ProjectSend r1415

  • New feature: throttle and ban failed log in attempts to prevent brute force attacks.
  • New in security Settings: whitelist or blacklist IPs from the log in ban feature.
  • New in Tools: unblock a banned IP address
  • New feature: cron jobs. Set up a task that can send pending email notifications in batches, deletes expired files and orphan files.
  • New Cron settings page: Enable/disable cron, change cron security key, select which tasks to run, enable or disable running via url, save log to database, send results via email.
  • New in Tools: Cron log viewer
  • Orphan files can now be filtered by allowed/not allowed.
  • If Recaptcha is enabled, use it on login, password reset request and register forms
  • New setting: disable sending email notifications of new files after adding/editing assignations. Enable this and combine it with a cron task to prevent long loading times after saving a file and overloading your mail server.
  • Updates are now separated into different files, with the latest database update number being independent from the software version. Cleans up the process and makes adding new updates easier.
  • Fixed installer issues (redirect loops and old sessions)
  • Fix: Category edit: verify parent id is not equal to same category id (by luca-rigutti)
  • While installing, get default timezone from system
  • Added max-width to the logo image on the gallery template.
  • Enable or disable debug from the custom config file, instead of using a core file
  • Fixed translations not loading and warnings on php 8+
  • Enable csv uploading by default
  • Use curl -if available- to get new versions and news data, enables timeout to prevent long loading times
  • Fixed: dashboard counters labels where not translatable
  • When editing a user, if role is not client, some fields should be always null (phone, contact, address)
  • Fixed XSS vulnerability on search forms
  • Fixed .htaccess (by RoboDoc)
  • Batch actions are sent as post instead of get to prevent malicious users from sending an action url to an admin user
  • Updated dependencies
  • Prevent registering via POST if self registration is disabled
  • Fixed Title TAG instead of file name (by deklica)
  • Spellchecking + Changed all instances of “his” to “their” when referencing an unknown individual (by ehawman-rosenberg)
  • Fixed JSON responses on widgets (by RiversideRocks)

 

Top