Hosting Simple Machines Forum

Simple Machines Forum

Simple Machines Forum è un'applicazione gratuita forum. Simple Machines Forum biforcuta da YaBBSE nel 2003.

Installazione in 1 clic Simple Machines Forum

Installazione in 1 clic

Aggiornamento facile Simple Machines Forum

Aggiornamento facile

Salvataggio e ripristino Simple Machines Forum

Salvataggio e ripristino


Applicazioni della Community
Versione corrente
Ultimo aggiornamento
9 May 2022
Italiano + 41 altre

Configurazione richiesta

Dimensione dell'installazione
24.00 Mo
Veduta d'insieme
2.1.2 (release di sicurezza)
9 Maggio - 24MB
  • Fixes errors when attempting to view the profile of a non-existent user.
  • Fixes minor issues with the editor toolbar when certain BBCodes are disabled.
  • Fixes a bug where the admin panel incorrectly showed the image proxy settings as editable when Settings.php was read-only.
  • Correctly formats the gender string in profile exports.
  • Correctly formats the custom profile field names and values in the Buddies list.
  • Fixes a minor bug when displaying size limits in the attachments restrictions information.
  • Large image thumbnails now display with the the correct aspect ratio when viewed on small devices.
  • Video attachments no longer overflow the window on small devices.
  • Fixes errors about undefined variables when switching between different cache accelerator options.
  • Fixes an error about invalid dates when a comma was used under certain circumstances while creating a calendar event.
  • Correctly handles uppercase non-ASCII characters in the answers to verification questions.
  • Fixes a bug that could allow a topic to be moved into a redirection board under certain circumstances.
  • Fixes a error that could be generated when sending notifications about guest posts.
  • Fixes a bug where certain pages could fail to load if the set_time_limit() function was disabled on PHP 8+.
  • Fixes a bug where attachments might not download correctly if the "Enable compressed output" setting was enabled on PHP 8.0.17+ and 8.1.4+.
  • Fixes some rare Unicode character handling issues.
  • Security improvements.

Per saperne di più:

2.1.1 (versione principale)
24 Marzo - 24MBNew features for users
  • A new WYSIWYG editor, SCEditor
  • Real-time alerts in addition to email notifications
  • A new default theme with full support for mobile devices
  • Draft messages (you can save & resume later)
  • Mentions using @name syntax
  • Drag & drop attachments
  • Attachments can be embedded directly into post text

New features for moderators and administrators
  • An improved Administrator Control Panel
  • Support for moderator groups, not just individuals
  • Many security enhancements, including support for optional Two Factor Authentication
  • IPv6 support
  • Designed with GDPR support

New features for modification and theme authors
  • A massive expansion of the number of integration hooks available
  • More powerful BBCode possibilities
  • Background tasks
  • New capabilities in the Package SDK

Per saperne di più:

2.0.19 (release di sicurezza)
27 Dicembre 2021 - 22MB
  • Ensures compatibility with PHP 8.1 MySQLi error mode.
  • Fixes a bug where members could not download their basic profile data if RSS feeds were disabled.
  • Fixes a bug where double encoded entities could appear in RSS feeds and SSI functions
  • Fixes bugs related to birthdates in member profiles.
  • Improves protection against race conditions when saving Settings.php
  • Avoids an issue with certain versions of Chrome and Edge where viewing one page of a multi-page topic could cause unread posts on the next page to be incorrectly marked as read.
  • Security improvements.

Per saperne di più:

30 Luglio 2021 - 22MB
  • Policy acceptance missing id_member.
  • Addresses PHP parse errors when using SMF file cache
  • Avoids truncating Settings.php until after we have a lock on the file
  • Tighten up security checks, bring in sync with 2.1
  • Brought the UTF16-to-UTF8 logic over from 2.1
  • Always include email address when downloading user's own profile data
  • Fix missing info affecting logging for new registrations
  • Fixes bugs with multi-version jumps (via CLI) where settings weren't refreshed
  • Set utf8 as default going forward

Per saperne di più:

visualizzare più versioni
2 Gennaio 2020 - 22MB
  • Fixes a bug that could cause SMF 2.0.16 to start consuming significant amounts of CPU-resources when the RSS function was used.
  • Eliminates some deprecated function warnings when using SSI.php on PHP 7.2+.

