Full phpIPAM Changelog
== 1.7.0 New features: ------------ + Full php8.3 compatibility; + Added support for passkeys / passwordless logins; + API: + Added API changelog; Bugfixes: ---------------------------- + Fixed Use UTF-16LE encoding for XLS sheet names, and UTF-8 as input encoding (#3977); + Fixed Update login_form.php for installation inside subdir (#3954); + Fixed php8 constructor fix for radius class (#3985); + Fixed Force mac address update during status update scan (#3791); + Fixed RADIUS authentication fails on 1.6.0 (#3986); + Fixed cannot add NAT issue (#3993); + Fixed Various Linked Addresses issues (#3275, #4188, #4189, #3274); + Fixed Duplicates tool not finding ALL duplicates (#4161); + Fixes fetch_favourite_subnets function returns empty array instead of false (#4182); + Fixed Dashboard widget widths are not correct percentage (#4176); + Fixed remove_offline_addresses.php can't execute (#4173); + Fixed Searches do not properly organize results (#3917) + Fixed Expand/compress all folders not working properly (#3583); + Fixed Bug when adding a user to a group (#4137); + Fixed Password validation errors (#4099,#2423); + Fixed Ripe import results in jQuery error (#4007); + Fixed Ripe import crashes if too many subnets are found (#4180); + Fixed Devices with height 0 crash Rack image generation (#4193); + Fixed Custom field not working in Routing module (#4174); + Fixed Circuit Type showing differently in two windows (#4104); + Fixed Vault Item Custom Field not writable (#4058); + Fixed Undefined variable when adding nameserver (#4230); + Fixed Tag Management Color Picker (#3629); + Fixed Arrows for linked addresses do not match between themes (#4216); * Fixed Captcha and invalid login checks (#3480, #4198); + Fixed 2FA TOTP validation issues (#3724); Enhancements, changes: ---------------------------- + Added support for redundant PowerDNS databases (#3981); + Added option to export data for VLAN,VRF and Devices directly from tools page; + Added option to disable OpenStreetMap address geoip lookups; + Added $api_stringify_results config.php option for php81 API backwards compatibility; + Added support for newly added widgets to be sortable with jQuery (#4711); + Added support for using widget parameters; added recent_logins widget (#4184); Security Fixes: ---------------------------- + Upgraded jQuery to 3.7.1; + Upgraded bootstrap to 3.4.1; + Upgraded jQuery-ui to 1.13.3; + Cookies set without Secure attribute; + Multiple XSS injections (#4145,#4146,#4147,#4148,#4149.#4150,#4151); + HTML DOM XSS injection via filenames when uploading (#4160); + Escape loaded database strings by default, stored XSS defense; + Increase minimum 2FA secret length to 32 (160bit); + Disable /app/install/ helper scripts via config.php $disable_installer; + LDAP user searches sent without ssl/tls; == 1.6.0 Enhancements, changes: ---------------------------- + Partial php8.3 compatibility; + MySQL 5.7.7+ is now required (support for utf8mb4); Security Fixes: ---------------------------- + SQL injection in custom field enum/set types; + Directory traversal possible in RIPE query; + XSS (reflected) in 'bw-calculator-result.php'; + XSS (reflected) by invalid email address response; + XSS (reflected) by /app/tools/subnet-masks/popup.php (#3738); + XSS (stored) in user widget settings; + XSS and LDAP injection in ad-search-result.php; + XSS and LDAP injection in ad-search-group-result.php; + Restrict find_full_subnets.php to CLI; + Ensure confidentiality of database password; == 1.5.0 New features: ------------ + Mark subnet as isPool to allocate network and broadcast addresses; + Optionally hide section subnet menus; + L2 Domains user permissions; + Add scanPingType=="none" option to disable scanning; + Custom fields on IP request forms (#2956); + Added subnet free space map for each possible subnet mask; + Added Vaults (Certificate and password storing); + Added Tools->Duplicate subnets & IP page; + Added config.php offline_mode to disable server-side Internet lookups (#3462); + Added MAC vendor lookup widget; Enhancements, changes: ---------------------------- + php7.4 compatibility; + SameSite attribute enabled for site cookies; + SAML2 + php-saml updated to 3.4.1 (#3055); + Removal of php-mcrypt dependency; + Drop support for idpcertfingerprint; + MAP_SAML_USER and SAML_USERNAME config.php configuration moved to db; + php-saml protocol debugging; + Support for signed assertions; + SAML usernames can be extracted from assertion attributes (#2948); + JIT auto-provisioning of accounts (#3389); + Selectable mask for number of subnets/hosts in subnet masks; + Switch from Google Maps to OpenStreeMap and Nominatim; Bugfixes: ---------------------------- + Fixed upgrade queries issues from 1.3.x to 1.4+ (#3130); + Fixed boolean printout in footer (#2625); + Fixed BGP Admin isn't working (#2631); + do not show statistics in dashboard widget for disabled modules (#2602); + MySQL 8.0 compatibility. (#2646,#2239,#3036); + MariaDB Galera Cluster compatibility (#2498,#3413); + Permit non-numeric postcodes for customers (#2393); + Bandwidth calculator - 400 Bad Request (#1807,#2648); + Table layout not aligned (#2656,#3105,#3113); + Improve scanning requirement checks (#1183); + Date picker hidden (#2673); + PDNS Add/Edit DNS record not working for normal users (#2686); + Unable to save settings with link addresses = text custom field (#2702); + Kea MAC address display issue (#2704); + Returned custom fields to devices table (#2572); + Invalid scan agent key warning; + Subnet filter