root/trunk/wifidog-auth/ChangeLog @ 560

2005-04-21 François Proulx <francois.proulx@gmail.com>
        * Added explicit admin UI exceptions support for Flickr
        * Completed File and Picture objects
        
2005-04-20 François Proulx <francois.proulx@gmail.com>
        * Completed Flickr support ( explicit exceptions catching )
        * Most of File object is done
        * Fixed bug in generic_object_admin.php
        * changed stylesheet class tags for Flickr
        
2005-04-18 François Proulx <francois.proulx@gmail.com>
        * Added Flickr content support
        * Part of File object is done
        
2005-04-19 Benoit Grégoire  <bock@step.polymtl.ca>
        * Working (beta...) content manager and portal.
        * Add content preview mode
        
2005-04-18 Benoit Grégoire  <bock@step.polymtl.ca>
        * Hotspot and network content association, continue access control work.
        * hotspot_owner.php: Fix wrong assignement of user_id that prevented the script from working.
        * All files:  Remove whitespace and carriage return after the ?> closing tags.
        
2005-04-18 Benoit Grégoire  <bock@step.polymtl.ca>
        * Much more complete admin, initial access control work.

2005-04-15 Benoit Grégoire  <bock@step.polymtl.ca>
        * Support more of the content object model, do a half-decent CSS for the admin interface.

2005-04-14 Benoit Grégoire  <bock@step.polymtl.ca>
        * Content.php:  Use full langstring interface by default;

2005-04-14 Benoit Grégoire  <bock@step.polymtl.ca>
        * Content.php:  Fix db reference;

2005-04-14 Benoit Grégoire  <bock@step.polymtl.ca>
        * Fix Content object enumeration preventing usage of admin interface
        * Partial fix for RSS feed encoding (multiple feed aggregation still broken);

2005-04-14 Benoit Grégoire  <bock@step.polymtl.ca>
        * First part of the future content delivery infrastructure.  Many files added.

2005-04-01 François Proulx  <francois.proulx@gmail.com>
        * Modified gen.sh script to match UTF-8
        * Added PAP RADIUS encryption support ( asked by Paris Sans Fil )
        
2005-04-01 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/templates/auth_sources_selection.html:  Add missing file from francois's commit.

2005-04-01 Philippe April <philippe@ilesansfil.org>
        * Fixed missing parenthesis in classes/User.php
        * Removed unused files
        * fixed schema_validate.php (typos)

2005-04-01 Francois Proulx  <francois.proulx@gmail.com>
        * EVERYTHING IS NOW UTF-8 YOU MUST EDIT YOUR FILES WITH AN UTF-8 COMPLIANT EDITOR
        * The database will be converted to UTF-8 (version 5)
        * Added select boxes ( or hidden ) html form elements to choose the network for signup, lost password, username
        
2005-04-01 Benoit Grégoire  <bock@step.polymtl.ca>
        * Add constraints to account_origin to detect errors on inserts.
        * Remove IDRC test server

2005-04-01 Philippe April <philippe@ilesansfil.org>
        * User.php: Add reference to $db global variable.
        * Tagged v0_1_0_alpha1
        * Removed spaces in AuthenticatorLocalUser.php
        
2005-03-31 Benoit Grégoire  <bock@step.polymtl.ca>
        * Remove spaces after php blocks in various files.
        * Temporarily fix single authentication source not present bug in login smarty template.  All other places where we select the network will be fixed tommorow.
        * Fix initial schema errors.
        
2005-03-31 Benoit Grégoire  <bock@step.polymtl.ca>
        * More RADIUS install documentation.
        * Fix schema_validate.php
        
2005-03-31 Francois Proulx  <francois.proulx@gmail.com>
        * Moved language definition 
        * Moved e-mail subjects to User class ( each e-mail functions )
        
2005-03-31 Francois Proulx  <francois.proulx@gmail.com>
        * Added missing schema_validate.php modifs.

