]> git.p6c8.net - devedit.git/blob - CHANGELOG
- Changed version number to 3.0
[devedit.git] / CHANGELOG
1 Change Log for Dev-Editor
2 =========================
3
4 Version 3.0 (2005-10-18):
5 =========================
6
7 Editing function changed:
8 -------------------------
9 - The concept of locking the file for other users before editing it is not very
10 good, causes some problems and makes it difficult to add new features. So I
11 decided to remove it.
12 - When Dev-Editor shows the form for editing a file, it calculates the MD5
13 checksum and places it in the editing form. Before saving the file, the MD5
14 checksum is calculated again and compared to the submitted one. If the two
15 sums don't match, Dev-Editor does not save the file and shows the editing
16 form.
17 - In the edit dialogue, there is also a new submit button allowing to continue
18 editing the file after saving it.
19 - Removed the possibility of encoding ISO-8859-1 HTML entities when saving a
20 file. I don't know if anybody used this function.
21
22 Copy directories:
23 -----------------
24 Dev-Editor is now able to copy a directory.
25
26 Forbid file access:
27 -------------------
28 The administrator may now define a list of files the user is not allowed to
29 access.
30
31 Individual configuration:
32 -------------------------
33 Now, Dev-Editor is able to switch some configuration values depending on the
34 current HTTP Auth user.
35 This is controlled by a separate configuration file containing sections like
36 Windows INI files (thus the configuration file parser is now able to parse
37 files containing sections in square brackets).
38 You may overwrite the following configuration values:
39 - fileroot
40 - httproot
41 - forbidden (you may also clear the default "forbidden" list)
42
43 Configuration files renamed:
44 ----------------------------
45 The extension of the configuration files is "conf" now.
46
47 Names of error messages changed:
48 --------------------------------
49 I changed the names of some error messages:
50 binary -> binary_file
51 cmd_unknown -> command_unknown
52 dir_read_fail -> dir_read_failed
53 create_ar -> create_above_root
54 not_exist -> not_found
55
56 File names containing a "+" sign:
57 ---------------------------------
58 If a file name contained a "+" sign, Dev-Editor was sometimes not able to
59 access the file, because the "+" was interpreted as a space.
60
61 Check octal numbers:
62 --------------------
63 Before changing the permissions of a file, Dev-Editor now checks if the user
64 entered a valid octal number.
65
66 Encoding of HTML entities:
67 --------------------------
68 - All HTML in output is now properly encoded
69 - HTML::Entities is a little bit slow and does currently not support very much
70 encodings. Now, we just encode the HTML control characters (<, >, & and ").
71 This also means that Dev-Editor now does not require any CPAN module.
72
73 Template class updated:
74 -----------------------
75 The template class was updated to version 1.5.
76
77 Small changes:
78 --------------
79 - Don't show the "Copy" link if a file is not readable
80 - Added checkboxes in the "Copy" and "Rename" dialogues for immediately
81 overwriting an existing file
82 - Preserve the directory listing filter if the user changes the directory using
83 the input field at the bottom of the directory listing
84
85 New in version 2.3.2 (2005-04-23)
86 ---------------------------------
87
88 Copying a file out of a directory:
89 ----------------------------------
90 Fixed a really strange bug occuring only on Windows systems.
91 Dev-Editor was not able to copy (or move) a file out of a directory if the
92 path, the user entered in the corresponding dialogue, was beginning with "../".
93
94 Empty root directory causes incomplete HTML table:
95 --------------------------------------------------
96 Dev-Editor now does not create an incomplete HTML table if the root directory
97 is completely empty or no files are matching against the current wildcard.
98
99 move() instead of rename():
100 ---------------------------
101 Dev-Editor now uses the move() function from the File::Copy module to move or
102 rename files and directories. move() is more reliable than the rename()
103 function.
104
105 No error message if reading of a directory failed:
106 --------------------------------------------------
107 If reading of a directory failed, no error message was shown. I thought this
108 bug was fixed...
