e5a8e8734ae40f291751c808b8c7e22c347cbb54
[devedit.git] / CHANGELOG
1 Change Log for Dev-Editor
2 =========================
3
4 Version 3.x.x (200x-xx-xx):
5 ===========================
6
7 Better distinction of objects in directory listing:
8 ---------------------------------------------------
9 For a better distinction of the objects in directory listing, every second
10 object has a grey background now.
11
12 Prefilled form fields:
13 ----------------------
14 If you want to copy or rename/move a file or a directory or save a file using
15 a different name, the form field for the new filename is prefilled with the
16 old one. Additionally, the entered path is no more relative to the directory
17 of the original file.
18
19 Hide dot files:
20 ---------------
21 When the new configuration option "hide_dot_files" is set to 1, every file or
22 directory beginning with a "." is not shown in the directory listing. But you
23 can still access the file / directory by typing its name into the "Go to
24 directory/file" box.
25 This option is also available in the user-dependent configuration.
26
27 Copyright note:
28 ---------------
29 In the header of each file, there is a now a copyright note and a reference to
30 the Artistic License.
31
32 Template class updated:
33 -----------------------
34 The template class was updated to version 2.0.
35
36 Version 3.0.1 (2005-11-10):
37 ===========================
38
39 Accessing files above the virtual root directory:
40 -------------------------------------------------
41 It was possible to access files and directories above the virtual root
42 directory beginning with the same string as the root directory.
43 For example:
44 If your root directory is "/var/www/user1" it was possible to access
45 "/var/www/user10", "/var/www/user11" and so on.
46
47 Version 3.0 (2005-10-18):
48 =========================
49
50 Editing function changed:
51 -------------------------
52 - The concept of locking the file for other users before editing it is not very
53 good, causes some problems and makes it difficult to add new features. So I
54 decided to remove it.
55 - When Dev-Editor shows the form for editing a file, it calculates the MD5
56 checksum and places it in the editing form. Before saving the file, the MD5
57 checksum is calculated again and compared to the submitted one. If the two
58 sums don't match, Dev-Editor does not save the file and shows the editing
59 form.
60 - In the edit dialogue, there is also a new submit button allowing to continue
61 editing the file after saving it.
62 - Removed the possibility of encoding ISO-8859-1 HTML entities when saving a
63 file. I don't know if anybody used this function.
64
65 Copy directories:
66 -----------------
67 Dev-Editor is now able to copy a directory.
68
69 Forbid file access:
70 -------------------
71 The administrator may now define a list of files the user is not allowed to
72 access.
73
74 Individual configuration:
75 -------------------------
76 Now, Dev-Editor is able to switch some configuration values depending on the
77 current HTTP Auth user.
78 This is controlled by a separate configuration file containing sections like
79 Windows INI files (thus the configuration file parser is now able to parse
80 files containing sections in square brackets).
81 You may overwrite the following configuration values:
82 - fileroot
83 - httproot
84 - forbidden (you may also clear the default "forbidden" list)
85
86 Configuration files renamed:
87 ----------------------------
88 The extension of the configuration files is "conf" now.
89
90 Names of error messages changed:
91 --------------------------------
92 I changed the names of some error messages:
93 binary -> binary_file
94 cmd_unknown -> command_unknown
95 dir_read_fail -> dir_read_failed
96 create_ar -> create_above_root
97 not_exist -> not_found
98
99 File names containing a "+" sign:
100 ---------------------------------
101 If a file name contained a "+" sign, Dev-Editor was sometimes not able to
102 access the file, because the "+" was interpreted as a space.
103
104 Check octal numbers:
105 --------------------
106 Before changing the permissions of a file, Dev-Editor now checks if the user
107 entered a valid octal number.
108
109 Encoding of HTML entities:
110 --------------------------
111 - All HTML in output is now properly encoded
112 - HTML::Entities is a little bit slow and does currently not support very much
113 encodings. Now, we just encode the HTML control characters (<, >, & and ").
114 This also means that Dev-Editor now does not require any CPAN module.
115
116 Template class updated:
117 -----------------------
118 The template class was updated to version 1.5.
119
120 Small changes:
121 --------------
122 - Don't show the "Copy" link if a file is not readable
123 - Added checkboxes in the "Copy" and "Rename" dialogues for immediately
124 overwriting an existing file
125 - Preserve the directory listing filter if the user changes the directory using
126 the input field at the bottom of the directory listing
127
128 New in version 2.3.2 (2005-04-23)
129 ---------------------------------
130
131 Copying a file out of a directory:
132 ----------------------------------
133 Fixed a really strange bug occuring only on Windows systems.
134 Dev-Editor was not able to copy (or move) a file out of a directory if the
135 path, the user entered in the corresponding dialogue, was beginning with "../".