2005-03-31 Francois Proulx  <francois.proulx@gmail.com>
        * Added PEAR install procedure
        
2005-03-30 François Proulx  <francois.proulx@gmail.com>
        * Finished RADIUS authentication and accounting
        * Accounting Unique session ID is now based on the same token we use
        * Fixed all issues with lost_username, lost_password etc...
        * User class has new static function getUsersByEmail and getUsersByUsername
        * Added translations for new features
        * Translated the validation, lost password, username e-mails
        * Tested quite a bit, this version is considered stable
        * A few examples on how set different RADIUS or local authenticators can be found in the config.php
        
2005-03-29 François Proulx  <francois.proulx@gmail.com>
        * schema_validate.php : Modified schema : dropped e-mail + account unique index, dropped email not empty constraint
        * Schema is now at version 3
        * Coded RADIUS authentication
        * Modified templates to show a select box when more than one server is configured
        * Coded RADIUS accounting and backward compatibility accounting
        * Modified many statistics SQL queries to match new Users table
        * modified statistics templates to match user_id and account_origin
        * TODO : Fix lost_username and lost_password ( issue since we dropped the unique constraint on emails... )
        * TODO : Heavy testing possibly with remote RADIUS servers
        
2005-03-28 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql:  Put initial data in a transaction, and specify the wifidog user so you do not have to su to it while using sync_sql_for_svs
        
2005-03-28 Benoit Grégoire  <bock@step.polymtl.ca>
        * common.php:  Add get_guid() function
        * validate_schema.php: New auto-upgrade script to allow autaumatic schema upgrade.  Note that you must still update dump_initial_data_postgres.sh and use sync_sql_for_cvs.sh so new users aren't left in the cold.
        * New class Authenticator (and subclasses):  Begin virtualizing the login process.
         
2005-03-24 Benoit Grégoire  <bock@step.polymtl.ca>
        * Statistics.php: Fix getMostGreedyUsers returning bad values when incoming and outgoing for all connections from a user have null values. 
        * wifidog/local_content/default/portal.html: Fix layout so it resizes properly.  This in an interim measure.
        * Update schema.  This will allow automatic schema updates in the future.  TO update a live server:
                BEGIN;
                CREATE TABLE schema_info (
                    tag text PRIMARY KEY,
                    value text
                );
                INSERT INTO schema_info (tag, value) VALUES ('schema_version', '1');
                COMMIT;
        
2005-03-16 Matthew Asham <matthewa@bcwireless.net>
 * config.php: will use "local.config.php" instead, if present.  avoid cvs over-writing.
 * signup.php: if CUSTOM_SIGNUP_URL is defined, signup.php will re-direct.  For integration with existing auth systems
 * hotspot_status.php: ob_clean may complain about buffering.  muted.
 * ./classes/RssPressReview.inc: if rss_source['url'] is blank, ignore the feed.
 
2005-02-22 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/dump_initial_data_postgres.sh, wifidog-postgres-initial-data.sql, wifidog-postgres-schema.sql:-Widen the connections size to fix int4 wraparound problems.  To update a running server, execute the following sql sniplet: 
BEGIN;
ALTER TABLE connections RENAME incoming TO incoming_old;
ALTER TABLE connections ADD COLUMN incoming int8;
ALTER TABLE connections RENAME outgoing TO outgoing_old;
ALTER TABLE connections ADD COLUMN outgoing int8;
UPDATE connections set incoming=incoming_old, outgoing=outgoing_old;
ALTER TABLE connections DROP COLUMN incoming_old;
ALTER TABLE connections DROP COLUMN outgoing_old;
COMMIT;
        * wifidog/admin/hotspot.php: Missing file from phil's commit.
        * wifidog/locale/fr/LC_MESSAGES/messages.mo, messages.po:  New translation by Benoit St-André

2005-02-14 Philippe April <philippe@ilesansfil.org>
        * gw_message.php: the "activate" message was not properly defined and
        would cause an error to show up instead of the nice activate your account
        message

2005-02-14 Philippe April <philippe@ilesansfil.org>
        * wifidog/locale/gen.s: Was not working as expected, it will now get the
        gettext from smarty properly.
        * Updated TODO with ideas on making config better

2005-01-31 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/templates/hotspot_status.html:  Restore the number of nodes
        * wifidog/hotspot_status.php: Restore the number of nodes, add formatting and more information to the RSS feed.

2005-01-26 Philippe April <isf_lists@philippeapril.com>
        * Some kind of virtual login (we need to talk about this).
        * New User and Node classes
        * Modified all files to work with the classes.
        * Remove mgmt_helpers (all done in User class now)

2005-01-25 Benoit Grégoire  <bock@step.polymtl.ca>
        * classes/Node.php:  New file, untested code example
        * wifidog/admin/admin_common.php: Remove double-defined BASEPATH
        
2005-01-25 Philippe April <isf_lists@philippeapril.com>
        * Changed initial postgres inserts sql file, it wasn't working properly

2005-01-25 Pascal Leclerc  <pascal@plec.ca>
        * Added admin and owner administration pages

2005-01-23 Philippe April <isf_lists@philippeapril.com>
        * Added gateway error messages (validation period, etc.)