Per saperne di più:

2.0.16 (release di sicurezza)
27 Dicembre 2019 - 22MBHighlights
  • Support for privacy policy in addition to registration agreement
  • GDPR Compliance toggle in Core Features
  • Enabling this configures multiple settings and new features to comply with the GDPR, including:
  • Requiring members to accept the current privacy policy in order to use the forum
  • Asking during registration whether the new member wants to receive announcements via email
  • Enabling token-based unsubscribe links in emails so members can unsubscribe without logging in
  • Allowing members to download a copy of their profile information
  • Adjusting the behaviour of a number of other features in minor ways as necessary
  • PHP 7.2 support
  • Improved security hashes for the image proxy
  • Improved security for the login cookie
  • Assorted other security improvements
  • Various improvements for both the installer and upgrader

  • Updated credits.
  • Revert the fix to search highlighting [topic 550840]
  • Generates $auth_secret during install, so that the admin can log in immediately.
  • Improves UI for viewing/accepting changes to registration agreement & privacy policy.
  • Improves UI for editing registration agreement & privacy policy.
  • Correctly decides whether to search using a regex when using full text search.
  • Prevents errors converting HTML entities to 4-byte characters during database maintenance.
  • Removes old 1.1 themes during upgrade.
  • Implements a number of fixes for the installer and upgrader.
  • Removes deprecated ALTER IGNORE statements from upgrade SQL.
  • Ensures check_mime_type() is defined before calling it in profileSaveAvatarData().
  • Fixes a bug with regex searching in SQLite.
  • Removes redundant count() in Poll.php and changes explode for implode.
  • Uses hash_hmac to generate much more secure hashes for the image proxy.
  • Adds `rel="noopener noreferrer"` to links for user supplied URLs. (Reported by Travis Knapp-Prasek)
  • Increases cookie security by hashing with a secret authentication key. (Reported by Logan Whitmire)
  • Requires admin password to add/remove admins via group moderation. (Reported by Logan Whitmire)
  • Checks MIME type of user-supplied avatar images more thoroughly. (Reported by Logan Whitmire)
  • Adds $force parameter to validateSession()
  • Improves functionality and security of token-based unsubscribe system.
  • Adds token-based unsubscribe links to newsletters.
  • Simplifies language strings and templates for unsubscribe links.
  • Shows an error message if trying to unsubscribe an invalid member id.
  • Prevents sending newletters to arbitrary email addresses in GDPR mode.
  • Fixed create_function for the installer, warn for SQLite deprecation.
  • Limit PM rules and how many times they can be applied in a time period.
  • Don't proxy images for bots
  • Cleanup old proxied images as part of daily maintenance
  • Only set the old url whenever stats are being logged [topic 459730]
  • Fix search highlighting to not mangle/expose some HTML [topic 550840]
  • The code to check for too many PM labels was wrong [topic 559166]
  • $db_persist needed to be defined as a global in the MySQLi driver [topic 552581]
  • $smcFunc['db_error'] shouldn't require a database object as a parameter
  • Add X-Frame-Options to both the installer and the upgrader
  • Add registration agreement section where users can view and agree to the document, complete with logging
  • Ensure that count() is called on valid objects when using PM labels in PHP 7.2
  • Try to inject session tokens into any login form that doesn't already have one (may not work in SSI!)
  • Implement privacy policy stuff for GDPR
  • Add link in footer to agreement and privacy policy
  • In XML profile export, explicitly state the language even when the member uses the forum default
  • In installer and upgrader, get resource files from via HTTPS
  • Avoid generating errors for non-numeric start values when getting recent posts
  • Add ability to force the browser to download XML feed data as a file (good for GDPR support)
  • Add a link in profile actions menu to export profile info.
  • Make cdata_parse() smarter and less aggressive
  • Add "Allow the administrators to send me important news by email" checkbox to registration form
  • Invalidate opcode after writing Settings.php (other/install.php)
  • Use openssl_random_pseudo_bytes (if available) to generate the token_secret for unsubscribe links
& Fix a minor grammatical error and adds documentation comment to the email template
  • Underline the link to the GDPR official info page
  • Don't offer the Override Notification Settings option when composing a newsletter if force_gdpr is turned on
  • Implement GDPR compliance regarding unsubscribe links and options for email notifications
  • Add a GDPR compliance toggle to Core Features.
  • Core theme missing login hash [topic 558445]
  • template_kick_guest() missing login hash
  • Wireless missing login hash [topic 557843]
  • Fix code selection in modern browsers (Firefox, Chrome) [topic 553445]
  • Message previews ate emoji on UTF forums [topic 558414]
  • Improve logging of exceptions
  • Don't load the MySQLi driver if on PHP 5.3
  • Fix bitmask for error reporting
  • Type mismatch [topics 554723, 556672, 558542]
  • Undefined index errors if checking permissions too early [topic 558349]
  • matchPackageVersion() did not extract the beta number correctly [topic 557810]
  • Must clear the opcode cache on Settings.php when modifying it from within the admin area [topic 560180]
  • Board theme should not be overridden by user theme [topic 558121]
  • sendmail() should send the current server's name [topic 552893]
  • smf_categories lost ordering on InnoDB tables in MySQL [topic 552922]
  • Silence deprecation notices because we use deprecated functions everywhere
  • Remove leftover code while porting from 2.1 [topic 555723]
  • Several fixes for the proxy

