Hosting Moodle

3.5
 (Hauptversion)
8 Juni - 270MBMoodle 3.5 focuses on GDPR compliance and enhanced usability and accessibility.



Highlights

Privacy and policies area in Profile

Course images on the dashboard

Clearer icons, accessible fonts

Directly record sound and video

Choice results display

Moodle from your Mobile! (coming soon)

More efficient user management

Award badges based on other badges

Filter questions by tag

Quiz Essay questions

GDPR features

Simple Global Search

LTI Advantage 1.1 support

More badge criteria

Cohort themes

New capabilities

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.5_release_notes






3.4.3
 (Sicherheitsupdate)
18 Mai - 270MBPlugins are available for Moodle 3.3 and 3.4 to help Moodle sites to comply with GDPR - Data privacy, Policies. In Moodle 3.5 they will be included in the standard distribution.



Highlights

Implement privacy API in various components and standard plugins for user data export and deletion



Bug Fixes

Assignment: Fixed incorrect "No submission" status if group submission changed to individual submission

File resource: Fixed download problem for files with long names

Performance improvement in Calendar in case of big number of course categories

Show grade category name in Grades Export

GDPR and privacy: Change default age of digital consent according to current legislation on each country

Lesson: Fixed regression in cluster navigation

Display participants count on course participants page

Display custom external tool icon in activity chooser

Show self enroled user as inactive when self enrolement method is disabled

A bug which led to the failure of some Scheduled Tasks in certain circmstances has been fixed.

Database module: Fixed bug with creating tables in templates using Atto editor

Quiz: Fixed a report bug where the count of the number of attempts is sometimes incorrect in group averages

Quiz: Fixed a bug where the question text was no longer exported in the quiz statistics HTML download

Quiz: Fixed a bug in the statistics report to display the chosen questions for random question slots

GDPR: Moved the Privacy and policies administration section to the Users tab (when GDPR plugins are installed)

Global search: Remove unicode non-characters from indexing to resolve indexing errors

Facebook OAuth2: Update the Facebook Graph API to v2.12



Security Issues

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.4.3_release_notes






3.4.2
 (Sicherheitsupdate)
4 April - 220MBHighlights

Migrate to reCAPTCHA v2

Quiz: now possible to edit user overrides even if quiz is not available to a student

Invisible default sections lead to unexpected visibility layout

Assignment: "additional files" are now shown in Edit Submission view



Security issues

Unauthenticated users can trigger custom messages to admin via paypal enrol script

Suspended users with OAuth 2 authentication method can still log in to the site



Bug Fixes

Fixed bug with loading CSS for editor

Fixed bug with empty user name on Participants page if username is included in user identitfy fields

Select correct default role during manual enrolment

Assignment: reset 'Blind marking' status during 'Course reset'

Choice: hide "unanswered" column when it is set so in choice settings

Single View & grades export should follow the same order set in gradebook set up

Performance: Modinfo cache can get built in parallel

Corrected end date for manual enrolments

EQUELLA repository: fixed error "The source url does not match the sourcekey."

Change "Remind me to grade by" date according to the new course start date after course restore



GDPR preparation

New Privacy subsystem

Allow plugins to handle site policies and overwrite $CFG->sitepolicy

Signup process - add minimum age verification

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.4.2_release_notes






3.4.1
 (Sicherheitsupdate)
28 Januar - 220MBMoodle 3.4.1 is a security and bug-fix release.



Highlights

LTI: backup and restore supports submissions and also course and site tools. References to the site tools are restored only on the same site (they are not included in course backup for security reasons).

If general backup setting "Include users" is unchecked, users with relevant capability can now backup user data

LDAP authentication method can now synchronise custom user profile fields



Fixes and Improvements

Accessibility: Gear icon is now properly defined for screen readers

Incomplete user accounts are now deleted after specified period of time (setting "Delete not fully setup users after")

Allow to connect to OAuth 2 services that only support client authentication via Basic Auth

Lesson: Multiple Choice answers appear on same line as radio button

Import Groups from CSV tool bug fixes

Folder resource: Large files deleted when editing teachers update resource with global maxbytes lower

Turning off Server Files Repository should not break courses that use it

Assignment: Converting images in submissions to pdf (unoconv)

IMS Common Cartridge import works correctly with HTML entities in URLs

Quiz: when group override is deleted the calendar event should also be deleted

Quiz: Clicking on help for "Shuffle" button no longer toggles shuffle itself

Assignment: The message "This assignment is not accepting submissions" is displayed in the assignment when override the grade

Category manager with the 'moodle/course:changecategory' should be able to move existing courses between categories

Lesson: Content pages no longer display grade

Allow uninstalling grading methods plugins

LTI: display correct icons

Lesson multi-choice questions with multiple answers: more clear indication for the user which answer was correct

Lesson: UI fix for content buttons running off the edge of the page

Lesson: Grade essays page shows which essays have been graded

"Sort my courses (navsortmycoursessort)" setting now respected on the dashboard

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.4.1_release_notes



Zeige mehr Versionen




3.4
 (Hauptversion)
30 Dezember 2017 - 220MBMoodle 3.4 is a major update that might deprecate or change the APIs to plugins that you are using.