2005-01-20 Philippe April <isf_lists@philippeapril.com>
        * Modularized the admin interface, added functions

2005-01-18 Philippe April <isf_lists@philippeapril.com>
        * Smarty'ized more, I think it's done now

2005-01-12 Philippe April <isf_lists@philippeapril.com>
        * i18n and smarty'ized parts

2005-01-11 Benoit Grégoire  <bock@step.polymtl.ca>
        * INSTALL: Mandate PHP5
        * wifidog/hotspot_status.php: Allow export of the list as a RSS feed
        * wifidog/classes/RssPressReview.inc:  Make it truly functionnal.
        * wifidog/portal/index.php:  Support multiple RSS feeds.  The system will automatically pick the best 5 entries from all the feeds.  It will compensate for disparate publication intervals.  An entry from a feed that does not publish often will live longer than an entry from a feed that publishes very often.  If a feed doesn't have any entry that makes the cut, it will not appear at all.
        * wifidog/templates/hotspot_status.html:  Add link to the RSS version.

2005-01-11 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/config.php:  Add list of hotspot to network rss feed list (not yet functionnal)
        * wifidog/hotspot_status.php:  Allow RSS export of the list of deployed HotSpots.
        * wifidog/admin/incoming_outgoing_swap.php:  Script to swap incoming and outgoing in your data.  only use this if you had gateways before 1.0.2 and wish to correct your logs before you upgrade.
        * wifidog/classes/RssPressReview.inc:  Missing file from previous commit.
        * wifidog/portal/index.php: Preliminary work to enable smart press review of multiple RSS feeds.

2005-01-10 Benoit Grégoire  <bock@step.polymtl.ca>
        * include/common.php: Fix SSL security warnings.  If SSL is enabled and the page was actually served over SSL, all media in the file will be served over SSL. Add a new define (BASE_NON_SSL_PATH) to allow us to make links that break out of SSL mode.  From now on, use the self adapting BASE_URL_PATH in most circumstance, BASE_SSL_PATH to enter SSL mode, and BASE_URL_PATH to break out of it.

2005-01-10 Benoit Grégoire  <bock@step.polymtl.ca>
        * admin/user_stats.php: Add three top tens to the statistics:  Top ten apetite for bandwidth, top ten travelers, most addicted users.

2005-01-04 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/local_content/default/hotspot_logo_banner.jpg: Make it much thinner.
        * wifidog/local_content/default/login.html: Remove announcements
        * wifidog/include/user_management_menu.php: Fix mailto:
        * wifidog/auth/index.php: Fix auth server part of the no data transmited statistics bug.
        * wifidog/admin/index.php: Add link to statistics
        * wifidog/admin/user_stats.php: Activate security.
        * wifidog/index.php: Make the distinction between the two hotspot status pages clearer.

2004-12-08 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/index.php: Add menu
        * wifidog/include/user_management_menu.php: Editorial change, make translateable
        * wifidog/portal/index.php:  Fix RSS feeds

2004-12-03 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/admin/user_stats.php,  wifidog/classes/Statistics.php:  Embryonic aggregate user stats.  Currently allows you to find out the rate at which your users subscribe.
        * wifidog/config.php, wifidog/local_content/default/login.html, wifidog/include/user_management_menu.php:  Add hotspot status page to login page.
        * wifidog/hotspot_status.php: Cosmetic
        * wifidog/admin/hotspot_log.php: Stats now need admin privileges
        * wifidog/index.php: Cosmetic.

2004-11-19 Benoit Grégoire  <bock@step.polymtl.ca>
        * TODO: Add email domains to blacklist
        * wifidog/config.php, wifidog/include/user_management_menu.php: Add tech support email address
        * wifidog/hotspot_status.php: List of HotSpots that are open with summary of information.  Designed to be included as part of another page.
        * wifidog/local_content/common/wifidog_logo_banner.gif: Add wifidog logo
        * wifidog/local_content/default/hotspot_logo_banner.jpg: Shrink the logo and write unknown hotspot, however this is still really ugly
        * wifidog/local_content/default/login.html, portal.html, stylesheet.css: Cosmetic fixes
        * wifidog/local_content/default/login.html.fr, portal.html.fr: Delete the files, this isn't the approach we will use for translation.
        * sql/wifidog-postgres-initial-data.sql, wifidog-postgres-schema.sql: Update with new node information structures.

