News
New Password Rules Monday, January 4, 2016 The rules governing acceptable password strings have been enhanced to support the full Active Directory complexity options and are fully configurable. You may still elect to support the simplest, shortest passwords that never expire, but the default settings require at least 7 characters containing at least one upper case letter, one lower case letter and a number. Alternatively, you may substitute a special character for a letter. Passwords expire every 90 days and a password cannot be reused within the last 365 days. Each setting can be adjusted on a per site basis.
Ad Hoc Reports using Stored Procedures Friday, December 25, 2015 It is now possible to call a MySQL stored procedure instead of simply executing a SELECT sql statement to produce an Ad Hoc Report. The column properties still describe the results returned, but only the first set of results from the stored procedure is used (a stored procedure that generates a report should really only output one result set anyway). Parameters are passed to the stored procedure as filter variables which are defined in the same way as a SELECT query. However, because it is possible for a stored procedure to modify data without this application knowing about it, there is a potential security risk, so a new configuration option called STORED_PROCEDURE_REPORTS must be set before a stored procedure can be setup as an Ad Hoc Report. Note that the only advantage of using a stored procedure for a report instead of a SELECT query or view is that more than one query can be executed, so more complicated reports can be created, particularly by storing intermediate results in temporary tables.
SOAP File Server Utility Wednesday, November 11, 2015 The "buploader" utility has been deprecated and no longer works beginning with php v5.6 so a new file server utility has been introduced, simply called "uploader", which actually provides much more functionality than just uploading files. The new utility uses the built-in php soap class and is a wrapper for the File Services SOAP API. Not every method is supported, but in addition to uploading batches of files, you can now pull lists of files, folders and workgroups, and delete both a file and a folder. Dropping a folder deletes all of the files inside that folder, but if the folder contains any subfolders, it cannot be deleted. You can also download the contents of a file by specifying either the file id or the file name along with the workgroup and folder where it is located. Of course, the API user must have the appropriate privileges for each operation. REST Reporting API Enhanced Wednesday, November 11, 2015 The REST reporting service has an option to return the report in fully marked-up html instead of the usual json, and is very convenient for javascript clients since they can just drop it into an innerHTML div. However, unless a listener was attached to the heading cells, the user could not reorder the report by clicking a column heading. But now a new sort_callback parameter has been added to the run_report service which turns the headings into links that invoke the callback function in your code with the internal column name as the argument. Your function could then call the run_report service again, passing that same internal column name as the sort_column, causing the results to be returned sorted by that column. The adhoc_report_demo.html script in the api directory has been updated to demonstrate this new functionality.
Displaying Report Links Wednesday, November 11, 2015 In consideration of the COMBINED_MENU and SECTIONS_SECURITY configuration options, Ad Hoc Report links will now be displayed correctly in the left side panel for those pages that support it (News, Reports, Login/Logout and perhaps any custom pages using the default menu). In addition, the Reports menu now remembers which set of reports was last selected and will continue to display them when refreshed instead of always resetting back to all reports. Also, when all of the available report links are displayed, it will now include any favorited reports, marked by a heart, unless the favorited report has the exact same title as the original report, when only the favorite report link will be displayed.
Bug Fix Release Friday, October 2, 2015 A few long-standing bugs were fixed in the v102a release. Stronger password handling procedures were implemented due to the insights gained from the "How We Cracked Millions of Ashley Madison Passwords" article. Adding a report to Favorites will now correctly save the currently sorted order of the report. It is now feasible for developers to use the Audit Log as a session cache of recent activity by searching via the php session id. |
|