GetSimple CMS - a flatfile CMS that works fast and efficient and has the best UI around, it is written in PHP

Overview

GetSimple Content Management System

DESCRIPTION

GetSimple CMS is a flatfile CMS that works fast and efficient and has the best UI around, it is written in PHP.

Official Website - http://get-simple.info/ Github - https://github.com/GetSimpleCMS/GetSimpleCMS

GetSimple CMS was developed by Chris Cagle [ http://chriscagle.me ]
It is now passionately supported and developed by a loving community.

LICENSE

This software package is licensed under the GNU GENERAL PUBLIC LICENSE v3.
LICENSE.txt is located within this download's zip file

It would be great if you would link back to get-simple.info if you use it.

REQUIREMENTS

http://get-simple.info/docs/requirements

Build Requirements

PHP 5.2+

PHP Required Extensions

SimpleXML
xml
json
dom

curl (optional)
gd (optional)

Browser Requirements

Javascript Enabled

Server

*Apache ( required for out of the box security using .htaccess )

*If not using Apache you will get a non-apache warning, this warning is to alert you that your data files will not be secure and you must take proper precautions to secure your site.
To disable this warning see gsconfig definition GSNOAPACHECHECK

INSTALLATION

Please see: http://get-simple.info/docs/installation

UPGRADING

Please see: http://get-simple.info/docs/upgrading

DISCLAIMER

While GetSimple strives to be a secure and stable application, we simply cannot be held liable for any information loss, corruption or anything else that may happen to your site while it is using the our software.

If you find a bug or security hole, please contact someone in the forums at
http://get-simple.info/forum

CREDITS

TEAM

Founder / Creator: Chris Cagle
Forum Handle: ccagle8
Site: http://get-simple.info/forums/member.php?action=profile&uid=3
Twitter: @ccagle8
Location: Pittsburgh, Pennsylvania, USA

Lead Developer: Shawn Alverson
Forum Handle: shawn_a
Site: http://get-simple.info/forums/member.php?action=profile&uid=1878
Location: Tennessee, USA

THANKS

Mike Swan (n00dles)
Carlos Navarro (cnb)
Joshas
Connie Connie Müller-Gödecke (Connie)
Thorsten Panknin (polyfragmented)
Mike Henken (MikeH)
Martijn van der Ven (Zegnåt)
...and the countless others on the forums and SVN that help us make this amazing product possible.

Libraries

company logos in the icons are copyright of their respective owners

Vector Social Media Icons
http://icondock.com/free/vector-social-media-icons

Ckeditor
http://ckeditor.com/

jcrop
http://deepliquid.com/content/Jcrop.html

marijnh/CodeMirror
http://codemirror.net/

fancybox
https://github.com/fancyapps/fancyBox

rgrove/lazyload
https://github.com/rgrove/lazyload

enyo/dropzone
https://github.com/enyo/dropzone

fontawesome
http://fontawesome.io/

bigspotteddog/scrolltofixed
https://github.com/bigspotteddog/ScrollToFixed

dropzonejs
http://www.dropzonejs.com/


GetSimple CMS - http://get-simple.info/

Comments
  • Allow localized date formats

    Allow localized date formats

    Original author: ccagle8 (November 03, 2010 03:40:31)

    http://get-simple.info/forum/topic/1103/strtotime-instead-of-strftime-function/

    looks like we need to use iconv in basic.php where we output the date in both long and short format

    Original issue: http://code.google.com/p/get-simple-cms/issues/detail?id=85

    Enhancement in progress need feedback 
    opened by n00dles 38
  • Next Release

    Next Release

    I would like to start planning the next release and figure out if we are going to just cut everything we have done since 3.1.2 into 3.1.3.

    There are no critical security or bugfixes I know of so i am fine with that, provided we beta it a bit.

    We can create a milestone, and create any features or bugs we have to get into it.

    We can start with the release notes, the changelist is below, we can copy it and clean it up and add the issue notes to the individual issues. Or maye i can wrtie something to grab all this togather automatically.

    https://github.com/GetSimpleCMS/GetSimpleCMS/compare/v3.1.2...master

    Start using our wiki for the output perhaps. And to detail any new functions or functionality we added etc.

