Full phpIPAM Changelog


== 1.7.0

    New features:
    ------------
    + Full php8.3 compatibility;
    + Added support for passkeys / passwordless logins;
    + API:
        + Added API changelog;

    Bugfixes:
    ----------------------------
    + Fixed Use UTF-16LE encoding for XLS sheet names, and UTF-8 as input encoding (#3977);
    + Fixed Update login_form.php for installation inside subdir (#3954);
    + Fixed php8 constructor fix for radius class (#3985);
    + Fixed Force mac address update during status update scan (#3791);
    + Fixed RADIUS authentication fails on 1.6.0 (#3986);
    + Fixed cannot add NAT issue (#3993);
    + Fixed Various Linked Addresses issues (#3275, #4188, #4189, #3274);
    + Fixed Duplicates tool not finding ALL duplicates (#4161);
    + Fixes fetch_favourite_subnets function returns empty array instead of false (#4182);
    + Fixed Dashboard widget widths are not correct percentage (#4176);
    + Fixed remove_offline_addresses.php can't execute (#4173);
    + Fixed Searches do not properly organize results (#3917)
    + Fixed Expand/compress all folders not working properly (#3583);
    + Fixed Bug when adding a user to a group (#4137);
    + Fixed Password validation errors (#4099,#2423);
    + Fixed Ripe import results in jQuery error (#4007);
    + Fixed Ripe import crashes if too many subnets are found (#4180);
    + Fixed Devices with height 0 crash Rack image generation (#4193);
    + Fixed Custom field not working in Routing module (#4174);
    + Fixed Circuit Type showing differently in two windows (#4104);
    + Fixed Vault Item Custom Field not writable (#4058);
    + Fixed Undefined variable when adding nameserver (#4230);
    + Fixed Tag Management Color Picker (#3629);
    + Fixed Arrows for linked addresses do not match between themes (#4216);
    * Fixed Captcha and invalid login checks (#3480, #4198);
    + Fixed 2FA TOTP validation issues (#3724);

    Enhancements, changes:
    ----------------------------
    + Added support for redundant PowerDNS databases (#3981);
    + Added option to export data for VLAN,VRF and Devices directly from tools page;
    + Added option to disable OpenStreetMap address geoip lookups;
    + Added $api_stringify_results config.php option for  php81 API backwards compatibility;
    + Added support for newly added widgets to be sortable with jQuery (#4711);
    + Added support for using widget parameters; added recent_logins widget (#4184);

    Security Fixes:
    ----------------------------
    + Upgraded jQuery to 3.7.1;
    + Upgraded bootstrap to 3.4.1;
    + Upgraded jQuery-ui to 1.13.3;
    + Cookies set without Secure attribute;
    + Multiple XSS injections (#4145,#4146,#4147,#4148,#4149.#4150,#4151);
    + HTML DOM XSS injection via filenames when uploading (#4160);
    + Escape loaded database strings by default, stored XSS defense;
    + Increase minimum 2FA secret length to 32 (160bit);
    + Disable /app/install/ helper scripts via config.php $disable_installer;
    + LDAP user searches sent without ssl/tls;

== 1.6.0

    Enhancements, changes:
    ----------------------------
    + Partial php8.3 compatibility;
    + MySQL 5.7.7+ is now required (support for utf8mb4);

    Security Fixes:
    ----------------------------
    + SQL injection in custom field enum/set types;
    + Directory traversal possible in RIPE query;
    + XSS (reflected) in 'bw-calculator-result.php';
    + XSS (reflected) by invalid email address response;
    + XSS (reflected) by /app/tools/subnet-masks/popup.php (#3738);
    + XSS (stored) in user widget settings;
    + XSS and LDAP injection in ad-search-result.php;
    + XSS and LDAP injection in ad-search-group-result.php;
    + Restrict find_full_subnets.php to CLI;
    + Ensure confidentiality of database password;

== 1.5.0

    New features:
    ------------
    + Mark subnet as isPool to allocate network and broadcast addresses;
    + Optionally hide section subnet menus;
    + L2 Domains user permissions;
    + Add scanPingType=="none" option to disable scanning;
    + Custom fields on IP request forms (#2956);
    + Added subnet free space map for each possible subnet mask;
    + Added Vaults (Certificate and password storing);
    + Added Tools->Duplicate subnets & IP page;
    + Added config.php offline_mode to disable server-side Internet lookups (#3462);
    + Added MAC vendor lookup widget;

    Enhancements, changes:
    ----------------------------
    + php7.4 compatibility;
    + SameSite attribute enabled for site cookies;
    + SAML2
        + php-saml updated to 3.4.1 (#3055);
        + Removal of php-mcrypt dependency;
        + Drop support for idpcertfingerprint;
        + MAP_SAML_USER and SAML_USERNAME config.php configuration moved to db;
        + php-saml protocol debugging;
        + Support for signed assertions;
        + SAML usernames can be extracted from assertion attributes (#2948);
        + JIT auto-provisioning of accounts (#3389);
    + Selectable mask for number of subnets/hosts in subnet masks;
    + Switch from Google Maps to OpenStreeMap and Nominatim;

