Difference between revisions of "Changelog Provider"

From regify WIKI
Jump to navigation Jump to search
 
(336 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
== Information ==
 
== Information ==
  
Only the last few changelogs are available here for reference. Some older changelogs ( < V2.7.2 ) are currently '''only available in german'''.
+
This are the official changelogs for the regify provider software appliance.
  
 +
== Update 2024 V5.3.4 (announcement) ==
 +
Patch release announcement
  
== Upcoming and planned features ==
+
* Fix: Enhance group management function 'remove user from group' to reduce confusion with account deletions.
 +
** Renamed into 'take from group'.
 +
** Changed icon to not look like deletion.
 +
** Added a note to tell group admins that this will not delete the regify account.
 +
* Fix: In maintenance mode, usage of the portal was not disabled if already logged in (not really an issue, just wrong).
 +
* Fix: In maintenance mode, captcha generation is stopped.
 +
* Fix: regigate administration dialogue is now waiting up to 5 minutes for new IP addresses update and shows loader animation on button, preventing multiple clicks.
 +
* Fix: Fixing regibox invitations not received if receiver domain has restrictive DMARC headers.
 +
* Fix: Fix reply-to name for regimails written online in web portal (used senders email instead of name).
 +
* Fix: Eliminated random error messages like "Had to correct corrupt count -1 record for box..." in error log.
 +
* Fix: Eliminated random error messages like "ERROR: Missing or invalid language-code for template [box_invit_success]..." in error log.
 +
* Fix: Fixed API function ''mailcheckassignment'' returning wrong answer if user is not registered at same provider.
 +
* Int: Enhanced captcha function.
  
* download the regibill validation report as PDF document.
+
== Update 20. February 2024 V5.3.1 ==
* every subprovider gets his own payment and shop options (incl. PayPal).
+
Patch release
* support for PLS service (makes users initial client installation much more easy).
 
* favicon will be customizable for each subprovider.
 
* unlock codes will be sent in blocks of four (more easy to read and enter).
 
* full customizing file synchronisation in clustered setups.
 
* new maintenance dialog with new options in administration.
 
* all users having a sales-id field, too (free to enter anything).
 
* login will be possible with e-mail address instead of username, too.
 
* individual report-code in free intervals for professional services.
 
* internal optimizations on cryptography.
 
  
 +
* New: Display a helpful error message if a password reset was requested by a non-activated account.
 +
* New: Show assigned coupon code in user data administration dialog (system admins only).
 +
* Fix: Sometimes the "send me a copy" function in online regimail writing did not work.
 +
* Fix: No error was shown if an invalid coupon code was entered during registration (it was simply ignored).
 +
* Fix: Enhanced information and handling if > 25 regimails/day were sent using portal.
 +
* Fix: Enhanced error message if monthly regimail limit was reached.
 +
* Fix: List of uploaded documents (regipay plus) showed a navigation area with no function. Removed.
 +
* Fix: Fix error log entries occuring after a user deleted his account (PHP Warning: Illegal string offset 'USERID').
 +
* Fix: Fix error log entries occuring after the administration pages are called with double slash (eg while pentesting).
 +
* Fix: Saving data of non activated users in user data administration dialog sometimes triggered error about email address and phone number.
 +
* Fix: Sometimes regibox went to maintenance mode after the appliance menu regibox options were opened and closed without saving.
 +
* Fix: New or changed regigate IP addresses (for whitelisting) were not updated.
 +
* Fix: Triggering a manual backup from admin GUI did not work.
 +
* Sec: Updated OpenSSH packages and supported algorithms to protect against Terrapin SSH issue (CVE-2023-48795).
 +
* Sec: Set PostFix config variables to protect from SMTP smuggling (CVE-2023-51764).
 +
* Int: The PENTEST flag also disables captcha validation for more easy testing.
 +
* Int: Adding CORS headers to apache configuration.
  
== Update 11. May 2012 V3.2.4 ==
+
== Update 20. April 2023 V5.3 ==
 +
Major release
  
Bugfix release
+
This is not only a release with a lot of new functions and updated user interface, it is also a cleanup and modernizing release.
* fixed problem signing executables using a proxy server.
 
* added PLS support (provider lookup service).
 
* added more debugging options to web-calls (cURL).
 
* fixed httpd autostart problem on appliance restart.
 
* updated apache and mod_ssl to CentOS release version httpd-2.2.15-15 and mod_ssl-2.2.15-15.
 
  
 +
* New: Completely new designed end-user interface.
 +
** Modern graphical user interface.
 +
** Responsive for PC, tablet and mobile usage.
 +
** Enhanced top navigation with a new navigation structure, respecting the experience of the last years.
 +
** Easily customizable in corporate identity color and with your company logo.
 +
** Redesigned for better usability and accessability.
 +
** Hiding any unavailable options from the user to avoid confusion.
 +
** Reduced many dialogs to the mandatory fields.
 +
** Added expert mode to hide beginner notes and enable some more pro functions.
 +
** Users getting warned if they use an old webbrowser (IE, old Opera, old Firefox, old Safari etc).
 +
* New: Enhanced performance compared to regify provider 5.2.0 login page
 +
** Page loads 26% faster (2.3 sec -> 1.5 sec).
 +
** Page loads 61% less content bytes (551KB -> 213KB).
 +
** Page does 45% less requests (36 -> 20).
 +
* New: Re-designed regimail shop system for single users and group administrators.
 +
** Faster and more easy to understand. Follows current EU regulations.
 +
** More simple, offers always 1 and 2 years of regimail professional.
 +
** More transparent communication about prices and offer.
 +
** Prices and VAT are now entered in (sub)provider configuration (by (sub)provider administrators).
 +
* New: Enhanced online reading and writing (incl. reading regipay).
 +
** Much better handling of attachments and enhanced drag&drop and file selection.
 +
** There is no longer a fallback mode for very old webbrowsers like IE and old Safari. People must use an up to date webbrowser.
 +
** Internally now using [https://en.wikipedia.org/wiki/WebAssembly WASM] code to be faster and more secure.
 +
** New online regimail writing limits. Single attachments max. 8MB and 32MB for the whole regimail.
 +
* New: Support for [https://www.regify.com/?PageID=portfolio-regipay-plus regipay ''Plus''] online document access.
 +
* New: regibill validation dialog is enhanced and offers better drag&drop usage.
 +
* New: Enhanced group management dialogs (group admin).
 +
** Offers an extra page for Excel upload invitations.
 +
** Function to take former invited people back into your group.
 +
** Cleanup dialogs and remove popup windows.
 +
* New: User administration using normal/bold font instead of red/black color to indicate regimail private/professional.
 +
* New: Added [https://www.regify.com/index.php?PageID=portfolio-regipay-plus regipay ''Plus''] support to regify protocol (for use in client apps).
 +
* New: Dialogs using Captcha now rendering faster (registration, pwd-reset).
 +
* New: New ''qa.php'' page to give QA and support a quick overview about provider configuration.
 +
* New: New pentest mode, making pentesting more easy by deactivating specific security functions (PENTEST config option).
 +
* Rem: Removed (sub)provider flags ''A, C, D, E, F, H, K, L, P, S, V, X, 3, 4, 7'' due to minimal use.
 +
** See [https://manuals.regify.com/docs/provider/5.2/provider_documentation/#_sub_provider_menu_flags provider 5.2 docs] for menu flags reference.
 +
** They all now use the common default behavior or affected functionality does no longer exist.
 +
* Rem: Removed unused or redundant user data fields.
 +
** Removed users bank data information dialogs.
 +
*** Dropping tables ''tblbankaccounts'', ''tblaccounting''.
 +
** Hiding newsletter checkbox in account dialog.
 +
** Affects both user and admin dialogs.
 +
* Rem: Removed invoicing export function.
 +
** Removed internal processing of a user bank account.
 +
** Removed payments export in administration.
 +
** Removed admin options to manage internal users bank account.
 +
** Droping table ''tblexport''.
 +
** Removed DEBITSTATECHECK, RENEWALPERIODOFNOTICE and INVOICINGINTERVAL config options.
 +
* Rem: Removed functionality that tried to point you to most used page after login.
 +
** Generally, after login, all user logins start in account overview.
 +
** Users in a regipay group with available documents start in ''available documents'' view.
 +
* Rem: Removed membership advertisement pages in portal.
 +
* Rem: Shop system cleanup.
 +
** Removed option to buy for other people.
 +
** Removed ''customShop'' option for shopping pages.
 +
** Removed options to customize shopping form. Instead, we offer the most common fields by default.
 +
* Rem: Password reset dialog offers no auto-generate any more.
 +
* Rem: Displaying the password does no longer offer a print dialog (eg after registration).
 +
** Instead, we recommend users to use a password manager application.
 +
* Rem: Invitations using the portal do no longer allow to edit/change the user name as the inviting user.
 +
* Rem: Group management cleanup.
 +
** Removed "pull user into group" function.
 +
** Removed extra "invite user to group" function (standard invite now works like that).
 +
* Int: Removed the following configuration options:
 +
** PDFENABLED (now always enabled).
 +
** PREVENTREALSENDERADDRESS (now always preventing real sending address).
 +
** MTA_ADDS_CRLF (always use default).
 +
** DOCUMENTATION_DOWNLOAD_INFO_FILE (all documentation is now online).
 +
** DEBUGSLEEP (replaced by PENTEST option).
 +
* Int: Activated HTTP protocol compression for ''.js'', ''.css'' and ''.wasm'' file types.
 +
* Int: Webserver is now sending a ''Content-Security-Policy'' header to increase security.
 +
* Int: Removed all internal ''connector'' functionality.
 +
** This was no longer used since 2008 and therefore was removed from code and testing.
 +
* Int: Updated all appliance packages to most recent distribution version.
 +
* Int: Set all provider cookies ''SameSite'' attribute to ''Lax''.
 +
* Fix: Fixed filename issues downloading ZIP of regibox shares.
 +
* Fix: Fix issues in user import tool (error: missing CHATALLOWEDUNTIL).
 +
* Fix: Remove serving no longer needed ''/icons/'' folder.
  
