Version 5.4 AUP 449 Change History

This AUP represents a major revision update.  The new version number is v5.4.   Build 449.   A tremendous amount of work has been done especially with the WEB server.  Many fixes, enhancements and new features are in this major revision update.

WCMAIL:

• NEW: Auto-responders and mailing lists can now use a full email address. This allows for autoresponders, such as info@domain1.com and info@domain2.com to work correctly.
  

WCFILE

• FIX: Fixed bug with the proper order of WIZARD display pages. Auto command line operations are now fixed with WCF files.

WCREPAIR

• NEW:  Added new calibration logic to find the highest message ID in the message data bases. This will help corrects situations where some customers were having mail reading problems due to a non-calibrated or corrupted data\master.dat file.

WCONLINE

• FIX: Cleaned up some memory leaks that were introduced in 448.1.

WCSERVER

• FIX: Fixed a security hole with certain url file names.
  
• FIX: Fixed a long time "special circumstance" bug where if a SDK client created a "System.Control" channel notification handler, wcConfig would lock up. Veteran Platinum Xpress sysops will probably remember this problem with v2.0. This is now fixed which means that SDK developers will not have a problem using "System.Control" notification channel handlers, and will be able to write new powerful "monitor" programs. The SDK example, wcSPY, will not lock up the system.
  
• NEW: Added a server message database date validity check during mail creation. Note: This should not take away the responsibility of 3rd party WCBASIC or SDK programmers, who are creating messages with their program, of initializing the TMsgHeader message structure prior to calling AddMessage(). You should always initialize your data variables.
  
• NEW: Server System Client USER PROFILE changes are updating/using any connected user client INI file. This will make user profile fields dynamically changed and reflected for all similar client connections.

WEB SERVER

• NEW: When changing to a new web page, the user browser will now require new login authentication when the password has changed.
  
• FIX: Fixed WEB Server security bug where it was not checking for blank browser authentication passwords.
  
• NEW: Web server will now detect broken browser connections!
  
• FIX: No more memory leaks because of broken connections!
  
• NEW: Massive Performance improvement when running WCX code.
  
• NEW: You can now disconnect a web connection with WcNODE!!!
  
• NEW: You can now Add/Subtract Online Time to a web connection using WcView!
  
• NEW: You can now change user security to a web connection using wcView!
  
• FIX: Fixed some bugs with the new WEB MAIL Browser introduced in 448.4.
  
• FIX: Fixed WEB Questionaire update problem.

WCVIEW

• NEW: wcVIEW can now be used to change the security profile of a connected user. Previously, this was only allowed if and only if (iff) the user was allowed to change to a higher security.
  
• NEW: Improved communications between host clients and wcVIEW. Less communications bandwidth means less wcserver overhead.

WCSDK

• NEW: New extended function to help change user passwords securely:

C++:

BOOL UpdateUserEx(TUser &user, const char *oldpwd, const char *newpwd);

wcBasic:

Function UpdateUserEx(user as TUser oldpwd as string, newpwd as string) as Boolean

Return:

TRUE if the user record update was successful, otherwise FALSE. See GetLastError() for return code.

Remark:

UpdateUserEx() is a more secured method of changing the user record when the password needs to be changed, specifically for connected sessions where the old password is required as a "double check".

In the past, the UpdateUser() function was used to change the user password. UpdateUser() can still be used but it is "unsecured". As long as the user is logged in or the system is making the change, UpdateUser() will use the TUser.Password as the new password if the field was changed.

With UpdateUserEx(), the difference is that now you can pass the OLD password as a means of a double check. This allows developers to write applications where the OLD password is requested before making a new password change. You don't need to change the TUser.Password field when using UpdateUserEx(). The comparison is made with the provided old and new passwords with the server saved user account.

Note: UpdateUserEx() will also do a "UpdateUser()" so any other information stored in the user record is also saved.

WCBASIC/PLUS PACK

• FIX: Added Ignore Time online logic for logging in MAIN.WCC
  
• NEW: Added Activity Logging of new mail created via web.
  
• FIX:  Fixed random bad message date due to not initializing the message header.
  
• NEW: Cleaned up all the source code so that it has Santronics Copyright information. 3rd party WCBASIC developers with the PLUS PACK must retain all copyright information for customized or modified Santronics developed wcBASIC source code.
  
• NEW: Changed the FormatNumber function so that it uses a 64 bit integer for formatting purposes. The reason is that some DWORD numbers (which are only 32 bit) will go negative if DWORD exceeds MAXDWORD (about 4 gigs). This should cause no harm since it is only for formatting (displaying numbers on the screen).
  
• NEW:  Added template variable to html-mailform.wcc, so that different template pages can be used for the response page to a form.

To use, add the following to your form:

<input type="hidden" name="template" value="mytemplate.htm">

This can also be entered into the config file as a line: template=mytemplate.htm

• NEW:  Two new functions for Base64 Encoding and Decoding.  These new functions are part of the standard wcBASIC core RTL.

base64encode(in as string) as string
base64decode(in as string) as string

example:

dim test as string
test = base64encode("Shane Caraveo")
print "encoded: ";test
test = base64decode(test)
print "decoded: ";test

The results would look like:

encoded: U2hhbmUgQ2FyYXZlbw==
decoded: Shane Caraveo

ACTIVITY LOGS

• FIX: Corrected the activity log initial stamping with the "on at" information. It should have been "on "+device+" at ".

WCFIRST

• FIX: F1 Help (and HELP button) now works to display wcfirst.hlp

WCCORE

• FIX: Fixed bug where random user profile files were created.   See utility KILLPROF.EXE
  
  KILLPROF.EXE:
  
  KILLPROF.EXE is a 1 time usage (need) utility provided with this AUP to clean up legacy random user profiles which were already created on your system.   To use this utilty,  start WCSERVER.EXE, make sure wcCONFIG is not running and run this utility from your \WC5 directory.   Once it does its job, you won't ever need to use this utility again.   The files which should remain in your DATA\USERPROF directory is based on the total number of users you have on your system.  One user profile data file is reserved per 256 users.  So 0 through 255 are stored in 00000000.DAT, 256 to 511 are stored in 00001000.DAT, etc.   KILLPROF.EXE will delete all other randomly numbered files which do not belong in any user group.

WCCONFIG

• FIX: Fixed a small bug where running EXTERNAL MODULES failed, thus failing wcConfig in subsequent internal configurations. This was because wcconfig was logging off prematurely.
  
• FIX: Fixed SMTP Allow Relay IP list edit problem.

FINGER SERVICE

• NEW:  Enhanced the finger service so that the system can send host generic information to any finger client. Examples:

finger info@domain.com
finger info-bbs@domain.com
finger info-support@domain.com
finger info-products@domain.com
finger info-etc@domain.com

The way this works is you create files in the DATA\ directory:

data\finger-info.txt
data\finger-bbs.txt
data\finger-support.txt
data\finger-products.txt
data\finger-etc.txt

By default, finger info@domain.com will display a finger-info.txt file if available. To display any other file, you would use this syntax:

finger info-XXXX@domain.com

and then you would create the file data\finger-XXXX.txt

So in your FINGER-INFO.TXT we recommend that you introduce your system and explain how to use the info command to display any other information file or service you may have.

Example: Finger-info.txt

Welcome to Santronics Online!

To see other information files, type:

finger info-support@santronics.com to see support information.

finger info-products@santronics.com to see product information.

Thanks, Tech Support

END OF CHANGE HISTORY