issue when IP contains 0 octet. (#2748); + Add VLAN button not working (#2741); + Incorrect subnet links in /tools/vrf/ view. (#2774); + Location data missing in exports. (#2833); + Check mysqldump path when exporting database; + Current rack position missing when editing a device. (#2545); + Permit colon in firewall zone interface names (#2737); + Fixed PowerDNS txt SPF editing (#1641); + Blank 'MAC' on SNMP-ARP and SNMP-MAC scans (#2911); + Incorrect network/broadcast calculation for IPv6 (#2879); + Increase allowed email and password lengths (#3021); + Wrong unit location for dual-sided racks (#3086); + Linked ip_addr shows integer notation (#3100); + Invalid scan type () error (#2785); + Invalid CSRF cookie editing rack items (#2556); + FPing discovery marks all addresses as alive (#2888); + Subnet usage calculation updated for nested subnets; + SNMP, number of discovered hosts exceed maximum warning (#3279); + Exclude IPv6 from Ping and Discovery scans (#3354); + Fix for SAML/2FA/login redirections (#3492, #3435, #3517); + php_sessions table doesn't exist error when upgrading (#3417); + Changelog data too long for column errors (#3376,#3398); + RFC 6265 compliant cookies (#3452); + Require unique subnets not working as intended (#3529); + API: + Fixed /user/ calls for SSL with app code (static app code); + Address IP field not displayed when using filter_by (#2934); + Addresses first_free & Subnets first/last_subnet thread safety (#2960); Security Fixes: ---------------------------- + SQL injections processing `tableName` (#2738); + SQL injections processing `ftype` (#2751); + All circuits map, PHP object injection (#2937); + Upgraded jQuery to 3.5.1 (#3119); + Stored XSS in instructions widgets (#3025, #3360); + PHP session ID fixation (#3342); + XSS (reflected) in IP calculator (#3351); + XSS in pass-change/result.php (#3373); + SQL injection in edit-bgp-mapping-search.php; + Stored XSS in the "Site title" parameter; + XSS while uploading CVS files; + XSS (reflected) in 'find subnets'; + Incorrect privilege assignments (#3506); + XXS (reflected) in ripe-arin-query; + XSS (reflected) in import previews; Translations: ---------------------------- + Update Traditional Chinese support to version 1.5 (#2658); + Update Simplified Chinese Translation (#2725); + Italian (it_IT) translation added (#2813); + Updated German translation (#2970, #3065); + Updated Russian translation (#3028, #3367); == 1.4.0 New features: ------------ + Configurable password policy; + Sessions can be now stored in database (#516); + Two-factor authentication - otp (Google Authenticator); + Customers module (#694); + Routing module (BGP) (#2135); + Search for free subnet inside whole section; Enhancements, changes: ---------------------------- + Circuits enhancements (Virtual Circuits); + Dropped support for 32bit systems; + PHP 5.4 is now required; + Added compressed actions dropdown; + SNMP module no longer requires MIB files; + Performance enhancements running under Azure/Amazon; + Added option to disable user (#1327); + Added policy NAT option; + Added custom NAT fields; + Rack module enhancements (#1325): + Dynamic rack sizes; + Top-down / Bottom-up racks; + Custom rack devices independent of devices (power, patch panel); + Customized user permissions for modules: + VLAN module; + VRF module; + PowerDNS module; + Circuits module; + Customers module; + Devices module; + Rack module; + NAT module; + PSTN module; + Locations module; + API: + New API security type - SSL with app code (static app code); + New config.php option $api_allow_unsafe to allow non-SSL API queries; + Added last access field to api; + Add Mac Search for Addresses controller (#2005); + New overlapping API call; + New global API parameter filter_match = full,partial,regex; + Add Tools API customers submodule; + Fix filtered results to always return data as array (#2558); + Widgets: + New user instruction widget (#2383); Translations: ---------------------------- + Japanese (ja_JP) translation added; + Traditional Chinese (zh_TW) translation added; Bugfixes: ---------------------------- + Fix appended " U" in Rack description (#2046); + Fix Bandwidth calculator - 400 Bad Request. (#1807); + Fix bad DNS reverse zone for /23 subnet (#666); + Fix Add missing standard field (#2153); + Fix Consistency of VARCHAR Size on 'owner' column across tables (#2136); + Fix Subnet details - Filter button missing when compressed range is used (#2353); + Fix slow page load times with linked addresses (#2324); + Fix " - is required" error when adding IPs with an empty IP filter set (#2334); + Fix column 'masterSubnetId' cannot be null error when adding subnets (#1977); + Fix logical circuits add/delete errors (#2381); + Fix adding new VLANs to an empty L2Domain (#2400); + Fix Nested child subnets with "na" permissions visible (#2223); + Fix translations containing apostrophes break functionality (#2504); + Set requestedAuthnContext to false for SAML (#2457); + API: + Fix inconsistent API success value returned (#2045); + Fix filter_by functionality (#2392); + Fix PATCH functionality (#2470, #2481); Security Fixes: ---------------------------- + Hide SNMP community (#2197); + Hide LDAP/AD/Radius username / password and secret from logs and syslog (#2006); + XSS in phpipamredirect cookie (#2338); + XSS in print-user.php, CSRF in user-edit.php (#2326); + Possible SQL injection in nat/item-add-submit.php (#2344); + Fixed possible file inclusion in editing authentication methods; + XSS in subnet-scan-telnet.php, CSRF in