If I search using the displayed text from the linked column, no results are returned. However, it appears the search is instead using the underlying ID value from the related table.

Example:

• I have a document_lines table with a column called Doc Header
• This column is linked to a headings table
• In the UI, it displays:
  "section1: Brakes & Lines"
• But in the database, this entry has an ID of 7

Issue:

• Searching for "section1:" → returns no results
• Searching for "7" → correctly returns all related entries

Question:
Is there a way to make the search work against the displayed text (e.g. "section1: Brakes & Lines") instead of the underlying ID?

We've just released v3.83 beta (our biggest single release to date!), and we're already running it on our site.

Here are some highlights from this release: 

• Field Editor
  • Show If: New option allows you to dynamically show/hide fields based on the values of other fields
  • Show for: Replaces old "Admin only" setting with options for everyone, editor, admin only, or new: Nobody (completely hidden)
  • Placeholder: New option for text and textbox fields to set hint text inside the field when empty
  • Field List UI: Lock and eye icons now mark restricted and conditional fields in your field list
  • Reorganized and simplified the field editor UI
• Admin → Advanced → MCP Server
  • AI coding assistants like Claude Code can now read and update your CMS directly
  • Read and write records, upload files, run queries, and view your database schema
  • Built-in /fix-cms command: AI reviews your recent PHP errors and offers fixes
• Admin → Backup & Restore → Website → Restore from Zip
  • Added restore button to restore from previous website backup zips (for uploading a local or dev site)
• Fields → List → pillbox (multi value)
  • Selected values can now be drag sorted to change the order
  • Dropdown options show checkboxes to select multiple values (easier for end-users)
• Admin → Advanced
  • Admin Favicon: Pick a colored favicon (green/yellow/red) to tell CMS installs apart in your browser tabs (e.g. dev, staging, live)
  • Server Links: Add dev, staging, and live server URLs for quick-switching between environments
• Developer Console
  • Automatically decrypts and displays contents from encrypted fields
• General code modernization and cleanup

Note: We still have a queue of pending user feature requests.  We're releasing what we have now so you can start using it.  Feel free to remind us what you'd like to see next. 

The full changelog for this release is as follows:

*** April 14, 2026 - Version 3.83 (Show/Hide Fields & MCP Server)

SERVER REQUIREMENTS (Since Jun 2025): PHP 8.1+ and MySQL 5.7+ (or MariaDB 10.2+)

FIELD EDITOR
    - Show/Hide Fields: Fields now show/hide automatically based on what users select
        - Example: Show "Speaker Name" only when Event Type is "Webinar"
        - Example: Show "Shipping Address" only when Delivery Method is "Mail"
        - Works with all field types: text, checkboxes, tabs, upload fields, related records
        - Custom expressions allow for multi-field AND rules (e.g. type=article AND status!=draft|hidden)
        - Configure in: Database > Edit Field > Visibility > Show If
    - Field Access: "Admin Only" replaced with clearer "Show for" dropdown
        - Options: Everyone, Editor and above, Admin only, or new: Nobody (completely hidden)
    - Placeholder: New option for text and textbox fields to set hint text inside the field when empty
    - Lock and eye icons now mark restricted and conditional fields in your field list
    - Simplified field editor interface with cleaner organization
    - Textbox Fields: "Auto Format" renamed to "Line Breaks" (nl2br) and deprecated. Off for new fields, can be turned off but not back on

MCP SERVER
    - AI coding assistants like Claude Code can now read and update your CMS directly
    - Read and write records, upload files, run queries, and view your database schema
    - Configure in: Admin > Advanced > MCP Server (IP allowlist, API keys, permissions)
    - Built-in /fix-cms command: AI reviews your recent PHP errors and offers fixes
    - Security: IP allowlist required, Bearer token auth, read-only enforced at MySQL session level
    - Write operations logged to the audit log

ADMIN > BACKUP & RESTORE
    - Website: Added restore button to restore from previous website backup zips
    - Website: Previous Backups dropdown now shows relative dates (e.g., "5 min ago", "yesterday")
    - Website: Removed "Only include code files" option (use .cms-no-backup marker files to exclude folders instead)
    - Database: Backup dropdown now offers option to include log tables in backup ("include skipped")

