]> git.p6c8.net - devedit.git/blob - CHANGELOG
Allow to unpack a file after uploading
[devedit.git] / CHANGELOG
1 Change Log for Dev-Editor
2 =========================
3
4 Version 3.2 (201x-xx-xx):
5 =========================
6
7 Disabling commands:
8 -------------------
9 Added new configuration option "disable_commands" for disabling commands of
10 Dev-Editor.
11
12 Start directory:
13 ----------------
14 Added new configuration option "startdir" which defines the default directory
15 instead of "/".
16
17 HTTP download:
18 --------------
19 You may now execute a HTTP download of a file.
20
21 Small changes:
22 --------------
23 - Added a checkbox for editing a file after creating it.
24
25 Version 3.1 (2009-05-12):
26 =========================
27
28 Removing multiple files:
29 ------------------------
30 In the directory listing, there are now checkboxes for selecting files and a
31 button for removing them.
32
33 Better distinction of objects in directory listing:
34 ---------------------------------------------------
35 For a better distinction of the objects in directory listing, every second
36 object has a grey background now.
37
38 Remote name for uploaded files:
39 -------------------------------
40 When uploading a file, you can now specify a name for the file on the server.
41
42 Prefilled form fields:
43 ----------------------
44 If you want to copy or rename/move a file or a directory or save a file using
45 a different name, the form field for the new filename is prefilled with the
46 old one. Additionally, the entered path is no more relative to the directory
47 of the original file.
48
49 Hide dot files:
50 ---------------
51 When the new configuration option "hide_dot_files" is set to 1, every file or
52 directory beginning with a "." is not shown in the directory listing. But you
53 can still access the file / directory by typing its name into the "Go to
54 directory/file" box.
55 This option is also available in the user-dependent configuration.
56
57 Copyright note:
58 ---------------
59 In the header of each file, there is a now a copyright note and a reference to
60 the Artistic License.
61
62 Template class updated:
63 -----------------------
64 The template class was updated to version 2.0.
65
66 Version 3.0.1 (2005-11-10):
67 ===========================
68
69 Accessing files above the virtual root directory:
70 -------------------------------------------------
71 It was possible to access files and directories above the virtual root
72 directory beginning with the same string as the root directory.
73 For example:
74 If your root directory is "/var/www/user1" it was possible to access
75 "/var/www/user10", "/var/www/user11" and so on.
76
77 Version 3.0 (2005-10-18):
78 =========================
79
80 Editing function changed:
81 -------------------------
82 - The concept of locking the file for other users before editing it is not very
83 good, causes some problems and makes it difficult to add new features. So I
84 decided to remove it.
85 - When Dev-Editor shows the form for editing a file, it calculates the MD5
86 checksum and places it in the editing form. Before saving the file, the MD5
87 checksum is calculated again and compared to the submitted one. If the two
88 sums don't match, Dev-Editor does not save the file and shows the editing
89 form.
90 - In the edit dialogue, there is also a new submit button allowing to continue
91 editing the file after saving it.
92 - Removed the possibility of encoding ISO-8859-1 HTML entities when saving a
93 file. I don't know if anybody used this function.
94
95 Copy directories:
96 -----------------
97 Dev-Editor is now able to copy a directory.
98
99 Forbid file access:
100 -------------------
101 The administrator may now define a list of files the user is not allowed to
102 access.
103
104 Individual configuration:
105 -------------------------
106 Now, Dev-Editor is able to switch some configuration values depending on the
107 current HTTP Auth user.
108 This is controlled by a separate configuration file containing sections like
109 Windows INI files (thus the configuration file parser is now able to parse
110 files containing sections in square brackets).
111 You may overwrite the following configuration values:
112 - fileroot
113 - httproot
114 - forbidden (you may also clear the default "forbidden" list)
115
116 Configuration files renamed:
117 ----------------------------
118 The extension of the configuration files is "conf" now.
119
120 Names of error messages changed:
121 --------------------------------
122 I changed the names of some error messages:
123 binary -> binary_file
124 cmd_unknown -> command_unknown
125 dir_read_fail -> dir_read_failed
126 create_ar -> create_above_root
127 not_exist -> not_found
128
129 File names containing a "+" sign:
130 ---------------------------------
131 If a file name contained a "+" sign, Dev-Editor was sometimes not able to
132 access the file, because the "+" was interpreted as a space.
133
134 Check octal numbers:
135 --------------------
136 Before changing the permissions of a file, Dev-Editor now checks if the user
137 entered a valid octal number.