136
137 Empty root directory causes incomplete HTML table:
138 --------------------------------------------------
139 Dev-Editor now does not create an incomplete HTML table if the root directory
140 is completely empty or no files are matching against the current wildcard.
141
142 move() instead of rename():
143 ---------------------------
144 Dev-Editor now uses the move() function from the File::Copy module to move or
145 rename files and directories. move() is more reliable than the rename()
146 function.
147
148 No error message if reading of a directory failed:
149 --------------------------------------------------
150 If reading of a directory failed, no error message was shown. I thought this
151 bug was fixed...
152
153 Template class updated:
154 -----------------------
155 The template class was updated to version 1.4a.
156
157 New in version 2.3.1 (2005-02-19)
158 ---------------------------------
159
160 Handling of symbolic links changed:
161 -----------------------------------
162 For security reasons, I completely changed the handling of symbolic links:
163 Symbolic links are now treated as files, no matter where they point to. The
164 user is just allowed to see the path where the link points to, he is allowed to
165 delete the link, to rename it and to overwrite it by renaming an other file.
166 Nothing else is allowed.
167 Accessing a symbolic link pointing to a directory caused also a very strange
168 effect: It was possible to access this directory, but you could not access
169 the objects in it.
170 I had to do it in this way because of the very stupid behaviour of abs_path()
171 from the Cwd module: This function is just able to detect the absolute path of
172 directories.
173 Hard links are not affected by this, because it is not possible to detect them
174 (at least I don't know how to detect them).
175
176 Root directory must not be a symbolic link:
177 -------------------------------------------
178 Now, the root directory must not be a symbolic link.
179 Sorry for this, I really would have liked to allow the root directory to be a
180 symbolic link, but if I would allow this, Dev-Editor would not be able to
181 create files in the root directory. I'm looking for an alternative...
182
183 Use Greenwich Mean Time:
184 ------------------------
185 You may now use Greenwich Mean Time (GMT/UTC) in dates instead of the local
186 time.
187 I don't know if anyone needs this, but it could be useful.
188
189 Handle errors produced by File::UseList:
190 ----------------------------------------
191 - Check if unlocking of the list of files in use was successful
192 - Check if a file could be successfully added to the list of files in use
193 - Check if a file could be successfully removed from the list of files in use
194
195 Saving to non-existing files:
196 -----------------------------
197 The file saving process was aborted if the user wanted to write text data using
198 the edit function into a file that does not exists.
199 The reason was that Dev-Editor thought that this non-existing file was a binary
200 file.
201
202 Template class updated:
203 -----------------------
204 The template class was updated to version 1.4.
205 This fixes the problem of the infinitive loops produced by incorrectly nested
206 {IF} blocks.
207
208 Small changes:
209 --------------
210 - Files locked with the flock() function are now unlocked by the close()
211 function due to security reasons (see
212 http://forum.de.selfhtml.org/?t=101375&m=622582)
213 - Changed the names of two error messages:
214 dircopy -> dir_copy
215 editdir -> dir_edit
216 - Fixed various small errors in some template files
217 - The regular expression used by file_name() and upper_path() to detect Windows
218 drive letters was not case-insensitive
219
220 New in version 2.3 (2005-01-08)
221 -------------------------------
222
223 Filter directory listing:
224 -------------------------
225 Dev-Editor is now able to filter the directory listing using DOS-style
226 wildcards.
227 I think that is a little bit incomplete, Dev-Editor should be able to
228 "remember" the filter wildcard during the actions.
229 The code for parsing DOS-style wildcards is from the File::DosGlob module by
230 Gurusamy Sarathy.
231
232 flock():
233 --------
234 Dev-Editor now uses flock().
235 flock() is called using a wrapper function which checks if it is really
236 available.
237
238 check_path() broken on Windows:
239 -------------------------------
240 On Windows systems the check_path() routine was heavily broken (this routine
241 checks if someone tries to access a path above the virtual root directory). It
242 was possible to access files above the root directory by accessing a path with
243 "..." or "...." or something like that as the last path component. This bug was
244 caused by the rewrite of check_path() in Dev-Editor 2.2.