PILLBOX & FOREIGN KEY FIELDS
    - Replaced form dropdown component Select2 with Tom Select
    - Pillbox: drag pills to reorder selected values
    - Pillbox: dropdown options show checkboxes so you can see all options and their selection state at a glance
    - Type-ahead search to filter options instantly

ADMIN > ADVANCED (New Page)
    - Reorganized admin settings into "Admin Interface" and "Advanced Settings" sections
    - Admin Favicon: Pick a colored favicon (green/yellow/red) to tell CMS installs apart in your browser tabs
    - Server Links: Add dev, staging, and live server URLs for quick-switching between environments
    - Admin Shortcuts, Debug Footer, and WYSIWYG/Menu/Cookie settings moved here from General Settings

MINOR CHANGES
    - Email Settings: Developer Email now accepts multiple comma-separated addresses
    - File Uploads: Files are saved with dashes instead of underscores for better SEO, and .jpeg is normalized to .jpg
    - Audit Log: Expanded logging coverage for fields, tables, uploads, backups, and database operations
    - Security: Added additional .htaccess hardening for data directories (Apache 2.4+ compatibility)
    - Improved text contrast for input fields, selects, and placeholders
    - Admin menus updated and reorganized for better usability
    - Upgraded Dependencies: PHPMailer v6 to v7, Firebase/JWT v6 to v7, and other library updates

BUG FIXES
    - SmartArray: Fixed TypeError when calling load() on SmartArrayHtml (changed type hint to SmartArrayBase)
    - Language: Fixed "No such file or directory" error when developer mode was enabled without a language selected
    - Upload Fields: Fixed "Create Thumbnail" checkbox re-enabling itself after saving when unchecked
    - Edit Page: Fixed false "unsaved changes" warning appearing after clicking in fields without editing them
    - Misc code and other minor improvements

**FOR PROGRAMMERS**
    - Modern PHP features enabled:
        - Native types: Database queries now return native PHP types (int/float) instead of strings
        - mysqli::execute_query() for one-line parameterized queries (available natively in PHP 8.2+, backported for PHP 8.1):
            $rows = DB::$mysqli->execute_query("SELECT * FROM users WHERE id = ?", [$id])->fetch_all(MYSQLI_ASSOC);
            DB::$mysqli->execute_query("UPDATE users SET name = ? WHERE id = ?", [$name, $id]);
    - Database Encryption: Key now cached as MySQL session variable @ek
        - Faster: Computed once per-connection, not per-query
        - Simpler: AES_ENCRYPT(val, @ek) instead of AES_ENCRYPT(val, UNHEX(SHA2('key',512)))
        - Cleaner: Key hidden from SHOW PROCESSLIST and error messages
        - On-demand: Only initialized when encrypted fields are used
    - MySQL Console: Record edit page database icon now opens console with that record in column mode
    - MySQL Console: New {{column}} shortcut auto-expands to AES_DECRYPT(`column`, @ek) for encrypted columns
    - Moved /api.php to /api/ to better organize future API endpoints

**FOR PROGRAMMERS (BREAKING CHANGES)**
    - Note: These changes only impact developers who have written custom PHP code
    - Database queries now return native PHP types (int/float) instead of strings
        - If your code expects strings, cast them: (string)$row['id']
    - MySQL queries now throw exceptions instead of returning false (following PHP 8.1+ standard behavior).
        - Before: $result = mysqli()->query($sql) or die("MySQL Error: " . mysqli()->error);
        - After:  try { $result = mysqli()->query($sql); } catch (mysqli_sql_exception $e) { die("MySQL Error: " . $e->getMessage()); }
    - Library Updates: ZenDB has been moved to composer with several renamed and deprecated methods
        - DB::get() renamed to DB::selectOne() (DB::get() still works but is deprecated)
        - See ZenDB docs for full list of changes: https://github.com/interactivetools-com/ZenDB/

You can download the latest beta here: https://www.interactivetools.com/download/

Please post (or email) any feedback, questions, concerns, or bugs you find.   Your help with beta testing allows us to release new features even faster.

Thanks. We look forward to your feedback! :)

Okay, perfect. Since you've done the CMS upgrade before, the CMSB side should be straightforward.