subnet-scan-execute.php (#2327); == 1.3.2 Enhancements, changes: ---------------------------- + Dark theme added; + Full php7.2 compatibility; + url_rewrite has changed, please use new rewrite scheme (https://phpipam.net/news/new_rewrite_scheme/); + Search for matching subnet in all VRFs feature enabled when importing addresses; + Added new config option to show custom fields separated from standard fields when editing IP address; + Added Required fields subpage to define IP address fields that must be filled in; + Performance + bug fixes (#1660, #1657); + MasterSubnet dropdown list is dynamically generated via AJAX call; + Bandwidth calculator; + Support 8U rack sizes. (#1891); + API: + New last_subnet API calls (#1655); Translations: ---------------------------- + German translation updated to version 1.3.1; + French translations updated. (#1881); Bugfixes: ---------------------------- + Fixed uncaught error if vlan number exceeds max permitted (#1455); + Fixed Illegal string offset 'dns_name' in pingCheck.php errors (#1461); + Performance fix for subnet_dropdown_print_available (#1562); + Fixed logo updater for apache v2.4 (#1582); + Fixed section names containing spaces are not included in exports (#1566); + Allow DNS wildcard records (#1571); + Fixed slow mac address vendor decoding for subnet detail view (#1658); + Performance fix for detecting overlapping subnets. (#1052, #1426, #1533); + Performance fix for slow mac address vendor decoding (#1658); + Performance fix for subnet API first_subnet & all_subnets calls; + Performance fix for delegating subnet permissions; + Convert to UTF-8 encoding on import/export to preserve dialectics (#1659, #1700, #1728); + Importing IPs loose Mac Addresses (#1607); + Section names containing spaces are not included in exports. (#1566); + Bug with section and dashboard (#1593); + Fixed improper contents in plain text part of notification e-mails (#1707); + Reduce size of email notifications (#1643); + PHP 5.3 compatibility fixes (#1594, #1730); + PHP 7.2 compatibility fixes (#1683, #1714); + Fixed notification e-mails contain a broken link. (#1708); + Allow dots to be used in domain names. (#1747); + Use multi-byte compatible functions when shortening text. (#1753); + Scan subnet reports/selects invalid php path. (#1757); + Small code refactoring (#1699); + Rack device start position overwritten. (#1545); + Sections with folders returns no subnets using API. (#1883); + Add custom_ prefix to Prefix controller custom fields. (#1836); + Non-Admins missing the button to Add circuit. (#1902); + Wrong field name of deviceTypes table when checking device type. (#1910); + SNMPv3 improvements; + Misc IPv6 fixes; Security Fixes: ---------------------------- + Code injection in Name field. (#1667); + XSS (reflected) in SubnetID param. (#1702); + CSRF enables open mail relay. (#1703); + Reflected XSS requiring user interaction on search. (#1705); + XSS reflected via CSRF in preview.php. (#1706); + Reflected XSS via CSV upload. (#1742); + Reflected XSS on 'mac' parameter. (#1903); == 1.3.1 New features: ------------ + Circuits module (circuits, providers, map, ...) (#731); Enhancements, changes: ---------------------------- + Racks: + Automatic location assignment when device added to rack (#1230); + Rack map showing map of all racks in location; + Rack back side; + Compact menu layout (per-user setting, showing only icons); + Network to network static nat; + Selectable logo size (from config.php) (#952); + Added default option for permissions propagations (#1351); + API: + Added Circuits controller; + Encrypyted requests can now also be form-encoded (#1191); + Introduce mcrypt AES compatibility (#1516); + Fixed field ip not displayed when filters applied (#1529); + New resolve hostnames option for subnet (#1222): + Updates hostnames via pingCheck.php script (if parameter set for subnet); + Updates hostnames via resolveIPaddresses.php script (if parameter set for subnet); + On-the-fly empty hostname update if resolved (if parameter set for subnet and enabled globally); + Added this infor to tools > scanned networks; + Added custom_ prefix to custom field names to avoid duplication with custom fields (#1387); + Added option to hide IP requests for unauthenticated users on login page (#1394); + Performance optimizations for locations and subnet usage calculation; + Added user groups custom fields; Translations: ---------------------------- + French translation updated to version 1.3; + German translation updated to version 1.3; Bugfixes: ---------------------------- + Fixed RACK images not displayed if not root location (#1204); + Fixed import gateway ip (#1240); + Fixed JSON_UNESCAPED_UNICODE for PHP 5.3 (#1135, #1245); + Rename class Thread to PingThread to avoid naming conflict with pthreads Thread class (#1254); + Fixed custom fields integer on subnet (#1266); + Fixed Import IP-address doesn't update location (#1284); + Fixed json_error for logo upload (#1256); + Fixed CSRF error when moving orphaned addresses (#1303); + Fixed VRF fetching via API by Id; + Fixed map issues when quotes are in name/description (#1384); + Fixed item not removed from NAT when deleted (#1378); + Fixed Error when error_reporting = E_ALL about strict standards when importing IP addresses (#1372); + Fixed Apostrophe errors in text custom fields (#1375); + Fixed API error when creating address under folder (#1507); + Fixed SNMPv3 (#1119); Security Fixes: ---------------------------- + Fixed XSS issues (#1403, #1521, #1500); == 1.3.0 New features: ------------ + Multicast module (RFC1112, RFC2464) with IP to MAC mapping and multicast networks overview; + Threshold module for subnets; + Racks module (Rack drawing) for devices; + Address linking by selected field; + Custom logo for site and mails; + PSTN number management module; + SNMP module: + Subnets discovery from route table (all subnets, nested subnets, add new subnet); + Hosts discovery scans via ARP check/interface check; + Hosts discovery scans via ARP + MAC address check (detects interface); + VLAN discovery; + VRF discovery; + Status update scans via ARP check; + NAT module + Source / static / destination NAT; + Linking subnet to NAT + Show bindings under tools and next to IP address / subnet + Locations module + Map devices / racks / subnets to location; + Google maps integration; + SAML2 authentication (SSO) Enhancements, changes: ---------------------------- + Folders can now contain addresses; + API: - Api v1 removed; + If subnet gateway defined gatewayId is returned in subnet details; + Automatically added nameservers to subnet results; + Added subnet usage result for each subnet in section; + Added custom fields for all controllers; + New subnets automatically get parent permissions; + Added IP calculation to subnet; + Changed all not_found when searching objects to 404 and all invalid parameters to 409 (conflict); + If new item is created id will be available in response field “id”; + New parameter $time_response in api/index.php that will return execution time in field “time"; + Extensive first_free subnet calls search speedup; + POST transaction locking; + All first_free and first_address responses are now "data" instead of "ip" and "subnet" for consistency; + Subnet splitting now copies over custom fields values by default (user custom_fields=no to revert); + Added API option to nest custom_fields to assure correct structure; + Added option to show/hide links in api by default for each app; + Changed API http response codes; + New methods: + users: GET /user/expires/ // returns token expiration date GET /user/token-expires/ // returns token expiration date GET /user/users/ // returns all users (rwa app permissions required) GET /user/admins/ // returns all admin users (rwa app permissions required) + addresses: GET /addresses/first_free/{subnetId}/ // returns first available address (subnetId can be provided with parameters) GET /addresses/{ip}/{subnetId}/ // returns IP address from subnet GET /addresses/search/{hostname}/ // Will search addresses by hostname DELETE /addresses/{ip}/{subnetId}/ // deletes IP address from subnet POST /addresses/first_free/{subnetId}/ // will search for first free address in subnet, creating new address + subnets: GET /subnets/{id}/addresses/{ip}/ // returns IP address from subnet GET /subnets/{id}/first_free/ // returns first free address in subnet GET /subnets/{id}/first_subnet/{mask}/ // returns first available subnets with specified mask GET /subnets/{id}/all_subnets/{mask}/ // returns all available subnets with specified mask POST /subnets/{id}/first_subnet/{mask}/ // creates first free subnet under master with specified mask DELETE /subnets/{id}/permissions/ // removes permissions PATCH /subnets/{id}/permissions/ // sets subnet permissions (?grouname1=ro&groupname2=3&43=1) + New controller Prefix; + New controller Devices; + New subcontrollers: + /tools/nat/ + /tools/racks/ + /tools/locations/ + Widgets: + New threshold widget; + New inactive hosts widget; + New Locations widget; + PowerDNS: + Default domain for PTR records (if hostname is not set); + When removing IP address additional option that removes all associated PDNS records (ip and hostname); + Permit normal users to manage VLANs / VRFs; + Inactive (offline) hosts tools page; + MAC address normalization; + jQuery tables; + Permission delegation now only delegates changes not whole permission set; + Users with RWA permission can manage IP requests and receive IP request mails + changelog mails for subnet; + IPv4 subnet link to IPv6 for dual-stack info; + Removed inaccessible DNS servers if timeout to prevent page load timeouts; + Added option to only show supernets to limit pageload [#844 #816 #736]; + Added last scan info to subnet details; + Added option to update address tags when address state change occurs (pingCheck) [#840]; + Added maintenance mode; + Added inactive addresses removal script; + Subnet overlapping now checked also inside folders to prevent duplicates; + Subnet overlapping now checked also between sections if VRF defined; + Added new settings directive that requires unique subnets across sections; + Added index check in verify database to detect and fix possible missing DB indexes; + Added MAC address vendor display option; Bugfixes: ---------------------------- + PowerDNS regenerate PTR records now only updates current subnet (before whole zone); + Fixed visual bug on 32-bit systems; + Normal users with RWA permissions can scan subnets; + Changed default timestamp from 0000-00-00 00:00:00 to 1970-01-01 00:00:01 to avoid SQL install errors if strict mode; + Fixed https access on non-standard ports; + Extended username to 255 chars for LDAP logins; + Fixed search export invalid encoding and data may have been lost XLS file error; + Fixed invalid character encoding in API responses; + PowerDNS records cannot be created on slave zone; + Fixed subnet resizing bug if subnet contained slaves; + Added separate CSRF cookies for each address/subnet/pstn object; + Deleted items are now shown and searchable from changelog; == 1.20.1 