Changelog 1.7.x

From ClaroDevel

This page aims to resume in a "comprehensive language" what has been changed or fixed between Claroline 1.7.0 and 1.7.x.

A lot of people in the forum asked to get such a list in case of a customized campus, this can be useful. If you need more technical informations about the changes (scripts concerned,... ) please refer directly to the Claroline CVS (http://cvs.claroline.net/cgi-bin/viewcvs.cgi/claroline/?only_with_tag=HEAD).

Table of contents
1 Modification between claroline 1.7.7 and 1.7.8

1.1 Translations
1.2 New features
1.3 Security Fix
1.4 Bugs

2 Modification between claroline 1.7.6 and 1.7.7

2.1 Translations
2.2 Security Fix
2.3 Bugs

3 Modification between claroline 1.7.5 and 1.7.6

3.1 Translations
3.2 New layouts
3.3 Fixed bugs and improvements

3.3.1 Bug fix
3.3.2 Security fix

4 Modification between claroline 1.7.4 and 1.7.5

4.1 Translations
4.2 New layouts
4.3 Fixed bugs and improvements

4.3.1 Bug fix
4.3.2 Security fix

5 Modification between claroline 1.7.3 and 1.7.4

5.1 Translations
5.2 Fixed bugs and improvements

5.2.1 Bug fix

6 Modification between claroline 1.7.2 and 1.7.3

6.1 New feature
6.2 Translations
6.3 Fixed bugs and improvements

6.3.1 Bug fix

7 Modification between claroline 1.7.1 and 1.7.2

7.1 Translations
7.2 Fixed bugs and improvements

7.2.1 Bug fix

8 Modification between claroline 1.7.0 and 1.7.1

8.1 Translation
8.2 Fixed bugs and improvements

8.2.1 Major Features
8.2.2 Minor Features
8.2.3 Bug fix
8.2.4 Security fix
8.2.5 Improve installation of claroline on mutualized hosting

Modification between claroline 1.7.7 and 1.7.8

Translations

  • Japanese 35% complete by Naoto KIMURA at Takushoku University in Japan.

New features

  • Add mail notification : to teacher on new submission, to student on new feedback

Security Fix

  • Fix XSS in Wiki, MyAgenda, Documents and links, Forums and Tracking
  • Remote file inclusion with register_globals to On. (zone-h (http://www.zone-h.fr/advisories/read/id=1524))

Bugs

  • Export SCORM : Compatibility with php5

Modification between claroline 1.7.6 and 1.7.7

Claroline 1.7.7 released, Tue June 13 2006

Translations

  • Greek fine tuning by Spiros Ioannou
  • Fix charset of greek translation of wysiwyg editor
  • Italian 100% complete (6 missing translations) by Stefano Crosatti

Security Fix

  • Remote inclusion have been discovered in these scripts. 
Platform in register_globals off and/or allow_url_open off are not vulnerable.
* claroline/auth/extauth/driver/postnuke.inc.php
* claroline/auth/extauth/driver/mambo.inc.php
(THANKS TO ZONE-H Team)
  • Improve Security : protect blindness all included file to prevent other injection.

Bugs

  • Linker : Secure document configuration isn't loaded in linker tool.
  • Documents and links : directory named 0 (zero) causes claro_delete_file to exit without deleting all files in a directory
  • Wiki : now wiki page title is always case sensitive
  • Wiki : fix some javascript warning
  • Tracking questions details : Fix queries for mysql 5

Modification between claroline 1.7.5 and 1.7.6

Claroline 1.7.5 released, Wed May 17 2006

Translations

New layouts

  • 2 new Layouts :
    • clarcomm.css, a new corporate CSS designed by Laurent Colet in the context of an internship at Cerdecam Research Center (Brussels)
    • cupertino.css
Layout Clarocom
Enlarge
Layout Clarocom
Layout Cupertino
Enlarge
Layout Cupertino


Fixed bugs and improvements

Bug fix

  • Course settings : Cannot enter URL of the department with the character - in it. (fixed by Marina from St-Etienne France)
  • Create course : Error message, use $coursesRepositorySys instead of $coursesRepositories (<-- doesn't exist)

