1 Change Log for Dev-Editor
2 =========================
4 Version 3.2 (2011-02-12):
5 =========================
7 Unpacking archive files:
8 ------------------------
9 Dev-Editor is now able to unpack some types archive files. You may unpack
10 archive files in directory listing or immediately after uploading it to the
12 To achieve this, Dev-Editor relies on the Perl module Archive::Extract (core
13 module since Perl 5.10, I guess). If Archive::Extract is not available,
14 unpacking of archives is automatically disabled.
18 Added new configuration option "disable_commands" for disabling commands of
23 Added new configuration option "startdir" which defines the default directory
28 You may now execute a HTTP download of a file.
32 Dev-Editor is now licensed under the terms of the Artistic License 2.0.
36 - Added a checkbox for editing a file after creating it.
37 - Changed the colour scheme in directory listing.
38 - In directory listing, added links for (un-)selecting files.
40 Version 3.1 (2009-05-12):
41 =========================
43 Removing multiple files:
44 ------------------------
45 In the directory listing, there are now checkboxes for selecting files and a
46 button for removing them.
48 Better distinction of objects in directory listing:
49 ---------------------------------------------------
50 For a better distinction of the objects in directory listing, every second
51 object has a grey background now.
53 Remote name for uploaded files:
54 -------------------------------
55 When uploading a file, you can now specify a name for the file on the server.
57 Prefilled form fields:
58 ----------------------
59 If you want to copy or rename/move a file or a directory or save a file using
60 a different name, the form field for the new filename is prefilled with the
61 old one. Additionally, the entered path is no more relative to the directory
66 When the new configuration option "hide_dot_files" is set to 1, every file or
67 directory beginning with a "." is not shown in the directory listing. But you
68 can still access the file / directory by typing its name into the "Go to
70 This option is also available in the user-dependent configuration.
74 In the header of each file, there is a now a copyright note and a reference to
77 Template class updated:
78 -----------------------
79 The template class was updated to version 2.0.
81 Version 3.0.1 (2005-11-10):
82 ===========================
84 Accessing files above the virtual root directory:
85 -------------------------------------------------
86 It was possible to access files and directories above the virtual root
87 directory beginning with the same string as the root directory.
89 If your root directory is "/var/www/user1" it was possible to access
90 "/var/www/user10", "/var/www/user11" and so on.
92 Version 3.0 (2005-10-18):
93 =========================
95 Editing function changed:
96 -------------------------
97 - The concept of locking the file for other users before editing it is not very
98 good, causes some problems and makes it difficult to add new features. So I
100 - When Dev-Editor shows the form for editing a file, it calculates the MD5
101 checksum and places it in the editing form. Before saving the file, the MD5
102 checksum is calculated again and compared to the submitted one. If the two
103 sums don't match, Dev-Editor does not save the file and shows the editing
105 - In the edit dialogue, there is also a new submit button allowing to continue
106 editing the file after saving it.
107 - Removed the possibility of encoding ISO-8859-1 HTML entities when saving a
108 file. I don't know if anybody used this function.
112 Dev-Editor is now able to copy a directory.
116 The administrator may now define a list of files the user is not allowed to
119 Individual configuration:
120 -------------------------
121 Now, Dev-Editor is able to switch some configuration values depending on the
122 current HTTP Auth user.
123 This is controlled by a separate configuration file containing sections like
124 Windows INI files (thus the configuration file parser is now able to parse
125 files containing sections in square brackets).
126 You may overwrite the following configuration values:
129 - forbidden (you may also clear the default "forbidden" list)
131 Configuration files renamed:
132 ----------------------------
133 The extension of the configuration files is "conf" now.
135 Names of error messages changed:
136 --------------------------------
137 I changed the names of some error messages:
138 binary -> binary_file
139 cmd_unknown -> command_unknown
140 dir_read_fail -> dir_read_failed
141 create_ar -> create_above_root
142 not_exist -> not_found
144 File names containing a "+" sign:
145 ---------------------------------
146 If a file name contained a "+" sign, Dev-Editor was sometimes not able to
147 access the file, because the "+" was interpreted as a space.
151 Before changing the permissions of a file, Dev-Editor now checks if the user
152 entered a valid octal number.
