[Hirtius-discuss] [ANNOUNCEMENT] Public release of Project Hirtius v1.03
A Historical Research Assistant
Brought to you by:
panderss
Menu
▾
▴
[Hirtius-discuss] [ANNOUNCEMENT] Public release of Project Hirtius v1.03
|
From: <ph...@sc...> - 2022-04-13 07:12:59
|
To whom this may concern. I'm pleased to announce the immediate availability of the latest upgrade of Project Hirtius (v1.03). Hirtius is a web-based historical research assistant created by Les Ateliers du Heron. Its goal is to replace the historian's notebook and box of cards, while providing a collaborative work environment for a whole team of researchers, that can be thought of as a purpose-built CMS cross-bred with a digital pictures management system, a genealogy application and a Wiki. Eventually, based on the information you stored in the application, and the links you created between the various data elements, Hirtius will also help you prepare the draft version of your scholarly papers. The main improvements in v1.03 are: ----------------------------------- - In ./user_edit.php, granted access to own profile edition to 'Reader'- level user accounts (except for 'userid' and 'level' fields, obviously). Updated HelpSet and test procedure accordingly. - In ./user_post.php, added a confirmation step when an attempt to rename a userid is detected (message similar to that of 'delcon') and added an extra check to make sure only Admin users could rename a userid. Updated HelpSet and test procedure accordingly. - On the Users List page (./users.php), adapted available actions list based on the user auth level. For non-admin users, their own account is marked by default, all other radio buttons are disabled. Cosmetics. Updated HelpSet and test procedure accordingly. - Corrected escaping mechanism for quotes used inside user passwords (MySQL and the shell have different escaping requirements). Updated test procedure accordingly. - Added missing quoting for some database fields during user update. - Prevent deleting, disabling or demoting the last active, admin-capable user account. Updated HelpSet and test procedure accordingly. - Add proper quoting around all extrernal command parameters in './user_post.php' to prevent potential shell injection. - Extended max. password length to 255 -- value now defined as global variable in 'definitions.inc'. Added note on WebUI as to the min. and max. lengths for passwords. Updated HelpSet accordingly. - Enforce minimum password length (value configurable in 'definitions.inc'). Recommendation only when password is set/reset by an administrator. Updated test procedure accordingly. + many other bug fixes and enhancements... For a complete list of changes in this version, please refer to the 'Changelog' file, provided both as part of the distribution archive and on the project web site (see below). If you already installed an earlier release of the software, please refer to the 'UPGRADE' document (available in the same locations as the 'Changelog'). As the current release contains several security fixes, upgrading to it is strongly recommended. For more information about the program, please visit the application home page: <https://hirtius.sourceforge.io/>; To download the installation archive, please visit the SourceForge project page: <https://sourceforge.net/projects/hirtius/>; and click on the "Files" tab. Any question or comment is always welcome. Ph. A. |
