CHANGES
-------

The current stable version is available at
http://freshmeat.net/projects/webfilemgr/   or
http://www.horsburgh.com/h_filemanager.html

Pre-releases are available at
http://www.horsburgh.com/download/filemanager-VERSION.tar.gz

Version 0.972
-------------
1. This version is a roll-up of all the 0.971 pre-releases.

2. The find function now works for non-root, jailed users.

3. A new option (AllowJailOut) controls whether or not the
   directory string at the top of the files area allows a user
   to "click" outside (or above) their home directory.

4. The AllowRootUser parameter now works. Setting it to zero (0)
   will disable the 'root' user. To change it back, edit the
   /usr/local/fm/fm_preferences.pl file and change the
   AllowRootUser parameter back to one (1);
   First reported by: umuta at sabanciuniv.edu

5. Discovered and plugged a SECURITY HOLE that allowed users
   to view any file on the system accessible root. You can still
   enable the security hole, during setup, for personal use machines
   and retain more of the "QuickView" features.
   First reported by: ville.ahlgren at smarttrust.com
 
6. Fixed a bug that prevented non-root Jailed users from
   creating subdirectories.

7. Updated the security certificate to extend the termination date.

8. Added info about how to recreate the security certificate to the
   README file.

9. Fixed a directory creation bug that affected non-root users.
   First reported by: jimmc at irobot.com

10. Fixed a "group" permissions problem that prevented users
   from accessing group read/write/execute files.
   First reported by: tdavis at birddog.com

11. Fixed a bug in the "Command Line" box which prevented
   using the asterisk "*" wildcard.

12. Added support for 29 more OS types.

13. Updated miniserv.pl to version 0.92 in webmin


Version 0.97
--------------

1. New Feature: Added the ability to "Jail" users by limiting the 
   directory and the valid commands. Note that this severely limits
   the functionality of FileManager, but restricts the users more than
   the normal OS controls.

2. New Feature: Added ability to specify maximum file upload size
   during installation.

3. New Feature: Preferences are now saved across FileManager updates.

4. New Feature: Only files in the current directory can be edited.

5. New Feature: Setup.sh now checks for the Filesys::Df module and
   optionally loads it from CPAN. If it is not found, a warning message
   is printed.

6. Updated: Replaced the menu.js code with separate DOM, NS4, and
   IE4 javascript modules. These are based on the HierMenu routines.
   FileManager now supports NS4+ (including mozilla), IE4+ (non-Mac),
   IE5+, and any DOM compliant browsers.
   Currently that excludes Konqueror and Opera.

7. Updated: admin.pl to include a "browser-cache-buster."

8. Updated: prefs.pl and editor.pl to include a "browser-cache-buster."

9. Bug Fix: Fixed QuickDir anomalies when specifying relative directories.

10. Updated: The link target specification in List Mode changed from
    italics to red text preceeded with '->'.

11. Updated: Minor formatting changes to "root" statistics display.


Version 0.97p5 (aka 0.963):
---------------

1. Bug Fix: A logic error affecting system and MD5 encrypted passwords
   has been fixed. Hopefully the username/password problems have
   now been solved!

2. New: Added 11 additional file icons.


Version 0.97p4:
---------------

1. Added support for additional OS's.

2. Updated fm_miniserv (enhanced stability)

3. Updated system password support. Now uses either the FileManager
   handled password files, or the system files. Also now supports MD5
   encryption.

Version 0.97p3 (aka 0.962):
---------------------------

1. Bug Fix: Possible security hole associated with the effective UID
   on some operating systems has been fixed.

2. Update: Added additional code to combat browser "caching problems."

3. New Feature: "Root" status commands for uptime, memory, and disks
   are now configurable on the "Settings/Configuration" page.

4. New Feature: Enhanced the user enable/disable selection capability.


Version 0.97p2:
---------------

1. Bux Fix: The Enable All / Disable All users on the "Users Settings"
   page is now working properly.

2. Bug Fix: The background image on the Login page should be visible.

3. New Feature: To help with browser caching problems the login screen
   now has a "bogus" time field that should prevent most caching.


Version 0.961:
---------------

1. Bug Fix: Quick View and other context-menu file I/O operations
   were broken. It should be fixed now.
   --First reported by Bryan K. Wright <bryan at ayesha.phys.virginia.edu>

2. New Feature: Added an "enable all" and "disable all" feature to the
   Users Setup page.

3. New Feature: A new file fm_disable.users contains a list of users
   that do not have access to FileManager.

Version 0.96:
-------------

1. New Feature: Added uptime and memory usage on systems that support
   the uptime and free commands. Displayed only for the "root" user.

