Select Git revision
CHANGELOG 45.08 KiB
== 1.6.0
Enhancements, changes:
----------------------------
+ php8.1 compatibility (php8.x support is work-in-progress);
+ MySQL 5.5.3+ is now required (support for utf8mb4);
Security Fixes:
----------------------------
+ SQL injection in custom field enum/set types;
+ Directory traversal possible in RIPE query;
+ XSS (reflected) in 'bw-calulator-result.php';
+ XSS (reflected) by invalid email address response;
+ XSS (reflected) by /app/tools/subnet-masks/popup.php (#3738);
+ XSS (stored) in user widget settings;
+ XSS and LDAP injection in ad-search-result.php;
+ XSS and LDAP injection in ad-search-group-result.php;
+ Restrict find_full_subnets.php to CLI;
+ Ensure confidentiality of database password;
== 1.5.0
New features:
------------
+ Mark subnet as isPool to allocate network and broadcast addresses;
+ Optionally hide section subnet menus;
+ L2 Domains user permissions;
+ Add scanPingType=="none" option to disable scanning;
+ Custom fields on IP request forms (#2956);
+ Added subnet free space map for each possible subnet mask;
+ Added Vaults (Certificate andf password storing);
+ Added Tools->Duplicate subnets & IP page;
+ Added config.php offline_mode to disable server-side Internet lookups (#3462);
+ Added MAC vendor lookup widget;
Enhancements, changes:
----------------------------
+ php7.4 compatibility;
+ SameSite attribute enabled for site cookies;
+ SAML2
+ php-saml updated to 3.4.1 (#3055);
+ Removal of php-mcrypt dependancy;
+ Drop support for idpcertfingerprint;
+ MAP_SAML_USER and SAML_USERNAME config.php configuration moved to db;
+ php-saml protocol debugging;
+ Support for signed assertions;
+ SAML usernames can be extracted from assertion attributes (#2948);
+ JIT auto-provisioning of accounts (#3389);
+ Selectable mask for number of subnets/hosts in subnet masks;
+ Switch from Google Maps to OpenStreeMap and Nominatim;
Bugfixes:
----------------------------
+ Fixed upgrade queries issues from 1.3.x to 1.4+ (#3130);
+ Fixed boolean printout in footer (#2625);
+ Fixed BGP Admin isn't working (#2631);
+ do not show statistics in dashboard widget for disabled modules (#2602);
+ MySQL 8.0 compatibility. (#2646,#2239,#3036);
+ MariaDB Galera Cluster compatibility (#2498,#3413);
+ Permit non-numeric postcodes for customers (#2393);
+ Bandwidth calculator - 400 Bad Request (#1807,#2648);
+ Table layout not aligned (#2656,#3105,#3113);
+ Improve scanning requirement checks (#1183);
+ Date picker hidden (#2673);
+ PDNS Add/Edit DNS record not working for normal users (#2686);
+ Unable to save settings with link addresses = text custom field (#2702);
+ Kea MAC address display issue (#2704);
+ Returned custom fields to devices table (#2572);
+ Invalid scan agent key warning;
+ Subnet filter issue when IP contains 0 octet. (#2748);
+ Add VLAN button not working (#2741);
+ Incorrect subnet links in /tools/vrf/ view. (#2774);
+ Location data missing in exports. (#2833);
+ Check mysqldump path when exporting database;
+ Current rack position missing when editing a device. (#2545);
+ Permit colon in firewall zone interface names (#2737);
+ Fixed PowerDNS txt SPF editing (#1641);
+ Blank 'MAC' on SNMP-ARP and SNMP-MAC scans (#2911);
+ Incorrect network/broadcast calculation for IPv6 (#2879);
+ Increase allowed email and password lengths (#3021);
+ Wrong unit location for dual-sided racks (#3086);
+ Linked ip_addr shows integer notation (#3100);
+ Invalid scan type () error (#2785);
+ Invalid CSRF cookie editing rack items (#2556);
+ FPing discovery marks all addresses as alive (#2888);
+ Subnet usage calculation updated for nested subnets;
+ SNMP, number of discovered hosts exceed maximum warning (#3279);
+ Exclude IPv6 from Ping and Discovery scans (#3354);
+ Fix for SAML/2FA/login redirections (#3492, #3435, #3517);
+ php_sessions table doesn't exist error when upgrading (#3417);
+ Changelog data too long for column errors (#3376,#3398);
+ RFC 6265 compliant cookies (#3452);
+ Require unique subnets not working as intended (#3529);
+ API:
+ Fixed /user/ calls for SSL with app code (static app code);
+ Address IP field not displayed when using filter_by (#2934);
+ Addresses first_free & Subnets first/last_subnet thread safety (#2960);
Security Fixes:
----------------------------
+ SQL injections processing `tableName` (#2738);
+ SQL injections processing `ftype` (#2751);
+ All circuits map, PHP object injection (#2937);
+ Upgraded jQuery to 3.5.1 (#3119);
+ Stored XSS in instructions widgets (#3025, #3360);
+ PHP session ID fixation (#3342);
+ XSS (reflected) in IP calculator (#3351);
+ XSS in pass-change/result.php (#3373);
+ SQL injection in edit-bgp-mapping-search.php;
+ Stored XSS in the "Site title" parameter;
+ XSS while uploading CVS files;
+ XSS (reflected) in 'find subnets';
+ Incorrect privilege assignments (#3506);
+ XXS (reflected) in ripe-arin-query;
+ XSS (reflected) in import previews;
Translations:
----------------------------
+ Update Traditional Chinese support to version 1.5 (#2658);
+ Update Simplified Chinese Translation (#2725);
+ Italian (it_IT) translation added (#2813);
+ Updated German translation (#2970, #3065);
+ Updated Russian translation (#3028, #3367);
