Version 1.0.5 (04 Mar 2006) - Security patch: don't allow URL to set 'noset', which allows users to then set other global variables. - Moved over javascript code for event popups from 1.1 code to handle problems with display on IE - Patch 1519611: Added new French-UTF8 translation - Patch 1558537: Updated Russian translation - Patch 1520078: Fix for postgreSQL PHP warnings - The following translations were updated: Basque, French Version 1.0.4 (07 Jun 2006) - Security fix: do not allow setting of "includedir" via URL when register_globals is enabled in php.ini - Updated Portugues translation Version 1.0.3 (11 Apr 2006) - Patch 1456375: Day view - "Description" not translated, improper handling of HTML in description - Fixed bug 1444923: system settings error on save when ovrd=1 is used - Fixed bug 1420859: Problems with overriding conflict - Fixed bug 1445535: tables-db2.sql NULL usage was incorrect - Patch 1279537: Don't display confidential events in upcoming.php - Fixed bug 1406428: Bug in endhour - Fixed bug 1438181: DBI Interbase-Firebird connection call has wrong parameters - Fixed bug 1279804: send_reminders.php fails in v1.0.1 - Fixed bug 1417585: vCal export of forever repeating events fails for Palm - Fixed bug 1417529: Can't change public access layers - Fixed bug 1397766: Tomorrow Report fails to This Week - Fixed bug 1374014: Prefs page displays option to modify Public Access calendar.. - Fixed bug 1382217 Glitch in handling of public access prefs - Added support for DB2 - The following translations were updated: Greek (new), Hungarian Version 1.0.2 (06 Dec 2005) - Fixed vuln in layers: published vulnerability in layers_toggle.php was fixed - Security fixes: fixes for activity_log.php, export_handler.php, edit_template.php, pref_handler.php and admin_handler.php that deal with SQL Injection - Fixed bug 1349621: Information disclosure vulnerabililty on failed login - Fixed bug 1353363: publish.php logic error for public user? - Fixed bug 1328589: typo in del_entry for read-only calendars. - Added new time range options for reports: next 14/30/60/90/180/365 days This allows reports to show events starting with current date - Fixed bug: undefined variable warning in export_handler.php - Fixed the following bug reports on SourceForge: 1296294: Javascript error when saving with empty description on IE 1265575: Bug in get_all_dates() - Other bugs fixed: + Added Romanian, Turkish, Welsh to config.php in places where they were missing. - New Features / Enhancements / Changes: - The following translations were updated: Czech, German, Polish Version 1.0.1 (19 Aug 2005) - Fixed the following bug reports on SourceForge: 1221434: Improved iCal import support for BYMONTHDAY in ics 1261571: Overriding a conflict when name has double quotes 1233798: Catagory settings for Boss/Assistant not working 1245755: Unbalanced span tags 1211309: Notification message language incorrect 1204229: "Untimed event" default broken since bug 1202127 fix 1205680: upcoming.php was including unapproved. will now use user preferences for displaying unapproved. 1212667: Install script - Database Type Problem 1218113: iCal ATTENDEE error if event is deleted - Other bugs fixed: - Fixed bug: use of & in report.php and view_entry.php + Fixed bug: include path problems for opening settings.php file + Fixed security: exploit allows execution of code downloaded from remote server + URLs in month.php did not include '?' + Category was lost wan clicking on prev/next month in month.php + Fixed login looping related to register_long_arrays - New Features / Enhancements / Changes: + Applied patch 1171807: reminder sent late if cron run at exact second of reminder (was accidentally not included in 1.0.0) - The following translations were updated: + Danish, French, German, Norwegian, Polish, Portuguese_BR Version 1.0.0 (17 May 2005) aka "Buster" - Fixed the following bug reports on SourceForge: 1202127: [ 1187734 ] Timezone offset problems still exist 1201821: Bypass user_sees_only_his_groups 1193835: Creator cannot "edit" a nonuser-event after Admin changes it. 1193579: Untimed shows up wrong in edit page 1189515: Possible to create blank usernames 1190687: users.php called as public 1190699: export.php available to public 1190704: public can access assistant_edit.php 1103215: Invalid work hours 1187734: Timezone offset problem 1120897: Conflict with exceptions 1181682: Report with no name entered -> phantom report! 