== Update 01. March 2012 V3.2.3 ==
+
== Update 20. April 2022 V5.2 ==
 +
Major release
 +
* New: We are discontinuing ''regichat''. Due to this, all ''regichat'' references were removed from the regify provider completely.
 +
** Removed all CHAT_*, all REGICHAT_*, CHECK_HISTORY_INTERVAL and CHECK_IF_REGICHAT_LOADED_INTERVAL constants.
 +
** Removed all regichat related email templates.
 +
** Sub-provider menu flags "Q", "R" have been removed.
 +
* New: For German users, the term "regify-Provider" is now renamed to "regify-Anbieter".
 +
* New: Enhanced optics for GUI tabs to be better recognizable as tabs.
 +
* New: Many icons and images were replaced with better resolution versions or a font icon.
 +
* New: Some unused options were removed from personal information dialog (username field, a header).
 +
* New: Enhanced several sentences and their translations to be better understandable.
 +
* New: Group administration dialog now has a refresh button (update members status).
 +
* New: Group administration dialog is hiding useless options in case the group is a regipay group.
 +
* New: Invitation dialog now has a refresh button (update invitations status).
 +
* New: Shop order notifies provider by email about a new order. Now, the email also contains json with order details, allowing automated processing.
 +
* New: Provider-SDK ''userinvite'' function supports new parameter ''g'' (to auto-group invited user).
 +
* New: Provider-SDK got a new error code (36).
 +
* New: Provider administration pages...
 +
** The complete look and feel was updated. The interface scales to any screen size (better on 4K monitors).
 +
** Most dialogs are no longer opening popup windows. Instead, dialogs running inside.
 +
** Log viewer search is now also offering an end time.
 +
** Group deletion dialog offers to also delete the contained users.
 +
** Main page shows a warning if appliance websocket server is not running.
 +
** Main page notifies with blinking red flag about new orders and authentication requests.
 +
** Enhanced display of logfile content in administration main page.
 +
** Status display on administration main page updates every 5 seconds (no need for reload).
 +
** Documentation and help option now pointing to new help portal at manuals.regify.com.
 +
*** Removed DOCUMENTATION_DOWNLOAD_INFO_FILE constant.
 +
* New: Default "Admin" account is no longer allowed to log-in to the end user portal.
 +
* New: Sub-provider menu flags "5" and "6" have been removed (no longer needed).
 +
* New: Removed CK-Software shop option in sub-provider administration.
 +
* New: The activation email default templates have been enhanced (simplified, better colors for activation link).
 +
* Int: Removed option RENEWALPERIODOFNOTICE constant (was unused).
 +
* Int: Removed the options to limit mass sendings.
 +
** Removed SERVICEPRIORITY_REGIMAIL, SERVICEPRIORITY_REGIBILL, SERVICEPRIORITY_REGIPAY constants.
 +
** No further speed limit for mass sendings.
 +
* Int: Optimized storage and handling of users list of regiboxes.
 +
** Gaining better performance on installations with many regiboxes (with regibox manager 2.1).
 +
** Extended regibox protocol API for the new list form (with regibox manager 2.1).
 +
* Int: If regibox storage is exceeded:
 +
** regibox managers will no longer show notifiers for that case.
 +
** Instead, the 'owner' and 'causing user' will get informed by email (maximum once a day).
 +
* Int: Optimized output of portal reference URLs (no absolute pathes anymore).
 +
* Int: Switched regify clearing domains from ''regify.clearing.lu'' to ''clear-center.eu''.
 +
* Int: Removed provider setting MTA_ADDS_CRLF (no longer needed).
 +
* Int: Preventing too many SMS for password reset (max 3/day) and re-sending unlock code (max 2/day) per user.
 +
* Int: SMS url replacement is now supporting [e] parameter for check if text encoding is GSM 03.38 compatible.
 +
* Int: Added more protection against stupid antivirus scanners accepting or canceling invitations automatically. Same for PWD reset and self registration.
 +
* Int: Monthly reports now generated on the first day of a month, two minutes after midnight.
 +
* Int: Monthly reports are now also generated, if the system was offline on first day of a month around midnight (even days later).
 +
* Int: System is better protected against DOS attacks in Captcha generation.
 +
* Int: First and lastnames are allowed to be one character only.
 +
* Fix: Do not allow email address removal if the email address is vital for an existing regibox.
 +
* Fix: Better handling if the password of a user was reset by a database cleanup of the password field (eg after forcing users to generate a new password).
 +
* Fix: Fixed issues in reporting Excel invitation list errors.
 +
* Fix: Fixed accidential dot (.) in sender name for SMS sending in some cases.
 +
* Fix: Forward after timed out administration session forwarded to portal login instead of admin login.
 +
* Fix: Captchas were sometimes hard to solve. Now, the algorithm is producing better readable captchas.
 +
* Fix: PDF transaction list export for regibox invitations incorrectly mentioned creation entries as well (red).
 +
* Fix: regibox share ZIP download displaying some "please wait" until download starts (prevent irritation if compression needs some time).
 +
* Fix: If new users are created manually in web administration, dialog did not remember the mode if values were missing.
 +
* Fix: Appliance complained SSL certs that last longer than 390 days. Now it only complains if they last longer than 398 days.
 +
* Fix: Fixed database error 'Error in accept: Too many open files' on heavy load.
 +
* Fix: Fixing several security related issues.
 +
* Fix: Fixing CVE-2018-25032 (zlib compression vulnerability).
  
Bugfix release
+
== Update 03. November 2020 V5.1.2 ==
* fixing invitation calls using internal proxy.
+
Patch release
* fixing missing re-send dialog for users authenticated using text messages (sms).
+
* New: Showing provider logo also on mobile devices.
* fixing problems with PayPal accounts and adding more detailed PayPal information to order.
+
* New: Enhanced downloads page by enhancing update.json parsing.
* fixed occasional problem receiving regify_default_message.html on systems with subproviders.
+
** Supporting a "hide" attribute to allow regify to hide products and versions from here.
 +
** Supporting "link" attribute to present an informational link instead of binary download.
 +
** Always showing links for other OS (no longer hidden below).
 +
* Fix: In some configurations, the shop button in account overview is broken.
 +
** Note: Shop button in "Communication" -> "Shop" and other locations were still working.
 +
* Fix: Manage user dialog in administration does not show non-activated users by default (tick "Show only not activated users" to see them until you updated).
 +
* Fix: Fixed message about to much invitations for group administrators in some cases.
 +
* Fix: Better handling invalid date values for group administration.
 +
* Fix: Adding and deleting sub-providers was impossible since 5.1.0.
 +
* Int: Added "short" mode for regibox share protocol. Also added "protected" and "fileCnt" values for possible future use.
 +
* Int: Added DOS protection for ZIP download in regibox shares.
  
 +
== Update 21. September 2020 V5.1 ==
 +
Major Release
  
== Update 20. December 2011 V3.2.1 (Public since 01. Feb. 2012) ==
+
'''End user related:'''
 +
* New: Add ''regipay'' mode to groups.  
 +
** Users in such group get a restricted portal interface, optimized for payslip readers.
 +
** Users in such group get a hint where to find the payslips.
 +
** There is a new and optimized email template for invitations into such group (''invite_pay'' template).
 +
* New: regibox share is now better formatted and offers download as ZIP file.
 +
* New: The captchas for registration and password reset are updated.
 +
** More secure (using SVG, rotation, using timing check).
 +
** Better compatible with mobile devices (automatic resizing).
 +
* New: There is only one regify account invitation allowed if the user never sent a regimail before (except of group admins).
 +
* New: Activate "new device" notifier by default. Use better GeoIP service and template.
 +
* New: Added Chinese country names in dropdown country selections.
  
=== in Short: ===
+
'''Administrator related:'''
 +
* New: Added showing users statistics to ''hotline'' admin role.
 +
* New: Admin ''user list'' export now also includes invitation information.
 +
* New: Renamed "negotiator" columns in admin exports to "coupon code id".
 +
* New: Optional monthly provider report email is re-organized and contains some helping comments (REPORTCOPYADDRESS).
 +
* New: Provider billing documentation was enhanced by adding a "coupon code"s chapter and other updated information.
 +
* New: If admin installs an SSL certificate which lasts longer than 398 days, he gets a warning.
 +
* New: Appliance diagnostics also checks for working websocket connections from outside (regibox).
 +
* Fix: Replaced ''CodeMirror'' with ''ACE code editor'' component. Fixing flicker and jumping issues.
 +
* Fix: Export for regibox billing also listed users which registered after export period (numbers all zero, so no real issue).
 +
* Fix: Fix issues with authentication dialog not working (5.0.9 issue).
 +
* Info: We have tipps for [[SSH_Monitoring_with_Zabbix|monitoring with ZABBIX]].
 +
* API: The provider API function ''maildelete'' was enhanced for multiple addresses and corresponding documentation was clarified.
  
* complete '''regibill''' and '''regipay''' integration.
+
'''Internal:'''
* Support for '''regimail private''' feature.
+
* Sec: Disable support for TLS1.1. Now, TLS1.2 is the standard protocol. Note: TLS1.3 will not be supported in 5.1 versions.
* Re-send unlock-code by SMS initiated by the user itself.
+
* Int: Allow file replication in maintenance mode to fix issues removing maintenance mode in cross-master setups.
* Automatically signs regify-client setups (signed files for download by users).
+
* Int: Switch default regify SMS gateway to a new vendor (normally, no interaction needed).
 +
* Int: Ensure no email addresses removed from account if its registered as regibox owner (member has to confirm explicitely).
 +
* Int: Underlying OS updated to most recent patch versions.
 +
* Int: Removed config values REGIMAILPRIVATE and REGIMAILFLAT (were not used in the past).
 +
* Int: Removed "SelfAdmin", "RegimailPrivateDefined" and "RegimailFlatDefined" from monthly report.
 +
* Int: Remove all ALSO and AppDirect related code (cleanup).
 +
* Int: Removed the concept of "community" and "corporate" providers. Technically, everything is community now.
 +
** Meaning that there are no "deleted" users any more. Administration no longer offers search for deleted users.
 +
** Provider-SDK does no longer support UserType=91.
  