2004-11-04 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/admin/hotspot_log.php: Add number of currently connected users here as well.

2004-11-03 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/ping/index.php: Log user-agent
        * extensive statistics work
        * sql/wifidog-postgres-schema.sql: Add description field for hotspots and log user-agent

2004-10-28 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/wifidog-postgres-schema.sql:  Add constraints to avoid empty string in email or user_id.
        * Some statistics fixes

2004-09-29 Alexandre Carmel-Veilleux <acv@acv.ca>
        * wifidog/admin/index.php: Integrated the changes contributed
        on the mailing list by Rikhardur EGILSSON (fname.lname@oecd.org),
        mainly a missing ' in some HTML.

2004-09-28 Yanik Crépeau <yanik@exScriptis.com>
        * wifidog/include/common.php: Added commented header with cvs
        keywords.
        * wifidog/include/common.php: Added commented code (not executing) for
        further testing with language/localization issues. 

2004-09-27 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/wifidog-postgres-schema.sql:  Remove non SQL standard "COMMENT ON" comments

2004-09-27 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/wifidog-postgres-schema.sql:  Drop procedural language stuff

2004-09-27 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/wifidog-postgres-schema.sql:  Fix layout for the node_owners table
        * Begin integrating Patrick Tanguay's new layout and generate the css dynamically to allow for background images.

2004-09-22 Benoit Grégoire  <bock@step.polymtl.ca>
        * portal/index.php:  Fix users appearing online at every hotspot.
        * wifidog/classes/Style.php, wifidog/login/index.php:  Fix some potential cache problems and help with validation.
        
2004-09-18 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/config.php:  Add VALIDATION_GRACE_TIME configuration parameter.
        * wifidog/auth/index.php:  Move grace time date arithmetics to the database, fixes validation period not working.  Stop storing VALIDATION_FAILES status to the database.  Add check for validation period expiration at stage login, not just stage counters, this will fix one minute validation period. 
        * wifidog/login/index.php:  Check validation period activation, and if period is expired, explain to the user instead of redirecting to the gateway.
        * wifidog/user_management/index.php:  Fix SQL error at new user registration.  
        
2004-09-02 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/node_list.php: Complete the status page
        * Add images
        * Add hotspot creation date
        
2004-08-31 Benoit Grégoire  <bock@step.polymtl.ca>
        * sql/: Update the postgres schemas and add scripts to ease maintaining it.
        * sql/sync_sql_for_cvs.sh: Should you modify the schema in your db, run this script to the chances will be available in the cvs schemas and initial data.
        * sql/dump_initial_data_postgres.sh: This does the actual dump of the data in a runnable form.  Note that this needs to be edited manually if you add a new table requiring initial data.
        * INSTALL:  Update for postgres.  Somebody please test this.

2004-08-31 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/ping/index.php: Implement logging of which hotspot sent the heartbeat, from which ip and when.
        * wifidog/node_list.php:  Primitive but functionnal hotspot status page.
        * wifidog/include/user_management_menu.php:  Change menu labels
        * wifidog/local_content/default/login.html: Improve layout.  Someone needs to make this stylesheet correct, I took shortcuts...
        * wifidog/local_content/default/stylesheet.css:  Reduce H1 font size.
        * wifidog/user_management/index.php:  Display the menu, will eventually allow us to present proper help text.

2004-08-30 Benoit Grégoire  <bock@step.polymtl.ca>
        * Add link to original requested site.
        * wifidog/node_list.php:  New file.  Will become the main node status page.

2004-08-28 Benoit Grégoire  <bock@step.polymtl.ca>
        * Primitive network status available form the index page
        * Administrative security is implemented.

2004-08-28 Benoit Grégoire  <bock@step.polymtl.ca>
        * Fix big gaping security hole in login page (password would be ignored if the username was used to login)
        * PostgreSql port
        * Change the method to determine who is online
        * Stop keeping unused token once user successfully logs in.
        * Fix missing update of token update date.
        * Counters wouldn't get updated for stage=LOGOUT
        * wifidog/auth/index.php:  Added a Messages: response in addition to Auth: so we can know what the hell the server is up to.  Currently you need to run wifidog in debug level 7 to see it. That message should be parsed so it is visible in debug level 6.
        * wifidog/auth/index.php:   Fix code injection vulnerability.
        