    Bugfixes:
    ----------------------------
    + Fixed upgrade queries issues from 1.3.x to 1.4+ (#3130);
    + Fixed boolean printout in footer (#2625);
    + Fixed BGP Admin isn't working (#2631);
    + do not show statistics in dashboard widget for disabled modules (#2602);
    + MySQL 8.0 compatibility. (#2646,#2239,#3036);
    + MariaDB Galera Cluster compatibility (#2498,#3413);
    + Permit non-numeric postcodes for customers (#2393);
    + Bandwidth calculator - 400 Bad Request (#1807,#2648);
    + Table layout not aligned (#2656,#3105,#3113);
    + Improve scanning requirement checks (#1183);
    + Date picker hidden (#2673);
    + PDNS Add/Edit DNS record not working for normal users (#2686);
    + Unable to save settings with link addresses = text custom field (#2702);
    + Kea MAC address display issue (#2704);
    + Returned custom fields to devices table (#2572);
    + Invalid scan agent key warning;
    + Subnet filter issue when IP contains 0 octet. (#2748);
    + Add VLAN button not working (#2741);
    + Incorrect subnet links in /tools/vrf/ view. (#2774);
    + Location data missing in exports. (#2833);
    + Check mysqldump path when exporting database;
    + Current rack position missing when editing a device. (#2545);
    + Permit colon in firewall zone interface names (#2737);
    + Fixed PowerDNS txt SPF editing (#1641);
    + Blank 'MAC' on SNMP-ARP and SNMP-MAC scans (#2911);
    + Incorrect network/broadcast calculation for IPv6 (#2879);
    + Increase allowed email and password lengths (#3021);
    + Wrong unit location for dual-sided racks (#3086);
    + Linked ip_addr shows integer notation (#3100);
    + Invalid scan type () error (#2785);
    + Invalid CSRF cookie editing rack items (#2556);
    + FPing discovery marks all addresses as alive (#2888);
    + Subnet usage calculation updated for nested subnets;
    + SNMP, number of discovered hosts exceed maximum warning (#3279);
    + Exclude IPv6 from Ping and Discovery scans (#3354);
    + Fix for SAML/2FA/login redirections (#3492, #3435, #3517);
    + php_sessions table doesn't exist error when upgrading (#3417);
    + Changelog data too long for column errors (#3376,#3398);
    + RFC 6265 compliant cookies (#3452);
    + Require unique subnets not working as intended (#3529);
    + API:
        + Fixed /user/ calls for SSL with app code (static app code);
        + Address IP field not displayed when using filter_by (#2934);
        + Addresses first_free & Subnets first/last_subnet thread safety (#2960);

    Security Fixes:
    ----------------------------
    + SQL injections processing `tableName` (#2738);
    + SQL injections processing `ftype` (#2751);
    + All circuits map, PHP object injection (#2937);
    + Upgraded jQuery to 3.5.1 (#3119);
    + Stored XSS in instructions widgets (#3025, #3360);
    + PHP session ID fixation (#3342);
    + XSS (reflected) in IP calculator (#3351);
    + XSS in pass-change/result.php (#3373);
    + SQL injection in edit-bgp-mapping-search.php;
    + Stored XSS in the "Site title" parameter;
    + XSS while uploading CVS files;
    + XSS (reflected) in 'find subnets';
    + Incorrect privilege assignments (#3506);
    + XXS (reflected) in ripe-arin-query;
    + XSS (reflected) in import previews;

    Translations:
    ----------------------------
    + Update Traditional Chinese support to version 1.5 (#2658);
    + Update Simplified Chinese Translation (#2725);
    + Italian (it_IT) translation added (#2813);
    + Updated German translation (#2970, #3065);
    + Updated Russian translation (#3028, #3367);

== 1.4.0

    New features:
    ------------
    + Configurable password policy;
    + Sessions can be now stored in database (#516);
    + Two-factor authentication - otp (Google Authenticator);
    + Customers module (#694);
    + Routing module (BGP) (#2135);
    + Search for free subnet inside whole section;

    Enhancements, changes:
    ----------------------------
    + Circuits enhancements (Virtual Circuits);
    + Dropped support for 32bit systems;
    + PHP 5.4 is now required;
    + Added compressed actions dropdown;
    + SNMP module no longer requires MIB files;
    + Performance enhancements running under Azure/Amazon;
    + Added option to disable user (#1327);
    + Added policy NAT option;
    + Added custom NAT fields;
    + Rack module enhancements (#1325):
        + Dynamic rack sizes;
        + Top-down / Bottom-up racks;
        + Custom rack devices independent of devices (power, patch panel);
    + Customized user permissions for modules:
        + VLAN module;
        + VRF module;
        + PowerDNS module;
        + Circuits module;
        + Customers module;
        + Devices module;
        + Rack module;
        + NAT module;
        + PSTN module;
        + Locations module;
    + API:
        + New API security type - SSL with app code (static app code);
        + New config.php option $api_allow_unsafe to allow non-SSL API queries;
        + Added last access field to api;
        + Add Mac Search for Addresses controller (#2005);
        + New overlapping API call;
        + New global API parameter filter_match = full,partial,regex;
        + Add Tools API customers submodule;
        + Fix filtered results to always return data as array (#2558);
    + Widgets:
        + New user instruction widget (#2383);

    Translations:
    ----------------------------
    + Japanese (ja_JP) translation added;
    + Traditional Chinese (zh_TW) translation added;

    Bugfixes:
    ----------------------------
    + Fix appended " U" in Rack description (#2046);
    + Fix Bandwidth calculator - 400 Bad Request. (#1807);
    + Fix bad DNS reverse zone for /23 subnet (#666);
    + Fix Add missing standard field (#2153);
    + Fix Consistency of VARCHAR Size on 'owner' column across tables (#2136);
    + Fix Subnet details - Filter button missing when compressed range is used (#2353);
    + Fix slow page load times with linked addresses (#2324);
    + Fix " - is required" error when adding IPs with an empty IP filter set (#2334);
    + Fix column 'masterSubnetId' cannot be null error when adding subnets (#1977);
    + Fix logical circuits add/delete errors (#2381);
    + Fix adding new VLANs to an empty L2Domain (#2400);
    + Fix Nested child subnets with "na" permissions visible (#2223);
    + Fix translations containing apostrophes break functionality (#2504);
    + Set requestedAuthnContext to false for SAML (#2457);
    + API:
        + Fix inconsistent API success value returned (#2045);
        + Fix filter_by functionality (#2392);
        + Fix PATCH functionality (#2470, #2481);

