# CiviCRM 5.34.0
Released February 3, 2021
- **[Bugs resolved](#bugs)**
## <a name="synopsis"></a>Synopsis
| *Does this version...?* | |
| Fix security vulnerabilities? | no |
| **Change the database schema?** | **yes** |
| **Alter the API?** | **yes** |
| **Require attention to configuration options?** | **yes** |
| **Fix problems installing or upgrading to a previous version?** | **yes** |
| **Introduce features?** | **yes** |
| **Fix bugs?** | **yes** |
## <a name="features"></a>Features
### Core CiviCRM
- **Re-Thinking our Crypto implementation
This adds a new framework for encrypting setting values that are stored in the
database. An encryption key is defined upon installation, and the key can be
rotated using APIv4. Keys can also be managed with a new
`hook_civicrm_crypto`. The system allows for old keys to be retained for
decrypting old values even as a new key is used for encrypting new ones.
The only setting that is changed at this point is the SMTP password, as that
was the only setting in core encrypted with `CRM_Utils_Crypt`. However, this
framework is available for extensions and will likely be adopted for other
You may optionally configure `CIVICRM_CRED_KEYS` in `civicrm.settings.php`
upon upgrade. Sites that define `smtpPassword` in their
`civicrm.settings.php` file may need to update the value. See
[pull request 19239](https://github.com/civicrm/civicrm-core/pull/19239) for
Meanwhile, `CRM_Utils_Crypt` is retained (but deprecated) for compatibility
with the extensions that use it.
- **Add pre() and post() hooks for ufgroup entity
The pre and post hooks are now triggered when modifying profiles.
- **Add a unique event ID so we can match pre/post Insert/Update
Makes it so developers can use the event ID to link pre/post Insert/Update
events for the same change.
- **Add support for multi-value contact reference custom fields
Makes it so users can configure a multi-value contact reference custom field.
- **Add missing state for South Korea
This adds the special self-governing city Sejong to the state/province table
for South Korea.
- **CRM_Core_Key - Provide more debugging hints about mismatched `qfKey` values
The qfKey now has a prefix that corresponds with the form name.
- **Add min-width to flex columns for responsive layout on small screens
This adjusts 2-column layouts on the main CiviCRM dashboard and Search Kit to
collapse to 1 column on small screens.
- **APIv4 - Add "Permission.get" for listing available permissions
Adds a new API method "Permission.get" to be used for administrative tools
that allow one to choose/assign a permission.
- **APIv4: Support relative date range input
Extends APIv4 to support relative date range inputs.
- **Free the joins! APIv4 explicit joins - can we remove the requirement for
specific columns in the "on" clause? (Work Towards
Allows greater flexibility in how explicit joins are performed in APIv4.
- **Non translatable fields in profile schema (Work Towards
Ensures the public title is used and translatable for on behalf profiles,
confirm pages and thank you pages.
- **Proposal - add hook alterIndices
(Work Towards [dev/core#2279](https://lab.civicrm.org/dev/core/-/issues/2279):
Adds indexes to `campaign.name` and `civicrm_group.cache_date`.
- **Wording change - change UI parts of contribution soft schema to soft credit
Improves user experience of Search Kit/Afform by cleaning up language
related to Soft Credits.
- **Cancel first contribution associated to membership, cancels the membership
(Work Towards [dev/core#927](https://lab.civicrm.org/dev/core/-/issues/927):
Completes moving the logic for the contribution statuses "Cancel" and "Fail"
from core to the `contributioncancelactions` extension.
- **Move financial acl warning from FinancialType BAO to extension.
Moves more code from core to the financial acls extension.
- **Add ContributionSoft v4 api
Adds the Contribution Soft entity to APIv4.
- **Add v4 api for financial type, financial account
Adds "Financial Type" and "Financial Account" entities to APIv4.
- **[APIv4] Permit using other SQL functions such as CONCAT within a
Allows for SQL functions such as CONCAT to be used within a GROUP CONCAT,
this maybe useful for example when trying to get all the line items associated with a
contribution into one field.
- **Add default for boolean fields on financial_type
Sets default values for the "Financial Type" fields 'is_active' and
- **Improve logging when a contribution is created/updated
Improves logging when a Contribution is created/updated to improve the
### Search Kit
- **Search kit: Rewrite input widget to support IN sets, relative dates, BETWEEN
groups, etc. ((https://github.com/civicrm/civicrm-core/pull/19229))**
Overhauls the input widget for all fields in Search Kit so that they support:
IN, BETWEEN etc.
- **Search kit: Improve token support
Adds a token selector to the Search Kit UI when configuring displays.
