Be the first to post a text review of v-creator. Rate and review a project by clicking thumbs up or thumbs down in the right column.

• v-creator v1.3-pre3 released

  v-creator 1.3-pre3 has now been released. This release contains an important SECURITY FIX. This only affects sites setup with the configuration option VC_CRYPTO_METHOD set to OPENSSL, it does not effect sites with VC_CRYPTO_METHOD set to MCRYPT. Using specially crafted encryption strings it is possible for a remote user to run arbitrary commands on the server with permissions of the user PHP scripts run under. Also in this release is a new TEXT tag. This is exactly the same as the DATA tag but will translate characters special in HTML to their entities. If you are upgrading please see the included README for details of some utility scripts to help upgrade your databases. For a complete list of updates please see the change log.

  posted by diddymus 1326 days ago

• v-creator v-creator_1.3-pre3 file released: v-creator_1.3-pre3.zip

  Changes from v1.3-pre2 to v1.3-pre3 ----------------------------------- 2006-03-30 12:49 rolfea * doc/: v-creator-reference.pdf, v-creator-reference.ps: Documentation regenerated to reflect changes for 1.3pre3. 2006-03-30 11:46 rolfea * doc/quick-start-guide.txt: Information on new TEXT tag added. 2006-03-27 15:07 rolfea * classes/VCEngine.php: In fixURL don't append separator twice when adding/replacing sessionID. 2006-03-27 12:12 rolfea * classes/VCPage.php: In startPage() when initialising the database if the quickExitPath is set then simply bail out and return. 2006-03-27 12:11 rolfea * classes/VCDatabase.php: In _i_init() if we can't open the specified database raise an error and return false. In the constructor if _i_init() returns false (cannot connect or open server) call VCEngine::setQuickExitPath 2006-03-23 11:35 rolfea * classes/VCEngine.php: SECURITY FIX: This only affects sites setup with the configuration option VC_CRYPTO_METHOD set to OPENSSL, it does not effect sites with VC_CRYPTO_METHOD set to MCRYPT. Using specially crafted encryption strings it is possible for a remote user to run arbitrary commands on the server with permissions of the user PHP scripts run under. 2006-03-20 14:48 rolfea * classes/VCEngine.php: In _i_ASSIGNtag allow right hand side to be negated using an exclemation mark (!). This will then assign the boolean opposite of the right hand side as determined by normal PHP rules. This can be used, for example, to toggle a value as in |{odd_row=!odd_row}| 2006-03-20 13:22 rolfea * modules/dataSetList.php: Added dataset_keyvalue VC_data value to getDataSet. If set the dataset_id returned will be the same as dataset_text instead of a generated id starting from one. This can be used, for example, to build a select list where you want to keep the actual text displayed of the selected item instead of an index number. 2006-03-17 12:31 rolfea * classes/VCEngine.php: New v-creator tag TEXT added. This is the same as the DATA tag except that the characters '<', '>','&' and '"' are translated to their entities. This can be done using the text module using: |{text:defines}| |{text_in=data}| |{text_format=TEXT_HTML}| |{text:format}| |{data=text_out}| |{DATA:data}| But |{TEXT:data}| is much less error prone and faster. The only difference is the text module will use htmlentities() and the TEXT tag will use htmlspecialchar(). If the data is formatted, for example using the text module, then the DATA tag should still be used to avoid multiple translations of the data. Note that v-creator is case sensitive so |{TEXT:format}| and |{text:format}| still do the right things.

