]> git.p6c8.net - devedit.git/blob - CHANGELOG
- Dev-Editor is now able to forbid accessing a file using the configuration file
[devedit.git] / CHANGELOG
1 Change Log for Dev-Editor
2 =========================
3
4 New in version 2.3.2 (2005-04-23)
5 ---------------------------------
6
7 Copying a file out of a directory:
8 ----------------------------------
9 Fixed a really strange bug occuring only on Windows systems.
10 Dev-Editor was not able to copy (or move) a file out of a directory if the
11 path, the user entered in the corresponding dialogue, was beginning with "../".
12
13 Empty root directory causes incomplete HTML table:
14 --------------------------------------------------
15 Dev-Editor now does not create an incomplete HTML table if the root directory
16 is completely empty or no files are matching against the current wildcard.
17
18 move() instead of rename():
19 ---------------------------
20 Dev-Editor now uses the move() function from the File::Copy module to move or
21 rename files and directories. move() is more reliable than the rename()
22 function.
23
24 No error message if reading of a directory failed:
25 --------------------------------------------------
26 If reading of a directory failed, no error message was shown. I thought this
27 bug was fixed...
28
29 Template class updated:
30 -----------------------
31 The template class was updated to version 1.4a.
32
33 New in version 2.3.1 (2005-02-19)
34 ---------------------------------
35
36 Handling of symbolic links changed:
37 -----------------------------------
38 For security reasons, I completely changed the handling of symbolic links:
39 Symbolic links are now treated as files, no matter where they point to. The
40 user is just allowed to see the path where the link points to, he is allowed to
41 delete the link, to rename it and to overwrite it by renaming an other file.
42 Nothing else is allowed.
43 Accessing a symbolic link pointing to a directory caused also a very strange
44 effect: It was possible to access this directory, but you could not access
45 the objects in it.
46 I had to do it in this way because of the very stupid behaviour of abs_path()
47 from the Cwd module: This function is just able to detect the absolute path of
48 directories.
49 Hard links are not affected by this, because it is not possible to detect them
50 (at least I don't know how to detect them).
51
52 Root directory must not be a symbolic link:
53 -------------------------------------------
54 Now, the root directory must not be a symbolic link.
55 Sorry for this, I really would have liked to allow the root directory to be a
56 symbolic link, but if I would allow this, Dev-Editor would not be able to
57 create files in the root directory. I'm looking for an alternative...
58
59 Use Greenwich Mean Time:
60 ------------------------
61 You may now use Greenwich Mean Time (GMT/UTC) in dates instead of the local
62 time.
63 I don't know if anyone needs this, but it could be useful.
64
65 Handle errors produced by File::UseList:
66 ----------------------------------------
67 - Check if unlocking of the list of files in use was successful
68 - Check if a file could be successfully added to the list of files in use
69 - Check if a file could be successfully removed from the list of files in use
70
71 Saving to non-existing files:
72 -----------------------------
73 The file saving process was aborted if the user wanted to write text data using
74 the edit function into a file that does not exists.
75 The reason was that Dev-Editor thought that this non-existing file was a binary
76 file.
77
78 Template class updated:
79 -----------------------
80 The template class was updated to version 1.4.
81 This fixes the problem of the infinitive loops produced by incorrectly nested
82 {IF} blocks.
83
84 Small changes:
85 --------------
86 - Files locked with the flock() function are now unlocked by the close()
87 function due to security reasons (see
88 http://forum.de.selfhtml.org/?t=101375&m=622582)
89 - Changed the names of two error messages:
90 dircopy -> dir_copy
91 editdir -> dir_edit
92 - Fixed various small errors in some template files
93 - The regular expression used by file_name() and upper_path() to detect Windows
94 drive letters was not case-insensitive
95
96 New in version 2.3 (2005-01-08)
97 -------------------------------
98
99 Filter directory listing:
100 -------------------------
101 Dev-Editor is now able to filter the directory listing using DOS-style
102 wildcards.
103 I think that is a little bit incomplete, Dev-Editor should be able to
104 "remember" the filter wildcard during the actions.
105 The code for parsing DOS-style wildcards is from the File::DosGlob module by
106 Gurusamy Sarathy.
107
108 flock():
109 --------
110 Dev-Editor now uses flock().
111 flock() is called using a wrapper function which checks if it is really
112 available.
