Changes
-------
+1.0.1 -> 1.0.2
+
+- Public pages access restriction (CVE-2024-24761)
+- Remove useless class from templates and fix social networks search dropdown
+- Ensure language is changed when login from cron; closes #1769
+- Make replacements icon in PDF Model more visible
+- Fix possible issue on group creation
+- Fix URL redirection
+
+1.0.0 -> 1.0.1
+
+- Title in members list causes an error
+- Cannot enter a new social network name
+- Pagination and search on members list broken adding contribution
+- Contribution start date overload
+- Groups "accordion tree" not opened when a name contains a slash
+- open_basedir prevents files in /etc to be read
+- Some issues with contribution amount set to 0
+- Fatal error with PHP 7.4
+- Cron user does not have lang defined
+
+0.9.6.1 -> 1.0.0
+
+- Modern UI
+- Major improvements on UI/UX and also responsiveness
+- Use of YAML files instead of XML for exports configuration
+- New preference to show/hide borders around PDF member cards
+- WebP image support
+- Removed free search on advanced search
+- Check for minimal database version at install
+- Resize and crop member picture to a fixed ratio
+- Update issues (not defined constants)
+- Fatal error when cookie not set after login
+- Sort members by status
+- Several PHP 8.1 compatibility fixes
+- Groups manager cannot edit their own information
+- Inconsistent count and display of reminders members
+- Minimum PHP version not displayed on compat page
+- Simple members can't access their list of contributions
+- Contributions mass removal
+- Disable inline images in mailings
+- Issue editing members with wrong values imported in dynamic choice fields
+- Parent group removed when a manager edit a group
+- Fix logo size on member card
+- Fix timeout using logo on PDF member cards
+- Fix dynamic files on contributions and transactions
+- Drop required fields on PDF member cards
+- Parent group can be lost when a groupmanager edits a group
+- Mass add contribution fail if data is missing
+- Dynamic contribution fields not rendered on advanced search
+- Dynamic contributions choice fields on advanced search fail using postgres
+- Several minor issues with RTL languages on PDF generation
+- Issues on transactions search with some date formats
+- Selected members were not reset creating a new mailing
+- Template rendering is now assumed by Twig instead of Smarty
+- Use of Fomantic UI framework for whole display
+- Update third party libraries
+- No longer use atoum (dead project) for testing
+- LibreJS compatibility
+
+0.9.6 -> 0.9.6.1
+- Fix language detection priority not respected
+- No composer platform check
+- Fix html2text for php 8
+- Fix social networks replacements
+
+0.9.5.2 -> 0.9.6
+- Social networks/contact externalization
+- Add member number
+- Export contributions as CSV
+- Drop group name uniqueness at same level
+- Add information to display for dynamic fields
+- Add preferences for groups manager to edit, create members, edit groups, send mailing and perform exports
+- Fix various XSS issues
+- Fix possible SQL injection
+- Add CSRF protection
+- Fix address escaping at display
+- Prevent issue creating contribution with an empty amount
+- Fix undefined index when locale is missing on system
+- Fix issue reusing a saved search from advanced search
+- Update translations
+
+0.9.5.1 -> 0.9.5.2
+- Update translations
+- Work on PHP 8.1 compatibility and tests improvements
+- Fix members list issue with titles column displayed
+- Fix members list ordering
+- Fix missing emails texts insertion
+- Drop duplicate check on saved searches
+- Fix some silent errors
+- Some data were missing checking passwords against personal data
+- Fix gateway timeout sending emails with SSL SMTP
+
+0.9.5 -> 0.9.5.1
+
+- Members can manage their children and create new ones (if preference is on)
+- Mass contribution add
+- Mass edition of dynamic fields
+- Add a preference to send emails to member by default
+- Add a preference to choose default payment type
+- Fix PDF links in emails
+- Replace Markitup with Summernote for HTML emails
+- Replace jQuery Cookie with JS Cookie
+- Fix address variable in template
+- Fix impending reminders
+- Fix close expiries
+- Adjust members by status charts count
+- Fix overlapping menu on mobile
+- Prevent installation page access if Galette is already installed
+- Fix public list ordering
+- Fix contributions ordered on payment type
+- Fix new user registration email
+- Fix search on dynamic fields
+- Fix transactions list display
+
+0.9.4.2 -> 0.9.5
+
+- Fix CVE-2021-21319
+- PHP8 compatibility
+- Cannot create new members
+- Inactive accounts can renew their password
+- Error on removing contribution type
+- Cannot cascade remove groups
+- Ability to order on contributions and transactions ID
+- Variables available in emails and PDF are now the same, dynamic fields has been added, ...