WE HIGHLY RECOMMEND TAKING A BACKUP OF MOODLE BEFORE ATTEMPTING TO UPDATE YOUR APPLICATION and BE PREPARED TO DISABLE OR REMOVE PLUGINS AFTER OR EVEN BEFORE PERFORMING THE UPDATE IN ORDER TO MINIMISE PROBLEMS.



Calendar

Calendar entries in monthly view should include course shortname

Create calendar event quick-add

Add navigation of all calendar views without page reload

Add support for drag and drop of calendar events

Add support for creation and update of calendar events using a modal dialogue

Add support for calendar events at the category level



Management

Merge Course Participants and Enrolled Users pages

Add bulk editing of enrolment status/dates for users in the course participants page

Remove the "Brief / User Details" functionality from the participants page

Enrol Users button on participants page

Add filter controls to the participants page to allow custom filtering

Add a roles column to participants page

Add a groups column to the participants page

Add a status column to the participants page

Remove the columns from the participants page that are not in showuseridentity

Add "Proceed to course content" to participants page



Other Highlights

Implement analytics engine in Moodle

Add links and a drop down to navigate between activities

Allow teachers to mark activities as completed



Backup, Restore & Import

Correct the permissions required to download and restore course automated backups

Restore with roll forward changes dates for user data

Restore date should not roll for user created data - Core components



Global Search

Index contents of the restored courses

Course reset doesn‘t always shift dates (fixed)

Global search: Make it possible to search blocks

Global search: Allow partial indexing (in scheduled task)



Authentication

Assign arbitrary system roles via LDAP sync

Add option to trust email of an OAuth provider

Enable OAuth 2 token-based authentication for requests in webdav_client

Global Search: Increase file indexing coverage

Global search: Allow search of non-enrolled courses



Functional Changes

LIS Group Variables support in LTI

Should have checkbox for extra credit when you add a grade item

Web services: Manage tokens page should show tokens for all users

Display space used in My Private Files

Performance improvement in Server files repository

Performance improvement due to Role definition caching & accesslib refactoring

Assignment grading: Adding back "Save and show next"

Make section titles and course titles more accessible in Boost

Allow to tag database entries

Assignment: automatically remove embedded files that are no longer linked from submission text. Reduce the size of "Download all submissions"

Lesson overview report does not respect value of showuseridentity setting

Forum: make Subscription mode setting configurable



For Administrators (**Please read carefully: Possible issues that may affect you in Moodle 3.4**)

Deprecate loginhttps. Sites that used to use this setting will now be served via https always

Tool to convert http embedded content to https where available

Let the admin control if the course end date form field in course settings is enabled by default

New filters for User Tours

Compile SCSS files on the command-line

Upgrade: Show upgrade times

Missing index on (timemodified) in grade_items_history table and several other grade history tables. This will increase performance of various reports but may also slow down Moodle upgrade

Add CLI script to kill all sessions

Register and publish courses with moodle.net only, remove support for alternative hubs

Trigger an event in add_to_config_log function

Move "Messages" block out from the standard Moodle distribution

SEO - Create admin setting to be able to enable or disable search engine indexing for sites with forcelogin

Boost: Add a setting for background image

Create new security setting to configure the expiration time of tokens created via login/token.php or tool/mobile/launch.php



Security

Students can find out email addresses of other students in the same course (fixed)



For developers

Upgrade PHPUnit to 6.4 to ensure compatibility with PHP 7.2 - may require changes in unittests.

Compatibility with chrome mink driver

Provide a way to retrieve all courses a user can potentially access.

Global Search: Increase file indexing coverage

Global search: Make it possible to search blocks. See the new \core_search\base_block class.

Form element and admin setting type to choose file types and type groups

Formslib - add function to $mform that makes it possible to hide form elements dependent on selected values

Add possibility to disable admin warning if a development libs directory exists

Plagiarism: onlinetext submission should pass raw submissiontext to plagiarism get_links()

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.4_release_notes






3.3.6
 (Sicherheitsupdate)
18 Mai - 270MBPlugins are available for Moodle 3.3 and 3.4 to help Moodle sites to comply with GDPR - Data privacy, Policies. In Moodle 3.5 they will be included in the standard distribution.



Highlights

Implement privacy API in various components and standard plugins for user data export and deletion



Bug Fixes

Assignment: Fixed incorrect "No submission" status if group submission changed to individual submission

File resource: Fixed download problem for files with long names

Show grade category name in Grades Export

GDPR and privacy: Change default age of digital consent according to current legislation on each country

Lesson: Fixed regression in cluster navigation

Display custom external tool icon in activity chooser

A bug which led to the failure of some Scheduled Tasks in certain circmstances has been fixed.

Database module: Fixed bug with creating tables in templates using Atto editor

Quiz: Fixed a report bug where the count of the number of attempts is sometimes incorrect in group averages

Quiz: Fixed a bug where the question text was no longer exported in the quiz statistics HTML download

GDPR: Moved the Privacy and policies administration section to the Users tab (when GDPR plugins are installed)

Global search: Remove unicode non-characters from indexing to resolve indexing errors

Facebook OAuth2: Update the Facebook Graph API to v2.12



Security

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.3.6_release_notes






3.3.5
 (Sicherheitsupdate)
4 April - 220MBSecurity issues

Unauthenticated users can trigger custom messages to admin via paypal enrol script

Suspended users with OAuth 2 authentication method can still log in to the site



Highlights

Migrate to reCAPTCHA v2

Quiz: now possible to edit user overrides even if quiz is not available to a student

Invisible default sections lead to unexpected visibility layout

Assignment: "additional files" are now shown in Edit Submission view



GDPR Preparation

New Privacy subsystem

Allow plugins to handle site policies and overwrite $CFG->sitepolicy

Signup process - add minimum age verification



Bug Fixes

Assignment: reset 'Blind marking' status during 'Course reset'

Choice: hide "unanswered" column when it is set so in choice settings

Single View & grades export should follow the same order set in gradebook set up

Performance: Modinfo cache can get built in parallel

EQUELLA repository: fixed error "The source url does not match the sourcekey."