113
114 check_path() broken on Windows:
115 -------------------------------
116 On Windows systems the check_path() routine was heavily broken (this routine
117 checks if someone tries to access a path above the virtual root directory). It
118 was possible to access files above the root directory by accessing a path with
119 "..." or "...." or something like that as the last path component. This bug was
120 caused by the rewrite of check_path() in Dev-Editor 2.2.
121
122 "." or ".." as end of a path:
123 -----------------------------
124 If you enter a path with "." or ".." as the last path component, Dev-Editor
125 showed a really strange behaviour by allowing to enter a path like
126 "something/." or "something/..". This was also caused by the (poor) rewrite of
127 check_path(). The problem is fixed now.
128
129 Paths beginning with "/../" caused problems:
130 --------------------------------------------
131 When composing the temporary virtual path for a new file, don't call
132 clean_path(). It is unnecessary and it also caused a problem if this path would
133 begin with /../, because on UNIX systems, canonpath() removes /../ at the
134 beginning of a path. So if a user wanted to create the file /../file.ext (but
135 he wasn't allowed to), he created /file.ext.
136
137 Deny changing file properties in some cases:
138 --------------------------------------------
139 - Do not allow to change the properties of the root directory
140 - Do not allow to change the properties of a file in use
141
142 Deny overwriting files:
143 -----------------------
144 - While processing a file upload, check if the user wants to replace a
145 directory or overwrite a write-protected file
146 - If the user wants to copy or rename a file, check if he wants to overwrite a
147 write-protected file
148 - Do not allow to upload a file if a file with the same virtual name is
149 currently in use
150
151 Validate file uploads:
152 ----------------------
153 Dev-Editor now tries to validate a file upload by checking the handle created
154 by the CGI module.
155
156 Improved configuration file parser:
157 -----------------------------------
158 - The parser now ignores lines like that:
159 = Value
160 Such lines could lead to properties with empty keys in the configuration
161 hash.
162 - Allow configuration options with empty values
163 - If a option is defined twice, the line number of the second one is shown in
164 the error message
165
166 Output changes:
167 ---------------
168 - More encoding of HTML entities
169 - In directory listing, the "Edit" link of files in use were not greyed (very
170 nasty)
171 - Show the name of the lock file in error messages even if it has not been
172 defined in the configuration file
173
174 Small internal changes:
175 -----------------------
176 - The file saving process is now completely centralized in File::Access
177 - When generating a redirection header, check if we really have to create a
178 query string
179 - Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
180 the "newfile" parameter had no leading slash
181 - Dev-Editor now takes more care of Windows drive letters
182 - Trying to increase speed of the script by surrounding static values by single
183 quotes
184 - Code cleaning
185
186 New in version 2.2a (2004-11-29)
187 --------------------------------
188
189 File uploads did not work:
190 --------------------------
191 Dev-Editor normally tests if it has enough permissions to upload a file to a
192 directory. But the condition was missing and so Dev-Editor always aborted file
193 uploads and didn't even display the dialogue.
194
195 New in version 2.2 (2004-11-27)
196 -------------------------------
197
198 `chgrp` system command and numerical group names:
199 -------------------------------------------------
200 When changing the group, Dev-Editor is now using the `chgrp` system command.
201 This allows to use numerical group names. Before, Dev-Editor handled numerical
202 values as group IDs.
203
204 Checking root directory:
205 ------------------------
206 Dev-Editor now checks if the root directory exists and if it may be accessed.
207 This fixed also bug where it was possible to access the physical root directory
208 if Dev-Editor could not enter the virtual root directory.
209
210 Checking directory permissions:
211 -------------------------------
212 Dev-Editor does some simple checks of directory permissions now:
213 - Inaccessible directories are greyed in directory listing. You cannot access
214 them, but the actions are not disabled, because they may work.
215 - Actions needing write access to a directory are aborted if Dev-Editor has no
216 write access.
217
218 Access a directory structure similar to the root directory:
219 -----------------------------------------------------------
220 The path the user wants to access must now BEGIN with the root directory. The
221 old check made it possible to access a directory structure outside the root
222 directory similar to the root directory.
223
224 Changing mode of a directory with mode 000:
225 -------------------------------------------
226 It was not possible to change the mode of a directory with mode 000.
227
228 Upload only to directories:
229 ---------------------------
230 Dev-Editor now checks if the user really uploads a file to a directory.
231
232 Improved About dialogue:
233 ------------------------
234 - Dev-Editor now only shows the main group ID of the process user.
235 - Dev-Editor also shows the current umask of the process.
