Site Search
Content Tools
Main Content
MySource Matrix Developer Newsletter Issue 42
Friday 23rd September 2005
covers versions 3.4.6 stable, 3.6.0 stable, 3.7.0 development
News
Locked Account Message Removed
When entering the password for a user account incorrectly 3 times, a message was displayed to the user letting them know that the account has been locked. If someone was looking for a valid user account, this message would indicate to them that the account was valid. This was a potential security issue that could have caused an user enumeration issue. When an account is locked, the user no longer receives this message. Instead, the standard "User Not Found" message is displayed. The fact that the account was locked is still recorded in the system log file.
New Developer Starting
A new MySource Matrix developer joins the team on Monday. Elden McDonald will be paired with Andrei. Please make him feel welcome.
New Features
Listing Engine Keyword For Link Value
Added to: 3.7.0 development
A new keyword has been added to the listing engine to expose the value of the link between a listed asset and its group parent. If you have two groups set up, use "" for the first group and "" for the second group. This keyword is only available when grouping by parent asset.
Keywords In Standard Pages
Added to: 3.7.0 development
Standard pages can now include keywords for the page asset. All keywords normally available for standard asset fields, attributes and metadata values are available.
Planned Development
Bulk Email Management
To be added to : 3.7.0 development
Estimated start date: already in development
Estimated end date : 1st December 2005
Upgrading
3.6.0
Run step_02.php: no
Run step_03.php: no
Run compile_locale.php: yes
Additional queries: No additional queries are required for upgrades.
Additional comments: No additional upgrade steps are required.
3.7.0 Development
Run step_02.php: no
Run step_03.php: yes
Run compile_locale.php: yes
Additional queries: No additional queries are required for upgrades.
Additional comments: No additional upgrade steps are required.
New Bugs Added To Bug Tracker
| Bug ID | 3.4.x | 3.6.x | Dev | Description |
| 930 | Y | Y | Y | Two security issues with repeatedly incorrect logins |
| 931 | N | N | N | HTML altered to something incorrect not confirmed |
| 933 | Y | Y | Y | Rules fire when form question is optional |
| 934 | Y | Y | Y | Using a form field as the From field can send the keyword instead |
| 936 | N | N | Y | Workflow Schema Details screen only shows one step when unlocked |
| 938 | N | N | N | File Upload field error not confirmed |
| 940 | N | Y | N | E commerce form does not present option to export to CSV |
| 941 | N | N | N | LDAP user cannot edit created assets not confirmed |
| 942 | N | N | N | System installed without system root URL breaks urls for web folders not confirmed |
| 945 | N | N | N | edit css file attached in simple edit mode defines font size not confirmed |
| 946 | N | Y | Y | Internal Message emails not sent |
Notes:
Bug #932 (Search page language files) was submitted by gavint but was marked as not being a bug because compile_locales.php needed to be run to install the language files.
Bug #935 (The Saga of Custom Form, Nesting Content and Cache Manager) was submitted as a feature request by Avi but was marked as a duplicate of bug #514 and has been closed.
Bug #937 (File Upload field error) was submitted by Nat but was deleted as it was an exact duplicate of bug #938.
Bug #939 (Non XHTML markup in custom forms) was submitted by Chris T but was marked as a duplicate of bug #876 and has been closed.
New Feature Requests Added To Bug Tracker
| Bug ID | Description |
| 928 | Replace text tool in WYSIWYG removes anchors |
| 929 | Spell checking fails silently if XML_HTMLSax not installed |
| 943 | Paint layout conditional keyword format not supplied in admin interface |
| 944 | Asset updated by name is not exposed as a keyword in the __global__ print tag in the design area |
Bugs Fixed In The Bug Tracker
| Bug ID | 3.4.x | 3.6.x | Dev | Description |
| 930 | Y | Y | Y | Two security issues with repeatedly incorrect logins |
| 946 | N | Y | Y | Internal Message emails not sent |
View Comments
There are currently no comments for this newsletter.