Highlights
This new LuxCal version 5.2.0 includes interesting new features, improved technical issues and bug-fixes.
Most important new features / improvements:
• Two authentication bypass vulnerabilities, which could be exploited by a software expert to acquire admin access to the calendar have been remedied.
• In the event window a "No Time" checkbox has been added, which can be checked for events for which the time is unimportant.
As usual, this new release has been tested with the help of John from Denmark. Thank you John!
Hereafter you will find a full summary of all changes since LuxCal version 5.1.1.
New features/Improvements
• In the event window a "No Time" checkbox has been added just below the "All Day" checkbox. When No Time is checked, the start and end time fields will be hidden and in the various calendar views neither the time of the event, nor the text "All day", will be shown.
• Two authentication bypass vulnerabilities, in the calendar and in the displays, which could be exploited by a computer software expert to acquire admin access to the calendar have been remedied.
• A new setting has been added in the Views section of the Settings page, which can be used to enable/disable the display of the current date on the top bar of the calendar views. For narrow screen devices, because of lack of space, the current date has been removed from the top bar.
• For the Side Panel a new check box "Today" has been added in the Views section of the Settings page. When this check box is checked, the Side Panel will always use the date of today and when unchecked, the Side Panel will follow the date currently selected in the main calendar.
• In the configuration section of the Upcoming Events and Birthday Calendar PDF print scripts, when the calendar ID setting is left blank (""), the current calendar will be taken (rather then the default calendar, as in the past).
• Date picker and time picker look enhanced and a few minor HTML flaws fixed.
Technical issues
• When a cron job is running daily and no cron services are active (no email, no SMS, no reports) the cron job summary will show a message "No reminders or periodic services active".
• When the cron job processing fails due to the security checks, the log message now shows which of the security checks failed, i.e. local cron started from a remote server or remote cron IP-address mismatch.
• scrollY function renamed into scrollV (vertical). scrollY is a reserved JavaScript word.
• When producing PDF prints and on the Settings page a logo path has been specified, the software now checks if the logo file is available on the specified path.
• A minor error in the calculation of the "to" date has been corrected. At the same time the "from" and "to" date calculation functions have been combined in one calcFTDate function.
• The height of the date input fields used to select the date bracket for PDF prints has been made proportional to the selected font size.
• During a calendar upgrade, the old 'sml' format of email links in the text1, text2 and text3 fields of the events table is now converted to the new format.
• The regex used to parse the text for the birthday calendar has been simplified. It is now possible to use round brackets in the birthday text between the #-characters.
• In past calendar versions, the text "[cd]" was replaced by the current event date because at that time this date was used by the email links. This is not done anymore and therefore the PHP code for these replacements has been removed.
• Further PHP 8 compatibility improvements (mktime function).
• The lctools.php script has been removed from the calendar's installation package. Creating multiple calendars can be done easily via the installxxx.php script.
Bug fixes
• In the event report, which is opened when an event is clicked, events for which a sub-category has been selected are not shown in the sub-category color.
• When adding an event in an event category for which "No overlap allowed" has be set to "same category", an SQL error occurred. (This problem was introduced when adding the event type).
• Because of a stray variable ($eStyle), when an event with a URL in one of its description fields was shown in the side bar, a PHP Notice was produced.
• In the PDF Birthday Calendar portrait/landscape window, the labels of the radio buttons could not be clicked. Solved.
• The function to make the event repeat text produced "Rolling" when Repeat every xth weekday of month y was selected. (Missing break; in the switch statement).
• The problem with the left margin on landscape and portrait PDF prints, when a page break falls in the middle of the event body, is solved.
• The validation of GET variables has moved to after getting the settings, because if a GET variable is not valid, an alert message is shown, which uses some settings. For the same reason, the loading of the winXP variable is moved to before validating the GET variables.
