Home Contact Buy
Sitemap Contact
Home Time Tracker Consulting Download Video Free Buy Sitemap Contact

Forum

Is TaskBar still broken?

Cannot Add New Clock or Change City Window 11

[SOLVED] Forgot Password -> Error 500

[SOLVED] Unable to send mail

installation problem : MDB2 Error: unknown error

the "actual" time of arrival & departure

work permit request

Time Tracker UPGRADE INSTRUCTIONS

News

11 May 2023
CVE-2023-32306 - Time-based blind SQL injection in reports
8 May 2023
CVE-2023-32066 - Stored XSS vulnerability in Week View
8 May 2023
CVE-2023-32308 - SQL injection vulnerability in Invoices
24 Feb 2023
Hide and show desktop clocks with a shortcut key
5 Feb 2023
World Clock desktop templates for forex
4 Feb 2023
World Clock desktop templates for GMT
6 Nov 2022
Charts for Favorite Reports
27 Oct 2022
Time Tracker 1.22 Released

Time Tracker 1.20 Change Log

This page lists changes in Time Tracker version 1.20.

Changes in Time Tracker 1.20

Released January 26, 2022.
  • 1.20.0.5620 - Removed Remote Work plugin.
  • 1.19.34.5610 - Addressed CVE-2021-41139 situation in week.php.
  • 1.19.34.5609 - Fixed CustomFileds class for adding a previously deleted option.
  • 1.19.33.5608 - Dutch translation improved.
  • 1.19.33.5607 - Started to check the status value in posts for sanity.
  • 1.19.32.5604 - A couple more fixes to address CVE-2021-41139.
  • 1.19.31.5603 - Added additional protection against an sql injection fixed in previous commit.
  • 1.19.31.5602 - Fixed an sql injection vulnerability in groups.php.
  • 1.19.30.5601 - Added validation of browser_today parameter in posts.
  • 1.19.30.5599 - Added a check for passed in date to time.php.
  • 1.19.29.5598 - Maintenance fixes.
  • 1.19.29.5596 - Introduced entities_modified field in tt_groups table for future API upport.
  • 1.19.28.5589 - Implemented report inactive projects display option.
  • 1.19.28.5587 - Fixed ttUser::getUserDetails() function to allow supervisors work on behalf of users.
  • 1.19.28.5586 - Some more improvenets to Brazilian Portuguese translation.
  • 1.19.28.5582 - Dutch translation improved.
  • 1.19.28.5580 - Improved Brazilian Portuguese translation.
  • 1.19.28.5573 - Addressed a few more php8 warnigns, some html fixes.
  • 1.19.28.5567 - Added a list of day records to puncher.php page to improve usability.
  • 1.19.28.5566 - Style and security improvements for puncher.php.
  • 1.19.28.5565 - Eliminated some more php8 warnings.
  • 1.19.28.5562 - Added classes for some columns in report for custom CSS.
  • 1.19.28.5561 - Implemented puncher as a plugin.
  • 1.19.28.5555 - Renamed timer.php to puncher.php to implement it as a plugin.
  • 1.19.28.5554 - Improved week view by remembering custom fields and also printing them when configured to do so.
  • 1.19.28.5553 - Addressed a couple of php8 warnings.
  • 1.19.28.5552 - Introduced a what is it link explaining custom CSS in display options.
  • 1.19.28.5551 - Removed no longer needed NOTE_INPUT_HEIGHT from config.php.dist.
  • 1.19.28.5550 - Fixed presentation issue on the login page.
  • 1.19.28.5549 - Added a what is it link explaning delete invoice entries option.
  • 1.19.28.5547 - Renamed template files.
  • 1.19.28.5538 - Addressed a few php8 issues and warnings.
  • 1.19.28.5535 - Addressed issue #110 for php8.
  • 1.19.28.5534 - It is hard to believe but the entire app is now mobile friendly.
  • 1.19.28.5524 - Recovered show note option on reports.php. Was broken in one of previous commits.
  • 1.19.28.5523 - Ongoing work on mobile friendly reports. Fixed a bug on totals only reports with visibility of use_mark_approved and similar controls.
  • 1.19.28.5514 - Some fixes for timer.php.
  • 1.19.28.5511 - Removed all remaining legacy mobile pages.
  • 1.19.28.5510 - Ongoing work on making mobile friendly pages. Ongoing work on addressing php8 issues. Moved timer.php from legacy mobile directory to root.
  • 1.19.28.5448 - Fixed a presentation issue on user add and edit pages.
  • 1.19.28.5447 - Ongoing work on addressing php8 warnings.
  • 1.19.28.5433 - Added options for secure ldap authentication.
