+Ver 1.78:
+* Add a snmp_clearsession which can disconnect a user by using the Cisco AAA Session MIB
+* Add a configuration directive general_sessionclear_bin
+* Add a session disconnect button in the 'clear open sessions' page
+* Also clear sessions from the sql extra servers in the 'clear open sessions' page
+* In bin/snmpfinger also accept @,. in the username
+* If we are stripping realms, then if needed strip them from the data returned by snmpfinger in
+ user_finger.php3
+* Add a header with the page encoding before sending any page (header added in config.php3)
+ This closes Bug #153
+* Fix a problem when reading username.mappings
+* If date calculation fails, abort
+* Add a backup_radacct script
+* Add an sqlrelay functions file. The user_admin page does not currently work. Looking into it.
+* Add sqlrelay support in the scripts. Add a sqlrelay_query script to run sqlrelay commands
+* Update password_check to work with all password attributes and use the configuration directives
+* Add more documentation for per user counter limit attributes (daily/weekly/monthly limits)
+* Make all counter limits default to none so that people don't get confused
+* In clear_opensessions depending on sql type use either IS NULL or = 0 in the DELETE statement.
+ We need to find a cleaner solution to this. This closes bug#175
+* Log somewhat more verbose error messages when the sql_command binary is not found in the bin scripts
+* Make nasXX_finger_type actually work since the place where nas information was stored was changed a
+ long time ago. Bug noted by Nick Bright
+* In user_finger only set LD_LIBRARY_PATH once, not each time we call snmpfinger
+* Add support for usrhiper in snmpfinger. Patch from Nick Bright
+* urlencode() all occurrences of the $login variable when used in url's. Bug noted by Dag Landau
+* Show the correct nas type in nas_admin. Bug noted by Nick Bright
+* Correctly calculate the nas ip in lib/sql/nas_list.php3. Add a check_ip() function in lib/functions.php3
+ Bug noted by Nick Bright
+Ver 1.75:
+* A LOT of security related fixes. Now dialupadmin should hopefully be secure enough to
+ be accessed by normal users (not administrators).
+* Move a few elements in the CSS file from the body tag. Suggestion by Gary McKinney
+* Update FAQ about using php with no sql support.
+* Allow the user to select between viewing FAQ,HOWTO or README in the help page.
+* Use $_SERVER instead of $HTTP_SERVER_VARS
+* Add a drop down menu with existing groups in group_new.php3
+* Check for sql in show_groups.php3
+* In lib/sql/group_info.php3 if $login is not set, find available groups and place them in
+ $existing_groups along with a count of users per group. Use the functionality in group_new.php3
+ and show_groups.php3
+* Update TODO
+* Add the style sheet in the content.html
+* Enlarge the width for the left frame
+* Make show_groups and the drop down menu in group_new work
+* Use lower cased row names in badusers page
+* Wrong foreach in show_groups and group_new.
+* Fix operator escaping in lib/sql/change_attrs.php3
+* In user_state also take into account any open sessions when calculating daily/weekly usage.
+ Add two more lines in the output stating the number of current open sessions and the time used.
+* Move a few header() calls after including config.php3 so that we have access to the relevant
+ variables.
+* Make pagesize 'all' work again. Bug found by apellido jr., wilfredo p.
+* Make 'Add NAS' function in the nas admin page more easily accessible
+* Fix a small bug in user_admin.php3 found by Joerg Staedele
+* Fix a small typo in the userinfo mysql schema. Found by Evert Meulie
+* Fix bug #136, bugs found by Pawel Foremski
+* Small type in login_time_create, close bug #141
+* In config.php3 remove whitespaces from $login. Don't remove '-'
+* Add lib/sql/group_change.php3 to add and delete a user from groups
+* Add a new directive sql_show_all_groups. If set to true then in user edit page we show all available
+ groups with the ones the user is a member of highlighted. The administrator can then directly
+ change user group membership by changing membership in this group list.
+* On group creation, if member list is empty report that, not that the group was created.
+* In the show groups page, note that we only show groups with members
+* In lib/sql/group_info.php3 only unset variables if we need to. In lib/sql/defaults.php3 don't run for groups
+ only for users
+* Fix Bug #167
+Ver 1.72:
+* Move the xlat function to a separate file in lib/xlat.php3
+* Add a lib/sql/nas_list.php3 to also get the nas list from sql (naslist.conf still works)
+* add realms nasdb and nasadmin in username.mappings. nasadmin is used to signify if the
+ user is allowed to use the nas_admin page. nasdb is used to shorten the nas list to only
+ a few specific entries. That way administrator responsible for a few access servers will
+ only be able to administer those access servers and not see the rest of the nas list.
