github filesender/filesender master-filesender-2.18
Release 2.18
on GitHub

latest releases: master3-filesender-release3.0.beta7, filesender-2.48, filesender-2.47...
3 years ago

Release Version 2.18

Release date: 27 May 2020.

Distribution

Source snapshots are attached to this announcement and the git tag master-filesender-2.18 contains the base that these snapshots were created from.

Installation

Documentation is available at http://docs.filesender.org/v2.0/install/

Upgrade Notes

Version 2.x breaks compatibility with version 1.x. We recommend a fresh installation to version 2.x of FileSender.

Major changes since 2.17

Execution of scripts/upgrade/database.php is required. Some new views have been created and a column type modified. There are changes in the templates directory.

Guest creation and reminders can now be rate limited on how frequently they can occur. Note that while there is already a limit on the number of guests a user can create, a user might attempt to be nasty by creating a bunch of
guests and then deleting them all so they can remake more. This update introduces a new 'rate' of creation limit allowing a cap on per day guest creation activity with new configuration settings.

This rate limiting feature relies on the auditlog to keep track of how many times the user reminds a guest or tries to create a guest.

To compliment the new rate limiting there is a new section in the admin / users page allowing a site administrator to see who hit guest creation total limit, rate limit, who has deleted the most guests that did not send even a single file,
and who has deleted the most guests in all. While a typo would mean deleting a guest that didn't send a file, it is unlikely that a user will delete a whole bunch of unused guests that didn't do anything themselves as that sort of goes against the reason to make the guest in the first place. #787

The my transfers page now allows sorting transfers by clicking o nthe table headers. The number of transfers to display was increased and the closed transfers have been moved on to their own subpage. #796

The admin / transfers page can now be sorted by clicking on the table headers. #794

The admin / transfers page how allows searching by transaction id range #800 #802

A new configuration option (admin_can_view_user_transfers_page) which, when enabled, allows an admin to view a "my transfers" page as a specific user. When this option is enabled an admin can find a user in admin / users and then click to see the "my transfers" page that that user would see instead of their own. The menu item colour, menu item text, and top banner are changed when in this mode to hint to the sys admin that they are not dealing with their own transfers but with user data and so should be very careful. #799

A new validation script, scripts/upgrade/checkconfig.php, was added to allow more complex config.php verification than would be desirable on normal user access. #795

Some transfer options can now be removed in the my transfers page. At the moment this is limited to removing the daily statistics option from an existing transfer. #801

An update to the localuserdb user creation web code #797

The PostgreSQL CI upgrade test dataset was reduced in size due to an out of disk on Travis with one of the new indexes. #788

As a number of issues have been reported relating to cron job execution a new CI task was added to populate a custom database and update the expires time before running the cron job and verifying that jobs are closed as expected. These jobs include both single file and directory tree uploads and one of each is retired during cron execution and one of each is left active. Hopefully this should help catch issues with cron execution by executing a wider range of code and also hitting more database code. #798

Update to RestServer to be quietly resilient to non array response data #786

Fixed an issue with REMOTE_ADDR and cron execution by allowing that to resolve to 127.0.0.1 if being set from a cron job #792

Translatableemails.variables is now a mediumtext to allow cron job execution in some cases where that field was too small. No changes were needed on PostgreSQL as the field was not limited in size in the same manner. #791

Two of the Collection subtypes have been split out to avoid an issue in cron job execution #790

A new window.filesender.log() function to be used in preference to console.log() as that the logging will be collected on browsers that disable logs when the developer console is not open. #793

Internationalization new terms imported to poeditor #789 #805 #804

From a development perspective:

The new rate limiting functionality #787 uses a new
Logger::logActivityRateLimited() method as a single point of call to either return normally or throw an exception if the rate is too high when taken against a configuration setting. This new method acts like Logger::logActivity() but will also log a "rate limit hit" if called too frequently and then throw an exception. This effectively rolls a whole control block to verify rate limiting into a single function call.

DBObject now has a count() method to compliment the all() method if you only want a count of results from a query. #787

Configuration changes

  • guest_reminder_limit_per_day
    Limit the number of guest reminders a user can send to each guest per day (default to 0 which means disabled)
  • guest_create_limit_per_day
    Limit the number of guests a user can create per day (default to 0 which means disabled)
  • admin_can_view_user_transfers_page
    when set to true allows the admin to view the my transfers page the way a user would see their page (default to false)

Support and Feedback

Please lodge new github issues for things that might improve the next release!
See Support and Mailinglists and Feature requests.

Check out latest releases or
releases around filesender/filesender master-filesender-2.18

Don't miss a new filesender release

NewReleases is sending notifications on new releases.

Get notifications