    Security Fixes:
    ----------------------------
    + Hide SNMP community (#2197);
    + Hide LDAP/AD/Radius username / password and secret from logs and syslog (#2006);
    + XSS in phpipamredirect cookie (#2338);
    + XSS in print-user.php, CSRF in user-edit.php (#2326);
    + Possible SQL injection in nat/item-add-submit.php (#2344);
    + Fixed possible file inclusion in editing authentication methods;
    + XSS in subnet-scan-telnet.php, CSRF in subnet-scan-execute.php (#2327);

== 1.3.2

    Enhancements, changes:
    ----------------------------
    + Dark theme added;
    + Full php7.2 compatibility;
    + url_rewrite has changed, please use new rewrite scheme (https://phpipam.net/news/new_rewrite_scheme/);
    + Search for matching subnet in all VRFs feature enabled when importing addresses;
    + Added new config option to show custom fields separated from standard fields when editing IP address;
    + Added Required fields subpage to define IP address fields that must be filled in;
    + Performance + bug fixes (#1660, #1657);
    + MasterSubnet dropdown list is dynamically generated via AJAX call;
    + Bandwidth calculator;
    + Support 8U rack sizes. (#1891);
    + API:
        + New last_subnet API calls (#1655);

    Translations:
    ----------------------------
    + German translation updated to version 1.3.1;
    + French translations updated. (#1881);

    Bugfixes:
    ----------------------------
    + Fixed uncaught error if vlan number exceeds max permitted (#1455);
    + Fixed Illegal string offset 'dns_name' in pingCheck.php errors (#1461);
    + Performance fix for subnet_dropdown_print_available (#1562);
    + Fixed logo updater for apache v2.4 (#1582);
    + Fixed section names containing spaces are not included in exports (#1566);
    + Allow DNS wildcard records (#1571);
    + Fixed slow mac address vendor decoding for subnet detail view (#1658);
    + Performance fix for detecting overlapping subnets. (#1052, #1426, #1533);
    + Performance fix for slow mac address vendor decoding (#1658);
    + Performance fix for subnet API first_subnet & all_subnets calls;
    + Performance fix for delegating subnet permissions;
    + Convert to UTF-8 encoding on import/export to preserve dialectics (#1659, #1700, #1728);
    + Importing IPs loose Mac Addresses (#1607);
    + Section names containing spaces are not included in exports. (#1566);
    + Bug with section and dashboard (#1593);
    + Fixed improper contents in plain text part of notification e-mails (#1707);
    + Reduce size of email notifications (#1643);
    + PHP 5.3 compatibility fixes (#1594, #1730);
    + PHP 7.2 compatibility fixes (#1683, #1714);
    + Fixed notification e-mails contain a broken link. (#1708);
    + Allow dots to be used in domain names. (#1747);
    + Use multi-byte compatible functions when shortening text. (#1753);
    + Scan subnet reports/selects invalid php path. (#1757);
    + Small code refactoring (#1699);
    + Rack device start position overwritten. (#1545);
    + Sections with folders returns no subnets using API. (#1883);
    + Add custom_ prefix to Prefix controller custom fields. (#1836);
    + Non-Admins missing the button to Add circuit. (#1902);
    + Wrong field name of deviceTypes table when checking device type. (#1910);
    + SNMPv3 improvements;
    + Misc IPv6 fixes;

    Security Fixes:
    ----------------------------
    + Code injection in Name field. (#1667);
    + XSS (reflected) in SubnetID param. (#1702);
    + CSRF enables open mail relay. (#1703);
    + Reflected XSS requiring user interaction on search. (#1705);
    + XSS reflected via CSRF in preview.php. (#1706);
    + Reflected XSS via CSV upload. (#1742);
    + Reflected XSS on 'mac' parameter. (#1903);

== 1.3.1

    New features:
    ------------
    + Circuits module (circuits, providers, map, ...) (#731);

    Enhancements, changes:
    ----------------------------
    + Racks:
        + Automatic location assignment when device added to rack (#1230);
        + Rack map showing map of all racks in location;
        + Rack back side;
    + Compact menu layout (per-user setting, showing only icons);
    + Network to network static nat;
    + Selectable logo size (from config.php) (#952);
    + Added default option for permissions propagations (#1351);
    + API:
        + Added Circuits controller;
        + Encrypyted requests can now also be form-encoded (#1191);
        + Introduce mcrypt AES compatibility (#1516);
        + Fixed field ip not displayed when filters applied (#1529);
    + New resolve hostnames option for subnet (#1222):
        + Updates hostnames via pingCheck.php script (if parameter set for subnet);
        + Updates hostnames via resolveIPaddresses.php script (if parameter set for subnet);
        + On-the-fly empty hostname update if resolved (if parameter set for subnet and enabled globally);
        + Added this infor to tools > scanned networks;
    + Added custom_ prefix to custom field names to avoid duplication with custom fields (#1387);
    + Added option to hide IP requests for unauthenticated users on login page (#1394);
    + Performance optimizations for locations and subnet usage calculation;
    + Added user groups custom fields;

    Translations:
    ----------------------------
    + French translation updated to version 1.3;
    + German translation updated to version 1.3;