Change "Remind me to grade by" date according to the new course start date after course restore

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.3.5_release_notes






3.3.4
 (Sicherheitsupdate)
28 Januar - 220MB3.3.4



Security

Server Side Request Forgery in the filepicker

Setting for blocked hosts list can be bypassed with multiple A record hostnames

Privilege escalation in quiz web services

XSS in calendar event name



Highlights

LTI: backup and restore supports submissions and also course and site tools. References to the site tools are restored only on the same site (they are not included in course backup for security reasons).

If general backup setting "Include users" is unchecked, users with relevant capability can now backup user data

LDAP authentication method now can synchronise custom user profile fields



Bug Fixes

Accessibility: Gear icon is now properly defined for screen readers

Fixed bug preventing deletion of incomplete users accounts after specified period of time (setting "Delete not fully setup users after")

Allow to connect to OAuth 2 services that only support client authentication via Basic Auth

Lesson: Multiple Choice answers should appear on same line as radio button

Number of bug fixes in Import Groups from CSV tool

Folder resource: Fixed bug with big files being deleted when editing teachers update resource with global maxbytes lower

Turning off Server Files Repository should not break courses that use it

Assignment: Fixed bug when converting images in submisisons to pdf (unoconv)

IMS Common Cartridge import works correctly with HTML entities in URLs

Quiz: when group override is deleted the calendar event should also be deleted

Quiz: Clicking on help for "Shuffle" button no longer toggles shuffle itself

Assignment: Bug fix. The "This assignment is not accepting submissions" message is displayed in the assignment when override the grade

Category manager with the 'moodle/course:changecategory' should be able to move existing courses between categories

Lesson: Fixed bug with content pages displaying grade when they should not

Allow uninstalling grading methods plugins

LTI: display correct icons

Lession multichoice questions with multiple answers : more clear indication for the user which answer was correct

Lesson: UI fix for content buttons running off the edge of the page

Lesson: Grade essays page does should show which essays have been graded

Respect setting "Sort my courses (navsortmycoursessort)" on the dashboard



3.3.3



Security

Students can find out email addresses of other students in the same course



Highlights

Assignment: Show Due Date in calendar for teachers and managers

External Tool: backup/restore consumer key and secret (on the same site only)

Show file upload progress bar in Boost theme

List custom roles in the filter on Participants page



Bug Fixes

Respect comment format in questions manual comments when Plain text area editor is used

Assignment: Reopening a group assignment should not create additional attempts for each group member

Fixed error in ad-hoc refresh_mod_calendar_events_task that caused exceptions and very long cron run time

Restore MathJax filter settings that were lost in previous upgrades

External tool: Allow to switch to full screen mode

Better explaination of the reason for failed logins in the logs report

Label resource: allow to access "Label administration" without Administration block on the "Edit label" page

Show error message when incorrect CAPTCHA is entered on sign-up page

Fixed configuration of PHP 7 sessions using memcached (3.x.x)

Forum: Avoid creating duplicate subscriptions due to race conditions

Feedback: fixed upgrade script (introduced in 3.1.6 and 3.2.3) that deleted valid multiple anonymous attempts. If your site was affected, please follow MDL-60592 for the script that restores accidentally deleted data.

Lesen Sie mehr: https://docs.moodle.org/dev/Moodle_3.3.4_release_notes






3.3.2
 (Sicherheitsupdate)
6 Oktober 2017 - 220MBHighlights

MDL-59492 - Gray out hidden courses in the new course overview block

MDL-57412 - Setting "Always link course sections" should apply consistently in Boost and Clean/More

MDL-58196 - "Require passing grade" in the Quiz activity completion settings can only be checked if "Student must receive a grade" is also checked

MDL-57698 - Bug fix: Backup and restore cause deadlock with sqlsrv driver



Fixes and Improvements

MDL-55912 - Assignment: when blind marking is enabled, students should receive teacher participant number in the email and not their own

MDL-54607 - Calendar export should not export events without duration as full-day events, i.e. assignment due dates have time component that was lost during export

MDL-59490 - Bug fix: LTI does not work when activity has a long name

MDL-55937 - Assignment: fixed error when viewing attachments of team submission

MDL-59511, MDL-59746, MDL-59539, MDL-59869 - Multiple fixes in OAuth 2 services (Google, OwnCloud, Nextcloud, etc)

MDL-35290 - My private files should continue working even if some files in filesystem are currently unreadable

MDL-57259 - Fixed bug that caused multiple debugging messages in error.log when teachers use assignment grading

MDL-56646 - Assignment: changing maximum grade of the module could result in negative grades in assignment which were pushed as "0" to the gradebook. This bug was fixed and will not happen in the future. However, according to Moodle policy, no existing grades were changed. Teachers will see the warning that there are erroneous grades and will be able to fix all of them with one click

MDL-54965 - Database module: fixed SQL error when you edit an entry after having added a new picture/file field

MDL-46495 - When uploading courses the setting "Completion tracking" should be set to the site default

MDL-59262 - Courses made via course request or "Upload course" tool should respect default course sections

MDL-59442 - Some third party modules had very big icons in the Default activity completion page

MDL-38129 - Grade export of user profile fields can now work with uppercase letters in the fields names

MDL-59317 - Performance improvements on the messages page

MDL-57246 - Trying to view a forum without the capability may lead you to a broken page.