+- Fix late reminders PDF labels
+- Third party dependencies has been updated and cleaned, some for security reasons
+- Add dynamic files on contributions and transactions, fixes
+- Improve self subscription captcha
+- Few fixes on members views
+- Fix auto generated logins that contains `@`
+- Change some database fields so they can store more characters
+- dependency management system has been changed
+
+0.9.4.1 -> 0.9.4.2
+- Issues on mailing instantiation, in core and plugins
+- Fix issues on mailings attachments
+- Post contribution script was called too early
+- Fix cards colors on new installations
+- First and last name were inverted in core PDF member card
+- Print logo was the one used, but not the one displayed in preferences
+
+0.9.4 -> 0.9.4.1
+
+- Many improvements on string translations (add support for plurals, contexts and comments
+- Use events to send administrative emails (account creation, edition, contribution added)
+- Many locales updates thanks to Weblate translators!
+- Fix displayed version number
+- Missing “Next” button in members dynamic dropdown
+- Error creating dynamic field with empty name
+- Pagination was missing on public pages
+- Fix reminders wrong count
+- Members cannot print their own cards
+- Fix direct links to download documents
+- Fix compagnies/natural persons graph
+- Do not notify member on contribution change
+- Cannot print labels or change members in mailings
+- Fix search on dates in contributions list
+- Unable to unset booleans on mass change
+- Unable to unset booleans on dynamic fields
+- Captcha issue on self subscription page
+- Wrong JS action in mailings
+- SQL error on invoices/receipt direct download
+- Issues with images in dynamic files
+- Fix several issues sending reminders
+- Change log in URL
+- Do not display inactive members as late
+- Fix several issues in distributed archive (remove symlinks, fix tar format, …)
+
+0.9.3.1 -> 0.9.4
+
+- Configurable password security enforcement (on strength, blacklist, ...)
+- Import dynamic fields from CSV
+- Handle already encrypted passwords on imports
+- Manage members list displayed fields
+- Emit events when members, contributions or transactions are added, edited or removed (thanks to Nicolas B.)
+- Add direct download links to member card, invoice/receipt in sent emails
+- Advanced search on groups with AND/OR (experimental)
+- Handle RTL on PDF
+- Administrative emails can now be translated in all available languages (and are present on translation platform)
+- Offer last months when using beginning of membership date (thanks to Manuel H.)
+- Members can print their own invoices/receipts (thanks to Nicolas B.)
+- Improve routes ACLs to support regular expressions
+- Rely on GulpJS and NPMJS to handle Javascript dependencies
+- Send member and contribution IDs to post script
+- Switch to Laminas
+- Rework routes using controllers
+- Fix member card with PHP 7.4
+- Fix contribution PDF on some cases (thanks to Manuel H.)
+- Fix date calculation issue with new contributions types
+- Fix wrong value in history creating new member
+- Several fixes on CSV imports
+- Fix some issues using MySQL
+- Fix inconsistent data duplicating member
+- Can use members deadline on PDF card instead of year
+
+0.9.3 -> 0.9.3.1
+
+- Use new icons in titles management
+- Ensure PHP 7.4 is supported
+- Handle properly and test sequences in PostgreSQL for titles, payment types, PDF models, texts and fields categories
+- Fix Telemetry from PostgreSQL instances
+- Fix dynamic translations removal
+- Check for session extension presence
+- Redo multiple status selection in advanced search
+- Fix user search by nickname in dropdowns
+
+0.9.2.1 -> 0.9.3
+
+News
+^^^^
+
+- new translations has been added!
+- galette translations (https://hosted.weblate.org/projects/galette) are now done on weblate platform
+- save searches
+- ability to use several admins email addresses from preferences
+- send a mail to admins when a member edit his card
+- flexible redirect after member creation.