1179423: private events displayed on reports 1183714: Translation error 1154432: vCal import from Mozilla fails to translate quoted-printable 1176164: iCalendar import fatally corrupts database 1181682: Reports with just spaces for a name cannot be edited 1179403: Availability selection fails when Time Format =24 1065461: timezone offset & all-day events 1107253: time zone offset 1140453: Time zone offset in email notifications 1148602: External Recipients with same name fails 1160167: 12AM Events cause display problems in edit_entry.php 1158769: Category lost when modifing event by Admin 1168686: Month display collides with minicals on Safari 1168682: RC3 Language Detection Broken for Safari. 1169403: Public Access not default selected if Particiapants not shown. 1169078: Bad function call in import_handler.php 1168092: Overlapping events display problem 1167281: View_l loses colour for "today" 1167790: class="selectedday" assignments in other than day.php 1162486: Path exposure issue with view_entry.php - Other bugs fixed: + Fixed problem with ical import weekly BYDAY parsing in import_ical.php + Fixed problem with missing $cat_id in week and day URLs in month.php + Fixed problem with second edit of a single event in a repeating series losing linkage with the original event. + Fixed problem with views_edit.php, select groups not returning menbers + Fixed problem with 12AM event not adding hour=0 to URL in week.php + Fixed day.php rendering problem in Safar + Applied bug fix 1151442: Overlapping events display error in week.php - New Features / Enhancements / Changes: + Split import/export back to two separate links & pages + Moved contents of scheduling tab to details tab + Updated install/index.php to improve security and display advanced php info + Added new default webcal_config values to all sql table definition files + Removed most instances of htmlentities as unneeded + Admin no longer needs to approve Public events that they create + Added option to set LDAP_OPT_PROTOCOL_VERSION in user-ldap.php + Updated install web page to work better on Windows systems. Added display of current PHP settings. + When viewing a report, if allow_html_description is enabled but no HTML is found in an event description, use nl2br to preserve plain text formatting. - The following translations were updated: + Danish, Finnish, German, French, Japanese, Norwegian, Polish --------------------------------------------------------------------------- Version 1.0RC3 (11 Mar 2005) - Fixed the following bug reports on SourceForge: 1156729: Global-view with no valid user creates a non-translatable message 1152863: Japanese strings munged by reports.php and upcoming.php 1124461: Apostrophe in Text Aborts Translation 1154854: Nonuser cals not showing up in views 1154007: Highlight today in Year view 1088772: Nonuser calendar w/ Public as default participant 1145390: Merge arrays with array_merge vs + in view_t.php 1151442: Overlapping events display error in day.php 1146037: Availibility legend size not dynamic and not centered in IE. 1148603: Assistants can't view Bosses Unapproved Events. 1145342: Category selection not tranferred to edit_entry page. 1118121: get_admins in user-ldap has bad search 1123508: RC3 browser language detection always returns none. 1112787: missing charset in upcoming.php - Other bugs fixed: + Fixed problem with upcoming.php header. xml:lang and lang were set to full LANGUAGE value, not abbreviation. + Fixed problem with upcoming.php with "You are not Authorized" error message being sent without a header. + Fixed problem with popups.php with long text strings going off screen. Maximum width is now configurable. + Fixed issue with Application Name containing ? characters in logon.php. If Application Name = "Title" then translate, else use Admin defined name and run through htmlspecialchars + Fixed issues with display_small_month URLs. Extra & if no $user specified. - Add meta tag for charset since MSIE requires it. + Fixed broken advanced search that would not allowing searching other users' calendars. Also added searching non-user calendars. + Added javascript that enables visibility of the start/end time or duration on the edit_entry page from availability.php + Fixed printer friendly view problem. With refresh on, the refresh URL reverted to the regular page + Fixed date_selection_html function to include values for day control + Purge events was not deleting from webcal_entry_ext_user table + Fixed issues with ODBC returning 'invalid db_type' + Fixed issue where month.php and mini-calendar today highlight based on server time - New Features / Enhancements / Changes: + Added 'Public Access' to Manage Calendar of: list, if Admin. + Allow user-created views to be the default view set in user preferences. After