154 Encoding of HTML entities:
155 --------------------------
156 - All HTML in output is now properly encoded
157 - HTML::Entities is a little bit slow and does currently not support very much
158 encodings. Now, we just encode the HTML control characters (<, >, & and ").
159 This also means that Dev-Editor now does not require any CPAN module.
161 Template class updated:
162 -----------------------
163 The template class was updated to version 1.5.
167 - Don't show the "Copy" link if a file is not readable
168 - Added checkboxes in the "Copy" and "Rename" dialogues for immediately
169 overwriting an existing file
170 - Preserve the directory listing filter if the user changes the directory using
171 the input field at the bottom of the directory listing
173 New in version 2.3.2 (2005-04-23)
174 ---------------------------------
176 Copying a file out of a directory:
177 ----------------------------------
178 Fixed a really strange bug occuring only on Windows systems.
179 Dev-Editor was not able to copy (or move) a file out of a directory if the
180 path, the user entered in the corresponding dialogue, was beginning with "../".
182 Empty root directory causes incomplete HTML table:
183 --------------------------------------------------
184 Dev-Editor now does not create an incomplete HTML table if the root directory
185 is completely empty or no files are matching against the current wildcard.
187 move() instead of rename():
188 ---------------------------
189 Dev-Editor now uses the move() function from the File::Copy module to move or
190 rename files and directories. move() is more reliable than the rename()
193 No error message if reading of a directory failed:
194 --------------------------------------------------
195 If reading of a directory failed, no error message was shown. I thought this
198 Template class updated:
199 -----------------------
200 The template class was updated to version 1.4a.
202 New in version 2.3.1 (2005-02-19)
203 ---------------------------------
205 Handling of symbolic links changed:
206 -----------------------------------
207 For security reasons, I completely changed the handling of symbolic links:
208 Symbolic links are now treated as files, no matter where they point to. The
209 user is just allowed to see the path where the link points to, he is allowed to
210 delete the link, to rename it and to overwrite it by renaming an other file.
211 Nothing else is allowed.
212 Accessing a symbolic link pointing to a directory caused also a very strange
213 effect: It was possible to access this directory, but you could not access
215 I had to do it in this way because of the very stupid behaviour of abs_path()
216 from the Cwd module: This function is just able to detect the absolute path of
218 Hard links are not affected by this, because it is not possible to detect them
219 (at least I don't know how to detect them).
221 Root directory must not be a symbolic link:
222 -------------------------------------------
223 Now, the root directory must not be a symbolic link.
224 Sorry for this, I really would have liked to allow the root directory to be a
225 symbolic link, but if I would allow this, Dev-Editor would not be able to
226 create files in the root directory. I'm looking for an alternative...
228 Use Greenwich Mean Time:
229 ------------------------
230 You may now use Greenwich Mean Time (GMT/UTC) in dates instead of the local
232 I don't know if anyone needs this, but it could be useful.
234 Handle errors produced by File::UseList:
235 ----------------------------------------
236 - Check if unlocking of the list of files in use was successful
237 - Check if a file could be successfully added to the list of files in use
238 - Check if a file could be successfully removed from the list of files in use
240 Saving to non-existing files:
241 -----------------------------
242 The file saving process was aborted if the user wanted to write text data using
243 the edit function into a file that does not exists.
244 The reason was that Dev-Editor thought that this non-existing file was a binary
247 Template class updated:
248 -----------------------
249 The template class was updated to version 1.4.
250 This fixes the problem of the infinitive loops produced by incorrectly nested
255 - Files locked with the flock() function are now unlocked by the close()
256 function due to security reasons (see
257 http://forum.de.selfhtml.org/?t=101375&m=622582)
258 - Changed the names of two error messages:
261 - Fixed various small errors in some template files
262 - The regular expression used by file_name() and upper_path() to detect Windows
263 drive letters was not case-insensitive
265 New in version 2.3 (2005-01-08)
266 -------------------------------
268 Filter directory listing:
269 -------------------------
270 Dev-Editor is now able to filter the directory listing using DOS-style
272 I think that is a little bit incomplete, Dev-Editor should be able to
273 "remember" the filter wildcard during the actions.