    PRIORITY discussion Documentation 
    opened by tablatronix 32
  • Adding tabbed interfaces to admin theme

    Adding tabbed interfaces to admin theme

    We need tabs in admin pages. How should we implement them ? from scratch using css or using jquery-ui tabs ?

    Thoughts.

    For example in pages, pages options get larger and larger, we need tabs so we can add, history, meta, options, backups, drafts.

    Enhancement PRIORITY in progress 
    opened by tablatronix 28
  • Sitemap hooks broken, New filter added

    Sitemap hooks broken, New filter added

    I think there was no issue for this, so: http://get-simple.info/forums/showthread.php?tid=3056

    More comments about this here: http://get-simple.info/forums/showthread.php?tid=2624&pid=23591#pid23591

    Bug Documentation 
    opened by cnb 26
  • page manager tree

    page manager tree

    • [x] rewritten tree renderer get_pages_menu
    • [x] js tree folding
    • [x] collapse / expand top ancestors
    • [x] save state
    • [x] disable able, fall back to standard indentation with no js
    • [x] pure css indentation and expanders
    • custom , lightweight , optimized, possibly ported to other tree usage in core
    • uses no recursion, level-order walking
    • requires only depth and parent markers on nodes, extremely fast to generate lists

    500 page lists are rendered in 350ms plus js, can probably eventually be cached, and allow multiple hierarchies to be applied. Improvements over previous pages render code is about 30-90% faster depending on page set size. A small step in resolving larger sites issues and over 1 second admin pages load times. Should be able to reasonable handle several thousand pages without core modification. Of course there is more work here for pagination, menu organization etc. #516

    I can probably add some checks to avoid js generation of expanders etc if they are pre populated in html. Right now its all done in js for ease of implementation and portability.

    Enhancement in progress DEV 
    opened by tablatronix 25
  • SECURITY ISSUE 3.1.2 maybe earlier

    SECURITY ISSUE 3.1.2 maybe earlier

    wow I tried to find this exact exploit and somehow missed it.

    POST['LANG'] is the most common damn code insertion path traversal vulnerability. and we have it with no sanitation whatsoever.

    http://packetstormsecurity.com/files/119298

    Bug PRIORITY 
    opened by tablatronix 24
  • get_Page_Excerpt refactor

    get_Page_Excerpt refactor

    1832604ea7da7773ad4f0aa3244d4e4ea03e00e4 (974dad0948a69bd47e455d35107105e78da030af da00eef8a78c0633f384d103b8219fa8d7b59f71) #736

    replaced this with abstracted function for truncating any string

    /**
    *  getExcerpt
     * Get String Excerpt
     *
     * @since 3.3.2
     *
     * @uses mb_strlen
     * @uses mb_strrpos
     * @uses mb_substr
     * @uses strip_tags
     * @uses strIsMultibyte
     *
     * @param string $n Optional, default is 200.
     * @param bool $striphtml Optional, default true, true will strip html from $content
     * @param string $ellipsis Optional, Default '...', specify an ellipsis
     * @return string
     */
    

    Will break on last word boundary to prevent splitting words. This probably needs to be smarter and add features to make it useful, right now it is not that reliable.

    We allow not stripping html tags which allows for open tags and broken html. This is a bug to me.

    • [ ] ~~prevent splitting on html tags~~ , probably unnecessary, cleaning html, to auto close tags, will also remove non matched end tags
    • [x] auto close html tags so it is actually safe to use rich excerpts, I have a solution for this
    • [x] no breaking ( force split where I say so )
    • [x] default to strip tags ( not the opposite )
    • [ ] filter ?
    • [x] handle unicode word boundaries properly, not just ascii spaces
    Enhancement Refactor 
    opened by tablatronix 20
  • Problem with index sub pages

    Problem with index sub pages

    1. Create sub page for index page.
    2. Turn on FancyURLs with %parent%/%slug%/ pattern.

    Now created sub page has an address http://site-url/index/sub-page/

    Navigate to it and you will get index page, not sub page.