  posted 1326 days ago

• v-creator v-creator_1.3-pre3 file released: v-creator_1.3-pre3.tgz

  Changes from v1.3-pre2 to v1.3-pre3 ----------------------------------- 2006-03-30 12:49 rolfea * doc/: v-creator-reference.pdf, v-creator-reference.ps: Documentation regenerated to reflect changes for 1.3pre3. 2006-03-30 11:46 rolfea * doc/quick-start-guide.txt: Information on new TEXT tag added. 2006-03-27 15:07 rolfea * classes/VCEngine.php: In fixURL don't append separator twice when adding/replacing sessionID. 2006-03-27 12:12 rolfea * classes/VCPage.php: In startPage() when initialising the database if the quickExitPath is set then simply bail out and return. 2006-03-27 12:11 rolfea * classes/VCDatabase.php: In _i_init() if we can't open the specified database raise an error and return false. In the constructor if _i_init() returns false (cannot connect or open server) call VCEngine::setQuickExitPath 2006-03-23 11:35 rolfea * classes/VCEngine.php: SECURITY FIX: This only affects sites setup with the configuration option VC_CRYPTO_METHOD set to OPENSSL, it does not effect sites with VC_CRYPTO_METHOD set to MCRYPT. Using specially crafted encryption strings it is possible for a remote user to run arbitrary commands on the server with permissions of the user PHP scripts run under. 2006-03-20 14:48 rolfea * classes/VCEngine.php: In _i_ASSIGNtag allow right hand side to be negated using an exclemation mark (!). This will then assign the boolean opposite of the right hand side as determined by normal PHP rules. This can be used, for example, to toggle a value as in |{odd_row=!odd_row}| 2006-03-20 13:22 rolfea * modules/dataSetList.php: Added dataset_keyvalue VC_data value to getDataSet. If set the dataset_id returned will be the same as dataset_text instead of a generated id starting from one. This can be used, for example, to build a select list where you want to keep the actual text displayed of the selected item instead of an index number. 2006-03-17 12:31 rolfea * classes/VCEngine.php: New v-creator tag TEXT added. This is the same as the DATA tag except that the characters '<', '>','&' and '"' are translated to their entities. This can be done using the text module using: |{text:defines}| |{text_in=data}| |{text_format=TEXT_HTML}| |{text:format}| |{data=text_out}| |{DATA:data}| But |{TEXT:data}| is much less error prone and faster. The only difference is the text module will use htmlentities() and the TEXT tag will use htmlspecialchar(). If the data is formatted, for example using the text module, then the DATA tag should still be used to avoid multiple translations of the data. Note that v-creator is case sensitive so |{TEXT:format}| and |{text:format}| still do the right things.

  posted 1326 days ago

• File released: /v-creator/v-creator_1.3-pre3/v-creator_1.3-pre3.zip

  posted 1326 days ago

• File released: /v-creator/v-creator_1.3-pre3/v-creator_1.3-pre3.tgz

  posted 1326 days ago

• Tracker artifact added

  Anonymous created the Lack of documentation artifact

  posted by nobody 1338 days ago

• v-creator v1.3-pre2 released

  v-creator 1.3-pre2 has now been released. This release contains a fix which stopped the v-creator form module working correctly due to changes in the ctype_* functions and their return values for PHP 4.4.2-1. It also contains a change to the sessions table due to a varchar MySQL problem found in version 14.7 Distrib 4.1.15. Other changes of note include performance enhancements and reduced resource usage. Many enhancements to the way sessions are handled (with or without cookies) including improved support for users behind proxies. If you are upgrading please see the included README for details of some utility scripts to help upgrade your databases. For a complete list of updates please see the change log.