  • 1.19.27.5431 - Fixed cross site request forgery vulnerability. See CVE-2021-29436.
  • 1.19.26.5430 - Removed some more no longer used legacy mobile pages.
  • 1.19.26.5429 - Finished work on sanitizing post parameters to reduce risk of SQL injections.
  • 1.19.26.5421 - Added edit icons on reports to allow for quick edits.
  • 1.19.25.5419 - More protection against sql injections.
  • 1.19.25.5417 - Fixed SQL injection vulnerability in group_edit.php.
  • 1.19.24.5416 - Added protection against brute force guessing of random codes used in password resets.
  • 1.19.24.5415 - Fixed a critical security vulnerability with password resets. See CVE-2021-21352.
  • 1.19.23.5414 - A minor fix to dbinstall.php to address a migration issue with custom fields.
  • 1.19.23.5411 - A couple of minor fixes to remove php8 warnings. A fix for extra '+' character and end of line causing error (#105).
  • 1.19.23.5410 - Dutch translation improved.
  • 1.19.23.5407 - Removed no longer used legacy mobile pages.
  • 1.19.23.5405 - Cleanup: removed no longer used templates.
  • 1.19.23.5402 - Removed no longer used files.
  • 1.19.23.5393 - Ongoing work on mobile pages. Fixed an issue with incorrect column span.
  • 1.19.23.5387 - Some changes, refactoring, and improvements in translation files.
  • 1.19.23.5383 - Cleanup. Removed no longer used legacy mobile client pages and templates.
  • 1.19.23.5382 - Ongoing work on mobile pages. Added copytight notices on refactored templates.
  • 1.19.23.5369 - Removed unnecessary assignments from JavaScript.
  • 1.19.23.5368 - Fixed path to calendar icon for some DIR_NAME situations. Disabled logging a warning when DIR_NAME is not defined.
  • 1.19.23.5346 - Removed not needed label tags.
  • 1.19.23.5340 - Removed a redirect to lecacy mobile pages as we now have mobile time entry working.
  • 1.19.23.5339 - Addressed a few more php warnings.
  • 1.19.23.5337 - Fixed division by zero problem in pie charts.
  • 1.19.23.5336 - More progress on removing conditions for PHP warnings.
  • 1.19.23.5334 - Introduced a default value in TTUser::getConfigInt() function.
  • 1.19.23.5333 - Removed a PHP warning on reports.php for 0 inactive users.
  • 1.19.23.5332 - Updated smarty to version 3.1.36 to get rid of a PHP warning. Some fixes for no longer supported libchart library to remove PHP warnings.
  • 1.19.23.5331 - Added a workaround into embedded MDB2 code to get rid of PHP warnings.
  • 1.19.23.5329 - Removed deprecated function call and related code.
  • 1.19.23.5328 - Changed software license to SSPL going forward.
  • 1.19.23.5326 - Fixed adjusting today links to match user today.
  • 1.19.23.5325 - Security fix for csv injections.
  • 1.19.23.5324 - Security fix: added protection against flooding user mailboxes with too many password reset emails.
  • 1.19.23.5323 - Security fix: disabling password reset link immediately after password change.
  • 1.19.23.5312 - Removed unnecessary stuff from html head (#104).
  • 1.19.23.5309 - Added a constant for app version in initialize.php. Ongoing work on improving mobile pages.
  • 1.19.23.5297 - Dutch translation improved.
  • 1.19.23.5291 - Started work on improving presentation for small mobile screens.
  • 1.19.23.5288 - Introduced label.menu in translation files.
  • 1.19.23.5287 - Fixed column span for reports with show note on separate row option.
  • 1.19.23.5286 - Added a display option controlling whether to show custom fields in the list of records for each day.
  • 1.19.23.5285 - Added week total on mobile time.php.
  • 1.19.23.5283 - Fixed double-encoding of special characters on tme_delete pages.
  • 1.19.23.5282 - Introduced a configurable login cookie name.
  • 1.19.23.5281 - Introduced a configurable php session cookie name.
  • 1.19.23.5280 - Refactored password_reset.php for consistency of success and error messages display.
  • 1.19.23.5279 - Fixed headers in totals only reports when grouping by custom fields.
  • 1.19.23.5278 - Fixed totals only reports when grouping by time custom fields to eliminate multiple rows.
  • 1.19.23.5277 - Fixed reports for expenses when grouped by various custom fields.
