Notice: CMSB v3.10 Beta 1 (June 13th, 2017)

Hi everyone, 

We've just released v3.10 beta 1 (and we're running it live on our website).

This is mostly a maintenance release.  We fixed several caching issues in 3.09 that were causing some plugins to not function correctly.  If you're still having any issues with plugins after installing this version let us know and we'll help you out.

Additionally, there's some new "Experimental Code Generators" under the Code Generator menu.  This is a sneak peak at what we're working on.  One of the features of the Code Generated viewers is that advanced users can add custom MySQL code if they know it to extend what is possible.  One of the problems with this is we often get end-users writing insecure code and inadvertently create security vulnerabilities on their sites.

To address this the new code generators only allow specific "filtered mysql", meaning you can do most things, but you can't pass in arbitrary user-submitted values that would cause security issues.  Instead you use placeholders to pass in values like this: 

  // load record from 'products'
  list($productsRecords, $productsMetaData) = getRecordsAPI(array(
    'tableName'   => 'products',
    'where'       => 'num = :num',
    'params'      => [
      ':num' => getLastNumberInUrl(0),
    ],
    'loadUploads' => true,
    'allowSearch' => false,
    'limit'       => '1',
  ));


This makes the code completely secure.  You literally can't write insecure code with this new system, and we think it makes it easier to read as well.

Anyways, more to come on that in the future!

And if you have a license you can download the latest beta here:
https://www.interactivetools.com/order/download.php

Please post any feedback, questions, or bugs you find! Thanks!