Per saperne di più:

2.0.15 (release di sicurezza)
16 Giugno 2018 - 22MBHighlights
  • A security issue reported by Daniel Le Gall from SCRT SA
  • Various bug fix with Proxy handler
  • Login fixes for SSI and Maintenance mode
  • Various Search fixes
  • Email handling issue fixed when using SendTopic
  • Fixed SM Stat collection and added opt in/out functionality to the Admin Panel

Per saperne di più:

2.0.14 (release di sicurezza)
23 Giugno 2017 - 22MBThis patch adds both security and general maintenance fixes to your forum, so it is imperative that you install this patch quickly.

SMF 2.0.14
  • Updating session handlers
  • Adding HTTPS
  • fetch_web_data now uses cURL, falling back to sockets
  • Ported image proxy support from SMF 2.1
  • Also added HTTPS for avatars
  • Added a simple exception handler
  • Check session while logging in
  • Sanitize some fields to help guard against XSS
  • Validate email addresses with PHP’s filter method
  • Fix search highlighting to not mangle/expose some HTML
  • Fix password acceptance when special characters were used in UTF-8;
  • Correct some random logic errors in the profile area
  • Use ampersands instead of semi-colons for PayPal’s return link
  • Fix sending multiple MIME-Version headers in notification mail
  • Fix sending multipel Content-Type headers in all requests

SMF 2.0.13
  • Some file versions didn't get modified in the 2.0.12 patch
  • Added check and sanitization for $_REQUEST['u'] in LogInOut.php and Reminder.php
  • Added check and sanitization for $_REQUEST['uid'] in Reminder.php
  • Properly sanitize author's website for packages
  • Added session check when uploading packages
  • Added session check when copying template files from one theme to another
  • The code to remove empty BBCode was sometimes breaking things (reported by @rjen; fix provided by Sesquipedalian)
  • Remove hardcoded limits for safe_unserialize as it was causing cache problems
  • Update the cal_max_year setting to 2030

SMF 2.0.12
  • Fixed word censor injection by disallowing an empty 'proper word'
  • Fixed vulnerable unserialize() code by converting all instances to safe_unserialize()
  • Added a more thorough safe_unserialize() function to prevent object injection
  • Fixed a bug where leaving a custom profile field blank on registration that has an email mask would throw an error
  • Fixed PayPal integration to comply with the new forced SSL
  • Fixed a bug where notifications were sent for messages in inaccessible boards
  • Fixed editor to make the editor work with Microsoft Edge
  • Fixed issue where smiley popup is blank on iOS 9 devices
  • Fixed WYSIWYG editor in mobile devices
  • Fixed an undefined $_POST['icon'] in Sources/Post.php
  • Fixed a minor bug in Login2()
  • Fixed an issue where SMF doesn't recognize new domain names and considers these as invalid
  • Fixed an issue where SMF would allow empty BBC
  • Fixed an issue where theme variants could not be selected
  • Fixed an issue where the file version of Subs-Post.php could have been 2.0.8 or 2.0.11. It will be updated to 2.0.12 in either case.
  • Updated copyright year to 2016

Per saperne di più:

2.0.11 (release di sicurezza)
23 Settembre 2015 - 22MBThis patch is a security release, which focuses on fixing a minor security vulnerability reported in the software, therefore, it is important that you install this patch in a timely manner.
Per saperne di più:

2.0.10 (appendice 1)
29 Aprile 2015 - 22MBApplications:
  • Update: Fixed an issue which could prevent the update process from completing successfully. Updates affected by this issue can be re-started from the UI.

