Dear all, I am happy to announce new release of phpipam IP address management – version 1.4. You can find full changelog below, please read it. You can download it on sourceforge site: phpipam-1.4 or on github.

Important notes:
  • Please read upgrade guide before upgrading!
  • As usual backup your database before upgrade.
  • PHP >= 5.4 is now required, phpipam will not work on older versions anymore
  • 64-bit systems are now required, phpipam will not work on 32-bit systems
Donations
If you find phpIPAM useful for your company donation would be highly appreciated to support further development of phpIPAM software!

Most "important" new features and enhancements are:
  • Two-factor authentication - otp (Google Authenticator)
  • Customized user permissions for modules
  • New API security type - SSL with app code (static app code, no need to get token)
  • Customers module
  • Routing module (BGP)
  • Configurable password policy
  • Virtual Circuits
And much more. You can find full changelog below, please read it.

Special thanks to all the people submitting bug reports, translators and feature testers, and of course special thanks to @GarryAllan for his work on this relase !


Full changelog for this release is:

== 1.4

    New features:
    ------------
    + Configurable password policy;
    + Sessions can be now stored in database (#516);
    + Two-factor authentication - otp (Google Authenticator);
    + Customers module (#694);
    + Routing module (BGP) (#2135);
    + Search for free subnet inside whole section;

    Enhancements, changes:
    ----------------------------
    + Circuits enhancements (Virtual Circuits);
    + Dropped support for 32bit systems;
    + PHP 5.4 is now required;
    + Added compressed actions dropdown;
    + SNMP module no longer requires MIB files;
    + Performance enhancements running under Azure/Amazon;
    + Added option to disable user (#1327);
    + Added policy NAT option;
    + Added custom NAT fields;
    + Rack module enhancements (#1325):
        + Dynamic rack sizes;
        + Top-down / Bottom-up racks;
        + Custom rack devices independent of devices (power, patch panel);
    + Customized user permissions for modules:
        + VLAN module;
        + VRF module;
        + PowerDNS module;
        + Circuits module;
        + Customers module;
        + Devices module;
        + Rack module;
        + NAT module;
        + PSTN module;
        + Locations module;
    + API:
        + New API security type - SSL with app code (static app code);
        + New config.php option $api_allow_unsafe to allow non-SSL API queries;
        + Added last access field to api;
        + Add Mac Search for Addresses controller (#2005);
        + New overlapping API call;
        + New global API parameter filter_match = full,partial,regex;
        + Add Tools API customers submodule;
        + Fix filtered results to always return data as array (#2558);
    + Widgets:
        + New user instruction widget (#2383);

    Translations:
    ----------------------------
    + Japanese (ja_JP) translation added;
    + Traditional Chinese (zh_TW) translation added;

    Bugfixes:
    ----------------------------
    + Fix appended " U" in Rack description (#2046);
    + Fix Bandwidth calculator - 400 Bad Request. (#1807);
    + Fix bad DNS reverse zone for /23 subnet (#666);
    + Fix Add missing standard field (#2153);
    + Fix Consistency of VARCHAR Size on 'owner' column across tables (#2136);
    + Fix Subnet details - Filter button missing when compressed range is used (#2353);
    + Fix slow page load times with linked addresses (#2324);
    + Fix " - is required" error when adding IPs with an empty IP filter set (#2334);
    + Fix column 'masterSubnetId' cannot be null error when adding subnets (#1977);
    + Fix logical circuits add/delete errors (#2381);
    + Fix adding new VLANs to an empty L2Domain (#2400);
    + Fix Nested child subnets with "na" permissions visible (#2223);
    + Fix translations containing apostrophes break functionality (#2504);
    + Set requestedAuthnContext to false for SAML (#2457);
    + API:
        + Fix inconsistent API success value returned (#2045);
        + Fix filter_by functionality (#2392);
        + Fix PATCH functionality (#2470, #2481);

    Security Fixes:
    ----------------------------
    + Hide SNMP community (#2197);
    + Hide LDAP/AD/Radius username / password and secret from logs and syslog (#2006);
    + XSS in phpipamredirect cookie (#2338);
    + XSS in print-user.php, CSRF in user-edit.php (#2326);
    + Possible SQL injection in nat/item-add-submit.php (#2344);
    + Fixed possible file inclusion in editing authentication methods;
    + XSS in subnet-scan-telnet.php, CSRF in subnet-scan-execute.php (#2327);

br, Miha