138
139 Encoding of HTML entities:
140 --------------------------
141 - All HTML in output is now properly encoded
142 - HTML::Entities is a little bit slow and does currently not support very much
143 encodings. Now, we just encode the HTML control characters (<, >, & and ").
144 This also means that Dev-Editor now does not require any CPAN module.
145
146 Template class updated:
147 -----------------------
148 The template class was updated to version 1.5.
149
150 Small changes:
151 --------------
152 - Don't show the "Copy" link if a file is not readable
153 - Added checkboxes in the "Copy" and "Rename" dialogues for immediately
154 overwriting an existing file
155 - Preserve the directory listing filter if the user changes the directory using
156 the input field at the bottom of the directory listing
157
158 New in version 2.3.2 (2005-04-23)
159 ---------------------------------
160
161 Copying a file out of a directory:
162 ----------------------------------
163 Fixed a really strange bug occuring only on Windows systems.
164 Dev-Editor was not able to copy (or move) a file out of a directory if the
165 path, the user entered in the corresponding dialogue, was beginning with "../".
166
167 Empty root directory causes incomplete HTML table:
168 --------------------------------------------------
169 Dev-Editor now does not create an incomplete HTML table if the root directory
170 is completely empty or no files are matching against the current wildcard.
171
172 move() instead of rename():
173 ---------------------------
174 Dev-Editor now uses the move() function from the File::Copy module to move or
175 rename files and directories. move() is more reliable than the rename()
176 function.
177
178 No error message if reading of a directory failed:
179 --------------------------------------------------
180 If reading of a directory failed, no error message was shown. I thought this
181 bug was fixed...
182
183 Template class updated:
184 -----------------------
185 The template class was updated to version 1.4a.
186
187 New in version 2.3.1 (2005-02-19)
188 ---------------------------------
189
190 Handling of symbolic links changed:
191 -----------------------------------
192 For security reasons, I completely changed the handling of symbolic links:
193 Symbolic links are now treated as files, no matter where they point to. The
194 user is just allowed to see the path where the link points to, he is allowed to
195 delete the link, to rename it and to overwrite it by renaming an other file.
196 Nothing else is allowed.
197 Accessing a symbolic link pointing to a directory caused also a very strange
198 effect: It was possible to access this directory, but you could not access
199 the objects in it.
200 I had to do it in this way because of the very stupid behaviour of abs_path()
201 from the Cwd module: This function is just able to detect the absolute path of
202 directories.
203 Hard links are not affected by this, because it is not possible to detect them
204 (at least I don't know how to detect them).
205
206 Root directory must not be a symbolic link:
207 -------------------------------------------
208 Now, the root directory must not be a symbolic link.
209 Sorry for this, I really would have liked to allow the root directory to be a
210 symbolic link, but if I would allow this, Dev-Editor would not be able to
211 create files in the root directory. I'm looking for an alternative...
212
213 Use Greenwich Mean Time:
214 ------------------------
215 You may now use Greenwich Mean Time (GMT/UTC) in dates instead of the local
216 time.
217 I don't know if anyone needs this, but it could be useful.
218
219 Handle errors produced by File::UseList:
220 ----------------------------------------
221 - Check if unlocking of the list of files in use was successful
222 - Check if a file could be successfully added to the list of files in use
223 - Check if a file could be successfully removed from the list of files in use
224
225 Saving to non-existing files:
226 -----------------------------
227 The file saving process was aborted if the user wanted to write text data using
228 the edit function into a file that does not exists.
229 The reason was that Dev-Editor thought that this non-existing file was a binary
230 file.
231
232 Template class updated:
233 -----------------------
234 The template class was updated to version 1.4.
235 This fixes the problem of the infinitive loops produced by incorrectly nested
236 {IF} blocks.
237
238 Small changes:
239 --------------
240 - Files locked with the flock() function are now unlocked by the close()
241 function due to security reasons (see
242 http://forum.de.selfhtml.org/?t=101375&m=622582)
243 - Changed the names of two error messages:
244 dircopy -> dir_copy
245 editdir -> dir_edit
246 - Fixed various small errors in some template files
247 - The regular expression used by file_name() and upper_path() to detect Windows
248 drive letters was not case-insensitive
249
250 New in version 2.3 (2005-01-08)
251 -------------------------------
252
253 Filter directory listing:
254 -------------------------
255 Dev-Editor is now able to filter the directory listing using DOS-style
256 wildcards.
257 I think that is a little bit incomplete, Dev-Editor should be able to
258 "remember" the filter wildcard during the actions.