236 - Special chars in most values are now encoded to entities.
237
238 Added <label> tags:
239 -------------------
240 For a better usability in some browsers, I added <label> tags for the
241 checkboxes and radio buttons in file edit and file upload dialogue.
242
243 Directory links in error messages:
244 ----------------------------------
245 Some error messages generated by the main program now contain a link to the
246 root directory.
247
248 Bugs in HTML generation:
249 ------------------------
250 - If Dev-Editor could not read a directory, it did neither display an error
251 message nor a directory link.
252 - Some error messages had problems with {DIR} variables. Thus the variable in
253 error.htm which will be replaced by a back link is now called "{BACK}".
254 - When viewing a file, Dev-Editor inserts the contents of the file into the
255 viewfile.htm template file AFTER parsing the "editable" {IF}-block, because
256 Dev-Editor showed a very ugly behaviour when viewing this template file.
257
258 Code cleaning:
259 --------------
260 I tried to clean the source code of Dev-Editor a little bit. Some parts of the
261 code were optimized.
262
263 New in version 2.1a (2004-10-22)
264 --------------------------------
265
266 Changed file saving error handling:
267 -----------------------------------
268 Now we already unlock the file saving process, because if an error occurs
269 during this process, the file keeps locked.
270 This is not a perfect solution, there are still problems. I have to figure out
271 another one.
272
273 New in version 2.1 (2004-10-14)
274 -------------------------------
275
276 Overwrite files during file upload:
277 -----------------------------------
278 In file upload dialogue, there is a new checkbox which allows to overwrite
279 files during file upload if they already exist.
280
281 Improved file saving:
282 ---------------------
283 The process of file saving has been improved:
284 - Saving even works if the file has to be created first.
285 - Dev-Editor is now checking if the user wants to write text data into a binary
286 file.
287 - If the user just entered spaces as filename (detection works for other
288 commands using the "newfile" CGI parameter too), we use the original
289 filename.
290
291 Don't copy a directory:
292 -----------------------
293 Dev-Editor now denies copying a directory.
294
295 Check before manually unlocking:
296 --------------------------------
297 Dev-Editor now checks if the file is really locked before displaying the
298 dialogue for manually unlocking a file. If it is not locked, Dev-Editor returns
299 to directory view. Dev-Editor also behaves in this way if it is trying to
300 unlock a file.
301
302 Wrong error messages:
303 ---------------------
304 Something definitely went wrong when I remade the copy and the rename
305 functions: They printed a wrong error message if the destination already
306 existed and if it was a file.
307
308 New in version 2.0 (2004-08-10)
309 -------------------------------
310
311 File uploads:
312 -------------
313 Dev-Editor is now able to process HTTP file uploads. The files may be
314 transferred in ASCII or binary mode (similar to FTP).
315
316 Change mode and group:
317 ----------------------
318 Dev-Editor is now able to change the mode and the group of a file or a
319 directory.
320
321 HTTPS support and non-default ports:
322 ------------------------------------
323 Dev-Editor is now able to detect a HTTPS connection and if the web server
324 doesn't listen on the default ports (necessary for reloading Dev-Editor).
325
326 Do not allow removing or renaming the root directory:
327 -----------------------------------------------------
328 Dev-Editor now denies removing or renaming the root directory.
329
330 Renaming files outside the root directory:
331 ------------------------------------------
332 There was a bug which caused Dev-Editor not to rename files outside the root
333 directory if they already exist.
334
335 Improved file editing:
336 ----------------------
337 When the user wants to save an edited file using a different file name,
338 Dev-Editor now unlocks the original file and checks if a file with this
339 different name already exists and if it is locked.
340
341 Improved file creating:
342 -----------------------
343 The routine which creates empty files had a race condition which could set
344 files to 0 if they already exist.
345
346 Maximum size for files:
347 -----------------------
348 The administrator may now define a maximum size for files in the main
349 configuration file. If the user wants to view or edit a file larger than this
350 defined size, Dev-Editor denies file access (but the file can still be copied,
351 renamed or removed).
352
353 Form for creating new files or directories:
354 -------------------------------------------
355 In directory listing, when clicking on the buttons next to the fields for
356 creating new files and directories without entering a file or directory name,
357 the user got an error message which is a little bit strange.
358 Now, the user will see a form for creating new files or directories.
359
360 Newlines are converted while reading:
361 -------------------------------------
362 Whenever Dev-Editor now reads a file for output, it converts any line separator
363 to the system specific one.