245
246 "." or ".." as end of a path:
247 -----------------------------
248 If you enter a path with "." or ".." as the last path component, Dev-Editor
249 showed a really strange behaviour by allowing to enter a path like
250 "something/." or "something/..". This was also caused by the (poor) rewrite of
251 check_path(). The problem is fixed now.
252
253 Paths beginning with "/../" caused problems:
254 --------------------------------------------
255 When composing the temporary virtual path for a new file, don't call
256 clean_path(). It is unnecessary and it also caused a problem if this path would
257 begin with /../, because on UNIX systems, canonpath() removes /../ at the
258 beginning of a path. So if a user wanted to create the file /../file.ext (but
259 he wasn't allowed to), he created /file.ext.
260
261 Deny changing file properties in some cases:
262 --------------------------------------------
263 - Do not allow to change the properties of the root directory
264 - Do not allow to change the properties of a file in use
265
266 Deny overwriting files:
267 -----------------------
268 - While processing a file upload, check if the user wants to replace a
269 directory or overwrite a write-protected file
270 - If the user wants to copy or rename a file, check if he wants to overwrite a
271 write-protected file
272 - Do not allow to upload a file if a file with the same virtual name is
273 currently in use
274
275 Validate file uploads:
276 ----------------------
277 Dev-Editor now tries to validate a file upload by checking the handle created
278 by the CGI module.
279
280 Improved configuration file parser:
281 -----------------------------------
282 - The parser now ignores lines like that:
283 = Value
284 Such lines could lead to properties with empty keys in the configuration
285 hash.
286 - Allow configuration options with empty values
287 - If a option is defined twice, the line number of the second one is shown in
288 the error message
289
290 Output changes:
291 ---------------
292 - More encoding of HTML entities
293 - In directory listing, the "Edit" link of files in use were not greyed (very
294 nasty)
295 - Show the name of the lock file in error messages even if it has not been
296 defined in the configuration file
297
298 Small internal changes:
299 -----------------------
300 - The file saving process is now completely centralized in File::Access
301 - When generating a redirection header, check if we really have to create a
302 query string
303 - Fixed a bug occuring if the "curdir" CGI parameter had no trailing slash and
304 the "newfile" parameter had no leading slash
305 - Dev-Editor now takes more care of Windows drive letters
306 - Trying to increase speed of the script by surrounding static values by single
307 quotes
308 - Code cleaning
309
310 New in version 2.2a (2004-11-29)
311 --------------------------------
312
313 File uploads did not work:
314 --------------------------
315 Dev-Editor normally tests if it has enough permissions to upload a file to a
316 directory. But the condition was missing and so Dev-Editor always aborted file
317 uploads and didn't even display the dialogue.
318
319 New in version 2.2 (2004-11-27)
320 -------------------------------
321
322 `chgrp` system command and numerical group names:
323 -------------------------------------------------
324 When changing the group, Dev-Editor is now using the `chgrp` system command.
325 This allows to use numerical group names. Before, Dev-Editor handled numerical
326 values as group IDs.
327
328 Checking root directory:
329 ------------------------
330 Dev-Editor now checks if the root directory exists and if it may be accessed.
331 This fixed also bug where it was possible to access the physical root directory
332 if Dev-Editor could not enter the virtual root directory.
333
334 Checking directory permissions:
335 -------------------------------
336 Dev-Editor does some simple checks of directory permissions now:
337 - Inaccessible directories are greyed in directory listing. You cannot access
338 them, but the actions are not disabled, because they may work.
339 - Actions needing write access to a directory are aborted if Dev-Editor has no
340 write access.
341
342 Access a directory structure similar to the root directory:
343 -----------------------------------------------------------
344 The path the user wants to access must now BEGIN with the root directory. The
345 old check made it possible to access a directory structure outside the root
346 directory similar to the root directory.
347
348 Changing mode of a directory with mode 000:
349 -------------------------------------------
350 It was not possible to change the mode of a directory with mode 000.
351
352 Upload only to directories:
353 ---------------------------
354 Dev-Editor now checks if the user really uploads a file to a directory.
355
356 Improved About dialogue:
357 ------------------------
358 - Dev-Editor now only shows the main group ID of the process user.
359 - Dev-Editor also shows the current umask of the process.
360 - Special chars in most values are now encoded to entities.
