Notice: CMSB v2.08 Beta!

30 posts by 9 authors in: Forums > CMS Builder
Last Post: April 20, 2011   (RSS)

  • Archived  

By Chris - April 8, 2011 - edited: April 8, 2011

Hi everyone,

We've just released v2.08 beta 1 (beta list members will get an email with a download link shortly.)

The major new feature is Password Encryption: simply put, if someone gains access to your database, they won't be able to get your users' passwords.

Password Encryption will be enabled by default for new CMS Builder installations, but if you're upgrading you can enable it here: Admin > General Settings > Advanced Settings > Encrypt Passwords.

Please note: it's not possible to decrypt passwords or undo this feature; if you have custom code which relies on being able to read user account passwords from your database, you won't be able to use this feature (but you can still upgrade.) Make sure to back up your database before enabling this feature and test any login-related code immediately after.

Also note: Website Membership does not currently work with Password Encryption. If you are using Website Membership, do not enable Password Encryption just yet; we're working on a new version of Website Membership which will be available in a couple of days.

The "Forgot your password" feature now sends a Reset Password link instead of sending the existing password.

There's also a new "Require HTTPS" option which can be used to make your site even more secure. When enabled, users will not be able to login via http:// and will be redirected to https://

If you're not already on the beta tester email list and you'd like to help beta test (you must own at least 1 CMSB license) please email dave@interactivetools.com to be added to the list.

Please post any feedback, questions, or bugs you find! Thanks!

Thanks! :)
All the best,
Chris

Re: [Chris] Notice: CMSB v2.08 Beta!

  • Archived  

By Toledoh - April 8, 2011

Hi Chris,

Excuse my ignorance here, but when you say plugins that read passwords, do you mean just user account passwords, or also things like SMS plugin where you plugin stores username / password / account settings etc to other systems. That would encompass SMS, Download Mail, even the Google API key in the Geolocation plugin?
Cheers,

Tim (toledoh.com.au)

Re: [Toledoh] Notice: CMSB v2.08 Beta!

  • Archived  

By Chris - April 8, 2011

Hi Tim,

Good question! Just the User Account passwords are encrypted, so none of the plugins you mentioned will be affected. I've updated my post above to be more precise.

Thanks!
All the best,
Chris

Re: [Chris] Notice: CMSB v2.08 Beta!

  • Archived  

By Djulia - April 9, 2011

Hi Chris,

The update gave me two error:

1) MySQL Error: Table 'xxx__accessList' doesn't exist

2) PHP Notice: Undefined index: requireHTTPS in ../lib/admin_functions.php on line 4

An idea ?

Thanks !

Djulia

Re: [Chris] Notice: CMSB v2.08 Beta!

  • Archived  

By gkornbluth - April 9, 2011

Hi Chris,

This is great news...

I use the membership plugin a lot so I look forward to the updates.

While you're mucking about in 2.08, is there any possibility that you could add a pull down field on the general admin page that globally sets the default number of records displayed in record lists?

Defaulting to 25 each time has led to some confusion with new users.

The number of records tends to grow over time, and 25 has become a bit of a pain for us developers as well.

Thanks,

Jerry Kornbluth
The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Re: [Djulia] Notice: CMSB v2.08 Beta!

  • Archived  

By Dave - April 9, 2011 - edited: April 9, 2011

Hi Djulia,

Thanks, we'll patch those for the next beta. Here's some fixes:

>1) MySQL Error: Table 'xxx__accessList' doesn't exist

Open /lib/login_functions.php, search for "_access" and replace this:
$records = mysql_select('_accessList', $where);
with:
$records = mysql_select('_accesslist', $where);

>2) PHP Notice: Undefined index: requireHTTPS in ../lib/admin_functions.php on line 4

Open /lib/admin_functions.php, search for requireHTTPS, and replace this:
if ($SETTINGS['advanced']['requireHTTPS'] && !isHTTPS()) {
With this:
if (@$SETTINGS['advanced']['requireHTTPS'] && !isHTTPS()) {

Let me know if that works for you. Thanks!
Dave Edis - Senior Developer
interactivetools.com

Re: [Dave] Notice: CMSB v2.08 Beta!

  • Archived  

By Djulia - April 9, 2011

Hi Dave,

>> [font "Verdana"]with:
>> 1) MySQL Error: Table 'xxx__accesslist' doesn't exist [font "Verdana"]

Can you reformulate?

Thanks ! :)

Djulia

Re: [Dave] Notice: CMSB v2.08 Beta!

  • Archived  

By Djulia - April 9, 2011

oops, excuse me, I had not understood!

"_accessList" [font "Verdana"]with "_accesslist"

That functions perfectly now!

Thanks ! :)

Djulia

Re: [Dave] Notice: CMSB v2.08 Beta!

  • Archived  

By Djulia - April 9, 2011

Hi Dave,

I have another error message, but with the Preview function :

PHP Fatal error: Call to undefined function getCurrentUserAndLogin() in ../lib/viewer_functions.php on line 162

An idea ?

Thanks!

Djulia

Re: [Djulia] Notice: CMSB v2.08 Beta!

  • Archived  

By Chris - April 11, 2011

Hi Djulia,

Thanks! I've fixed this for the next beta. Here's the fix:

Open cmsAdmin/lib/viewer_functions.php, search for "admin_functions", and add the line in red:

require_once SCRIPT_DIR . "/lib/admin_functions.php";
require_once SCRIPT_DIR . "/lib/user_functions.php";
require_once SCRIPT_DIR . "/lib/login_functions.php";

Thanks again! :)
All the best,
Chris