== 1.4.0
New features:
------------
+ Configurable password policy;
+ Sessions can be now stored in database (#516);
+ Two-factor authentication - otp (Google Authenticator);
+ Customers module (#694);
+ Routing module (BGP) (#2135);
+ Search for free subnet inside whole section;
Enhancements, changes:
----------------------------
+ Circuits enhancements (Virtual Circuits);
+ Dropped support for 32bit systems;
+ PHP 5.4 is now required;
+ Added compressed actions dropdown;
+ SNMP module no longer requires MIB files;
+ Performance enhancements running under Azure/Amazon;
+ Added option to disable user (#1327);
+ Added policy NAT option;
+ Added custom NAT fields;
+ Rack module enhancements (#1325):
+ Dynamic rack sizes;
+ Top-down / Bottom-up racks;
+ Custom rack devices independent of devices (power, patch panel);
+ Customized user permissions for modules:
+ VLAN module;
+ VRF module;
+ PowerDNS module;
+ Circuits module;
+ Customers module;
+ Devices module;
+ Rack module;
+ NAT module;
+ PSTN module;
+ Locations module;
+ API:
+ New API security type - SSL with app code (static app code);
+ New config.php option $api_allow_unsafe to allow non-SSL API queries;
+ Added last access field to api;
+ Add Mac Search for Addresses controller (#2005);
+ New overlapping API call;
+ New global API parameter filter_match = full,partial,regex;
+ Add Tools API customers submodule;
+ Fix filtered results to always return data as array (#2558);
+ Widgets:
+ New user instruction widget (#2383);
Translations:
----------------------------
+ Japanese (ja_JP) translation added;
+ Traditional Chinese (zh_TW) translation added;
Bugfixes:
----------------------------
+ Fix appended " U" in Rack description (#2046);
+ Fix Bandwidth calculator - 400 Bad Request. (#1807);
+ Fix bad DNS reverse zone for /23 subnet (#666);
+ Fix Add missing standard field (#2153);
+ Fix Consistency of VARCHAR Size on 'owner' column across tables (#2136);
+ Fix Subnet details - Filter button missing when compressed range is used (#2353);
+ Fix slow page load times with linked addresses (#2324);
+ Fix " - is required" error when adding IPs with an empty IP filter set (#2334);
+ Fix column 'masterSubnetId' cannot be null error when adding subnets (#1977);
+ Fix logical circuits add/delete errors (#2381);
+ Fix adding new VLANs to an empty L2Domain (#2400);
+ Fix Nested child subnets with "na" permissions visible (#2223);
+ Fix translations containing apostrophes break functionality (#2504);
+ Set requestedAuthnContext to false for SAML (#2457);
+ API:
+ Fix inconsistent API success value returned (#2045);
+ Fix filter_by functionality (#2392);
+ Fix PATCH functionality (#2470, #2481);
Security Fixes:
----------------------------
+ Hide SNMP community (#2197);
+ Hide LDAP/AD/Radius username / password and secret from logs and syslog (#2006);
+ XSS in phpipamredirect cookie (#2338);
+ XSS in print-user.php, CSRF in user-edit.php (#2326);
+ Possible SQL injection in nat/item-add-submit.php (#2344);
+ Fixed possible file inclusion in editing authentication methods;
+ XSS in subnet-scan-telnet.php, CSRF in subnet-scan-execute.php (#2327);
== 1.3.2
Enhancements, changes:
----------------------------
+ Dark theme added;
+ Full php7.2 compatibility;
+ url_rewrite has changed, please use new rewrite scheme (https://phpipam.net/news/new_rewrite_scheme/);
+ Search for matching subnet in all VRFs feature enabled when importing addresses;
+ Added new config option to show custom fields separated from standard fields when editing IP address;
+ Added Required fields subpage to define IP address fields that must be filled in;
+ Performance + bug fixes (#1660, #1657);
+ MasterSubnet dropdown list is dynamically generated via AJAX call;
+ Bandwidth calculator;
+ Support 8U rack sizes. (#1891);
+ API:
+ New last_subnet API calls (#1655);
Translations:
----------------------------
+ German translation updated to verson 1.3.1;
+ French translations updated. (#1881);
Bugfixes:
----------------------------
+ Fixed uncaught error if vlan number exceeds max permitted (#1455);
+ Fixed Illegal string offset 'dns_name' in pingCheck.php errors (#1461);
+ Performance fix for subnet_dropdown_print_available (#1562);
+ Fixed logo updater for apache v2.4 (#1582);
+ Fixed section names containing spaces are not included in exports (#1566);
+ Allow DNS wildcard records (#1571);
+ Fixed slow mac address vendor decoding for subnet detail view (#1658);
+ Performance fix for detecting overlapping subnets. (#1052, #1426, #1533);
+ Performance fix for slow mac address vendor decoding (#1658);
+ Performance fix for subnet API first_subnet & all_subnets calls;
+ Performance fix for delegating subnet permissions;
+ Convert to UTF-8 encoding on import/export to preserve dialectics (#1659, #1700, #1728);
+ Importing IPs loose Mac Addresses (#1607);
+ Section names containing spaces are not included in exports. (#1566);
+ Bug with section and dashboard (#1593);
+ Fixed improper contents in plain text part of notification e-mails (#1707);
+ Reduce size of email notifications (#1643);
+ PHP 5.3 compatibility fixes (#1594, #1730);
+ PHP 7.2 compatibility fixes (#1683, #1714);