Security fix

Remote inclusion have been discovered in these scripts. Platform in register_globals off and/or allow_url_open off are not vulnerable. 

claroline/admin/admin_class_register.php
claroline/auth/extauth/casProcess.inc.php
claroline/auth/extauth/driver/*.inc.php
claroline/exercice/answer_admin.inc.php
claroline/exercice/exercise_admin.inc.php
claroline/exercice/question_admin.inc.php
claroline/exercice/question_list_admin.inc.php
claroline/exercice/statement_admin.inc.php
claroline/inc/claro_init_local.inc.php
claroline/inc/conf/auth.conf.php.dist     -> Need a  manual security hack
claroline/inc/lib/add_course.lib.inc.php
claroline/inc/lib/event/init_event_manager.inc.php
claroline/inc/lib/export_exe_tracking.class.php


Modification between claroline 1.7.4 and 1.7.5

Claroline 1.7.5 released, Wed April 5 2006

Translations

New layouts

  • 3 new Layouts : claroffice.css, caucase.css and netscape.css
Layout Caucase
Enlarge
Layout Caucase
Layout ClaroOffice
Enlarge
Layout ClaroOffice
Layout Netscape
Enlarge
Layout Netscape


Fixed bugs and improvements

Bug fix

  1. Add user : Deep redesign of the user addition workflow to fit something more usable and closer to the orginally defined workflow.
  2. Assigments : Don't update visibility when editing assignment settings.
  3. Forum : Change the way rank moving is done for forums and categories.

Security fix

  1. A security hole in the file editing. There was no process to prevent the view of file upside the course directory.
  2. A remote inclusion in scormExport.php

Modification between claroline 1.7.3 and 1.7.4

Claroline 1.7.4 released, Fri March 20 2006

Translations

  1. Complete Italian review by Fausto Barbarito <fausto@nosmet.com>
  2. Complete Greek review by Spiros Ioannou From School of Electrical & Computer Eng. of National Technical University of Athens
  3. Turkish 34.5% by fazli

Fixed bugs and improvements

Bug fix

  1. Pear path. The own Claroline Pear path was pushed to the end ot the include_path list. If another Pear path existed, the claroline pear path wasn't take into account.
  2. Import user list : add mime type of cvs file made with OOo
  3. Fix a bug with iis and php : $_SERVER['HTTPS'] is 'off' when the scripts was queried through the HTTPS protocol.
  4. Linker crashes in group forums
  5. Put in comment the call to session_regenerate_id, error with php 4.3.2 && 4.4.2. Authentication failed.

Modification between claroline 1.7.2 and 1.7.3

Claroline 1.7.3 released, Fri February 17 2006

New feature

  1. Auth with Ldap : Add a case sentivity flag for username during the authentication process

Translations

  • Spanish Latin 100% by Prof. Carlos Brys - Universidad Nacional de Misiones - Argentina

Fixed bugs and improvements

Bug fix

  1. Missing charset in mail (fix bug: 443)
  2. Fix wrong variable name in CAS configuration file
  3. Import csv user list : Remove the useless creation and use of a tmp directory of the uploaded file
  4. Wiki : double hex encode on e-mail addresses in wiki renderer
  5. SSO : Fix a tiny security hole in the internal SSO of Claroline
  6. Course settings : empty email address rejected even if optional
  7. Course creation : Cannot display course creation error. Syntax error
  8. Groups : Fix a bug concerning group registration when group are private
  9. Forum search : missing backtick in the FROM clause of the search query. They prevent the search command to work correctly on multi DB system.
  10. Learning Path : Fix a bug in sql strict mode ( View forum 4960 (http://www.claroline.net/forum/viewtopic.php?t=4960&highlight=parcours) )
  11. Wiki : relative url like './wiki.php' are interpreted like wiki link
  12. Upload File : change str_replace() to str_ireplace() in htaccess2txt() to increase security.
  13. Groups : SQL error when fill O group (View forum 4910 (http://www.claroline.net/forum/viewtopic.php?t=4910&highlight=group) )
  14. Import CSV in class : There is a bug in "inc/lib/user.lib.php" that prevents a student to be added to a class if he/she already added to another class. (View forum 4995 (http://www.claroline.net/forum/viewtopic.php?t=4995))
  15. Delete class : Deleting a class does not remove corresponding memberships in rel_class_user

