v24.11

Upgraded the app to AppGini 24.11. See the AppGini changelog for more details.

ORPM 8.0

What's Changed

• Upgrade code base to AppGini 23.17.
• Fix XSS vulnerability reported by Tree Lion
• Easily access child records from parent table view. See full change log for more details.

New Contributors

• @stack-file made their first contribution in #2

ORPM 7.1

As generated by AppGini 22.12

For full change log, please refer to AppGini change log

ORPM 6.8

• Fix SameSite value of remember_me cookie for future compatibility with browsers.
• Re-order admin utilities menu for better organization.
• Add pageQueryLogs.php to view log of slow and error queries for debugging (Admin area > Utilties menu > Query logs)
• Add 'nothing' table icon (useful when you want no icons for a table)
• Refactor tablename_view to delegate code for applying membership permissions to DataList.
• Add DataList::applyPermissionsToQuery() and DataList::fieldIsDateTime().
• Refactor various parts of DataList.
• Fix filtering query error for non-admin users that don't have full view permissions.
• Add logSlowQuery() and logErrorQuery() functions to help diagnose problematic queries executed by sql().
• Refactor sql() function by separating dieErrorPage() and openDBConnection().
• Add new options to the $o array passed to sql() to suppress logging if set to true: 'noSlowQueryLog' and 'noErrorQueryLog'.
• Add CSS classes .signed-in-as and .username to the 'Signed in as ..' text and the username link in the navigation bar for easier scripting.
• Fix issue where TVDV page with 0 records in TV has missing date pickup components.
• Render read-only checkboxes in DVP in all cases.
• makeSafe(): return an empty string for 0-length inputs without further checks.
• UX fix: don't automatically sign out a user when they access a table they have no access to.
• Show 'table access denied' error if user is accessing a DV record they don't have access to, rather than a blank page.
• Fix issue with empty lookup values for lookup fields of short char/varchar datatype.
• CSS rule to hide empty email links.
• Show "Don't rename uploaded files" and "Delete files from server when removed from record" options in image options window.
• checkMemberID.php: change the way availability is reported to prevent minifying services that strip comments from ruining the result.
• Render read-only (rather than editable) check-boxes in DVP.
• Enable auto-increasing rich editor height for long content.
• Add more randomness to generated file names by randomly seeding microtime() to hinder brute force filename guesses.
• Sanitize filterer_* against reflected XSS in 'Add new' form.
• Misc syntax fixes.

ORPM 6.7

Sanitize date parameters against reflected XSS in summary reports.

ORPM 6.6

• Add .sum CSS class to sum row and each sum cell in TV.
• Fix tooltip appearance in admin/pageRebuildFields
• Fix PHP8 error on filtering lookup fields.
• Fix sorting bug in admin/pageViewRecords.php
• Filter data when exporting to CSV to prevent CSV injection in Excel.
• Sanitize group description in groups list page
• Fix localStorage clearing issue that leads to disabling enabled shortcut keys

ORPM 6.5

Fix 'no direct access allowed' in CSV import page.

ORPM 6.4

• As generated by AppGini 5.93
• Implement instant search in admin settings page to quickly find a setting by label.
• Add button for clearing date fields in detail view.
• Usability and layout fixes to various pages.
• Move server-side code from common.js.php to header.php, and rename as common.js for better performance through native server/browser caching.
• Rename dynamic.css.php to dynamic.css for speedier processing and better loading performance.
• Add checks during setup for PHP extensions: xml and mbstring, and a more descriptive error message if images folder is misconfigured.
• Quick search: fix highlight behavior when no matches are found.
• Fix js bug in admin/pageViewMembers.php that prevents confirmation dialog when deleting a user.
• Fix bug in Save changes button locking behavior during ajax requests.
• Update CI_Input to prevent recently revealed XSS vulnerabilities, CVE-2021-21260.
• Prevent potential minor reflected XSS vulnerability in CSVImportUI.php.

ORPM 6.3

• Add calendar page showing leases starting/ending each month
• Add mass update commands to change status of multiple applicants, multiple applications and multiple units in one command.

ORPM 6.2

Add the following summary reports created by Summary Reports plugin for AppGini:

• Applicants by status.
• Applications/leases over time.
• Applications/leases by property.
• Leases by property over time.
• Lease value by property over time.