274 The code for parsing DOS-style wildcards is from the File::DosGlob module by
279 Dev-Editor now uses flock().
280 flock() is called using a wrapper function which checks if it is really
283 check_path() broken on Windows:
284 -------------------------------
285 On Windows systems the check_path() routine was heavily broken (this routine
286 checks if someone tries to access a path above the virtual root directory). It
287 was possible to access files above the root directory by accessing a path with
288 "..." or "...." or something like that as the last path component. This bug was
289 caused by the rewrite of check_path() in Dev-Editor 2.2.
291 "." or ".." as end of a path:
292 -----------------------------
293 If you enter a path with "." or ".." as the last path component, Dev-Editor
294 showed a really strange behaviour by allowing to enter a path like
295 "something/." or "something/..". This was also caused by the (poor) rewrite of
296 check_path(). The problem is fixed now.
298 Paths beginning with "/../" caused problems:
299 --------------------------------------------
300 When composing the temporary virtual path for a new file, don't call
301 clean_path(). It is unnecessary and it also caused a problem if this path would
302 begin with /../, because on UNIX systems, canonpath() removes /../ at the
303 beginning of a path. So if a user wanted to create the file /../file.ext (but
304 he wasn't allowed to), he created /file.ext.
306 Deny changing file properties in some cases:
307 --------------------------------------------
308 - Do not allow to change the properties of the root directory
309 - Do not allow to change the properties of a file in use
311 Deny overwriting files:
312 -----------------------
313 - While processing a file upload, check if the user wants to replace a
314 directory or overwrite a write-protected file
315 - If the user wants to copy or rename a file, check if he wants to overwrite a
317 - Do not allow to upload a file if a file with the same virtual name is
320 Validate file uploads:
321 ----------------------
322 Dev-Editor now tries to validate a file upload by checking the handle created
325 Improved configuration file parser:
326 -----------------------------------
327 - The parser now ignores lines like that:
329 Such lines could lead to properties with empty keys in the configuration
331 - Allow configuration options with empty values
332 - If a option is defined twice, the line number of the second one is shown in
337 - More encoding of HTML entities
338 - In directory listing, the "Edit" link of files in use were not greyed (very
340 - Show the name of the lock file in error messages even if it has not been
341 defined in the configuration file
343 Small internal changes:
344 -----------------------
345 - The file saving process is now completely centralized in File::Access
346 - When generating a redirection header, check if we really have to create a
348 - Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
349 the "newfile" parameter had no leading slash
350 - Dev-Editor now takes more care of Windows drive letters
351 - Trying to increase speed of the script by surrounding static values by single
355 New in version 2.2a (2004-11-29)
356 --------------------------------
358 File uploads did not work:
359 --------------------------
360 Dev-Editor normally tests if it has enough permissions to upload a file to a
361 directory. But the condition was missing and so Dev-Editor always aborted file
362 uploads and didn't even display the dialogue.
364 New in version 2.2 (2004-11-27)
365 -------------------------------
367 `chgrp` system command and numerical group names:
368 -------------------------------------------------
369 When changing the group, Dev-Editor is now using the `chgrp` system command.
370 This allows to use numerical group names. Before, Dev-Editor handled numerical
373 Checking root directory:
374 ------------------------
375 Dev-Editor now checks if the root directory exists and if it may be accessed.
376 This fixed also bug where it was possible to access the physical root directory
377 if Dev-Editor could not enter the virtual root directory.
379 Checking directory permissions:
380 -------------------------------
381 Dev-Editor does some simple checks of directory permissions now:
382 - Inaccessible directories are greyed in directory listing. You cannot access
383 them, but the actions are not disabled, because they may work.
384 - Actions needing write access to a directory are aborted if Dev-Editor has no
387 Access a directory structure similar to the root directory:
388 -----------------------------------------------------------
389 The path the user wants to access must now BEGIN with the root directory. The
390 old check made it possible to access a directory structure outside the root
391 directory similar to the root directory.