+ Fixed notification e-mails contain a broken link. (#1708);
+ Allow dots to be used in domain names. (#1747);
+ Use multi-byte compatible functions when shortening text. (#1753);
+ Scan subnet reports/selects invalid php path. (#1757);
+ Small code refactoring (#1699);
+ Rack device start position overwritten. (#1545);
+ Sections with folders returns no subnets using API. (#1883);
+ Add custom_ prefix to Prefix controller custom fields. (#1836);
+ Non-Admins missing the button to Add circuit. (#1902);
+ Wrong field name of deviceTypes table when checking device type. (#1910);
+ SNMPv3 improvements;
+ Misc IPv6 fixes;
Security Fixes:
----------------------------
+ Code injection in Name field. (#1667);
+ XSS (reflected) in SubnetID param. (#1702);
+ CSRF enables open mail relay. (#1703);
+ Reflected XSS requiring user interaction on search. (#1705);
+ XSS reflected via CSRF in preview.php. (#1706);
+ Reflected XSS via CSV upload. (#1742);
+ Reflected XSS on 'mac' parameter. (#1903);
== 1.3.1
New features:
------------
+ Circuits module (circuits, providers, map, ...) (#731);
Enhancements, changes:
----------------------------
+ Racks:
+ Automatic location assignment when device added to rack (#1230);
+ Rack map showing map of all racks in location;
+ Rack back side;
+ Compact menu layout (per-user setting, showing only icons);
+ Network to network static nat;
+ Selectable logo size (from config.php) (#952);
+ Added default option for permissions propagations (#1351);
+ API:
+ Added Circuits controller;
+ Encrypyted requests can now also be form-encoded (#1191);
+ Introduce mcrypt AES compatibility (#1516);
+ Fixed field ip not displayed when filters applied (#1529);
+ New resolve hostnames option for subnet (#1222):
+ Updates hostnames via pingCheck.php script (if parameter set for subnet);
+ Updates hostnames via resolveIPaddresses.php script (if parameter set for subnet);
+ On-the-fly empty hostname update if resolved (if parameter set for subnet and enabled globally);
+ Added this infor to tools > scanned networks;
+ Added custom_ prefix to custom field names to avoid duplication with custom fields (#1387);
+ Added option to hide IP requests for unauthenticated users on login page (#1394);
+ Performance optimizations for locations and subnet usage calculation;
+ Added user groups custom fields;
Translations:
----------------------------
+ French translation updated to verson 1.3;
+ German translation updated to verson 1.3;
Bugfixes:
----------------------------
+ Fixed RACK images not displayed if not root location (#1204);
+ Fixed import gateway ip (#1240);
+ Fixed JSON_UNESCAPED_UNICODE for PHP 5.3 (#1135, #1245);
+ Rename class Thread to PingThread to avoid naming conflict with pthreads Thread class (#1254);
+ Fixed custom fields integer on subnet (#1266);
+ Fixed Import Ip-adress doesnt update location (#1284);
+ Fixed json_error for logo upload (#1256);
+ Fixed CSRF error when moving orphaned addresses (#1303);
+ Fixed VRF fetching via API by Id;
+ Fixed map issues when quotes are in name/description (#1384);
+ Fixed item not removed from NAT when deleted (#1378);
+ Fixed Error when error_reporting = E_ALL about strict standards when importing IP addresses (#1372);
+ Fixed Apostrophe errors in text custom fields (#1375);
+ Fixed API error when creating address under folder (#1507);
+ Fixed SNMPv3 (#1119);
Security Fixes:
----------------------------
+ Fixed XSS issues (#1403, #1521, #1500);
== 1.3.0
New features:
------------
+ Multicast module (RFC1112, RFC2464) with IP to MAC mapping and multicast networks overview;
+ Threshold module for subnets;
+ Racks module (Rack drawing) for devices;
+ Address linking by selected field;
+ Custom logo for site and mails;
+ PSTN number management module;
+ SNMP module:
+ Subnets discovery from route table (all subnets, nested subnets, add new subnet);
+ Hosts discovery scans via ARP check/interface check;
+ Hosts discovery scans via ARP + MAC address check (detects interface);
+ VLAN discovery;
+ VRF discovery;
+ Status update scans via ARP check;
+ NAT module
+ Source / static / destination NAT;
+ Linking subnet to NAT
+ Show bindings under tools and next to IP address / subnet
+ Locations module
+ Map devices / racks / subnets to location;
+ Google maps integration;
+ SAML2 authentication (SSO)
Enhancements, changes:
----------------------------
+ Folders can now contain addresses;
+ API:
- Api v1 removed;
+ If subnet gateway defined gatewayId is returned in subnet details;
+ Automatically added nameservers to subnet results;
+ Added subnet usage result for each subnet in section;
+ Added custom fields for all controllers;
+ New subnets automatically get parent permissions;
+ Added IP calculation to subnet;
+ Changed all not_found when searching objects to 404 and all invalid parameters to 409 (conflict);
+ If new item is created id will be available in response field “id”;
+ New parameter $time_response in api/index.php that will return execution time in field “time";
+ Extensive first_free subnet calls search speedup;
+ POST transaction locking;
+ All first_free and first_address responses are now "data" instead of "ip" and "subnet" for consistency;