109
110 Template class updated:
111 -----------------------
112 The template class was updated to version 1.4a.
113
114 New in version 2.3.1 (2005-02-19)
115 ---------------------------------
116
117 Handling of symbolic links changed:
118 -----------------------------------
119 For security reasons, I completely changed the handling of symbolic links:
120 Symbolic links are now treated as files, no matter where they point to. The
121 user is just allowed to see the path where the link points to, he is allowed to
122 delete the link, to rename it and to overwrite it by renaming an other file.
123 Nothing else is allowed.
124 Accessing a symbolic link pointing to a directory caused also a very strange
125 effect: It was possible to access this directory, but you could not access
126 the objects in it.
127 I had to do it in this way because of the very stupid behaviour of abs_path()
128 from the Cwd module: This function is just able to detect the absolute path of
129 directories.
130 Hard links are not affected by this, because it is not possible to detect them
131 (at least I don't know how to detect them).
132
133 Root directory must not be a symbolic link:
134 -------------------------------------------
135 Now, the root directory must not be a symbolic link.
136 Sorry for this, I really would have liked to allow the root directory to be a
137 symbolic link, but if I would allow this, Dev-Editor would not be able to
138 create files in the root directory. I'm looking for an alternative...
139
140 Use Greenwich Mean Time:
141 ------------------------
142 You may now use Greenwich Mean Time (GMT/UTC) in dates instead of the local
143 time.
144 I don't know if anyone needs this, but it could be useful.
145
146 Handle errors produced by File::UseList:
147 ----------------------------------------
148 - Check if unlocking of the list of files in use was successful
149 - Check if a file could be successfully added to the list of files in use
150 - Check if a file could be successfully removed from the list of files in use
151
152 Saving to non-existing files:
153 -----------------------------
154 The file saving process was aborted if the user wanted to write text data using
155 the edit function into a file that does not exists.
156 The reason was that Dev-Editor thought that this non-existing file was a binary
157 file.
158
159 Template class updated:
160 -----------------------
161 The template class was updated to version 1.4.
162 This fixes the problem of the infinitive loops produced by incorrectly nested
163 {IF} blocks.
164
165 Small changes:
166 --------------
167 - Files locked with the flock() function are now unlocked by the close()
168 function due to security reasons (see
169 http://forum.de.selfhtml.org/?t=101375&m=622582)
170 - Changed the names of two error messages:
171 dircopy -> dir_copy
172 editdir -> dir_edit
173 - Fixed various small errors in some template files
174 - The regular expression used by file_name() and upper_path() to detect Windows
175 drive letters was not case-insensitive
176
177 New in version 2.3 (2005-01-08)
178 -------------------------------
179
180 Filter directory listing:
181 -------------------------
182 Dev-Editor is now able to filter the directory listing using DOS-style
183 wildcards.
184 I think that is a little bit incomplete, Dev-Editor should be able to
185 "remember" the filter wildcard during the actions.
186 The code for parsing DOS-style wildcards is from the File::DosGlob module by
187 Gurusamy Sarathy.
188
189 flock():
190 --------
191 Dev-Editor now uses flock().
192 flock() is called using a wrapper function which checks if it is really
193 available.
194
195 check_path() broken on Windows:
196 -------------------------------
197 On Windows systems the check_path() routine was heavily broken (this routine
198 checks if someone tries to access a path above the virtual root directory). It
199 was possible to access files above the root directory by accessing a path with
200 "..." or "...." or something like that as the last path component. This bug was
201 caused by the rewrite of check_path() in Dev-Editor 2.2.
202
203 "." or ".." as end of a path:
204 -----------------------------
205 If you enter a path with "." or ".." as the last path component, Dev-Editor
206 showed a really strange behaviour by allowing to enter a path like
207 "something/." or "something/..". This was also caused by the (poor) rewrite of
208 check_path(). The problem is fixed now.
209
210 Paths beginning with "/../" caused problems:
211 --------------------------------------------
212 When composing the temporary virtual path for a new file, don't call
213 clean_path(). It is unnecessary and it also caused a problem if this path would
214 begin with /../, because on UNIX systems, canonpath() removes /../ at the
215 beginning of a path. So if a user wanted to create the file /../file.ext (but
216 he wasn't allowed to), he created /file.ext.