=== Details: ===
+
== Update 16. June 2020 V5.0.9 ==
 +
Patch release
 +
* New: Increased maximum number of representatives to 25 (former 5).
 +
* New: Self registration dialog now utilizing a captcha to prevent robots from registering or abusing the system.
 +
* Fix: Added missing log entries if a user was removed from a group by the group admin.
 +
* Fix: Fix broken ''Enforced Attachment'' links in Gateway protocol (regigate).
 +
* Fix: For regibox manager V2, push notifications were missing if user accepted regibox invitation or boxes with no content were deleted.
 +
* Sec: Prevent ''HTTP host header attacks'' (no working attack known for previous provider versions).
 +
* Sec: Set new ''HTTP Strict-Transport-Security'' value max-age to be one year (previously 1/2 year).
 +
* Int: Now supporting ''recipientsHash'' value in provider protocol (newTransaction) to allow more than 5 representatives (client needs to support this, too).
  
New features:
+
== Update 20. February 2020 V4.1.6 ==
* Enhanced guidance for users who recently have authenticated.
+
Patch release for very outdated regify providers still on version 4
* Enhanced setup-wizard (after installation).
+
* Int: Just fixing compatibility with regify Client V4.4 as an temporary help.
* Enhanced customization dialog in administration.
 
** allows editing of all customization files in administration portal (browser).
 
** supports syntax highlighting for PHP, HTML, CSS and JavaScript.
 
** allows management of customized images.
 
* Better recognizable membership-state icons.
 
* Enhanced CSS design and more elements that allow CSS style options.
 
* New subprovider option to force SSL URLS even if ONLY_HTTPS is false (Loadbalancer).
 
* If a group-admin resets passwords, they are now sent using SMS, too.
 
  
Internals:
+
== Update 20. January 2020 V5.0.8 ==
* Updated handling of files in STYLE folder ('_' marks manipulated data, others remnain default).
+
Patch release
* Added customization dialog to subprovider admin role.
+
* New: Administration log viewer allows searching in comments.
* Better styled Download-page (with Operating-System icons).
+
* New: Also allow password reset initiated from group administrator without knowing the mobile number.
* User-Administration shows users counters (regimail, regipay, regibill).
+
* Fix: Fixed online reading error "TOTAL_SIZE" if RGF file was bigger than 15 MB.
* Removed cookie usage for regify.php (affects only Client-SDK connections).
+
* Internal: For new backup/restore and SSL offloader scenarios, the system now supports using only IP instead of domain for the main provider.
* Switched regifycmd to most recent version (incl. SDK).
 
* Enhanced Debug-Options for the portal.
 
* Removed GMTDIFFERENCE setting by replacing it with some automation (server timezone).
 
* Fix: Fixed bug with UTC-0 time in Identity-File.
 
* Fix: Fixed JavaScript bug in JS/jsDialogs.js that occured on IE only.
 
* Fix: Fixed problem while login with username containing + or &.
 
* Fix: Fixed IDS problems with false positives on online writing regify messages.
 
* Fix: Fixed e-mail line feed madness by adding optional MTA_ADDS_CRLF switch.
 
* Fix: Fixed some issues while online sending regimail messages on redundant systems.
 
  
Appliance:
+
== Update 06. November 2019 V5.0.7 ==
* Added configuration of NTP server.
+
Patch release
* Enhanced hints for SSL certificate import.
+
* New: regibox manager with version less than [[Changelog_Regibox|version 1.5.2]] are no longer allowed (will trigger error 4 in old regibox managers).
* Better "View Database Status" dialog.
+
* Fix: Transaction counter for regify report sometimes returned numbers of previous month for overall transactions statistics.
* Enhanced handling of user-manipulated files in STYLE folder.
+
** Please note that this counter is not relevant for any calculation of any cost. It is just statistical information.
* Supports automatic updates with updates.regify.com.
+
* Fix: Database based file replication (master-slave or master-master) does no longer stop in maintenance mode to prevent issues coming back from maintenance.
* Fix: changing provider servername in SSL mode breaks apache config.
+
* Fix: Prevent changing users regibox settings if regibox is not configured at all (web administration only).
* Fix: After failure of SSL certificate import, the SSH session crashed.
+
* Fix: Fixed rare issue with websocket server hanging (100% CPU).
 +
* Internal: Enhanced options for customizing "Downloads" page image (for better compatibility).
 +
* Internal: regibox protocol handler now supporting metaData field (for managing special permissions of upcoming regibox manager V2).
 +
* Internal: Hosts-file entry for clearing DNS now updated from pkgs.regify.com (previously it was pls1.regify.com).
  
 +
== Update 24. May 2019 V5.0.6 ==
 +
Patch release
 +
* Fix: Fixed problems in admin dialog for user creation if given email address contained leading or trailing spaces.
 +
* Fix: Decreased default limitation of Provider-SDK function ''gettransactionlist'' to 10.000 hits per request to avoid server side high memory consumption.
 +
* Fix: Enhanced error messages in regigate connector protocol if retrieving message key(s) fails.
 +
* Fix: Fixed some optical issue in signing regigate certificates dialog.
 +
* Internal: System now observes the expiration date of the regigate signing certificate. In case it runs out, it is getting re-signed automatically.
 +
* Internal: Some changes regarding new regibox file sharing protocol (beta, only for future regibox versions).
  
== Update 12. September 2011 V3.0.1 ==
+
== Update 20. March 2019 V5.0.5 ==
 +
Patch release
 +
* New: We removed support for TLSv1.0 due to security concerns.
 +
* New: Added GDPR compliant data download option to HELP AND FAQ page.
 +
* New: Added start time field to admin log search dialog. Enhanced date and time fields with new HTML5 types.
 +
* New: Added some extra security layer to some download functions.
 +
* New: Added functions for new regibox file sharing protocol (beta, only for future regibox versions).
 +
* Fix: Fixed issues while inviting new users to an already running regichat session.
 +
* Fix: In some circumstances, the provider sent regimail reminders to regibox owners after 3 days.
 +
* Fix: Tweaked some WebSocket parameters for better scaling with many regibox users.
 +
* Fix: Enhanced "online reading" help sentences.
 +
* Fix: Setup assistant did not correctly initialize Chinese templates.
 +
* Fix: Enhanced error message if cookies missing while password reset.
 +
* Fix: Footer code template needed some update.
 +
* Fix: Mobile country code field was partially hidden on small screens during sign-up.
  
=== in Short: ===
+
== Update 09. October 2018 V5.0.2 ==
 +
Patch release
 +
* New: Increased the number of allowed transactions in a regimail professional account from 350 to 500.
 +
* New: Forward group admins with regipay capability to the group invitation dialog even if they click the ordinary invitation button.
 +
* Fix: Reducing high CPU load on the appliance if a lot of regiboxes are synchronized with regibox managers pre V1.5.
 +
* Fix: Cron jobs did not respect proxy settings.
 +
* Fix: Prevent regibox advertising showing if no shop order mail address is set in administration.
  
* regibill and regipay integration
+
== Update 16. August 2018 V5.0.1 ==
* supporting french as additional language
+
Patch release
* comprehensive SMS support (registering, invitations etc.)
+
* New: Added some additional sanity check if someone edits provider main configuration file (complain about text outside of PHP tags).
* enhanced and more clear login dialog
+
* Fix: Enhanced error message if appliance internally triggers error 58 or error 59 (connectivity issues).
* many dialogs have been enhanced (user and administration)
+
* Fix: Mention prices "incl VAT" in regify (sub)provider settings.
* extended CSS support for more customizing possibilities
+
* Fix: Fixed bug causing an error in authentication dialogue (if authentication was denied and comment was used).
* supporting the regify Android app (free of charge in Google Market)
+
* Fix: Fixed and updated list of used components and license information on admin login page.
* delivery of the new regify-Client V3.7
+
* Fix: Fixed some issue in WebSocket connection protocol for upcoming regibox V1.5 release.
** AddIn for Thunderbird supporting V4 to V7
+
* Fix: Fixed issue that potentially prevented restart of WebSocket server after appliance update.
** enhanced Outlook AddIn (save unencrypted copy while sending)
+
* Fix: Fixed some issue in provider setup-wizard after fresh appliance install (invalid session, need login).
** better Proxy-Server support
+
* Fix: No longer displaying regibox creation entry in "regibox invitations" list (may confuse people).
** answer directly using Lotus Notes (Windows)
 
  
=== Details: ===
+
== Update 9. July 2018 V5.0.0 ==
 +
This is a major release containing many new functions and also breaking some compatibility. For update information, please visit [[Update_5.0]].
  
new Features:
+
End user related:
* System manages bank-account for every user including direct debit authority checkbox.
+
*New: Added '''Chinese language support''' (both user interface and admin interface).
* System allows to manage regimail, regibill and regipay by transaction.
+
*New: '''New function "My devices"''' is showing you the devices you used for log-in.
* new Provider-SDK function mailcheckassignment to check, if an e-mail account is allready assigned to the service.
+
*New: Added '''cookie check''' to prevent users reporting issues if they simply have turned off cookies in their web-browser.
* new provider-protocol function getconfiguration returns a json array containing provider templates and other information.
+
*New: Group administrators can '''re-send an invitation''' email.
* Overworked login-dialog (includes regibill now).
+
*New: regify accounts are blocked for 10 minutes if someone tried to login with wrong password for more than 10 times.
* Writing invitations shows and ensures the maximum number of chars in free text.
+
*New: Account overview is offering some regibox advertising (only if provider supports regibox).
* Main-menu graphically shows the account-type (standard/premium) using a special icon.
+
*New: Account overview is showing group administrator name and contact information.
* AUTHTRANSMITURLGOODRESULT supports now RegularExpressions.
+
*New: All users (self registered or invited) will have to explicitly accept terms and conditions during account activation (required by new GDPR/DSGVO).
* optional function AuthTransNumberConvert() allows admins to prepare numbers before inserting to AUTHTRANSMITURL.
 
* regify provider now allows users to enter their mobile number and their international VAT code.
 
* Portal locks and highlights user-data fields that are not allowed to edit because of a valid authentication state.
 
* User choses his main-mailaddress from a dropdown-box now (reduces complexity for user).
 
* Register- and Invitation is now able to use SMS to send the password (AUTHTRANSMITURL needed).
 
* Added french as the third supported language (both portal and administration).
 
