Skip to content

Changelog

Jump to bottom Edit New page
Ryan Fischbach edited this page Aug 31, 2016 · 43 revisions

BitsTheater Framework Changelog

3.5.1 (2016-Sept-01)

  1. Output to ICS (vCalendar format) now available.
  2. SetupDb moved into PropCloset so a website can descend from it.

3.5.0 (2016-June-21)

  1. Move configs folder out from [site]/app/configs to just [site]/configs for new sites.
  2. Remove the "no_sessions" workaround which just causes more trouble than it is worth.
  3. Updated PasswordReset feature.
  4. Updated SqlBuilder to handle paged queries easier.
  5. Added UserParameterException.
  6. Updated CLI with a -h param to specify which config to use.
  7. Allow CLI to operate from any folder, not just from the app/cli subfolder.

3.4.5 (2016-May-06)

  1. CLI capability introduced.
  2. getModel()/getProp() can now accept the full class name as its parameter.
  3. Saving list of configuration settings now returns those that were changed.
  4. AuthGroups & BitsGroups refactored to ensure protection from SQL Injection. Admins were the only ones capable of introducing such SQL Injection, so the threat for earlier versions is quite low.
  5. "Action" configuration setting introduced so that Buttons are now an option.
  6. Traits for various classes have been introduced.
  7. CSRF tokens now take advantage of the AuthBasic token mechanism, if available.
  8. The hidden input companion field for checkboxes now has its value default to "0".

3.4.4 (2016-Apr-10)

  1. Actor refactored so the SEO URL transformation can be tweaked on an Actor-by-Actor basis now.
  2. The base Actor public methods cannot be called via URL by default.
  3. BrokenLeg converts Exceptions more completely so that more information is passed to the caller.
  4. Actor names are now converted to class names using the standard function instead of relying on PHP's case insensitive nature.
  5. Several ancestor class names changed so they did not share the same name as their descendant as website installation was starting to get confused about which class to load.
  6. Many new API endpoints exist so that framework features that used to require page renders to accomplish can now be done via a JavaScript front-end calling API routines in the background.
  7. Install now provides an API endpoint to accomplish the entire install process in one call. This allows automation such as Ansible to install a website entirely without human interaction.
  8. Boolean website settings that employed a checkbox widget now work properly when unchecking them.
  9. "Auth" website settings now editable by a non-titan group admin.
  10. PHP 5.5 deprecated code fixed.
  11. Strings::wordWrap() greatly improved to attempt to break on word boundaries.
  12. Improved security for permission related endpoints.

3.3.2 (2016-Mar-03)

  1. Cookie management updated to allow HTTPOnly flag
  2. getProp() smarter in that lower case class names figured out just like Actor class names
  3. Registration cap website option added
  4. Costumes with toJson() methods respected if passed to the "results_as_json" view
  5. CommonMySql costume created to help simplify common model tasks.
  6. Newly introduced CSRF protection mechanism debugged
  7. Admin> Settings page now protected by CSRF protection mechanism

3.3.1 (2016-Feb-01)

  1. Introduced login auto-lockout after X failed attempts per hour.
  2. Introduced CSRF protection for API's using "ajaj" prefix.
  3. Introduced non-cached-auth for API's using "api" prefix.

3.3.0 (2016-Jan-15)

  1. Created a standardized API response object, if desired.
  2. Shutdown code that helps debugging Out of Memeory errors.

3.0.0

  1. Features introduced, version numbers can be displayed and now have meaning.
  2. The CSS classes data-* have been renamed to db-* to avoid HTML5 class conflicts.
  3. SqlBuilder costume class can now handle filters and orderby clauses as well as convert "=" operations into " IN ()" operations if the parameter data is an array.
  4. Actor views will now additionally check app/views/* for their named view PHP file before giving a 404 error so that site-wide views can be re-used rather than copied everywhere. The check is done after checking for the actor/action-specific view and the framework-included site-wide view file in use is the results_as_json.php view.
  5. The base class object now contains debugLog() which does not depend on debug settings in case you want to log something regardless of any of the "is debugging" const or vars such as logging a specific db error.

2.4.9

This version and anything prior was not versioned.

Add a custom footer
Add a custom sidebar

Clone this wiki locally