Translations: ---------------------------- + French translation updated to version 1.2; + German translation updated to version 1.2; Bugfixes: ---------------------------- + Fixed upgrade bug that selected invalid auth method for AD/LDAP users; + Fixed LDAP problems after 1.2 upgrade; + Fixed PowerDNS Slave with multiple masters delimiter error; + Fixed PowerDNS PTR records not being updated automatically; + Fixed csrf cookie bug when editing folder; + Fixed csrf cookie bug when truncating subnet; + Fixed invalid code for API crypt method; + Fixed strange headings font display in Firefox; + Fixed invalid proxy settings in config.dist.php; + Fixed search same hostnames in db link form address table; + Fixed import subnet bug caused by fw object; + Fixed Subnet Import (Preview button > no action); == 1.20 New features: ------------ + Added multiple simultaneous authentication methods (Apache, AD, LDAP, Radius, NetIQ); + Added fping scanning support; + Added selectable scanning type (ping/pear/fping); + Added L2 domains; + Added option to define address as default GW for subnet; + Added customizable address tags with compressed option; + Added temporary subnet / address shares; + Added quick subnet masks; + Added nameserver sets per subnets (jonashauge); + Added optional syslog as log location; + REST API: + documentation: http://phpipam.net/api-documentation/ + API v2, old v1 support added + Complete rewrite of all API calls; + New security models (crypt, ssl, none); + Support for custom fields; + JSON / XML output + Full read/write controllers (Sections, Subnets/Folders, Addresses, Vlans, Vrfs); + PowerDNS integration: + Automatic reverse records creation (PTR) - IPv4 and IPv6; + Automatic SOA, NS record creation; + DNS domain management; + Added Scan agents to scan subnets remotely; + Added firewall zone mappings and module; + Added per-subnet DNS resolvers; + Added option to mark subnet as utilized (full); Enhancements: ---------------------------- + All tables are now InnoDB by default; + Upgraded jQuery to 2.1.3; + All functions rewritten to classes/methods; + Parameterized all SQL queries, moved from MySQLI to PDO; + Added VLAN/VRF to search and to search results export; + Redesigned admin and tools menu; + Added scanned/discovered subnets to tools for faster overview; + Per-user display settings; + New widget - tools shortcuts; + New widget - IP calculator; + New widget - request IP address; + Clickable links for subnet fields; + Custom VRF fields; + Subnets can be now linked to devices; + Import/export enhancements; + Fast user switching for admins to impersonate user; + Opened folders and subnets in tree menu are saved on page reload; + RWA users can now process IP requests; + Added auto-suggest for possible slave subnets; + SSL option for MySQL connections; + Enum custom field support; + Added password reset script; + Set sections to display VRF in; Security Fixes: ---------------------------- + Parameterized all MySQL querries; + Fixed plainpass being logged on user update; + Fixed XSS exploit on /error/; + Added CSRF protection to forms; Translations: ---------------------------- + Added Czech translation; Bugfixes: ---------------------------- + Fixed bug with SSL/TLS smtp servers; + Fixed visual subnet display issues on 32bit systems; + Fixed IPv6 split subnets bug; + Fixed /31 ping bug scanning out of boundaries; + Fixed nested broadcast not counted to used percentage; + Fixed invalid redirect after timeout; + Fixed discovery script index overridden; + Fixed dashboard graphs links to subnets; + Fixed Invalid ID on subnet scan of large subnets; == 1.1.010 Bugfixes: ---------------------------- + Fixed login fails with LDAP when escape characters are in password; + Fixed login not working with spaces in password for AD login; + Fixed Ivalid action when adding vlans from subnet popup menu; + Fixed custom fields not appearing properly on IP request editing; + Fixed Invalid ID error for IP address details on sorting; + Fixed warnings if no VLAN search results are present; + Fixed test mail not sending; + Fixed unable to login if $phpsessname not defined; + Fixed unable to login after upgrade; == 1.1 Enhancements: ---------------------------- + Caching of SQL results to avoid multiple queries; + Reduced number of DB queries; + Added selected mail notifications to admins to be notified on IP/subnet change; + Added new subnetId index to ipaddresses table that significantly improves network loading; + Now using only 1 network connection towards MySQL server; + Updated pagination; + mod_rewrite no longer required, selectable URL structure under settings; + Added option not to display free ranges; + Added option to set maximum VLAN number; + Selectable custom fields to be visible/hidden in tables view and updated device/VLAN view; + Added additional confirmation before section, subnet, folder and IP address deletion; + New script added for cron checks that discovers new hosts for selected networks; + Added inactivity timeout to settings; + Changed install procedure and updated install scripts; + Added PEAR check for installation; + Added free range display for VLANs; + Addes SSL/TLS option for SMTP mail; + API: + Bugfixes; + Added API admin permissions; + read/delete actions for IP addresses; + read/delete actions for Vlans; + read/delete actions for VRFs; Security Fixes: ---------------------------- + Fixed known command injection vulnerabilities in the scan functions; + Fixed known SQL injection vulnerabilities; + Fixed known XSS vulnerabilities; + Fixed