    Bug wontfix need feedback 
    opened by dimayakovlev 19
  • SECURITY exposure of data

    SECURITY exposure of data

    Front end data leakage.

    I can probe for valid files, and easily bypass the front end path traversal id filtering.

    I can probe for valid usernames based on the 404 or not. Fortunately we are loading in xml from this and not directly exposing any, but its just a matter of time before I find a way to output some other data from any other file.

    Since I can force the file to actually be read anywhere in the filesystem, I can probably trip this up with certain plugins to expose the actual data in the file. I do not have a proof for that yet.

    Bug 
    opened by tablatronix 19
  • Processing content before template include

    Processing content before template include

    IMHO, content must be processed before including template (мaybe with index-pretemplate hook). This gives more flexibility in the use of shortcodes in page content. Now shortcodes have no access to page header, and they cannot add required stuff into it (CSS, JavaScript, tags).

    wontfix 
    opened by dimayakovlev 18
  • Page 'Meta Description' contains Style/Script declarations

    Page 'Meta Description' contains Style/Script declarations

    If a page has no 'Meta Description' set and GSAUTOMETAD is true, then any page which contains inline <style></style> tags will pollute the 'Meta Description' with CSS declarations. The same situation applies with <script></script> tags.

    This occurs because strip_tags() is called on the description which removes the tags, but not the declarations therein. A solution might be to remove the contents of the tags before calling strip_tags.

    This could be archeived by using preg_replace or preg_match, but this is not the most reliable solution. So, I suggest the following changes to the code; it uses the DOMDocument class to handle the removal of the script and style tags before it has strip tags applied to it:

    Before:

        // meta description from v3.3.5
        if ($metad != '') {
            $description = get_page_meta_desc(FALSE);
        } 
        else if(getDef('GSAUTOMETAD',true))
        {
            // get meta from content excerpt
            if (function_exists('mb_substr')) { 
                $description = trim(mb_substr(strip_tags(strip_decode($content)), 0, 160));
            } else {
                $description = trim(substr(strip_tags(strip_decode($content)), 0, 160));
            }
    
            $description = str_replace('"','', $description);
            $description = str_replace("'",'', $description);
            $description = preg_replace('/\n/', " ", $description);
            $description = preg_replace('/\r/', " ", $description);
            $description = preg_replace('/\t/', " ", $description);
            $description = preg_replace('/ +/', " ", $description);
        }
    
        if(!empty($description)) echo '<meta name="description" content="'.$description.'" />'."\n";
    

    After

      // New Meta Description
      if (!empty($metad)) 
      {
        $description = get_page_meta_desc(false);
      }
      elseif (getDef('GSAUTOMETAD',true)) 
      {
        # Generate Meta Description from content excerpt
        # Updated to handle 'script' & 'style' tags by also removing their content.
        # @uses: DOMDocument | @modifies: $description
        # Written 2015-06-03 04:00am by GitHub: johnstray
        $dom = new DOMDocument('1.0','UTF-8');
        $dom->loadHTML($description);
        $scripts = $dom->getElementsByTagName('script');
        $styles = $dom->getElementsByTagName('style');
        while ( ($node = $scripts->item(0)) || ($node = $styles->item(0)) ) {
            $node->parentNode->removeChild($node);
        }
    
        // Replace multipe preg_replace() with single containing '\s' (white-space)
        // The covers all the previous \n, \r & \t replacements
        $description = preg_replace('/\s+/', ' ', trim(strip_tags($dom->saveHTML())));
        $description = str_replace('"','', str_replace("'",'', $description));
      }
      if(!empty($description)) echo '<meta name="description" content="'.$description.'" />'."\n";
    
    Bug 
    opened by johnstray 18
  • Google Font is stored locally in theme

    Google Font is stored locally in theme "Innovation"

    Default theme "Innovation" fetches one font file directly from Google Fonts servers.

    There has been a court verdict in Germany that this breaks European data protection law. Some background here. Website owners now get letters from lawyers who claim compensation for violating data protection of their clients (here).

    The licence of Google Fonts allows to store Google Font files on local server and add font files also to one's product: https://developers.google.com/fonts/faq.

