Notice: CMSB v3.10 Beta 1 (June 13th, 2017)

4 posts by 2 authors in: Forums > CMS Builder
Last Post: June 16, 2017   (RSS)

By Dave - June 13, 2017

Hi everyone, 

We've just released v3.10 beta 1 (and we're running it live on our website).

This is mostly a maintenance release.  We fixed several caching issues in 3.09 that were causing some plugins to not function correctly.  If you're still having any issues with plugins after installing this version let us know and we'll help you out.

Additionally, there's some new "Experimental Code Generators" under the Code Generator menu.  This is a sneak peak at what we're working on.  One of the features of the Code Generated viewers is that advanced users can add custom MySQL code if they know it to extend what is possible.  One of the problems with this is we often get end-users writing insecure code and inadvertently create security vulnerabilities on their sites.

To address this the new code generators only allow specific "filtered mysql", meaning you can do most things, but you can't pass in arbitrary user-submitted values that would cause security issues.  Instead you use placeholders to pass in values like this: 

  // load record from 'products'
  list($productsRecords, $productsMetaData) = getRecordsAPI(array(
    'tableName'   => 'products',
    'where'       => 'num = :num',
    'params'      => [
      ':num' => getLastNumberInUrl(0),
    ],
    'loadUploads' => true,
    'allowSearch' => false,
    'limit'       => '1',
  ));

This makes the code completely secure.  You literally can't write insecure code with this new system, and we think it makes it easier to read as well.

Anyways, more to come on that in the future!

And if you have a license you can download the latest beta here:
https://www.interactivetools.com/order/download.php

Please post any feedback, questions, or bugs you find! Thanks! 

Dave Edis - Senior Developer
interactivetools.com

By Toledoh - June 13, 2017

This sounds really interesting Dave - thanks!

To break me out of my normal thought tracks - can you give me some example of things that are now possible that weren't, or were difficult previously?

Cheers,

Tim (toledoh.com.au)

By Dave - June 16, 2017

Thanks everyone for your feedback!  You caught one more issue which we've fixed.  Here's the post about the official release: 
https://www.interactivetools.com/forum/forum-posts.php?CMSB-v3.10-Released---Maintenance-Release---June-16th-2017-81000

Dave Edis - Senior Developer
interactivetools.com