2. New Feature: added a "forkcgis" parameter to the web server to
   handle non-standard CGI routines (especially file uploads).

3. New Feature: added the ability to change the icon file types via
   the admin settings section "File Types."

4. New Feature: Eliminated reliance on CGI.pm.

5. New Feature: Eliminated client-side cookies, replaced them with
   server-side cookies (kookie) that allows a user to retain settings
   when logging in from different machines (or browsers).

6. New Feature: For linked (alias) files/directories the "mode" column
   now displays the target file/directory relative to the current
   directory.

7. New Feature: Setup.sh now checks version numbers. If upgrading
   and version is less than 0.94 then the configuration files are
   purged before installation.

1. Bug Fix: Added the missing routine "escapeHTML" to cgi-lib.pl.
   --First reported by "Fabio Cardillo" <fabio at alfaprint.com.br>

2. Bug Fix: Variable $now in fm_editor was not pre-defined and caused
   an error when using the "strict" pragma.

3. Bug Fix: Changed the default web server processing execution mode
   to "forked" processing. This seems to fix the logout problem and
   some upload errors.

4. Bug Fix: Changed "getpwent" to "getpwnam" in setup.sh to handle
   root passwords better.

5. Bug Fix: The correct username is shown in the Editor window

6. Bug Fix: The menu button bar (home,help,settings,prefs) is 
   shown in the Editor header

7. Bug Fix: The logout link is shown on the Editor pages.

8. Bug Fix: The server no longer throws an exception when a user tries
   to access an unaccessible file. An error message is now displayed.

1. Misc: Changed the tr// to s// in FixCommand

2. Misc: Added link to the Copyright page on the Help page.

3. Misc: The login screen now puts the cursor into the Username box
   by default.

4. Misc: Minor formatting change on the "Web Server" settings page.

5. Misc: File upload size is set to a maximum of 10MB.
   This value can be changed by editing the file fm_cgi-lib.pl
   and altering the line:
   $cgi_lib'maxdata    = 10*1024*1024;

6. Misc: Removed "<p><hr>" below login form in session_login.cgi.

7. Misc: Corrected version number in admim.pl

8. Misc: Added some extra info to the README file.


Version 0.95:
-------------

1. Added the ability to customize the pop-up context menus.

2. Added the ability to view all valid system login accounts,
   not just those with a UID >= 500.

3. Added a Perl module pre-check and auto-install capability in setup.sh.

4. Added additional information to the Properties window.

5. Updated the mini-server and session_login scripts to be more
   error tolerant.
   
6. Fixed a bug which caused the login script to hang on some
   systems when using SSL.

7. Fixed a bug in the QuickDir command which did not properly
   reset the current working directory.

8. The setup.sh routine no longer asks for the "root" password.


Version 0.94:
-------------

1. Fixed a bug in the "Folder Delete" code which did not allow
   a folder to be deleted on some systems.

2. Complete re-write of internal file and user handling code.

3. Separated administration program from main program.

4. Now uses system usernames/passwords for authentication
   --First requested by Martin Foster <martinf at control-f1.com>

5. Fixed a ".readme" display error.

6. Fixed the directory duplication command.


Version 0.93:
-------------

1. Documentation updated.

2. Fixed a bug in the "Quick Dir" section.

3. Added OS detection support for 30 more systems.

4. Added the ability to display ".readme" files when entering a
   directory. This feature is controled by the "ShowReadme" parameter
   on the AdminSettings/Configuration page.
   --First requested by Filippo Dini <phil at yatta-it.com>


Version 0.92:
-------------

1. Fixed an upload bug which resulted in a "Short Read" error.
   --First reported by Filippo Dini <phil at yatta-it.com>

2. All CGI's in the fm_miniserv.pl routinue are now forked as
   a separate process by default.

3. Fixed a download bug that only allowed "home" directory downloads.


Version 0.91:
-------------

1. Added SSL support.
   --First suggested by Vito Sansevero <zues1 at home.com>

2. Added multi-user (session) support.
   --First suggested by Vito Sansevero <zues1 at home.com>

3. Disabled the "External Web Server" option. (It's still available,
   just commented out in setup.sh.

4. Added a download option to the pop-up menus.


Version 0.9:
------------
Full Release.