25 Aprile 2015 - 22MB
  • The instructions on ManagePaid page need to be updated
  • PayPal emails are case insensitive
  • Long standing problem with ManageNews and PostgreSQL
  • Long standing problem with Smiley sets and PostgreSQL
  • Errors show in log when handling certain tar.gz packages
  • Forum Maintenance - Topics fails if header is collapsed
  • Fix for unsupported UTF8mb4 characters
  • SSI.php doesn't handle "hide results until user has voted" properly
  • Sanitize package redirects
  • Can't use WYSIWYG editor in Pale Moon browser
  • Search dialogue can overflow inappropriately
  • Excessive line in ManageServer.php in the patch upgrade from 2.0.8
  • HTML tag broken in 2.0.9 install package
  • Wrong link in ManageAttachments
  • Error suppression missing in Subs-Package
  • XML post preview was broken in 2.0.9
  • Chrome doesn't like opacity for the news fader anymore
  • Add additional emails in Paid Subscriptions settings for PayPal business accounts.

Per saperne di più:

2.0.9 (release di sicurezza)
3 Ottobre 2014 - 22MB
  • SMF tries to stick ORDER BY NULL onto INSERT IGNORE queries containing sub-selects with a GROUP BY statement, causing a database error (Reported by guest)
  • "Show Results" button always shown for polls as long as you can vote in them (Reported by Chainy)
  • Multi-select boxes for settings were broken when no value had been selected (Reported by Suki)
  • Some mail providers screw up the activation link (Reported by NanoSector)
  • PHP 5.4 changes default charset to UTF-8, which can cause problems with search results and PM notification emails (Reported by fun4us)
  • Make sure opcode cache gets cleared when regular cache does
  • Log pruning should only delete closed mod reports, not open ones
  • Fix layout issue with manage permissions page (Reported by Antes)
  • Adjust image check to not fail on "cellTextIsHtml", unless paranoid... (Reported by Arantor)
  • Sanitize all package XML to prevent any XSS attacks (Reported by Arantor)
  • Add session check when previewing posts to prevent XSS via [html] from forged forms (Reported by emanuele)
  • Sanitize maintenance mode title to prevent XSS attacks if HTML is used in it (Reported by guest)

Per saperne di più:

18 Giugno 2014 - 22MB
  • Nobbc should work across multiple lines
  • Package manager shouldn't fail when only 32M of memory is available
  • Quoting posts with smileys in, in the WYSIWYG editor, shouldn't spout nonsense into the editor (in the way certain versions of 2.0.7 did)
  • Td tags with a colspan should still function and not consume vast amounts of memory
  • Using lots of html bbcode tags when not an admin should not consume vast amounts of memory
  • Using queryless URLs, and/or when the PHPSESSID is present, should not consume vast amounts of memory
  • Breaking long words should function without consuming lots of memory
  • Adding posts with many smileys or bbc with specific parameter types (many times especially) should not consume vast amounts of memory, e.g. [acronym=definition]term[/acronym]
  • Emails should work without consuming vast amounts of memory
  • Time tags should work without consuming vast amounts of memory
  • The copyright year should be updated
  • Board order should always work correctly (if at a performance hit, a la the mod Arantor prepared)
  • The memberlist search feature could, in some cases, throw a database error if no valid fields were specified

Per saperne di più:

2.0.7 (appendice 1)
22 Gennaio 2014 - 22MBApplications:
  • Install and Update: Added revisions published by Simple Machines Forum.