MDL-59287 - Generate calendar event for "Expected completed on" for all modules.

MDL-55364 - Forum headers alignment on narrow screens

MDL-57649 - Lesson: Fixed bug deleting files unrelated to the pages being deleted

MDL-59195 - Assignments: when switching role to student teacher should be able to view group submissions

MDL-59068 - Lesson: Restore the behaviour of "No, I just want to go on to the next question"



Security Issues

MSA-17-0017 XSS in contact form on "non-respondents" page in non-anonymous feedback

MSA-17-0018 Course reports are not respecting group settings in courses

MSA-17-0019 user_can_view_profile() incorrectly assumes $course as shared course

MSA-17-0020 Admins may not know that exposing vendor directory is a security risk



For Developers

MDL-59708 - Hooks into the file API (backport of MDL-57476)

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.3.2_release_notes






3.3.1
 (Sicherheitsupdate)
10 Juli 2017 - 220MBHighlights

MDL-58136 - Show only "in progress" courses in the My courses list in Booost flat navigation

MDL-56046 - Fixed bug when downloading Quiz statistics report and other multiple-sheet reports

MDL-58646, MDL-59122 - Number of performance improvements in Boost cache rebuilding

MDL-58310, MDL-59312, MDL-58103 - Correctly display AJAX errors and ignore interrupted requests caused by page unload (occasional "undefined" popup)

MDL-44961 - When restoring course with rolling start date never change log dates



Security issues

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.



Fixes and improvements

MDL-46322 - Assignment: Only enrolled users may be assigned as markers, if admins/managers can view course but are not enrolled they will not be assigned

MDL-58907 - Course overview: Remember last view mode (Timeline/Courses), add a setting for a default mode

MDL-58729 - Performance improvement in MySQL collation change script (follow up for Full UTF-8 Support in MySQL)

MDL-57957 - Assignment: Fixed bug with feedback files not being shown to students if assignment has no grading

MDL-57021 - Use normal password form field during sign up, adding new user and enrolling in a course

MDL-49988 - Wiki: line breaks in HTML source code should not affect page layout

MDL-58811 - Quiz: fixed bug preventing quiz duplication if questions have file links in their texts



For developers

MDL-58911 - Change of behavior when writing unittests for the dashboard events - now callback from module are executed in unittests same way they would be executed on the dashboard

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.3.1_release_notes






3.3
 (Hauptversion)
22 Mai 2017 - 220MBHighlights

MDL-55611 - New Course overview dashboard block featuring timeline of events

MDL-58220 - Make use of OAuth 2 services to allow users to authenticate with Google G-Suite or Microsoft Office accounts and manage files from associated drives

MDL-39913 - New Assignment setting for restricting submission file types

MDL-4782 - "Stealth mode" for resources/activities in a course - not displayed on the course page but available for students

MDL-40759 - New Font Awesome icon font for all icons in Moodle



For teachers

MDL-58138 - Activity completion settings for setting activity completion defaults and bulk editing of completion requirements

MDL-48771 - Quiz activity: Option to delete multiple questions

MDL-53814 - Quiz activity: Question type icons are displayed in the quiz manual grading overview

MDL-55459 - Assignment activity: Annotated PDF comments are collapsible

MDL-23919 - Database activity: The setting "Required entries" is now an activity completion condition

MDL-57769 - Topic and weeks course formats: After a course is created, sections can be added and removed only from the course page (it is no longer possible to have "orphaned" activities)

MDL-46929, MDL-57456, MDL-57457 - Forum posts, glossary entries and book chapters may be tagged

MDL-56251 - For courses in weekly format, a new course setting allows for the course end date to be calculated automatically

MDL-47354 - Allow the page size in the Single view report to be configurable



Backup and restore

MDL-34859 - Add site defaults for all restore settings, improve UI around "Overwrite course configuration" select

MDL-40838 - Allow to restore non-default enrollment methods without restoring users

MDL-57769 - When restoring/importing big courses in Weeks and Topics formats into small existing courses ajust the number of sections automatically



For administrators

MDL-46375 - Support for storing files not on the local drive (there are no open-source solutions at the moment, developer's help is required to implement custom cloud storage)

MDL-55528, MDL-58280 - New document converter plugin type allows alternatives to unoconv, such as the Google Drive converter

MDL-55980 - Run individual scheduled tasks from web interface

MDL-57896 - CLI wrapper for get_config() and set_config() methods

MDL-57789 - Use Cache-Control: immutable when serving files

MDL-37765 - New capability to bypass access restrictions, separated from capability to view hidden activities

MDL-57913 - Convert external database authentication synchronisation to scheduled task

Plugins removal and deprecation: The repository Skydrive is deprecated; please migrate to the newer OneDrive repository