    Best mitigation is to load the Google font directly from GetSimple installation.

    This fixes https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1354

    opened by domaniko 0
  • Default theme

    Default theme "Innovation" loads font data from Google Fonts servers

    Default theme "Innovation" fetches one font file directly from Google Fonts servers.

    There has been a court verdict in Germany that this breaks European data protection law. Some background here. Website owners now get letters from lawyers who claim compensation for violating data protection of their clients (here).

    The licence of Google Fonts allows to store Google Font files on local server and add font files also to one's product: https://developers.google.com/fonts/faq.

    Best mitigation would be to load the Google font directly from GetSimple installation.

    The required change is tiny, but requires one font file to be added to SimpleCMS. On interest I could provide a PR.

    task good first issue 
    opened by domaniko 7
  • PHP 8.1: FILTER_SANITIZE_STRING is deprecated, use htmlspecialchars() instead

    PHP 8.1: FILTER_SANITIZE_STRING is deprecated, use htmlspecialchars() instead

    This filter is being used in admin/inc/security_functions.php, function var_out($var, $filter = "special").

    To avoid using (and even mentioning) it, my suggestion for a small change inside the function: Omit key "string" in $aryFilter, and in this case, go to htmlspecialchars() instead. admin/inc/security_functions.php (lines 315 - 329):

           if(function_exists( "filter_var") && ($filter !== "string" )){
    		$aryFilter = array(
    			"int"     => FILTER_SANITIZE_NUMBER_INT,
    			"float"   => FILTER_SANITIZE_NUMBER_FLOAT,
    			"url"     => FILTER_SANITIZE_URL,
    			"email"   => FILTER_SANITIZE_EMAIL,
    			"special" => FILTER_SANITIZE_SPECIAL_CHARS,
    			"full"    => FILTER_SANITIZE_FULL_SPECIAL_CHARS
    		);
    		if(isset($aryFilter[$filter])) return filter_var( $var, $aryFilter[$filter]);
    		return filter_var( $var, FILTER_SANITIZE_SPECIAL_CHARS);
    	}
    	else if ($filter === "string") {
    		return htmlspecialchars($var);
    	}
    	else {
    		return htmlentities($var);
    	}
    

    See also https://www.php.net/manual/en/filter.filters.sanitize.php

    opened by redflitzi 0
  • Remote command execution vulnerability in 3.3.16

    Remote command execution vulnerability in 3.3.16

    Go to the edit-theme. PHP file, click the sava Changes button below, and grab the package. a9 b Use.. / to change the edited_file parameter in the request package c Then we access index.php d e

    Bug SECURITY 
    opened by PicklerBox 3
Releases(v3.3.16)
  • v3.3.16(Mar 3, 2020)

    Some security vulnerabilities in v3.3.15 SECURITY #1310 by LoRexxar was closed on May 24, 2019 3.3.16

    Arbitrary File Delete - Security PRIORITY SECURITY #1303 by jadacheng was closed on Mar 5, 2019 3.3.16

    GetSimpleCMS allowed to some files that are able to execute HTML Bug SECURITY #1301 by Hexife was closed on May 24, 2019 3.3.16

    Advisory from Netsparker - GetSimpleCMS - Open Redirection Bug SECURITY #1300 by DanielBishtawi was closed on May 22, 2019 3.3.16

    Insert Stored XSS in setting.php SECURITY #1298 by 1130479816 was closed on May 24, 2019 3.3.16

    Stored XSS in GetSimple CMS Duplicate SECURITY #1297 by security-breachlock was closed on May 24, 2019 3.3.16

    Cross Site Scripting Vulnerability in GetSimple CMS v-3.3.13 Bug SECURITY #1293 by riteshgupta1993 was closed on May 23, 2019 3.3.16

    debug_backtrace() was changed in PHP 7 Bug in progress #1238 opened on Oct 30, 2017 by bigin 3.3.16

    Source code(tar.gz)
    Source code(zip)
  • 3.3.15(Sep 7, 2018)

  • v3.3.14(Dec 20, 2017)

    #1243 upload ext not lowercase #1224 CVE 2017-8081 Bug DEV SECURITY #1223 php 7 deprecates char arrays Bug

    CAUSES PROBLEMS WITH PHP 7!