+- add current date variable (DATE_NOW) in PDF models
+
+Bugfixes
+^^^^^^^^
+
+- fix translation issue on members page fieldsets
+- fix dynamic date fields check
+- fix blank page at install on some environments
+- fix javascript escaping on mailings
+- fix groups members removal error
+- fix pagination on trombinoscope
+- fix logo path on some web server configurations
+- dynamic fields order was not stored
+- various fixes related to new dropdowns
+- add missing date fields changes on mysql
+- missing date selectors on advanced search and dynamic fields
+- fix PDF extension and content type
+- fix upper case removal from composed names
+- remove company name when checkbox is unchecked
+- fix call from wrong object in mailing
+- reply-to in preferences was not used
+- fix issues with HTTP 2.0 servers
+- use PDF models header and footer on emargement lists
+
+0.9.2 -> 0.9.2.1
+
+- remove all routes translations
+- fix saving Galette URL in preferences
+- fix dynamic menus in contributions
+- rename locale file to prevent fatal error
+- fix required fields editing member
+- fix member id in new members dropdowns
+- fix use of selected contribution adding a transaction
+- fix wrong redirection
+- rework installer required extensions and php version detection from installer
+- php dependencies are now checked frequently
+- fix member search in new members dropdowns
+
+0.9.1.2 -> 0.9.2
+
+News
+^^^^
+
+- Rework icons
+- Search (name, mail, id, ...) in list selecting member in transactions and contribution
+- PHP 7.1 or above required
+- Use FontAwesome for icons
+- Manage payment types
+- Do not send password in mails
+- Member duplication
+- Add a parameter for default account filter
+- Translation system has been reworked, and now requires intl PHP extension
+- Display managers/members count in groups
+
+Bugfixes
+^^^^^^^^
+
+- CSV import dry-run checks have been entirely reworked to fix several problems
+- Fix version detection on upgrade
+- Better explanations for PDF models variables
+- Can add more than 100 years old members
+- Fix date range limitation on Birthdate components
+- Add birthdate checks on member storage
+- Fix date filtering in contributions lists
+- Use selected sender information on mailing preview
+- Fix sender storage in mail history
+- Fix not translated mark on dynamic translations
+- Fix 'false' search on dynamic boolean fields
+- Mass removal of contributions did not work
+- Remove dynamic fields values when dynamic field is dropped
+- Fix PostgreSQL update script
+- Fix several redirection issues (caused by proxies)
+- Make dynamic fields works on PDF form (thanks to Jérôme B.)
+- Fix CSV fields configuration
+- FIx ACLs inconsistency on dynamic fields
+
+Under the hood
+^^^^^^^^^^^^^^
+
+- Use InnoDB everywhere
+- Automatic re-send of Telemetry data
+- Use Zanata for translations
+- Use ZendTranslator
+- Update third party libraries
+
+0.9.1.1 -> 0.9.1.2
+
+- Fix uncheck member boolean fields
+- Fix member storage when titles are hidden
+
0.9.1 -> 0.9.1.1
- Fix reverse proxy URL
- Define a default status for new members in preferences
- Add footer text
- Add German language (many thanks to Arnold W.)
-- Sender can now be choosed when sending an email
+- Sender can now be chosen when sending an email
Bugfixes
^^^^^^^^
- Take care of history preferences
- Update of dynamic fields now set member modification date
- GPG field was too short
-- Fix schema differences beetween MySQL and PostgreSQL
+- Fix schema differences between MySQL and PostgreSQL
- Clean extra data from 0.9rc
- Change mail field size to be compliant with standards
- Fix upgrade issues
- Superadmin can impersonate without know identifiers
- "Responsive" design
- Manage logout delay
-- Tets emails parameters from preferences
+- Tests emails parameters from preferences
- Check duplicate emails importing with dry-run mode
- Check status importing with dry-run mode
- Preview attached files from mailing preview
-- Select all and invert selection on both begining and end of lists
+- Select all and invert selection on both beginning and end of lists
- Status are no longer uniques
- Login with email address
- Handle reverse proxies for logs (thanks to Georges R.)
- Set 5.6 as minimal PHP version
- Possibility to only expose "webroot" directory
- Type free search fields (thanks to Guillaume R.)
-- Improve fields acces control adding new roles (thanks to Guillaume R.)
+- Improve fields access control adding new roles (thanks to Guillaume R.)
- Merge admintools plugins features
- Free search on statuses labels
- Better management of fields in free advanced search (thanks to Guillaume R.)
- Add ASSO_ADDRESS_MULTI pattern on PDF models
- Add patterns for dynamic fields on PDF models
-- Add basic adhesion form PDF based on models, which can be overriden using the fullcard plugin
+- Add basic adhesion form PDF based on models, which can be overridden using the fullcard plugin
- Add RSS support on news feeds
- Add simple str_replace capability on PDF models
-- Retrieve adress from parent if member does not have one
+- Retrieve address from parent if member does not have one
- Retrieve email from parent if member does not have one (extended)
- Simple members can now change their own name, gender and title
- Store members images missing in database
- Fix quoting in pgsql upgrade script
- Remove extra characters on fields translations for csv export
-- Exclude donations froms due date calculation
+- Exclude donations from due date calculation
- Properly import companies from CSV
- Do not submit advanced search form on group selection
- Relocate data in a common directory
- Combined actions on memberlist from plugins
- Use Logo in PDF models (thanks to Guillaume R.)