361
362 Added <label> tags:
363 -------------------
364 For a better usability in some browsers, I added <label> tags for the
365 checkboxes and radio buttons in file edit and file upload dialogue.
366
367 Directory links in error messages:
368 ----------------------------------
369 Some error messages generated by the main program now contain a link to the
370 root directory.
371
372 Bugs in HTML generation:
373 ------------------------
374 - If Dev-Editor could not read a directory, it did neither display an error
375 message nor a directory link.
376 - Some error messages had problems with {DIR} variables. Thus the variable in
377 error.htm which will be replaced by a back link is now called "{BACK}".
378 - When viewing a file, Dev-Editor inserts the contents of the file into the
379 viewfile.htm template file AFTER parsing the "editable" {IF}-block, because
380 Dev-Editor showed a very ugly behaviour when viewing this template file.
381
382 Code cleaning:
383 --------------
384 I tried to clean the source code of Dev-Editor a little bit. Some parts of the
385 code were optimized.
386
387 New in version 2.1a (2004-10-22)
388 --------------------------------
389
390 Changed file saving error handling:
391 -----------------------------------
392 Now we already unlock the file saving process, because if an error occurs
393 during this process, the file keeps locked.
394 This is not a perfect solution, there are still problems. I have to figure out
395 another one.
396
397 New in version 2.1 (2004-10-14)
398 -------------------------------
399
400 Overwrite files during file upload:
401 -----------------------------------
402 In file upload dialogue, there is a new checkbox which allows to overwrite
403 files during file upload if they already exist.
404
405 Improved file saving:
406 ---------------------
407 The process of file saving has been improved:
408 - Saving even works if the file has to be created first.
409 - Dev-Editor is now checking if the user wants to write text data into a binary
410 file.
411 - If the user just entered spaces as filename (detection works for other
412 commands using the "newfile" CGI parameter too), we use the original
413 filename.
414
415 Don't copy a directory:
416 -----------------------
417 Dev-Editor now denies copying a directory.
418
419 Check before manually unlocking:
420 --------------------------------
421 Dev-Editor now checks if the file is really locked before displaying the
422 dialogue for manually unlocking a file. If it is not locked, Dev-Editor returns
423 to directory view. Dev-Editor also behaves in this way if it is trying to
424 unlock a file.
425
426 Wrong error messages:
427 ---------------------
428 Something definitely went wrong when I remade the copy and the rename
429 functions: They printed a wrong error message if the destination already
430 existed and if it was a file.
431
432 New in version 2.0 (2004-08-10)
433 -------------------------------
434
435 File uploads:
436 -------------
437 Dev-Editor is now able to process HTTP file uploads. The files may be
438 transferred in ASCII or binary mode (similar to FTP).
439
440 Change mode and group:
441 ----------------------
442 Dev-Editor is now able to change the mode and the group of a file or a
443 directory.
444
445 HTTPS support and non-default ports:
446 ------------------------------------
447 Dev-Editor is now able to detect a HTTPS connection and if the web server
448 doesn't listen on the default ports (necessary for reloading Dev-Editor).
449
450 Do not allow removing or renaming the root directory:
451 -----------------------------------------------------
452 Dev-Editor now denies removing or renaming the root directory.
453
454 Renaming files outside the root directory:
455 ------------------------------------------
456 There was a bug which caused Dev-Editor not to rename files outside the root
457 directory if they already exist.
458
459 Improved file editing:
460 ----------------------
461 When the user wants to save an edited file using a different file name,
462 Dev-Editor now unlocks the original file and checks if a file with this
463 different name already exists and if it is locked.
464
465 Improved file creating:
466 -----------------------
467 The routine which creates empty files had a race condition which could set
468 files to 0 if they already exist.
469
470 Maximum size for files:
471 -----------------------
472 The administrator may now define a maximum size for files in the main
473 configuration file. If the user wants to view or edit a file larger than this
474 defined size, Dev-Editor denies file access (but the file can still be copied,
475 renamed or removed).
476
477 Form for creating new files or directories:
478 -------------------------------------------
479 In directory listing, when clicking on the buttons next to the fields for
480 creating new files and directories without entering a file or directory name,
481 the user got an error message which is a little bit strange.
482 Now, the user will see a form for creating new files or directories.
483
484 Newlines are converted while reading:
485 -------------------------------------
486 Whenever Dev-Editor now reads a file for output, it converts any line separator
487 to the system specific one.