+ Subnet splitting now copies over custom fields values by default (user custom_fields=no to revert);
+ Added API option to nest custom_fields to assure correct structure;
+ Added option to show/hide links in api by default for each app;
+ Changed API http response codes;
+ New methods:
+ users:
GET /user/expires/ // returns token expiration date
GET /user/token-expires/ // returns token expiration date
GET /user/users/ // returns all users (rwa app permissions required)
GET /user/admins/ // returns all admin users (rwa app permissions required)
+ addresses:
GET /addresses/first_free/{subnetId}/ // returns first available address (subnetId can be provided with parameters)
GET /addresses/{ip}/{subnetId}/ // returns IP address from subnet
GET /addresses/search/{hostname}/ // Will search addresses by hostname
DELETE /addresses/{ip}/{subnetId}/ // deletes IP address from subnet
POST /addresses/first_free/{subnetId}/ // will search for first free address in subnet, creating new address
+ subnets:
GET /subnets/{id}/addresses/{ip}/ // returns IP address from subnet
GET /subnets/{id}/first_free/ // returns first free address in subnet
GET /subnets/{id}/first_subnet/{mask}/ // returns first available subnets with specified mask
GET /subnets/{id}/all_subnets/{mask}/ // returns all available subnets with specified mask
POST /subnets/{id}/first_subnet/{mask}/ // creates first free subnet under master with specified mask
DELETE /subnets/{id}/permissions/ // removes permissions
PATCH /subnets/{id}/permissions/ // sets subnet permissions (?grouname1=ro&groupname2=3&43=1)
+ New controller Prefix;
+ New controller Devices;
+ New subcontrollers:
+ /tools/nat/
+ /tools/racks/
+ /tools/locations/
+ Widgets:
+ New threshold widget;
+ New inactive hosts widget;
+ New Locations widget;
+ PowerDNS:
+ Default domain for PTR records (if hostname is not set);
+ When removing IP address additional option that removes all associated PDNS records (ip and hostname);
+ Permit normal users to manage VLANs / VRFs;
+ Inactive (offline) hosts tools page;
+ MAC address normalization;
+ jQuery tables;
+ Permission delegation now only delegates changes not whole permission set;
+ Users with RWA permission can manage IP requests and receive IP request mails + changelog mails for subnet;
+ IPv4 subnet link to IPv6 for dual-stack info;
+ Removed inacessible DNS servers if timeout to prevent page load timeouts;
+ Added option to only show supernets to limit pageload [#844 #816 #736];
+ Added last scan info to subnet details;
+ Added option to update address tags when address state change occurs (pingCheck) [#840];
+ Added mantaneance mode;
+ Added inactive addresses removal script;
+ Subnet overlapping now checked also inside folders to prevernt duplicates;
+ Subnet overlapping now checked also between sections if VRF defined;
+ Added new settings directive that requires unique subnets accross sections;
+ Added index check in verify database to detect and fix possible missing DB indexes;
+ Added MAC address vendor display option;
Bugfixes:
----------------------------
+ PowerDNS regenerate PTR records now only updates current subnet (before whole zone);
+ Fixed visual bug on 32-bit systems;
+ Normal users with RWA permissions can scan subnets;
+ Changed default timestamp from 0000-00-00 00:00:00 to 1970-01-01 00:00:01 to avoid SQL install errors if strict mode;
+ Fixed https access on non-standard ports;
+ Extended username to 255 chars for LDAP logins;
+ Fixed search export invalid encoding and data may have been lost XLS file error;
+ Fixed invalid character encoding in API responses;
+ PowerDNS records cannot be created on slave zone;
+ Fixed subnet resizing bug if subnet contained slaves;
+ Added separate CSRF cookies for each address/subnet/pstn object;
+ Deleted items are now shown and searchable from changelog;
== 1.20.1
Translations:
----------------------------
+ French translation updated to verson 1.2;
+ German translation updated to verson 1.2;
Bugfixes:
----------------------------
+ Fixed upgrade bug that selected invalid auth method for AD/LDAP users;
+ Fixed LDAP problems after 1.2 upgrade;
+ Fixed PowerDNS Slave with multiple masters delimiter error;
+ Fixed PowerDNS PTR records not being updated automatically;
+ Fixed csrf cookie bug when editing folder;
+ Fixed csrf cookie bug when truncationg subnet;
+ Fixed invalid code for API crypt method;
+ Fixed strange headings font display in Firefox;
+ Fixed invalid proxy settings in config.dist.php;
+ Fixed search same hostnames in db link form address table;
+ Fixed import subnet bug caused by fw object;
+ Fixed Subnet Import (Preview button > no action);
== 1.20
New features:
------------
+ Added multiple simultaneous authentication methods (Apache, AD, LDAP, Radius, NetIQ);
+ Added fping scanning support;
+ Added selectable scanning type (ping/pear/fping);
+ Added L2 domains;
+ Added option to define address as default GW for subnet;
+ Added customizable address tags with compressed option;
+ Added temporary subnet / address shares;
+ Added quick subnet masks;
+ Added nameserver sets per subnets (jonashauge);
+ Added optional syslog as log location;
+ REST API:
+ documentation: http://phpipam.net/api-documentation/