    Bugfixes:
    ----------------------------
    + Fixed RACK images not displayed if not root location (#1204);
    + Fixed import gateway ip (#1240);
    + Fixed JSON_UNESCAPED_UNICODE for PHP 5.3 (#1135, #1245);
    + Rename class Thread to PingThread to avoid naming conflict with pthreads Thread class (#1254);
    + Fixed custom fields integer on subnet (#1266);
    + Fixed Import IP-address doesn't update location (#1284);
    + Fixed json_error for logo upload (#1256);
    + Fixed CSRF error when moving orphaned addresses (#1303);
    + Fixed VRF fetching via API by Id;
    + Fixed map issues when quotes are in name/description (#1384);
    + Fixed item not removed from NAT when deleted (#1378);
    + Fixed Error when error_reporting = E_ALL about strict standards when importing IP addresses (#1372);
    + Fixed Apostrophe errors in text custom fields (#1375);
    + Fixed API error when creating address under folder (#1507);
    + Fixed SNMPv3 (#1119);

    Security Fixes:
    ----------------------------
    + Fixed XSS issues (#1403, #1521, #1500);

== 1.3.0

    New features:
    ------------
    + Multicast module (RFC1112, RFC2464) with IP to MAC mapping and multicast networks overview;
    + Threshold module for subnets;
    + Racks module (Rack drawing) for devices;
    + Address linking by selected field;
    + Custom logo for site and mails;
    + PSTN number management module;
    + SNMP module:
        + Subnets discovery from route table (all subnets, nested subnets, add new subnet);
        + Hosts discovery scans via ARP check/interface check;
        + Hosts discovery scans via ARP + MAC address check (detects interface);
        + VLAN discovery;
        + VRF discovery;
        + Status update scans via ARP check;
    + NAT module
        + Source / static / destination NAT;
        + Linking subnet to NAT
        + Show bindings under tools and next to IP address / subnet
    + Locations module
        + Map devices / racks / subnets to location;
        + Google maps integration;
    + SAML2 authentication (SSO)

    Enhancements, changes:
    ----------------------------
    + Folders can now contain addresses;
    + API:
        - Api v1 removed;
        + If subnet gateway defined gatewayId is returned in subnet details;
        + Automatically added nameservers to subnet results;
        + Added subnet usage result for each subnet in section;
        + Added custom fields for all controllers;
        + New subnets automatically get parent permissions;
        + Added IP calculation to subnet;
        + Changed all not_found when searching objects to 404 and all invalid parameters to 409 (conflict);
        + If new item is created id will be available in response field “id”;
        + New parameter $time_response in api/index.php that will return execution time in field “time";
        + Extensive first_free subnet calls search speedup;
        + POST transaction locking;
        + All first_free and first_address responses are now "data" instead of "ip" and "subnet" for consistency;
        + Subnet splitting now copies over custom fields values by default (user custom_fields=no to revert);
        + Added API option to nest custom_fields to assure correct structure;
        + Added option to show/hide links in api by default for each app;
        + Changed API http response codes;
        + New methods:
            + users:
                GET    /user/expires/                         // returns token expiration date
                GET    /user/token-expires/                   // returns token expiration date
                GET    /user/users/                           // returns all users (rwa app permissions required)
                GET    /user/admins/                          // returns all admin users (rwa app permissions required)
            + addresses:
                GET    /addresses/first_free/{subnetId}/      // returns first available address (subnetId can be provided with parameters)
                GET    /addresses/{ip}/{subnetId}/            // returns IP address from subnet
                GET    /addresses/search/{hostname}/          // Will search addresses by hostname
                DELETE /addresses/{ip}/{subnetId}/            // deletes IP address from subnet
                POST   /addresses/first_free/{subnetId}/      // will search for first free address in subnet, creating new address
            + subnets:
                GET    /subnets/{id}/addresses/{ip}/          // returns IP address from subnet
                GET    /subnets/{id}/first_free/              // returns first free address in subnet
                GET    /subnets/{id}/first_subnet/{mask}/     // returns first available subnets with specified mask
                GET    /subnets/{id}/all_subnets/{mask}/      // returns all available subnets with specified mask
                POST   /subnets/{id}/first_subnet/{mask}/     // creates first free subnet under master with specified mask
                DELETE /subnets/{id}/permissions/             // removes permissions
                PATCH  /subnets/{id}/permissions/             // sets subnet permissions (?grouname1=ro&groupname2=3&43=1)
        + New controller Prefix;
        + New controller Devices;
        + New subcontrollers:
            + /tools/nat/
            + /tools/racks/
            + /tools/locations/
    + Widgets:
        + New threshold widget;
        + New inactive hosts widget;
        + New Locations widget;
    + PowerDNS:
        + Default domain for PTR records (if hostname is not set);
        + When removing IP address additional option that removes all associated PDNS records (ip and hostname);
    + Permit normal users to manage VLANs / VRFs;
    + Inactive (offline) hosts tools page;
    + MAC address normalization;
    + jQuery tables;
    + Permission delegation now only delegates changes not whole permission set;
    + Users with RWA permission can manage IP requests and receive IP request mails + changelog mails for subnet;
    + IPv4 subnet link to IPv6 for dual-stack info;
    + Removed inaccessible DNS servers if timeout to prevent page load timeouts;
    + Added option to only show supernets to limit pageload [#844 #816 #736];
    + Added last scan info to subnet details;
    + Added option to update address tags when address state change occurs (pingCheck) [#840];
    + Added maintenance mode;
    + Added inactive addresses removal script;
    + Subnet overlapping now checked also inside folders to prevent duplicates;
    + Subnet overlapping now checked also between sections if VRF defined;
    + Added new settings directive that requires unique subnets across sections;
    + Added index check in verify database to detect and fix possible missing DB indexes;
    + Added MAC address vendor display option;