    #1238 1238 debug_backtrace() was changed in PHP 7

    Source code(tar.gz)
    Source code(zip)
  • v3.4.0.9(Mar 10, 2018)

    A very early alpha release, default options have not been set, there are no documentation ( aside from git issues labelled documentation )

    For QA at this point, but feel free to test it out, it should be fairly stable enough to run live on a non production site

    Docs

    https://github.com/GetSimpleCMS/GetSimpleCMS/issues/467

    Discord

    Join us on discord https://discord.gg/vpgyHQa

    Warning

    Not all plugins are compatible with this, anything that includes codemirror or ckeditor may have issues or conflicts with the versions included in core now

    Screenshots

    555dfb0f-d948-428a-a179-4622bc2873bb

    Source code(tar.gz)
    Source code(zip)
  • 3.4.0a1(Feb 25, 2018)

  • v3.3.13(Oct 10, 2016)

  • 3.3.12(Sep 17, 2016)

  • v3.3.11(Jun 24, 2016)

    #1177 Getsimple CMS <= 3.3.10 Arbitrary File Upload Vulnerability - s0nk3y #1159 Built-in transliteration Feature #1181 no default font color

    Source code(tar.gz)
    Source code(zip)
  • v3.3.10(Mar 22, 2016)

    #1147 settings password form fill annoyance Bug #1145 utf-8 all xml headers Bug #1144 FILTER_SANITIZE_FULL_SPECIAL_CHARS not supported php 5.2 Bug #1143 Duplicate id #sitename on settings Bug #1120 Core Data Files can not be used as custom data storage Feature #1149 disable chmods GSDOCHMOD #1136 Preserve case in uploads define('GSUPLOADSLC',false) #1155 update cke 4.5.9 - ckeditor cache problem #1161 ckeditor plugins and disable autogrow

    Source code(tar.gz)
    Source code(zip)
  • v3.3.9(Mar 27, 2016)

  • v3.3.8(Jan 2, 2016)

    #1130 theme.php persistent xss injection SECURITY #1127 theme.php POST template persistent xss SECURITY #1111 page delete never fails on error #1103 Reflected XSS - Uploads section SECURITY #1131 Function createBak in 3.3.x always return false

    Source code(tar.gz)
    Source code(zip)
  • v3.3.7(Jul 13, 2015)

    FIX #1077 upload protection breaks on apache 1.3 FIX #1074 Stored XSS in the USER profile SECURITY FIX #1071 disabled select text color FIX #1067 Persistant/Stored XSS while creating page and also in backups SECURITY FIX #1065 uploadifybutton not themed FIX #1078 plugin api checks can crash plugins.php added GSNOPLUGINCHECK FIX #1081 x-frame can break stuff NEW #1089 format xml files

    Source code(tar.gz)
    Source code(zip)
  • v3.3.6(Apr 14, 2015)

    FIX #1029 page save never fails FIX #1028 gsnoframe applies to front end FIX #1048 definition check issues FIX #1043 install apache error is misleading FIX #1049 cke sperators are not visible FIX #1060 file upload security bypass, using whitelist and mime checking SECURITY FIX #1059 filebrowser arbitrary js injection SECURITY FIX #1058 thumb.php security bypass copy/move files SECURITY FIX #1057 theme-edit directory traversal SECURITY FIX #1050 Page 'Meta Description' contains Style/Script declarations FIX #1046 Persistent XSS - GetSimpleCMS 3.3.5 SECURITY NEW #1032 upload execution protection NEW #1042 new blacklist extensions NEW #1044 ckeditor keep some empty tags NEW #1051 strip shortcodes FIX #1064 plugins table has no highlight

    Ensure uploads still work

    Source code(tar.gz)
    Source code(zip)
  • v3.3.5(Dec 2, 2014)