known action XSS events; + Moved to crypt method for storing password in database with salting; + Added option to force user to change pass after first login; + Admin password must be changed after installation; + Added captcha code request after 5x unsuccesfull login to prevent brute-force attacks; Translations: ---------------------------- + Added es_ES translation; Bugfixes: ---------------------------- + Fixed top 10 widgets not escaping strings; + Fixed section parent can be set to self that caused section to disappear; + Fixed username instead of password being sent to smtp server; + Fixed IE search bug with workaround; + Fixed subnet and bcast not showing on strict mode disabled; + Fixed top subnets missing on dashboard for non-admin users; + Fixed bug when installation was silently failing because pf missing _() function (missing gettext extension) + Fixed device custom field not populated on adding device; + Fixed XLS export silently failed when description longer than 31 characters; + Fixed overlapping check not working; + Fixed subnet free space calculation; + Fixed visual subnet display not showing on /31 and /32 networks; + Fixed custom fields display on folder edit; + Fixed unable to edit IP addresses when fields are sorted; + Fixde ordering of custom fields defaults to varchar 256; + Fixed IPv6 subnet / broadcast calculation bug and next subnet suggestion; == 1.0 New features: ---------------------------- + IP address page with IP address details and IP history (Changelog); + IP address changelog, subnet and section changelogs with full changelog under tools; + Favourite subnets for quick access; + Adding subnets from free space with automatic mask provided; + Automatic database validity check after upgrading and automatic field/table fix under administration; + Automatic weekly check for new phpipam version; Enhancements: ---------------------------- + Bootstrap 3; + UI enhancements; + Improved views based on browser width; + Widget order can now be set; + Widgets can be reordered (dragged) directly on dashboard; + Subnet can now be splitted to max 256 new subnets (16 before); + Scan settings are moved to Administration; + Widget management has moved to administration, which allows creation of new widgets; + Improved ICMP error detection; + Mail settings can now be set on gui (localhost / smtp); + Popup windows are now draggable; + VLAN adding in the fly enhancements; + Master section now shows all subnets in subsections; + Tools > devices redone; + DeviceTypes can now be edited/set/added; + Ping subnet enhancements; + Custom field types are now definable (int/varchar/date/datetime/text/bool/set); + Date and timepicker popups if type = date/datetime; + For `set` and boolean custom fields dropdown is presented that users can pick; + Favourite subnets widget; + IP requests widget; + Changelog widget; Translations: ---------------------------- + Added Brazil translation (Michel Braga Guimarães); Bugfixes: -------- + UI fixes; + Fixed bug where last page of IP addresses was inaccessible; + IP address state change is now sent to all admins; + Fixed subnet displaying as 0.0.0.0/0 in details; + Fixed links to subnets form vlans and vrfs; + Fixed search result showing all folders if searched item is not IP address; + Fixed disappearing section when L2 section was selected as master section; + Fixed device ID showing in mail notification instead of hostname; + Fixed device ID showing in search results and export instead of hostname; + Fixed search for subnet name returned no results; + Fixed apostrophe in IP address description throws SQL error for scan results and XLS import; + Fixed requester email gets cut if longer than 32 chars; + Fixed admin folder edit appearing as subnet; + Fixed missing device/port in import; + Fixed master section delete did not delete subsections and belonging subnets/ips; + Fixed online status was not updated when running Ping status scans; + Fixed Folder name not appearing when deleting folder; == 0.9 New features: ---------------------------- + Support for ICMP network discovery; + Cron script to check status for selected subnets/hosts with threading suport (pcntl php extension required); + ICMP check IP status in demand; + Compressed (grouped) DHCP IP ranges; + API server version 0.1; + Option to show and group subnets by VLAN in subnets list; + Option to show and group subnets by VRF in subnets list; + Added subsections; + Added AD username search; + Added folders; Enhancements: ---------------------------- + Added error catching/displaying for ajax-loaded php scripts; + Added default language for login/requests display and new users; + Added direct links to different pages in IP address table; + Subnets can now be edited directly from nested subnets list; + When adding nested subnets default vlan/vrf is selected from parent; + Added Section ordering; + Added per/section subnet ordering (overrides default form settings); + Clicking on section now shows all subnets and belonging details; + If session timeouts after re-login last requested page will be opened; + Searh for IP address now returns also subnet, even if IP is not existing; + Per-user selection of widgets to display; + Added description and required field checkbox for custom IP/Subnet Fields; + Added custom device fields; + Mails are now sent through phpmailer; + Admin user cannot be deleted; Translations: ---------------------------- + Added French translation (Denis Darré); + Added Dutch translation (Michiel Visser); + Added German translation (Carsten