* Added PRINT option to "regibill standard" validation page.
 
  
Internal:
+
Admin user related:
* Administration Login shows licence information (regify and external components).
+
*New: '''Replaced many icons by font icons'''. Thus, you can edit the color and icon itself much more easy using CSS.
* Configuration has been split into two files (new configuration_default.php).
+
*New: Portal administrators can '''re-send an invitation or registration email'''.
* Monitoring now triggers a warning if there are mails stuck in the system (tblmailjobs).
+
*New: User management search also searches in additional email addresses.
* Switched sender and recipient auth-level check to clearing (keep old method for compatibility).
+
*New: Subprovider-Administrators can also edit their contact and support information now.
* Add "Protocol" parameter for regify-protocoll (to allow regibill and regipay).
+
*New: The (sub)provider is now able to choose the languages he likes to support. Others are not available for end users then.
* Client-Software update adds [SECURITY] and ProviderKey values automatically to customize.ini.
+
*New: Language flags are inserted using a simple function now. More easy to customize the footer.
* While MySQL database update, absolutely all tables and varchar fields are getting converted to UTF8.
+
*New: Administration entries regarding provider settings and customization have been re-arranged to be more clear.
* Administration of Invoices shows no "Payed" button if the price is zero.
+
*New: Direct access to users usage statistics and see last email log entries.
* Standard Buying-Dialog does not show price, if the price is zero.
+
*New: Provider maintenance dialog offers a SMS test function.
* Overworked design of steps and some other small graphics.
+
*New: Customizing now also allows SVG and TTF files upload (for uploading and hosting own fonts for [[Provider_customization#Use_a_custom_font|CSS usage]]).
* All Bubble-help functions now are encapsulated by a function (InsertBubbleHelp()).
 
* Some dialogs have been overworked to use tabs to get a more cleanup interface.
 
* Added automatic generation of REGIFY_TEMP.
 
* Added setting of session.save_path to configuration_default.php.
 
* some more elements are now using CSS class for display (changeable by provider).
 
* completely overworked file-handling in STYLE folders (_Filename for individual, others are defaults).
 
* added PhoneMobile and VATNumber field to users dialogs.
 
* the new phpAutoLogin.php allows fast and secure opening of pages from clients.  
 
* Enhanced language handling in some routines (BubbleHelp etc.).
 
* Fix: fixed some optical issues in the default CSS file.
 
* Fix: raised the needed Auth-Level for the provider-sdk funtion UserAuthenticate().
 
* Fix: Fixed QuickSearch in Grpup-Administration (accidentally searched in html, too).
 
* Fix: Fixed Tab-Script on IE8 (only working in Compatibility Mode).
 
* Fix: Fixed missing OK value of Provider-SDK function maildelete.
 
* Fix: Fixed problem with managing administration roles in subprovider management.
 
* Fix: Fixed wrong SENDERSNEEDAUTHLEVEL assignment in UserSetSettings function.
 
* Fix: Fixed "headers allready sent" php error, if the administration console is opened using http:// only.
 
* Fix: Fixed problem with wrong language in "new password" mails (accidentally used the admins language instead of user language)
 
* Fix: Fixed wrong template encoding (utf-8 / 7bit) and a small Quoted Printable issue.
 
  
 +
Generic:
 +
*New: Provider-SDK access is now restricted to given IP address(es) or ranges.
 +
*New: Custom SMS sending functionality (URl call) to allow more placeholders for various SMS text encoding (eg UTF16).
 +
*New: Terms and conditions page now offers a "print" button.
 +
*Fix: Transaction history export using PDF is now using a font that supports Chinese subjects, too.
 +
*Fix: Added support for Windows Phone to pay.php payslip download and on-line regimail reading.
 +
*Fix: Added more logging regarding user registration and account activation.
 +
*Fix: As usual, many sentences and template texts have been enhanced or corrected.
 +
*Fix: Email domain blacklist was not used for invitations using CSV/Excel upload.
 +
*Fix: The overall number of transactions in monthly report only counted opened transactions instead of all (not used for invoicing!).
 +
*Fix: Enhanced the invitation dialogue to better explain the usage of optional mobile number.
 +
*Fix: Excel and CSV import better trims leading and trailing spaces, does no longer complain about empty lines.
 +
*Fix: Fixed php syntax check in admin script dialogues (was somehow useless in provider 4.1).
 +
*Fix: Fixed password reset issue, introduced in pre-upgrade release 4.1.5.
 +
*Fix: Fixed issue where non activated additional email addresses were not automatically removed two days later.
  
== Update 01. March 2011 V2.8.0 ==
+
Security:
 +
* Hardened the appliance against several attack vectors.
 +
* Set Apache TraceEnable directive to "off" by default.
 +
* Enhanced SSL cipher suites to get even more security for SSL connections.
  
=== in Short: ===
+
Other:
 +
*Internal: Now supporting e-mail addresses using unicode domains (Punycode support).
 +
*Internal: Maximum number of group members is no longer fixed and can get adapted using MAX_GROUP_MEMBERS constant.
 +
*Internal: Provider-SDK now offers a new function called ''startchat'' and allows to run chats from scratch with no need of portal interaction.
 +
*Internal: Added web-socket server for providing push notifications to several products (eg regibox).
 +
*Internal: Enhanced CSS and JS provisioning on provider updates to make sure it loads new even if browser cache is active.
 +
*Internal: New getWebSession function in client protocol to replace older one in future regify client software.
 +
*Internal: Support script for user export/import now also supports transfer of grouping information.
 +
*Internal: Upgrade underlying operating system to CentOS 7.5 (also supporting SMBv2 for regibox and backup shares).
 +
*Internal: To prevent DNS issues with clearing (slow lookup sometimes), we added some auto-updated hosts file entries.
  
* Better Internet-Explorer compatibility of portal- and administration-dialogs.
 
* Enhanced help- and shop-dialogs.
 
* Enhanced administration-dialogs.
 
* Improved security.
 
* Prepared for Linux compatibility.
 
  
=== Details: ===
 
  
new Features:
+
== Previous Changelogs ==
* Online-reader (webinterface) shows authentication-state using the same images than the regify-client.
 
* Better Internet-Explorer compatibility of portal- and administration-dialogs.
 
* Enhanced help-dialog now showing phone-numbers for support.
 
* Enhanced shop-dialog(s) now showing phone-number for invoicing support.
 
* Download pages are containing documentation download, too (currently only german).
 
  
Administration:
+
You can find previous and outdated changelogs on a [[Changelog_Provider_History|separate changelog page]].
* Better displaying of admin-dialogs on small browser-windows.
 
* Main administration-menu shows information about stuck e-mails and allows fixing (re-send).
 
* Invoicing allows searching for all transactions of a person, in one click.
 
* The monthly status-mail now contains information about the number of premium-users that have registered in a given month. Additionally, this function shows the premium-state of these users after a year (only encoded in json encoded, machine-readable values).
 
* Unavailable administration-menu options are now greyed out for a better overview.
 
* User-management now shows inactivated users by default, too (yellow state and grey color).
 
 
 
Internal:
 
* Calculation of unlock-code is now customizable by the provider (type and length).
 
* Completely removed options to restart or relength reminder period of transactions.
 
* If phpMailJob.php recognizes a timeout (4 minutes), all available mails will increase the RETRYS column by 2. This avoids endless mails in case of a script error (if php canceles script).
 
* User-interface shows a warning image, if a user try's to use attachments greater than 5MB using the web-interface (send online by portal).
 
* Preloader-image for upload-information is now loaded directly on login page display.
 
* New option REGIFYDEFAULTIDENTITY to define the identity-file to use for online mailer.
 
* Possibility to use a java version of regifycmd. Upon this, a Linux version of the regify provider is possible now (this is the main reason to rise the minor build number to 8).
 
* Included Linux version of AppPack. This allows windows setup creation on Linux systems.
 
* Optimized some dialogs and language items to get a more provider-neutral context.
 
* The enforced document now include the hashcode to the filename. So it is impossible to download a document without knowing the document-id and his hashcode (prevent data-leakage).
 
* The online-viewer for regify-mails allows only non-critical tags to be displayed and filters script, iframe, object and other tags. The functionality of form- and input-tags still persist.
 
* Completely overworked the JavaScript handling and inclusions to reduce data traffic and site-speed.
 
* Renewed tooltip-help (new style and no need for a pre-defined div-container).
 
* Replaced all round ball icons with alpha-png versions (better displaying on different backgrounds).
 
* Replaced the step-images with png style blue button step-images.
 
* LastActivity flags is set for portal logins and direct invitations, too.
 
* The size of the download in both download-dialogs is now calculated and formated automatically.
 
* Fix: Fixed Provider-SDK problem with external invitations and invitiationer mailaddress as base64 encoded variable triggering ERROR 14.
 
* Fix: New members will not get a termination date at 23:59:59 but 00:00:00. As of this, now the first day counts as the first of the free days.
 
* Fix: Fixed some security issues on different locations.
 
 
 
 
 
== Update 23. November 2010 V2.7.4 ==
 
 
 
=== in Short: ===
 
 
 
* "forgot password" link on login page.
 
* Showing telephone numbers for technical and billing support.
 
* SDK support GROUP-MASTER flag (allowing group access for GROUP-MASTERS).
 
* Enhanced invoice-handling.
 
* Mailaddresses and usernames may get a length of 100 chars now.
 
 
 
=== Details: ===
 
 
 
new Features:
 
* "forgot password" link on login page (shows information about how to get a new one).
 
* portal may show hotline phone-number for technical and billing support.
 
 
 
Administration:
 
* Users can get the GROUP-MASTER flag. It enables manipulation of all group-members using the provider-sdk.
 
* Managing and handling of invoices has been enhanced. You now can display open, payed and cancelled invoices in one dialog.
 
* Invoices can get filtered by user-id.
 
* New user-search dialog in Group-Data administration and admin-roles administration.
 
* Sub-Provider dialog is extended with support phone numbers.
 
* Better naming in the authentication-dialog enhances understandability of authentication-state.
 
 
 
Internal:
 
* Provider-SDK respects new GROUP-MASTER flag, too. This affects the following functions: GroupGet, GroupGetUsers, GroupAddUser, GroupRemoveUser, UserChange, UserGet, UserNewPassword, MailAdd, MailGet and MailDelete.
 
