[bse.git] / Changes.txt

BSE 0.21 - unreleased
========

 - verbose output of generate.pl is now based on the template
   admin/generate.tmpl

 - add the referer tag to all dynamic pages

 - added [undeletable articles] to bse.cfg as a supplement to
   @NO_DELETE.  @NO_DELETE is now deprecated and may be removed in a
   future release of BSE.
   https://rt4.develop-help.com/Ticket/Display.html?id=1209

 - iterator inlines can now be filtered (Adrian Oldham)

 - added some more extension to content type mappings for video
   formats (Adrian Oldham)

 - the shopadmin order list targets are now much more efficient - they
   no longer load the entire order table, are paginated, and let the
   data do the selection of matching records.

   NOTE: this removes some backward compatibility - iterator filters
   no longer work and a new tag, all_order_count can be used to fetch
   order counts.  Extra search parameters have been provided to filter
   the results.

 - added a new adminurl2 tag where the second parameter is a target.

 - siteusers.pl now flashes all success messages, and success message
   text is fetched from the messages table

 - added is_released and is_expired methods to Article.  This should
   be visible to article tags in templates.

 - more consistently use tag_article on the admin side of the site.

 - make tag_article smarter so it can call more methods

 - consistently use admin_tags instead of the old collection of admin
   tag methods.

 - tag_object (used for object style tags) now checks
   restricted_method() if implemented for the object.

 - the editor file iterator is now an object iterator, and the efile
   tag on the file edit page is now an object tag

 - add file_exists to BSE::TB::Article::File
   https://rt4.develop-help.com/Ticket/Display.html?id=1288

Bug fixes:

 - thumb.pl would return content types with doubled image/ prefixes,
   eg. image/image/jpeg

 - update BSE::AdminUsers, BSE::ChangePW, BSE::UI::AdminReport to use
   more modern admin tags
   https://rt4.develop-help.com/Ticket/Display.html?id=1234 (partial)
   (Adrian Oldham for BSE::ChangePW, BSE::UI::AdminReport)

 - with [site].secureadmin enabled, refreshes to the secure admin url
   could cause a 500 error.

 - check nomatch fields even for blank fields.  Otherwise a field with
   a LF or CR would not be caught by the dh_one_line validation rule.

 - saving a tag from the tag manager without changing the name or
   deleting a tag that doesn't exist would result in a 500 error.
   https://rt4.develop-help.com/Ticket/Display.html?id=1287

 - setting an unfilled order's stage to "shipped" now sets whoFilled
   and whenFilled for the order.
   https://rt4.develop-help.com/Ticket/Display.html?id=1286

 - an empty title (but no missing) when saving a user or group file no
   longer defaults that to the file display name.
   https://rt4.develop-help.com/Ticket/Display.html?id=1303

 - validation errors are now correctly displayed for adding a user or
   group file
   https://rt4.develop-help.com/Ticket/Display.html?id=1302

 - supplying an empty content type when saving a user or group file
   now resets the content type to that derived from the file's display
   name.
   https://rt4.develop-help.com/Ticket/Display.html?id=1304

 - fix the message id for the "move up a level to section" message in
   the possible parents drop down.

Templates:

 - admin/order_list*.tmpl - see the order list re-work above.

 - you can now use <:- and -:> as tag delimiters to consume whitespace
   on the left and right of the tag.  This doesn't occur for wrap, but
   should for other tags.

Internals:

 - added a getCount() method to retrieve a count of matching records.

BSE 0.20 - 22 Dec 2011
========

Please read any NOTES below carefully.

 - store a truncated card number for credit card payments (both online
   and email).  Reinstate storage of the card holder name in ccName.
   ccNumberHash is no longer populated.

 - ifNeedDelivery (checkoutnew_base.tmpl) wasn't being reset on order
   submission.

 - the site_users table has been refactored into the bse_siteusers
   table, removing the bill* fields and adding deliv* fields.  Other
   obsolete fields have also been removed.

   NOTE: To preserve your registered users on upgrade, run the
   provided schema/site_users_to_members.sql SQL through the mysql
   tool.  This will create entries in bse_siteusers corresponding to
   those in your original site_users table.  You MUST start with an
   empty bse_siteusers table or the script will throw an error.

   NOTE: Any configuration such as report definitions, query group
   definitions should now refer to bse_siteusers instead of
   site_users.

 - Data::UUID 1.148 is now required

 - remove target entry for the shop confirm action, which was
   otherwise removed years ago. RT #1280.

 - logon now starts a new session, preserving the cart.  As a
   side-effect this logs out the admin user, though this may
   change.  RT #1279.

 - passing a new session id between the SSL and non-SSL versions of
   the site is now validated.  RT #1279.