Brückner); Bugfixes: ---------------------------- + Fixed wrong VLAN display in tools; + Fixed subnet/section links from VLANS if base not /; + Fixed warning in apache log on subnet editing if no VRFs are configured; + Fixed admin menu off-screen overflow; + Fixed firefox error when selecting rights for section/subnets was not possible; + Fixed subnet description in Cyrillic problem; + Fixed errors on no permissions for user; + Fixed Inaccurate Free Space Calculation (and Chart); + Fixed VLAN permissions where VLAN was not displayed; == 0.8 New features: ---------------------------- + New group and permission management; + Support for translations; + Subnet resizing; + Subnet splitting into smaller subnets; + Added free space display for nested subnets; + Added visual display of subnet usage per IP address; + Added truncate network option that deletes all IP addresses in subnet; + Added button the updates subnet with RIPE information; Enhancements: ---------------------------- + Added add nested subnet under subnet details to simplify master subnet selection in hierarchy; + Added edit subnet link from search results; + Added reverse IPv6 DNS entries to IPCalc (Vincent Boisard); + Added option for plain-text emails; + Added ckEditor to write instructions; + StrictMode is not set globally anymore but set per section; + Added custom user fields; + Added option to verify that hostname is unique; + Improved MySQL exception handling; + Added mod_rewrite error detection on installation and upgrade; + Added hostname validation; + Added Hostfile dump of IP addresses; + Search also searches in custom fields; + jQuery updated to v 1.9.1; Bugfixes: ------------------------ + Fixed overlay on second popup; + Fixed IE search bug; + Fixed support for non-standard ports; + Fixed permitting overlapping subnets if vrfs are different; + Fixed dates in logging appearing in 12h format; + Fixed broken subnets link in tools > subnets if installation is not at document root; + Fixed error when adding new subnet if checkboxes are not selected in newer MySQL servers; + Fixed bad display of multilined navigation bar; + Fixed wrong output of tools > VLAN list when using Duplicate VLANs; + Fixed wrong link for upgrade script; + On VRF change all child subnets are updated also; + Fixed wrong maximum on dashboard top10 percentage; + Fixed Adding a vlan while editing a subnet resets the edit subnet form; + Fixed wrong free space calculation for nested subnets; + Fixed IP use statistics not cumulative up the hierarchy if subnets has slaves; == 0.7 New features: ---------------------------- + Completely rewritten UI using twitter's bootstrap as base; + Using mod_rewrite apache module to handle GET requests (new install requirements!); + Unlimited number of subnetting levels; + OpenLDAP authentication support; + New URL structure; + Sorting of IP addresses; + Custom subnet fields; + Custom VLAN fields and admin option to allow duplicate VLAN names (metro area VLANs); + Script to automatically update IP hostname, run via cron (functions/scripts/resolveIPaddresses.php); + Show Subnet name instead of subnet IP address option; + Strict mode option in config files that controls overlapping checks; + New subnet menu; + Added printLimit feature to break IP addresses into pages; Enhancements: ---------------------------- + Lots of UI changes; + Less Ajax usage to display websites and details; + Hierarchy display under subnet details (breadcrumbs); + Search results covering VLANs; + Custom IP fields ordering; + VLAN creation from adding/editing subnets; + IP addresses can now be edited; + Collapsed switch list; + Removing VLANs also removes references from subnet list; + Removing VRFs also removes references from subnet list; + Logs for admin on dashboard; + Search via GET; + Support for range networks (allows use of subnet and broadcast as IP); + Import of custom IP fields; + Ability to move subnets between sections; + Improved display of nested subnets now shows all IP addresses from nested subnets and orphaned IPs; + Hides display of custom fields in subnet if none is filled in whole subnet; + Replaced Highcharts with Flot because of licencing issues; Bugfixes: ------------------------ + Fixed error with missing custom IP fields when adding new IP address; + Fixed bug when deleting root subnet only deleted directly nested subnets (now whole tree); + Fixed checkboxes not working in various browsers; + Fixed change in switch details causing IP address associations to switch to be lost; + Fixed subnet description display in under subnet administration; + Fixed depricated error when showing XLS files; + Fixed error when custom fields were not updated on adding IP address; + Fixed error when custom fields were with spaces in name were not updated; + Fixed error when providing already requested IP address; + Search available also to viewer user types; + Fixed /127 and /128 IPv6 subnets; + Fixed /31 and /32 IPv4 subnets; + Significantly reduced php processing for dashboard statistics; + Fixed importing of if quote is present; == 0.6 New features: ---------------------------- + Selectable IP address list display fields; + Custom IP address fields; + Search and replace IP fields function; + Full page width theme; Enhancements: ---------------------------- + Independant VLAN management; + Added additional level of subnet nesting; + Added option to clear and export log files; + Export of search results to XLS; + Clickable search results; + Selectable export fields when exporting subnet; + Subnet can be deleted