  posted by diddymus 1341 days ago

• v-creator v-creator_1.3-pre2 file released: v-creator_1.3-pre2.zip

  Changes from v1.3-pre1 to v1.3-pre2 ----------------------------------- 2006-03-13 12:46 rolfea * doc/quick-start-guide.txt: Updated for v1.3pre2 to include VC_AUTO_DEGINE_GROUPS setting. 2006-03-13 11:38 rolfea * UpgradeNotes: Updated for v1.3pre2. 2006-03-13 11:19 rolfea * doc/: v-creator-reference.pdf, v-creator-reference.ps: Documentation regenerated to reflect changes. 2006-03-13 11:17 rolfea * classes/VCEngine.php: Missing @param tags in documentation for fixURL function. 2006-03-13 11:15 rolfea * modules/session.php: Function regenerateId documented. 2006-03-13 11:13 rolfea * modules/sequence.php: Added standard defines for 11, 23 and 59. 2006-03-13 10:51 rolfea * sql/vcreator_db.sql: Mysql 5.0.18 database dump. 2006-03-10 10:22 rolfea * classes/VCEngine.php: In _i_LOOPtag if the loop template contained just white space characters the fastpath of just loading the loop data in VC_data was not being taken when it could be. This fix improves performance. 2006-03-09 20:36 rolfea * classes/VCEngine.php: In _i_processPage we can get data passed that needs merging into VC_data even if we have no tags. This means the recent optimization (v1.21) must go after we merge the passed data with VC_data. 2006-03-09 20:18 rolfea * classes/VCEngine.php: In _i_getFileSecure reuse CURL sessions allowing keep-alive connections to be used if available. This lowers resources and improves performance at the same time. 2006-03-09 11:13 rolfea * classes/VCEngine.php: Very minor optimization in _i_processPage. 2006-03-06 16:37 rolfea * modules/user.php: Extend new defines mechanics to define GROUP_XXX_ID as well as GROUP_XXX from the userGroups table if VC_AUTO_DEFINE_GROUPS is set. 2006-03-06 16:34 rolfea * modules/email.php: Fix regex in validate function. This fixes a bug where all email names had to be at least 2 'characters' long before the @. 2006-03-04 20:15 rolfea * classes/VCSession.php: Added allowBounce parameter to setupSession. From the code comments: When a new session is created we don't know if the user will accept a new session cookie or not. By default we send the set cookie request with a redirect requesting the same page again. If the cookie information is set on the re-request via the redirect we know cookies can be used otherwise URL rewriting will be used with the session ID in the URL. This second request means we don't use URL rewriting on the first page where the session cookie is set, otherwise URL rewriting would be used even with cookies as we don't know we can use them yet. In some instances this can cause problems if producing content not intended for browsers. For example a dynamic RSS feed. Most feed readers do not handle redirect requests. Setting allowBounce to false will disable the redirect request but will use URL rewriting on the sent page for links contined within it. This is usually set to false via VCPage::startPage which in turn is usually called via your pageDriver.php 2006-03-04 20:11 rolfea * classes/VCPage.php: If we return errors do not return data back from endPage instead return null so we are not returning bad pages to the calling code. This is because the calling code may be doing some page caching or something and can now detect the null and handle it. In startPage new parameter allowBounce added which is passed through to VCSession::setupSession (see for details). 2006-03-03 16:57 rolfea * modules/form.php: Added flagMandatory function which will set the VC_data values field_mandatory to true for each field listed in form_fields_required. These flags can then be tested using a COND tag for form building and/or processing. 2006-03-03 16:55 rolfea * modules/user.php: Modified defines to automatically generate GROUP_ defines from group codes in the userGroup table if VC_AUTO_DEFINE_GROUPS is set to true. These will replace the old USER_ADMIN and USER_USER defines. 2006-03-03 16:53 rolfea * examples/project_config.php: Added new VC_AUTO_DEFINE_GROUPS configuration option. 2006-03-02 17:17 rolfea * classes/VCPage.php: In function endPage set pageData before trying to use it. 2006-03-02 17:12 rolfea * classes/VCEngine.php: In function _i_getFileSecure complain via a user warning trigger if we receive a redirect reaponse. For example setting page to .vc instead of .vchtml during form processing. 2006-03-02 12:35 rolfea * modules/content.php: In add function if there are no other records for the specified content_ref start content_sequence at one and not zero. 2006-03-01 10:42 rolfea * sql/vcreator_db.sql: Better dump of latest v-creator database. 2006-03-01 10:38 rolfea * modules/session.php: In copy and rename functions if we get a null session value don't actually copy or rename as original value is not set. Rename will however still remove the original if set and actually null. 2006-02-27 19:12 rolfea * modules/form.php: Fix usage of ctype_digit in validate due to changes in behaviour or function between PHP versions 4.4.0-4 and 4.4.2-1 (at least in Debian). Function did return true on empty strings now returns false. Applies to ctype_space as well and possibly other ctype_ functions. 2006-02-22 15:07 rolfea * classes/VCEngine.php: Ammend fixURL standard PHP session ID is 0-9,a-f and not just 0-9 (doh!) also add back in remove functionality. 