10 posts by 4 authors in: Forums > CMS Builder
Last Post: March 15, 2013   (RSS)

  • Archived  

By Dave - March 7, 2013

Hi everyone, 

We've just released v2.52 beta 1 (beta list members will get an email with a download link shortly). 

The major new feature is:

  • Rewritten Mail System - we now use the "Swift Mailer" library and support SMTP authentication.  We've had a few customers with web hosts lately who required this, it basically lets you send mail through any mail server the same way a mail program on your computer or smart phone would.  We used gmail's SMTP server to send a few test messages, for example.  And... If you don't know what any of that means, don't worry, by default everything will continue to work as it always has, but the features are there if you need them.

A few other interesting things:

  • Password security - We've been seeing a few too many support requests with server or CMS passwords of "password" or "12345".  The CMS now checks new passwords against a list of the top 10,000 common passwords and alerts users with the message: "Password found in list of "most common passwords", please choose a more secure password.".  The password list can be found in in /lib/login_password_blacklist.txt
  • Password Usability - We've had multiple users complain or confused after copy and pasting extra spaces with their passwords and getting "Invalid Password".  Leading & trailing spaces are no longer allowed in passwords and automatically stripped off usernames and passwords on login.  So if your password is "magic" and you enter "  magic  " it will still work.  These user errors can take a long time to track down so hopefully this will save everybody some time and hassle.
  • Password Plugins - I also added a plugin hook 'login_newPasswordErrors' in case anyone wants to write a plugin to enforce extra password rules such as requiring digits, min length, etc.
  • Programmers - Easily generate mail sending code with the added "Export showMessage() PHP" option to Email Templates menu under Advanced Commands
  • Social Media Links - There was a forum post about how facebook adds lots of extra data to urls posted on their site and how it can break cms viewer pages, we fixed that and added the code from this post: http://www.interactivetools.com/forum/forum-posts.php?postNum=2229724#post2229724
  • PHP Sessions - PHP has a "feature" where every page hit generates a zero byte session file,  ourselves and others were getting tens of thousands of files building up.  We added code to CMSB to fix that to prevent files from building up.
  • Bug Fixes - And a few bug fixes, see the changelog for more details.

If you're not already on the beta tester email list and you'd like to help beta test (you must own at least 1 CMSB license) please email dave@interactivetools.com to be added to the list.

Please post any feedback, questions, or bugs you find! Thanks! 

Thanks! :) 

Dave Edis - Senior Developer
interactivetools.com
  • Archived  

By equinox - March 7, 2013

Hi Dave,

Could IT update the install and upgrade instructions for the 2.5+ versions of CMSB?  It could be confusing, especially to new users, that the requirements state incorrect information.

Thanks!

  • Archived  

By Dave - March 8, 2013

Good find!  I've updated the required version numbers for PHP and MySQL in "how to install.txt".  Let me know if you spot any other incorrect information.   Thanks!

Dave Edis - Senior Developer
interactivetools.com
  • Archived  

By Djulia - March 12, 2013

Hi Dave,

>Rewritten Mail System

The smtp function functions perfectly on our server.

I have two suggestions.

1) It would be interesting to be able to make a test of sending since the page of configuration (General Settings).

2) I wished to check the behavior of CMSB if an smtp error occurred and I obtain an error 403.
It would be also interesting if it were possible to configure an error message. That can avoid long moments of debugging.

Do you think that it is possible?

Thanks!

Djulia

  • Archived  

By equinox - March 12, 2013

Very intuitive suggestions, Djulia! 

  • Archived  

By Dave - March 12, 2013

Hi Djulia,

Thanks, I've added this text below the email settings fields and linked it to: ?menu=forgotPassword 

Tip: To test mail settings send yourself an email with the Password Reset form.

The benefit of this is it uses an existing real component of CMSB to confirm email works.

2) I wished to check the behavior of CMSB if an smtp error occurred and I obtain an error 403.
It would be also interesting if it were possible to configure an error message. That can avoid long moments of debugging.

I can recreate this by setting the IP or port number to an invalid one.  Sending a test message hangs for 21 seconds on my server and then returns an error.  You could be getting a 403 because your host doesn't let the PHP script run for as long as it's taking.  I spent about an hour trying to debug this with no luck.  I know from previous experience sometimes PHP can stall (block) while looking up an invalid hostname or try to connect to a server that isn't accepting connections - even through we're calling stream_set_timeout() and doing all the standard things to set a timeout.

Do regular SMTP errors (invalid password) get returned quicker? Is it just invalid hostname/port errors or all errors?

Thanks!

Dave Edis - Senior Developer
interactivetools.com
  • Archived  

By Djulia - March 14, 2013 - edited: March 16, 2013

Hi Dave,

>Do regular SMTP errors (invalid password) get returned quicker? Is it just invalid hostname/port errors or all errors?

Oops! I excuse myself not to have specified that.

For me the problem is only with an error on the password (error 403).

What is interesting, it is that I obtain a stack trace.

Stack trace:
#0 ../3rdParty/SwiftMailer/classes/Swift/Transport/AbstractSmtpTransport.php(400): Swift_Transport_StreamBuffer->readLine(8)
#1 ../3rdParty/SwiftMailer/classes/Swift/Transport/AbstractSmtpTransport.php(277): Swift_Transport_AbstractSmtpTransport->_getFullResponse(8)
#2 ../3rdParty/SwiftMailer/classes/Swift/Transport/EsmtpTransport.php(245): Swift_Transport_AbstractSmtpTransport->executeCommand('Nmt3Y2Myc2JfNDU...', Array, Array)
#3 ../3rdParty/SwiftMailer/classes/Swift/Transport/Esmtp/Auth/LoginAuthenticator.php(44): Swift_Trans in ../3rdParty/SwiftMailer/classes/Swift/Transport/StreamBuffer.php on line 169

For the invalid hostname/port, I obtain an error message :

Mail Error: Connection could not be established with host smtp.xxx.com [Connection timed out #110]

Thanks for your patience!

Djulia

  • Archived  

By Dave - March 15, 2013

Djulia, Could you send an email to dave@interactivetools.com with steps to reproduce the SMTP password error?  I'll try in on my server and yours.

Deborah, Can you check for /3rdParty/tiny_mce/langs/ in your cmsbuilder_2_52_build1023_beta1.zip file?  I'm seeing it in mine, not sure what's happening there.  I wondering if maybe the files didn't get completely unzipped or uploaded?  

Let me know, thanks!

Dave Edis - Senior Developer
interactivetools.com
  • Archived  

By Deborah - March 15, 2013

Dave, You guessed right... the zip archive contained the file, but it was not in the unzipped directory. (Must have had a computer hiccup during the unzip.)

Beta installed and I set up and tested the SMTP feature using the password reset form. Works GREAT!

Also checked out and like the password security feature. I'm hoping someone will develop a plugin for setting password rules.

Thanks so much for adding these new features!

~ Deborah