    FIX: #974 files does not show permissions on windows FIX: #973 image.php dir traversal SECURITY FIX: #972 log.php xss SECURITY FIX: #971 prevent backend in frames x-frame policy SECURITY FIX: #970 better cookie security SECURITY FIX: #969 backup-edit traversal SECURITY FIX: #966 Security vulns SECURITY FIX: #965 corrupt page fatal error FIX: #948 Fatal Error => zip-Backup FIX: #945 placeholder confusion FIX: #944 XML External Entity (XXE) Vulnerability in admin/api.php SECURITY FIX: #979 some debug info when uploading image FIX: #996 Reverse Proxy : url detection

    Source code(tar.gz)
    Source code(zip)
  • v3.3.4(Sep 5, 2014)

    #929 admin panel sidebar on Safari, weird transition #904 new page nonindex existing-url notices #903 fix undo for create new page #902 Missing argument 1 for getRegexUnicode() notices

    Source code(tar.gz)
    Source code(zip)
  • v3.3.3(Jun 23, 2014)

    https://github.com/GetSimpleCMS/GetSimpleCMS/issues?milestone=9&page=1&state=closed

    FIX #894 component slugs case sensitive -sarnaiz FIX #891 Ckeditor toolbar newline issue -cnb FIX #867 pages cache (pages.xml) not updated after UNDO operation, in page edition FIX #866 GSSUPPRESSERRORS constant typo -flexphperia SUPRESSERRORS still works but is now deprecated FIX #825 setup form still showing on install error FIX #821 filetime uses ctime -lnickel FIX #818 scrolltofixed assets -mvlcek FIX #805 component xml corruption -emanwebdev FIX #623 Only Https for Admin issues

    Source code(tar.gz)
    Source code(zip)
  • v3.3.2(May 16, 2014)

    FIX #806 fix broken wiki links, using /docs rewrites now FIX #788 Update template.php validation issue -STudio26 FIX #797 numerous settings fields allow persistent xss FIX #793 GSUSECUSTOMSALT changes FIX #745 Formatted xml data files problems FIX #784 pagecache contains url in duplicate FIX #713 Slug matching root folder saveable -n00dles FIX #765 unable to upload jpeg (genStdThumb) -flexphperia FIX #728 no gd fatal errors -lnickel FIX #764 simplexml missing check FIX #771 upload filename cleaning @ -b3n FIX #776 json toolbar not working FIX #775 custom toolbar not working -Markus00000 FIX #524 no cache control FIX #773 add exist checks on unlink tmp files FIX #735 temp files are deleted FIX #774 uploadify does not error out FIX #772 file upload overwrite protection double encoding FIX #695 permalink not trimmed FIX #580 htaccess rewrite config FIX #812 reset password username leakage - nerdbox.it FIX #813 Ensure login logging issues do not break login

    NEW #344 reset password issues NEW #790 get_Page_Excerpt refactor NEW #711 sidebar links to components, focus component content NEW #709 create component doesn't focus input NEW #750 debugLog improvements, accepts arrays as argument NEW #682 Compatibility with Apache v2.4 NEW #766 lang file loading protection NEW #770 Make installs more simple NEW #737 mb_internal_encoding not set NEW #767 Remove Yahoo ping sitemap function DEPRECATED NEW #653 header content-type utf-8 NEW #683 htaccess wrap rewrite

    Source code(tar.gz)
    Source code(zip)
  • v3.3.1(Feb 3, 2014)

    Patch release for v3.3.0 priority bugs.

    FIX #753 support plugins that modify cke globals FIX #751 menu manager subsequent saves fail -apt FIX #744 left in debugging FIX #742 missing failedlogins.log issue

    Source code(tar.gz)
    Source code(zip)
  • v3.3.0(Jan 28, 2014)