259 The code for parsing DOS-style wildcards is from the File::DosGlob module by
260 Gurusamy Sarathy.
261
262 flock():
263 --------
264 Dev-Editor now uses flock().
265 flock() is called using a wrapper function which checks if it is really
266 available.
267
268 check_path() broken on Windows:
269 -------------------------------
270 On Windows systems the check_path() routine was heavily broken (this routine
271 checks if someone tries to access a path above the virtual root directory). It
272 was possible to access files above the root directory by accessing a path with
273 "..." or "...." or something like that as the last path component. This bug was
274 caused by the rewrite of check_path() in Dev-Editor 2.2.
275
276 "." or ".." as end of a path:
277 -----------------------------
278 If you enter a path with "." or ".." as the last path component, Dev-Editor
279 showed a really strange behaviour by allowing to enter a path like
280 "something/." or "something/..". This was also caused by the (poor) rewrite of
281 check_path(). The problem is fixed now.
282
283 Paths beginning with "/../" caused problems:
284 --------------------------------------------
285 When composing the temporary virtual path for a new file, don't call
286 clean_path(). It is unnecessary and it also caused a problem if this path would
287 begin with /../, because on UNIX systems, canonpath() removes /../ at the
288 beginning of a path. So if a user wanted to create the file /../file.ext (but
289 he wasn't allowed to), he created /file.ext.
290
291 Deny changing file properties in some cases:
292 --------------------------------------------
293 - Do not allow to change the properties of the root directory
294 - Do not allow to change the properties of a file in use
295
296 Deny overwriting files:
297 -----------------------
298 - While processing a file upload, check if the user wants to replace a
299 directory or overwrite a write-protected file
300 - If the user wants to copy or rename a file, check if he wants to overwrite a
301 write-protected file
302 - Do not allow to upload a file if a file with the same virtual name is
303 currently in use
304
305 Validate file uploads:
306 ----------------------
307 Dev-Editor now tries to validate a file upload by checking the handle created
308 by the CGI module.
309
310 Improved configuration file parser:
311 -----------------------------------
312 - The parser now ignores lines like that:
313 = Value
314 Such lines could lead to properties with empty keys in the configuration
315 hash.
316 - Allow configuration options with empty values
317 - If a option is defined twice, the line number of the second one is shown in
318 the error message
319
320 Output changes:
321 ---------------
322 - More encoding of HTML entities
323 - In directory listing, the "Edit" link of files in use were not greyed (very
324 nasty)
325 - Show the name of the lock file in error messages even if it has not been
326 defined in the configuration file
327
328 Small internal changes:
329 -----------------------
330 - The file saving process is now completely centralized in File::Access
331 - When generating a redirection header, check if we really have to create a
332 query string
333 - Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
334 the "newfile" parameter had no leading slash
335 - Dev-Editor now takes more care of Windows drive letters
336 - Trying to increase speed of the script by surrounding static values by single
337 quotes
338 - Code cleaning
339
340 New in version 2.2a (2004-11-29)
341 --------------------------------
342
343 File uploads did not work:
344 --------------------------
345 Dev-Editor normally tests if it has enough permissions to upload a file to a
346 directory. But the condition was missing and so Dev-Editor always aborted file
347 uploads and didn't even display the dialogue.
348
349 New in version 2.2 (2004-11-27)
350 -------------------------------
351
352 `chgrp` system command and numerical group names:
353 -------------------------------------------------
354 When changing the group, Dev-Editor is now using the `chgrp` system command.
355 This allows to use numerical group names. Before, Dev-Editor handled numerical
356 values as group IDs.
357
358 Checking root directory:
359 ------------------------
360 Dev-Editor now checks if the root directory exists and if it may be accessed.
361 This fixed also bug where it was possible to access the physical root directory
362 if Dev-Editor could not enter the virtual root directory.
363
364 Checking directory permissions:
365 -------------------------------
366 Dev-Editor does some simple checks of directory permissions now:
367 - Inaccessible directories are greyed in directory listing. You cannot access
368 them, but the actions are not disabled, because they may work.
369 - Actions needing write access to a directory are aborted if Dev-Editor has no
370 write access.
371
372 Access a directory structure similar to the root directory:
373 -----------------------------------------------------------
374 The path the user wants to access must now BEGIN with the root directory. The
375 old check made it possible to access a directory structure outside the root
376 directory similar to the root directory.
377
378 Changing mode of a directory with mode 000:
379 -------------------------------------------
380 It was not possible to change the mode of a directory with mode 000.
381
382 Upload only to directories:
383 ---------------------------
384 Dev-Editor now checks if the user really uploads a file to a directory.
385
386 Improved About dialogue:
387 ------------------------
388 - Dev-Editor now only shows the main group ID of the process user.