   NOTE: This requires that [site].secret be set to a value specific
   to your site.  Running:

     openssl rand -base64 32

   generates a suitable value.

 - delete the session data for a site users session when they logoff.
   As a side effect this will log out the admin user.

 - allow dynamic content pages to display flashed messages with the
   message tag.  Note that not all actions flash a message.

Template updates:

 - checkoutpay_base.tmpl - the name of the cardHolder payment field is
   now ccName.

 - admin/order_detail.tmpl - order ccPAN can be used to display the
   truncated card number.

 - user/options_billing_base.tmpl and its generated template have been
   renamed with s/billing/delivery/ since it now contains delivery
   details.  The link to it from user/options(_base).tmpl has also
   been updated.

 - user/options_base.tmpl, user/register_base.tmpl,
   admin/users/(add,edit,view).tmpl have been updated to match the new
   site users schema.

 - user/logon_base.tmpl, user/register_base.tmpl - updated the
   "nothing is more permanent that a temporary solution" link text for
   logon, register and recover password.

 - shopitem.tmpl - display the flashed message, if any.

 - removed the unused checkoutcard and checkoutconfirm templates

Internals:

 - Squirrel::Table->make now looks for default_I<colname> when looking
   for default values for a column.
Commit	Line	Data
1be64ebd TC	1	BSE 0.21 - unreleased
	2	========
	3
bf7dd331 TC	4	- verbose output of generate.pl is now based on the template
bf7dd331 TC	5	admin/generate.tmpl
1be64ebd	6
bf7dd331	7	- add the referer tag to all dynamic pages
1be64ebd	8
b23cb063 TC	9	- added [undeletable articles] to bse.cfg as a supplement to
	10	@NO_DELETE. @NO_DELETE is now deprecated and may be removed in a
	11	future release of BSE.
	12	https://rt4.develop-help.com/Ticket/Display.html?id=1209
1be64ebd	13
595e72db TC	14	- iterator inlines can now be filtered (Adrian Oldham)
	15
	16	- added some more extension to content type mappings for video
	17	formats (Adrian Oldham)
	18
8ddd08f7 TC	19	- the shopadmin order list targets are now much more efficient - they
	20	no longer load the entire order table, are paginated, and let the
	21	data do the selection of matching records.
	22
	23	NOTE: this removes some backward compatibility - iterator filters
	24	no longer work and a new tag, all_order_count can be used to fetch
	25	order counts. Extra search parameters have been provided to filter
	26	the results.
	27
	28	- added a new adminurl2 tag where the second parameter is a target.
	29
3d99ca04 TC	30	- siteusers.pl now flashes all success messages, and success message
	31	text is fetched from the messages table
	32
54fada18 TC	33	- added is_released and is_expired methods to Article. This should
	34	be visible to article tags in templates.
	35
41cbde00 TC	36	- more consistently use tag_article on the admin side of the site.
41cbde00 TC	37
c4df989c TC	38	- make tag_article smarter so it can call more methods
c4df989c TC	39
47e33eae TC	40	- consistently use admin_tags instead of the old collection of admin
	41	tag methods.
	42
a8d74b1e TC	43	- tag_object (used for object style tags) now checks
	44	restricted_method() if implemented for the object.
	45
	46	- the editor file iterator is now an object iterator, and the efile
	47	tag on the file edit page is now an object tag
	48
	49	- add file_exists to BSE::TB::Article::File
	50	https://rt4.develop-help.com/Ticket/Display.html?id=1288
	51
bf7dd331 TC	52	Bug fixes:
	53
	54	- thumb.pl would return content types with doubled image/ prefixes,
	55	eg. image/image/jpeg
e728024c	56
c710d90c TC	57	- update BSE::AdminUsers, BSE::ChangePW, BSE::UI::AdminReport to use
c710d90c TC	58	more modern admin tags
0611c441	59	https://rt4.develop-help.com/Ticket/Display.html?id=1234 (partial)
c710d90c	60	(Adrian Oldham for BSE::ChangePW, BSE::UI::AdminReport)
0611c441	61
5b2aab45 TC	62	- with [site].secureadmin enabled, refreshes to the secure admin url
	63	could cause a 500 error.
	64
8fb3d3d4 TC	65	- check nomatch fields even for blank fields. Otherwise a field with
	66	a LF or CR would not be caught by the dh_one_line validation rule.
	67
a8a25cfd TC	68	- saving a tag from the tag manager without changing the name or
	69	deleting a tag that doesn't exist would result in a 500 error.
	70	https://rt4.develop-help.com/Ticket/Display.html?id=1287
	71
6e56cf75 TC	72	- setting an unfilled order's stage to "shipped" now sets whoFilled