217
218 Deny changing file properties in some cases:
219 --------------------------------------------
220 - Do not allow to change the properties of the root directory
221 - Do not allow to change the properties of a file in use
222
223 Deny overwriting files:
224 -----------------------
225 - While processing a file upload, check if the user wants to replace a
226 directory or overwrite a write-protected file
227 - If the user wants to copy or rename a file, check if he wants to overwrite a
228 write-protected file
229 - Do not allow to upload a file if a file with the same virtual name is
230 currently in use
231
232 Validate file uploads:
233 ----------------------
234 Dev-Editor now tries to validate a file upload by checking the handle created
235 by the CGI module.
236
237 Improved configuration file parser:
238 -----------------------------------
239 - The parser now ignores lines like that:
240 = Value
241 Such lines could lead to properties with empty keys in the configuration
242 hash.
243 - Allow configuration options with empty values
244 - If a option is defined twice, the line number of the second one is shown in
245 the error message
246
247 Output changes:
248 ---------------
249 - More encoding of HTML entities
250 - In directory listing, the "Edit" link of files in use were not greyed (very
251 nasty)
252 - Show the name of the lock file in error messages even if it has not been
253 defined in the configuration file
254
255 Small internal changes:
256 -----------------------
257 - The file saving process is now completely centralized in File::Access
258 - When generating a redirection header, check if we really have to create a
259 query string
260 - Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
261 the "newfile" parameter had no leading slash
262 - Dev-Editor now takes more care of Windows drive letters
263 - Trying to increase speed of the script by surrounding static values by single
264 quotes
265 - Code cleaning
266
267 New in version 2.2a (2004-11-29)
268 --------------------------------
269
270 File uploads did not work:
271 --------------------------
272 Dev-Editor normally tests if it has enough permissions to upload a file to a
273 directory. But the condition was missing and so Dev-Editor always aborted file
274 uploads and didn't even display the dialogue.
275
276 New in version 2.2 (2004-11-27)
277 -------------------------------
278
279 `chgrp` system command and numerical group names:
280 -------------------------------------------------
281 When changing the group, Dev-Editor is now using the `chgrp` system command.
282 This allows to use numerical group names. Before, Dev-Editor handled numerical
283 values as group IDs.
284
285 Checking root directory:
286 ------------------------
287 Dev-Editor now checks if the root directory exists and if it may be accessed.
288 This fixed also bug where it was possible to access the physical root directory
289 if Dev-Editor could not enter the virtual root directory.
290
291 Checking directory permissions:
292 -------------------------------
293 Dev-Editor does some simple checks of directory permissions now:
294 - Inaccessible directories are greyed in directory listing. You cannot access
295 them, but the actions are not disabled, because they may work.
296 - Actions needing write access to a directory are aborted if Dev-Editor has no
297 write access.
298
299 Access a directory structure similar to the root directory:
300 -----------------------------------------------------------
301 The path the user wants to access must now BEGIN with the root directory. The
302 old check made it possible to access a directory structure outside the root
303 directory similar to the root directory.
304
305 Changing mode of a directory with mode 000:
306 -------------------------------------------
307 It was not possible to change the mode of a directory with mode 000.
308
309 Upload only to directories:
310 ---------------------------
311 Dev-Editor now checks if the user really uploads a file to a directory.
312
313 Improved About dialogue:
314 ------------------------
315 - Dev-Editor now only shows the main group ID of the process user.
316 - Dev-Editor also shows the current umask of the process.
317 - Special chars in most values are now encoded to entities.
318
319 Added <label> tags:
320 -------------------
321 For a better usability in some browsers, I added <label> tags for the
322 checkboxes and radio buttons in file edit and file upload dialogue.
323
324 Directory links in error messages:
325 ----------------------------------
326 Some error messages generated by the main program now contain a link to the
327 root directory.
328
329 Bugs in HTML generation:
330 ------------------------
331 - If Dev-Editor could not read a directory, it did neither display an error
332 message nor a directory link.
333 - Some error messages had problems with {DIR} variables. Thus the variable in
334 error.htm which will be replaced by a back link is now called "{BACK}".