Plugins removal and deprecation: The Dashboard block Course overview is replaced with a new block Course overview which is a different plugin. If you want to use the old block, you need to download and install it from https://moodle.org/plugins/block_course_overview



Mobile app support

MDL-57410 - Allow admins to add new external links to pages in the main menu of the Mobile app

MDL-57408 - Add new settings for allowing renaming strings in the Mobile app

MDL-49423 - Add new settings for disabling Mobile app functionalities

MDL-57759 - Allow offline attempts via the Mobile app in the lesson module

MDL-57162 - Support Native App install banners for Android as well as iOS for the mobile app



Other improvements

MDL-33483 - Google Docs repository: Save Doc files in different formats to RTF

MDL-42266 - Improve the list of maximum file size options for file uploads

MDL-51853 - Calendar subscriptions from imported files should be editable

MDL-41729 - Add ability to change passwords for users using Shibboleth

MDL-57572, MDL-57570, MDL-57355 - Redis and static caches performance improvements if igbinary library is installed

MDL-56808 - SCORM module: Performance improvements when running SCORM 1.2 packages

MDL-57686 - Add support for PDO databases in external database authentication

MDL-57638 - RSS Block: RSS feeds are more heavily cached and correctly respect skip values



For developers

MDL-55528 - New plugin type 'fileconverter' for file conversions, unoconv is now a plugin that can be replaced with scalable commercial solutions (see File Converters)

MDL-40759 - Font Awesome icon font is used for all icons in Moodle (see Moodle icons)

MDL-46375 - Support for storing files not on the local drive is implemented by allowing to override functionality of file_storage and stored_file classes (see File System API)

MDL-12689 - Convert all authentication plugins to use settings.php (see upgrade.txt)

MDL-53978 - Add extra plugin callbacks for every major stage of page render (see commit)

MDL-58138 - Course modules may provide additional callbacks to participate in bulk editing of activities completion rules in a course

MDL-58220 - Better office integration

MDL-45584 - Multiple caches can be instantiated with the same definition but with different identifiers

MDL-57769 - Course formats: Attribute 'numsections' was removed from topics and weeks, other course formats may want to implement similar changes

MDL-55956 - Priority field for the calendar events allowing to specify the priority of overrides

MDL-58566 - New methods for retrieving calendar events

MDL-55941 - New element to select first name of first/last names is implemented in tablelib or can be used by developers elsewhere (template)

MDL-56519 - Lint behat .feature files

MDL-57273 - New classes (core\persistent, core\form\persistent, core\external\exporter, \core\external\persistent_exporter) used to represent a data-model and export that data in a standard format for webservices (previously was used in competencies) (see Persistent form, Persistent, Exporter)

MDL-57490 - Removed several legacy JS functions from javascript-static.js

MDL-57690 - mcore YUI rollup is no longer included on every single Moodle page (see [forum post])

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.3_release_notes






3.2.9
 (Sicherheitsupdate)
18 Mai - 270MB3.2.9



Security

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version. 



3.2.8



Bug Fixes

Migrate to reCAPTCHA v2

EQUELLA repository: fixed error "The source url does not match the sourcekey."



Security

Unauthenticated users can trigger custom messages to admin via paypal enrol script

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.9_release_notes






3.2.7
 (Sicherheitsupdate)
28 Januar - 220MB3.2.7



Security

Server Side Request Forgery in the filepicker

Setting for blocked hosts list can be bypassed with multiple A record hostnames

Privilege escalation in quiz web services

XSS in calendar event name



3.2.6



Security

Students can find out email addresses of other students in the same course



Highlights

External Tool: backup/restore consumer key and secret (on the same site only)

Show file upload pr*ogress bar in Boost theme

List custom roles in the filter on Participants page



Bug Fixes

Respect comment format in questions manual comments when Plain text area editor is used

Assignment: Reopening a group assignment should not create additional attempts for each group member

Restore MathJax filter settings that were lost in previous upgrades

External tool: Allow to switch to full screen mode

Better explaination of the reason for failed logins in the logs report

Label resource: allow to access "Label administration" without Administration block on the "Edit label" page

Show error message when incorrect CAPTCHA is entered on sign-up page

Fixed configuration of PHP 7 sessions using memcached (3.x.x)

Forum: Avoid creating duplicate subscriptions due to race conditions

Feedback: fixed upgrade script (introduced in 3.1.6 and 3.2.3) that deleted valid multiple anonymous attempts. If your site was affected, please follow MDL-60592 for the script that restores accidentally deleted data.