For any custom PHP code or plugins, the most common issue is type handling. PHP 7 was more forgiving - it would silently accept `null` where a string was expected. PHP 8 throws deprecation warnings (and PHP 9 will make them errors).

An example might be @$_REQUEST['city']; if that form field wasn't submitted, it would return null.

So if you see warnings like `trim(): Passing null to parameter #1` or `strlen(): Passing null to parameter #1 ($string) of type string is deprecated`, the fix is usually one of:

// Option A: null coalesce to set a default for null values
$value = trim($record['middle_name'] ?? '');

// Option B: cast to string
$value = strlen((string) $record['notes']);

What I recommend is upgrading, then clicking through all the pages and checking the CMS Developer for any errors.

Let me know if you run into anything specific, and we can help you sort it out.

this software should become next level and this is a starting pointing for people to manage their site in most straight way as possible

- The theme engine can support any number of themes, create and activate

- A customizer section that you can configure main settings for the theme, upload your logo, fav icon, update color theme, select Main nav and footer nav

- Supports Templates and partials

- Supports enqueue_styles & enqueue_scripts

- Supports list, detail, single records

i'm attaching a working script and documentation, and would love this community to support it and contribute it even further, in the works is visual builder as well that you can build pages visually with components under testing and works with the theme engine.

Appreciate any feedback

First, make sure your database is supported by the latest version - you'll want MySQL 5.7+ or MariaDB 10.2+.

But in general, it's pretty straightforward. Backup everything (files and MySQL), upload the new CMSB files over top of the old ones, then upgrade any plugins that need upgrading.

If you run into any PHP 7 to 8 coding errors in your custom code, any of the AI coding agents (Claude, ChatGPT, etc.) can help you come up with a fix pretty quickly.

That said, feel free to fill out a 2nd-level support request if you'd like me to take a look either before or after: https://interactivetools.com/support/request/

Also, feel free to email me at dave@interactivetools.com if you run into any issues. I'll be around this weekend and can help make sure you're back up and running by Monday if needed.

Hope that helps, let me know any questions!

The folks at vimeo do not place the same restrictions upon content that YouTube does, and you can simply place the vimeo url for the video in your code and enjoy excellent streaming video that is scaled to the user's available bandwidth.

There might be various uses for it to be separate login. When enabled, the two login sessions are completely separate. You can be logged into CMSB and separately be logged into the front end as a different user. Maybe you are a CMSB admin doing some work in the back-end as an admin, but you want to login to the front-end as a normal user to see what they see. When set to false the CMSB user and the front-end use the same login space.

The practical effect of setting it to false is that if you log into CMSB admin, you'd also appear logged in on the website front-end. Of course it doesn't mean that a websiteMembership user could access the CMSB back-end because there are still permission checks etc. in place.

Hopefully that makes sense. :)

I guess I have been misunderstanding the setting itself. For what purpose do folks use the "true" setting of  $GLOBALS['WSM_SEPARATE_LOGIN'] ?

Are you still seeing this error or did you get it resolved? Did you recently upgrade to 3.82 and it stopped working or is this suddenly happening? What version of websiteMemberhip are you using?

If it is still happening, and your version of websiteMembership is not the most recent, try upgrading it if you can. That usually resolves the issues. If that does not solve the issue, you can certainly look in the error logs for errors and give it to us as part of opening a support ticket. 

Usually when upgrading CMSB, a few plugins need to be upgraded as well. 

Thanks!

When you say that you have separate logins, I am assuming you have set the WSM_SEPARATE_LOGIN global variable in websiteMembership.php to "true". This means that logging into CMSB is going to be a separate login than trying to login to pages that are protected by websiteMembership.

Your code there is testing for the websiteMembership login "CURRENT_USER" and if not, redirects them to the login page. 

From what I am understand as to what you are saying, the user logs into CMSB as an admin, clicks a link which takes them to that page protected by websiteMembership. There it sees that CURRENT_USER is not set, so immediately redirects the user to the login page. Because the user has logged into CMSB doesn't mean they skip login for the page protected by websiteMembership (when using separate logins).

Am I understanding the process you are going through here? If not, any further clarification would help.

Thanks!