Modification between claroline 1.7.1 and 1.7.2

Claroline 1.7.2 released, Fri January 13 2006

Translations

  1. Arabic translation 100% by Eng. Ali
  2. Polish 100% by Jacek Grudzien (bel2@bel.biz.pl)
  3. Bulgarian 97,1% by Alexander Simidchiev
  4. Greek by Lefteris Zacharia
  5. Persian by Elnaz Sarbar - Farsi Web
  6. Spanish Latin 99,1% by Prof. Carlos Brys - Universidad Nacional de Misiones - Argentina
  7. Romanian translation 99,3% by Antonio Apostoliu and Mr. CEO Ion Poiana of National Meteorology School from Romania
  8. Traditional Chinese 96.7 % by Kiang - Taiwan PHP User Group http://twpug.net/

Fixed bugs and improvements

Bug fix

  1. Assignments : Fix a bug when trying to download an accentuated filename when using internet explorer.
  2. Assignments : wrong sql with old mysql version
  3. Create a course : didn't use "Default course access" configuration
  4. Install : if port isn't 80, install add the port
  5. Create course : wrong sql with old mysql version
  6. Exercise : Add support of chars like [ ] < > :: in fill in blanks text and wrong answers
  7. Exercise : Add support of chars like [ ] < > :: in fill in blanks text and wrong answers; Compatibility with mysql 5
  8. Linker : correct bug #430 and bug #431 wrong url generated by document resolver
  9. Login : Fix a bug in the source Url building in the login process
  10. Tracking : trafic details, wrong library folder.
  11. Wiki : Fatal error when an anonymous user edit a page
  12. Wiki : access to any group wiki from a group (bug #421)
  13. Wiki : impossible to access a group Wiki when course Wiki is disabled (patch for bug #437)
  14. Wiki : fix relative url detection bugs (bugs #436, #438 and #439)
  15. Wiki : antispam not working on mailto urls (bug #440)

Modification between claroline 1.7.0 and 1.7.1

Claroline 1.7.1 released, Tue November 29 2005

Translation

  1. Arabic 100% by Eng.Ali Ismaeel
  2. Bulgarian 69% by Alex Simidchiev of Thorax-bg.com
  3. Croatian 86% by Karolj Skala and Bozo Jonic - Ruder Boskovic Institute http://www.irb.hr/en/
  4. Dutch 100% by Svenn d'hert - wmtown.com
  5. French small fine tuning by Hugues Peeters
  6. French review by Paul Muraille http://www.tictips.com
  7. Galician 100% by Gerardo Albela González - Bolseiro Servizo de Teledocencia (Edif. Fundición)
  8. Indonesian by Ery Atmodjo 35.6% --> 99,7%
  9. Persian 64.5% by Elnaz Sarbar - Farsi Web
  10. Polish 100% by Jacek Grudzien (bel2@bel.biz.pl)
  11. Spanish 100% by Gerardo Albela González - Bolseiro Servizo de Teledocencia (Edif. Fundición)

Fixed bugs and improvements

Major Features

  1. Add an enrolment key for course subscription.
  2. External Authentification : Rewrite the authentication part to permit to search on potential multi username (login name).
  3. External authentication : driver to Mambo (http://www.mamboserver.com/) & Joomla CMS (http://www.joomla.org/).
  4. Course tracking : Add details of user connected this day in the course.
  5. Forum : Internal search fonctionnality.

Minor Features

  1. Admin profile : add icons to some commands to clarify the user interface.
  2. Login : Add titular contact address when course enrollment is not allowed.
  3. Update pclzip to version 2.4.
  4. Group : Add a confirmation to delete a group.
  5. Manage course category : tool to repair a broken tree
  6. CAS : Improve the script and add the possibility to use CAS authentication and Claroline authentication.
  7. Home Page : New configuration to order course by : official code (default) or course title.