### WordPress Integration
- **Enhance CiviCRM's integration in WordPress
Improves user experience for WordPress sites by introducing sub menu items to the
WordPress SideBar "CiviCRM" Menu item including:
- Integration Page
- Settings Page
## <a name="bugs"></a>Bugs resolved
### Core CiviCRM
- **jquery.validate.js update (includes CVE-2021-21252)
The jQuery Validate library contained a regular expression that was vulnerable
to ReDoS (Regular Expression Denial of Service).
ReDoS, or Regular Expression Denial of Service, is a vulnerability affecting
poorly constructed and potentially inefficient regular expressions which can
make them perform extremely badly given a creatively constructed input string.
This offers security hardening by preventing a user from entering a string
that could tie up their browser in validating it.
- **Fix updating custom field schema when toggling search or multiple
Fixes a crash & possible data loss when changing a custom field of type
"Country" or "State/Province" from a multi-select to single or vice versa.
- **Quick fix on summary actions conflict
If multiple extensions insert items with the same weight into the contact
summary actions drop-down, this ensures all menu items are displayed.
- **Greenwich: Fix Select2 free-tagging css bug
Adds a CSS tweak to Greenwich that fixes a style conflict between Bootstrap
- **APIv4: Normalize option list descriptions as plain text
Ensures the description field comes through as plain text when fetching option
lists from APIv4.
- **Unwanted mail blast sent by Scheduled Reminders (Work Towards
This adds a `created_date` column to the `action_schedule` table. This is in
anticipation of a change to prevent a newly-created scheduled reminder from
triggering reminders that would be due to send prior to the creation of the
- **Editing a smartgroup created through the search builder renders the new
block by force
Ensures the new record type and operator line only appear on the new search
builder form (not when editing existing smart groups via search builder).
- **Merge all members into the same household when using select fields fails
with a db error
Fixes a DB Error when exporting contacts using the "Merge Household members
into their Households" setting and selecting fields for export.
- **civicrm-setup - Error during, uh, let's call them unit tests, if db port
Avoids a notice of a missing db port during install.
- **Move non-compliant trigger_error out of logging
Makes CRM_Core_Error_Log more PSR3-compliant by not throwing errors itself,
and removing dependence on the presence of a .git folder.
- **Tabs at top of extension list are no longer tabs
Fixes broken tabs on the profiles administration page.
- **Weird "null" after adding new tagset
Ensures the word 'null' is not displayed after adding a new tagset.
- **Stop preventing test runs and dev sites from seeing PHP deprecation notices
Ensures notices appear based on the sites error reporting settings.
- **Unable to delete file with brackets in filename via ckeditor/kcfinder
- **Obsolete wkhtmltopdfPath causes hard fail in event registration due to
internal fatal error for the missing package
If the setting for the path to wkhtmltopdf is set, but nothing is there at
that path, a system check message will appear and PDF generation will fall
back to domPDF.
- **Contact import by CSV fails when string ends with "à"
In certain encodings, the à character can have the same byte as a
non-breaking space. This ensures that trimming non-breaking spaces does not
accidentally snag multi-byte characters that share the same `0xA0` byte.
- **Activity Summary report is missing pagination
- **Export crashes when many contacts share an address and are merged
- **Deprecation warnings are implemented backwards
- **CiviCRM Export, Saved Export Field Mapping that contains custom fields which
have been disabled or deleted are still loaded as "clear" values and cause the
export download to fail with "DB Error: no such field"
- **Inline email edit form fails to set is_bulkmail flag
- **Accept PHP memory_limit of -1 as meeting requirement
- **Fix hook_civicrm_permission upgrade failure. Defer system-flush to
On Drupal and Backdrop sites, the system flush was triggered after each
incremental database update. It is now deferred until the end of the upgrade
- **Fix APIv3 profile.getfields to return correctly keyed phone field
- **Reports don't filter with empty custom fields
- **Fatal error on contribution summary report (and probably others) when adding
contacts to group
This disables full group by mode for reports that are not optimized to work
- **Stop passing ids as reference
- **Fix extensions tabs following deprecation of old tab code
- **php 7.4 compatibility
Assorted changes to make the code compatible with php 7.4.
- **Menu links for Petitions, Surveys do not open correct tab
- **Add timeline dropdown on manage case no longer working
- **Error creating thank you letter with multiple contributions
This resolves an invalid currency error when generating a thank you letter
grouping multiple contributions per contact.
- **fix email receipt flag for recurring record
Ensures receipts are not sent for each recurring payment.
- **Owner notification email sending before payment (Work Towards
Code clean up towards ensuring that owner notification emails do not get sent
before the payment is made.