2006-02-22 14:52 rolfea * classes/VCEngine.php: Ammend fixURL using regex matches as parse_str will not handle & correctly. Also makes the code cleaner. 2006-02-17 16:09 rolfea * classes/VCEngine.php: Cleanup _i_processTag and tag handling routines. 2006-02-17 12:04 rolfea * classes/VCEngine.php: Avoid extra file_exists check in useModule if module found in the user module path. 2006-02-17 11:06 rolfea * classes/VCEngine.php: Cleanup _i_processPage. 2006-02-17 09:01 rolfea * classes/VCPage.php: In supportVChid define queryParts before first use. 2006-02-17 09:00 rolfea * modules/toolkit.php: In sortDataSet remove unused sorted variable. 2006-02-17 08:59 rolfea * modules/content.php: Don't retrieve content sequence in add as it is calculated. 2006-02-17 08:58 rolfea * modules/dataSetList.php: Removed unused global in getDataSet. 2006-02-13 18:27 rolfea * utils/upgrade_content.php: Script to find all v-creator content tables and add new content_image_alignment column. 2006-02-13 18:26 rolfea * utils/upgrade_sessions.php: If databases are in a mounted partition ignore lost+found. Lock tables before upgrading. Truncate old session data. 2006-02-13 17:22 rolfea * modules/content.php: Updated table content: added content_image_alignment field, content_id made primary key, module regenerated. Next content sequence now retrieved in add function. Define added for image alignments (for use with dataSetList). 2006-02-13 17:20 rolfea * sql/vcreator_db.sql: Updated table content: added content_image_alignment field, content_id made primary key. Updated table sessions: session_id changed to tinytext due to MySQL issues with varchar. 2006-02-13 17:01 rolfea * modules/session.php: Added function regenerateID. 2006-02-08 15:39 rolfea * modules/form.php: Fix interaction between parse_str and magic_quotes_gpc setting in retrieveFormData. 2006-02-08 15:22 rolfea * modules/form.php: Fix minor thinko in retrieveFormDataSecure. 2006-02-08 14:57 rolfea * modules/form.php: Added saveFormDataSecure and retrieveFormDataSecure which are wrappers to saveFormData and retrieveFormData which now take parameters to condition encryption/decryption of session data. 2006-02-08 12:47 rolfea * utils/upgrade_sessions.php: Script to find all v-creator session tables and upgrade the session_id column from varchar(32) to tinytext. This works around a MySQL problem found in Ver 14.7 Distrib 4.1.15. 2006-02-07 15:03 rolfea * classes/VCMaintenance.php: HIGHLY EXPERIMENTAL - In process do not assume the return url is fully qualified. Instead test and fully qualify if required. 2006-02-07 15:02 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In setupSession if we are creating a new session use a redirect to give the browser a chance to set the cookie if cookies used. 2006-02-07 15:00 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - In startPage check to see if we are getting mixed cookies and url session ids and cleanup if we are. Also check to see if quickExitPath has been set (e.g. by session processing). In endPage check to see if quickExitPath is set (e.g. by pageDriver) and bypass actual page processing. 2006-02-07 14:54 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixPage correct bounds checking. Added remove parameter to fixURL and logic to be able to remove a session id. 2006-02-06 16:28 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In setupSession removed cookie checking/flagging - not required. 2006-02-06 16:27 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - checkCookiesUsed removed - not required. 2006-02-06 16:21 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixURL pass another parameter to specify if the ampersand should be escaped (true for valid HTML output and false or Location: redirects). In fixPage pass true to fixURL. 2006-02-06 14:42 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - Added checkCookiesUsed function. 2006-02-06 14:30 rolfea * modules/user.php: HIGHLY EXPERIMENTAL - Upon a successful login regenerate the session id to help prevent session fixation and hijacking attempts. 2006-02-06 14:29 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - When (re)starting a session only regenerate the session id if we do not recognise the session id. Otherwise if we always regenerate we break the back button in browsers when cookies not used. Be more careful with session ids. Don't mare regenerate function as internal. 2006-02-06 14:27 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - Remove commented out code. 2006-02-06 14:26 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Be a little more careful with session ids. 2006-02-03 17:41 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Condition debugging messages in fixURL. 2006-02-03 17:14 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In close routine don't delete cookie otherwise we can't detect if cookies are enabled or not! 2006-02-03 17:00 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - When testing for cookies check we actually have a session. 2006-02-03 16:55 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - Added function checkCookiesUsed. 2006-02-03 16:51 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Added session flag VCSession_cookies so cookie usage can be tested. 2006-02-03 16:32 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixURL escape ampersand in query string (removed for debugging). 