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.7_release_notes






3.2.5
 (Sicherheitsupdate)
5 Oktober 2017 - 220MBHighlights

MDL-57412 - Setting "Always link course sections" should apply consistently in Boost and Clean/More

MDL-58196 - "Require passing grade" in the Quiz activity completion settings can only be checked if "Student must receive a grade" is also checked

MDL-57698 - Bug fix: Backup and restore cause deadlock with sqlsrv driver



Fixes and improvements

MDL-55912 - Assignment: when blink marking is enabled, students should receive teacher participant number in the email and not their own

MDL-54607 - Calendar export should not export events without duration as full-day events, i.e. assignment due dates have time component that was being lost during export

MDL-59490 - Bug fix: LTI does not work when activity has a long name

MDL-55937 - Assignment: fixed error when viewing attachments of team submission

MDL-35290 - My private files should continue working even if some files in filesystem are currently unreadable

MDL-57259 - Fixed bug that caused polluting error.log with debugging information when teachers use assignment grading

MDL-56646 - Assignment: changing maximum grade of the module could result in negative grades in assignment which were pushed as "0" to the gradebook. This bug was fixed and will not happen in the future. However, according to Moodle policy, no existing grades were changed. Teachers will see the warning that there are erroneous grades and will be able to fix all of them with one click

MDL-54965 - Database module: fixed SQL error when you edit an entry after having added a new picture/file field

MDL-46495 - When uploading courses the setting "Completion tracking" should be set to the site default

MDL-38129 - Grade export of user profile fields can now work with uppercase letters in the fields names

MDL-59317 - Performance improvements on the messages page

MDL-57246 - Trying to view a forum without the capability may lead you to a broken page.

MDL-55364 - Forum headers alignment on narrow screens

MDL-58119 - Use Cache-Control: immutable (backport of MDL-57789)

MDL-57649 - Lesson: Fixed bug deleting files unrelated to the pages being deleted

MDL-59195 - Assignments: when switching role to student teacher should be able to view group submissions

MDL-59068 - Lesson: Restore the behaviour of "No, I just want to go on to the next question"



Security issues

MSA-17-0017 XSS in contact form on "non-respondents" page in non-anonymous feedback

MSA-17-0018 Course reports are not respecting group settings in courses

MSA-17-0019 user_can_view_profile() incorrectly assumes $course as shared course

MSA-17-0020 Admins may not know that exposing vendor directory is a security risk



For developers

MDL-59708 - Hooks into the file API (backport of MDL-57476)

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.5_release_notes






3.2.4
 (Sicherheitsupdate)
10 Juli 2017 - 220MBHighlights

MDL-58136 - Show only "in progress" courses in the My courses list in Booost flat navigation

MDL-56046 - Fixed bug when downloading Quiz statistics report and other multiple-sheet reports

MDL-58646, MDL-59122 - Number of performance improvements in Boost cache rebuilding

MDL-58310, MDL-59312, MDL-58103 - Correctly display AJAX errors and ignore interrupted requests caused by page unload (occasional "undefined" popup)



Security issues

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.



Fixes and improvements

MDL-46322 - Assignment: Only enrolled users may be assigned as markers, if admins/managers can view course but are not enrolled they will not be assigned

MDL-58729 - Performance impovement in MySQL collation change script (follow up for Full UTF-8 Support in MySQL)

MDL-57957 - Assignment: Fixed bug with feedback files not being shown to students if assignment has no grading

MDL-57021 - Use normal password form field during sign up, adding new user and enrolling in a course

MDL-49988 - Wiki: line breaks in HTML source code should not affect page layout

MDL-58811 - Quiz: fixed bug preventing quiz duplication if questions have file links in their texts

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.4_release_notes






3.2.3
 (Sicherheitsupdate)
8 Mai 2017 - 220MBHighlights

MDL-39913 - Assignment module: Allow teacher to specify what file types are allowed for submissions

MDL-57429 - Badges: Backpack connection now works using Moodle own e-mail verification and does not use removed Persona service

MDL-55468 - Feedback module: Re-introduce export of analysis page removed in 3.1

MDL-57419 - Messaging: Enter inserts a new line instead of sending a message, fixing a problem with too many short emails

MDL-57510 - Added quick navigation between sections of Question bank in Boost theme

MDL-58461 - Updated URLs for MathJAX CDN

MDL-56675 - Memcached MUC store: Detected an incompatible version combination with PHP 5.6 and memcached 1.4.23. Please upgrade to PHP7, or downgrade to a known working version of memcached



Security issues

A number of security related issues were resolved. Details of these issues will be released after a period of approximately one week to allow system administrators to safely update to the latest version.



Fixes and improvements

MDL-58593 - Performance improvement when creating automated backups

MDL-58182 - Fixed absent buttons on course drag and drop dialogue

MDL-41809 - Fixed bug in course cache rebuilding when access restrictions depend on grade in another activity

MDL-55939 - Feedback module: Fixed bug when teachers were not able to map site feedback to courses

MDL-58278 - Assignment module: save grade, feedback and rubric data before marking workflow state is released

MDL-58274 - Theme Boost: fixed misalignment of editing icons on course page in editing mode

MDL-58166 - Assignment module: allow students to view submissions with marking workflow and allocated markers

MDL-57807 - Database module: In advanced search when nothing is specified in the simple menu dropdown assume all values

MDL-58556 - Fixed indefinite loop in LDAP authentication with forced password

MDL-57583 - Bug fix in course completion settings form always selecting all activities

MDL-56370 - Feedback module: If multiple submissions are allowed in non-anonymous feedback new submission should modify the previous one and not start over

MDL-58257 - Fixed bug preventing searching courses with a dash in the title

MDL-57616 - Allow to drag and drop video and audio files to the course page and and insert them as labels

MDL-57704 - LTI provider: Do not force SSLv3, it is insecure and rejected by some clients

MDL-58349 - Assignment module: fixed display of edit pdf comments in theme "Boost"

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.3_release_notes






3.2.2
 (Sicherheitsupdate)
23 März 2017 - 220MBHighlights

MDL-36233 - Fixed inconsistent "Submissions not graded" link displayed to the teachers on the course overview block
MDL-48228 - MySQL and MariaDB drivers updated to support full UTF-8 . For sites upgrading to 3.2.2, a CLI script may be used to convert to full UTF-8. See MySQL full unicode support for details.