393 Changing mode of a directory with mode 000:
394 -------------------------------------------
395 It was not possible to change the mode of a directory with mode 000.
397 Upload only to directories:
398 ---------------------------
399 Dev-Editor now checks if the user really uploads a file to a directory.
401 Improved About dialogue:
402 ------------------------
403 - Dev-Editor now only shows the main group ID of the process user.
404 - Dev-Editor also shows the current umask of the process.
405 - Special chars in most values are now encoded to entities.
409 For a better usability in some browsers, I added <label> tags for the
410 checkboxes and radio buttons in file edit and file upload dialogue.
412 Directory links in error messages:
413 ----------------------------------
414 Some error messages generated by the main program now contain a link to the
417 Bugs in HTML generation:
418 ------------------------
419 - If Dev-Editor could not read a directory, it did neither display an error
420 message nor a directory link.
421 - Some error messages had problems with {DIR} variables. Thus the variable in
422 error.htm which will be replaced by a back link is now called "{BACK}".
423 - When viewing a file, Dev-Editor inserts the contents of the file into the
424 viewfile.htm template file AFTER parsing the "editable" {IF}-block, because
425 Dev-Editor showed a very ugly behaviour when viewing this template file.
429 I tried to clean the source code of Dev-Editor a little bit. Some parts of the
432 New in version 2.1a (2004-10-22)
433 --------------------------------
435 Changed file saving error handling:
436 -----------------------------------
437 Now we already unlock the file saving process, because if an error occurs
438 during this process, the file keeps locked.
439 This is not a perfect solution, there are still problems. I have to figure out
442 New in version 2.1 (2004-10-14)
443 -------------------------------
445 Overwrite files during file upload:
446 -----------------------------------
447 In file upload dialogue, there is a new checkbox which allows to overwrite
448 files during file upload if they already exist.
450 Improved file saving:
451 ---------------------
452 The process of file saving has been improved:
453 - Saving even works if the file has to be created first.
454 - Dev-Editor is now checking if the user wants to write text data into a binary
456 - If the user just entered spaces as filename (detection works for other
457 commands using the "newfile" CGI parameter too), we use the original
460 Don't copy a directory:
461 -----------------------
462 Dev-Editor now denies copying a directory.
464 Check before manually unlocking:
465 --------------------------------
466 Dev-Editor now checks if the file is really locked before displaying the
467 dialogue for manually unlocking a file. If it is not locked, Dev-Editor returns
468 to directory view. Dev-Editor also behaves in this way if it is trying to
471 Wrong error messages:
472 ---------------------
473 Something definitely went wrong when I remade the copy and the rename
474 functions: They printed a wrong error message if the destination already
475 existed and if it was a file.
477 New in version 2.0 (2004-08-10)
478 -------------------------------
482 Dev-Editor is now able to process HTTP file uploads. The files may be
483 transferred in ASCII or binary mode (similar to FTP).
485 Change mode and group:
486 ----------------------
487 Dev-Editor is now able to change the mode and the group of a file or a
490 HTTPS support and non-default ports:
491 ------------------------------------
492 Dev-Editor is now able to detect a HTTPS connection and if the web server
493 doesn't listen on the default ports (necessary for reloading Dev-Editor).
495 Do not allow removing or renaming the root directory:
496 -----------------------------------------------------
497 Dev-Editor now denies removing or renaming the root directory.
499 Renaming files outside the root directory:
500 ------------------------------------------
501 There was a bug which caused Dev-Editor not to rename files outside the root
502 directory if they already exist.
504 Improved file editing:
505 ----------------------
506 When the user wants to save an edited file using a different file name,
507 Dev-Editor now unlocks the original file and checks if a file with this
508 different name already exists and if it is locked.
510 Improved file creating:
511 -----------------------
512 The routine which creates empty files had a race condition which could set
513 files to 0 if they already exist.
515 Maximum size for files:
516 -----------------------
517 The administrator may now define a maximum size for files in the main
518 configuration file. If the user wants to view or edit a file larger than this
519 defined size, Dev-Editor denies file access (but the file can still be copied,
522 Form for creating new files or directories:
523 -------------------------------------------
524 In directory listing, when clicking on the buttons next to the fields for
525 creating new files and directories without entering a file or directory name,
526 the user got an error message which is a little bit strange.
