Yes, it's been a while since the last update. I've been part "feverishly coding on DCL" and part "feverishly coding for my job". Lately, the job version has been taking over.
Fixed XSS vulnerability introduced in 0.9.4.3. Thanks go to James Bercegay from GulfTech Research and Development (http://www.gulftech.org/) for discovering the issue.
An arbitrary PHP code execution vulnerability was reported and fixed. All users are urged to upgrade to this version. Thanks go to James Bercegay from GulfTech Research and Development (http://www.gulftech.org/) for discovering the issue.
I made some good progress on 0.9.5RC1 this past week. The new installation and database upgrades are working. As noted before, the contact conversion will be normalizing free form data (contact name, phone, email) into the new contact manager. This has the potential to create duplicate contacts if the names or phone numbers have variations.
All that's left is to tidy up the contact management, fix remaining bugs caused by the schema conversion, create a "merge contacts" function to merge duplicate contact records together (caused by spelling/phone number variations), and finish the public interface. I'll also go through the bug/feature list at SF to see if there are any items that can be resolved.
I'm hoping this can be released this month. Following the feedback from the RC, I'll do more RCs if needed until the feedback shows that it's ready for a full release.
The next release had been going slow the last couple of weeks due to the paying job, so I didn't make my deadline of the end of September.
Things are starting to come together for the release. I have the RBAC implementation completely working, with the exception of item specific permissions. This will probably be a post-0.9.5 enhancement.
Overdue for another update. DCL is (still) in the middle of a major enhancement revolving around contact management. I have created pop-up dialogs for browsing/filtering/selecting contacts, organizations, and projects so far.
It's been a couple of months since the last update, so here it is. I've been working on a couple of popular feature requests: contact management and a "public" interface. I have public support built so far for products, tickets, and ticket resolutions. I expect to complete work orders and time cards tonight, then begin work on the contact management and some permissions management.
I've also ported some nice things from CVS HEAD for the database abstraction that makes it much simpler to write support for new tables and fields in the database.
Bryan continues to work on the build manager. We've redesigned the user interface so more options are immediately obvious to the user. I've found that the drop down tends to "hide" things from people (i.e., they don't know to look there for more options).
I just wanted to post an update to our current development efforts. There are going to be some very nice things coming for DCL this year