    Release issue

    FIX #310 caching hooks unusable bug documentation Refactor FIX #363 Sitemap hooks broken, New filter added bug documentation FIX #466 Session expire redirects do not resume bug FIX #512 Install password not showing bug FIX #531 slug prefixed with dash if page title begins with a space bug FIX #576 anonymous data plugin sidemenu bug FIX #603 Edit / Pages not using page cache bug Refactor FIX #608 Install emails not received bug FIX #614 Curl init not being checked bug FIX #615 failure log corruption utf-8 cyrillic usernames bug FIX #617 backup-edit ckeditor config entities bug FIX #625 Long Site names overflow login form bug FIX #626 $EDOPTIONS comma safe bug FIX #631 cke globals are not actually global bug FIX #633 i18n_r called before lang loaded bug FIX #646 health check xml invalid if empty bug FIX #647 Logins broken by php notice/warnings bug FIX #648 Login cookie set twice bug FIX #661 admin styles are cached and old after upgrades bug FIX #667 Mail warning on install, breaks cookies bug FIX #673 ajax redirects not handled bug FIX #710 Plugins not sorted FIX #718 cannot redeclare in upload.php bug FIX #721 ck-editor IE10 fatal errors FIX #734 plugins updated js messages not translated FIX #686 setup shows the form again if there is a mail error

    NEW #469 Always show component tags feature NEW #562 i18n fallback default language feature documentation NEW #589 cutting edge and betas feature NEW #605 Dynamic css classes in menus feature documentation NEW #609 Missing page cache implementations feature NEW #637 detect api timeouts for error handling feature NEW #641 better health check for disabled functions feature NEW #642 Better textarea tab spacing feature NEW #651 additional health check info feature NEW #653 header content-type utf-8 feature NEW #659 Increase cookie timeout feature NEW #664 update.php issues feature Refactor NEW #668 add page cache filter feature documentation NEW #669 add sitemap filter feature documentation NEW #674 cannot update or install from root NEW #688 lazy loading pagecache in caching functions -cnb feature NEW #711 component input focus on side nav -cnb feature NEW #705 invisible / phantom slug filters / hooks NEW #712 add editor link filter NEW #722 ckeditor upgraded to 3.6.6

    Source code(tar.gz)
    Source code(zip)
  • v3.2.3(Aug 21, 2013)

    Some plugins use their own ckeditor and make use of $EDOPTIONS globals, this allows them to continue without incompatabilities. $EDOPTIONS is now expected to not have commas, and will be trimmed for safety beforebeing used in edit.php

    #626 $EDOPTIONS gets a , prefixed to it

    Source code(tar.gz)
    Source code(zip)
  • v3.2.2(Aug 18, 2013)

    Change Log

    • refactor plugins checking, plugins are only scanned on plugins page now
    • Persistent plugin api calls on backend, now confined to plugins page only
    • Replaced memory_limit -1 with 100M in thumb.php
    • javascript injection filtering on pages display
    • enabled auto saving to live pages for general testing
    • Feature #571: File upload whitelists advanced config
    • Feature #568: Remove branding from public admin pages
    • Feature #567: Added github link on support page
    • Feature #561: Improved ckeditor options and toolbar config capability
    • Feature #559: Hide innovation settings if theme is not innovation
    • Feature #520: Added google+, many others, to innovation theme social
    • Feature #501: Added css classes for widesec and wideopt
    • Feature #398: Switching Themes shows preview image now
    • Feature #584: CKEditor dataformatter behavior, breakbefore and indentation formatting changes
    • Feature #592: Remove back end assets/hooks from public front end auth pages
    • Feature #591: Auto meta descriptions no longer default, added GSAUTOMETAD
    • Feature #549: Remove meta generator
    • Bug #407: get_api_details fails, added debug handlers , improved detection and fallback
    • Bug #493: Fix cdns to fallback to local
    • Bug #554: Codemirror theme editor broken when Admin folder changed
    • Bug #356: CSRF Detected
    • Bug #585: Thumbnails not created
    • Bug #594: Share.php issues
    Source code(tar.gz)
    Source code(zip)
ExpressionEngine is a flexible, feature-rich, free open-source content management platform that empowers hundreds of thousands of individuals and organizations around the world to easily manage their web site.

ExpressionEngine CMS ExpressionEngine is a mature, flexible, secure, free open-source content management system. It is beloved by designers for giving

ExpressionEngine 412 Dec 27, 2022
Bedrock is a modern WordPress stack that helps you get started with the best development tools and project structure.