-- Maximize satus and contributions types labels size
+- Maximize status and contributions types labels size
- Choose date when filtering contributions
- Filter transactions per date
- IPV6 compatible
- PostgreSQL >= 9.1
- Remove UNSECURE_PASSWORD stuff
- no longer show days remaining for disabled accounts
-- staff members cannot change thor own informations
+- staff members cannot change thor own information
- no error was shown when removing a member failed
-- pdf memberd card was looking for loggged in user membership
+- pdf member card was looking for logged in user membership
0.7.5.4 -> 0.7.5.5 (2013-10-12)
- Super admin was not able to change some members fields
- remove new group button and add group member/manager for non admins/staff
- fix a filtering issue on groups on some cases
- do not try to remove a constraint that does not exists in postgres databases
-- restrict tempimages and tamplates_c directories access from web
+- restrict tempimages and templates_c directories access from web
0.7.5.2 -> 0.7.5.3 (2013-09-18)
- add group member or manager had disappear
- fix groups PDF blank page
- fis MySQL upgrade script issues
- fix wrong interpreter path in post contribution test script
-- mails subejcts were too short
+- mails subjects were too short
- avoid undefined index when running from cron
- improve post contribution JSON data
- fix SQLite install script
- automate reminders sending
- send reminders via cron jobs
- add receipt and invoices for contributions, with customizable models
-- post contribution script call (file, get or post), for accouting storage
+- post contribution script call (file, get or post), for accounting storage
- mailing now always contains a 'To' field to avoid mail blocking
- amounts and contributions types now available on mail texts
- new date and boolean dynamic fields
- order contributions and transactions list by date descending
- charts generation
- PDF list of members by groups
-- display informations on members state of dues
+- display information on members state of dues
- do not remove non member status
- end of membershop date was incorrect if all members contributions has been removed
- unable to remove a member
- improve contirubtions interface if non member exist
-- logged users informations are now available for plugins
+- logged users information are now available for plugins
- dynamic fields values were not stored from self subscription
- lost password mail could only use HTTP, not HTTPS
- retrieve required fields configuration updating from 0.7.3
0.7.3.1 -> 0.7.3.2 (2013-01-19)
- managed but non member groups were not displayed
-- password were reseted on member edition
+- password were reset on member edition
- add payment type on contribution initialization
0.7.3 -> 0.7.3.1 (2013-01-05)
- redesign installation pages
- check plugin compatibility
- improve transaction display
-- add system informations page
+- add system information page
- some fields were too short
- filter on company name
- limit staff statuses to only one member
- fix entered dates i18n
- improve IE8 display
- fix transparent logo, and with unsupported format
-- fix plugins menu incorect path
-- fix plugins activation/desactivation refresh issue
+- fix plugins menu incorrect path
+- fix plugins activation/deactivation refresh issue
- now really uses mail() function
- improve password reminder page
- fix members list cotisations status ordering
Changes and additions
^^^^^^^^^^^^^^^^^^^^^
-- full redisgn
+- full redesign
- interface written with HTML5 / CSS3
-- new history managment
-- mailings history and managment
-- groups managment
-- add a dashboard (which displays latests news from the project
+- new history management
+- mailings history and management
+- groups management
+- add a dashboard (which displays latest news from the project
- public pages (members list en trombinoscope)
- handle plugins (see available plugins at http://galette.tuxfamily.org/documentation/fr/plugins/index.html#plugins)
- CSV export of selected tables and/or parameted requests (https://mail.gna.org/public/galette-devel/2009-02/msg00006.html)
-- required fields managment for members add/edition
-- multinlingual managment for subjects and messages automatically send from Galette (subscription, password lots, ...)
-- members statuses managment
-- contributions types managment
-- rewrite of transactions managment
-- rewrite maling interface
+- required fields management for members add/edition
+- multilingual management for subjects and messages automatically send from Galette (subscription, password lots, ...)
+- members statuses management
+- contributions types management
+- rewrite of transactions management
+- rewrite mailing interface
- JQuery UI integration to enhance user experience (menus, tabs, date/color pickers, ...)