    Bugfixes:
    ----------------------------
    + PowerDNS regenerate PTR records now only updates current subnet (before whole zone);
    + Fixed visual bug on 32-bit systems;
    + Normal users with RWA permissions can scan subnets;
    + Changed default timestamp from 0000-00-00 00:00:00 to 1970-01-01 00:00:01 to avoid SQL install errors if strict mode;
    + Fixed https access on non-standard ports;
    + Extended username to 255 chars for LDAP logins;
    + Fixed search export invalid encoding and data may have been lost XLS file error;
    + Fixed invalid character encoding in API responses;
    + PowerDNS records cannot be created on slave zone;
    + Fixed subnet resizing bug if subnet contained slaves;
    + Added separate CSRF cookies for each address/subnet/pstn object;
    + Deleted items are now shown and searchable from changelog;

== 1.20.1

    Translations:
    ----------------------------
    + French translation updated to version 1.2;
    + German translation updated to version 1.2;

    Bugfixes:
    ----------------------------
    + Fixed upgrade bug that selected invalid auth method for AD/LDAP users;
    + Fixed LDAP problems after 1.2 upgrade;
    + Fixed PowerDNS Slave with multiple masters delimiter error;
    + Fixed PowerDNS PTR records not being updated automatically;
    + Fixed csrf cookie bug when editing folder;
    + Fixed csrf cookie bug when truncating subnet;
    + Fixed invalid code for API crypt method;
    + Fixed strange headings font display in Firefox;
    + Fixed invalid proxy settings in config.dist.php;
    + Fixed search same hostnames in db link form address table;
    + Fixed import subnet bug caused by fw object;
    + Fixed Subnet Import (Preview button > no action);

== 1.20

    New features:
    ------------
    + Added multiple simultaneous authentication methods (Apache, AD, LDAP, Radius, NetIQ);
    + Added fping scanning support;
    + Added selectable scanning type (ping/pear/fping);
    + Added L2 domains;
    + Added option to define address as default GW for subnet;
    + Added customizable address tags with compressed option;
    + Added temporary subnet / address shares;
    + Added quick subnet masks;
    + Added nameserver sets per subnets (jonashauge);
    + Added optional syslog as log location;
    + REST API:
        + documentation: http://phpipam.net/api-documentation/
        + API v2, old v1 support added
        + Complete rewrite of all API calls;
        + New security models (crypt, ssl, none);
        + Support for custom fields;
        + JSON / XML output
        + Full read/write controllers (Sections, Subnets/Folders, Addresses, Vlans, Vrfs);
    + PowerDNS integration:
        + Automatic reverse records creation (PTR) - IPv4 and IPv6;
        + Automatic SOA, NS record creation;
        + DNS domain management;
    + Added Scan agents to scan subnets remotely;
    + Added firewall zone mappings and module;
    + Added per-subnet DNS resolvers;
    + Added option to mark subnet as utilized (full);

    Enhancements:
    ----------------------------
    + All tables are now InnoDB by default;
    + Upgraded jQuery to 2.1.3;
    + All functions rewritten to classes/methods;
    + Parameterized all SQL queries, moved from MySQLI to PDO;
    + Added VLAN/VRF to search and to search results export;
    + Redesigned admin and tools menu;
    + Added scanned/discovered subnets to tools for faster overview;
    + Per-user display settings;
    + New widget - tools shortcuts;
    + New widget - IP calculator;
    + New widget - request IP address;
    + Clickable links for subnet fields;
    + Custom VRF fields;
    + Subnets can be now linked to devices;
    + Import/export enhancements;
    + Fast user switching for admins to impersonate user;
    + Opened folders and subnets in tree menu are saved on page reload;
    + RWA users can now process IP requests;
    + Added auto-suggest for possible slave subnets;
    + SSL option for MySQL connections;
    + Enum custom field support;
    + Added password reset script;
    + Set sections to display VRF in;

    Security Fixes:
    ----------------------------
    + Parameterized all MySQL querries;
    + Fixed plainpass being logged on user update;
    + Fixed XSS exploit on /error/;
    + Added CSRF protection to forms;

    Translations:
    ----------------------------
    + Added Czech translation;

    Bugfixes:
    ----------------------------
    + Fixed bug with SSL/TLS smtp servers;
    + Fixed visual subnet display issues on 32bit systems;
    + Fixed IPv6 split subnets bug;
    + Fixed /31 ping bug scanning out of boundaries;
    + Fixed nested broadcast not counted to used percentage;
    + Fixed invalid redirect after timeout;
    + Fixed discovery script index overridden;
    + Fixed dashboard graphs links to subnets;
    + Fixed Invalid ID on subnet scan of large subnets;

== 1.1.010

    Bugfixes:
    ----------------------------
    + Fixed login fails with LDAP when escape characters are in password;
    + Fixed login not working with spaces in password for AD login;
    + Fixed Ivalid action when adding vlans from subnet popup menu;
    + Fixed custom fields not appearing properly on IP request editing;
    + Fixed Invalid ID error for IP address details on sorting;
    + Fixed warnings if no VLAN search results are present;
    + Fixed test mail not sending;
    + Fixed unable to login if $phpsessname not defined;
    + Fixed unable to login after upgrade;