	73	and whenFilled for the order.
	74	https://rt4.develop-help.com/Ticket/Display.html?id=1286
	75
d9b0f5e1 TC	76	- an empty title (but no missing) when saving a user or group file no
	77	longer defaults that to the file display name.
	78	https://rt4.develop-help.com/Ticket/Display.html?id=1303
	79
	80	- validation errors are now correctly displayed for adding a user or
	81	group file
	82	https://rt4.develop-help.com/Ticket/Display.html?id=1302
	83
	84	- supplying an empty content type when saving a user or group file
	85	now resets the content type to that derived from the file's display
	86	name.
	87	https://rt4.develop-help.com/Ticket/Display.html?id=1304
	88
2c2618b0 TC	89	- fix the message id for the "move up a level to section" message in
	90	the possible parents drop down.
	91
8ddd08f7 TC	92	Templates:
	93
	94	- admin/order_list*.tmpl - see the order list re-work above.
	95
f8d5dfae TC	96	- you can now use <:- and -:> as tag delimiters to consume whitespace
	97	on the left and right of the tag. This doesn't occur for wrap, but
	98	should for other tags.
	99
8ddd08f7 TC	100	Internals:
	101
	102	- added a getCount() method to retrieve a count of matching records.
	103
2897cd79	104	BSE 0.20 - 22 Dec 2011
6abd8ce8 TC	105	========
6abd8ce8 TC	106
b27af108 TC	107	Please read any NOTES below carefully.
b27af108 TC	108
6abd8ce8 TC	109	- store a truncated card number for credit card payments (both online
	110	and email). Reinstate storage of the card holder name in ccName.
	111	ccNumberHash is no longer populated.
	112
	113	- ifNeedDelivery (checkoutnew_base.tmpl) wasn't being reset on order
	114	submission.
	115
b27af108 TC	116	- the site_users table has been refactored into the bse_siteusers
	117	table, removing the bill* fields and adding deliv* fields. Other
	118	obsolete fields have also been removed.
	119
	120	NOTE: To preserve your registered users on upgrade, run the
	121	provided schema/site_users_to_members.sql SQL through the mysql
	122	tool. This will create entries in bse_siteusers corresponding to
	123	those in your original site_users table. You MUST start with an
	124	empty bse_siteusers table or the script will throw an error.
	125
	126	NOTE: Any configuration such as report definitions, query group
	127	definitions should now refer to bse_siteusers instead of
	128	site_users.
	129
	130	- Data::UUID 1.148 is now required
	131
be262d15 TC	132	- remove target entry for the shop confirm action, which was
	133	otherwise removed years ago. RT #1280.
	134
fb10b11e TC	135	- logon now starts a new session, preserving the cart. As a
	136	side-effect this logs out the admin user, though this may
	137	change. RT #1279.
	138
	139	- passing a new session id between the SSL and non-SSL versions of
	140	the site is now validated. RT #1279.
	141
f13d1b43 TC	142	NOTE: This requires that [site].secret be set to a value specific
	143	to your site. Running:
	144
	145	openssl rand -base64 32
	146
	147	generates a suitable value.
	148
fb10b11e TC	149	- delete the session data for a site users session when they logoff.
	150	As a side effect this will log out the admin user.
	151
cd1c5bfa TC	152	- allow dynamic content pages to display flashed messages with the
	153	message tag. Note that not all actions flash a message.
	154
6abd8ce8 TC	155	Template updates:
6abd8ce8 TC	156
b27af108 TC	157	- checkoutpay_base.tmpl - the name of the cardHolder payment field is
	158	now ccName.
	159
	160	- admin/order_detail.tmpl - order ccPAN can be used to display the
	161	truncated card number.
	162
	163	- user/options_billing_base.tmpl and its generated template have been
	164	renamed with s/billing/delivery/ since it now contains delivery
	165	details. The link to it from user/options(_base).tmpl has also
	166	been updated.
	167
	168	- user/options_base.tmpl, user/register_base.tmpl,
	169	admin/users/(add,edit,view).tmpl have been updated to match the new
	170	site users schema.
	171
fb10b11e TC	172	- user/logon_base.tmpl, user/register_base.tmpl - updated the
	173	"nothing is more permanent that a temporary solution" link text for
	174	logon, register and recover password.
	175
cd1c5bfa TC	176	- shopitem.tmpl - display the flashed message, if any.
cd1c5bfa TC	177
62e56298 TC	178	- removed the unused checkoutcard and checkoutconfirm templates
62e56298 TC	179
b27af108	180	Internals:
6abd8ce8	181
b27af108 TC	182	- Squirrel::Table->make now looks for default_I<colname> when looking
b27af108 TC	183	for default values for a column.