+ API v2, old v1 support added
+ Complete rewrite of all API calls;
+ New security models (crypt, ssl, none);
+ Support for custom fields;
+ JSON / XML output
+ Full read/write controllers (Sections, Subnets/Folders, Addresses, Vlans, Vrfs);
+ PowerDNS integration:
+ Automatic reverse records creation (PTR) - IPv4 and IPv6;
+ Automatic SOA, NS record creation;
+ DNS domain management;
+ Added Scan agents to scan subnets remotely;
+ Added firewall zone mappings and module;
+ Added per-subnet DNS resolvers;
+ Added option to mark subnet as utilized (full);
Enhancements:
----------------------------
+ All tables are now InnoDB by default;
+ Upgraded jQuery to 2.1.3;
+ All functions rewritten to classes/methods;
+ Parametized all SQL queries, moved from MySQLI to PDO;
+ Added VLAN/VRF to search and to search results export;
+ Redesigned admin and tools menu;
+ Added scanned/discovered subnets to tools for faster overview;
+ Per-user display settings;
+ New widget - tools shortcuts;
+ New widget - IP calculator;
+ New widget - request IP address;
+ Clickable links for subnet fields;
+ Custom VRF fields;
+ Subnets can be now linked to devices;
+ Import/export enhancements;
+ Fast user switching for admins to impersonate user;
+ Opened folders and subnets in tree menu are saved on page reload;
+ RWA users can now process IP requests;
+ Added auto-suggest for possible slave subnets;
+ SSL option for MySQL connections;
+ Enum custom field support;
+ Added password reset script;
+ Set sections to display VRF in;
Security Fixes:
----------------------------
+ Parametized all MySQL querries;
+ Fixed plainpass being logged on user update;
+ Fixed XSS exploit on /error/;
+ Added CSRF protection to forms;
Translations:
----------------------------
+ Added Czech translation;
Bugfixes:
----------------------------
+ Fixed bug with SSL/TLS smtp servers;
+ Fixed visual subnet display issues on 32bit systems;
+ Fixed IPv6 split subnets bug;
+ Fixed /31 ping bug scanning out of boundaries;
+ Fixed nested broadcast not counted to used percentage;
+ Fixed invalid redirect after timeout;
+ Fixed discovery script index overridden;
+ Fixed dashboard graphs links to subnets;
+ Fixed Invalid ID on subnet scan of large subnets;
== 1.1.010
Bugfixes:
----------------------------
+ Fixed login fails with LDAP when escape characters are in password;
+ Fixed login not working with spaces in password for AD login;
+ Fixed Ivalid action when adding vlans from subnet popup menu;
+ Fixed custom fields not appearing properly on IP request editing;
+ Fixed Invalid ID error for IP address details on sorting;
+ Fixed warnings if no VLAN search results are present;
+ Fixed test mail not sending;
+ Fixed unable to login if $phpsessname not defined;
+ Fixed unable to login after upgrade;
== 1.1
Enhancements:
----------------------------
+ Caching of SQL results to avoid multiple queries;
+ Reduced number of DB queries;
+ Added selected mail notifications to admins to be notified on IP/subnet change;
+ Added new subnetId index to ipaddresses table that significantly improves network loading;
+ Now using only 1 network connection towards MySQL server;
+ Updated pagination;
+ mod_rewrite no longer required, selectable URL structure under settings;
+ Added option not to display free ranges;
+ Added option to set maximum VLAN number;
+ Selectable custom fields to be visible/hidden in tables view and updated device/VLAN view;
+ Added additional confirmation before section, subnet, folder and IP address deletion;
+ New script added for cron checks that discovers new hosts for selected networks;
+ Added inactivity timeout to settings;
+ Changed install procedure and updated install scripts;
+ Added PEAR check for installation;
+ Added free range disaply for VLANs;
+ Addes SSL/TLS option for SMTP mail;
+ API:
+ Bugfixes;
+ Added API admin permissions;
+ read/delete actions for IP addresses;
+ read/delete actions for Vlans;
+ read/delete actions for VRFs;
Security Fixes:
----------------------------
+ Fixed known command injection vulnerabilities in the scan functions;
+ Fixed known SQL injection vulnerabilities;
+ Fixed known XSS vulnerabilities;
+ Fixed known action XSS events;
+ Moved to crypt method for storing password in database with salting;
+ Added option to force user to change pass after first login;
+ Admin password must be changed after installation;
+ Added captcha code request after 5x unsuccesfull login to prevent brute-force attacks;
Translations:
----------------------------
+ Added es_ES translation;
Bugfixes:
----------------------------
+ Fixed top 10 widgets not escaping strings;
+ Fixed section parent can be set to self that caused section to disapear;
+ Fixed username instead of password being sent to smtp server;
+ Fixed IE search bug with workaround;
+ Fixed subnet and bcast not showing on strict mode disabled;
+ Fixed top subnets missing on dashboard for non-admin users;
+ Fixed bug when installation was silently failing bacause pf missing _() function (missing gettext extension)
+ Fixed device custom field not populated on adding device;
+ Fixed XLS export silently failed when description longer than 31 characters;
+ Fixed overlapping check not working;