2004-08-27 Benoit Grégoire  <bock@step.polymtl.ca>
        * SSL support and RSS improvement
        * Last commit tested with mysql support
        
2004-08-24 Pascal Leclerc  <pascal@plec.ca>
        * wifidog/admin/user_log.php: Add total to incoming and outgoing
        * Replace all SERVER_NAME by HTTP_HOST to fix non-standard server ports

2004-08-11 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog/config.php: Add USER_MANAGEMENT_PAGE
        * wifidog/include/user_management_menu.php:  Code meant to deal with non-standard ports broke the menu.  Hopefully fixed.
        * Add alex's mising changelog entry...
        
2004-08-11 Alexandre Carmel-Veilleux <acv@acv.ca>
        * wifidog/ping/index.php: will now reply if the wifidog auth server is up. to be used by wifidog to do heartbeats.

2004-08-07 Benoit Grégoire  <bock@step.polymtl.ca>
        * Add code to import a NoCat user database (passwd).  The username will be generated from the first part of the email if the name was en email.
        * Change password hashing algorithm to make it compatible with NoCat (For the curious among you, the hashing algorithm is now:  take the md5 digest in binary format of the password, and base64 encode it.
        * Table schema changed to accomodate newhash length (users.pass is now varchar(32))
        * The user is now allowed to login with either his username or his email.
        
2004-08-03 Pascal Leclerc  <pascal@plec.ca>
        * wifidog/classes/SmartyWifidog.php: Fix path validation bug, replace NODE_CONTENT_URL with NODE_CONTENT_PHP_RELATIVE_PATH
        * wifidog/classes/AbstractDb.php: Add class=warning for better display
        * wifidog/config.php: Add SYSTEM_PATH and test/fix non-standard server ports

2004-08-03 Benoit Grégoire  <bock@step.polymtl.ca>
        * Make gettext support optionnal, and define GETTEXT_AVAILABLE, will be set to true if gettext is available.  If false, blank _() and gettext() functions will be defined so the system still works.

2004-08-03 Benoit Grégoire  <bock@step.polymtl.ca>
        * Fix BASE_URL_PATH to properly detect non-standard server ports (hopefully).

2004-08-02 Benoit Grégoire  <bock@step.polymtl.ca>
        * wifidog-auth lives! New since the dark ages
        * Demo page to allow people to hack more easely on it
        * Support for multiple nodes.  TODO:  Merge with the database project.
        * Very cool local content architecture.  Every hotspot can have a folder in the local_content directory.  This folder can be filed by a single logo, leaving all the rest to the default content, or be completely custom (stylesheet, login page, portal page, header, etc.)
        * Everything in local content is templated with smarty, no problem with web designer wrecking havoc on the auth server.  You can edit everything in local_content/default even if you only speak html.
        * No need to set any path in the web server config files (that one was a bitch to implement)
        * RSS feed support (optionnal, with magpierss), one feed per node (url stored in the database, works great, but no gui to edit it yet) and one network-wide RSS feed.
        * All path are editable from the config file
        * "Productize" the thing, so it make sense for other groups to install it (the network name, url, default RSS, and such are set from the config file.
        * Put most strings in gettext calls for easy future translation.
        * User can request that the server send the validation email again
        * User can change password
        * User who forgot his username can have it mailed to him.
        * User who lost his password can ask the system to generate a new one and mail it to him.
        * Email is now a separate field to preserve user privacy.
        * Enforces (politely) that there are no duplicate emails in the database
        * Database abstraction layer with very nice debugging features (just append true at the end of the call, and you'll see the query, the results, the query plan and number of affected rows.  Also allow future upgrade to postgres.
        * Lots of other things I forgot.
        
        * User who forgot his username can have it mailed to him.
        * User who lost his password can ask the system to generate a new one and mail it to him.
        * Email is now a separate field to preserve user privacy.
        * Enforces (politely) that there are no duplicate emails in the database
        * Database abstraction layer with very nice debugging features (just append true at the end of the call, and you'll see the query, the results, the query plan and number of affected rows.  Also allow future upgrade to postgres.
        * Lots of other things I forgot.