CKFinder ChangeLog ================== http://www.ckfinder.com Copyright (C) 2007-2008 Frederico Caldeira Knabben (FredCK.com) ### Version 1.4 - CKEditor 3.x is now supported. - Upload progress bar is shown for Firefox 3.5 - New translation available: French. - Fixed problems with handling Japanese/Chinese file names. ### Version 1.3.4 ### Version 1.3.3 ### Version 1.3.2 - Long filenames caused wrong resize of the panes in IE. - New translations available: Latvian and Portuguese (Brazilian). - New help files translations available: Polish and Spanish. - Fixed handling of duplicate ACL entries for the same resource type and path. ### Version 1.3.1 - Fixed problem with image validation during uploads of .swf files. ### Version 1.3 - Attention!!! New feature added that may cause compatibility issues in rare situations. The number of arguments passed from CKFinder to the "SelectFunction" has changed. In the second argument, an object with additional data is now passed. - Added control over the startup path. It is now possible to point CKFinder into selected resource type / folder. - Improved thumbnails support: it is now possible to define a custom function that will be triggered when thumbnail is selected (SelectThumbnailFunction). - New configuration option added to access thumbnails directly, if enabled, thumbnail requests are passed to the connector only if one should be created. - Improved protection against caching of thumbnails by browser. - Introduced RememberLastFolder setting - if enabled, CKFinder will remember the last used folder. - Improved the routine to show all the errors sent by the server connectors. - Improved the control over popup mode - it is now possible to disable auto-closing of CKFinder window. - Added support for passing CKFinder settings as an object in the javascript integration class. - Added example explaining how to open CKFinder in selected folder. - New translations available: Chinese, Russian and Slovak. - Fixed security issues in the server connector. - Fixed issues with invalid .htaccess in the userfiles directory when PHP was running as CGI - Added BMP thumbnails support - Fixed issue where cleaning output buffering triggered custom error handler ### Version 1.2.3 - Fixed security issues in server connector (directory traversal attack vulnerability) - When uploading files, a JavaScript error was being thrown if an error occurred during the upload process. ### Version 1.2.2 - Fixed issues with sending requests when output buffering is enabled. ### Version 1.2.1 - Fixed issues with chmoding files and folders due to empty umask() calls - Corrected require_once calls, CKFinder now works when "." is not in include_path ### Version 1.2 - CKFinder is now fully localizable. The German, Italian, Polish and Spanish localization is included. - Icons are now displayed for files in List view. - Custom dialog boxes are now being used to avoid issues with popup blockers. - New configuration option added to hide specific folders and files. - New configuration option added to check size of uploaded image after scaling. - Creating and removing a folder with the same name was causing an error. - The UI will now reflect changes in the ACL when the Refresh button is used. - File extensions are now checked in the client side before uploading. - The [+] icons is now shown in the root folders only if subfolders are available. - The # character is now properly encoded in the URL returned by CKFinder if that character is present in the file name. - Fixed problems with file uploads when open_basedir was enabled. - Permissions applied with the chmod command are now configurable. ### Version 1.1 - Attention!!! Some additional security features have been introduced, changing the behavior present on previous versions: - The CheckAuthentication() function has been introduced in the configuration file. It must return "true" to CKFinder to work. Pay attention to the comments you will find there. - Allowed/denied extensions list is now used to filter displayed files. In previous versions it was used only to restrict file uploads) - In the default config file, the allowed extensions list is now defined instead of denied extensions list (white list approach). - Automatic detection of invalid image files on upload. - Disabling the upload if HTML is found inside specific files to prevent against UXSS. - Introduced CKFinder for ASP and CKFinder for ColdFusion. - Full server side source code is now available. - CKFinder is now compatible with Safari 3 (WebKit based browsers) and Opera 9.5. - Fixed incompatibility issues with IE 5.5/6 ("The page cannot be displayed"). - Fixed IE6 incompatibility with the "Navigate sub-frames across multiple domains" security setting. - CKFinder is now fully compatible with FCKeditor 2.5, including QuickUpload support. - New configuration option added to set maximum dimension of uploaded images. - Improved speed of thumbnails loading by CKFinder. HTTP code 304 is being sent whenever possible. - Removed potential problems with umask & creating directories. Directories are now chmoded to 0755 after creation. - No errors when memory_get_usage() function is undefined. - Fixed the issue with the calculation of the size of thumbnails. - CKFinder now gracefully handles situations, where the connector response is broken. - Fixed the issue with getting files after renaming a folder. - Fixed the issue with setting maxSize. It was ignored previously. - It works with error_reporting set to E_STRICT. - Fixed small issues with PHP4 and thumbnails generation. - Thumbnails are not retrieved if no FileView permission in the folder. - An alert message is now displayed when the "View" popup is blocked by the browser. - Dozens of small fixes and enhancements. ### Version 1.0.1 - Fixed incompatibility issues with IE 5.5/6. ### Version 1.0 - First public release.