+ Fixed subnet free space calcultation;
+ Fixed visual subnet display not showing on /31 and /32 networks;
+ Fixed custom fields display on folder edit;
+ Fixed unable to edit IP addresses when fields are sorted;
+ Fixde ordering of custom fields defaults to varchar 256;
+ Fixed IPv6 subnet / broadcast calculation bug and next subnet suggestion;
== 1.0
New features:
----------------------------
+ IP address page with IP address details and IP history (Changelog);
+ IP address changelog, subnet and section changelogs with full changelog under tools;
+ Favourite subnets for quick access;
+ Adding subnets from free space with automatic mask provided;
+ Automatic database validity check after upgrading and automatic field/table fix under administration;
+ Automatic weekly check for new phpipam version;
Enhancements:
----------------------------
+ Bootstrap 3;
+ UI enhancements;
+ Improved views based on browser width;
+ Widget order can now be set;
+ Widgets can be reordered (dragged) directly on dashboard;
+ Subnet can now be splitted to max 256 new subnets (16 before);
+ Scan settings are moved to Administration;
+ Widget management has moved to administration, which allows creation of new widgets;
+ Improved ICMP error detection;
+ Mail settings can now be set on gui (localhost / smtp);
+ Popup windows are now draggable;
+ VLAN adding in the fly enhancements;
+ Master section now shows all subnets in subsections;
+ Tools > devices redone;
+ DeviceTypes can now be edited/set/added;
+ Ping subnet enhancements;
+ Custom field types are now defineable (int/varchar/date/datetime/text/bool/set);
+ Date and timepicker popups if type = date/datetime;
+ For `set` and boolean custom fields dropdown is presented that users can pick;
+ Favourite subnets widget;
+ IP requests widget;
+ Changelog widget;
Translations:
----------------------------
+ Added Brazil translation (Michel Braga Guimarães);
Bugfixes:
--------
+ UI fixes;
+ Fixed bug where last page of IP addresses was inaccessible;
+ IP address state change is now sent to all admins;
+ Fixed subnet displaying as 0.0.0.0/0 in details;
+ Fixed links to subnets form vlans and vrfs;
+ Fixed search result showing all folders if searched item is not IP address;
+ Fixed disapearing section when L2 section was selected as master section;
+ Fixed device ID showing in mail notification instead of hostname;
+ Fixed device ID showing in search results and export instead of hostname;
+ Fixed search for subnet name returned no results;
+ Fixed apostophe in IP address description throws SQL error for scan results and XLS import;
+ Fixed requester email gets cut if longer than 32 chars;
+ Fixed admin folder edit appearing as subnet;
+ Fixed missing device/port in import;
+ Fixed master section delete did not delete subsections and belonging subnets/ips;
+ Fixed online status was not updated when running Ping status scans;
+ Fixed Folder name not appearing when deleting folder;
== 0.9
New features:
----------------------------
+ Support for ICMP network discovery;
+ Cron script to check status for selected subnets/hosts with threading suport (pcntl php extension required);
+ ICMP check IP status in demand;
+ Compressed (grouped) DHCP IP ranges;
+ API server version 0.1;
+ Option to show and group subnets by VLAN in subnets list;
+ Option to show and group subnets by VRF in subnets list;
+ Added subsections;
+ Added AD username search;
+ Added folders;
Enhancements:
----------------------------
+ Added error catching/displaying for ajax-loaded php scripts;
+ Added default language for login/requests display and new users;
+ Added direct links to different pages in IP address table;
+ Subnets can now be edited directly from nested subnets list;
+ When adding nested subnets default vlan/vrf is selected from parent;
+ Added Section ordering;
+ Added per/section subnet ordering (overrides dafault form settings);
+ Clicking on section now shows all subnets and belonging details;
+ If session timeouts after re-login last requested page will be opened;
+ Searh for IP address now returns also subnet, even if IP is not existing;
+ Per-user selection of widgets to display;
+ Added description and required field checkbox for custom IP/Subnet Fields;
+ Added custom device fields;
+ Mails are now sent through phpmailer;
+ Admin user cannot be deleted;
Translations:
----------------------------
+ Added French translation (Denis Darré);
+ Added Dutch translation (Michiel Visser);
+ Added German translation (Carsten Brückner);
Bugfixes:
----------------------------
+ Fixed wrong VLAN display in tools;
+ Fixed subnet/section links from VLANS if base not /;
+ Fixed warning in apache log on subnet editing if no VRFs are configured;
+ Fixed admin menu off-screen overflow;
+ Fixed firefox error when selectiong rights for section/subnets was not possible;
+ Fixed subnet description in Cyrillic problem;
+ Fixed errors on no permissions for user;
+ Fixed Inaccurate Free Space Calculation (and Chart);
+ Fixed VLAN permissions where VLAN was not displayed;
== 0.8
New features:
----------------------------
+ New group and permission management;
+ Support for translations;
+ Subnet resizing;
