r1053

New features

  • New UI. More modern, responsive and overall more polished looking.
  • Can set a maximum file upload size on each client and user, overriding the default one.
  • Can now set the default maximum upload size on the installer.
  • Added ckeditor as a visual editor on files and groups descriptions (can be disabled)
  • Public groups: an option create groups where people can see its contents without being logged in.
  • Public page: a special page that shows all of the public groups and files. Has several options. Disabled by default.
  • Groups memberships: Option to allow clients to request memberships to public groups. An administrator can approve or deny them.
  • Added a new block on the dashboard with server information.
  • New template page design, in the style of that of WordPress with themes screnshots and descriptions.
  • Manage files: added filter by uploader.
  • Added options to set custom subjects on emails.
  • Email previews are now accurate in content.
  • New option to customize the footer text.
  • Better download links.
  • Added an option to prevent indexing by search engines.
  • Updated the style of the gallery theme.
  • Load a custom.js file if it exists (won’t get overwritten when updating).
  • Clients can select and expiry date for their files.

Fixes

  • Fix for modal window not closing on zip downloads.
  • Fixed the MySQL error on some versions during installation, attributed to having 2 timestamps columns on the same table with default value of CURRENT_TIMESTAMP. Based on a contribution by cdoepmann.
  • Email: don’t auth if smtp is selected but auth is set to “none”.
  • CSV injection bug fix.
  • XSS security fixes.
  • Several security fixes.
  • Fixed category deletion.
  • Fix for uploaders not being able to delete their files.
  • Several fixes for multiple files downloading as zip.
  • Zip files download IDOR fix.
  • Fixed showing active status of clients and users.
  • New server side pagination, replaces the javacript one which made the site unresponsive if there were a lof of results.
  • Some fixes to the manage files page.

Misc changes and fixes

  • Added a DEBUG constant.
  • Fixed notices on the installer.
  • Added a check on the installer for php and mysql versions requierements.
  • Some parts of the code where cleaned up, including a new table generation class.
  • Refactory of the options pages UI. No more tabs, now groups of options are on their own page. Cleaner and faster to use.
  • Admin load a minified version of CSS files.
  • Moved most of the backend javacript to it’s own file.
  • Show the public url on the file editor.
  • Uploaded scripts. flot, phpmailer.
  • Better category administration page.
  • Throw a warning if php extension is present in the allowed uploads extension list.
  • Several other minor fixes.

Contributions:

  • A very important contribution in the form of security audit (security-prince)
  • MySQL compatibility fixed on the dashboard statistics (DBezemer)
  • Handle following of symlinks for imported orphaned files (joshstrange)
  • Fix to prevent direct access to the files folder (trainwreckjvbo)
  • UI improvements and option to disable the welcome email when creating users (adrianp-sti)
  • Fix CVE-2017-9783 and CVE-2017-9786 XSS vulnerabilities. (JackWhite20)
  • Fix for the email subjects (remez)
  • Login and notification fixes (OrlandoST)
  • Fix unsolicited error message on config save (Fix unsolicited error message on config save)
  • Fixed bug that stops uploading. (JackWhite20)
  • In case the file is a symlink, get the size from the real file not the symlink itself (Kevin Druelle)
  • Several Security Fixes (IppSec)
  • Expiry dates fixes, new features and improvements (eyeobticeo)
  • Typos fixes (hailthemelody)
  • Fixed port number problem when behind reverse proxy (berndblume)
Top