2006-02-03 16:25 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Flag regenerate as internal. Added getSessionId to provide an internal consistent session Id now we use dynamic Ids. Destroy cookies if enabled when session destroyed. 2006-02-03 15:17 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Debugging added to regenerate method. startSession now calls regenerate so it is done at the beginning of processing a page. 2006-02-03 15:14 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - In start page if we get a session id passed in $_GET and $_POST delete $_GET value. When loggin include POST/GET method used. 2006-02-03 15:12 rolfea * classes/VCMaintenance.php: HIGHLY EXPERIMENTAL - Process should call fixURL on the returning URL. 2006-02-03 15:11 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Change fixURL to correct session id's from where they are regenerated when cookies are not in use. 2006-02-03 10:02 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In getSessionMetaId modify the identifiers we are trying to associate with a client to try and solve some proxy issues - this time reduced to a minimum. 2006-02-02 16:14 rolfea * classes/: VCPage.php, VCSession.php: HIGHLY EXPERIMENTAL - In VCPage re-generate session id's for each page load. Implemented in VCSession::regenerate(). In getSessionMetaId modify the identifiers we are trying to associate with a client to try and solve some proxy issues. 2006-01-20 14:42 rolfea * modules/text.php: If we are using a[]a or A[]A tags and a barelink starting / is used (e.g. /index.vchtml) the domain name will be append to the link. 2005-11-30 16:37 rolfea * modules/user.php: Added function validatePassword. Example usage is to validate a logged in user's password before performing an action. 2005-11-01 15:18 rolfea * modules/dataSetList.php: In function checkMode translate spaces to underscores as well as the current lowercasing for the VC_data names set.. 2005-09-27 12:43 rolfea * classes/VCPage.php: Patch from JJ to handle arrays in POST/GET data when multi-selects are used in forms. 2005-09-26 14:04 rolfea * classes/VCEngine.php, examples/project_config.php, modules/dataSetCache.php, modules/form.php, modules/session.php: CVS rebuild after repository corrupted (Andrew's sandbox). 2005-09-26 14:00 rolfea * ChangeLog, classes/VCDatabase.php, classes/VCDatabase_mysql.php, classes/VCDatabase_odbc.php, classes/VCEngine.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/project_config.php, modules/content.php, modules/dataSetList.php, modules/date.php, modules/files.php, modules/form.php, modules/images.php, modules/page.php, modules/sequence.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, sql/vcreator_db.sql, utils/genDBmodule.php: CVS rebuild after repository corrupted 2005-09-26 13:56 rolfea * ChangeLog, UpgradeNotes, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/i18n_messages.php, modules/languages.php, modules/page.php, modules/postboard.php, modules/sequence.php, modules/session.php, modules/toolkit.php, modules/user.php, utils/genDBmodule.php: CVS rebuild after repository corrupted 2005-09-26 13:53 rolfea * ChangeLog, classes/VCEngine.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, modules/toolkit.php, utils/checkconfig.php, utils/genDBmodule.php, utils/reImage.php, modules/form.php, modules/text.php: CVS rebuild after repository corrupted 2005-09-26 13:49 rolfea * ChangeLog, classes/VCEngine.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, utils/checkconfig.php: CVS rebuild after repository corrupted 2005-09-26 13:45 rolfea * modules/date.php, modules/email.php, modules/files.php, modules/form.php, modules/postboard.php, modules/sequence.php, modules/user.php, ChangeLog, UpgradeNotes, classes/VCEngine.php, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/project_config.php: CVS rebuild after repository corrupted 2005-09-26 13:32 rolfea * modules/date.php, modules/form.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, ChangeLog: CVS rebuild after repository corrupted 2005-09-26 13:28 rolfea * modules/sequence.php, modules/user.php, .cvsignore, ChangeLog: CVS rebuild after repository corrupted 2005-09-26 11:22 rolfea * ChangeLog, classes/VCDatabase.php, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/dataSetCache.php, modules/date.php, modules/debug.php, modules/email.php, modules/files.php, modules/form.php, modules/i18n_messages.php, modules/images.php, modules/languages.php, modules/maintenance.php, modules/page.php, modules/postComments.php, modules/postboard.php, modules/sequence.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, utils/genDBmodule.php, utils/reImage.php: CVS rebuild after repository corrupted 2005-09-26 11:16 rolfea * COPYING, Doxyfile, mainpage.txt, classes/VCDatabase.php, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, classes/classes.txt, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/dataSetCache.php, modules/date.php, modules/debug.php, modules/email.php, modules/files.php, modules/form.php, modules/i18n_messages.php, modules/images.php, modules/languages.php, modules/maintenance.php, modules/modules.txt, modules/page.php, modules/postComments.php, modules/postboard.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, sql/vcreator_db.sql, utils/genDBmodule.php: CVS rebuild after repository corrupted