  • 1.19.23.5276 - Initial attempt to include custom fields in group by options in reports for user testing, with some known remaining issues.
  • 1.19.23.5275 - Removed no longer used enablePlugin() function.
  • 1.19.23.5274 - Removed no longer used string from translation files. Removed non-editable sender field from mail.tpl to simplify it.
  • 1.19.23.5273 - Improved error reporting for recent registrations.
  • 1.19.23.5272 - Cosmetic presentation fix for attachment display on projects.php.
  • 1.19.23.5271 - Introduced EMAIL_REQUIRED config option.
  • 1.19.23.5270 - Refactored I18n class. Shortened images directory name to img to keep things a bit shorter.
  • 1.19.23.5269 - Changed APP_NAME named constant to DIR_NAME to better reflect its meaning.
  • 1.19.23.5268 - Added a link explaining tracking mode.
  • 1.19.23.5267 - Fixed broken PDF reposrts after renaming logo image.
  • 1.19.23.5266 - Fixed language for the login screen.
  • 1.19.23.5265 - Renamed tt_logo.png to just logo.png.
  • 1.19.23.5264 - Started to use relative values in css for better presentation.
  • 1.19.23.5263 - Save custom field values in session (#102). Added time custom fields storage in session to mobile time.php as in pr #102.
  • 1.19.23.5262 - Moved the Required checkbox on top of tasks.php page to make it more visible.
  • 1.19.23.5260 - Fixed behavior of Now buttons, broken in one of recent commits.
  • 1.19.23.5259 - Dropped task_required field from tt_groups table as it is now a part of config field.
  • 1.19.22.5258 - Fixed mobile timer.php for subgroups regarding task_required.
  • 1.19.22.5257 - Refactoring and some fixes for task_required config option.
  • 1.19.22.5256 - Moved task required option to tasks.php page.
  • 1.19.22.5255 - A fix for week view for subgroups.
  • 1.19.22.5254 - Simplified week view by removing Stop buttons for potential uncompleted records because they do not seem to belong here.
  • 1.19.22.5252 - Some refactoring and fixes, mostly on week view for subgroups.
  • 1.19.22.5251 - Some fixes to mobile timer.php for subgroups.
  • 1.19.22.5249 - A fix for subgroups. Replaced tracking_mode with getTrackingMode() on time_delete.php page.
  • 1.19.22.5248 - Fixed removed finish column on time.php, which was broken a few commits ago.
  • 1.19.22.5247 - Refactoring. Also, fixes for mobile time_edit.php for subgroups and paid status.
  • 1.19.22.5242 - Fixed date format for subgroups on time edit pages.
  • 1.19.22.5241 - Improved export-import by including custom_css field and notification comments.
  • 1.19.22.5239 - Improved usability of plugins.php page by hiding configure links when they cannot be used.
  • 1.19.22.5238 - Usability improvements for Notifications plugin.
  • 1.19.21.5235 - Replaced cal_days_in_month with generic date call (#99), created notifications that trigger based on hours (#98), some fixes on notification_add.php.
  • 1.19.20.5234 - Fixed future entries behaviour for subgroups.
  • 1.19.20.5233 - Added an option to introcude custom CSS for gtoups to customize presentation.
  • 1.19.18.5228 - Added a config option whether to show not complete days in calendar.
  • 1.19.18.5226 - Rewrote Calendar class for better clarity.
  • 1.19.18.5217 - Some refactoring and fixes on mobile time.php. Updated Calendar class as per #97 (different style for not complete days).
  • 1.19.18.5215 - Refactored ttTimeHelper::insert function further to obtain user_id from the global User object.
  • 1.19.18.5214 - Refactored ttTimeHelper::insert function to use group_id and org_id from the global User object.
  • 1.19.18.5212 - Fixed time edit pages for prepopulate_note option.
  • 1.19.18.5211 - Added project checkbox validation for template_add.php and template_edit.php.
  • 1.19.18.5210 - Fixed export / import to work with project to template binds.
  • 1.19.18.5208 - Some usability fixes for Templates plugin.
  • 1.19.18.5205 - Work in progress on an option to prepopulate note from template.
  • 1.19.17.5200 - Added an option to bind templates to projects.
  • 1.19.16.5190 - Applying .Auth_ldap::ldap_escape($login) to openldap (#93).