Security issues

MSA-17-0005 SQL injection via user preferences
MSA-17-0007 Global search displays user names for unauthenticated users
MSA-17-0008 XSS in evidence of prior learning
MSA-17-0009 XSS in attachments to evidence of prior learning


Fixes and improvements

MDL-56122 - Force reload/recreation of (unoconv) preview in grading interface
MDL-51833 - Performance improvement in event monitor preferences loading
MDL-55859 - Assignment: Delete incomplete files after pdf conversion failure
MDL-55762 - Better error handling around ghostscript
MDL-50719 - Long-running scheduled task should not significantly slow down cron processing of other tasks
MDL-57587 - Quiz: Show feedback images when reviewing a quiz attempt
MDL-57608 - VideoJS and VideoJs-Youtube javascript modules are no longer loaded when not required on the page
MDL-50770 - Dashboard should apply customized block positions during dashboard reset
MDL-57374 - Pasting unformatted non HTML plain text in Atto should not remove all styles and class attributes from all existing content in editor
MDL-57362 - Assignment list all submissions must respect separate groups mode
MDL-46782 - When re-entering Multi-SCO SCORM start from the first uncompleted SCO
MDL-53367 - Importing a forum with auto subscription now automatically subscribes current users
MDL-50625 - Allow to use LDAP user synchronisation without page control
MDL-55915 - Respect capability to view full names in assignment grading, grader report and manual user enrolment popup
MDL-57785 - Don't refresh SCORM navigation when navigation display is disabled
MDL-57370 - Performance improvement when displaying notifications and messages popups
MDL-57296 - Fixed bug when teacher without permission to view hidden grades was not able to collapse grade categories in the gradebook
MDL-55547 - Event monitor: fixed bug preventing to view current subscription after deleting a course with subscriptions


For developers

MDL-57030 - Add option to behat run tool to automatically rerun failures
MDL-57940 - Allow behat parallel run to start at different time

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.2_release_notes






3.2.1
 (Sicherheitsupdate)
17 Januar 2017 - 220MBFixes and improvements

MDL-55906 - Assignment grading table reset button should clear persistent settings
MDL-57222 - Marking workflow and grading must still save for hidden Assignment
MDL-56810 - Fixed error converting submissions for annotation when student is unenrolled from course
MDL-55062 - Upload users admin tool incorrectly updates authentication method for existing users when not included in CSV
MDL-56912 - Feedback: Allow to submit empty not required multichoice questions
MDL-53044 - Completely prevent login with expired passwords
MDL-57213 - Boost - Fixed bug when my courses were not displayed at all with $CFG->navshowmycoursecategories on


Security issues

MSA-17-0001 System file inclusion when adding own preset file in Boost theme
MSA-17-0002 Incorrect sanitation of attributes in forums
MSA-17-0003 PHPMailer vulnerability in no-reply address
MSA-17-0004 XSS in assignment submission page

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2.1_release_notes






3.2
 (Hauptversion)
4 Dezember 2016 - 220MBHighlights

MDL-55071, MDL-55074 - New "Boost" Bootstrap 4 theme, usability improvements of the navigation

MDL-54682 - Messaging UI changes

MDL-52777 - Moodle Tour/Walkthough/Instructional overlays for first time user on page (User tours)

MDL-38158 - Pluggable media players in Moodle; Video.JS player

MDL-55324 - Easier embedding videos in audios in Atto editor with poster, subtitles and other attributes

MDL-54987 - New chart API and library



Mobile app

MDL-53870 - Support for offline quizzes in the Mobile app

MDL-53777 - Include support for login via the browser in the new Moodle Mobile admin tool

MDL-55059 - Support Smart App Banners for iOS

MDL-56607 - Move mobile settings to top-level admin



External tool (LTI)

MDL-49609 - Add LTI Content Item support

MDL-47113 - Open LTI Tools in new Window, add link when popup is blocked

MDL-53832 - LTI v2.0 support



Assignment

MDL-38105 - Allow negative score for rubric and change default grade calculation method

MDL-29795 - Add user/group overrides for mod/assign

MDL-54872 - Sort blind marked assignment by blind ID instead of userid



Quiz

MDL-48629 - Change the separator for matching correct answer feedback

MDL-3782 - Allow multiple answers in cloze MULTICHOICE question type

MDL-55200 - Show coordinates in ddmarker questions to simplify dropzone creation



Choice

MDL-18592 - Allow teacher to make choices for students

MDL-11369 - Show choice deadline in the course calendar

MDL-55140 - Allow to specify open and close dates separately

MDL-37946 - When choice display is set horizontal or vertical apply it to both options and results display



Forum

MDL-18599 - Upon restore, association of "owner" of single simple discussion forum type defaults to user completing restore. Solution: hide author of the first post

MDL-37669 - Forum: Make "Mark as read on notification" a user preference

MDL-55982 - Add support for automatic locking of an individual forum discussion after a period of inactivity



