The XOOPS Core Development team announced XOOPS 2.0.17.1 Final has been released.
This version addresses login issues experienced by some Internet Explorer users and sites hosted with specific versions of PHP.
If your users still experience login problems after implementing the patch, the site administrator can turn on custom session in system preferences, or set "enableRegenerateId" to FALSE in /kernel/session.php line #78 (Do not do both. Before you set enableRegenerateId to FALSE, turn custom sessions OFF.)
Also addressed is a potential vulnerability identified in the uploader class if the upload configuration is not set properly by modules. The uploader patch is available separately for all XOOPS sites - download it from XOOPS SourceForge .
Please read the full Changelog for details.
We also took the opportunity of this release to update the resource.db.php located under the extras folder of the package. This file fixes a problem that may occur with modules not having their templates under module/dirname/templates/. Please carefully read extras/readme.txt for all information.
The full and upgrade packages can be downloaded here : SourceForge Download page .
Please report any bug you may find in the XOOPS bug tracker .
Enjoy !