  • 1.19.16.5189 - Patched ldap authentication to work with member_of groups (issue #90), also a fix for issue #89 (sessions timeout early).
  • 1.19.16.5188 - Improved bot protection slightly.
  • 1.19.16.5187 - Fixed ttValidDate function to handle DD-MM-YYYY date format.
  • 1.19.15.5186 - Addressed several php warnings.
  • 1.19.15.5181 - Fixed timesheet approval workflow.
  • 1.19.14.5180 - Fixed week view for multiple custom fields.
  • 1.19.14.5179 - Removed no longer used fields from tt_fav_reports table.
  • 1.19.13.5178 - Fixed mobile timer.php page to display multiple custom fields.
  • 1.19.13.5176 - Fixed import of report_spec field for fav reports. Also, some cleanup.
  • 1.19.13.5174 - Fixed export of fav reports by including properly mapped report_spec field.
  • 1.19.13.5173 - Added a capability to add attachments to expense items.
  • 1.19.12.5172 - Some more progress with Remote Work plugin.
  • 1.19.12.5159 - Got rid of a PHP warning when generating reports with 0 inactive users.
  • 1.19.12.5158 - Removed WORK_DEBUG conditions to hopefully start user testing of Remote Work plugin features.
  • 1.19.12.5141 - Fixed issue #82 - clients can mark their invoices paid/not paid.
  • 1.19.11.5140 - Additional progress with Remote Work plugin.
  • 1.19.11.5135 - Fixed fav reports sent in notifications for custom date formats.
  • 1.19.10.5134 - Allowed comma-separated recipients in notifications.
  • 1.19.10.5133 - Remote Work plugin related improvements.
  • 1.19.10.5109 - Added audit info to some delete operations.
  • 1.19.10.5108 - Ongoing improvements to Remote Work plugin and admin pages for it.
  • 1.19.10.5092 - Added a clarifying comment for translators for error.file_storage and error.remote_work.
  • 1.19.10.5091 - Removed FILE_STORAGE_URI from config.php.dist and set its default value.
  • 1.19.10.5089 - Made Remote Work plugin available to start user testing and feedback.
  • 1.19.10.5086 - Added getEmail function to ttUser class.
  • 1.19.10.5085 - Added getGroupName function to ttUser class.
  • 1.19.10.5084 - More progress on Rempte Work plugin.
  • 1.19.10.5074 - Integrated some German strings from pr#81, the ones that seemed okay to do. Put clarifying comments for others.
  • 1.19.10.5070 - Extended reports by adding filtering for text custom field values.
  • 1.19.9.5067 - Refactoring. Put getOrgKey() function into ttUser class.
  • 1.19.9.5065 - Refactoring. Put getGroupKey function into ttUser class.
  • 1.19.9.5064 - Some progress on Remote Work plugin.
  • 1.19.9.5061 - Updated ttTimeHelper class for showing custom fields on time pages.
  • 1.19.9.5059 - Dutch translation improved.
  • 1.19.9.5055 - Removed no longer used WEEK_START_DEFAULT from config.php.dist.
  • 1.19.9.5054 - Added d-m-Y date format as an option.
  • 1.19.8.5053 - Fixed filling dropdowns on reports.php page load.
  • 1.19.8.5052 - Backticked rank in sql queries as it is now a reserved word in MySQL.
  • 1.19.7.5051 - Increased chunk size for exports to speed things up.
  • 1.19.7.5050 - Added sort options on invoices.php page.
  • 1.19.7.5049 - Added label.sort_by to translation files as part of adding sorting to invoices.php (ongoing work).
  • 1.19.7.5048 - Fixed export.
  • 1.19.7.5047 - Fixed export of large tables by operating on smaller chunks at a time.
  • 1.19.7.5046 - Fixed emailed reports by cron by including multiple custom fields.
  • 1.19.7.5045 - Fixed emailed reports to include multiple custom fields.
  • 1.19.7.5044 - Made progress on including custom field settings in fav reports.
  • 1.19.7.5043 - Fixed exporting reports to pdf by adding multiple custom fields to output.
  • 1.19.7.5042 - Fixed exporting reports to xml and csv by adding multiple custom fields output.
  • 1.19.7.5041 - Fixed left joins for reporting on multiple time custom fields.
  • 1.19.7.5040 - Initial release of multiple custom fields for user testing.
  • 1.19.7.5039 - Added code to support multiple time custom fields to reports.
  • 1.19.7.5038 - Added controls on reports.php for multiple time custom fields.
  • 1.19.7.5037 - Fixed left joins in reports for user custom fields.
