Macrotone February 2014 Newsletter
|If you can't see this e-mail properly, view it online|
|Newsletter February 2014|
|Web Version | Unsubscribe | Modify your Subscription|
There has not been much visible activity this past two months, but it has been non-stop behind the scenes. We have been busy adding two new features ready for Issue Tracker release version 1.6 that we expand upon in more details below. We are also pleased to note new and updated translations for Issue Tracker. We also released an update to the Password Control Plugin to reflect changes in Joomla 3.2.1 and Joomla 2.5.18 for encryption of passwords using PHPass.
We are also sure that we cannot be alone in seeing something much less exciting but something that has taken up a lot of time, which is 'fighting' the increased amounts of 'spam' which we have been experiencing. There are numerous instances of specific attempts to access system files, upload images, and general attempts to exploit weaknesses in some components etc which have all been blocked, but which all require checking just in case they are 'valid' reports by our users. It would be all to easy to assume that they are all 'junk' for want of a better word. It is just very time consuming.
We are looking to change our web site to make use of the latest Bootstrap releases. Whether this will also include an update to Joomla 3.2 or the forthcoming 3.3 has not yet been decided. This has revealed a few opportunities for providing different template overrides for our components, and our looking for a better way to provide them. On the surface this appears a simple thing to achieve but if one considers the vast number of different site templates available trying to come up with a 'single' set suitable for all of them is virtually impossible.
There is also a new upcoming release of Joomla 3.3 to look forward to, so the busy times looks like continuing for some time to come.
Issue Tracker News
As mentioned above it has been a busy time for Issue Tracker this past few months, with update releases 1.5.1 and 1.5.2 both being made available to correct a few problems discovered in the 1.5.0 release.
We also withdrew support for versions 1.3 and 1.4 at the end of January 2014. Support was also withdrawn at the same time for the separate Latest issue module which is included in release 1.5 and above as standard, and is no longer available as a separate download.
We have also been very busy implementing two new features into Issue Tracker that have been requested by our users. We intend that these are available in the next 1.6 release which is planned for some time in March 2014, all being well.. The release is in QA testing, and the documentation changes are also nearly complete.
The other major change is the implementation of a 'Custom Fields' feature. This is something that has requested by many of our users and has been planned for a while. It permits the site administrator to create 'custom field groups', comprised of any number of 'custom fields' which can be assigned to one or more projects or sub projects.
As implemented only one 'custom field group' can be assigned to a individual project or sub project, but the same 'Custom Field Group' may be assigned to more than one project or sub-project.
Any number of each type may be defined for a specified 'Custom Field Group'.
IP Mapping News
No news is good news.
The latest release 1.2.0 has proved to be very stable and we are pleased with the way it has been performing. The last release introduced the ability to run the synchronisation task via a scheduled cron task and it has run flawlessly since installation. In actual fact where we formally used to check regularly that the synchronisation was working we now sometimes 'forget' to check, since it has always been found to be fully up to date. Now if only every componnet worked so well!
We will be revisiting the component once the current work on other components has been completed to decide on further refinements.
Password Control News
Release 0.1.1 of System Password Control Plugin available.
Joomla 3.2 introduced a change to the handling of user passwords. The method the Joomla team decided upon was to implement PHPass. PHPass provides an easy to use abstraction layer on top of PHP's cryptographic hash functions suitable for password hashing. As of this writing, it supports three password hashing methods, including two via PHP's crypt() function - these are known in PHP as CRYPT_BLOWFISH and CRYPT_EXT_DES - and one implemented in phpass itself on top of MD5. All three employ salting, stretching, and variable iteration counts (configurable by an administrator, encoded/stored along with the hashes).
Joomla update 2.5.18 introduced the same mechanism into Joomla 2.5 and once installed any new paswords saved or changed by the user, or by an administrator would be saved in the database in the new fromat. The consequence of this is that the checking of previous passwords performed by the Password Control System Plugin will fail, since the encrypted comparisons would always fail to match, meaning that password reuse would be possible, until the passwords are 'replaced'. Once all of the 'previous; passwords are stored in the same format the comaprisons will function as intended.
One other consequence of the PHPass implementation means that the password checking mechanism supplied as a database procedure will also not work and will require rewritting. This is a non trivial task and will be investigated when time and resources permit. Until that time the plugin uses the supplied/alternative PHP routine.
One other change noticed was that the form displayed to the user on the front end when editing the User Profile was different, resulting in the failure of the Password Generrator button to be displayed on the form. One strange situation we observed was that two different Joomla installations using the same version of Joomla were displaying different forms. The reason is still unknown, but it meant that we were unable to code to allow for different Joomla versions. The decision was therefore made to check the form fields elements and depending upon the existence of specific elements display the Generator button appropriately.
Version 0.1.1 of the system plugin implements handling of the PHPass mechanism and as explained checks for which of the two known Edit Profile forms used on Joomla platofrms. It is available in the usual Download area.
We are pleased to see two new translators who have contributed to provide a complete French translation for Issue Tracker, so thanks are due to Pedwo51 (Pierre D), Emmanuel Ruchon, Kévin and Laurent Gougeon for their contributions. There are also updated Dutch (Netherlands) and Spanish (Spain) translations for Issue Tracker.
We also are pleased to announce the availability of a new Danish (Denmark) translation provided by Ole Schelde.
We would like to repeat that all our translators provide their services free of charge, and to thank them on behalf of all our users who make use of their work.
For those of you who are interested in the forthcoming Joomla 3.3 release we include some details here. TheJoomla PLT has announced that the 3.3 release will be made available on April 1, 2014. [We hope that the choice of April Fool's Day is not an omen!] They have defined several milestones leading up to this release date, to include:
These dates are very much tentative and subject to change depending on availability of volunteers and circumstances beyond their control.
Vision for 3.3
For 3.3, the aim is for a smaller release focusing on the backlog of feature proposals. Some of the items for which assistance is being requested for help with testing and review are:
|Follow us | ||
ABOUT THIS NEWSLETTER
This newsletter is published by Macrotone Consulting Ltd, which provides IT services to its clients and creates business tools:
Copyright 2014 Macrotone Consulting Ltd. All rights reserved.
Designated trademarks and brands are the property of their respective owners.
To ensure you receive our newsletter, make sure you add "email@example.com" to your address book.