== 1.1

    Enhancements:
    ----------------------------
    + Caching of SQL results to avoid multiple queries;
    + Reduced number of DB queries;
    + Added selected mail notifications to admins to be notified on IP/subnet change;
    + Added new subnetId index to ipaddresses table that significantly improves network loading;
    + Now using only 1 network connection towards MySQL server;
    + Updated pagination;
    + mod_rewrite no longer required, selectable URL structure under settings;
    + Added option not to display free ranges;
    + Added option to set maximum VLAN number;
    + Selectable custom fields to be visible/hidden in tables view and updated device/VLAN view;
    + Added additional confirmation before section, subnet, folder and IP address deletion;
    + New script added for cron checks that discovers new hosts for selected networks;
    + Added inactivity timeout to settings;
    + Changed install procedure and updated install scripts;
    + Added PEAR check for installation;
    + Added free range display for VLANs;
    + Addes SSL/TLS option for SMTP mail;
    + API:
        + Bugfixes;
        + Added API admin permissions;
        + read/delete actions for IP addresses;
        + read/delete actions for Vlans;
        + read/delete actions for VRFs;

    Security Fixes:
    ----------------------------
    + Fixed known command injection vulnerabilities in the scan functions;
    + Fixed known SQL injection vulnerabilities;
    + Fixed known XSS vulnerabilities;
    + Fixed known action XSS events;
    + Moved to crypt method for storing password in database with salting;
    + Added option to force user to change pass after first login;
    + Admin password must be changed after installation;
    + Added captcha code request after 5x unsuccesfull login to prevent brute-force attacks;

    Translations:
    ----------------------------
    + Added es_ES translation;

    Bugfixes:
    ----------------------------
    + Fixed top 10 widgets not escaping strings;
    + Fixed section parent can be set to self that caused section to disappear;
    + Fixed username instead of password being sent to smtp server;
    + Fixed IE search bug with workaround;
    + Fixed subnet and bcast not showing on strict mode disabled;
    + Fixed top subnets missing on dashboard for non-admin users;
    + Fixed bug when installation was silently failing because pf missing _() function (missing gettext extension)
    + Fixed device custom field not populated on adding device;
    + Fixed XLS export silently failed when description longer than 31 characters;
    + Fixed overlapping check not working;
    + Fixed subnet free space calculation;
    + Fixed visual subnet display not showing on /31 and /32 networks;
    + Fixed custom fields display on folder edit;
    + Fixed unable to edit IP addresses when fields are sorted;
    + Fixde ordering of custom fields defaults to varchar 256;
    + Fixed IPv6 subnet / broadcast calculation bug and next subnet suggestion;

== 1.0

    New features:
    ----------------------------
    + IP address page with IP address details and IP history (Changelog);
    + IP address changelog, subnet and section changelogs with full changelog under tools;
    + Favourite subnets for quick access;
    + Adding subnets from free space with automatic mask provided;
    + Automatic database validity check after upgrading and automatic field/table fix under administration;
    + Automatic weekly check for new phpipam version;

    Enhancements:
    ----------------------------
    + Bootstrap 3;
    + UI enhancements;
    + Improved views based on browser width;
    + Widget order can now be set;
    + Widgets can be reordered (dragged) directly on dashboard;
    + Subnet can now be splitted to max 256 new subnets (16 before);
    + Scan settings are moved to Administration;
    + Widget management has moved to administration, which allows creation of new widgets;
    + Improved ICMP error detection;
    + Mail settings can now be set on gui (localhost / smtp);
    + Popup windows are now draggable;
    + VLAN adding in the fly enhancements;
    + Master section now shows all subnets in subsections;
    + Tools > devices redone;
    + DeviceTypes can now be edited/set/added;
    + Ping subnet enhancements;
    + Custom field types are now definable (int/varchar/date/datetime/text/bool/set);
    + Date and timepicker popups if type = date/datetime;
    + For `set` and boolean custom fields dropdown is presented that users can pick;

    + Favourite subnets widget;
    + IP requests widget;
    + Changelog widget;

    Translations:
    ----------------------------
    + Added Brazil translation (Michel Braga Guimarães);

    Bugfixes:
    --------
    + UI fixes;
    + Fixed bug where last page of IP addresses was inaccessible;
    + IP address state change is now sent to all admins;
    + Fixed subnet displaying as 0.0.0.0/0 in details;
    + Fixed links to subnets form vlans and vrfs;
    + Fixed search result showing all folders if searched item is not IP address;
    + Fixed disappearing section when L2 section was selected as master section;
    + Fixed device ID showing in mail notification instead of hostname;
    + Fixed device ID showing in search results and export instead of hostname;
    + Fixed search for subnet name returned no results;
    + Fixed apostrophe in IP address description throws SQL error for scan results and XLS import;
    + Fixed requester email gets cut if longer than 32 chars;
    + Fixed admin folder edit appearing as subnet;
    + Fixed missing device/port in import;
    + Fixed master section delete did not delete subsections and belonging subnets/ips;
    + Fixed online status was not updated when running Ping status scans;
    + Fixed Folder name not appearing when deleting folder;

== 0.9

    New features:
    ----------------------------
    + Support for ICMP network discovery;
    + Cron script to check status for selected subnets/hosts with threading suport (pcntl php extension required);
    + ICMP check IP status in demand;
    + Compressed (grouped) DHCP IP ranges;
    + API server version 0.1;
    + Option to show and group subnets by VLAN in subnets list;
    + Option to show and group subnets by VRF in subnets list;
    + Added subsections;
    + Added AD username search;
    + Added folders;

    Enhancements:
    ----------------------------
    + Added error catching/displaying for ajax-loaded php scripts;
    + Added default language for login/requests display and new users;
    + Added direct links to different pages in IP address table;
    + Subnets can now be edited directly from nested subnets list;
    + When adding nested subnets default vlan/vrf is selected from parent;
    + Added Section ordering;
    + Added per/section subnet ordering (overrides default form settings);
    + Clicking on section now shows all subnets and belonging details;
    + If session timeouts after re-login last requested page will be opened;
    + Searh for IP address now returns also subnet, even if IP is not existing;
    + Per-user selection of widgets to display;
    + Added description and required field checkbox for custom IP/Subnet Fields;
    + Added custom device fields;
    + Mails are now sent through phpmailer;
    + Admin user cannot be deleted;