- print membership cards
- ...
- use of PEAR::LOG
- use of Zend_Db to manage database access instead of AdoDB
- phpMailer for emails sending (https, gmail, etc. support)
-- make database relationnal
+- make database relational
0.63.3 -> 0.64rc1 (2010-02-22)
- Handle 'stripos' missing function to keep 0.63.x php4 compliant
- Replace phppdflib with tcpdf
- Symlink to adodb has been removed, we now use a php file defining the versions for the libraries
- Improved pagination: only 20 pages will appear now, instead of all pages
-- Remove spanish language which has not been maintaned for ages
+- Remove spanish language which has not been maintained for ages
- Use UTF-8 for translation files
-- Fix a bug calculating end membership date when using begining date for membership in the preferences
-- Remove not functionnal and not used "public" pages
+- Fix a bug calculating end membership date when using beginning date for membership in the preferences
+- Remove not functional and not used "public" pages
- Remove unused files
- Handle 'mb_strtoupper' to avoid error on labels generation when mb extension is not present
-- Move config file from includes to config directory. Wrtie access on includes directory will no longer be required at install
+- Move config file from includes to config directory. Write access on includes directory will no longer be required at install
- Only super-admin can change its login/password now. Standard admins can no longer do that
0.63.2 -> 0.63.3 (2009-11-09)
- fix a security flaw that allowed attacker to send arbitrary PHP files on some servers
-- when sendind invalid member form, line dynamic fields were repeated (bug #10187)
+- when sending invalid member form, line dynamic fields were repeated (bug #10187)
- some encoding issues has been noticed on UFT-8 MySQL servers. Connection is now forced to LATIN1 (thanks to Cédric)
- unbreakable spaces appears on non html email (thanks to Cédric OLIVIER)
- using XML characters in mailing subjects causes XML analysis errors on preview (bug #14571)
0.62 -> 0.63
- Project leader change :-)
-- Added transactions managment
-- Added dynamic field managment, to add some extra fields; also added the ability to translate such fields labels
+- Added transactions management
+- Added dynamic field management, to add some extra fields; also added the ability to translate such fields labels
- Members can now self-subscribe
- Use of Smarty template engine for pages generation. This causes complete xhtml compliant rewrite of html pages
- Upgrade from ADODB 4.7.1 to 4.9.2
- Font size defined for form labels
- Bugfix concerning a call to imagegif when the function wasn't available (reported by Vincent Bossuet)
- Fixed a bug reported by Lois Taulelle. Membership ending date wasn't updated when removing the "Freed of dues" attribute
-- Added the possibility to be visible or not in the members list (if you wan't to list members outside from Galette). Courtesy of Stephane Sales
+- Added the possibility to be visible or not in the members list (if you want to list members outside from Galette). Courtesy of Stephane Sales
- Removed many PHP warnings (Galette should be running fine when error_reporting = E_ALL)
- The log can now be sorted
- Correction of a few spelling mistake
- Navigation links when on a member's contributions list added
- Clicking on a member's name in the contributions list shows his
- contributions intead of his profile
+ contributions instead of his profile
- Lost password recovery added
- Removed the Galette acronym meaning
- Header corrections
- Bugfix in thumbnail display
- DROP permission wasn't checked during install process
- English translation
-
-
-O.60 -> 0.61
-
-- Correction du formulaire d'édition d'adhérent (admin)
-- Fusion des fichiers ajouter_adherent.php et gestion_contributions.php
- (edition de membre)
-- Les prefixes de tables sont maintenant autorisés
-- Réduction des photos si GD est disponible
-- Les équivalents HTML dans les noms d'adhérents étaient parfois
- mal affichés
-- Retour aux contributions d'un membre après l'ajout d'un contribution
-- Filtre sur les dates dans le listing des cotisations
-- Correction de fautes d'orthographe
-- Liens de navigation sur la fiche de cotisations d'un membre
-- Cliquer sur le nom d'un adhérent dans la liste des cotisations
- permet d'obtenir ses contributions au lieu de son profil
-- Lien "mot de passe perdu"
-- Masquage de la signification de l'acronyme "Galette"
-- Corrections dans les en-têtes
-- Meilleure détection du fichier de langue
-- Correction de bug dans l'affichage des vignettes
-- Le permission DROP n'était pas vérifié durant l'installation
-- Traduction en anglais
Projects / galette.git / blobdiff