  posted 1341 days ago

• v-creator v-creator_1.3-pre2 file released: v-creator_1.3-pre2.tgz

  Changes from v1.3-pre1 to v1.3-pre2 ----------------------------------- 2006-03-13 12:46 rolfea * doc/quick-start-guide.txt: Updated for v1.3pre2 to include VC_AUTO_DEGINE_GROUPS setting. 2006-03-13 11:38 rolfea * UpgradeNotes: Updated for v1.3pre2. 2006-03-13 11:19 rolfea * doc/: v-creator-reference.pdf, v-creator-reference.ps: Documentation regenerated to reflect changes. 2006-03-13 11:17 rolfea * classes/VCEngine.php: Missing @param tags in documentation for fixURL function. 2006-03-13 11:15 rolfea * modules/session.php: Function regenerateId documented. 2006-03-13 11:13 rolfea * modules/sequence.php: Added standard defines for 11, 23 and 59. 2006-03-13 10:51 rolfea * sql/vcreator_db.sql: Mysql 5.0.18 database dump. 2006-03-10 10:22 rolfea * classes/VCEngine.php: In _i_LOOPtag if the loop template contained just white space characters the fastpath of just loading the loop data in VC_data was not being taken when it could be. This fix improves performance. 2006-03-09 20:36 rolfea * classes/VCEngine.php: In _i_processPage we can get data passed that needs merging into VC_data even if we have no tags. This means the recent optimization (v1.21) must go after we merge the passed data with VC_data. 2006-03-09 20:18 rolfea * classes/VCEngine.php: In _i_getFileSecure reuse CURL sessions allowing keep-alive connections to be used if available. This lowers resources and improves performance at the same time. 2006-03-09 11:13 rolfea * classes/VCEngine.php: Very minor optimization in _i_processPage. 2006-03-06 16:37 rolfea * modules/user.php: Extend new defines mechanics to define GROUP_XXX_ID as well as GROUP_XXX from the userGroups table if VC_AUTO_DEFINE_GROUPS is set. 2006-03-06 16:34 rolfea * modules/email.php: Fix regex in validate function. This fixes a bug where all email names had to be at least 2 'characters' long before the @. 2006-03-04 20:15 rolfea * classes/VCSession.php: Added allowBounce parameter to setupSession. From the code comments: When a new session is created we don't know if the user will accept a new session cookie or not. By default we send the set cookie request with a redirect requesting the same page again. If the cookie information is set on the re-request via the redirect we know cookies can be used otherwise URL rewriting will be used with the session ID in the URL. This second request means we don't use URL rewriting on the first page where the session cookie is set, otherwise URL rewriting would be used even with cookies as we don't know we can use them yet. In some instances this can cause problems if producing content not intended for browsers. For example a dynamic RSS feed. Most feed readers do not handle redirect requests. Setting allowBounce to false will disable the redirect request but will use URL rewriting on the sent page for links contined within it. This is usually set to false via VCPage::startPage which in turn is usually called via your pageDriver.php 2006-03-04 20:11 rolfea * classes/VCPage.php: If we return errors do not return data back from endPage instead return null so we are not returning bad pages to the calling code. This is because the calling code may be doing some page caching or something and can now detect the null and handle it. In startPage new parameter allowBounce added which is passed through to VCSession::setupSession (see for details). 2006-03-03 16:57 rolfea * modules/form.php: Added flagMandatory function which will set the VC_data values field_mandatory to true for each field listed in form_fields_required. These flags can then be tested using a COND tag for form building and/or processing. 2006-03-03 16:55 rolfea * modules/user.php: Modified defines to automatically generate GROUP_ defines from group codes in the userGroup table if VC_AUTO_DEFINE_GROUPS is set to true. These will replace the old USER_ADMIN and USER_USER defines. 2006-03-03 16:53 rolfea * examples/project_config.php: Added new VC_AUTO_DEFINE_GROUPS configuration option. 2006-03-02 17:17 rolfea * classes/VCPage.php: In function endPage set pageData before trying to use it. 2006-03-02 17:12 rolfea * classes/VCEngine.php: In function _i_getFileSecure complain via a user warning trigger if we receive a redirect reaponse. For example setting page to .vc instead of .vchtml during form processing. 2006-03-02 12:35 rolfea * modules/content.php: In add function if there are no other records for the specified content_ref start content_sequence at one and not zero. 2006-03-01 10:42 rolfea * sql/vcreator_db.sql: Better dump of latest v-creator database. 2006-03-01 10:38 rolfea * modules/session.php: In copy and rename functions if we get a null session value don't actually copy or rename as original value is not set. Rename will however still remove the original if set and actually null. 2006-02-27 19:12 rolfea * modules/form.php: Fix usage of ctype_digit in validate due to changes in behaviour or function between PHP versions 4.4.0-4 and 4.4.2-1 (at least in Debian). Function did return true on empty strings now returns false. Applies to ctype_space as well and possibly other ctype_ functions. 2006-02-22 15:07 rolfea * classes/VCEngine.php: Ammend fixURL standard PHP session ID is 0-9,a-f and not just 0-9 (doh!) also add back in remove functionality. 2006-02-22 14:52 rolfea * classes/VCEngine.php: Ammend fixURL using regex matches as parse_str will not handle & correctly. Also makes the code cleaner. 