21 Gennaio 2014 - 22MB
  • PHP 5.5 compatibility fixes merged in. (Thanks to all who contributed but especially SleePy and Spuds)
  • Trim the username if oversized when logging in. (Thanks to TMcomputering for the report)
  • Check that group inheritance is actually going to be viable before trying to do further inquiry. (Thanks to tfs for the report)
  • Made sure some of the calendar holidays are corrected when previously incorrect.
  • Don't let the prune reports function prune open, or for that matter, ignored, reports. (Reported by Kimmie)
  • If an uploaded file somehow has an image size but isn't really an image, don't try to treat it as an image.
  • Make file cache somewhat less fragile.
  • ssi_fetchPosts didn't honour overriding permissions. (Thanks to IchBin for a fix)
  • Privacy and original sending time were not kept in the mail queue in the event of sending failure.
  • Wrong variable used in the mail queue handling (Thanks to Nao for originally finding the bug)
  • Themes with spaces in could break the editor handling. (Thanks to akyhne for the report and akabugeyes for a suggested fix)
  • Made the anti-XSS header a little less picky.
  • FIND_IN_SET wasn't always properly set up for PostgreSQL use.
  • Multiple installed themes with variants wouldn't all be able to be selected properly.
  • Fields that are regex-validated couldn't be left empty (thanks HappyBits and emanuele)
  • Fixing legacy TYPE=HEAP (thanks heusdens for the report)

Per saperne di più:

2.0.6 (release di sicurezza)
22 Ottobre 2013 - 22MBCritical security issues have been identified and are fixed with this update, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe. A few other minor bugs have also been fixed.
  • Added some headers to help protect against clickjacking (thanks Jakob Lell for the report)
  • Invalid avatars were not always properly cleaned up (thanks chaoztc for the report)
  • Added protection against usernames being impersonated with Unicode space characters (thanks Jakob Lell for the report)
  • Sessions weren't always cleaned up properly on logout (thanks creepernex for the report)
  • Certain fields were accepted during registration even when they shouldn't be (thanks tomreyn for the report)
  • Certain errors were unnecessarily shown during a failed registration and some of those were inappropriate anyway (thanks Labradoodle-360 for the report)
  • Approving an account from a member's profile was not logged (thanks emanuele for the report)
  • Approving an account from a member's profile did not always properly enforce security rules (thanks emanuele for the report)
  • The PHPSESSID injector would also add it to the canonical link, breaking it (thanks to all who reported it)
  • An invalid character was indicated in legacy attachment handling
  • Under some circumstances the admin panel would not accept the number of verification questions you had entered (thanks BurkeKnight for the report)
  • The help pages could sometimes accidentally direct users to non-existing pages (thanks AngelinaBelle for the report and Illori for the fix)

Per saperne di più:

2.0.5 (release di sicurezza)
12 Agosto 2013 - 22MBCritical security issues have been identified and are fixed with this update, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe. A few other minor bugs have also been fixed.
  • Updated the WHOIS search URL for RIPE (thanks Runic)
  • Fixed a problem with upgrade.php that wasn't able to continue after db errors (thanks akc42 for the fix)
  • Fixed code injection in manage language pages (thanks HauntIT for the report)
  • Fixed XSS in the news page, emails field (thanks HauntIT for the report)
  • XSS in personal messages page (thanks HauntIT for the report)

Per saperne di più:

2.0.4 (appendice 1)
5 Agosto 2013 - 22MBApplications:
  • Added compatibility for CloudLinux CageFS.

1 Febbraio 2013 - 22MBCritical security issues have been identified and are fixed with this update, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe. A few other minor bugs have also been fixed.
  • Joshua's fix for validatePasswordFlood logic error (reported by Raz0r)
  • Arantor fix for database error on lost connections
  • Quick fix for Admin Password Reset vulnerability reported by Raz0r
  • Directory traversal vulnerability in the function ViewFile (thanks yan.uniko.102 for reporting and Arantor for proposing the fix and Spuds for spotting the undefined variable)
  • active users cannot change anymore the email from action activate without deactivation/confirmation (thanks BarteX for reporting the issueand suggesting a fix)
  • Change language from the admin panel could allow XSS, path disclosure and code injection (thanks Jakub Galczyk for reporting the issue)
  • Missing arguments in SSI functions called through ?ssi= generated error messages showing full server file path (thanks yan.uniko.102 for reporting it)
  • Directory listing and editing of arbitrary files from the theme editing page in the admin panel

Per saperne di più:

16 Dicembre 2012 - 22MBCritical security issues have been identified and are fixed with this update, therefore it is recommended to make sure you update your forums immediately to ensure your community is safe. A few other minor bugs have also been fixed. The most relevant bug fix is an issue that will arise in few months with PayPal: starting on February 1, 2013 PayPal will only accept headers which comply with the HTTP 1.1 specification.
  • SSI showed hidden boards on non-properly configured forums (part 2)
  • SSI showed hidden boards on non-properly configured forums
  • XSS in moderation log page (thanks kingW3 for the report)
  • ManagePaid fails if copies of Subscriptions-Paypal,php are present
  • PCRE engine starting at rev 8.3, will not allow you to specify the surrogate range D800–DFFF - From Spuds (similar to commit 10994)
  • Fixed lacking of check on referer URL when adminLogin comes into play (1.0, 1.1 and 2.0 versions)
  • Fixes for paypal moving to HTTP 1.1 [bug 5009]
  • update sandbox to use https, the former address results in a redirect
  • curl did not work due to improper check
  • subscriptions should also check for approved payment. Cherry-picked from git commit 07d4bc9fba8942fd284d3d0c3c732889a7bc2e6f by Spuds
  • Fixed the upgrade.php failing when the Themes directory was in a directory other than $boarddir (thanks iacchi for finding the cause)
  • Applied all the changes proposed by rawlogic to fix the intermittent session verification failures

Per saperne di più:

23 Dicembre 2011 - 22MB
19 Settembre 2011 - 22MB
2.0 (versione principale)
11 Giugno 2011 - 22MB
25 Aprile 2015 - 10MB
  • XML post preview was broken in 1.1.20
  • XSS possibility if HTML used in maintenance mode title (Reported by guest)
  • Various parts of the package system could allow XSS attacks (Reported by Arantor)
  • Add session check to post preview to prevent XSS from html tag through forged forms (Reported by emanuele)

Per saperne di più:

1.1.19 (release di sicurezza)
22 Ottobre 2013 - 10MBCritical security issues have been identified and are fixed with this update.
Per saperne di più:

1 Febbraio 2013 - 10MBCritical security issues have been identified and are fixed with this update.
Per saperne di più:

16 Dicembre 2012 - 10MB
23 Dicembre 2011 - 10MB
19 Settembre 2011 - 10MB
11 Giugno 2011 - 10MB
12 Febbraio 2011 - 10MB
2 Novembre 2010 - 10MB
4 Dicembre 2009 - 10MB
15 Luglio 2009 - 10MB
22 Maggio 2009 - 10MB
5 Febbraio 2009 - 10MB
11 Novembre 2008 - 10MB
14 Settembre 2008 - 10MB
2 Maggio 2008 - 10MB
2 Ottobre 2004 - 10MB
9 Agosto 2007 - 10MB
20 Febbraio 2007 - 10MB
21 Dicembre 2006 - 10MB
31 Ottobre 2006 - 4MB
27 Agosto 2006 - 4MB
10 Aprile 2006 - 4MB
7 Febbraio 2006 - 4MB
30 Giugno 2005 - 4MB
22 Giugno 2005 - 4MB
2 Maggio 2005 - 6MB
11 Gennaio 2005 - 2MB

I nostri hosting Web compatibili con
Simple Machines Forum


Solo l'hosting Web

Hosting Web 100% SSD
100 GB e +
Gestione multisito
Gestione avanzata dei certificati SSL EV e DV
Protezione Anti-DDoS
10 GB di VO

Per più informazioni

a partire da CHF 9.92/mese


L'offerta completa Web+Mail

Hosting Web 100% SSD
100 GB e +
Gestione multisito
Gestione avanzata dei certificati SSL EV e DV
Protezione Anti-DDoS
10 GB di VO

Posta professionale
5 indirizzi e-mail con spazio illimitato

Messaggistica online
Messaggistica istantanea
Sincronizzazione dei contatti e agende

Per più informazioni

a partire da CHF 12.00/mese

Server Cloud


Hosting Web 100% SSD
100 GB e +
Gestione multisito
Gestione avanzata dei certificati SSL EV e DV
Protezione Anti-DDoS
10 GB di VO

2 CPU e +
6 GB di RAM e +
100% SSD
Risorse 100% dedicate

Infomaniak gestisce il suo server

Per più informazioni

a partire da CHF 39.00/mese

Prezzo in CHF