Changes from 1.1 ---------------- 1. The security system has been redesigned. By default, Miva runs in its most secure mode. In the event that this conflicts with your system configuration, you will need to enable one or more options using the securityoptions configuration directive. securityoptions is a bitmask. Each bit turns on a specific feature. The bits are as follows: MSB LSB ... 00000 ^^^^^ ||||| ||||+-- [1] Follow symlinks in script directory |||+--- [2] Ignore symlink ownership in script directory ||+---- [4] Follow symlinks in data directory |+----- [8] Ignore symlink ownership in data directory +------ [16] Allow absolute paths for data files By default, all bits are turned off (value of 0). To enable one or more flags, add the value in square brackets ([]). For example, to enable following symlinks in the script directory AND the data directory, you would set securitylevel to 5. 2. New variables have been added for xBase fields of type DATE: Assuming fieldname is the name of a database date field: fieldname_raw contains a YYYYMMDD format string fieldname_day contains the day of the month fieldname_month contains the month of the year fieldname_year contains the year fieldname still contains a time_t representation of the field value. 3. Fixed a bug in the sitevars processor that would cause an extra carriage return to be appended to every variable. 4. Fixed another bug in the indexing algorithm that would cause "Record is not in index" error messages. 5. Changed scope names to be non case-sensitive. 6. Added a check and error message for nested 2.x-style tags. 7. Fixed a bug that would cause index operations with numbers longer than 12 digits to fail. 8. Fixed a bug that would sometimes cause a crash when a single variable containing more than 8192 bytes was evaluated. 9. Fixed a bug that prevented arguments to function calls in an index expression from being saved to the index. 10. Fixed a bug that caused "Mismatched Parenthesis" errors when parameters to functions contained parenthesis. 11. Fixed a bug that would sometimes cause a crash when calling a forward-referenced function with no parameters. 12. Fixed a bug that would cause a crash when a function contained a mismatched IF. 13. Fixed a bug that caused occasional corruption of database date fields. 14. Added a check for multiple function declarations with the same name. 15. Added a check to prevent opening multiple databases with the same NAME attribute. 16. A new builtin function, padl, has been added. padl( string, length, pad_character ) Will pad "string" to length characters long, using pad_character. Pad characters are added to the beginning of the string. 17. A new builtin function, padr, has been added. padr( string, length, pad_character ) Will pad "string" to length characters long, using pad_character. Pad characters are added to the end of the string. 18. A new builtin function, glosub, has been added. glosub( string, search, replace ) Will globally search for "search" in string and replace it with "replace." 19. A new configuration directive, dnslookup, has been added. dnslookup controls whether Miva will attempt to resolve directives to IP addresses, or compare them as they appear in the file. The default value for dnslookup is 1. 20. The authfile configuration directive is now honored in standard mode. 21. Fixed numerous bugs in the expression analyzer. 22. Fixed cookies. 23. The EXPRESSION attribute to has been deprecated in favor of EXPR. 24. Fixed a bug in the mktime_t builtin function that would cause the incorrect timezone to be applied. 25. Fixed a backwards-compatibility bug in the handling of flat files that would cause whitespace to be removed from fields on import. 26. Added a check and error message for database field names longer than 10 characters. 27. Added a new value for the securitylevel configuration directive that permits symbolic links in data/script directories. See the administration manual for more information. Changes from 1.0 ---------------- 1. Fixed a serious bug in the indexing algorithm that would cause records to mysteriously disappear or appear in the incorrect order. 2. Variables passed from a form via POST are now canonically mapped using the following rules: . is replaced with _ 3. A new configuration variable, securitylevel, is provided to control the level of restriction on access to data files. securitylevel=0 Allows Miva applications to read/write data files (subject to normal UNIX permissions) that are outside of the configured data directory, via symbolic links or ../ in the file path. securitylevel=1 (default) Does not allow Miva applications to read or write data outside of the configured data directory. 4. Fixed a security flaw that would allow remote users to read any file owned by a user authorized to run Miva. 5. Changed the old Htmlscript-style MAIL tag to automatically delete messages on the POP3 server as they are downloaded. This was the behavior under Htmlscript 2.99. 6. Fixed a bug which would cause an "Unexpected end of file looking for " error when the MvPOP tag was used and no messages were available. 7. Added "Line:" in front of line numbers in error messages to prevent confusion. 8. NSAPI version only -- added the URI system variable. 