2006-02-17 16:09 rolfea * classes/VCEngine.php: Cleanup _i_processTag and tag handling routines. 2006-02-17 12:04 rolfea * classes/VCEngine.php: Avoid extra file_exists check in useModule if module found in the user module path. 2006-02-17 11:06 rolfea * classes/VCEngine.php: Cleanup _i_processPage. 2006-02-17 09:01 rolfea * classes/VCPage.php: In supportVChid define queryParts before first use. 2006-02-17 09:00 rolfea * modules/toolkit.php: In sortDataSet remove unused sorted variable. 2006-02-17 08:59 rolfea * modules/content.php: Don't retrieve content sequence in add as it is calculated. 2006-02-17 08:58 rolfea * modules/dataSetList.php: Removed unused global in getDataSet. 2006-02-13 18:27 rolfea * utils/upgrade_content.php: Script to find all v-creator content tables and add new content_image_alignment column. 2006-02-13 18:26 rolfea * utils/upgrade_sessions.php: If databases are in a mounted partition ignore lost+found. Lock tables before upgrading. Truncate old session data. 2006-02-13 17:22 rolfea * modules/content.php: Updated table content: added content_image_alignment field, content_id made primary key, module regenerated. Next content sequence now retrieved in add function. Define added for image alignments (for use with dataSetList). 2006-02-13 17:20 rolfea * sql/vcreator_db.sql: Updated table content: added content_image_alignment field, content_id made primary key. Updated table sessions: session_id changed to tinytext due to MySQL issues with varchar. 2006-02-13 17:01 rolfea * modules/session.php: Added function regenerateID. 2006-02-08 15:39 rolfea * modules/form.php: Fix interaction between parse_str and magic_quotes_gpc setting in retrieveFormData. 2006-02-08 15:22 rolfea * modules/form.php: Fix minor thinko in retrieveFormDataSecure. 2006-02-08 14:57 rolfea * modules/form.php: Added saveFormDataSecure and retrieveFormDataSecure which are wrappers to saveFormData and retrieveFormData which now take parameters to condition encryption/decryption of session data. 2006-02-08 12:47 rolfea * utils/upgrade_sessions.php: Script to find all v-creator session tables and upgrade the session_id column from varchar(32) to tinytext. This works around a MySQL problem found in Ver 14.7 Distrib 4.1.15. 2006-02-07 15:03 rolfea * classes/VCMaintenance.php: HIGHLY EXPERIMENTAL - In process do not assume the return url is fully qualified. Instead test and fully qualify if required. 2006-02-07 15:02 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In setupSession if we are creating a new session use a redirect to give the browser a chance to set the cookie if cookies used. 2006-02-07 15:00 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - In startPage check to see if we are getting mixed cookies and url session ids and cleanup if we are. Also check to see if quickExitPath has been set (e.g. by session processing). In endPage check to see if quickExitPath is set (e.g. by pageDriver) and bypass actual page processing. 2006-02-07 14:54 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixPage correct bounds checking. Added remove parameter to fixURL and logic to be able to remove a session id. 2006-02-06 16:28 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In setupSession removed cookie checking/flagging - not required. 2006-02-06 16:27 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - checkCookiesUsed removed - not required. 2006-02-06 16:21 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixURL pass another parameter to specify if the ampersand should be escaped (true for valid HTML output and false or Location: redirects). In fixPage pass true to fixURL. 2006-02-06 14:42 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - Added checkCookiesUsed function. 2006-02-06 14:30 rolfea * modules/user.php: HIGHLY EXPERIMENTAL - Upon a successful login regenerate the session id to help prevent session fixation and hijacking attempts. 2006-02-06 14:29 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - When (re)starting a session only regenerate the session id if we do not recognise the session id. Otherwise if we always regenerate we break the back button in browsers when cookies not used. Be more careful with session ids. Don't mare regenerate function as internal. 2006-02-06 14:27 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - Remove commented out code. 2006-02-06 14:26 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Be a little more careful with session ids. 2006-02-03 17:41 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Condition debugging messages in fixURL. 2006-02-03 17:14 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In close routine don't delete cookie otherwise we can't detect if cookies are enabled or not! 2006-02-03 17:00 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - When testing for cookies check we actually have a session. 2006-02-03 16:55 rolfea * modules/session.php: HIGHLY EXPERIMENTAL - Added function checkCookiesUsed. 2006-02-03 16:51 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Added session flag VCSession_cookies so cookie usage can be tested. 2006-02-03 16:32 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - In fixURL escape ampersand in query string (removed for debugging). 2006-02-03 16:25 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Flag regenerate as internal. Added getSessionId to provide an internal consistent session Id now we use dynamic Ids. Destroy cookies if enabled when session destroyed. 