- **Fully remove contributionTypeID (Work Towards
Work to remove legacy references to `contributionTypeID`.
- **Line items are added from default price set on recurring contributions for
financial types with tax accounts.
- **Allocation of "fee amount" is incorrect if fee is added after contribution
- **Owner notification email sending every time the contribution is resaved
- **Default currency shown on invoices if payment is made with different
- **Contact type incorrectly set to Contribution due to 'Honoree Profile'
- **Disable frequency/interval fields if not required on backend contribution
- **Fix Contribution.tpl mismatched ts.
- **Fix preferred repeattransaction flow to correctly create the activity
contacts for the contribution
- **Fix pledge on contribution page when the site has a Word Replacement for
- **Fix Contribution.create to not attempt to set contacts on activity update
- **Allow Sendconfirmation api to override pay later receipt text
- **New Event using a template - clicking "Continue" doesn't save custom data
- **Use the proper content type for ICalendar link
The iCalendar feed link now specifies that it is `text/calendar` so it will be
handled correctly if the icon is clicked.
- **Import Participants fails
This was an unreleased regression in 5.34.beta.
- **Manage Event: avoid E_NOTICE in smarty
- **Fatal error Incorrect datetime value: '0' for column 'transaction_date' when
editing a participant record and recording payment with no received date
- **Allow overriding participant_status_id in Order API
- **Proposal replace PEAR mailer classes in core extension (Work Towards
Handles exceptions in Mail:send class.
- **Simplify decision as to whether to use a pdf on membership emails
Makes decision to include a PDF in Membership emails dependent on settings
instead of whether the tax-amount is non-zero.
- **Membership renewal with 0 tax creating extra line item
- **Rename PledgePayment create function
Standardizes create function for a pledge payment.
- **Pledge: mark needed fields as required in schema
### Joomla Integration
- **distmaker - Don't require dummy config file for building Joomla
### WordPress Integration
- **Mailing default domain error: force a backend URL for WP
- **Allow wp-cli upgrade command to proceed when there is only a single settings
- **Prevent "add_action" from being called multiple times
## <a name="misc"></a>Miscellany
- **Membership BAO - do not require date fields to be passed in on update
- **Rename internal references to contributionTypeId
- **Switch to non-static functions
- **Duplicate processFormContribution only Membership form
- **Only do cms account create from the one relevant place
- **Convert previously shared function from static to non-static
- **Fix Payment edit form to use Payment.cancel & payment.create api
- **Fold deprecated function into the only function that calls it
- **Use specific function when formatting money for a default
- **Stop using refresh_date in civicrm_group table
- **Simplify handling of ids in Authorize.net now that related_contact is no
longer used ((https://github.com/civicrm/civicrm-core/pull/19273))**
- **CRM_Member_Form_MembershipRenewalTest - Started failing circa Jan 1, 2021
- **preliminary cleanup - extract a couple of functions in the payment processor
form for readability (Work Towards
- **finish 'this round' of completeOrder cleanup (Work Towards
- **Squash 2 if clauses into 1
- **Clean up error handling in legacy functions in import parser
- **Unused writeLegacyWarnings() in PropertyBag
- **Update docs links
- **Preliminary cleanup -remove unused params from function signature
- **Minor code cleanup
- **Move processConfirm function from Utils file back to form class
- **Remove use of ignoreException from SMTP settings form
- **Remove constant CIVICRM_MYSQL_STRICT
- **Removes default for is_active & is_reserved since they now have DB defaults
- **Remove code to retrieve premium data
- **Remove use of ignoreException on import form
- **Remove unreachable customGroup section in online event receipt
- **Remove never-used IMAP_XOAUTH2 option value before it gets more confusing
- **Remove the print_array modifier as it is now supplied in civicrm-core
- **Remove deprecated function
- **Remove some more variable variables + some test cleanup
- **Remove unreachable code.
- **Remove some deprecated code chunks
- **Remove extraneous elses
- **Remove obsolete IF
- **Remove extraneous elses
- **Remove extraneous handling duplicated from createProfileContact
- **Remove or hard-code variables from previously shared function
- **Remove code deprecated +1 year ago - case_from_XX / case_to_XXX search
- **Remove extraneous elses
- **Remove meaningless calls to ignoreException
- **Remove some unused variables
- **Remove functions from EmailCommon that were moved to the trait
- **Remove duplicated tax assignments from copied code
- **Remove unused tpl assigns
- **Remove all handling related to pledge, cms user from newly separated
- **[REF] Extract determination of subscription status information
- **[REF] extract getIdsOfMatchingContact
- **[REF] Extract function to retrieve the membership labels.