* The Settings-Dialog is now visible to premium- and standard-users (previously only to premium members).
 
* Extended the maximum length for usernames to 100 chars (former 45).
 
* Extended the maximum length for mailaddresses to 100 chars (former 45).
 
* regify.php returns real name and main mailaddress as login-result, too (affects only internal regify-protocol).
 
* Fix: fixed premium-membership calculation (only if standard mailcount has changed).
 
* Fix: fixed case sensitive search using oracle in different administration-dialogs.
 
* Fix: fixed ignoration of DEFAULTTWOSTEPPROCEDURE flag in phpInvite.php
 
* Fix: fixed IDS false positives on Google analytics (__utm?) and IBM SingleSignOn (LtpaToken) cookies.
 
 
 
 
 
== Update 27. September 2010 V2.7.3 ==
 
 
 
=== in Short: ===
 
 
 
* better calculation of rest-time, if group-admin extends the group membership using shop.
 
* Administration allows grouping and ungrouping of users, too.
 
* Better compatibility of IDS with Google Analytics cookies and IBM LtpaToken.
 
* Portal supports optional HTTP proxy for external URL calls.
 
* SDK features now full transaction history access.
 
* SDK features now user authentication.
 
 
 
=== Details: ===
 
 
 
new Features:
 
* Special job to delete temporary user-data that is older than 10 Minutes (phpCleanUp.php). Please adapt Taskplaner or task_5min.cmd! This replaces the usage of delage32.exe (remove from task_daily.cmd).
 
* Invitation to foreign provider supports parameter [ia] (Invitationer Auth-Level) as placeholder for transmission of inviting-parameters to external provider.
 
* If a group-admin buys premium-membership for his group, and changes the max-account number, the system automatically compensates the rest-time together with the difference between the old number of accounts and the new one.
 
* Download-pages are showing the current regify-client version.
 
 
 
Administration:
 
* Administration allows grouping and ungrouping in user management dialog.
 
* Users with administrative privileges are not allowed to get deleted anymore.
 
* Administration prevents errors if an allready assigned address should get assigned to another user.
 
* Administration menu shows number of open authentication requests (blinks if > 0).
 
* Overworked administration-lists design (user styles for listfirst, listsecond)
 
* Fix: fixed a case-sensitivity problem with group user addition (only oracle)
 
* User-Administration shows number of hits.
 
* Administration-Dialog automatically switches to SSL url (in case it is only https:// and ONLY_HTTPS = TRUE).
 
   
 
Internal:
 
* IDS is adapted to work more tolerant on some special pages.
 
* Update PHPIDS from V0.6.3.1 to V0.6.4
 
* New Version of AppPack generates 48x48 regify icon using transparency for executable.
 
* EMERGENCYURL is only called if MAINTAINMODE is false (no SMS in manual maintenance-mode).
 
* Fix: Fixed wrong calculation of identity-hash (organisation has been missing).
 
* Support optional HTTP proxy for external URL calls (foreign provider invite, SMS calls etc.).
 
* QuickSearchField in Group-Administration (user-side) uses css-class now (additional class div.GroupQuickSearchField to regify.css).
 
* Added new functionality to register mailaddresses in clearing directly on activation. Currently, registration occurs automatically on first regify-usage. This may be to late and the provider now registers the address directly.
 
* SDK features now full transaction history access.
 
* SDK features now user authentication.
 
* phpLogin.php supports new hash-challenge login method for direct login (globe in client).
 
* Fix: fixed database insertion problem with message subjects longer than 100 chars (oracle).
 
* Fix: fixed problem with changing main mailaddress in user-administration (mailhash missing).
 
* Fix: fixed optical problems in PDF download of history with very long subjects.
 
* Fix: fixed a problem in SDK function userinvite, if the desired username is submitted, too.
 
* Fix: fixed a problem printing user-password in case of two step invitations.
 
* Final test and modifications for automatic update feature.
 
 
 
 
 
== Update 02. July 2010 V2.7.2 ==
 
new Features:
 
* PDF download of the complete transaction-history available.
 
* Complete rework of automatic update feature. In future the will be a ZIP file distributed, including all needed files and update_mysql.sql or update_oracle.sql. Now, this content is used for updating. Critical files will not get overwritten.
 
* Provider informs users and group-administrators about expiring premium-membership by e-mail. It is possible to define one or multiple intervalls to send such an expiration notification.
 
* Blacklist feature for invitations and registrations. The blacklist prevents registering of mailaddresses from such domains like trash-mail.com, spambog.ru, spamfree24.de and others.
 
 
 
Administration:
 
* User-Management shows a new column "group" that indicates the assigned group-id.
 
* Menu-Option "S" (downloads available) affects the download-link on the login-page, too.
 
* Removing a user from a group, and if that user has a longer premium-membership time as the assigned group, he will not get a standard-membership in that special case (only if SETPREMIUMANYTIME is FALSE).
 
* Fix: Viewer for phperror.log fixes wrong displaying of html tags (missing logout link).
 
 
 
Internal:
 
* new mail-template 20 (inform user about expiration of his premium-membership)
 
* Fix: fixed a settings-issue in connection to oracle databases.
 
 
 
 
 
== Update 24.May 2010 V2.7.1 ==
 
neue Features:
 
* Identity-Hash Verfahren implementiert (Clearing muss noch aktualisiert werden)
 
* Transaktions-History versteckt Doppel-Einträge, wenn der Kunde nicht die erweiterte Ansicht verwendet (vermindert Rückfragen)
 
 
 
Administration:
 
* Statistik zeigt die Grafiken nur noch über die letzten 24 Monate.
 
* Administration erlaubt nicht das hochsetzen des Transaktionslimits bei gruppierten Usern.
 
* Warnung, wenn Nutzerdaten von authentifizierten Nutzern verändert werden.
 
* Sicherheitsabfrage für "Authentifizierungsstatus zurücksetzen".
 
 
 
Internes:
 
* Neues User-Flag "I" für Benutzer, welche im SDK für eine Einladung einen speziellen User als Einlader angeben dürfen (benötigt also dafür keine Super-User Rechte).
 
* Gruppieren von Nutzern mit erhöhtem Transaktionslimit ist nicht mehr erlaubt.
 
* Authentifizierte Nutzer können Anschrift/Orga nicht mehr ändern.
 
* Mailjob löscht MailJob Lockdatei, wenn diese älter als 4 Minuten ist (Fallback).
 
* Fix: Fehler bei der Ausstellung von Identitätsdateien behoben (Angabe des AuthLevel fehlte).
 
* Fix: Fehler in der Anmeldeprozedur behoben (DATABASE: Error inserting with INSERT INTO tbluser SET USERTYPE=11...)
 
 
 
 
 
== Update 30. April 2010 V2.7.0 ==
 
neue Features:
 
* Unterstützung von Oracle als alternatives Datenbank-System zu MySQL.
 
* Benutzergruppen.
 
* Benutzergruppen mit eigener Gruppen-Administrator-Funktion.
 
* Intrusion Detection System PHPIDS wurde integriert (http://php-ids.org/)
 
* Einladungen können nun auch über Fremdprovider ausgesprochen werden.
 
* nicht innerhalb der Wiedervorlage geöffnete Transaktionen werden mit einem halben Punkt dargestellt (und grauem Text), wenn Sie im Anschluß doch geöffnet wurden.
 
* Das regify-Shopsystem ist nun in großen Teilen durch den Provider anpassbar. Die Unterstützung für eigene Shopsysteme und Anbindung weiterer Zahlungssysteme ist nun deutlich flexibler.
 
* Willkommensdialog nach Klick auf "Akzeptieren-Link" in den Mails ist neu gegliedert
 
** bessere Ansprache
 
** deutlichere Visualisierung zwischen lokaler Installation und Webnutzung
 
** Korrektur von Aussagen zum Setup-Assistent (startet nicht mehr autom. nach Setup)
 
* Authentifizierungsdialog wurde überarbeitet und kann nun individuell angepasst werden
 
* Wenn ein authentifizierter Nutzer eine Einladung ausspricht, so kann (optional) der eingeladene Nutzer direkt eine Authentifizierung erhalten (Net Of Trust).
 
* Offene Bestellungen können nochmals eingesehen werden (und nochmals in den Shop weiterleiten).
 
* Stellvertreter-Dialog zeigt nun einen erklärenden Informationstext.
 
 
 
SDK:
 
* SDK Funktion <inviteuser> kennt nun neue Parameter „invitation comment“, „personal message“, „username“, „invitationer full name“ und „invitationer organisation name“
 
* Fünf neue SDK Funtionen für vollständige Gruppenverwaltung hinzugefügt
 
* Neue SDK Funktion für "neues Kennwort zusenden" hinzugefügt
 
 
 
Administration:
 
* Administration erfolgt nun aufgrund von Administrations-Rollen.
 
* Konfigurationsdialog für Administrations-Rollen hinzugefügt (je Sub-Provider)
 
* Administration für Benutzergruppen und Domainlisten hinzugefügt
 
* Administration für Authentifizierung hinzugefügt
 
* Subprovider-Konfiguration optisch aufgeräumt und in ausklappbare Bereiche unterteilt
 
* Subprovider-Konfiguration erhielt eine Sicherheitsabfrage für "Subprovider löschen"
 
* Benutzerverwaltung bietet jetzt auch Sortierung nach "letzte Aktivität"
 
* Benutzerverwaltung kann User jetzt auch zu "Super-Usern" machen (für Provider-SDK)
 
* Konfiguration für Fremdprovider-Einladung hinzugefügt (je Sub-Provider)
 
* Der Statistik-Dialog wurde überarbeitet (übersichtlicher)
 
* Rechnungsverwaltung zeigt nun mehr Details (kompletter Bestelltext anzeigbar)
 
* Suche in Benutzern und Gruppen erkennt numerische Eingabe und sucht dann nach UserID
 
 
 
Internes:
 
* SDK unterstützt ein deutlich erweitertes "userinvite" (viel mehr Angaben)
 
* Umfangreiche SDK Funtionen zur Gruppenverwaltung
 
* Provider erlauben die Angabe von externen Einladungen an Fremdprovider
 
* der Provider versucht nun, die Clearing-Verbindung für eine User-Session konstant auf einem VPN-Kanal zu halten. Das ist Voraussetzung für den neuen Clearing-Betrieb.
 
