SCMS

Changes: SCMS was completely rewritten into an MVC framework with singleton design pattern support. Many features were added, and stability was improved.

Changes: A simple CAPTCHA is included in scms/scms_include/captcha. An scmsUseCaptchaS constant has been added for enabling/disabling image CAPTCHAs. Captcha Images have been added to ALL AUTHENTICATED forms. The old $_SESSION['scms_logins'] variable has been removed from authenticate.php and main.php. Bugs have been fixed in Update() in scms_users.php. The old code bugFixRequirePath.php has been removed from all includes.

Changes: A quick and dirty installer was added with the same settings as Joomla's. All PHP supported hashing algorithms were added. MySQL credentials were moved to the configuration file. DES and AES encryption were removed from scmsAccountLocking_HashAlgo. Some CSS bugs were fixed. Functionality to retrieve a forgotten password or request a new password was added. CSRF protection was improved. Some bugs with the login page were fixed.

Changes: This release defines scmsLoginAge_ON and scmsLoginAge constants to take care of password aging. A "double slash" path bug in scms_footer.php has been fixed. user_logins.php and user_sessions.php error message display has been fixed. CSS style bugs in config.js have been fixed. Modifications have been made to authenticate.php to not give an "Undefined index" warning for username and password variables.

Changes: The footer include has been changed from a .shtml to a PHP file. Changes have been made to the conditions of the GPL for SCMS: from this version on, it is requested that the link to Greyhat InfoSec Systems in scms_footer.php is not removed from any implementations of SCMS. The Error Page (error.html) for SCMS has been changed to a PHP file as well. Tooltip descriptions have been added to all SCMS configuration settings.