Version 3.17


IT IS BEST TO HAVE OpenSSL PHP MODULE INSTALLED BEFORE UPDATING!
IF THE UPDATE HANGS RIGHT AFTER THE FIRST STEP, SEND AN EMAIL TO SUPPORT FOR A QUICKFIX!

[FIXED] Updated a lot of the code for PHP 7.1 & 7.2 changes
  • Everything should be good to go.
  • If you notice something not working, please send a support email and revert back to PHP 7.0, but I haven't noticed anything wrong for a week of solid use.
[ADDED] Basic Minimum Server Test on Initial Page Load
  • The system will check the php version and for the modules: mysqli, mbstring, curl, zip, mcrypt/openssl (depending on php version and if the encryption key is present.)
  • More often than not, when someone says "the site is broken but it used to work" is due to an overlooked server configuration change. Maybe the php version was updated, but a required module for minimum operation wasn't installed or loaded. This simple test will either pass or fail.
  • A failed test will show the error(s) and how to fix. It will also NOT show the login box or any other site content until the errors are fixed and you refresh the page.
  • Note, this does not check for modules ftp, gd, xml as they are not required for basic operation. You can always check ther Server Test page in Site Settings to see about other missing modules needed for other operations.
[FIXED] Invoice Summary Height
  • If no invoices are available for the current period, there won't be a blank empty section under the navigation bar.
[FIXED] Changed input type to text for login form on username/email.

[FIXED] All themes to change the border of the uploader information box from default blue to whatever primary color of the theme is set.

[FIXED] Remove yellow highlight on file rows after downloading zip files.

[FIXED] Desktop notifications' icons won't break https
  • By default, pnotify would call back to http://sciactive.com/pnotify/includes/desktop/ for the icon. Icons are now hosted in your installation's asset folder and the .js file was updated to request it from your site.
[FIXED] Payment Method in Emails will now show the name instead of the code such as:
  • eft = Bank Transfer
  • check = Check
[FIXED] New User Registation Validation
  • Fixed a small loophole where if someone was creating a new account, that the "Create Account" button would show if entering some fields out of normal order.
  • Now if any of the required fields has an error upon any field change, the button is not shown regardless of prior any field status.
[ENHANCED] Encryption
  • Changed all encryption to use OpenSSL with AES-256 cipher.
  • Prior versions used the now depricated mcrypt. This update will decrypt all existing encrypted data and re-encrypt it with the new, stronger method as long as your PHP version is less than 7.2 and if you have the OpenSSL module installed. If not, it will still use mcrypt, but it is advised to install it and use the QuickFix page to convert!
  • The private encryption key is very unique to your particular server/installation.
  • In addition to the unique private key, each item that is encrypted has a unique IV (initialization vector) attached to it ensuring that each encrypted text is unique.
  • OpenSSL is not enabled by default, so you will need to turn it on either by CLI apt-get install php-x.x-openssl or if using a cpanel server, click the checkbox for it in php settings. Restart php (not necessary in cpanel servers.)
  • If PHP is 7.2 or higher, you will need to temporarily revert to a version less than 7.2 to enable conversion since mcrypt is not available in 7.2+.
  • You will be notified if the data was re-encrypted or not during the update process and a QuickFix page is available if you need to do it later.
  • You may at any time generate a new unique key and re-encrypt the data by visiting Site Controller > System QuickFix > Fix Encryption.
  • Note, it may take a several seconds if you have many users and/or invoice payments from PayPal and depending on the speed of your server.
[ENHANCED] Password Reset
  • Upon submitting, the reset button is disabled, the modal window closes faster and the "reset password" link on the login box is removed to hopefully make less people submit the form multiple times while being impatient on receiving their email.
[ENHANCED] Apple Mobile iOS downloading of files
  • Added another IP check to see if other accounts have used the same IP address and if so add a prompt. User A may have the work around enabled, but User B may not and if they access from the same IP (example: from the same building and the site is remote) then problems could occur especially if the users click on file links from emails.
  • IF no other account has accessed from the same IP AND the user has a work around enabled, then the file will automatically download if being clicked from an email just as it would from a desktop computer.
[ENHANCED] Fancybox background now uses CSS color.
  • On a true calibrated monitor, the png it used by default had a red tint to it. Now it is gray.
[ENHANCED] FTP Uploads
  • If you need to set a user's FTP server information to not use passive mode, simply enter "nopasv:" prior to the server address; example: "nopasv:server.domain.com" and that will turn off passive mode which is enabled by default.

Contact Us

Have a question? Need more information? Send us a message.

Fill out the form without errors to show the send button.