- it now also encrypts the egw object and egw_info array, stored in the session
- it no longer encrypts every egw_session::appsession() call, but the
whole array at once when the egw_session object gets destroyed
- mcrypt algo and mode are currently hardcoded to tripledes and ecb, as
we dont have the database connection, when they are needed. You can
add it as egw_info[server][mcrypt_{algo|mode}] in the header.inc.php
- fixed a bug, which let the session grow around 400k(!) each request
- if mcrypt or the selected algo/mode is not availible the session
encryption is switched off automatic, but an error is logged
- new feature allowing apps to specify with index-page and icon to use
--> allows to install sitemgr-link icon without an extra application
(which was a symlink and got lost in every version upgrade)
- DONT UPDATE ON A PROCUDTION SYSTEM (for the next few days)!
- eGW support from now on only php session handling
- custom session handlers (like the memcache one) can now be
implemented as classes and dont need to change any other code
- the class get's autoloaded and the name need to be configured
eg. in the header.inc.php as $egw_info[server][session_handler]
- session restore is now enabled by default (it's way faster and
works well with php5.1+)
- a db-bases session handler follows soon
NTLM SSO removes Windows users on a PC, which is a member of a Windows
domain and who are logged into that domain, from the need to explicitly log
into eGW. They simply point IE to the eGW URL (eg. http://domain.com/egroupware/)
and start working. They can of cause explicitly log out and log in as an
other user.
For more information look at the README at
http://www.egroupware.org/viewvc/trunk/phpgwapi/ntml/README
2. different authentication for SyncML and/or GroupDAV
You can now use eg. an external auth provider for the login via the
WebGUI (eg. ADS) and the passwords stored in SQL for SyncML.
- virtual baseclass egw_framework in the API which each template extends
- replaces $api/footer.inc.php, $tpl/head.inc.php & $tpl/navbar.inc.php
- all existing phplib template sets just inherit the idots_framework, but can have own templates
- moved most html from navbar.inc.php into the navbar.tpl
--> idots & jerryr are reworked and working, all other template sets are disabled at the moment
--> The rework was done to add a selectbox to add all sorts of entries without the need to change to the app first. This is now implemented in the egw_framework class using the link-registry.
1) phpgw_lang(uages) --> egw_lang(uages)
2) mysql 4.0+
- charset gets now set for the connect
- charset gets used for new tables
- some columns shortend to deal with 1000byte (= 333 utf-8 chars) limit for indexes
- update to 1.0.1.019 fixes the charset of existing tables
- phpgw_accounts --> egw_accounts
- phpgw_acl --> egw_acl
- phpgw_log(_msg) --> egw_log(_msg)
- phpgw_config --> egw_config
- phpgw_applications --> egw_applications
This requires code-changes in many apps. Quite often I was able to replace the db access, with calls to the appropreate classes.
At the moment you need to log out to activate any changes in the config, preferences or the apps enabled for a user. This can be changed easily by invalidating the cache.
2) New way to create an anoymous session: you can specify a callback function, which gets called if the session could not be verified. The callback can use the DB or instanciate a config object to get the account-date, which it returns. A new session get then created.
1) $GLOBALS['phpgw_info'] to $GLOBALS['egw_info'],
2) $GLOBALS['phpgw'] to $GLOBALS['egw'],
3) PHPGW_ to EGW_ constants
The phpgw ones ars now a reference to the new egw ones, to allow a soft migration