    Translations:
    ----------------------------
    + Added French translation (Denis Darré);
    + Added Dutch translation (Michiel Visser);
    + Added German translation (Carsten Brückner);

    Bugfixes:
    ----------------------------
    + Fixed wrong VLAN display in tools;
    + Fixed subnet/section links from VLANS if base not /;
    + Fixed warning in apache log on subnet editing if no VRFs are configured;
    + Fixed admin menu off-screen overflow;
    + Fixed firefox error when selecting rights for section/subnets was not possible;
    + Fixed subnet description in Cyrillic problem;
    + Fixed errors on no permissions for user;
    + Fixed Inaccurate Free Space Calculation (and Chart);
    + Fixed VLAN permissions where VLAN was not displayed;

== 0.8

    New features:
    ----------------------------
    + New group and permission management;
    + Support for translations;
    + Subnet resizing;
    + Subnet splitting into smaller subnets;
    + Added free space display for nested subnets;
    + Added visual display of subnet usage per IP address;
    + Added truncate network option that deletes all IP addresses in subnet;
    + Added button the updates subnet with RIPE information;

    Enhancements:
    ----------------------------
    + Added add nested subnet under subnet details to simplify master subnet selection in hierarchy;
    + Added edit subnet link from search results;
    + Added reverse IPv6 DNS entries to IPCalc (Vincent Boisard);
    + Added option for plain-text emails;
    + Added ckEditor to write instructions;
    + StrictMode is not set globally anymore but set per section;
    + Added custom user fields;
    + Added option to verify that hostname is unique;
    + Improved MySQL exception handling;
    + Added mod_rewrite error detection on installation and upgrade;
    + Added hostname validation;
    + Added Hostfile dump of IP addresses;
    + Search also searches in custom fields;
    + jQuery updated to v 1.9.1;

    Bugfixes:
    ------------------------
    + Fixed overlay on second popup;
    + Fixed IE search bug;
    + Fixed support for non-standard ports;
    + Fixed permitting overlapping subnets if vrfs are different;
    + Fixed dates in logging appearing in 12h format;
    + Fixed broken subnets link in tools > subnets if installation is not at document root;
    + Fixed error when adding new subnet if checkboxes are not selected in newer MySQL servers;
    + Fixed bad display of multilined navigation bar;
    + Fixed wrong output of tools > VLAN list when using Duplicate VLANs;
    + Fixed wrong link for upgrade script;
    + On VRF change all child subnets are updated also;
    + Fixed wrong maximum on dashboard top10 percentage;
    + Fixed Adding a vlan while editing a subnet resets the edit subnet form;
    + Fixed wrong free space calculation for nested subnets;
    + Fixed IP use statistics not cumulative up the hierarchy if subnets has slaves;

== 0.7

    New features:
    ----------------------------
    + Completely rewritten UI using twitter's bootstrap as base;
    + Using mod_rewrite apache module to handle GET requests (new install requirements!);
    + Unlimited number of subnetting levels;
    + OpenLDAP authentication support;
    + New URL structure;
    + Sorting of IP addresses;
    + Custom subnet fields;
    + Custom VLAN fields and admin option to allow duplicate VLAN names (metro area VLANs);
    + Script to automatically update IP  hostname, run via cron (functions/scripts/resolveIPaddresses.php);
    + Show Subnet name instead of subnet IP address option;
    + Strict mode option in config files that controls overlapping checks;
    + New subnet menu;
    + Added printLimit feature to break IP addresses into pages;

    Enhancements:
    ----------------------------
    + Lots of UI changes;
    + Less Ajax usage to display websites and details;
    + Hierarchy display under subnet details (breadcrumbs);
    + Search results covering VLANs;
    + Custom IP fields ordering;
    + VLAN creation from adding/editing subnets;
    + IP addresses can now be edited;
    + Collapsed switch list;
    + Removing VLANs also removes references from subnet list;
    + Removing VRFs also removes references from subnet list;
    + Logs for admin on dashboard;
    + Search via GET;
    + Support for range networks (allows use of subnet and broadcast as IP);
    + Import of custom IP fields;
    + Ability to move subnets between sections;
    + Improved display of nested subnets now shows all IP addresses from nested subnets and orphaned IPs;
    + Hides display of custom fields in subnet if none is filled in whole subnet;
    + Replaced Highcharts with Flot because of licencing issues;

    Bugfixes:
    ------------------------
    + Fixed error with missing custom IP fields when adding new IP address;
    + Fixed bug when deleting root subnet only deleted directly nested subnets (now whole tree);
    + Fixed checkboxes not working in various browsers;
    + Fixed change in switch details causing IP address associations to switch to be lost;
    + Fixed subnet description display in under subnet administration;
    + Fixed depricated error when showing XLS files;
    + Fixed error when custom fields were not updated on adding IP address;
    + Fixed error when custom fields were with spaces in name were not updated;
    + Fixed error when providing already requested IP address;
    + Search available also to viewer user types;
    + Fixed /127 and /128 IPv6 subnets;
    + Fixed /31 and /32 IPv4 subnets;
    + Significantly reduced php processing for dashboard statistics;
    + Fixed importing of if quote is present;

== 0.6

    New features:
    ----------------------------
    + Selectable IP address list display fields;
    + Custom IP address fields;
    + Search and replace IP fields function;
    + Full page width theme;