+ Subnet splitting into smaller subnets;
+ Added free space display for nested subnets;
+ Added visual display of subnet usage per IP address;
+ Added truncate network option that deletes all IP addresses in subnet;
+ Added button the updates subnet with RIPE information;
Enhancements:
----------------------------
+ Added add nested subnet under subnet details to simplify master subnet selection in hierarchy;
+ Added edit subnet link from search results;
+ Added reverse IPv6 DNS entries to IPCalc (Vincent Boisard);
+ Added option for plain-text emails;
+ Added ckEditor to write instructions;
+ StrictMode is not set globally anymore but set per section;
+ Added custom user fields;
+ Added option to verify that hostname is unique;
+ Improved MySQL exception handling;
+ Added mod_rewrite error detection on installation and upgrade;
+ Added hostname validation;
+ Added Hostfile dump of IP addresses;
+ Search also searches in custom fields;
+ jQuery updated to v 1.9.1;
Bugfixes:
------------------------
+ Fixed overlay on second popup;
+ Fixed IE search bug;
+ Fixed support for non-standard ports;
+ Fixed permitting overlapping subnets if vrfs are different;
+ Fixed dates in logging appearing in 12h format;
+ Fixed broken subnets link in tools > subnets if installation is not at document root;
+ Fixed error when adding new subnet if checkboxes are not selected in newer MySQL servers;
+ Fixed bad display of multilined navigation bar;
+ Fixed wrong output of tools > VLAN list when using Duplicate VLANs;
+ Fixed wrong link for upgrade script;
+ On VRF change all child subnets are updated also;
+ Fixed wrong maximum on dashboard top10 percentage;
+ Fixed Adding a vlan while editing a subnet resets the edit subnet form;
+ Fixed wrong free space calculation for nested subnets;
+ Fixed IP use statistics not cumulative up the hierarchy if subnes has slaves;
== 0.7
New features:
----------------------------
+ Completely rewritten UI using twitter's bootstrap as base;
+ Using mod_rewrite apache module to handle GET requests (new install requitements!);
+ Unlimited number of subnetting levels;
+ OpenLDAP authentication support;
+ New URL structure;
+ Sorting of IP addresses;
+ Custom subnet fields;
+ Custom VLAN fields and admin option to allow duplicate VLAN names (metro area VLANs);
+ Script to automatically update IP <-> hostname, run via cron (functions/scripts/resolveIPaddresses.php);
+ Show Subnet name instead of subnet IP address option;
+ Strict mode option in config files that controlls overlapping checks;
+ New subnet menu;
+ Added printLimit feature to break IP addresses into pages;
Enhancements:
----------------------------
+ Lots of UI changes;
+ Less Ajax usage to display websites and details;
+ Hierarchy display under subnet details (breadcrumbs);
+ Search results covering VLANs;
+ Custom IP fields ordering;
+ VLAN creation from adding/editing subnets;
+ IP addresses can now be edited;
+ Collapsed switch list;
+ Removing VLANs also removes references from subnet list;
+ Removing VRFs also removes references from subnet list;
+ Logs for admin on dashboard;
+ Search via GET;
+ Support for range networks (allows use of subnet and broadcast as IP);
+ Import of custom IP fields;
+ Abiility to move subnets between sections;
+ Improved display of nested subnets now shows all IP addresses from nested subnets and orphaned IPs;
+ Hides display of custom fields in subnet if none is filled in whole subnet;
+ Replaced Highcharts with Flot because of licencing issues;
Bugfixes:
------------------------
+ Fixed error with missing custom IP fields when adding new IP address;
+ Fixed bug when deleteing root subnet only deleted directly nested subnets (now whole tree);
+ Fixed checkboxes not working in various browsers;
+ Fixed change in switch details causing IP address associations to switch to be lost;
+ Fixed subnet description display in under subnet administration;
+ Fixed depricated error when showing XLS files;
+ Fixed error when custom fields were not updated on adding IP address;
+ Fixed error when custom fields were with spaces in name were not updated;
+ Fixed error when providing already requested IP address;
+ Search available also to viewer user types;
+ Fixed /127 and /128 IPv6 subnets;
+ Fixed /31 and /32 IPv4 subnets;
+ Significally reduced php processing for dashboard statistics;
+ Fixed importing of if quote is present;
== 0.6
New features:
----------------------------
+ Selectable IP address list display fields;
+ Custom IP address fields;
+ Search and replace IP fields function;
+ Full page width theme;
Enhancements:
----------------------------
+ Independant VLAN management;
+ Added additional level of subnet nesting;
+ Added option to clear and export log files;
+ Export of search results to XLS;
+ Clickable search results;
+ Selectable export fields when exporting subnet;
+ Subnet can be deleted from ip address edit subnet;
+ IP Requests for locked subnets and viewer users can be placed from ip address list;
+ jQuery updated to v 1.7.1;
+ HighCharts updated to v 2.2.0;
Bugfixes:
------------------------
+ Upgrade is supported only for versions 0.4 and higher;
+ Fixed broken UTF-8 support;
+ Fixed wrong logging when authenticating via AD;
