| Server IP : 101.53.144.229 / Your IP : 216.73.216.104 Web Server : Apache System : Linux host.gdigitalindia.in 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : digitalshiksha ( 1179) PHP Version : 5.6.40 Disable Function : eval,show_source,system,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,show_source,curl_multi_exechellcmd, ini_restore,apache_get_modules,get_cfg_var,passthru, exec ,proc_get_status,fpassthru,c999_buff_prepare,c999_sess_put,c99_buff_prepare,c99_sess_put,proc_close,ini_alter,dl,symlink,link,proc_close,ini_alter,dl,symlink,link,mail MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/softaculous/cftp/ |
Upload File : |
r2002
What's Changed in r2002
Security
Path Traversal Fix in Import Orphans: Sanitized filenames with basename() before constructing file paths in the import and delete actions, preventing directory traversal attacks via crafted POST values (#994)
Bug Fixes
Dashboard Storage Usage Calculation: Fixed the file size migration that caused PHP memory/time limits on large installations, leaving most size values at 0. Added a "Recalculate Storage" button for admins (#1533)
Gulp 5 Corrupting Font Files: Fixed binary font files being corrupted during build due to Gulp 5's default UTF-8 encoding (#1531)
HTML Output of File Descriptions: Fixed CKEditor file descriptions showing raw HTML tags instead of rendered content across all templates (#1528)
PHP 8.2 Deprecation Warnings: Fixed "Creation of dynamic property" warnings in CustomAsset class
Bullets Alignment: Fixed list bullets alignment in public download descriptions
Improvements
Timezone Select Refactor: Rewrote timezone selector to use the standard form system with proper optgroup support
Maintenance
Translation Strings Updates5
What's New in ProjectSend r1945
🔐 Security & Enterprise Features
Server-Side File Encryption: AES-256-GCM authenticated encryption for files at rest with support for cloud storage
Advanced Permissions System: Complete overhaul with granular controls and custom role creation
Enhanced LDAP/Active Directory: Improved enterprise authentication with dynamic role management and smart fallbacks
Security Fixes:
XSS vulnerability fixes in file editor and custom download aliases (reported by Raducu Alexandru-ionut)
Server software info escaping
Secure random string generation (found by hassan al-khafaji)
Prevention of unauthorized file previews
📁 File Management
Download Limits: Set per-user or total download caps with automatic enforcement and abuse prevention
Disk Quota Management: Per-account storage limits with real-time usage tracking
Redesigned File Editor: Modern tabbed interface with bulk operations and mobile optimization
External Storage Integration: AWS S3 support with flexible upload destinations and file import capabilities
Batch File Encryption Tool: Encrypt multiple files at once
Enhanced Folder System: Improved folder visibility for clients with better permission handling
(contributions by Matani-Git)
🎨 Customization & UI
9 New Themes: Expanded from 3 to 9 professional themes including Modern, Retro90s, Dark Cards, Business, and Google-like templates
Email Templates & Themes: Visual editor with CKEditor integration, multiple professional designs and dynamic variables
Custom Fields System: Add custom fields for users and clients with drag-and-drop ordering and multiple field types
Enhanced User Interface:
Unsaved changes warnings
Data preservation on validation failures
Light/dark mode toggle for admin pages
Improved form validation and required field indicators
Cards view for manage files with details sidebar
⚙️ System Improvements
System Auto Update: Automatic updates with zero downtime and configurable channels (stable/beta)
Regenerate Thumbnails: Advanced thumbnail regeneration tool with filtering, custom dimensions, and date range support
Multiple CAPTCHA Methods: Choose from reCAPTCHA v2, v3, or Cloudflare Turnstile
Remember Me Option: Persistent login sessions with configurable duration
Favicon Customization: Upload custom favicon files
Dashboard Widgets: New download analytics and storage analytics widgets with drag-drop positioning
Roles Manager: Complete role and permission management interface with custom role creation
🐛 Bug Fixes & Improvements
Fixed session expiring with "Remember me" checked
Fixed missing "Manage files" link with correct permissions
Fixed SMTP authentication (by dawnstrider)
Fixed username validation to allow underscores (by xia-stan)
Fixed folder display issues for clients (by Matani-Git)
Fixed 500 error when users upload files (by Matani-Git)
Fixed actions log sorting (by rainyday4me)
Fixed custom downloads table missing ID
Fixed video preview functionality (by Nimon77)
Fixed double X in close modal button (by rob4226)
Fixed uploads folder .htaccess (by log4en)
Fixed bad redirects (found by MGPhil)
Fixed cronjob example (by ehawman)
Registration bug fix (by bmartin13)
Fixed deprecated dynamic property warnings (by raduhazsda)
Fixed plupload styling for dark mode
Preserve form data on errors
Light mode set as default
Added missing CSRF protections
Fixed toggle styling
🔧 Technical Improvements
PHPStan implementation with baseline (Co-authored by Claude)
Updated dependencies: axios, @babel/traverse, follow-redirects
GitHub Actions for security scanning and build status
Composer validation fixes
Support for environment variables in SMTP configuration (by redondi88)
CodeMirror loaded from local lib (node_modules can be excluded)
Auto-calculation of version numbers for releases
Improved chunk size configuration (fixes #1203)