from ip address edit subnet; + IP Requests for locked subnets and viewer users can be placed from ip address list; + jQuery updated to v 1.7.1; + HighCharts updated to v 2.2.0; Bugfixes: ------------------------ + Upgrade is supported only for versions 0.4 and higher; + Fixed broken UTF-8 support; + Fixed wrong logging when authenticating via AD; + Fixed issues where external attacker might get information about internal hosts through resolvedns script; + Fixed wrong subnet nesting under administration/manage subnets; + Fixed editing subnet can be outside of its own root subnet; + Fixed errors when adding new switch auto-adds itself to all hosts without no switch defined; + Fixed removing switch not removed in ip address list; + Vlan1 can now be used; + Fixed mail sending settings with missing information; + Fixed errors on adding switch with no sections; + Fixed version check; + Removed masterSubnets from subnets available for IP requests; + Fixed error when non-admin user could not open dashboard; + Added how subnet list switch when list hidden; == 0.5 New features: ------------- + Importing subnets from RIPE by AS in admin section; + Added switch management and changed switch logic; + Added VRF support; + Added AD domain authentication; + Added MAC address field to ip address; + Added database table and belonging fields check under admin; Bugfixes / enhancements: ------------------------ + Added DNS resolving when editing/adding IP address; + Added IE compatibility meta tag and IE UI improvements for IE >= 8; + Search returns also subnets and MAC searches; + Added mac address and IP status to XLS import/export scripts; + jQuery update from 1.6.2 to 1.7; + Highcharts update from 2.1.2 to 2.1.8; + Fixed dashboard errors if no IPv4/IPv6 subnets configured; + Fixed errors with viewing / modifying IP addresses for Operator users; + Fixed session cookie error on hosts; + Fixed error when saving settings; + Fixed instructions errors when inserting html code; + Fixed first free IP address not displaying in IP request; == 0.4 New features: ------------- + Massive add / edit / delete by specifying IP range (e.g. 10.10.0.1 - 10.10.0.254); + Database upgrade / install from browser -> simplified installation/update procedure; + New usertype viewer - can only view IP address list; + Subnets can now be edited directly from IP address list; + Option to lock subnet for writing to no-admin users; + Device and Host list; + Option to specify which subnet can have IP requests when editing / adding subnet if module is enabled; + Latest version check on admin page; Bugfixes / enhancements: ------------------------ + Fixed overspanning of multiple sections; + Admin menu and add subnet now shown only to admins; + Fixed VLAN table to show nesting and IP request option and statistics; + Fixed subnet table to show nesting and IP request option; + Subnet Adding shows only master subnets in section not in all sections; + Tooltips and button hovers are now in separate javascript file; + Graphs show only subnets with non-0 ip addresses; + Various code enhancements + improved error handling; + Fixed URL links not updating after few clicks; + If loading slave subnet directly the subnet menu drops down and shows active slave subnet; + Clicking on master subnet shows all nested subnets and statistics; + Redesigned log table; + Fixed search; == 0.3 New features: ------------- + Subnet nesting - you can now have master subnet and normal subnets belonging to it; + Server settings are now moved to database and can be set under admin menu (database settings & debugging remain in config.php); + Request IP module on login page with email notification; + Confirm/reject IP address request from admin page with mail notification; + Admin dashboard notification of new requests; + Autocomplete of owner and Switch name from all available when adding/editing IP address; + New settings quick access on button hover; + Option to export each subnet individually; Bugfixes / enhancements: ------------------------ + jQuery update from 1.6 to 1.6.2; + VLANs are now grouped by section; + Direct access to subnet from vlan table; + UI enhancements; + Fixed user editing bug where user update broke password; + Fixed password in new account notification; + Fixed percentage display on Dashboard; + IPv6 calculator /64 limit fixed; + Changed tooltip effect to appear instantly for smoother display; + Login functions are now separate file; == 0.2 (First public version) Bugfixes / enhancements: ------------------------ + now also works with php 5.2; + fixed empty fields in xls import; + passwords are now stored in md5 hash; + high numbers for free/used IP addresses (mainly IPv6) are now represented in k/m/G values to improve readability; + fixed log search bug; + cursor not displayed as link on images and non-href links; + same add image on all pages; + fixed IP mail notification appearance; + UI enhancements and bugfixes; + Fixed some javascript bugs; + Minified javascript to make loading faster; + adding new ip address now automatically provides first available IP address in subnet; New features: ------------- + added switch / port fields to IP addresses; + hide subnets on request to get better view; + Informational tooltips added + option to disable them in config file if someone finds them annoying; + export whole IP address database to XLS file from admin menu; + create MySQL database dump from admin menu; + added IP instructions for users, that can be edited from admin menu; == 0.1 (First test version)
btn-xs
btn-xs