Skip to content
This repository
branch: DEB_5_5_1
Fetching contributors…

Octocat-spinner-32-eaf2f5

Cannot retrieve contributors at this time

file 245 lines (156 sloc) 7.87 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244
------------------------------------------------------------------------------

                  What's new in each version of Interchange
                       (since the version 5.4 branch)

------------------------------------------------------------------------------


Interchange 5.5.1 released on 2007-08-21.

See UPGRADE document for incompatible changes not listed here.

Core
----

* Removed odd formatting from --add entry in interchange manual page.

* Fixed a DoS exploit. A carefully crafted HTTP POST request could cause
  an Interchange page processor to hang until it's killed by Interchange's
  periodic housekeeping routine. If several of these requests are received
  in quick succession then it could be possible to disable all of the page
  processors, rendering Interchange unresponsive for a while. Fixed by
  Kevin Walsh; pointed out by Donald Alexander.

* Removed unused AdminHost global configuration directive.

* In &Vend::Table::DBI::set_row, avoid unwanted expansion of array when we
  have PREFER_NULL fields and number of fields passed is one.

* Added Vend::Swish2 module provided by Brian Miller <brian@endpoint.com>.
  This is superior to Vend::Swish, because instead of the awkward way to
  interface with Swish-e by running the binary it uses the Swish Perl API.

  Note: This module will replace Vend::Swish after we ensure as much backward
  compatibility as possible.

* Allow specification of one additional include directory for specific
  modules, specified like this:

  Require module Vend::Swish /usr/lib/swish-e/perl

* Terminate search if mv_min_string condition isn't met.

* Make [sql-quote] list tag to work properly with multiple lines.

* Fixed case-insensitive searches for different locales.

* Fix the [error] tag so it does not attempt to replace format specifiers other
  than %s in the text or std_label attributes.

* Vend::SQL_Parser required LIMIT clause to be lowercase when it should be
  case-insensitive.

* Issue error message if subroutine for PREFIX-exec is missing.

* Fix [on-match]/[no-match] for loop lists without matchlimit generated from
  embedded Perl objects
    
* Fixed problem where both set_row() and set_slice() would try to get the key
  from last_sequence_value() for returning even if we already know the key and
  even on an UPDATE which can cause problems.

* New "timecard" round-robin style counters added with the timecard_stamp and
  timecard_read subs in Util.pm. These are now used for better control of the
  session per IP lockouts (when RobotLimit is set). See CVS log for more
  details (#2).

* lockout specialsubs will now override session per IP lockouts properly (#3).

* Fixed error where the wrong tag name can sometimes appear in [calc] error
  messages (#7).

* Superfluous Vend::Interpolate::sort_cart function removed (#70).

* set_slice now skips updates on existing records when we have only key
  columns (#98).

* Change [shipping-desc] to allow access to arbitrary keys in the shipping
  configuration.

* Fixed problem where only the last shipping policy will get stored if the
  multi-line format is used in shipping.asc.

* Fixed problem where options are not converted and stored properly on all
  shipping policies.

* Moved more code into the new process_new_beginning sub and cleaned up other
  code in Ship.pm.

* Added "file" (readable file) and "executable" (executable file) as extra
  Require directive tests.

* Added a new TABLE_COMMENT modifier to the Database directive to allow
  a short comment to be attached to MySQL and PostgreSQL tables.

* Delay "Server started" message as long as possible.

* Disable SOAP and display error when Vend::SOAP fails to load (#46).

* Remove catalog status files when removing catalog. Also call remove_catalog at
  server stop -- would be nice for cleanup anyway (#95).

* Fixed problem where RPC mode would fork too many processes at startup due to
  race condition (#107).

* Set $0 throughout the server and dispatch process to reflect current
  conditions (#107).

* Set up more aggressive management in response to INT or TERM to propagate the
  request down to the children. Prior to this arrangement, a restart or kill
  would leave many of the children running. This cleaned up Interchange stops
  to remove all preforked daemons (#107).

* Adjusted housekeeping to cull out old pids so that PIDcheck was enforced in
  PreFork (#107).

* Pass $opt to labeled_list fixing behaviour of fly-list to be matching other
  x-list tags (#89).

* Pass applylocale option into Vend::Form::options_to_array in order to
  localize option labels (#80).

* New set_process_name sub which is used to change the status in the process
  name indicator.

* Fixed problem where form values do not always default to the $Values hash
  values for corresponding form fields when defaults=1 and wizard=1 are both
  set in the table editor.

* Fixed a bug where the [data session host] was not being set on a session's
  first page access. The "host" key was only being set for subsequent pages.

* Removed MV_DOLLAR_ZERO workaround for a bug fixed 5 years ago.

* Added a new "scratchd" test type. This is the same as "scratch" except
  that it deletes the variable from the scratchpad after testing.

UserDB
------

* Fixed UserDB login issues within embedded Perl by using
  Vend::Util::string_to_ref for deserialization of carts and other
  hashes.

* New validchars option to customize valid characters for usernames, e.g.
  adding the + character to the list of valid characters:

  UserDB default validchars "-A-Za-z0-9_@.+"

UserTag
-------

* Make [save-cart] keep cart if userdb returns with an error.

* Make [formel] call [display] on unknown types.

* Fixed cleanse option of [import-fields] for composite keys (#98).

Filter
------

* Added "round" filter to round in floating-point-safe way, using the
  Vend::Util routine.

* Avoid ambiguity between two time formats in date_change filter.

* Added "lspace2nbsp" filter. Translates leading spaces to nbsp

Checks
------

* Added "match" check to match another CGI variable, e.g. for password
  verification.

Payment
-------

* New NetBilling module.

Jobs
----

* Added new job group db with export job to export databases offline for
  backup and version control purposes.

* Added process ID to "Run jobs" and "Finished jobs" log messages for better
  troubleshooting.

* Avoid cluttering global log file with job run messages.

* Allow parameters passed to jobs, acknowledges --email commandline option
  now (#103).
 
UI
--

* Fix page banner in menu editor.

* Tidied up some code in customer_mailing.html

* Fixed test to see if sku exists on creation of new item
  in quick_question.html (#17)

* Avoid crashes on table export if data contains Interchange tags (#100).

Standard demo
-------------

* Fixed minor security hole of admin's session ID being exposed when placing
  an order in the admin. Found by Mark Lipscombe <markl@gasupnow.com>.

* Various special_pages/missing.html fixes:
  - Fixed broken admin 404 error page (which came from Standard).
  - Removed duplicate, sometimes-bogus MV_PREV_PAGE display.
  - Eliminated double-interpolation of page comparison.

* Updated Discover Card logo. Provided by Steve Graham.

* Increased compatibility with XHTML.

* Cleaned up splash page and fixed broken links.

* Add CVV2 support to checkout pages, images thanks to Jure Kodzoman.

* Fix problem with permanently setting members_only, bug and fix found
  by Jo-Ellen Matthews.

SOAP
----

* Return proper SOAP error to the client instead of disclosing our faults.

Packaging
---------

* Switched from dh_movefiles to dh_install for Debian packaging.

* Added --oknodo option to start-stop-daemon for restart action in the
  Debian init script (#28).

Other
-----

* Updated copyright in headers to 2007 (#102).
Something went wrong with that request. Please try again.