+* Add username searching in the find page as suggested by joram agten
+* Don't use nas_list in nas_admin
+* Add postgresql specific sql schema by apellido jr., wilfredo p. Move each sql schema to a
+ separate directory (mysql and postgresql)
+* Change is_int to is_numeric. This closes Bug #90
+* Escape special characters in the sql password. This closes bug #96
+* Do an xlat for general_accounting_attrs_file and general_user_edit_attrs_file. That way we can
+ have different mappings for each administrator.
+* Use require_once instead of require when including xlat.php3
+* Add debug statements in sql connect functions
+* Add a missing.php3 file with functions that may be missing from the PHP version used. Include it
+ if a function is missing. Currently only array_change_key_case() is included
+* Set general_restrict_nasadmin_access to no by default. It causes confusion.
+* Set the general_username_mappings_file variable
+* Fix a small error in lib/sql/find.php3. This closes bug #103
+* Add a small note in the FAQ about checking for sql/ldap driver availability in PHP if the user get's
+ a blank white page back.
+Ver 1.70:
+* Add the /bin postgresql compatibility patch from Guy Fraser
+* Add ldap_userdn as a configuration directive. If set we use that for
+ user DN's (variables supported) instead of performing and ldap search for
+ each user. That can be somewhat faster.
+* Add a check_user_passwd() and a get_user_dn() functions in lib/ldap/functions.php3
+* Add general_restrict_badusers_access directive. If set to yes we only allow each administrator
+ access to their own entries in the badusers table
+* Add a username.mappings table. We are able to map each administrator username to additional queries
+ on the accounting and user settings tables.
+* Add an sql_accounting_extra_query directive. If set this query is included in all
+ queries to the accounting tables.
+ Combined with admin username mappings we are able to easily restrict access on specific accounting data
+ to each administrator.
+* Escape bad characters in the $login variable
+* Add a da_sql_escape_string function. We use that for every element we pass to sql queries in order to
+ protect ourselves from sql injection.
+* Use the ldap_userdn directive where applicable in the functions.php3 file
+* Add an sql_xlat function
+* Add a nas administration page for sql based clients
+* Fix small bugs in accounting.php3 and user_stats.php3. Add nas_admin.php3 to the buttons page
+* Add da_sql_escape_string for all relevant variables in lib/sql files
+* Keep the nas list in a separate array $nas_list. Update various pages to use that one now.
+* Make nas_list actually work
+* Also allow for '-' to exist in a nas name in bin/log_badlogins
+
+Ver 1.68:
+* Huge PostgreSQL compatibility patch by Guy Fraser <guy@incentre.net>
+* Also support the Crypt-Password attribute in lib/sql/password_check.php3. Patch by Guy Fraser <guy@incentre.net>
+* Small fix in user_finger.php3
+* Add the ability to erase rows from the badusers table
+* In log_badlogins for multiple logins if it is a mppp attempt, log it
+* Add a message when adding a user in the badusers table
+* Close sql connections in add_badusers.php3
+* Add a patch from Neil McCalden to not put spaces in the -p argument to the mysql binary.
+* Fix a bug in conf/config.php3. Patch from Neil McCalden
+* In log_badlogins add a newline after every sql query so that the resulting file can be editable
+* Add a force directive in log_badlogins. If uncommented it will force inserts even if there are
+ sql errors. That can help in case there is one sql query which stops the whole failed logins
+ logging system from working
+* Sort the servers list in failed_logins,user_stats,stats
Ver 1.65:
* Add a captions.conf file with a few configurable captions for now
* Move the nas list to a separate file called naslist.conf
* Add a few help pages for the nomadix radius attributes by Ulrich Walcher
* Update the HOWTO with instructions about the ldap configuration directives and the scripts in the bin folder
* Update the AUTHORS file
+* Check for the binaries used (mysql/snmpwalk) in the scripts in the bin folder before using them
+* Update the HOWTO file
+* Use the general_domain variable from the admin.conf file in log_badlogins instead of a new one
+* Add a sql_command directive in admin.conf containing the path to the mysql binary. That can be used by the
+ scripts in the bin folder instead of setting a variable in each script
+* Add a general_nas_type and a per nas type directive and pass that to snmpfinger. Updated snmpfinger to also
+ support lucent equipment apart from cisco
+* Update the HOWTO file with a few comments on the general_nas_type directive
+* Use the User-Password attribute instead of Password in user_test.php3
Ver 1.63:
* Do an eval on the attribute description strings in the user_edit page. That will allow the login-time creation
page to work properly.
projects / freeradius.git / blobdiff