We will be focues with the next few releases to fix some things, optimize the code a bit and optimize checks to minify problems. So when you find things, which are not logical or doesn't make any sense and sure, also bugs, please report that to us.Code:
* increased session security by activating HSTS-header * updated russian translation; thx to bykidi * secured from pishing for all external links due hiding the referrer * improved some code to reduce notices/warnings on stats page - fixed XSS vulnerability with TS3 Client name; thx to FarisDev - fixed changing language on install.php were not working - fixed error with donut chart on stats page, when the database still have not enough different values for all stats
Please do not report new feature(requests) at the moment.
Thx to all, that are supporting this project!
! hashing of ip-address (reason EU-GDPR) as option (webinterface -> other); TS user needs to reconnect to the TS3 server to be able to verify with stats page after ! added support for MySQL 8.0 and MariaDB >= 10.3 * increased session security * increased security on stats/ page; thx to JVMerkle * increased performance on stats page; it is shitty fast now :-) * updated TS3 PHP Framework (version 1.1.33 from 18 April 2018) * updated portuguese translation; thx to Pasha * modified check on worker.php, if a process is already running * minor code optimizations, also removed april fool (was only valid on 1st April) + added support for special characters (utf-8 mb4), which came with TS server version 3.2.0; before we had it for servergroup names, now for all other needed (among other things: user nicknames) + added polish translation; thx to DoktorekOne + added CSRF token for protection against Cross-Site-Request-Forgery and replay attacks - fixed "lost update" problem on manual adding time to an user (function about the webinterface) - fixed problem, when timezone had a very long name; now all timezone will be supported - fixed connection problems, when the TS3 query username or password contains special characters
* increased performance (vs. 1.2.4 again in avg. ~25% better now); saves CPU time and memory (RAM) * updated bootstrap-select to the actual version; bigger selections are now much more faster; thx to caseyjhol the lead developer of it * changed startup process to be sure the auto updater will runs before the config check * changed log file rotation; the Bot did a restart on rotation before, now it will stay connected to the TS3 server * removed unneeded update info check; update notification will now be sent to the admin ID (webinterface -> other), which is multiple since 1.2.4; reworked update notification, which will now be sent on startup after an update * updated italian translation; thx to jacopomozzy + added czech translation; thx to KeviN - fixed bad config check (servergroup not found); if a servergroup is missed, the Ranksystem will first sync all ts3 servergroups and after that check again the config; only if the config is still bad, it will stop - fixed wrong ascending/descending sorting, if the site were changed about the pagination - fixed cross site scriptig vulnerability on stats/list_rankup.php - fixed problem with special characters inside the server group name; 4 byte chars where not possible to save before and run into a database error inside the Ranksystem log
! disable update support for versions under 1.2.0; when you are using a version below 1.2.0 and want to update, we recommend to do a fresh installation * changed order of Bot startup procedure; now the update process will be done before the config check; this will make sure the update process will runs also, if the config is wrong - fixed wrong values in the column nextup on the stats page for user, which are offline - fixed empty lines in log file on updating the Ranksystem; will take note with updates above 1.2.5 - fixed problem on correction boost, when a wrong server group were configured inside; the configure check prevented the new value from being saved - fixed problem "not enough data..." for the top user of the month; with version 1.2.4 has been added a new deletion method of unused stuff and the old one has been forgotten to be removed - fixed special case, if no user was online for at least 1 second for more then one week, the server stats could not be saved correctly
! changed parameter 'check' for the worker.php (startscript). Now this parameter will only start the Ranksystem, if it was crashed. In case the Ranksystem was stopped with 'stop' parameter, it will not start the Ranksystem with 'check' parameter. ! you need to define a verification channel ID to the webinterface -> core; the needed channel has to be set up manually on your TS3 server; for more information read also the online help inside the webinterface at this parameter * increased performance: on bigger databases it will run much faster (valuable on response speed of chat commands). on smaller databases it will reduce needed resources (CPU) * improved memory handling (RAM) * optimized session handling on stats page and webinterface; now the Ranksystem don't touch other sessions from the same domain (relevant to multiple Ranksystem installations or other systems on the same domain, which are also using sessions) * optimized logs preview on webinterface (site load is much faster; now all lines will be shown, also array outputs on SQL errors; error and critical entries are now red colored) * send a little more information about Ranksystem instance to ts-n.net like total_user, user_week_ total_online_week [..] (will be sent on update check; normally 2 times a day); there will not be sending any personal data of any user, it is only instance information! also, this information will never be shared without your agreement with third ones or published to be able to associate it with your instance; our plan is to build a summary of stats (of all instances) and perhaps we will share this sometime on a website + made the field "admin ID" multiple (unique client ID of the admin of the Ranksystem); multiple admin uuids can be entered comma separated; note that other admins are also be able to reset the password for the webinterface + added new chat command "!clean" to the Ranksystem Bot; the cleaning will run at least once a day; with this command you can force to make it instant + added a link to the verification process with that it is possible to redeem the token automatically (before it must be entered manually) + added new verification step, when the users IP between website and TS3 server differs; at this point the user can register himself also with a token; to protect from spams the user need to join a verification channel, where he will be able to choose himself to be able to receive the token + added a few more cleaning checks; now old avatars of deleted users will be deleted from the web space + added percentage column for lists of nations, platforms and versions + added update notification on stats page and webinterface, when an update was done the last few days ago; appears once a time per browser session + added new validation check on TS3 host address to prevent entering a port inside, which would be wrong placed here + added new validation check on defined servergroup IDs (rankup definition, servergroup exception, boost); the check will be done at 3 points: 1) saving a wrong ID inside the webinterface 2) on starting the Ranksystem Bot 3) on the Bots job to update the servergroups, when one group gotten removed + added check when removing the server icon on the TS3 server; then it will now also remove the icon from the Ranksystem + added check when removing an icon of a servergroup on the TS3 server; then it will now also remove the icon from the Ranksystem + added check for slow running Ranksystem instance and offer suggestions to optimize the environment + added check to top user sites of the week and month; if there are not enough data collected, on this sites will be shown the message "not enough data..." instead of wrong results - fixed wrong sorting of the column 'next servergroup' on List Rankup (stats page) - fixed the nations list; full name wasn't showing for some languages, even though they were available - fixed link to the webinterface on the stats page (and vice versa), which was not working when the website port was not default (80 or 443)