2006-02-03 15:17 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - Debugging added to regenerate method. startSession now calls regenerate so it is done at the beginning of processing a page. 2006-02-03 15:14 rolfea * classes/VCPage.php: HIGHLY EXPERIMENTAL - In start page if we get a session id passed in $_GET and $_POST delete $_GET value. When loggin include POST/GET method used. 2006-02-03 15:12 rolfea * classes/VCMaintenance.php: HIGHLY EXPERIMENTAL - Process should call fixURL on the returning URL. 2006-02-03 15:11 rolfea * classes/VCEngine.php: HIGHLY EXPERIMENTAL - Change fixURL to correct session id's from where they are regenerated when cookies are not in use. 2006-02-03 10:02 rolfea * classes/VCSession.php: HIGHLY EXPERIMENTAL - In getSessionMetaId modify the identifiers we are trying to associate with a client to try and solve some proxy issues - this time reduced to a minimum. 2006-02-02 16:14 rolfea * classes/: VCPage.php, VCSession.php: HIGHLY EXPERIMENTAL - In VCPage re-generate session id's for each page load. Implemented in VCSession::regenerate(). In getSessionMetaId modify the identifiers we are trying to associate with a client to try and solve some proxy issues. 2006-01-20 14:42 rolfea * modules/text.php: If we are using a[]a or A[]A tags and a barelink starting / is used (e.g. /index.vchtml) the domain name will be append to the link. 2005-11-30 16:37 rolfea * modules/user.php: Added function validatePassword. Example usage is to validate a logged in user's password before performing an action. 2005-11-01 15:18 rolfea * modules/dataSetList.php: In function checkMode translate spaces to underscores as well as the current lowercasing for the VC_data names set.. 2005-09-27 12:43 rolfea * classes/VCPage.php: Patch from JJ to handle arrays in POST/GET data when multi-selects are used in forms. 2005-09-26 14:04 rolfea * classes/VCEngine.php, examples/project_config.php, modules/dataSetCache.php, modules/form.php, modules/session.php: CVS rebuild after repository corrupted (Andrew's sandbox). 2005-09-26 14:00 rolfea * ChangeLog, classes/VCDatabase.php, classes/VCDatabase_mysql.php, classes/VCDatabase_odbc.php, classes/VCEngine.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/project_config.php, modules/content.php, modules/dataSetList.php, modules/date.php, modules/files.php, modules/form.php, modules/images.php, modules/page.php, modules/sequence.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, sql/vcreator_db.sql, utils/genDBmodule.php: CVS rebuild after repository corrupted 2005-09-26 13:56 rolfea * ChangeLog, UpgradeNotes, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/i18n_messages.php, modules/languages.php, modules/page.php, modules/postboard.php, modules/sequence.php, modules/session.php, modules/toolkit.php, modules/user.php, utils/genDBmodule.php: CVS rebuild after repository corrupted 2005-09-26 13:53 rolfea * ChangeLog, classes/VCEngine.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, modules/toolkit.php, utils/checkconfig.php, utils/genDBmodule.php, utils/reImage.php, modules/form.php, modules/text.php: CVS rebuild after repository corrupted 2005-09-26 13:49 rolfea * ChangeLog, classes/VCEngine.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, utils/checkconfig.php: CVS rebuild after repository corrupted 2005-09-26 13:45 rolfea * modules/date.php, modules/email.php, modules/files.php, modules/form.php, modules/postboard.php, modules/sequence.php, modules/user.php, ChangeLog, UpgradeNotes, classes/VCEngine.php, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/project_config.php: CVS rebuild after repository corrupted 2005-09-26 13:32 rolfea * modules/date.php, modules/form.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, ChangeLog: CVS rebuild after repository corrupted 2005-09-26 13:28 rolfea * modules/sequence.php, modules/user.php, .cvsignore, ChangeLog: CVS rebuild after repository corrupted 2005-09-26 11:22 rolfea * ChangeLog, classes/VCDatabase.php, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/dataSetCache.php, modules/date.php, modules/debug.php, modules/email.php, modules/files.php, modules/form.php, modules/i18n_messages.php, modules/images.php, modules/languages.php, modules/maintenance.php, modules/page.php, modules/postComments.php, modules/postboard.php, modules/sequence.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, utils/genDBmodule.php, utils/reImage.php: CVS rebuild after repository corrupted 2005-09-26 11:16 rolfea * COPYING, Doxyfile, mainpage.txt, classes/VCDatabase.php, classes/VCEngine.php, classes/VCMaintenance.php, classes/VCPage.php, classes/VCSession.php, classes/classes.txt, doc/quick-start-guide.txt, doc/v-creator-reference.pdf, doc/v-creator-reference.ps, examples/pageDriver.php, examples/project_config.php, modules/country.php, modules/dataSetCache.php, modules/date.php, modules/debug.php, modules/email.php, modules/files.php, modules/form.php, modules/i18n_messages.php, modules/images.php, modules/languages.php, modules/maintenance.php, modules/modules.txt, modules/page.php, modules/postComments.php, modules/postboard.php, modules/session.php, modules/text.php, modules/toolkit.php, modules/user.php, sql/vcreator_db.sql, utils/genDBmodule.php: CVS rebuild after repository corrupted

  posted 1341 days ago

• File released: /v-creator/v-creator_1.3-pre2/v-creator_1.3-pre2.zip

  posted 1341 days ago