Release Notes: Validation was added for SCMS configuration. A Web installer was added.
Release Notes: This release defines scmsLoginAge_ON and scmsLoginAge constants to take care of password aging. A "double slash" path bug in scms_footer.php has been fixed. user_logins.php and user_sessions.php error message display has been fixed. CSS style bugs in config.js have been fixed. Modifications have been made to authenticate.php to not give an "Undefined index" warning for username and password variables.
Release Notes: A Session update bug has been fixed. This release calls UpdateSession() in CreateAuthenticatedSession() in the Authentication class. PHP Session Management has been integrated into SCMS' database. Now all session data will be saved in scms_sDATA in scms_Sessions table. This is implemented in SessionHandlingV1.php, and included in scms_header.php. The same permission system constraints have been added to scms/roles.php (you can no longer see Roles above your own).
Release Notes: The php.ini settings "allow_url_fopen" and "allow_url_include" were changed to "off" in scms_config.php by default. A new named constant, scmsHexLinx, was defined and implemented in scms_config.php to enable hexing of URLs. It is on by default. Authentication error numbers 4 and 7 were removed and instead were made the same as 3, since they made username guessing possible. An error was fixed in UnlockCode Sending via email link.
Release Notes: ClearLogs for user-opened sessions have been added, and the password field for adding users has been changed to input type 'password.' Restrictions have been added to roles and users: now only root (RID=1001) users can add roles, and a new permissions system has been designed for roles.