Bug fix

  1. Administration, add a user list : Impossible to acceed the script from administration.
  2. Administration, add a user list : Take account of config for secure password check.
  3. Announcements (Send it by email) : transformation allowing to capture and keep url's in the following case : click <a href="http://www.claroline.net">here</a>. This string is transfomed like this : click here [ http://www.claroline.net ].
  4. Announcements (Send it by email) : transformation html list in text list with '*'.
  5. Assignments : use function move_uploaded_file instead of function copy for upload of file
  6. Assignments : Display of assignments' description was broken.
  7. Assignments : Add mecanism to change the visibility of all submitted works when changing "default works visibility" in assignment edition. That mecanism is available using a configuration variable. ( 4156 (http://www.claroline.net/forum/viewtopic.php?t=4156))
  8. Assignments : Add a pager toolbar at the bottom of user list
  9. Authentication : Login & password not unquote in register_globals=On and magic_quotes=Off (login & password can now contain ')
  10. Chat : Set the charset of the page ( Forum 4405 (http://www.claroline.net/forum/viewtopic.php?t=4405) )
  11. Course settings : multi email are accepted.
  12. Display file size unit : add a space between value and units ( ie : 35,4 Mb instead of 35,4Mb ).
  13. Documents and links : Links with get parameters are wrong encoded.
  14. Documents and links : Notice messages when uploaded file is too bigger. (bug 371 (http://jupiter.cerdecam.be/bug/view.php?id=371))
  15. Documents and links : Add .pps mimetype (suggested by Marina from university of Saint-Etienne, France)
  16. Documents and links : Error with files with double '.'
  17. Edit zone file : Save also the text zone, if the content is only an image.
  18. Exercises : Display pager on questions pool page.
  19. Exercises : Attach a file, the name of temporary file was not correctly returned.
  20. Exercises, question pool : Pager was not using filter.
  21. Exercises: Cannot choose a question to import in a exercise if this question is not on the first page of the question pool
  22. External authentication : Adapt Package LDAP from PEAR to work like others drivers.
  23. External authentication : Patch fixing the #348 bug (Auth LDAP not retrieve user attributes)
  24. External authentication : Prevent username modification when the authentication source is not claroline.
  25. Forum : Add a cancel button to the form
  26. Forum : Fix some breadcrumb mistake
  27. Groups : Sql warning when we fill groups in a course with no users.
  28. Install : Check the minimum version of php ( 4.3.0 ).
  29. Learning Path, Import Scorm package : Check if item has an identifier before recording it. Learning Path : php session aren't saved with header location (redirection) on IIS server.
  30. Learning path, export : Impossible to create folder. (Fix open_basedir and safe_mode restriction with recursive use of claro_mkdir function)
  31. Linker : remove http://SERVER_HOST/ from javascript path function to avoid possible issue with https protocol
  32. Login Page : Don't display course select box if user isn't enroll to a course.
  33. Login Page : Registration link is wrong on login page. (Forum 4194 (http://www.claroline.net/forum/viewtopic.php?t=4194) )
  34. Manage course categories : Detect infinite loop if broken structure.
  35. Manage course categories : Fix a wrong SQL.
  36. RSS : Don't feed hidden entrie from aganda and announcements
  37. Send mail: Set the charset of email
  38. Tracking : Fix some error in documents tracking.
  39. Tracking : Correct breadcrump in login_details.php
  40. Tracking : Delete all course statistics, delete also learnpath progress.
  41. Upgrade : Don't set currentDbVersion in the script before test of version.
  42. Users profile : Password Too Easy : Add a correct message when password is too easy.
  43. Users tool : Display Lastname before firstname in users list.
  44. Users tool : Order search results of add a user.

Security fix

  1. A remote file inclusion vulnerabilities with register_globals on

Improve installation of claroline on mutualized hosting

  1. Fix some error with PHP open_basedir configuration.
  2. RSS configuration : Add a properties in configuration to enable or disable RSS. (Disabling is needed, if PEAR isn't available)
  3. Don't use ini_set function (jexiste.fr) use set_include_path and get_include_path
  4. MySQL queries : Fix some queries error with Mysql 5
Retrieved from "http://www.claroline.net/wiki/index.php/Changelog_1.7.x"