WordPress boilerplate with modern development tools, easier configuration, and an improved folder structure

Roots 5.7k Jan 9, 2023
Best logging support into Nette Framework (@nette)

Website ?? contributte.org | Contact ????‍?? f3l1x.io | Twitter ?? @contributte Usage To install the latest version of contributte/monolog use Compose

Contributte 21 Dec 1, 2022
True Multisite, Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig, and Symfony

True Multisite, Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig, and Symfony

null 4 Oct 28, 2022
A flexible and fast Cms built with Symfony and Vuejs.

GreenCheap CMS A modular and lightweight CMS made with Symfony and Vuejs components GreenCheap works with PHP 8 version. In this case, lower versions

GreenCheap 57 Oct 29, 2022
Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS

Grav Grav is a Fast, Simple, and Flexible, file-based Web-platform. There is Zero installation required. Just extract the ZIP archive, and you are alr

Grav 13.6k Jan 4, 2023
Azuriom is a modern, reliable, fast and secure game CMS.

Azuriom Azuriom is the next generation game CMS, it's free and open-source, and is a modern, reliable, fast and secure alternative to existing CMS so

Azuriom 359 Jan 4, 2023
Azuriom - a modern, reliable, fast and secure game CMS.

Azuriom is the next generation game CMS, it's free and open-source, and is a modern, reliable, fast and secure alternative to existing CMS so you can have the best web experience possible.

Azuriom 281 May 5, 2022
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico Pico is a stupidly simple, blazing fast, flat file CMS. Visit us at http://picocms.org/ and see http://picocms.org/about/ for more info. Screensh

null 3.6k Jan 5, 2023
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico is a stupidly simple, blazing fast, flat file CMS.

null 3.6k Jan 5, 2023
Pico is a stupidly simple, blazing fast, flat file CMS.

Pico is a stupidly simple, blazing fast, flat file CMS.

null 15 Jul 30, 2022
Baicloud CMS is a lightweight content management system (CMS) based on PHP and MySQL and running on Linux, windows and other platforms

BaiCloud-cms About BaiCloud-cms is a powerful open source CMS that allows you to create professional websites and scalable web applications. Visit the

null 5 Aug 15, 2022
Bootstrap CMS - PHP CMS powered by Laravel 5 and Sentry

Bootstrap CMS Bootstrap CMS was created by, and is maintained by Graham Campbell, and is a PHP CMS powered by Laravel 5.1 and Sentry. It utilises many

Bootstrap CMS 2.5k Dec 27, 2022
PHPDish is a powerful forum system written in PHP. It is based on the Symfony PHP Framework.

PHPDish 是一个基于Symfony框架开发的内容社区系统;得益于大量的前端以及后端的第三方类库的使用使得PHPDish有着高质量的代码,敏捷实现; 你可以使用composer或者直接下载本仓库进行程序的安装,注意切换到tag。 PHPDish 开发手册以及详细安装文档 Requirements

PHPDISH 227 Dec 8, 2022
PHPDish is a powerful forum system written in PHP. It is based on the Symfony PHP Framework.

PHPDish 是一个基于Symfony框架开发的内容社区系统;得益于大量的前端以及后端的第三方类库的使用使得PHPDish有着高质量的代码,敏捷实现; 你可以使用composer或者直接下载本仓库进行程序的安装,注意切换到tag。

PHPDISH 227 Dec 8, 2022
Flextype is an open-source Hybrid Content Management System with the freedom of a headless CMS and with the full functionality of a traditional CMS

Flextype is an open-source Hybrid Content Management System with the freedom of a headless CMS and with the full functionality of a traditional CMS. Building this Content Management System, we focused on simplicity. To achieve this, we implemented a simple but powerful API's.

Flextype 524 Dec 30, 2022
NukeViet 132 Nov 27, 2022
BaiCloud-cms is a powerful open source CMS that allows you to create professional websites and scalable web applications. Visit the project website for more information.

BaiCloud-cms About BaiCloud-cms is a powerful open source CMS that allows you to create professional websites and scalable web applications. Visit the

null 5 Aug 15, 2022