    Enhancements:
    ----------------------------
    + Independant VLAN management;
    + Added additional level of subnet nesting;
    + Added option to clear and export log files;
    + Export of search results to XLS;
    + Clickable search results;
    + Selectable export fields when exporting subnet;
    + Subnet can be deleted from ip address edit subnet;
    + IP Requests for locked subnets and viewer users can be placed from ip address list;
    + jQuery updated to v 1.7.1;
    + HighCharts updated to v 2.2.0;

    Bugfixes:
    ------------------------
    + Upgrade is supported only for versions 0.4 and higher;
    + Fixed broken UTF-8 support;
    + Fixed wrong logging when authenticating via AD;
    + Fixed issues where external attacker might get information about internal hosts through resolvedns script;
    + Fixed wrong subnet nesting under administration/manage subnets;
    + Fixed editing subnet can be outside of its own root subnet;
    + Fixed errors when adding new switch auto-adds itself to all hosts without no switch defined;
    + Fixed removing switch not removed in ip address list;
    + Vlan1 can now be used;
    + Fixed mail sending settings with missing information;
    + Fixed errors on adding switch with no sections;
    + Fixed version check;
    + Removed masterSubnets from subnets available for IP requests;
    + Fixed error when non-admin user could not open dashboard;
    + Added how subnet list switch when list hidden;

== 0.5

    New features:
    -------------
    + Importing subnets from RIPE by AS in admin section;
    + Added switch management and changed switch logic;
    + Added VRF support;
    + Added AD domain authentication;
    + Added MAC address field to ip address;
    + Added database table and belonging fields check under admin;

    Bugfixes / enhancements:
    ------------------------
    + Added DNS resolving when editing/adding IP address;
    + Added IE compatibility meta tag and IE UI improvements for IE >= 8;
    + Search returns also subnets and MAC searches;
    + Added mac address and IP status to XLS import/export scripts;
    + jQuery update from 1.6.2 to 1.7;
    + Highcharts update from 2.1.2 to 2.1.8;

    + Fixed dashboard errors if no IPv4/IPv6 subnets configured;
    + Fixed errors with viewing / modifying IP addresses for Operator users;
    + Fixed session cookie error on hosts;
    + Fixed error when saving settings;
    + Fixed instructions errors when inserting html code;
    + Fixed first free IP address not displaying in IP request;


== 0.4

    New features:
    -------------
    + Massive add / edit / delete by specifying IP range (e.g. 10.10.0.1 - 10.10.0.254);
    + Database upgrade / install from browser -> simplified installation/update procedure;
    + New usertype viewer - can only view IP address list;
    + Subnets can now be edited directly from IP address list;
    + Option to lock subnet for writing to no-admin users;
    + Device and Host list;
    + Option to specify which subnet can have IP requests when editing / adding subnet if module is enabled;
    + Latest version check on admin page;

    Bugfixes / enhancements:
    ------------------------
    + Fixed overspanning of multiple sections;
    + Admin menu and add subnet now shown only to admins;
    + Fixed VLAN table to show nesting and IP request option and statistics;
    + Fixed subnet table to show nesting and IP request option;
    + Subnet Adding shows only master subnets in section not in all sections;
    + Tooltips and button hovers are now in separate javascript file;
    + Graphs show only subnets with non-0 ip addresses;
    + Various code enhancements + improved error handling;
    + Fixed URL links not updating after few clicks;
    + If loading slave subnet directly the subnet menu drops down and shows active slave subnet;
    + Clicking on master subnet shows all nested subnets and statistics;
    + Redesigned log table;
    + Fixed search;

== 0.3

    New features:
    -------------
    + Subnet nesting - you can now have master subnet and normal subnets belonging to it;
    + Server settings are now moved to database and can be set under admin menu (database settings & debugging remain in config.php);
    + Request IP module on login page with email notification;
    + Confirm/reject IP address request from admin page with mail notification;
    + Admin dashboard notification of new requests;
    + Autocomplete of owner and Switch name from all available when adding/editing IP address;
    + New settings quick access on button hover;
    + Option to export each subnet individually;

    Bugfixes / enhancements:
    ------------------------
    + jQuery update from 1.6 to 1.6.2;
    + VLANs are now grouped by section;
    + Direct access to subnet from vlan table;
    + UI enhancements;
    + Fixed user editing bug where user update broke password;
    + Fixed password in new account notification;
    + Fixed percentage display on Dashboard;
    + IPv6 calculator /64 limit fixed;
    + Changed tooltip effect to appear instantly for smoother display;
    + Login functions are now separate file;


== 0.2 (First public version)

    Bugfixes / enhancements:
    ------------------------
    + now also works with php 5.2;
    + fixed empty fields in xls import;
    + passwords are now stored in md5 hash;
    + high numbers for free/used IP addresses (mainly IPv6) are now represented in k/m/G values to improve readability;
    + fixed log search bug;
    + cursor not displayed as link on images and non-href links;
    + same add image on all pages;
    + fixed IP mail notification appearance;
    + UI enhancements and bugfixes;
    + Fixed some javascript bugs;
    + Minified javascript to make loading faster;
    + adding new ip address now automatically provides first available IP address in subnet;

    New features:
    -------------
    + added switch / port fields to IP addresses;
    + hide subnets on request to get better view;
    + Informational tooltips added + option to disable them in config file if someone finds them annoying;
    + export whole IP address database to XLS file from admin menu;
    + create MySQL database dump from admin menu;
    + added IP instructions for users, that can be edited from admin menu;


== 0.1 (First test version)


  1. Home
  2. Documentation
  3. phpipam Changelog