364
365 Case-insensitive commands:
366 --------------------------
367 The commands are now case-insensitive, so the command "ShOw" is the same as
368 "show".
369
370 About screen:
371 -------------
372 There is now a small "About" screen which shows some more or less useful
373 information about Dev-Editor and the system.
374
375 Improvements for user interface:
376 --------------------------------
377 Made a lot of improvements for the user interface:
378 - The directory listing is now built using tables.
379 - When editing a file and the user wants to save a file using a different file
380 name, the checkbox for saving the file using a different file name is
381 activated using JavaScript.
382 - In directory listing or when viewing a file, there is a new field for quickly
383 jumping to a file or to a directory.
384 - Separated "Work with directory" and "Work with file" into different options
385 in directory listing ("Copy", "Rename", "Delete", "Unlock"). The options also
386 have their own dialogues.
387 - In directory listing, there is a new link for viewing a file or a directory
388 in the browser.
389 - When viewing a file and if the file is editable, there is a new link to edit
390 this file.
391 - Files and directories in directory listing are now sorted case-insensitively.
392
393 Configuration files:
394 --------------------
395 The settings of Dev-Editor are now stored in extern configuration files: There
396 is one file for general settings, one for the error messages and one for the
397 paths to the template files.
398
399 Templates:
400 ----------
401 The output of Dev-Editor is now controlled by template files. The source code
402 became much cleaner :-)
403
404 New in version 1.2 (2003-12-29)
405 -------------------------------
406
407 Removing directories:
408 ---------------------
409 Dev-Editor is now able to completely remove a directory.
410
411 "Work with directories":
412 ------------------------
413 In directory listing, next do a directory, there is a new link called "Work
414 with directory". When you select this link, you get a form to remove or
415 rename/move the directory.
416 Additionally, the link "Do other stuff" was renamed to "Work with file".
417
418 Overwriting existing files:
419 ---------------------------
420 If you want to copy a file, and the destination file already exists, you will
421 be asked to overwrite the file. If the destination points to a directory,
422 copying will be aborted completely.
423 If you want to rename a file or a directory, and the destination file already
424 exists, you will be asked to overwrite the file. If the destination points to a
425 directory, renaming will be aborted completely.
426
427 Confirmation for removing files:
428 --------------------------------
429 If you want to remove a file, a confirmation dialog will be displayed first.
430
431 Fixed open() calls:
432 -------------------
433 It seems that some systems don't support the FILEHANDLE,MODE,FILENAME version
434 of open(). Now we don't use it any more.
435
436 Default permissions for mkdir():
437 --------------------------------
438 Set the permissions for mkdir() to 0777. I thought it is optional (as described
439 in "perlfunc"), but some systems need it.
440
441 New in version 1.1 (2003-11-15)
442 -------------------------------
443
444 Newlines are converted:
445 -----------------------
446 Any line seperator will now be converted to the system specific line seperator
447 if you save a text file.
448
449 File permissions are checked:
450 -----------------------------
451 Dev-Editor now runs some simple checks on the file permissions when it creates
452 a directory listing, tries to view or edit a file and when it copies a file.
453
454 Tool tips for file status:
455 --------------------------
456 In directory listing, when a file cannot be viewed or edited, a tool tip on the
457 "View" or "Edit" link will show the reason why it is so.
458
459 File permissions are saved:
460 ---------------------------
461 When the user saves a text file, the file permissions were destroyed. The
462 reason was that a temporary file was used, which was renamed to the originally
463 file. Now this is fixed, but if saving of the file now fails, the file could be
464 damaged...
465
466 Links in error messages:
467 ------------------------
468 Some error messages now contain a link to go back to the directory containing
469 the file which caused the error.
470
471 Typos fixed:
472 ------------
473 There were a lot of typos in the output, the comments and the ReadMe file.
474
475 Dates fixed:
476 ------------
477 The dates of the last modification in the head comment of the files had the
478 wrong format. They had the format MM-DD-YYYY, but they should have YYYY-MM-DD.
479 Sorry, that was VERY embarassing...
480
481 New in version 1.0 (2003-10-08)
482 -------------------------------
483
484 First public release:
485 ---------------------
486 This is the first public release of Dev-Editor.
487
488 ------------------------------------------------
489
490 (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
491 (C) 2003-2005 Patrick Canterino
492
493 E-Mail: patrick@patshaping.de
494 WWW: http://devedit.sourceforge.net/

patrick-canterino.de