+ Fixed issues where external attacker might get information about internal hosts through resolvedns script;
+ Fixed wrong subnet nesting under administration/manage subnets;
+ Fixed editing subnet can be outside of its own root subnet;
+ Fixed errors when adding new switch auto-adds itselt to all hosts without no switch defined;
+ Fixed removing switch not removed in ip address list;
+ Vlan1 can now be used;
+ Fixed mail sending settings with missing information;
+ Fixed errors on adding switch with no sections;
+ Fixed version check;
+ Removed masterSubnets from subnets available for IP requests;
+ Fixed error when non-admin user could not open dashboard;
+ Added how subnet list switch when list hidden;
== 0.5
New features:
-------------
+ Importing subnets from RIPE by AS in admin section;
+ Added switch management and changed switch logic;
+ Added VRF support;
+ Added AD domain authentication;
+ Added MAC address field to ip address;
+ Added database table and belonging fields check under admin;
Bugfixes / enhancements:
------------------------
+ Added DNS resolving when editing/adding IP address;
+ Added IE compatibility meta tag and IE UI improvements for IE >= 8;
+ Search returns also subnets and MAC searches;
+ Added mac address and IP status to XLS import/export scripts;
+ jQuery update from 1.6.2 to 1.7;
+ Highcharts update from 2.1.2 to 2.1.8;
+ Fixed dashboard errors if no IPv4/IPv6 subnets configured;
+ Fixed errors with viewing / modifying IP addresses for Operator users;
+ Fixed session cookie error on hosts;
+ Fixed error when saving settings;
+ Fixed instructions errors when inserting html code;
+ Fixed first free IP address not displaying in IP request;
== 0.4
New features:
-------------
+ Massive add / edit / delete by specifying IP range (e.g. 10.10.0.1 - 10.10.0.254);
+ Database upgrade / install from browser -> simplified installation/update procedure;
+ New usertype viewer - can only view IP address list;
+ Subnets can now be edited directly from IP address list;
+ Option to lock subnet for writing to no-admin users;
+ Device and Host list;
+ Option to specify which subnet can have IP requests when editing / adding subnet if module is enabled;
+ Latest version check on admin page;
Bugfixes / enhancements:
------------------------
+ Fixed overspanning of multiple sections;
+ Admin menu and add subnet now shown only to admins;
+ Fixed VLAN table to show nesting and IP request option and statistics;
+ Fixed subnet table to show nesting and IP request option;
+ Subnet Adding shows only master subnets in section not in all sections;
+ Tooltips and button hovers are now in separate javascript file;
+ Graphs show only subnets with non-0 ip addresses;
+ Various code enhancements + improved error handling;
+ Fixed URL links not updating after few clicks;
+ If loading slave subnet directly the subnet menu drops down and shows active slave subnet;
+ Clicking on master shubnet shows all nested subnets and statistics;
+ Redesigned log table;
+ Fixed search;
== 0.3
New features:
-------------
+ Subnet nesting - you can now have master subnet and normal subnets belonging to it;
+ Server settings are now moved to database and can be set under admin menu (database settings & debugging remain in config.php);
+ Request IP module on login page with email notification;
+ Confirm/reject IP address request from admin page with mail notification;
+ Admin dashboard notification of new requests;
+ Autocomplete of owner and Switch name from all available when adding/editing IP address;
+ New settings quick access on button hover;
+ Option to export each subnet indivudually;
Bugfixes / enhancements:
------------------------
+ jQuery update from 1.6 to 1.6.2;
+ VLANs are now grouped by section;
+ Direct access to subnet from vlan table;
+ UI enhancements;
+ Fixed user editing bug where user update broke password;
+ Fixed password in new account notification;
+ Fixed percentage display on Dashboard;
+ IPv6 calculator /64 limit fixed;
+ Changed tooltip effect to appear instantly for smoother display;
+ Login functions are now separate file;
== 0.2 (First public version)
Bugfixes / enhancements:
------------------------
+ now also works with php 5.2;
+ fixed empty fields in xls import;
+ passwords are now stored in md5 hash;
+ high numbers for free/used IP addresses (mainly IPv6) are now represented in k/m/G values to improve readibility;
+ fixed log search bug;
+ cursor not displayed as link on images and non-href links;
+ same add image on all pages;
+ fixed IP mail notification apperance;
+ UI enhancements and bugfixes;
+ Fixed some javascript bugs;
+ Minified javascript to make loading faster;
+ adding new ip address now automatically provides first available IP address in subnet;
New features:
-------------
+ added switch / port fields to IP addresses;
+ hide subets on request to get better view;
+ Informational tooltips added + option to disable them in config file if someone finds them annoying;
+ export whole IP address database to XLS file from admin menu;
+ create MySQL database dump from admin menu;
+ added IP instructions for users, that can be edited from admin menu;
== 0.1 (First test version)