I have uploaed a new version of wassUtil.class.php for release 4.1.2. This fixes an XSS vulnerability reported by Jason Roturno of Swarthmore (thanls Jason). After you install 4.1.2, or if you have it installed, simply replace the wassUtil.class,php file in the classes directory with this new version.
Thanks to Stephen Vickers, this latest release includes support for LTI. You can connect your LMS to WASS via LTI (in addition to the traditional login access), and your students will be taken directly to their instructor's WASS calendars (if any). There is also a bug fix that allows WASS to be installed without SSL (although this is strongly discouraged). The Blackboard code now allows students to see all of their instructor calendars at login.
The 4.1.1.noins release includes some major bug fixes (blank displays). It is labelled "noins" because, despite what the wassChanges file says, this release does not include the new (and exciting) instructor course calendar code (code that displays all of the WASS calendars for a student's course instructors). That code requires some locally-written Blackboard web services, which we are not yet ready to distribute. I did, however, want to get the bug fixes out.... read more
Someone recently asked me who was running WASS, and I realized that I had no idea. If you are running WASS, could I trouble you to send me a note to that effect? I promise not to spam you or ask you any other questions. Thanks, Serge
This release includes a primitive system for defining local users (WASS works best for organizations that use LDAP and/or AD to define their users). It also includes a major bug fix (which made it impossible to create slotted blocks).
Release 3.0.0 contains a bug which disables a key feature of WASS (unslotted blocks). The symptom is that, when you go to add a block and click on the "slots" drop-down list, no slot sizes other than "none" are displayed. To work around this problem, set the COURSELIM variable in wassParms.class.php to 1, or replace the global.js file that comes with the distribution with the version that is now available on the sourceforge site. I will be uploading release 3.1 shortly, which has a fix for this bug.
I expect to post release 3.0.2 next week. This release will include a "local" user facility (for folks who are not running LDAP or CAS). Anyone willing to test this new release should contact me (email@example.com).
This is a maintenance release. The way WASS locates its parameters file (wassParms.class.php) as been changed to allow institutions to run multiple autonomous versions of WASS. If anyone (e.g., a University) is interested in having Princeton host a WASS instance for them, please contact me (firstname.lastname@example.org).
Release 2.0.7 What's New:
1. When you add a block to a calendar, you can specify that any appointments made in that block must have a purpose specified.
2. Fast login: if you are using CAS for authentication, then a CAS-authenticated used will be taken directly into their calendar (if a calendar owner) or to the make appointment page (if not).
3. Blocks that have been locked are now flagged with a lock icon.
4. If users have an appointment scheduled in a locked block, they can now see and edit/delete that appointment.
5. A link to the What's New page has been added to the left menu.
This release includes two major bug fixes.
1) WASS now correctly copies name/office/email/telephone default settings from calendars into blocks.
2) WASS converts the evil Microsoft Word quotes/elipses into equivalent latin1 characters.