335 - When viewing a file, Dev-Editor inserts the contents of the file into the
336 viewfile.htm template file AFTER parsing the "editable" {IF}-block, because
337 Dev-Editor showed a very ugly behaviour when viewing this template file.
338
339 Code cleaning:
340 --------------
341 I tried to clean the source code of Dev-Editor a little bit. Some parts of the
342 code were optimized.
343
344 New in version 2.1a (2004-10-22)
345 --------------------------------
346
347 Changed file saving error handling:
348 -----------------------------------
349 Now we already unlock the file saving process, because if an error occurs
350 during this process, the file keeps locked.
351 This is not a perfect solution, there are still problems. I have to figure out
352 another one.
353
354 New in version 2.1 (2004-10-14)
355 -------------------------------
356
357 Overwrite files during file upload:
358 -----------------------------------
359 In file upload dialogue, there is a new checkbox which allows to overwrite
360 files during file upload if they already exist.
361
362 Improved file saving:
363 ---------------------
364 The process of file saving has been improved:
365 - Saving even works if the file has to be created first.
366 - Dev-Editor is now checking if the user wants to write text data into a binary
367 file.
368 - If the user just entered spaces as filename (detection works for other
369 commands using the "newfile" CGI parameter too), we use the original
370 filename.
371
372 Don't copy a directory:
373 -----------------------
374 Dev-Editor now denies copying a directory.
375
376 Check before manually unlocking:
377 --------------------------------
378 Dev-Editor now checks if the file is really locked before displaying the
379 dialogue for manually unlocking a file. If it is not locked, Dev-Editor returns
380 to directory view. Dev-Editor also behaves in this way if it is trying to
381 unlock a file.
382
383 Wrong error messages:
384 ---------------------
385 Something definitely went wrong when I remade the copy and the rename
386 functions: They printed a wrong error message if the destination already
387 existed and if it was a file.
388
389 New in version 2.0 (2004-08-10)
390 -------------------------------
391
392 File uploads:
393 -------------
394 Dev-Editor is now able to process HTTP file uploads. The files may be
395 transferred in ASCII or binary mode (similar to FTP).
396
397 Change mode and group:
398 ----------------------
399 Dev-Editor is now able to change the mode and the group of a file or a
400 directory.
401
402 HTTPS support and non-default ports:
403 ------------------------------------
404 Dev-Editor is now able to detect a HTTPS connection and if the web server
405 doesn't listen on the default ports (necessary for reloading Dev-Editor).
406
407 Do not allow removing or renaming the root directory:
408 -----------------------------------------------------
409 Dev-Editor now denies removing or renaming the root directory.
410
411 Renaming files outside the root directory:
412 ------------------------------------------
413 There was a bug which caused Dev-Editor not to rename files outside the root
414 directory if they already exist.
415
416 Improved file editing:
417 ----------------------
418 When the user wants to save an edited file using a different file name,
419 Dev-Editor now unlocks the original file and checks if a file with this
420 different name already exists and if it is locked.
421
422 Improved file creating:
423 -----------------------
424 The routine which creates empty files had a race condition which could set
425 files to 0 if they already exist.
426
427 Maximum size for files:
428 -----------------------
429 The administrator may now define a maximum size for files in the main
430 configuration file. If the user wants to view or edit a file larger than this
431 defined size, Dev-Editor denies file access (but the file can still be copied,
432 renamed or removed).
433
434 Form for creating new files or directories:
435 -------------------------------------------
436 In directory listing, when clicking on the buttons next to the fields for
437 creating new files and directories without entering a file or directory name,
438 the user got an error message which is a little bit strange.
439 Now, the user will see a form for creating new files or directories.
440
441 Newlines are converted while reading:
442 -------------------------------------
443 Whenever Dev-Editor now reads a file for output, it converts any line separator
444 to the system specific one.
445
446 Case-insensitive commands:
447 --------------------------
448 The commands are now case-insensitive, so the command "ShOw" is the same as
449 "show".
450
451 About screen:
452 -------------
453 There is now a small "About" screen which shows some more or less useful
454 information about Dev-Editor and the system.
