mojoPortal 2.1.8 is now available from the download page.

This release has an important fix for a security vulnerability so I recommend for everyone to upgrade as soon as possible. It is a very easy upgrade from version 2.1.7, all you need to do is replace the mojoPortal.Web.dll in the bin folder with the one from the new release.

Thanks to Cemalettin Polat for reporting this issue. The problem was that in FCKeditor by default the link dialog window launched from the toolbar includes functionality that allows uploading files and browsing of some folders on the server. This should not be allowed on the Contact Form and the Blog Comments form because these are available to anonymous users. I have disabled this in the new release. I also disabled this in the ForumPostEdit.aspx page for users who are not in the  Admins or Content Admins role.

Additionally this release fixes another bug that only happens when running under Medium trust, there was an error being raised on the Registration page when running under Medium trust and this would prevent new users from registering. Thanks to Anand Narayanaswamy for reporting this issue.

Update: I just noticed that the security issue also existed in the 1.04 Mono version of mojoPortal. I have corrected the problem and released version 1.0.5. Again, it is only the mojoPortal.Web.dll that needs to be replaced to upgrade from 1.0.4 to 1.0.5

mojoPortal 2.1.7 is now available from the download page.

This is primarily a minor bug fix release. It is an easy upgrade from 2.1.6 as there are no changes in the database at all.

Fixed issue where in Medium Trust hosting environments the image upload did not work in FCKeditor or in the Image Gallery

Fixed a style bug where the new SiteStatistics module did not look right in IE6. Most of my machines are updated to IE7 so I didn't test in IE6 for the last release. Fortunately I have a virtual machine still running IE6 so I was able to correct the css for IE6. I still would recommend anyone using IE6 to upgrade to IE7.

New Feature: SessionKeepAliveControl. I've been meaning to implement this for a long time and it was easy low hanging fruit. Have you ever been editing content and had the edit page open so long that your login session expired and when you went to save your work you lost it because you got an access denied error? Well, this control has been added to all the edit pages and will keep your session alive as long as the page is open in the browser by making a background request before your session times out.

As always, be sure and back up everything before doing an upgrade and if you have any trouble, post in the forums and I will try to help.

Joe

I'm very happy to announce the mojoPortal e-Commerce Solution Project,  a new sub project to implement an e-commerce functionality that integrates with mojoPortal.

I will be developing this feature myself as we have a target date for the intitial implementation by February 2007. This is the first project for which we have a sponsor who is partially funding the development effort. The project is not yet fully funded though so I am looking for additional sponsorship. If your company is interested in becoming a sponsor for this project please contact me. See our Sponsors page for more information.

I'd like to thank and welcome our first sponsor BrainBeacon, providers of high quality IT Certification study materials.


 

mojoPortal 2.1.6 is now available from the download page.

This release adds a new Site Statistics Module and some bug fixes.

This will be an easy upgrade if you are running mojoPortal 2.1.x with no custom modules of your own because there are no schema changes in the db. If using MS SQL or PostgreSQL you need to re-run the script that creates stored procedures.

If you have custom modules you have implemented yourself, you should test your code with the latest source code. There were some major namespace re-organizations that may have broken your custom code. See my previous blog post, and if you need help changing your code so it works with the new changes in mojoPortal, please post in the forums and I will try to help.

If you have custom skins, you may also need to tweak the css for the menu, see the included skins css files for changes I made there.

As always be sure and back up both your db and your site before attempting an upgrade. If you run into problems post in the forums and I will help.

Joe

I'm very happy to announce a new sub project to implement a Project Management Solution based on the principles of the Project Management Institute (PMI), that integrates with mojoPortal.

Thiago Alves will be the Project Manager and Lead Developer for this project.

Read the details of the vision and scope for this project here: 

I will also be contributing development effort on this. I met Thiago on the Mono project mailing list and am very excited to be working with him.  I had been planning a project management feature for mojoPortal for a long time and when he mentioned that he was planning to implement a Project Management Solution that works with Mono I got very interested. So after talking about the goals for the project, I convinced him to collaborate and build on mojoPortal. This means he can get started right away on the features needed for project management and not have to spend development time on things like role based security, search infrastructure, skinning, and other infrastructure that every site needs.

We are also looking for corporate sponsors who might be interested in sponsoring some of the development for this project. I will be creating a new page on this site soon with information on sponsoring development of features for mojoPortal. The advantage to sponsoring development is that sponsored projects get more priority with development effort and sponsors get strong input on feature requirements to make sure the implemented feature meets their needs. Sponsoring open source development can be much more economical than developing features in house or hiring consultants to build custom applications. It could also be more economical if we can get multiple corporate sponsors to contribute, then the sponsorship cost to each can be reduced.

UPDATE: This project never made it past the planning stage.