527 Now, the user will see a form for creating new files or directories.
529 Newlines are converted while reading:
530 -------------------------------------
531 Whenever Dev-Editor now reads a file for output, it converts any line separator
532 to the system specific one.
534 Case-insensitive commands:
535 --------------------------
536 The commands are now case-insensitive, so the command "ShOw" is the same as
541 There is now a small "About" screen which shows some more or less useful
542 information about Dev-Editor and the system.
544 Improvements for user interface:
545 --------------------------------
546 Made a lot of improvements for the user interface:
547 - The directory listing is now built using tables.
548 - When editing a file and the user wants to save a file using a different file
549 name, the checkbox for saving the file using a different file name is
550 activated using JavaScript.
551 - In directory listing or when viewing a file, there is a new field for quickly
552 jumping to a file or to a directory.
553 - Separated "Work with directory" and "Work with file" into different options
554 in directory listing ("Copy", "Rename", "Delete", "Unlock"). The options also
555 have their own dialogues.
556 - In directory listing, there is a new link for viewing a file or a directory
558 - When viewing a file and if the file is editable, there is a new link to edit
560 - Files and directories in directory listing are now sorted case-insensitively.
564 The settings of Dev-Editor are now stored in extern configuration files: There
565 is one file for general settings, one for the error messages and one for the
566 paths to the template files.
570 The output of Dev-Editor is now controlled by template files. The source code
571 became much cleaner :-)
573 New in version 1.2 (2003-12-29)
574 -------------------------------
576 Removing directories:
577 ---------------------
578 Dev-Editor is now able to completely remove a directory.
580 "Work with directories":
581 ------------------------
582 In directory listing, next do a directory, there is a new link called "Work
583 with directory". When you select this link, you get a form to remove or
584 rename/move the directory.
585 Additionally, the link "Do other stuff" was renamed to "Work with file".
587 Overwriting existing files:
588 ---------------------------
589 If you want to copy a file, and the destination file already exists, you will
590 be asked to overwrite the file. If the destination points to a directory,
591 copying will be aborted completely.
592 If you want to rename a file or a directory, and the destination file already
593 exists, you will be asked to overwrite the file. If the destination points to a
594 directory, renaming will be aborted completely.
596 Confirmation for removing files:
597 --------------------------------
598 If you want to remove a file, a confirmation dialog will be displayed first.
602 It seems that some systems don't support the FILEHANDLE,MODE,FILENAME version
603 of open(). Now we don't use it any more.
605 Default permissions for mkdir():
606 --------------------------------
607 Set the permissions for mkdir() to 0777. I thought it is optional (as described
608 in "perlfunc"), but some systems need it.
610 New in version 1.1 (2003-11-15)
611 -------------------------------
613 Newlines are converted:
614 -----------------------
615 Any line seperator will now be converted to the system specific line seperator
616 if you save a text file.
618 File permissions are checked:
619 -----------------------------
620 Dev-Editor now runs some simple checks on the file permissions when it creates
621 a directory listing, tries to view or edit a file and when it copies a file.
623 Tool tips for file status:
624 --------------------------
625 In directory listing, when a file cannot be viewed or edited, a tool tip on the
626 "View" or "Edit" link will show the reason why it is so.
628 File permissions are saved:
629 ---------------------------
630 When the user saves a text file, the file permissions were destroyed. The
631 reason was that a temporary file was used, which was renamed to the originally
632 file. Now this is fixed, but if saving of the file now fails, the file could be
635 Links in error messages:
636 ------------------------
637 Some error messages now contain a link to go back to the directory containing
638 the file which caused the error.
642 There were a lot of typos in the output, the comments and the ReadMe file.
646 The dates of the last modification in the head comment of the files had the
647 wrong format. They had the format MM-DD-YYYY, but they should have YYYY-MM-DD.
648 Sorry, that was VERY embarassing...
650 New in version 1.0 (2003-10-08)
651 -------------------------------
653 First public release:
654 ---------------------
655 This is the first public release of Dev-Editor.
657 ------------------------------------------------
659 (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
660 (C) 2003-2011 Patrick Canterino
662 E-Mail: patrick@patshaping.de
663 WWW: http://devedit.sourceforge.net/