389 - Dev-Editor also shows the current umask of the process.
390 - Special chars in most values are now encoded to entities.
391
392 Added <label> tags:
393 -------------------
394 For a better usability in some browsers, I added <label> tags for the
395 checkboxes and radio buttons in file edit and file upload dialogue.
396
397 Directory links in error messages:
398 ----------------------------------
399 Some error messages generated by the main program now contain a link to the
400 root directory.
401
402 Bugs in HTML generation:
403 ------------------------
404 - If Dev-Editor could not read a directory, it did neither display an error
405 message nor a directory link.
406 - Some error messages had problems with {DIR} variables. Thus the variable in
407 error.htm which will be replaced by a back link is now called "{BACK}".
408 - When viewing a file, Dev-Editor inserts the contents of the file into the
409 viewfile.htm template file AFTER parsing the "editable" {IF}-block, because
410 Dev-Editor showed a very ugly behaviour when viewing this template file.
411
412 Code cleaning:
413 --------------
414 I tried to clean the source code of Dev-Editor a little bit. Some parts of the
415 code were optimized.
416
417 New in version 2.1a (2004-10-22)
418 --------------------------------
419
420 Changed file saving error handling:
421 -----------------------------------
422 Now we already unlock the file saving process, because if an error occurs
423 during this process, the file keeps locked.
424 This is not a perfect solution, there are still problems. I have to figure out
425 another one.
426
427 New in version 2.1 (2004-10-14)
428 -------------------------------
429
430 Overwrite files during file upload:
431 -----------------------------------
432 In file upload dialogue, there is a new checkbox which allows to overwrite
433 files during file upload if they already exist.
434
435 Improved file saving:
436 ---------------------
437 The process of file saving has been improved:
438 - Saving even works if the file has to be created first.
439 - Dev-Editor is now checking if the user wants to write text data into a binary
440 file.
441 - If the user just entered spaces as filename (detection works for other
442 commands using the "newfile" CGI parameter too), we use the original
443 filename.
444
445 Don't copy a directory:
446 -----------------------
447 Dev-Editor now denies copying a directory.
448
449 Check before manually unlocking:
450 --------------------------------
451 Dev-Editor now checks if the file is really locked before displaying the
452 dialogue for manually unlocking a file. If it is not locked, Dev-Editor returns
453 to directory view. Dev-Editor also behaves in this way if it is trying to
454 unlock a file.
455
456 Wrong error messages:
457 ---------------------
458 Something definitely went wrong when I remade the copy and the rename
459 functions: They printed a wrong error message if the destination already
460 existed and if it was a file.
461
462 New in version 2.0 (2004-08-10)
463 -------------------------------
464
465 File uploads:
466 -------------
467 Dev-Editor is now able to process HTTP file uploads. The files may be
468 transferred in ASCII or binary mode (similar to FTP).
469
470 Change mode and group:
471 ----------------------
472 Dev-Editor is now able to change the mode and the group of a file or a
473 directory.
474
475 HTTPS support and non-default ports:
476 ------------------------------------
477 Dev-Editor is now able to detect a HTTPS connection and if the web server
478 doesn't listen on the default ports (necessary for reloading Dev-Editor).
479
480 Do not allow removing or renaming the root directory:
481 -----------------------------------------------------
482 Dev-Editor now denies removing or renaming the root directory.
483
484 Renaming files outside the root directory:
485 ------------------------------------------
486 There was a bug which caused Dev-Editor not to rename files outside the root
487 directory if they already exist.
488
489 Improved file editing:
490 ----------------------
491 When the user wants to save an edited file using a different file name,
492 Dev-Editor now unlocks the original file and checks if a file with this
493 different name already exists and if it is locked.
494
495 Improved file creating:
496 -----------------------
497 The routine which creates empty files had a race condition which could set
498 files to 0 if they already exist.
499
500 Maximum size for files:
501 -----------------------
502 The administrator may now define a maximum size for files in the main
503 configuration file. If the user wants to view or edit a file larger than this
504 defined size, Dev-Editor denies file access (but the file can still be copied,
505 renamed or removed).
506
507 Form for creating new files or directories:
508 -------------------------------------------
509 In directory listing, when clicking on the buttons next to the fields for
510 creating new files and directories without entering a file or directory name,
511 the user got an error message which is a little bit strange.