* update.php enthält eine Option um den MySQL Master-Master Replikationsbetrieb vorzubereiten
 
* Subprovider können nun über STYLE/_LanguageShop.php auch eigene Shop-Sprachtexte angeben
 
* Die Monitoring-Option "type=monitoring" gibt nun OK, WARNING oder ERROR zurück. So kann besser zwischen kritischen und unkritischen Provider-Zuständen unterschieden werden.
 
* Das Maintenance-Failover wurde überarbeitet und wirkt nun besser auch mit einem Ausfall des CryptoServer.
 
* Wenn der Provider aufgrund eines Totalausfalles beim Clearing oder CryptoServer in den Maintenance-Modus geht, dann kann man jetzt eine URL aufrufen lassen (zB SMS-Versand).
 
* Der monatliche Statusreport an regify kann nun optional zusätzlich in Klartext an eine weitere Mailadresse versendet werden (zB Provider selbst).
 
* Die zu verwendenden Passwortlängen lassen sich nun Providerweit in der configuration.php definieren. Sprachtexte für zweistufige Anmeldung passen sich automatisch an.
 
* Menüseite der Nutzer zeigt Premium-Laufzeiten > 10 Jahre als *unbegrenzt*
 
* Die Session-ID wird bei jeder relevanten Aktion im Portal neu generiert (mehr Sicherheit).
 
* Der Administrationsdialog besteht nun ebenfalls auf SSL, wenn ONLY_HTTPS = TRUE gesetzt wurde.
 
* Verzögerung nach Fehl-Logins auf eine Zufallszeit zwischen 1 und 5 Sekunden geändert um Bruteforce-Angriffe deutlich zu erschweren (mehr Sicherheit).
 
* Nutzer, welche sich in der Community-Version löschten, werden 30 Tage danach endgültig aus der Datenbank gelöscht (ohne manuelles zutun).
 
* Fehlerhafte Logins (zB Benutzername/Passwort falsch) verursachen eine Zeitverzögerung von ein bis fünf Sekunden (Zufall). Dadurch werden Bruteforce-Angriffe wirkungsvoll gebremst.
 
* Template 11 erhielt die Anrede des Benutzers
 
* Template 12 erhielt einen Datum/Zeit Platzhalter.
 
* Fix: Einladungsdialog hat den Haken für "zweistufiges Kennwortverfahren" bei Fehleingaben im Anschluss vergessen (musste nochmal geklickt werden). Behoben.
 
* Fix: Problem mit leeren regify Mails behoben (online erstellt), wenn man schnell hintereinander den Erstellen-Dialog öffnet (alte rgf wurde dann vor dem Versand gelöscht).
 
* Neu: Ablage der rgf-Dateien in extra Unterverzeichnissen.
 
* Fix: Einladungsdialog-Problem mit ; (semicolon) im Freitext behoben (wird durch : ersetzt)
 
* Fix: An vielen Stellen wurde die Unterstützung von Sonderzeichen verbessert.
 
* Fix: Registrierungsseite hat nun einen "Startseite"-Button um zurückzukehren.
 
 
 
CSS Aktualisierung:
 
* neu: tableUserChoice
 
* neu: input[type=button] und input[type=submit] bekommen "cursor: pointer;"
 
* neu: a und a.small erhalten "cursor: pointer;"
 
* neu: OkDialog
 
* neu: listsecond hat weissen Hintergrund
 
* verändert: BrownBox (padding-bottom)
 
* removed: tableBoxText
 
* removed: div.MembershipBox
 
 
 
configuration.php:
 
* neu: define('SETPREMIUMANYTIME', TRUE);
 
* neu: define('IDSPATH', "");
 
* neu: define('IDSTRESHOLD', TRUE);
 
* neu: define('EMERGENCYURL', "");
 
* neu: define('SHOPCURRENCY', "EUR");
 
* neu: define('CUSTOMSHOP', FALSE);
 
* neu: define('ORDERPAGEUSER', "");
 
* neu: define('ORDERPAGEADMIN', "");
 
* neu: define('USERPASSWORDLENGTH', 8);
 
* neu: define('USERPASSWORDLENGTHTWOSTEP', 12);
 
* neu: define('INVITATIONAUTHTOLEVEL', 0);
 
* neu: define('INVITATIONAUTHONLYSDK', TRUE);
 
* neu: define('AUTHTRANSMITURL', $url);
 
* neu: define('AUTHTRANSMITURLGOODRESULT', "100");
 
* neu: include_once("funcForm.php"); nach funcGadget.php
 
* neu: $AdminRoles[]
 
* entfernen: AUTHALLOWPERSON
 
* entfernen: DEFAULTAUTHENTICATIONSTYLE
 

Latest revision as of 08:24, 12 August 2024

Information

This are the official changelogs for the regify provider software appliance.

Update 2024 V5.3.4 (announcement)

Patch release announcement

  • Fix: Enhance group management function 'remove user from group' to reduce confusion with account deletions.
    • Renamed into 'take from group'.
    • Changed icon to not look like deletion.
    • Added a note to tell group admins that this will not delete the regify account.
  • Fix: In maintenance mode, usage of the portal was not disabled if already logged in (not really an issue, just wrong).
  • Fix: In maintenance mode, captcha generation is stopped.
  • Fix: regigate administration dialogue is now waiting up to 5 minutes for new IP addresses update and shows loader animation on button, preventing multiple clicks.
  • Fix: Fixing regibox invitations not received if receiver domain has restrictive DMARC headers.
  • Fix: Fix reply-to name for regimails written online in web portal (used senders email instead of name).
  • Fix: Eliminated random error messages like "Had to correct corrupt count -1 record for box..." in error log.
  • Fix: Eliminated random error messages like "ERROR: Missing or invalid language-code for template [box_invit_success]..." in error log.
  • Fix: Fixed API function mailcheckassignment returning wrong answer if user is not registered at same provider.
  • Int: Enhanced captcha function.

Update 20. February 2024 V5.3.1

Patch release

  • New: Display a helpful error message if a password reset was requested by a non-activated account.
  • New: Show assigned coupon code in user data administration dialog (system admins only).
  • Fix: Sometimes the "send me a copy" function in online regimail writing did not work.
  • Fix: No error was shown if an invalid coupon code was entered during registration (it was simply ignored).
  • Fix: Enhanced information and handling if > 25 regimails/day were sent using portal.
  • Fix: Enhanced error message if monthly regimail limit was reached.
  • Fix: List of uploaded documents (regipay plus) showed a navigation area with no function. Removed.
  • Fix: Fix error log entries occuring after a user deleted his account (PHP Warning: Illegal string offset 'USERID').
  • Fix: Fix error log entries occuring after the administration pages are called with double slash (eg while pentesting).
  • Fix: Saving data of non activated users in user data administration dialog sometimes triggered error about email address and phone number.
  • Fix: Sometimes regibox went to maintenance mode after the appliance menu regibox options were opened and closed without saving.
  • Fix: New or changed regigate IP addresses (for whitelisting) were not updated.
  • Fix: Triggering a manual backup from admin GUI did not work.
  • Sec: Updated OpenSSH packages and supported algorithms to protect against Terrapin SSH issue (CVE-2023-48795).
  • Sec: Set PostFix config variables to protect from SMTP smuggling (CVE-2023-51764).
  • Int: The PENTEST flag also disables captcha validation for more easy testing.
  • Int: Adding CORS headers to apache configuration.

Update 20. April 2023 V5.3

Major release

This is not only a release with a lot of new functions and updated user interface, it is also a cleanup and modernizing release.

