IT IS BEST TO HAVE OpenSSL PHP MODULE INSTALLED BEFORE UPDATING! IF THE UPDATE HANGS RIGHT AFTER THE FIRST STEP, SEND AN EMAIL TO SUPPORT FOR A QUICKFIX!
[FIXED] Updated a lot of the code for PHP 7.1 & 7.2 changes
Everything should be good to go.
If you notice something not working, please send a support email and revert back to PHP 7.0, but I haven't noticed anything wrong for a week of solid use.
[ADDED] Basic Minimum Server Test on Initial Page Load
The system will check the php version and for the modules: mysqli, mbstring, curl, zip, mcrypt/openssl (depending on php version and if the encryption key is present.)
More often than not, when someone says "the site is broken but it used to work" is due to an overlooked server configuration change. Maybe the php version was updated, but a required module for minimum operation wasn't installed or loaded. This simple test will either pass or fail.
A failed test will show the error(s) and how to fix. It will also NOT show the login box or any other site content until the errors are fixed and you refresh the page.
Note, this does not check for modules ftp, gd, xml as they are not required for basic operation. You can always check ther Server Test page in Site Settings to see about other missing modules needed for other operations.
[FIXED] Invoice Summary Height
If no invoices are available for the current period, there won't be a blank empty section under the navigation bar.
[FIXED] Changed input type to text for login form on username/email.
[FIXED] All themes to change the border of the uploader information box from default blue to whatever primary color of the theme is set.
[FIXED] Remove yellow highlight on file rows after downloading zip files.
By default, pnotify would call back to http://sciactive.com/pnotify/includes/desktop/ for the icon. Icons are now hosted in your installation's asset folder and the .js file was updated to request it from your site.
[FIXED] Payment Method in Emails will now show the name instead of the code such as:
eft = Bank Transfer
check = Check
[FIXED] New User Registation Validation
Fixed a small loophole where if someone was creating a new account, that the "Create Account" button would show if entering some fields out of normal order.
Now if any of the required fields has an error upon any field change, the button is not shown regardless of prior any field status.
Changed all encryption to use OpenSSL with AES-256 cipher.
Prior versions used the now depricated mcrypt. This update will decrypt all existing encrypted data and re-encrypt it with the new, stronger method as long as your PHP version is less than 7.2 and if you have the OpenSSL module installed. If not, it will still use mcrypt, but it is advised to install it and use the QuickFix page to convert!
The private encryption key is very unique to your particular server/installation.
In addition to the unique private key, each item that is encrypted has a unique IV (initialization vector) attached to it ensuring that each encrypted text is unique.
OpenSSL is not enabled by default, so you will need to turn it on either by CLI apt-get install php-x.x-openssl or if using a cpanel server, click the checkbox for it in php settings. Restart php (not necessary in cpanel servers.)
If PHP is 7.2 or higher, you will need to temporarily revert to a version less than 7.2 to enable conversion since mcrypt is not available in 7.2+.
You will be notified if the data was re-encrypted or not during the update process and a QuickFix page is available if you need to do it later.
You may at any time generate a new unique key and re-encrypt the data by visiting Site Controller > System QuickFix > Fix Encryption.
Note, it may take a several seconds if you have many users and/or invoice payments from PayPal and depending on the speed of your server.
[ENHANCED] Password Reset
Upon submitting, the reset button is disabled, the modal window closes faster and the "reset password" link on the login box is removed to hopefully make less people submit the form multiple times while being impatient on receiving their email.
[ENHANCED] Apple Mobile iOS downloading of files
Added another IP check to see if other accounts have used the same IP address and if so add a prompt. User A may have the work around enabled, but User B may not and if they access from the same IP (example: from the same building and the site is remote) then problems could occur especially if the users click on file links from emails.
IF no other account has accessed from the same IP AND the user has a work around enabled, then the file will automatically download if being clicked from an email just as it would from a desktop computer.
[ENHANCED] Fancybox background now uses CSS color.
On a true calibrated monitor, the png it used by default had a red tint to it. Now it is gray.
[ENHANCED] FTP Uploads
If you need to set a user's FTP server information to not use passive mode, simply enter "nopasv:" prior to the server address; example: "nopasv:server.domain.com" and that will turn off passive mode which is enabled by default.
Have a question? Need more information? Send us a message.
Please enter your name!
That email address does not appear to be valid!
Please enter a message.
Fill out the form without errors to show the send button.
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, place an order, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.
Web browser cookies
How we use collected information
DistriFile may collect and use Users personal information for the following purposes:
To run and operate our Site
We may need your information display content on the Site correctly.
To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
To personalize user experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
To improve our Site
We may use feedback you provide to improve our products and services.
To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
To send periodic emails
We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
Sharing your personal information
We do NOT sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
Your acceptance of these terms
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on January 17, 2017