512 Now, the user will see a form for creating new files or directories.
513
514 Newlines are converted while reading:
515 -------------------------------------
516 Whenever Dev-Editor now reads a file for output, it converts any line separator
517 to the system specific one.
518
519 Case-insensitive commands:
520 --------------------------
521 The commands are now case-insensitive, so the command "ShOw" is the same as
522 "show".
523
524 About screen:
525 -------------
526 There is now a small "About" screen which shows some more or less useful
527 information about Dev-Editor and the system.
528
529 Improvements for user interface:
530 --------------------------------
531 Made a lot of improvements for the user interface:
532 - The directory listing is now built using tables.
533 - When editing a file and the user wants to save a file using a different file
534 name, the checkbox for saving the file using a different file name is
535 activated using JavaScript.
536 - In directory listing or when viewing a file, there is a new field for quickly
537 jumping to a file or to a directory.
538 - Separated "Work with directory" and "Work with file" into different options
539 in directory listing ("Copy", "Rename", "Delete", "Unlock"). The options also
540 have their own dialogues.
541 - In directory listing, there is a new link for viewing a file or a directory
542 in the browser.
543 - When viewing a file and if the file is editable, there is a new link to edit
544 this file.
545 - Files and directories in directory listing are now sorted case-insensitively.
546
547 Configuration files:
548 --------------------
549 The settings of Dev-Editor are now stored in extern configuration files: There
550 is one file for general settings, one for the error messages and one for the
551 paths to the template files.
552
553 Templates:
554 ----------
555 The output of Dev-Editor is now controlled by template files. The source code
556 became much cleaner :-)
557
558 New in version 1.2 (2003-12-29)
559 -------------------------------
560
561 Removing directories:
562 ---------------------
563 Dev-Editor is now able to completely remove a directory.
564
565 "Work with directories":
566 ------------------------
567 In directory listing, next do a directory, there is a new link called "Work
568 with directory". When you select this link, you get a form to remove or
569 rename/move the directory.
570 Additionally, the link "Do other stuff" was renamed to "Work with file".
571
572 Overwriting existing files:
573 ---------------------------
574 If you want to copy a file, and the destination file already exists, you will
575 be asked to overwrite the file. If the destination points to a directory,
576 copying will be aborted completely.
577 If you want to rename a file or a directory, and the destination file already
578 exists, you will be asked to overwrite the file. If the destination points to a
579 directory, renaming will be aborted completely.
580
581 Confirmation for removing files:
582 --------------------------------
583 If you want to remove a file, a confirmation dialog will be displayed first.
584
585 Fixed open() calls:
586 -------------------
587 It seems that some systems don't support the FILEHANDLE,MODE,FILENAME version
588 of open(). Now we don't use it any more.
589
590 Default permissions for mkdir():
591 --------------------------------
592 Set the permissions for mkdir() to 0777. I thought it is optional (as described
593 in "perlfunc"), but some systems need it.
594
595 New in version 1.1 (2003-11-15)
596 -------------------------------
597
598 Newlines are converted:
599 -----------------------
600 Any line seperator will now be converted to the system specific line seperator
601 if you save a text file.
602
603 File permissions are checked:
604 -----------------------------
605 Dev-Editor now runs some simple checks on the file permissions when it creates
606 a directory listing, tries to view or edit a file and when it copies a file.
607
608 Tool tips for file status:
609 --------------------------
610 In directory listing, when a file cannot be viewed or edited, a tool tip on the
611 "View" or "Edit" link will show the reason why it is so.
612
613 File permissions are saved:
614 ---------------------------
615 When the user saves a text file, the file permissions were destroyed. The
616 reason was that a temporary file was used, which was renamed to the originally
617 file. Now this is fixed, but if saving of the file now fails, the file could be
618 damaged...
619
620 Links in error messages:
621 ------------------------
622 Some error messages now contain a link to go back to the directory containing
623 the file which caused the error.
624
625 Typos fixed:
626 ------------
627 There were a lot of typos in the output, the comments and the ReadMe file.
628
629 Dates fixed:
630 ------------
631 The dates of the last modification in the head comment of the files had the
632 wrong format. They had the format MM-DD-YYYY, but they should have YYYY-MM-DD.
633 Sorry, that was VERY embarassing...
634
635 New in version 1.0 (2003-10-08)
636 -------------------------------
637
638 First public release:
639 ---------------------
640 This is the first public release of Dev-Editor.
641
642 ------------------------------------------------
643
644 (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
645 (C) 2003-2009 Patrick Canterino
646
647 E-Mail: patrick@patshaping.de
648 WWW: http://devedit.sourceforge.net/

patrick-canterino.de