saving or deleting an event, the user will return to this page. + Replaced popups.php code with new knoppix based code. This should eliminate the problems with popups going off screen. Popups also follow the cursor now, but can be disabled in the file. + Replaced all instances of forms[0] in javascript with the real form names. This will allow WebCalendar to co-exist with other forms on the same page. + Added patch to allow TLS with LDAP + Added patch 900968: Add outlook-style availability popup + Added global views (available to all users) + Added option to select all users for a view (rather than having to select all users in the list). If users are added later, they will be automatically included in the view. + Converted comments for use with phpDocumentor - The following translations were updated: + Dutch, Japanese (utf8, euc-jp, shift-jis), Spanish, German --------------------------------------------------------------------------- Version 1.0RC2 (09 Feb 2005) - Fixed the following bugs reports on SourceForge: 1116008: Got "invalid user" error when clicking on '+' icon to add new event - Other bugs fixed: + Fixed a problem with the Repeat Tab on edit_entry page, if disabled, the SAVE button was hidden as well. - New Features / Enhancements / Changes: + Modified the way settings.php file is read to handle unix/dos/mac format and also check main directory and include directory. + In day and week view, time slots with events will now use a different background color than time slots that are empty. (This restores how this worked a couple of versions ago.) + Many code changes were made to prevent the "undefined variable" warning that users may get if they have the PHP error_reporting setting enabled. + Documentation updated to System Administrator Guide including new instructions for setting up reminders on Windows. - The following translations were updated: + Czech --------------------------------------------------------------------------- Version 1.0RC1 (04 Feb 2005) - Fixed the following bugs reports on SourceForge: 824268: Emails notifications used wront timezone 931096: Restrict views and view edits to owner of that view 986774: Editing category as assistant was not working 1061746: layout issues with views (daily) 1066440: End Time increased by timezone offset 1085337: Categories combo-box in month.php in assistant mode 1088857: SQL bug affecting ODBC users when viewing event 1101823: Problem importing palm desktop datebook.dat file 1102167: custom header when non-admin user 1109141: Email notifications where using sender language rather than recipient language 1109323: Error in LDAP function for getting list of admins 1087604: Vanishing Layers / cookies 1086357: repeating details display 1085846: SQL error in when listing users on some databases 1085971: repeat tab does not display details 1074403: Day View is not accounting for server offset - Other bugs fixed: + Security fix: Fixed protential problem if a user attempts to login with a username that has charaters that will affect the database. + When using web-based authentication, two database connections were being opened and only one was being closed. + vCal import was completely broken + Fixed problem using htmlarea where event description would not be saved + View Event page would not display links to edit/delete under some circumstances + Fixes for WN web server + Removed duplicate trailer from edit user page (when using a custom trailer) - New Features / Enhancements: + MS SQL Server is now suppported + If php.ini setting for "file_uploads" is not enabled, then indicate this on the import page + Streamlined layers.php & made layers only be displayed when layers are enabled + Updated Admin docs for content & xhtml/css validity + Added new documentation in docs directory: WebCalendar-Functions.html WebCalendar-DeveloperGuide.html WebCalendar-Styling.html + Fixed various xhtml/css issues + Updated reading of settings file to better handle when file is not in exact format we are expecting. + Added database sanity check + Updated default color scheme (Will only apply to new installs) + When html is allowed in event description, still replace newline with html break in view page and event popup if the user did not use any html. + Fixing users.php so it only shows a single user's info when the user isn't an admin + Added ability to authenticate users with postnuke user info. + Added support for automatic gradient background images for table cells - The following translations were updated: + Japanese (with support for 3 character sets) + Romanian (new) + French + German + Italian + Norwegian