Users of the backend login to perform their admin duties, one of which involves selecting a menu item that is a link to another page outside of the background interface that also requires login.

That page is protect like this:

i$libraryPath = 'xxxxxxx/lib/viewer_functions.php';
$dirsToCheck = ['','../','../../','../../../','../../../../'];
foreach ($dirsToCheck as $dir) {
if (@include_once("$dir$libraryPath")) { break; }
}
if (!function_exists('getRecords')) {
die("Couldn't load viewer library.");
}
if (!$CURRENT_USER) { websiteLogin_redirectToLogin(); }
if(!$CURRENT_USER['isCME_director'] && !$CURRENT_USER['isCME_staff'] && !$CURRENT_USER['isAdmin']) {
redirectBrowserToUrl("access_denied.php?msg=This feature is for administrators only.");
exit;
}

The problem I am having is that the logged in user who clicks the link taking him to this page is then presented with the login form once again and must log in a second time.

Has anyone encountered this behavior?

CMSB v. 3.56

websiteManagement v. 1.13

Also, the site depends upon a number of plugins to include createPDF, csvImport, formGenerator, newsletterBuilder, QRCode Generator, reportBuilder, showHideDependedentFieldsPlus, showHideFieldsForUsers, and websiteMembership. Can anyone share any problems they may have encountered with similar upgrades?

The hospital using this application depends upon it daily, and I will need to accomplish the change over a weekend and have a working version on the following Monday. I confess to being a bit nervous.

The above is just a snippet that helps set up a PHP file that will load when "llms.txt" is accessed. On its own it does not generate any of the content, but it's a good first step in being able to do so.

Thanks for reporting this bug!

I've created a fix that will be included in the next version of CMSB.

For you or anyone else who is currently having this issue, here's a patch that should fix it.

In the file: cmsb/lib/schema_functions.php around line 288

Find this code:

if (empty($schema[$name]["createThumbnails$suffix"])) {
      unset($schema[$name]["createThumbnails$suffix"]);
      unset($schema[$name]["maxThumbnailHeight$suffix"]);
      unset($schema[$name]["maxThumbnailWidth$suffix"]);
      unset($schema[$name]["cropThumbnails$suffix"]);
  }

And replace it with this:

 $thumbnailDisabled =
  empty($schema[$name]["createThumbnails$suffix"]);
  if ($thumbnailDisabled) {
      unset($schema[$name]["maxThumbnailHeight$suffix"]);
      unset($schema[$name]["maxThumbnailWidth$suffix"]);
      unset($schema[$name]["cropThumbnails$suffix"]);
      if ($suffix !== '') {
          unset($schema[$name]["createThumbnails$suffix"]);
      }
  }

Let me know if you have any futher issues.

Thanks!

<?php
  header('Content-type: text/html; charset=utf-8');
  include_once("../cmsb/lib/viewer_functions.php");

  // get the URI and trim leading and trailing slashes
  $uri = trim($_SERVER['REQUEST_URI'], '/');

  // lookup the URI in the permalinks table to find the corresponding section
  $section = mysql_get('cmsb__permalinks', null, [
    'permalink' => $uri,
    'old'       => '0'
  ]);

  // get the tablename for the section
  if ($section) {
    $tableName = $section['tableName'];
	
    // and then load the page
    list($page, $pageMetaData) = getRecords(array(
      'tableName'   => $tableName,
      'where'       => whereRecordNumberInUrl(0),
      'loadUploads' => true,
      'allowSearch' => false,
      'limit'       => '1',
    ));
    $page = @$page[0]; // get first record
    if (!$page) { 
      header("HTTP/1.1 301 Moved Permanently");
      header("Location: /"); 
      exit;
    }
  }

?>

• About pages > /pgs/about-pages.php
• Contact pages > /pgs/contact-pages.php
• Service pages > /pgs/service-pages.php

Note, I am using the Permalinks plugin.

But I was wondering if there is a way for me to use the same page template for all of the sections?

• About pages > /pgs/pages.php
• Contact pages > /pgs/pages.php
• Service pages > /pgs/pages.php

Unfortunately, there's no built-in functionality for that, or quick fixes.

Can you let me know what you want to use it for and how you'd want it to work? 

For example, what problem are you trying to solve?

Thanks!