v4.2.2 is now available - SECURITY RELEASE

[Blair +]

Version 4.2.2 of 68 Classifieds is now available. This release should be considered a SECURITY RELEASE.

Although not an official major release, the following files have been changed. We recommend you upgrade as soon as you're able.

The following files have been changed (does not include formatted-only files):
- administration/ajax.php
- administration/category.php
- administration/coupons.php
- administration/editor.php
- administration/fields.php
- administration/gateways.php
- administration/includes/init.php
- administration/includes/params.php
- administration/index.php
- administration/language/english.php
- administration/listings.php
- administration/login.php
- administration/logout.php
- administration/managemodules.php
- administration/notes.php
- administration/orders.php
- administration/pages.php
- administration/products.php
- administration/settingsbadwords.php
- administration/settingscountries.php
- administration/settingsimages.php
- administration/settingslistings.php
- administration/settingsmain.php
- administration/settingspm.php
- administration/settingsregional.php
- administration/settingssearch.php
- administration/settingsstates.php
- administration/settingstemplate.php
- administration/settingsuseradmin.php
- administration/settingsusercheckout.php
- administration/settingsuserregistration.php
- administration/settingsuserview.php
- administration/templates/default/fields/fields.tpl
- administration/templates/default/gateways/gateways.tpl
- administration/templates/default/listings/listing_add.tpl
- administration/templates/default/listings/listing_edit.tpl
- administration/templates/default/settings/settings_main.tpl
- administration/templates/default/home.tpl
- administration/templates/default/products/form.tpl
- administration/templates/default/products/products.tpl
- administration/usergroups.php
- administration/users.php
- includes/classes/database/mysql.php
- includes/classes/format/Filter.php
- includes/classes/format/String.php
- includes/classes/kernel/Categories.php
- includes/classes/kernel/Core.php
- includes/classes/kernel/Countries.php
- includes/classes/kernel/Format.php
- includes/classes/kernel/Gateways.php
- includes/classes/kernel/Library.php
- includes/classes/kernel/Listings.php
- includes/classes/kernel/Login.php
- includes/classes/kernel/Mailer.php
- includes/classes/kernel/Modules.php
- includes/classes/kernel/Orders.php
- includes/classes/kernel/Pagination.php
- includes/classes/kernel/Private.php
- includes/classes/kernel/Products.php
- includes/classes/kernel/Register.php
- includes/classes/kernel/States.php
- includes/classes/kernel/Template.php
- includes/classes/kernel/Users.php
- includes/classes/kernel/Validate.php
- includes/classes/mailer/class.phpmailer.php
- includes/classes/smarty/plugins/function.debug.php
- includes/core/checkout/step3submit.php
- includes/core/checkout/step5.php
- includes/core/checkout/step7.php
- includes/core/renew/step1.php
- includes/core/renew/step2.php
- includes/cron.php
- includes/functions.php
- includes/init.php
- javascript/main.js
- templates/default/checkout/step3.tpl
- templates/default/checkout/step6.tpl
- templates/default/checkout/step7.tpl
- templates/default/home.tpl
- templates/default/showlistings.tpl
- templates/default/showlistings2.tpl
- templates/default/user/userbrowselistings.tpl
- templates/default/viewlisting/listingextras.tpl
- templates/default/viewlisting/listingextras2.tpl
- ajax.php
- category.php
- contact.php
- contactus.php
- external.php
- fileCopyProgress.php
- friendmail.php
- index.php
- login.php
- logout.php
- modules.php
- pages.php
- private.php
- search.php
- terms.php
- useraccountmodify.php
- useraddimages.php
- userbrowselistings.php
- usercheckout.php
- userfavorites.php
- userforgot.php
- userindex.php
- userjoin.php
- usermodifylisting.php
- userorders.php
- userrenew.php
- viewimage.php
- viewlisting.php

The following files are new:
--------------------------------
- includes/classes/kernel/Filter.php
- includes/classes/kernel/Input.php
- includes/classes/kernel/Security.php
- includes/classes/kernel/String.php
- includes/classes/kernel/Utf8.php

Version 4.2.2 addresses the following bugs:
--------------------------------
- Fixed issue:464
- Fixed parent/child ajax field split in admin add listing
- Fixed multiple instances of expiration calendar if extra fields date input is present in admin add/edit listing
- Fixed uninitialized variable notice when renewing a listing
- Fixed uninitialized template variable in Private.php
- Fixed uninitialized variables in admin ajax
- Fixed failed delete of file upload field's file
- Fixed deprecated warning in mailer class
- Fixed extra field issue:418 and issue:411
- Fixed confusing use of language strings, "Send Message" instead of using the existing "Send New PM" language string
- Fixed misalignment in safari and firefox for billing info in checkout
- Fixed issue:404
- Fixed issue:412
- Fixed issue:352
- Fixed no-subject view issue in private message system
- Fixed broken HTML in admin products/gateway templates

Other information regarding v4.2.2 update:
--------------------------------
- Performed a security audit
- Unified up input filtering/escaping and database query escaping
- Security.php, Utf8.php, & Input.php are modified versions of the CodeIgniter framework files CodeIgniter License Agreement : CodeIgniter User Guide.
- Added conditional suppression of deprecated warnings
- Added module hook to identify the change of the main template
- Auto format of most main files, no templates or 3rd party libraries were done. More upon request
- Marked legacy functions and class methods as deprecated
- Added new input filters
- Fixed broken HTML in magpie parser
- Fixed showlistings(2).tpl templates to prevent editor false errors


Thanks to members who tested 4.2.2, reported bugs, and provided solutions to get this release out.

Special thanks for contributions/efforts by Mike Knowlton of Mike-N-Tosh Mike-N-Tosh.com and David Seymour of Templatecodes TemplateCodes | PHP Classified Scripts