9. Added a Host: request line in the HTTP headers sent by the MvCALL tag. This resolves "404 File Not Found" errors when calling URLs on servers running software virtual domains. ### end CHANGELOG ### Changes in Miva Mia v1.12 ------------------------- This is the first non-beta release of Miva Mia. We at Htmlscript Corporation would like to thank all the users who aided us in the beta program. Added browse buttons for the paths in the WWW tab. Changed the network-related tags not to attempt a DNS lookup when an IP address was specified. Changed Miva Mia not to attempt to open non-Miva documents in exclusive mode. This fixes occasional "File Not Found" errors. Added the process_id system variable. Fixed the right mouse button menu so it would go away if ESC was pressed or the mouse was clicked outside the menu. Fixed a bug which caused the fsize builtin function to always return -1. Fixed so it wouldn't strip whitespace from the beginning or end of imported data fields (ala Htmlscript 2.x). Fixed "Unable to Lock" error messages when attempting to update a database from multiple concurrent processes. Fixed multiple crashes related to ODBC support. Changes in Miva Mia Beta 3 -------------------------- **************** ODBC Support **************** Miva Mia Beta 3 contains preliminary ODBC support. This support is accomplished through the addition of three tags and modification of other existing database tags. v1.1138 of the Miva Engine introduces a new paradigm for database access: the VIEW. The following tags have been modified to allow the optional VIEW attribute: Currently, only and are supported for ODBC. To connect to an ODBC datasource, use the following syntax: The value for the DATABASE attribute is an ODBC connection string. As an example: DSN=Sample;UID=dba;PWD=sql Would connect to ODBC Datasource "Sample," using the user id "dba" and the password "sql." Some ODBC drivers may allow or require additional values. To run an SQL statement that does NOT return any results, such as an update, delete, or insert, use : For example: SQL statements that return results are handled via the new VIEW paradigm. To open a view, use : For example: Once you have opened a view, you may use the familiar and tags to navigate through the result set. For example: or The variable EOF will indicate if you have hit the end of the recordset, and recno will indicate your current position in the recordset. totrec, available for xBase databases, is not currently supported with ODBC. When you are done with a view, close it using : ********************************************** Scope specifiers were changed to be non case-sensitive. Fixed a bug which caused Miva Mia to crash if nested old-style tags were used. Fixed a bug in the expression analyzer dealing with multiple operators joined by and/or in a single set of parenthesis. Fixed a bug which caused index operations with numbers longer than 12 digits to fail. Fixed a bug which caused Miva Mia to crash if a single variable containing more than 8192 bytes was output. Fixed several bugs dealing with function calls in index expressions. Fixed a bug which caused "mismatched parenthesis" errors when an expression containing parenthesis was used as a parameter to a function. Fixed a bug which caused Miva Mia to crash if a forward-referenced function with no parameters was called. Fixed a bug which caused Miva Mia to crash on return from a function that ended in a non-terminated IF which evaluated to false. Fixed a bug which sometimes caused date fields in dBase databases to be corrupted. Fixed a bug which would sometimes cause floating point operations to truncate at the 15th decimal place, causing strange results for multiplication and division. Added a check for multiple functions declared with the same name. Added a check to prevent two databases to be opened with the same value for the NAME attribute. A new builtin function, padl, has been added. padl( string, length, pad_character ) Will pad "string" to length characters long, using pad_character. Pad characters are added to the beginning of the string. A new builtin function, padr, has been added. padr( string, length, pad_character ) Will pad "string" to length characters long, using pad_character. Pad characters are added to the end of the string. A new builtin function, glosub, has been added. glosub( string, search, replace ) Will globally search for "search" in string and replace it with "replace." Fixed the server_port system variable. Reorganized the control screens so they would fit on a 640x480 screen. Added a check to the "Show Home Page" button and "blue links" to display an error message if unable to launch the browser. Changed the "Port in Use" dialog to recommend ports above 8000. Added datafile and script security similar to the functionality of Miva under UNIX. Changes in Miva Mia Beta 2 -------------------------- A new option on the WWW tab, "Do DNS Lookups," has been added. Turning off DNS lookups may improve performance while online (Miva Mia does not have to establish a connection to the ISP's DNS server for every connection), and may solve some mysterious "lockups," which were actually attempted connections to an unavailable DNS server. Fixed a bug with handling multiple simultaneous connections. This bug showed up most frequently under Netscape Navigator as pages failing to load completely, or the browser "locking up." Fixed cookies. Fixed truncation of the new _year, _month, and _day database date variable names. This bug prevented use of the new variables if the name of a date field in an xBase database was longer than 4 characters. Added a new variable, _raw, for database date fields. This variable provides the "raw" data, as it is stored in the database file. The format is "YYYYMMDD" Added special handling for "Address already in use" errors. One of the most common problems people had with Beta 1 was installation alongside another WWW server. A new dialog now informs the user that another WWW server is running and allows the port to be changed. Fixed GlobalTimeout handling. Fixed a bug which caused the Tabs in the control panel not to change occasionally. A new tab, "Information," was added. This tab provides links to useful WWW pages, and version, license, and contact information. Fixed a bug in the Sitevars processor which caused an extra carriage return to be appended to every variable. Changes in Miva Mia Beta 1 -------------------------- This was the first public release of Miva Mia