  • New: Completely new designed end-user interface.
    • Modern graphical user interface.
    • Responsive for PC, tablet and mobile usage.
    • Enhanced top navigation with a new navigation structure, respecting the experience of the last years.
    • Easily customizable in corporate identity color and with your company logo.
    • Redesigned for better usability and accessability.
    • Hiding any unavailable options from the user to avoid confusion.
    • Reduced many dialogs to the mandatory fields.
    • Added expert mode to hide beginner notes and enable some more pro functions.
    • Users getting warned if they use an old webbrowser (IE, old Opera, old Firefox, old Safari etc).
  • New: Enhanced performance compared to regify provider 5.2.0 login page
    • Page loads 26% faster (2.3 sec -> 1.5 sec).
    • Page loads 61% less content bytes (551KB -> 213KB).
    • Page does 45% less requests (36 -> 20).
  • New: Re-designed regimail shop system for single users and group administrators.
    • Faster and more easy to understand. Follows current EU regulations.
    • More simple, offers always 1 and 2 years of regimail professional.
    • More transparent communication about prices and offer.
    • Prices and VAT are now entered in (sub)provider configuration (by (sub)provider administrators).
  • New: Enhanced online reading and writing (incl. reading regipay).
    • Much better handling of attachments and enhanced drag&drop and file selection.
    • There is no longer a fallback mode for very old webbrowsers like IE and old Safari. People must use an up to date webbrowser.
    • Internally now using WASM code to be faster and more secure.
    • New online regimail writing limits. Single attachments max. 8MB and 32MB for the whole regimail.
  • New: Support for regipay Plus online document access.
  • New: regibill validation dialog is enhanced and offers better drag&drop usage.
  • New: Enhanced group management dialogs (group admin).
    • Offers an extra page for Excel upload invitations.
    • Function to take former invited people back into your group.
    • Cleanup dialogs and remove popup windows.
  • New: User administration using normal/bold font instead of red/black color to indicate regimail private/professional.
  • New: Added regipay Plus support to regify protocol (for use in client apps).
  • New: Dialogs using Captcha now rendering faster (registration, pwd-reset).
  • New: New qa.php page to give QA and support a quick overview about provider configuration.
  • New: New pentest mode, making pentesting more easy by deactivating specific security functions (PENTEST config option).
  • Rem: Removed (sub)provider flags A, C, D, E, F, H, K, L, P, S, V, X, 3, 4, 7 due to minimal use.
    • See provider 5.2 docs for menu flags reference.
    • They all now use the common default behavior or affected functionality does no longer exist.
  • Rem: Removed unused or redundant user data fields.
    • Removed users bank data information dialogs.
      • Dropping tables tblbankaccounts, tblaccounting.
    • Hiding newsletter checkbox in account dialog.
    • Affects both user and admin dialogs.
  • Rem: Removed invoicing export function.
    • Removed internal processing of a user bank account.
    • Removed payments export in administration.
    • Removed admin options to manage internal users bank account.
    • Droping table tblexport.
    • Removed DEBITSTATECHECK, RENEWALPERIODOFNOTICE and INVOICINGINTERVAL config options.
  • Rem: Removed functionality that tried to point you to most used page after login.
    • Generally, after login, all user logins start in account overview.
    • Users in a regipay group with available documents start in available documents view.
  • Rem: Removed membership advertisement pages in portal.
  • Rem: Shop system cleanup.
    • Removed option to buy for other people.
    • Removed customShop option for shopping pages.
    • Removed options to customize shopping form. Instead, we offer the most common fields by default.
  • Rem: Password reset dialog offers no auto-generate any more.
  • Rem: Displaying the password does no longer offer a print dialog (eg after registration).
    • Instead, we recommend users to use a password manager application.
  • Rem: Invitations using the portal do no longer allow to edit/change the user name as the inviting user.
  • Rem: Group management cleanup.
    • Removed "pull user into group" function.
    • Removed extra "invite user to group" function (standard invite now works like that).
  • Int: Removed the following configuration options:
    • PDFENABLED (now always enabled).
    • PREVENTREALSENDERADDRESS (now always preventing real sending address).
    • MTA_ADDS_CRLF (always use default).
    • DOCUMENTATION_DOWNLOAD_INFO_FILE (all documentation is now online).
    • DEBUGSLEEP (replaced by PENTEST option).
  • Int: Activated HTTP protocol compression for .js, .css and .wasm file types.
  • Int: Webserver is now sending a Content-Security-Policy header to increase security.
  • Int: Removed all internal connector functionality.
    • This was no longer used since 2008 and therefore was removed from code and testing.
  • Int: Updated all appliance packages to most recent distribution version.
  • Int: Set all provider cookies SameSite attribute to Lax.
  • Fix: Fixed filename issues downloading ZIP of regibox shares.
  • Fix: Fix issues in user import tool (error: missing CHATALLOWEDUNTIL).
  • Fix: Remove serving no longer needed /icons/ folder.

Update 20. April 2022 V5.2

Major release

  • New: We are discontinuing regichat. Due to this, all regichat references were removed from the regify provider completely.
    • Removed all CHAT_*, all REGICHAT_*, CHECK_HISTORY_INTERVAL and CHECK_IF_REGICHAT_LOADED_INTERVAL constants.
    • Removed all regichat related email templates.
    • Sub-provider menu flags "Q", "R" have been removed.
  • New: For German users, the term "regify-Provider" is now renamed to "regify-Anbieter".
  • New: Enhanced optics for GUI tabs to be better recognizable as tabs.
  • New: Many icons and images were replaced with better resolution versions or a font icon.
  • New: Some unused options were removed from personal information dialog (username field, a header).
  • New: Enhanced several sentences and their translations to be better understandable.
  • New: Group administration dialog now has a refresh button (update members status).
  • New: Group administration dialog is hiding useless options in case the group is a regipay group.
  • New: Invitation dialog now has a refresh button (update invitations status).
  • New: Shop order notifies provider by email about a new order. Now, the email also contains json with order details, allowing automated processing.
  • New: Provider-SDK userinvite function supports new parameter g (to auto-group invited user).
  • New: Provider-SDK got a new error code (36).
  • New: Provider administration pages...
    • The complete look and feel was updated. The interface scales to any screen size (better on 4K monitors).
    • Most dialogs are no longer opening popup windows. Instead, dialogs running inside.
    • Log viewer search is now also offering an end time.
    • Group deletion dialog offers to also delete the contained users.
    • Main page shows a warning if appliance websocket server is not running.
    • Main page notifies with blinking red flag about new orders and authentication requests.
    • Enhanced display of logfile content in administration main page.
    • Status display on administration main page updates every 5 seconds (no need for reload).
    • Documentation and help option now pointing to new help portal at manuals.regify.com.
      • Removed DOCUMENTATION_DOWNLOAD_INFO_FILE constant.
  • New: Default "Admin" account is no longer allowed to log-in to the end user portal.
  • New: Sub-provider menu flags "5" and "6" have been removed (no longer needed).
  • New: Removed CK-Software shop option in sub-provider administration.
  • New: The activation email default templates have been enhanced (simplified, better colors for activation link).
  • Int: Removed option RENEWALPERIODOFNOTICE constant (was unused).
  • Int: Removed the options to limit mass sendings.
    • Removed SERVICEPRIORITY_REGIMAIL, SERVICEPRIORITY_REGIBILL, SERVICEPRIORITY_REGIPAY constants.
    • No further speed limit for mass sendings.
  • Int: Optimized storage and handling of users list of regiboxes.
    • Gaining better performance on installations with many regiboxes (with regibox manager 2.1).
    • Extended regibox protocol API for the new list form (with regibox manager 2.1).
  • Int: If regibox storage is exceeded:
    • regibox managers will no longer show notifiers for that case.
    • Instead, the 'owner' and 'causing user' will get informed by email (maximum once a day).
  • Int: Optimized output of portal reference URLs (no absolute pathes anymore).
  • Int: Switched regify clearing domains from regify.clearing.lu to clear-center.eu.
  • Int: Removed provider setting MTA_ADDS_CRLF (no longer needed).
  • Int: Preventing too many SMS for password reset (max 3/day) and re-sending unlock code (max 2/day) per user.
  • Int: SMS url replacement is now supporting [e] parameter for check if text encoding is GSM 03.38 compatible.
  • Int: Added more protection against stupid antivirus scanners accepting or canceling invitations automatically. Same for PWD reset and self registration.
  • Int: Monthly reports now generated on the first day of a month, two minutes after midnight.
  • Int: Monthly reports are now also generated, if the system was offline on first day of a month around midnight (even days later).
  • Int: System is better protected against DOS attacks in Captcha generation.
  • Int: First and lastnames are allowed to be one character only.
  • Fix: Do not allow email address removal if the email address is vital for an existing regibox.
  • Fix: Better handling if the password of a user was reset by a database cleanup of the password field (eg after forcing users to generate a new password).
  • Fix: Fixed issues in reporting Excel invitation list errors.
  • Fix: Fixed accidential dot (.) in sender name for SMS sending in some cases.
  • Fix: Forward after timed out administration session forwarded to portal login instead of admin login.
  • Fix: Captchas were sometimes hard to solve. Now, the algorithm is producing better readable captchas.
  • Fix: PDF transaction list export for regibox invitations incorrectly mentioned creation entries as well (red).
  • Fix: regibox share ZIP download displaying some "please wait" until download starts (prevent irritation if compression needs some time).
  • Fix: If new users are created manually in web administration, dialog did not remember the mode if values were missing.
  • Fix: Appliance complained SSL certs that last longer than 390 days. Now it only complains if they last longer than 398 days.
  • Fix: Fixed database error 'Error in accept: Too many open files' on heavy load.
  • Fix: Fixing several security related issues.
  • Fix: Fixing CVE-2018-25032 (zlib compression vulnerability).

Update 03. November 2020 V5.1.2

Patch release

  • New: Showing provider logo also on mobile devices.
  • New: Enhanced downloads page by enhancing update.json parsing.
    • Supporting a "hide" attribute to allow regify to hide products and versions from here.
    • Supporting "link" attribute to present an informational link instead of binary download.
    • Always showing links for other OS (no longer hidden below).
  • Fix: In some configurations, the shop button in account overview is broken.
    • Note: Shop button in "Communication" -> "Shop" and other locations were still working.
  • Fix: Manage user dialog in administration does not show non-activated users by default (tick "Show only not activated users" to see them until you updated).
  • Fix: Fixed message about to much invitations for group administrators in some cases.
  • Fix: Better handling invalid date values for group administration.
  • Fix: Adding and deleting sub-providers was impossible since 5.1.0.
  • Int: Added "short" mode for regibox share protocol. Also added "protected" and "fileCnt" values for possible future use.
  • Int: Added DOS protection for ZIP download in regibox shares.

Update 21. September 2020 V5.1

Major Release

End user related:

  • New: Add regipay mode to groups.
    • Users in such group get a restricted portal interface, optimized for payslip readers.
    • Users in such group get a hint where to find the payslips.
    • There is a new and optimized email template for invitations into such group (invite_pay template).
  • New: regibox share is now better formatted and offers download as ZIP file.
  • New: The captchas for registration and password reset are updated.
    • More secure (using SVG, rotation, using timing check).
    • Better compatible with mobile devices (automatic resizing).
  • New: There is only one regify account invitation allowed if the user never sent a regimail before (except of group admins).
  • New: Activate "new device" notifier by default. Use better GeoIP service and template.
  • New: Added Chinese country names in dropdown country selections.

Administrator related:

  • New: Added showing users statistics to hotline admin role.
  • New: Admin user list export now also includes invitation information.
  • New: Renamed "negotiator" columns in admin exports to "coupon code id".
  • New: Optional monthly provider report email is re-organized and contains some helping comments (REPORTCOPYADDRESS).
  • New: Provider billing documentation was enhanced by adding a "coupon code"s chapter and other updated information.
  • New: If admin installs an SSL certificate which lasts longer than 398 days, he gets a warning.
  • New: Appliance diagnostics also checks for working websocket connections from outside (regibox).
  • Fix: Replaced CodeMirror with ACE code editor component. Fixing flicker and jumping issues.
  • Fix: Export for regibox billing also listed users which registered after export period (numbers all zero, so no real issue).
  • Fix: Fix issues with authentication dialog not working (5.0.9 issue).
  • Info: We have tipps for monitoring with ZABBIX.
  • API: The provider API function maildelete was enhanced for multiple addresses and corresponding documentation was clarified.

