ProjectSend r1053
11 May 2018
ProjectSend version r1053 is now available (major release).
Upgrading to ProjectSend r1053
ProjectSend r1053 can be upgraded to (or installed) using any of Installatron's products. Use Installatron's optional Automatic Update feature to automatically apply ProjectSend updates as new versions are released, or use Installatron's Clone feature to duplicate an existing ProjectSend install to test the r1053 upgrade prior to applying it live. Get started managing your ProjectSend installations with Installatron
What's New in ProjectSend r1053
Highlights
- New UI. More modern, responsive and overall more polished looking.
- Can set a maximum file upload size on each client and user, overriding the default one.
- Can now set the default maximum upload size on the installer.
- Added ckeditor as a visual editor on files and groups descriptions (can be disabled)
- Public groups: an option create groups where people can see its contents without being logged in.
- Public page: a special page that shows all of the public groups and files. Has several options. Disabled by default.
- Groups memberships: Option to allow clients to request memberships to public groups. An administrator can approve or deny them.
- Added a new block on the dashboard with server information.
- New template page design, in the style of that of WordPress with themes screnshots and descriptions.
- Manage files: added filter by uploader.
- Added options to set custom subjects on emails.
- Email previews are now accurate in content.
- New option to customize the footer text.
- Better download links.
- Added an option to prevent indexing by search engines.
- Updated the style of the gallery theme.
- Load a custom.js file if it exists (won’t get overwritten when updating).
- Clients can select and expiry date for their files.
Bug Fixes
- Fix for modal window not closing on zip downloads.
- Fixed the MySQL error on some versions during installation, attributed to having 2 timestamps columns on the same table with default value of CURRENT_TIMESTAMP. Based on a contribution by cdoepmann.
- Email: don’t auth if smtp is selected but auth is set to “none”.
- CSV injection bug fix.
- XSS security fixes.
- Several security fixes.
- Fixed category deletion.
- Fix for uploaders not being able to delete their files.
- Several fixes for multiple files downloading as zip.
- Zip files download IDOR fix.
- Fixed showing active status of clients and users.
- New server side pagination, replaces the javacript one which made the site unresponsive if there were a lof of results.
- Some fixes to the manage files page.
Changes
- Added a DEBUG constant.
- Fixed notices on the installer.
- Added a check on the installer for php and mysql versions requierements.
- Some parts of the code where cleaned up, including a new table generation class.
- Refactory of the options pages UI. No more tabs, now groups of options are on their own page. Cleaner and faster to use.
- Admin load a minified version of CSS files.
- Moved most of the backend javacript to it’s own file.
- Show the public url on the file editor.
- Uploaded scripts. flot, phpmailer.
- Better category administration page.
- Throw a warning if php extension is present in the allowed uploads extension list.
Contributions
- A very important contribution in the form of security audit (security-prince)
- MySQL compatibility fixed on the dashboard statistics (DBezemer)
- Handle following of symlinks for imported orphaned files (joshstrange)
- Fix to prevent direct access to the files folder (trainwreckjvbo)
- UI improvements and option to disable the welcome email when creating users (adrianp-sti)
- Fix CVE-2017-9783 and CVE-2017-9786 XSS vulnerabilities. (JackWhite20)
- Fix for the email subjects (remez)
- Login and notification fixes (OrlandoST)
- Fix unsolicited error message on config save (Fix unsolicited error message on config save)
- Fixed bug that stops uploading. (JackWhite20)
- In case the file is a symlink, get the size from the real file not the symlink itself (Kevin Druelle)
- Several Security Fixes (IppSec)
- Expiry dates fixes, new features and improvements (eyeobticeo)
- Typos fixes (hailthemelody)
- Fixed port number problem when behind reverse proxy (berndblume)