SwiftyEdit 1.2 is ready and brings some new features in addition to the usual bug fixes. There are also some important security updates for the frontend. Find out what's new here.
All input elements have been adapted and standardized. The Pages, Blog, Shop and Events areas can now be controlled using a new (global) filter function. Status, label and languages can be defined here. Searching and filtering by keywords remains individual for each area. The search has been harmonized in all areas and now works the same everywhere.
The Pages and Products sections have been given new sorting functions: Link name (pages only), Priority, Entry date, Last edit date, Price (products only).
Switching from dark/light mode is now possible at any time in any area of the backend. The backend no longer requires different themes, but now relies on the color modes provided by Bootstrap.
The assigned languages are now displayed in the categories. This means that there is no more confusion if a category has the same name in several languages.
The Sidebar for documentation has been completely renewed. Not only the SwiftyEdit documentation can now be displayed in the backend. Each addon and each theme can now place its own documentation in the backend.
In order to be able to offer different payment methods, these have been completely outsourced or converted into addons. Two of these methods already come with the core, others (e.g. PayPal Checkout) are already in the works and will be coming soon.
In addition to some minor security updates, this release also contains fixes that affect the frontend.
Cross-Site Request Forgery (CSRF) vulnerability
In the procedure for resetting the password, users could be tricked into changing the password, e.g. by a faked form. This bug has been fixed. All form entries are now also verified in the frontend via CSRF token. Many thanks to Panagiotis Georgiou (@mechaneus) for reporting this bug.
Attention: With this update, the CSRF token must be added to all forms in the frontend. In addition to the forms in the themes, this also affects all addons and plugins.
This update is strongly recommended for all users.
The backend can be set to development mode via the
config.php file. This will display all
$_REQUEST variables. In addition, the updater can be executed as often as required.
Addons can execute functions at certain points in the backend. For example, automatically translate and save pages.
The categories have been revised. Since errors occurred as soon as more than 10 categories were used, the ID/assignment has been rewritten. When calling up the categories in the backend, the new IDs are reassigned and all entries are automatically updated.
As always, the update is displayed in the backend under Preferences > Update.
If you are new to SwiftyEdit, you can find an installation guide here.