- **REF Allow for fields of type Blob or Mediumblob in Apiv4
- **#REF Migrate the print_array smarty plugin from in packages into core…
- **[REF] Move function to shared parent so MemberForm can use it too
- **[REF] Relocate function from DeprecatedUtils to the class that actually
calls it ((https://github.com/civicrm/civicrm-core/pull/19247))**
- **[REF] Clean up on $ids['contribution']
- **[REF] Simplify membership form code towards simplifying BAO
- **[REF] Convert previously shared function to non-static, remove unrelated
- **[REF] Move another deprecated function to the class that uses it
- **[REF] Switch to using shared function to call deprecated function
- **[REF] Relocate another function from DeprecatedUtils to the calling c…
- **REF use addRadio function to add in the radio fields to these forms
- **[REF] Relocate another deprecated utils function to the only class that
calls it. ((https://github.com/civicrm/civicrm-core/pull/19248))**
- **[REF] Deprecate passing a blank currecny to CRM_Utils_Money::format a…
- **[REF] Fix tax_amount to be consistent & load from the templateContribution
- **[REF] Unshared another function back onto Membership_Form
- **[REF] Unshare code to build an array of params for the recurring
- **[REF] Extract duplicate handling code
- **[REF] Duplicate possibly-used parts of createProfileContact onto
- **[REF] use early return for errors rather than confusing assignment
- **[REF] Remove unreachable code
- **[REF] Minor cleanup, remove variable variables
- **REF use centralised addRadio function more
- **(REF) Civi\Test\Invasive - Add helper for checking protected/private members
- **[REF] Move another deprecated function back to the only class that calls it
- **[REF] Minor cleanup on contactGroup function
- **[REF] Remove some variables not relevant to backoffice member form
- **[REF] Rationalise financialType variable
- **[REF] Extract code that assigns isPendingOutcome variable on thank yo…
- **[REF] extract and share code to determine if required contact fields are
- **[REF] Fix import signature on activity parser, add preliminary test
- **Add test to check pcp notification is sent
- **Extend test to cover membership logs
- **[tests] Fix join syntax conversion for APIv4 in v3 unit tests
- **(NFC) DispatchPolicy - Add comments to docblock
- **[NFC] Convert civi.tag-deprecated to use central function
- **(NFC) Fix issue reporting link to go to the corresponding `core` project.
- **[NFC] Cleanup in test class
- **[NFC] Code reformat pledge class
- **[NFC] Fix Contribution Soft Credit entity translation
- **NFC When printing out the result of the correctly update in single va…
- **[NFC] Update comments in CRM/Core/Key
- **(POC#C) MembershipRenewalTest - Address assertions that started failing
circa Jan 1, 2021
- **REF Bump the composer-compile-plugin version
- **Test framework - API4 DateTest::testRelativeDateRanges will fail on the last
day of Jan, Mar, May, Aug, Oct
- **Fix for ReportTest when launching a pdf
This fixes a unit test failure caused by a recent merge on testing Report
- **Enotice fix ((https://github.com/civicrm/civicrm-core/pull/19201))**
- **Fix notice error on using max() with only one variable
- **Minor typos in schema files
## <a name="credits"></a>Credits
This release was developed by the following code authors:
AGH Strategies - Alice Frumin, Andrew Hunt; Agileware - Francis Whittle;
Bluehorn Digital - Matt Glaman; CEDC - Laryn Kragt Bakker; Christian Wach;
CiviCRM - Coleman Watts, Tim Otten; CiviDesk - Sunil Pawar, Yashodha Chaku;
CompuCorp - Ahed; Coop SymbioTIC - Mathieu Lutfy; Dave D; Fuzion - Jitendra
Purohit; iXiam - César Ramos, Vangelis Pantazis; Jarek; JMA Consulting - Monish
Deb, Seamus Lee; lucky091588; maynardsmith; Megaphone Technology Consulting -
Jon Goldberg; MJCO - Mikey O'Toole; MJW Consulting - Matthew Wire; Nishant
Bhorodia; Tadpole Collective - Kevin Cristiano; Wikimedia Foundation - Eileen
Most authors also reviewed code for this release; in addition, the following
reviewers contributed their comments:
Agileware - Justin Freeman; Artful Robot - Rich Lott; iXiam - Luciano Spiegel;
JMA Consulting - Joe Murray; Joinery - Allen Shaw; Nicol Wistreich; Semper IT -
Karin Gerritsen; Third Sector Design - Michael McAndrew
## <a name="feedback"></a>Feedback
These release notes are edited by Alice Frumin and Andrew Hunt. If you'd like
to provide feedback on them, please log in to https://chat.civicrm.org/civicrm
and contact `@agh1`.