To install K2 for the first time or update your existing K2 based website, just grab the latest package here: https://getk2.org/downloads/?f=K2_v2.10.2.zip
The process to update K2 is fairly simple. If you are on Joomla 1.5, grab the zip file from the link above and install it on top of your existing K2 version. If you are on Joomla 2.5 or 3.x, go to the Joomla update manager, purge the update cache, re-check and you'll see the new release available to instantly update.
So what's been added, changed or updated in this new release?
Here's a list of the important things added, changed or updated in K2 v2.10.2.
- Fully re-worked backend user interface (UI) that is now 100% mobile-friendly. We'd like to think it's the best looking -and more importantly the most practical to use in a mobile device- Joomla component. The new UI has been carefully crafted and tested on multiple devices, on all K2 views, including menus and modules, for a true mobile app-like feel. If you manage content on the go, then you'll love using K2 on smartphones and/or tablets.
- Fully revamped the "batch operations" modal in the backend UI.
- Flatpickr has been reverted to the latest version in the 4.5.x series (v4.5.7). This resolves a bug which made deleting a calendar date impossible. Once the developers of Flatpickr resolve this issue, K2 will adopt the new version in the next update.
- Resolved a bug where K2 items with no images would display with an empty <img /> tag in the K2 content module and on custom K2 template overrides (with relaxed image object checks).
- Addressed a (low severity) vulnerability that was discovered in the third-party PHP library "class.upload.php" that K2 uses for file uploads. Under certain server setups (e.g. fresh Ubuntu 18.04 installation with Apache, PHP and MySQL installed from core repos) an attacker could upload certain file types as images, bypassing the library's security checks. Keep in mind that depending on your server's MIME configuration, you may not be affected at all by this vulnerability (e.g. cPanel-based or Plesk-based servers are not affected). A sincere thank you to Jinny Ramsmark (of Defensify AB) for discovering the vulnerability and for letting us know in advance. You can read the related reports for CVE-2019–19576 and CVE-2019–19634 in Jinny's blog.
- Re-instated the "edit Joomla user" toolbar button in the K2 edit user form which was previously hidden in Joomla 3.x only.
- Fixed various backend UI bugs that were introduced in v2.10.1, e.g. the filters in the K2 modal selector are no longer getting cut-off by the modal header.
- System messages will now hide after 3 seconds (instead of 5 in v2.10.1).
- New flat-style K2 favicon used in Joomla 1.5 & 2.5.
Upgrading
If you use v2.7.x to v2.9.x already, then it is (as always) safe to upgrade to K2 v2.10.1. If you use a version before 2.7.0, refer to the 2.7.0 upgrade notes.
If you already have your own K2 CSS and/or HTML template overrides then there's nothing to worry about. If you use "stock" K2 CSS and HTML template overrides, just browse your site after the upgrade to make sure nothing's misalligned. In any case, exceptions may occur but they are usually easy to resolve. If you need any help, just post about your issue in the K2 Community Forum.
Since the release of K2 v2.7.0 we have added an update notification for new releases of K2 within the K2 backend (viewed only by super admins) to make it easier to spot new releases and update accordingly.
Before upgrading, it's always a good idea to get a backup of your site (just in case):
- To upgrade in Joomla 1.5, just install v2.10.0 on top of any existing K2 installation.
- To upgrade in Joomla 2.5 or 3.x, either install on top (as with Joomla 1.5) or use Joomla's extension updater (you should already see the notification for v2.10.0).
We also highly recommend that you update AllVideos to version 5.x (the most recent).
DO NOT uninstall any older K2 version first, as this will wipe out your K2 content!
HTML & CSS Template Overrides
Have a look here: https://getk2.org/documentation/tutorials/77-k2-template-override-package-comparison
There are minor changes in the tag.php and generic.php sub-templates due to the addition of page headings and the search bar (in generic.php).
What's next
The next major update (v2.11.0 - around Jan/Feb 2020) will introduce a more modernized (& responsive out-of-the-box) frontend, hopefully with zero dependencies to any 3rd party JS library. This basically translates to improvements for all frontend views to share a common structure, which will make creating your own set of K2 template overrides an even easier task, especially if your category, tag, user etc. views share the same design and features.
These changes will also be coupled with some content changes (e.g. the removal of the item toolbar in the item view). As always, ful backwards compatibility will allow for safe upgrades to the newer release.
Enjoy K2 v2.10.2!