Internal:

  • Sec: Disable support for TLS1.1. Now, TLS1.2 is the standard protocol. Note: TLS1.3 will not be supported in 5.1 versions.
  • Int: Allow file replication in maintenance mode to fix issues removing maintenance mode in cross-master setups.
  • Int: Switch default regify SMS gateway to a new vendor (normally, no interaction needed).
  • Int: Ensure no email addresses removed from account if its registered as regibox owner (member has to confirm explicitely).
  • Int: Underlying OS updated to most recent patch versions.
  • Int: Removed config values REGIMAILPRIVATE and REGIMAILFLAT (were not used in the past).
  • Int: Removed "SelfAdmin", "RegimailPrivateDefined" and "RegimailFlatDefined" from monthly report.
  • Int: Remove all ALSO and AppDirect related code (cleanup).
  • Int: Removed the concept of "community" and "corporate" providers. Technically, everything is community now.
    • Meaning that there are no "deleted" users any more. Administration no longer offers search for deleted users.
    • Provider-SDK does no longer support UserType=91.

Update 16. June 2020 V5.0.9

Patch release

  • New: Increased maximum number of representatives to 25 (former 5).
  • New: Self registration dialog now utilizing a captcha to prevent robots from registering or abusing the system.
  • Fix: Added missing log entries if a user was removed from a group by the group admin.
  • Fix: Fix broken Enforced Attachment links in Gateway protocol (regigate).
  • Fix: For regibox manager V2, push notifications were missing if user accepted regibox invitation or boxes with no content were deleted.
  • Sec: Prevent HTTP host header attacks (no working attack known for previous provider versions).
  • Sec: Set new HTTP Strict-Transport-Security value max-age to be one year (previously 1/2 year).
  • Int: Now supporting recipientsHash value in provider protocol (newTransaction) to allow more than 5 representatives (client needs to support this, too).

Update 20. February 2020 V4.1.6

Patch release for very outdated regify providers still on version 4

  • Int: Just fixing compatibility with regify Client V4.4 as an temporary help.

Update 20. January 2020 V5.0.8

Patch release

  • New: Administration log viewer allows searching in comments.
  • New: Also allow password reset initiated from group administrator without knowing the mobile number.
  • Fix: Fixed online reading error "TOTAL_SIZE" if RGF file was bigger than 15 MB.
  • Internal: For new backup/restore and SSL offloader scenarios, the system now supports using only IP instead of domain for the main provider.

Update 06. November 2019 V5.0.7

Patch release

  • New: regibox manager with version less than version 1.5.2 are no longer allowed (will trigger error 4 in old regibox managers).
  • Fix: Transaction counter for regify report sometimes returned numbers of previous month for overall transactions statistics.
    • Please note that this counter is not relevant for any calculation of any cost. It is just statistical information.
  • Fix: Database based file replication (master-slave or master-master) does no longer stop in maintenance mode to prevent issues coming back from maintenance.
  • Fix: Prevent changing users regibox settings if regibox is not configured at all (web administration only).
  • Fix: Fixed rare issue with websocket server hanging (100% CPU).
  • Internal: Enhanced options for customizing "Downloads" page image (for better compatibility).
  • Internal: regibox protocol handler now supporting metaData field (for managing special permissions of upcoming regibox manager V2).
  • Internal: Hosts-file entry for clearing DNS now updated from pkgs.regify.com (previously it was pls1.regify.com).

Update 24. May 2019 V5.0.6

Patch release

  • Fix: Fixed problems in admin dialog for user creation if given email address contained leading or trailing spaces.
  • Fix: Decreased default limitation of Provider-SDK function gettransactionlist to 10.000 hits per request to avoid server side high memory consumption.
  • Fix: Enhanced error messages in regigate connector protocol if retrieving message key(s) fails.
  • Fix: Fixed some optical issue in signing regigate certificates dialog.
  • Internal: System now observes the expiration date of the regigate signing certificate. In case it runs out, it is getting re-signed automatically.
  • Internal: Some changes regarding new regibox file sharing protocol (beta, only for future regibox versions).

Update 20. March 2019 V5.0.5

Patch release

  • New: We removed support for TLSv1.0 due to security concerns.
  • New: Added GDPR compliant data download option to HELP AND FAQ page.
  • New: Added start time field to admin log search dialog. Enhanced date and time fields with new HTML5 types.
  • New: Added some extra security layer to some download functions.
  • New: Added functions for new regibox file sharing protocol (beta, only for future regibox versions).
  • Fix: Fixed issues while inviting new users to an already running regichat session.
  • Fix: In some circumstances, the provider sent regimail reminders to regibox owners after 3 days.
  • Fix: Tweaked some WebSocket parameters for better scaling with many regibox users.
  • Fix: Enhanced "online reading" help sentences.
  • Fix: Setup assistant did not correctly initialize Chinese templates.
  • Fix: Enhanced error message if cookies missing while password reset.
  • Fix: Footer code template needed some update.
  • Fix: Mobile country code field was partially hidden on small screens during sign-up.

Update 09. October 2018 V5.0.2

Patch release

  • New: Increased the number of allowed transactions in a regimail professional account from 350 to 500.
  • New: Forward group admins with regipay capability to the group invitation dialog even if they click the ordinary invitation button.
  • Fix: Reducing high CPU load on the appliance if a lot of regiboxes are synchronized with regibox managers pre V1.5.
  • Fix: Cron jobs did not respect proxy settings.
  • Fix: Prevent regibox advertising showing if no shop order mail address is set in administration.

Update 16. August 2018 V5.0.1

Patch release

  • New: Added some additional sanity check if someone edits provider main configuration file (complain about text outside of PHP tags).
  • Fix: Enhanced error message if appliance internally triggers error 58 or error 59 (connectivity issues).
  • Fix: Mention prices "incl VAT" in regify (sub)provider settings.
  • Fix: Fixed bug causing an error in authentication dialogue (if authentication was denied and comment was used).
  • Fix: Fixed and updated list of used components and license information on admin login page.
  • Fix: Fixed some issue in WebSocket connection protocol for upcoming regibox V1.5 release.
  • Fix: Fixed issue that potentially prevented restart of WebSocket server after appliance update.
  • Fix: Fixed some issue in provider setup-wizard after fresh appliance install (invalid session, need login).
  • Fix: No longer displaying regibox creation entry in "regibox invitations" list (may confuse people).

Update 9. July 2018 V5.0.0

This is a major release containing many new functions and also breaking some compatibility. For update information, please visit Update_5.0.

End user related:

  • New: Added Chinese language support (both user interface and admin interface).
  • New: New function "My devices" is showing you the devices you used for log-in.
  • New: Added cookie check to prevent users reporting issues if they simply have turned off cookies in their web-browser.
  • New: Group administrators can re-send an invitation email.
  • New: regify accounts are blocked for 10 minutes if someone tried to login with wrong password for more than 10 times.
  • New: Account overview is offering some regibox advertising (only if provider supports regibox).
  • New: Account overview is showing group administrator name and contact information.
  • New: All users (self registered or invited) will have to explicitly accept terms and conditions during account activation (required by new GDPR/DSGVO).

Admin user related:

  • New: Replaced many icons by font icons. Thus, you can edit the color and icon itself much more easy using CSS.
  • New: Portal administrators can re-send an invitation or registration email.
  • New: User management search also searches in additional email addresses.
  • New: Subprovider-Administrators can also edit their contact and support information now.
  • New: The (sub)provider is now able to choose the languages he likes to support. Others are not available for end users then.
  • New: Language flags are inserted using a simple function now. More easy to customize the footer.
  • New: Administration entries regarding provider settings and customization have been re-arranged to be more clear.
  • New: Direct access to users usage statistics and see last email log entries.
  • New: Provider maintenance dialog offers a SMS test function.
  • New: Customizing now also allows SVG and TTF files upload (for uploading and hosting own fonts for CSS usage).

Generic:

  • New: Provider-SDK access is now restricted to given IP address(es) or ranges.
  • New: Custom SMS sending functionality (URl call) to allow more placeholders for various SMS text encoding (eg UTF16).
  • New: Terms and conditions page now offers a "print" button.
  • Fix: Transaction history export using PDF is now using a font that supports Chinese subjects, too.
  • Fix: Added support for Windows Phone to pay.php payslip download and on-line regimail reading.
  • Fix: Added more logging regarding user registration and account activation.
  • Fix: As usual, many sentences and template texts have been enhanced or corrected.
  • Fix: Email domain blacklist was not used for invitations using CSV/Excel upload.
  • Fix: The overall number of transactions in monthly report only counted opened transactions instead of all (not used for invoicing!).
  • Fix: Enhanced the invitation dialogue to better explain the usage of optional mobile number.
  • Fix: Excel and CSV import better trims leading and trailing spaces, does no longer complain about empty lines.
  • Fix: Fixed php syntax check in admin script dialogues (was somehow useless in provider 4.1).
  • Fix: Fixed password reset issue, introduced in pre-upgrade release 4.1.5.
  • Fix: Fixed issue where non activated additional email addresses were not automatically removed two days later.

Security:

  • Hardened the appliance against several attack vectors.
  • Set Apache TraceEnable directive to "off" by default.
  • Enhanced SSL cipher suites to get even more security for SSL connections.

Other:

  • Internal: Now supporting e-mail addresses using unicode domains (Punycode support).
  • Internal: Maximum number of group members is no longer fixed and can get adapted using MAX_GROUP_MEMBERS constant.
  • Internal: Provider-SDK now offers a new function called startchat and allows to run chats from scratch with no need of portal interaction.
  • Internal: Added web-socket server for providing push notifications to several products (eg regibox).
  • Internal: Enhanced CSS and JS provisioning on provider updates to make sure it loads new even if browser cache is active.
  • Internal: New getWebSession function in client protocol to replace older one in future regify client software.
  • Internal: Support script for user export/import now also supports transfer of grouping information.
  • Internal: Upgrade underlying operating system to CentOS 7.5 (also supporting SMBv2 for regibox and backup shares).
  • Internal: To prevent DNS issues with clearing (slow lookup sometimes), we added some auto-updated hosts file entries.


Previous Changelogs

You can find previous and outdated changelogs on a separate changelog page.

Retrieved from "https://wiki.regify.com/index.php?title=Changelog_Provider&oldid=2491"