488
489 Case-insensitive commands:
490 --------------------------
491 The commands are now case-insensitive, so the command "ShOw" is the same as
492 "show".
493
494 About screen:
495 -------------
496 There is now a small "About" screen which shows some more or less useful
497 information about Dev-Editor and the system.
498
499 Improvements for user interface:
500 --------------------------------
501 Made a lot of improvements for the user interface:
502 - The directory listing is now built using tables.
503 - When editing a file and the user wants to save a file using a different file
504 name, the checkbox for saving the file using a different file name is
505 activated using JavaScript.
506 - In directory listing or when viewing a file, there is a new field for quickly
507 jumping to a file or to a directory.
508 - Separated "Work with directory" and "Work with file" into different options
509 in directory listing ("Copy", "Rename", "Delete", "Unlock"). The options also
510 have their own dialogues.
511 - In directory listing, there is a new link for viewing a file or a directory
512 in the browser.
513 - When viewing a file and if the file is editable, there is a new link to edit
514 this file.
515 - Files and directories in directory listing are now sorted case-insensitively.
516
517 Configuration files:
518 --------------------
519 The settings of Dev-Editor are now stored in extern configuration files: There
520 is one file for general settings, one for the error messages and one for the
521 paths to the template files.
522
523 Templates:
524 ----------
525 The output of Dev-Editor is now controlled by template files. The source code
526 became much cleaner :-)
527
528 New in version 1.2 (2003-12-29)
529 -------------------------------
530
531 Removing directories:
532 ---------------------
533 Dev-Editor is now able to completely remove a directory.
534
535 "Work with directories":
536 ------------------------
537 In directory listing, next do a directory, there is a new link called "Work
538 with directory". When you select this link, you get a form to remove or
539 rename/move the directory.
540 Additionally, the link "Do other stuff" was renamed to "Work with file".
541
542 Overwriting existing files:
543 ---------------------------
544 If you want to copy a file, and the destination file already exists, you will
545 be asked to overwrite the file. If the destination points to a directory,
546 copying will be aborted completely.
547 If you want to rename a file or a directory, and the destination file already
548 exists, you will be asked to overwrite the file. If the destination points to a
549 directory, renaming will be aborted completely.
550
551 Confirmation for removing files:
552 --------------------------------
553 If you want to remove a file, a confirmation dialog will be displayed first.
554
555 Fixed open() calls:
556 -------------------
557 It seems that some systems don't support the FILEHANDLE,MODE,FILENAME version
558 of open(). Now we don't use it any more.
559
560 Default permissions for mkdir():
561 --------------------------------
562 Set the permissions for mkdir() to 0777. I thought it is optional (as described
563 in "perlfunc"), but some systems need it.
564
565 New in version 1.1 (2003-11-15)
566 -------------------------------
567
568 Newlines are converted:
569 -----------------------
570 Any line seperator will now be converted to the system specific line seperator
571 if you save a text file.
572
573 File permissions are checked:
574 -----------------------------
575 Dev-Editor now runs some simple checks on the file permissions when it creates
576 a directory listing, tries to view or edit a file and when it copies a file.
577
578 Tool tips for file status:
579 --------------------------
580 In directory listing, when a file cannot be viewed or edited, a tool tip on the
581 "View" or "Edit" link will show the reason why it is so.
582
583 File permissions are saved:
584 ---------------------------
585 When the user saves a text file, the file permissions were destroyed. The
586 reason was that a temporary file was used, which was renamed to the originally
587 file. Now this is fixed, but if saving of the file now fails, the file could be
588 damaged...
589
590 Links in error messages:
591 ------------------------
592 Some error messages now contain a link to go back to the directory containing
593 the file which caused the error.
594
595 Typos fixed:
596 ------------
597 There were a lot of typos in the output, the comments and the ReadMe file.
598
599 Dates fixed:
600 ------------
601 The dates of the last modification in the head comment of the files had the
602 wrong format. They had the format MM-DD-YYYY, but they should have YYYY-MM-DD.
603 Sorry, that was VERY embarassing...
604
605 New in version 1.0 (2003-10-08)
606 -------------------------------
607
608 First public release:
609 ---------------------
610 This is the first public release of Dev-Editor.
611
612 ------------------------------------------------
613
614 (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
615 (C) 2003-2009 Patrick Canterino
616
617 E-Mail: patrick@patshaping.de
618 WWW: http://devedit.sourceforge.net/

patrick-canterino.de