Other activity modules

MDL-55327 - Lesson: option to duplicate pages

MDL-55868 - Book: various usability improvements

MDL-56100 - Folder: Display in recent activity block

MDL-54945 - Workshop: integrate with portfolio API

MDL-48944 - Survey: activity completion condition on survey completion

MDL-44712 - SCORM: improve Multi-SCO completion handing in activity completion

MDL-55158 - Database activity: add start and end dates to the calendar

MDL-14448, MDL-55464, MDL-55254, MDL-55251, MDL-49029 - Add standard capability "mod/xxxxx:view" to Lesson, Label, Database, Chat and Choice activities

MDL-55866 - Remember editor disabled setting on a per-activity setting



Global search

MDL-54794 - Add users to global search

MDL-54973 - Add messages to global search

MDL-55127 - Add database entries to global search

MDL-53222 - Revise admin settings/report for global search for improved usability



Other improvements

MDL-30179 - Allow teacher to toggle to/from "user view" in the User report in the gradebook (some items may be hidden for students but not teachers)

MDL-53048 - New "password" fields that are not auto-filled by password managers

MDL-55767 - Allow to import learning plans

MDL-29110 - Specify welcome email sender in enrol_self, or send emails from system noreply address

MDL-22078 - Store "End date" for each course to be used in reports and analytics

MDL-53399 - Remove 'activity chooser off/on' option

MDL-54751 - Introduce asynchronous module deletion so that recycle bin backup does not slow down editing process for the teacher

MDL-55981 - By default non-editing teacher should not be able to access all groups (roles in upgraded sites are not changed)

MDL-31356 - IMS Enterprise enrol plugin added features

MDL-43230 - Support revoking awarded badges

MDL-50286 - Allow to filter report_log by origin : Logs clogged up with events listed as origin cli

MDL-51749 - Add Ability to Export Calendar for user or group events

MDL-50888 - Antivirus: Implement ClamAV virus scanning using unix sockets.

MDL-54617 - Always show count of online users in the online users block

MDL-54680 - Offer cartridges in LTI provider



For administrators

MDL-44467 - Return-Path should use no-reply address instead of support email; use only no-reply email or allowed domains in "From" header

MDL-48468 - Add a Redis cache store to Moodle core

MDL-39117 - Add a APCu cache store to Moodle core

MDL-54947 - Update PostgreSQL binary (bytea) handling and improve connection performance

MDL-48766 - Support IPv6 in IP lookup tool

MDL-55124 - Support for connection pooler (pgbouncer) in PostgreSQL connection

MDL-55916 - Maintenance mode should serve a http 503 instead of a 200

MDL-54606 - Sessions: Add support for Redis as a session_class_handler

MDL-53366 - Antivirus clamav: Remove "Quarantine directory" settings parameter.

MDL-55791 - Add capability to allow certain users through Maintenance mode



Plugins removal - If you are using any of the following you need to download and install the plugins or otherwise they will be removed following 3.2 upgrade:

MDL-55837 - Themes Base and Canvas - these themes can not be used by themselves but they may be used as parent themes

MDL-49533 - Repository Alfresco for Alfresco 4.2 and below, see Alfresco repository documentation

MDL-55927 - Authentication method Radius. This plugin uses mcrypt library and is not compatible with PHP 7.1

MDL-38158 - Media players Flowplayer, Windows media player, RealPlayer, Quicktime - these media players were present in Moodle 3.1 but removed in 3.2. They need to be installed in media/player directory



Web services

MDL-31465 - Incorporate user suspension into web services

MDL-45639 - Web Service for SSO (auto-login from the app to the site)

MDL-55923 - Improve the behavior of deleted tokens on password reset

MDL-55928 - New Web Service gradereport_user_get_grade_items

MDL-55100 - New Web Service core_course_get_courses_by_field



For developers

MDL-55071, MDL-55074 - New "Boost" Bootstrap 4 theme, block and navigation changes (see Boost_Navigation and Themes documentation)

MDL-38158 - Introduction of Media players plugin type (see Media players documentation)

MDL-55727 - Create AMD modal module (see AMD Modal documentation)

MDL-49599 - Deprecate old boxnet v1 API

MDL-53306 - Add hook to be executed before user login in authentication plugins

MDL-55048 - Grunt and npm build dependencies now require node version 4 or above

MDL-47162 - Add course id to message eventdata

MDL-50937 - Update to JQuery 3.1 (see jQuery documentation)

MDL-48114 - Add Meta-Information to composer.json

MDL-54987 - Introduce a new chart API and library (see Charts_API)

MDL-52127 - Linting for Javascript with ESLint (see Linting Javascript)

MDL-55058 - Linting for CSS with stylelint (see Linting CSS)

MDL-55072 - Upgrades to Behat so it can work with different themes

MDL-55141 - Add debugging option when running scheduled tasks from CLI (documentation)

MDL-31243 - Refactor similar SQL generation code from get_users_by_capability & get_enrolled_uses to make get_with_capability_sql

MDL-54941 - Add filesize as a new field returned in all the Web Services returning file information

MDL-55091 - Upgrade phpunit to 5.x

MDL-56082 - Expose external authentication methods (loginpage_idp_list) in login block (see Authentication plugin documentation)

MDL-55072 - Behat now supports different themes. (See Acceptance test documentation)

MDL-48114 - Moodle can now be downloaded via composer(documentation)

Lesen Sie mehr: http://docs.moodle.org/dev/Moodle_3.2_release_notes