.org. A key part of a successful implementation is a reporting endpoint and back in 2018 we built our own solution, but over the time we realized that this solution does not scale and there are so many invalid reports that have to be ignored – so we disabled the reporting endpoint after the successful implementation and an initial test run. Today we are really excited to start enabling reporting via the Report URI service across our sites and fill that gap so we can constantly monitor and collect not just the Content Security Policy reports, but also all sorts of other reports in one central place.

Says Tobias Zulauf, Security Member Joomla CMS and Websites.

Scott Helme, Founder of Report URI, also shared his excitement: