Difference between revisions of "Changelog Provider"

Information

Only the last few changelogs are available here for reference. Some older changelogs ( < V2.7.2 ) are currently only available in german.

Upcoming and planned features

We are looking forward to release the new V3.4 version in September 2013!

Update September 2013 V3.4 (not released yet)

In short

• Complete revised and redesigned registration and password reset process and dialogs.
• Enhanced usage of SMS for security related processes and user communication.
• Completely revised login dialog (removed one tab and combined login and reading).
• Allowing drag&drop upload of files (online reading, writing).

Details

New features:

• Completely revised and redesigned registration and password reset process and dialogs.
• Included regify provided SMS gateway for easy SMS usage.
• Completely revised login dialog (removed one tab and combined login and reading).
• Allowing drag&drop upload of files (online reading, writing).
• Transaction history views (regimail, regibill, regipay) now all allowing search and multiple pages.
• Transaction history views (regimail, regibill, regipay) now all allowing PDF download.
• Showing MySQL replication info in provider management dialog (administration).
• Enhanced usage of SMS for security related processes and user communication.
• Password reset can forward the request to the users "real" provider (by using PLS).
• Option to chose the sender address during online writing (if multiple e-mail addresses are given).
• Slow file uploads now showing an upload progress bar (online reading, online writing).
• Provider statistics now using modern graphics and animation for displaying more values.
• Provider statistics now showing member growth instead members per month.
• Added ToDo feature to help administrators to keep their provider clean and updated.
• Added export functions for userdata and invoicing data (both exporting XML or CSV).
• Setup wizard now also supporting proxy server.

Internals:

• Supporting quick connection check by client software.
• Provider-SDK function usernewpassword now supporting more parameters.
• Added support for special connectors allowing integration of archives or hybrid mail to the provider.
• Added "Mass Sender" type of user (now regimail professional, regimail private, regimail mass sender).
• Enhanced Provider-SDK functions and added some more status codes.
• Provider appliance does no longer need root CA certificates during certificate import.
• Provider appliance now supporting VLAN's and network interface bonding.
• Provider appliance runs its own DNS server.
• Now it is possible to restrict SSH access to provider appliance to local subnet only.
• Now the provider appliance supports automatic backups to SMB shares.
• Provider appliance now offers complete diagnostics function to complete installation and help fix networking issues.
• Supporting password reset by PLS request.

Fixes:

• Enhanced unicode capability for online writing regimails.
• Removed length fixation of wizard field for clearing password.
• Limit number of coupkn code days to max 365.
• Prevent some re-POST questions in FireFox and IE in provider customization dialog after an image was uploaded.
• Supporting more CSV file formats for group invitations.
• Fixed problems downloading XML reports in IE8.
• replaced deprecated <blink> tag by CSS animation.
• Added SAP single sign-on cookie exceptions to IDS (no longer triggering error).
• Fixed a lot of translation typos and errors.
• Check for updates in provider appliance also checks for multiple updates.
• Some security related enhancements.

Update 26. April 2013 V3.3.3

Bugfix release

• Updated regify client setup to V3.10.0.1233.
• Updated regify client deployment documentation.
• Adding new regify protocol V2 support (needed for next versions of regibill and regipay desktop).
• Prevent second monthly report on multiple replicated systems.
• Fixed problem with visible HTML tags in PayPal shop pages and regibill transaction history.
• Fixed missing download link for RGF file if email sending on portal failed (online writing).
• Fixed resetting language to browser default in popup windows (eg Terms) on some webbrowsers.
• Fixed error message 'missing function getFrom()' in some loadbalancer environments.
• Fixed swapped displaying of regibill standard and premium counters on administration pages.

Update 11. January 2013 V3.3.2

Bugfix release

• Fixed problem while online reading if username contains umlaute (error 10 during reading).
• Fixed file permission problem if files are replicated over master-master replication (access denied during customization).
• Ensures that users are not getting deleted on local regify provider if clearing access is not possible.

Update 2. November 2012 V3.3.1

Bugfix release and some new features

• Enhanced "open regify-file" tab on login screen (more easy to understand and use).
• Enhanced file size checking for online reading.
• Added MacOS client download links on all download pages.
• Allow free entering of users title (administration interface).
• After account activation, the DOWNLOAD button now points to correct download location for your OS (Win, MacOS, iOS, Android).
• Prevent uploading files in maintenance mode (validate regibill, upload on login).
• Fixed Intrusion Detection System (IDS) problem while sending online with certain messages.
• Fixed upload problem with Chrome browser while validating regibill standard.
• Fixed some problem while online reading chinese encoded messages.
• Fixed tool tip text help for regibill and regipay transaction archive.
• Fixed some IE7 and IE8 JavaScript issues for validating regibill standard.
• Fixed displaying wrong number of transactions left if user was regimail private and previously had some extended transaction limit.
• Fixed problem preventing sub-provider admins from editing their customizing files.

Update 24. September 2012 V3.3

In short

• Download the regibill validation report as PDF document.
• Every subprovider gets his own payment and shop options (incl. PayPal).
• User login is possible with e-mail address instead of username, too.

Details

New features:

• Download the regibill validation report as PDF document.
• Login will be possible with e-mail address instead of username, too.
• Users are getting an email about successfull authentication, too.
• Support for PLS service (makes users initial client installation much more easy).
• Favicon will be customizable for each subprovider (png format, only for non IE browsers).
• Full customizing synchronisation in clustered setups.
• New maintenance dialog with new options in administration (DB synchronization, maintenance).
• All users having a sales-id field, too (free to enter anything).
• User administration allows moving users easily between subproviders.
• Administration gives now access to users internal bank account.
• Every subprovider gets his own payment and shop options (incl. PayPal).
• Enhanced customizing editor in administration (codemirror update).
• Individual report-code in free intervals for professional services.
• All regify premium texts are now fully translated to regimail standard and regimail professional.
• Internal optimizations on cryptography (faster).
• Unlock codes will be output in blocks of four (more easy to read and enter).
• Enhanced upload dialog for files (rgf files, regibill validation, online writing etc.)
• Updated software deployment documentation to new regify clients V3.9.
• The transaction history export as PDF now fully supports unicode characters for message subjects.

Internals:

• Overworked session handling allows user- and admin-session in the same browser at a time.
• Sessions are now timing out depending on last activity.
• Enhanced IE compatibility.
• Some english and french translation has been revised (better).
• Complete CSS styled bubble help (fully customizable now).
• Provider statistics no longer uses Google Charts API (administration).
• Enhanced framebuster framework regarding OWASP suggestions.
• Added ALLOWROAMING flag to enable/disable roaming participation for provider.
• Obligatory attachments now allowing .docx format.
• Setup packing using AppPack and signing of the setups is no longer needed for regify client 3.9 or higher.
• Changed regibill & regipay invoicing interval to weekly by default.
• Completely overworked logging mechanisms.
• Updated default mail_blacklist.txt (added some more spamming domains).
• Maximum authentication level of non-certified regify providers is limites to three.
• Enhanced regify client protocoll (getconfiguration and login functions).
• Fix: Changing admin roles no longer needs logout/login to work.
• Fix: Prevent users from deleting their account if they have an administration role.
• Fix: Fixed problems if user data contains single quotes in two dialogs.
• Fix: Fixed problem writing online regimails after user changed his username in same session.
• Fix: Fixed problem writing online regimails after auto-login from client.
• Fix: Fixed bad layouting if provider does not allow the Downloads option on login page.
• Fix: Added french translation for default footer content.
• Fix: Added french translation for default terms and conditions and default prices page.
• Fix: Fixed session error for printing passwords dialog.
• Fix: Fixed problem if subject of online written regimails starting with minus.
• Fix: Fixed ignoring two-step password method while sending external invitation.

Update 11. May 2012 V3.2.4

Bugfix release

• fixed problem signing executables using a proxy server.
• added PLS support (provider lookup service).
• added more debugging options to web-calls (cURL).
• fixed httpd autostart problem on appliance restart.
• updated appliance Apache and mod_ssl to CentOS release version httpd-2.2.15-15 and mod_ssl-2.2.15-15.

Update 01. March 2012 V3.2.3

Bugfix release

• fixing invitation calls using internal proxy.
• fixing missing re-send dialog for users authenticated using text messages (sms).
• fixing problems with PayPal accounts and adding more detailed PayPal information to order.
• fixed occasional problem receiving regify_default_message.html on systems with subproviders.

Update 20. December 2011 V3.2.1 (Public since 01. Feb. 2012)

In short:

• complete regibill and regipay integration.
• Support for regimail private feature.
• Re-send unlock-code by SMS initiated by the user itself.
• Automatically signs regify-client setups (signed files for download by users).

Details:

New features:

• Enhanced guidance for users who recently have authenticated.
• Enhanced setup-wizard (after installation).
• Enhanced customization dialog in administration.
  • allows editing of all customization files in administration portal (browser).
  • supports syntax highlighting for PHP, HTML, CSS and JavaScript.
  • allows management of customized images.
• Better recognizable membership-state icons.
• Enhanced CSS design and more elements that allow CSS style options.
• New subprovider option to force SSL URLS even if ONLY_HTTPS is false (Loadbalancer).
• If a group-admin resets passwords, they are now sent using SMS, too.

Internals:

• Updated handling of files in STYLE folder ('_' marks manipulated data, others remnain default).
• Added customization dialog to subprovider admin role.
• Better styled Download-page (with Operating-System icons).
• User-Administration shows users counters (regimail, regipay, regibill).
• Removed cookie usage for regify.php (affects only Client-SDK connections).
• Switched regifycmd to most recent version (incl. SDK).
• Enhanced Debug-Options for the portal.
• Removed GMTDIFFERENCE setting by replacing it with some automation (server timezone).
• Fix: Fixed bug with UTC-0 time in Identity-File.
• Fix: Fixed JavaScript bug in JS/jsDialogs.js that occured on IE only.
• Fix: Fixed problem while login with username containing + or &.
• Fix: Fixed IDS problems with false positives on online writing regify messages.
• Fix: Fixed e-mail line feed madness by adding optional MTA_ADDS_CRLF switch.
• Fix: Fixed some issues while online sending regimail messages on redundant systems.

Appliance:

• Added configuration of NTP server.
• Enhanced hints for SSL certificate import.
• Better "View Database Status" dialog.
• Enhanced handling of user-manipulated files in STYLE folder.
• Supports automatic updates with updates.regify.com.
• Fix: changing provider servername in SSL mode breaks apache config.
• Fix: After failure of SSL certificate import, the SSH session crashed.

Update 12. September 2011 V3.0.1

In short:

• regibill and regipay integration
• supporting french as additional language
• comprehensive SMS support (registering, invitations etc.)
• enhanced and more clear login dialog
• many dialogs have been enhanced (user and administration)
• extended CSS support for more customizing possibilities
• supporting the regify Android app (free of charge in Google Market)
• delivery of the new regify-Client V3.7
  • AddIn for Thunderbird supporting V4 to V7
  • enhanced Outlook AddIn (save unencrypted copy while sending)
  • better Proxy-Server support
  • answer directly using Lotus Notes (Windows)

Details:

new Features:

• System manages bank-account for every user including direct debit authority checkbox.
• System allows to manage regimail, regibill and regipay by transaction.
• new Provider-SDK function mailcheckassignment to check, if an e-mail account is allready assigned to the service.
• new provider-protocol function getconfiguration returns a json array containing provider templates and other information.
• Overworked login-dialog (includes regibill now).
• Writing invitations shows and ensures the maximum number of chars in free text.
• Main-menu graphically shows the account-type (standard/premium) using a special icon.
• AUTHTRANSMITURLGOODRESULT supports now RegularExpressions.
• optional function AuthTransNumberConvert() allows admins to prepare numbers before inserting to AUTHTRANSMITURL.
• regify provider now allows users to enter their mobile number and their international VAT code.
• Portal locks and highlights user-data fields that are not allowed to edit because of a valid authentication state.
• User choses his main-mailaddress from a dropdown-box now (reduces complexity for user).
• Register- and Invitation is now able to use SMS to send the password (AUTHTRANSMITURL needed).
• Added french as the third supported language (both portal and administration).
• Added PRINT option to "regibill standard" validation page.

Internal:

• Administration Login shows licence information (regify and external components).
• Configuration has been split into two files (new configuration_default.php).
• Monitoring now triggers a warning if there are mails stuck in the system (tblmailjobs).
• Switched sender and recipient auth-level check to clearing (keep old method for compatibility).
• Add "Protocol" parameter for regify-protocoll (to allow regibill and regipay).
• Client-Software update adds [SECURITY] and ProviderKey values automatically to customize.ini.
• While MySQL database update, absolutely all tables and varchar fields are getting converted to UTF8.
• Administration of Invoices shows no "Payed" button if the price is zero.
• Standard Buying-Dialog does not show price, if the price is zero.
• Overworked design of steps and some other small graphics.
• All Bubble-help functions now are encapsulated by a function (InsertBubbleHelp()).
• Some dialogs have been overworked to use tabs to get a more cleanup interface.
• Added automatic generation of REGIFY_TEMP.
• Added setting of session.save_path to configuration_default.php.
• some more elements are now using CSS class for display (changeable by provider).
• completely overworked file-handling in STYLE folders (_Filename for individual, others are defaults).
• added PhoneMobile and VATNumber field to users dialogs.
• the new phpAutoLogin.php allows fast and secure opening of pages from clients.
• Enhanced language handling in some routines (BubbleHelp etc.).
• Fix: fixed some optical issues in the default CSS file.
• Fix: raised the needed Auth-Level for the provider-sdk funtion UserAuthenticate().
• Fix: Fixed QuickSearch in Grpup-Administration (accidentally searched in html, too).
• Fix: Fixed Tab-Script on IE8 (only working in Compatibility Mode).
• Fix: Fixed missing OK value of Provider-SDK function maildelete.
• Fix: Fixed problem with managing administration roles in subprovider management.
• Fix: Fixed wrong SENDERSNEEDAUTHLEVEL assignment in UserSetSettings function.
• Fix: Fixed "headers allready sent" php error, if the administration console is opened using http:// only.
• Fix: Fixed problem with wrong language in "new password" mails (accidentally used the admins language instead of user language)
• Fix: Fixed wrong template encoding (utf-8 / 7bit) and a small Quoted Printable issue.

Update 01. March 2011 V2.8.0

In short:

• Better Internet-Explorer compatibility of portal- and administration-dialogs.
• Enhanced help- and shop-dialogs.
• Enhanced administration-dialogs.
• Improved security.
• Prepared for Linux compatibility.

Details:

new Features:

• Online-reader (webinterface) shows authentication-state using the same images than the regify-client.
• Better Internet-Explorer compatibility of portal- and administration-dialogs.
• Enhanced help-dialog now showing phone-numbers for support.
• Enhanced shop-dialog(s) now showing phone-number for invoicing support.
• Download pages are containing documentation download, too (currently only german).

Administration:

• Better displaying of admin-dialogs on small browser-windows.
• Main administration-menu shows information about stuck e-mails and allows fixing (re-send).
• Invoicing allows searching for all transactions of a person, in one click.
• The monthly status-mail now contains information about the number of premium-users that have registered in a given month. Additionally, this function shows the premium-state of these users after a year (only encoded in json encoded, machine-readable values).
• Unavailable administration-menu options are now greyed out for a better overview.
• User-management now shows inactivated users by default, too (yellow state and grey color).

Internal:

• Calculation of unlock-code is now customizable by the provider (type and length).
• Completely removed options to restart or relength reminder period of transactions.
• If phpMailJob.php recognizes a timeout (4 minutes), all available mails will increase the RETRYS column by 2. This avoids endless mails in case of a script error (if php canceles script).
• User-interface shows a warning image, if a user try's to use attachments greater than 5MB using the web-interface (send online by portal).
• Preloader-image for upload-information is now loaded directly on login page display.
• New option REGIFYDEFAULTIDENTITY to define the identity-file to use for online mailer.
• Possibility to use a java version of regifycmd. Upon this, a Linux version of the regify provider is possible now (this is the main reason to rise the minor build number to 8).
• Included Linux version of AppPack. This allows windows setup creation on Linux systems.
• Optimized some dialogs and language items to get a more provider-neutral context.
• The enforced document now include the hashcode to the filename. So it is impossible to download a document without knowing the document-id and his hashcode (prevent data-leakage).
• The online-viewer for regify-mails allows only non-critical tags to be displayed and filters script, iframe, object and other tags. The functionality of form- and input-tags still persist.
• Completely overworked the JavaScript handling and inclusions to reduce data traffic and site-speed.
• Renewed tooltip-help (new style and no need for a pre-defined div-container).
• Replaced all round ball icons with alpha-png versions (better displaying on different backgrounds).
• Replaced the step-images with png style blue button step-images.
• LastActivity flags is set for portal logins and direct invitations, too.
• The size of the download in both download-dialogs is now calculated and formated automatically.
• Fix: Fixed Provider-SDK problem with external invitations and invitiationer mailaddress as base64 encoded variable triggering ERROR 14.
• Fix: New members will not get a termination date at 23:59:59 but 00:00:00. As of this, now the first day counts as the first of the free days.
• Fix: Fixed some security issues on different locations.

Update 23. November 2010 V2.7.4

In short:

• "forgot password" link on login page.
• Showing telephone numbers for technical and billing support.
• SDK support GROUP-MASTER flag (allowing group access for GROUP-MASTERS).
• Enhanced invoice-handling.
• Mailaddresses and usernames may get a length of 100 chars now.

Details:

new Features:

• "forgot password" link on login page (shows information about how to get a new one).
• portal may show hotline phone-number for technical and billing support.

Administration:

• Users can get the GROUP-MASTER flag. It enables manipulation of all group-members using the provider-sdk.
• Managing and handling of invoices has been enhanced. You now can display open, payed and cancelled invoices in one dialog.
• Invoices can get filtered by user-id.
• New user-search dialog in Group-Data administration and admin-roles administration.
• Sub-Provider dialog is extended with support phone numbers.
• Better naming in the authentication-dialog enhances understandability of authentication-state.

Internal:

• Provider-SDK respects new GROUP-MASTER flag, too. This affects the following functions: GroupGet, GroupGetUsers, GroupAddUser, GroupRemoveUser, UserChange, UserGet, UserNewPassword, MailAdd, MailGet and MailDelete.
• The Settings-Dialog is now visible to premium- and standard-users (previously only to premium members).
• Extended the maximum length for usernames to 100 chars (former 45).
• Extended the maximum length for mailaddresses to 100 chars (former 45).
• regify.php returns real name and main mailaddress as login-result, too (affects only internal regify-protocol).
• Fix: fixed premium-membership calculation (only if standard mailcount has changed).
• Fix: fixed case sensitive search using oracle in different administration-dialogs.
• Fix: fixed ignoration of DEFAULTTWOSTEPPROCEDURE flag in phpInvite.php
• Fix: fixed IDS false positives on Google analytics (__utm?) and IBM SingleSignOn (LtpaToken) cookies.

Update 27. September 2010 V2.7.3

In short:

• better calculation of rest-time, if group-admin extends the group membership using shop.
• Administration allows grouping and ungrouping of users, too.
• Better compatibility of IDS with Google Analytics cookies and IBM LtpaToken.
• Portal supports optional HTTP proxy for external URL calls.
• SDK features now full transaction history access.
• SDK features now user authentication.

Details:

new Features:

• Special job to delete temporary user-data that is older than 10 Minutes (phpCleanUp.php). Please adapt Taskplaner or task_5min.cmd! This replaces the usage of delage32.exe (remove from task_daily.cmd).
• Invitation to foreign provider supports parameter [ia] (Invitationer Auth-Level) as placeholder for transmission of inviting-parameters to external provider.
• If a group-admin buys premium-membership for his group, and changes the max-account number, the system automatically compensates the rest-time together with the difference between the old number of accounts and the new one.
• Download-pages are showing the current regify-client version.

Administration:

• Administration allows grouping and ungrouping in user management dialog.
• Users with administrative privileges are not allowed to get deleted anymore.
• Administration prevents errors if an allready assigned address should get assigned to another user.
• Administration menu shows number of open authentication requests (blinks if > 0).
• Overworked administration-lists design (user styles for listfirst, listsecond)
• Fix: fixed a case-sensitivity problem with group user addition (only oracle)
• User-Administration shows number of hits.
• Administration-Dialog automatically switches to SSL url (in case it is only https:// and ONLY_HTTPS = TRUE).

Internal:

• IDS is adapted to work more tolerant on some special pages.
• Update PHPIDS from V0.6.3.1 to V0.6.4
• New Version of AppPack generates 48x48 regify icon using transparency for executable.
• EMERGENCYURL is only called if MAINTAINMODE is false (no SMS in manual maintenance-mode).
• Fix: Fixed wrong calculation of identity-hash (organisation has been missing).
• Support optional HTTP proxy for external URL calls (foreign provider invite, SMS calls etc.).
• QuickSearchField in Group-Administration (user-side) uses css-class now (additional class div.GroupQuickSearchField to regify.css).
• Added new functionality to register mailaddresses in clearing directly on activation. Currently, registration occurs automatically on first regify-usage. This may be to late and the provider now registers the address directly.
• SDK features now full transaction history access.
• SDK features now user authentication.
• phpLogin.php supports new hash-challenge login method for direct login (globe in client).
• Fix: fixed database insertion problem with message subjects longer than 100 chars (oracle).
• Fix: fixed problem with changing main mailaddress in user-administration (mailhash missing).
• Fix: fixed optical problems in PDF download of history with very long subjects.
• Fix: fixed a problem in SDK function userinvite, if the desired username is submitted, too.
• Fix: fixed a problem printing user-password in case of two step invitations.
• Final test and modifications for automatic update feature.

Update 02. July 2010 V2.7.2

new Features:

• PDF download of the complete transaction-history available.
• Complete rework of automatic update feature. In future the will be a ZIP file distributed, including all needed files and update_mysql.sql or update_oracle.sql. Now, this content is used for updating. Critical files will not get overwritten.
• Provider informs users and group-administrators about expiring premium-membership by e-mail. It is possible to define one or multiple intervalls to send such an expiration notification.
• Blacklist feature for invitations and registrations. The blacklist prevents registering of mailaddresses from such domains like trash-mail.com, spambog.ru, spamfree24.de and others.

Administration:

• User-Management shows a new column "group" that indicates the assigned group-id.
• Menu-Option "S" (downloads available) affects the download-link on the login-page, too.
• Removing a user from a group, and if that user has a longer premium-membership time as the assigned group, he will not get a standard-membership in that special case (only if SETPREMIUMANYTIME is FALSE).
• Fix: Viewer for phperror.log fixes wrong displaying of html tags (missing logout link).

Internal:

• new mail-template 20 (inform user about expiration of his premium-membership)
• Fix: fixed a settings-issue in connection to oracle databases.

Update 24. May 2010 V2.7.1

neue Features:

• Identity-Hash Verfahren implementiert (Clearing muss noch aktualisiert werden)
• Transaktions-History versteckt Doppel-Einträge, wenn der Kunde nicht die erweiterte Ansicht verwendet (vermindert Rückfragen)

Administration:

• Statistik zeigt die Grafiken nur noch über die letzten 24 Monate.
• Administration erlaubt nicht das hochsetzen des Transaktionslimits bei gruppierten Usern.
• Warnung, wenn Nutzerdaten von authentifizierten Nutzern verändert werden.
• Sicherheitsabfrage für "Authentifizierungsstatus zurücksetzen".

Internes:

• Neues User-Flag "I" für Benutzer, welche im SDK für eine Einladung einen speziellen User als Einlader angeben dürfen (benötigt also dafür keine Super-User Rechte).
• Gruppieren von Nutzern mit erhöhtem Transaktionslimit ist nicht mehr erlaubt.
• Authentifizierte Nutzer können Anschrift/Orga nicht mehr ändern.
• Mailjob löscht MailJob Lockdatei, wenn diese älter als 4 Minuten ist (Fallback).
• Fix: Fehler bei der Ausstellung von Identitätsdateien behoben (Angabe des AuthLevel fehlte).
• Fix: Fehler in der Anmeldeprozedur behoben (DATABASE: Error inserting with INSERT INTO tbluser SET USERTYPE=11...)

Update 30. April 2010 V2.7.0

neue Features:

• Unterstützung von Oracle als alternatives Datenbank-System zu MySQL.
• Benutzergruppen.
• Benutzergruppen mit eigener Gruppen-Administrator-Funktion.
• Intrusion Detection System PHPIDS wurde integriert (http://php-ids.org/)
• Einladungen können nun auch über Fremdprovider ausgesprochen werden.
• nicht innerhalb der Wiedervorlage geöffnete Transaktionen werden mit einem halben Punkt dargestellt (und grauem Text), wenn Sie im Anschluß doch geöffnet wurden.
• Das regify-Shopsystem ist nun in großen Teilen durch den Provider anpassbar. Die Unterstützung für eigene Shopsysteme und Anbindung weiterer Zahlungssysteme ist nun deutlich flexibler.
• Willkommensdialog nach Klick auf "Akzeptieren-Link" in den Mails ist neu gegliedert
  • bessere Ansprache
  • deutlichere Visualisierung zwischen lokaler Installation und Webnutzung
  • Korrektur von Aussagen zum Setup-Assistent (startet nicht mehr autom. nach Setup)
• Authentifizierungsdialog wurde überarbeitet und kann nun individuell angepasst werden
• Wenn ein authentifizierter Nutzer eine Einladung ausspricht, so kann (optional) der eingeladene Nutzer direkt eine Authentifizierung erhalten (Net Of Trust).
• Offene Bestellungen können nochmals eingesehen werden (und nochmals in den Shop weiterleiten).
• Stellvertreter-Dialog zeigt nun einen erklärenden Informationstext.

SDK:

• SDK Funktion <inviteuser> kennt nun neue Parameter „invitation comment“, „personal message“, „username“, „invitationer full name“ und „invitationer organisation name“
• Fünf neue SDK Funtionen für vollständige Gruppenverwaltung hinzugefügt
• Neue SDK Funktion für "neues Kennwort zusenden" hinzugefügt

Administration:

• Administration erfolgt nun aufgrund von Administrations-Rollen.
• Konfigurationsdialog für Administrations-Rollen hinzugefügt (je Sub-Provider)
• Administration für Benutzergruppen und Domainlisten hinzugefügt
• Administration für Authentifizierung hinzugefügt
• Subprovider-Konfiguration optisch aufgeräumt und in ausklappbare Bereiche unterteilt
• Subprovider-Konfiguration erhielt eine Sicherheitsabfrage für "Subprovider löschen"
• Benutzerverwaltung bietet jetzt auch Sortierung nach "letzte Aktivität"
• Benutzerverwaltung kann User jetzt auch zu "Super-Usern" machen (für Provider-SDK)
• Konfiguration für Fremdprovider-Einladung hinzugefügt (je Sub-Provider)
• Der Statistik-Dialog wurde überarbeitet (übersichtlicher)
• Rechnungsverwaltung zeigt nun mehr Details (kompletter Bestelltext anzeigbar)
• Suche in Benutzern und Gruppen erkennt numerische Eingabe und sucht dann nach UserID

Internes:

• SDK unterstützt ein deutlich erweitertes "userinvite" (viel mehr Angaben)
• Umfangreiche SDK Funtionen zur Gruppenverwaltung
• Provider erlauben die Angabe von externen Einladungen an Fremdprovider
• der Provider versucht nun, die Clearing-Verbindung für eine User-Session konstant auf einem VPN-Kanal zu halten. Das ist Voraussetzung für den neuen Clearing-Betrieb.
• update.php enthält eine Option um den MySQL Master-Master Replikationsbetrieb vorzubereiten
• Subprovider können nun über STYLE/_LanguageShop.php auch eigene Shop-Sprachtexte angeben
• Die Monitoring-Option "type=monitoring" gibt nun OK, WARNING oder ERROR zurück. So kann besser zwischen kritischen und unkritischen Provider-Zuständen unterschieden werden.
• Das Maintenance-Failover wurde überarbeitet und wirkt nun besser auch mit einem Ausfall des CryptoServer.
• Wenn der Provider aufgrund eines Totalausfalles beim Clearing oder CryptoServer in den Maintenance-Modus geht, dann kann man jetzt eine URL aufrufen lassen (zB SMS-Versand).
• Der monatliche Statusreport an regify kann nun optional zusätzlich in Klartext an eine weitere Mailadresse versendet werden (zB Provider selbst).
• Die zu verwendenden Passwortlängen lassen sich nun Providerweit in der configuration.php definieren. Sprachtexte für zweistufige Anmeldung passen sich automatisch an.
• Menüseite der Nutzer zeigt Premium-Laufzeiten > 10 Jahre als *unbegrenzt*
• Die Session-ID wird bei jeder relevanten Aktion im Portal neu generiert (mehr Sicherheit).
• Der Administrationsdialog besteht nun ebenfalls auf SSL, wenn ONLY_HTTPS = TRUE gesetzt wurde.
• Verzögerung nach Fehl-Logins auf eine Zufallszeit zwischen 1 und 5 Sekunden geändert um Bruteforce-Angriffe deutlich zu erschweren (mehr Sicherheit).
• Nutzer, welche sich in der Community-Version löschten, werden 30 Tage danach endgültig aus der Datenbank gelöscht (ohne manuelles zutun).
• Fehlerhafte Logins (zB Benutzername/Passwort falsch) verursachen eine Zeitverzögerung von ein bis fünf Sekunden (Zufall). Dadurch werden Bruteforce-Angriffe wirkungsvoll gebremst.
• Template 11 erhielt die Anrede des Benutzers
• Template 12 erhielt einen Datum/Zeit Platzhalter.
• Fix: Einladungsdialog hat den Haken für "zweistufiges Kennwortverfahren" bei Fehleingaben im Anschluss vergessen (musste nochmal geklickt werden). Behoben.
• Fix: Problem mit leeren regify Mails behoben (online erstellt), wenn man schnell hintereinander den Erstellen-Dialog öffnet (alte rgf wurde dann vor dem Versand gelöscht).
• Neu: Ablage der rgf-Dateien in extra Unterverzeichnissen.
• Fix: Einladungsdialog-Problem mit ; (semicolon) im Freitext behoben (wird durch : ersetzt)
• Fix: An vielen Stellen wurde die Unterstützung von Sonderzeichen verbessert.
• Fix: Registrierungsseite hat nun einen "Startseite"-Button um zurückzukehren.

CSS Aktualisierung:

• neu: tableUserChoice
• neu: input[type=button] und input[type=submit] bekommen "cursor: pointer;"
• neu: a und a.small erhalten "cursor: pointer;"
• neu: OkDialog
• neu: listsecond hat weissen Hintergrund
• verändert: BrownBox (padding-bottom)
• removed: tableBoxText
• removed: div.MembershipBox

configuration.php:

• neu: define('SETPREMIUMANYTIME', TRUE);
• neu: define('IDSPATH', "");
• neu: define('IDSTRESHOLD', TRUE);
• neu: define('EMERGENCYURL', "");
• neu: define('SHOPCURRENCY', "EUR");
• neu: define('CUSTOMSHOP', FALSE);
• neu: define('ORDERPAGEUSER', "");
• neu: define('ORDERPAGEADMIN', "");
• neu: define('USERPASSWORDLENGTH', 8);
• neu: define('USERPASSWORDLENGTHTWOSTEP', 12);
• neu: define('INVITATIONAUTHTOLEVEL', 0);
• neu: define('INVITATIONAUTHONLYSDK', TRUE);
• neu: define('AUTHTRANSMITURL', $url);
• neu: define('AUTHTRANSMITURLGOODRESULT', "100");
• neu: include_once("funcForm.php"); nach funcGadget.php
• neu: $AdminRoles[]
• entfernen: AUTHALLOWPERSON
• entfernen: DEFAULTAUTHENTICATIONSTYLE