455
456 Improvements for user interface:
457 --------------------------------
458 Made a lot of improvements for the user interface:
459 - The directory listing is now built using tables.
460 - When editing a file and the user wants to save a file using a different file
461 name, the checkbox for saving the file using a different file name is
462 activated using JavaScript.
463 - In directory listing or when viewing a file, there is a new field for quickly
464 jumping to a file or to a directory.
465 - Separated "Work with directory" and "Work with file" into different options
466 in directory listing ("Copy", "Rename", "Delete", "Unlock"). The options also
467 have their own dialogues.
468 - In directory listing, there is a new link for viewing a file or a directory
469 in the browser.
470 - When viewing a file and if the file is editable, there is a new link to edit
471 this file.
472 - Files and directories in directory listing are now sorted case-insensitively.
473
474 Configuration files:
475 --------------------
476 The settings of Dev-Editor are now stored in extern configuration files: There
477 is one file for general settings, one for the error messages and one for the
478 paths to the template files.
479
480 Templates:
481 ----------
482 The output of Dev-Editor is now controlled by template files. The source code
483 became much cleaner :-)
484
485 New in version 1.2 (2003-12-29)
486 -------------------------------
487
488 Removing directories:
489 ---------------------
490 Dev-Editor is now able to completely remove a directory.
491
492 "Work with directories":
493 ------------------------
494 In directory listing, next do a directory, there is a new link called "Work
495 with directory". When you select this link, you get a form to remove or
496 rename/move the directory.
497 Additionally, the link "Do other stuff" was renamed to "Work with file".
498
499 Overwriting existing files:
500 ---------------------------
501 If you want to copy a file, and the destination file already exists, you will
502 be asked to overwrite the file. If the destination points to a directory,
503 copying will be aborted completely.
504 If you want to rename a file or a directory, and the destination file already
505 exists, you will be asked to overwrite the file. If the destination points to a
506 directory, renaming will be aborted completely.
507
508 Confirmation for removing files:
509 --------------------------------
510 If you want to remove a file, a confirmation dialog will be displayed first.
511
512 Fixed open() calls:
513 -------------------
514 It seems that some systems don't support the FILEHANDLE,MODE,FILENAME version
515 of open(). Now we don't use it any more.
516
517 Default permissions for mkdir():
518 --------------------------------
519 Set the permissions for mkdir() to 0777. I thought it is optional (as described
520 in "perlfunc"), but some systems need it.
521
522 New in version 1.1 (2003-11-15)
523 -------------------------------
524
525 Newlines are converted:
526 -----------------------
527 Any line seperator will now be converted to the system specific line seperator
528 if you save a text file.
529
530 File permissions are checked:
531 -----------------------------
532 Dev-Editor now runs some simple checks on the file permissions when it creates
533 a directory listing, tries to view or edit a file and when it copies a file.
534
535 Tool tips for file status:
536 --------------------------
537 In directory listing, when a file cannot be viewed or edited, a tool tip on the
538 "View" or "Edit" link will show the reason why it is so.
539
540 File permissions are saved:
541 ---------------------------
542 When the user saves a text file, the file permissions were destroyed. The
543 reason was that a temporary file was used, which was renamed to the originally
544 file. Now this is fixed, but if saving of the file now fails, the file could be
545 damaged...
546
547 Links in error messages:
548 ------------------------
549 Some error messages now contain a link to go back to the directory containing
550 the file which caused the error.
551
552 Typos fixed:
553 ------------
554 There were a lot of typos in the output, the comments and the ReadMe file.
555
556 Dates fixed:
557 ------------
558 The dates of the last modification in the head comment of the files had the
559 wrong format. They had the format MM-DD-YYYY, but they should have YYYY-MM-DD.
560 Sorry, that was VERY embarassing...
561
562 New in version 1.0 (2003-10-08)
563 -------------------------------
564
565 First public release:
566 ---------------------
567 This is the first public release of Dev-Editor.
568
569 ------------------------------------------------
570
571 (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
572 (C) 2003-2005 Patrick Canterino
573
574 E-Mail: patrick@patshaping.de
575 WWW: http://devedit.sourceforge.net/

patrick-canterino.de