  • 1.19.7.5036 - Starting to work on multiple time custom fields.
  • 1.19.7.5035 - Added filtering for user custom fields of type text in reports.
  • 1.19.7.5034 - More progress on user custom fields in reports. Dropdown custom field selectors are now working.
  • 1.19.7.5033 - Fixed reporting on user custom fields for expense items.
  • 1.19.7.5032 - Work in progress adding user custom fields to reports.
  • 1.19.7.5030 - Added user custom fields on user_edit.php page.
  • 1.19.7.5029 - Improved ttUser::markUserDeleted by marking user custom fields as deleted also.
  • 1.19.7.5028 - Added code to insert user custom fields after user creation.
  • 1.19.7.5027 - A bit of refactoring in user_add.php.
  • 1.19.7.5026 - Added user input validation for custom fields on user_add.php.
  • 1.19.7.5025 - Added custom field controls on user_add.php.
  • 1.19.7.5024 - Added entity type as read only field on custom field edit page.
  • 1.19.7.5022 - Introduced tt_entity_custom_fields table.
  • 1.19.6.5021 - Added entity column on cf_custom_fields.php page.
  • 1.19.6.5020 - Adjusted export-import to work with entity type in custom fields.
  • 1.19.6.5019 - Changed entity_type datatype in database to optimize things.
  • 1.19.5.5018 - More work in progress on custom fields extension.
  • 1.19.5.5017 - Introduced dropdown.time to translation files.
  • 1.19.5.5016 - Introduced label.entity into localization files.
  • 1.19.5.5015 - Starting working on extending custom fields.
  • 1.19.4.5014 - Added a link explaining record type.
  • 1.19.4.5013 - Fixed sorting of projects in dropdown on the reports.php page.
  • 1.19.4.5012 - Added a capability to see uncompleted indicators to users with view_users right.
  • 1.19.4.5011 - Improved protection from mass bot registrations.
  • 1.19.4.5010 - A bit of refactoring.
  • 1.19.4.5009 - Moved Subgroups from top menu to group_edit.php.
  • 1.19.4.5008 - Rewrote group dropdown fill function to include the entire organizational tree.
  • 1.19.4.5007 - Introduced a separate page for advanced group settings.
  • 1.19.4.5006 - Added an explanation link for group on the registration page.
  • 1.19.4.5005 - Increased margin for top menus.
  • 1.19.4.5003 - Dutch translation improved.
  • 1.19.4.5002 - Changed Create group menu label to Register.
  • 1.19.4.5001 - Fixed nav links visibility between day and week views.
  • 1.19.4.5000 - Refactoring. Moved week_menu config option to plugin config.
  • 1.19.4.4998 - Improved ttTimeHelper::holidayMatch to allow partial wildcards in year.
  • 1.19.4.4997 - Removed show holidays config option.
  • 1.19.4.4995 - Fixed week start for subgroups.
  • 1.19.4.4994 - Removed holidays from translation files.
  • 1.19.4.4993 - Adjusted monthly quotas plugin to use configurable holidays.
  • 1.19.4.4992 - Implemented configurable holidays.
  • 1.19.4.4991 - Wrote a validation function for holidays.
  • 1.19.4.4990 - Introduced a debug option and a localization string for holidays.
  • 1.19.4.4989 - Started to work on configurable holidays.
  • 1.19.3.4988 - Fixed holidays display for subgroups.
  • 1.19.3.4987 - Refactoring, moving plugin config options into group config field.
  • 1.19.3.4985 - Changed title on week view to Week from Time.
  • 1.19.3.4984 - Introduced a configirable option whether to show Week menu.
  • 1.19.3.4983 - Renamed MULTITEAM_MODE to MULTIORG_MODE to better reflect the meaning of the constant.
  • 1.19.3.4982 - Fixed approve_all_reports right assignment and check.
  • 1.19.3.4981 - Another fix in week view for negative hours.
  • 1.19.3.4980 - Another fix for negative hours.
  • 1.19.3.4979 - Fixed prePopulateFromPastWeeks for week view plugin.
  • 1.19.3.4978 - Cosmetic fixes.
  • 1.19.3.4976 - Removed middots in menus to hopefully do better styling with css.
  • 1.19.3.4975 - some more progress on work plugin.
  • 1.19.1.4972 - Added attachment output on week view.
  • 1.19.1.4971 - Merged getRecords and getRecordsWithFiles into one function to keep things compact.
  • 1.19.1.4970 - Some refactoring and progress on work plugin.
  • 1.19.1.4967 - Fixed monthly quotas for negative hours.
  • 1.19.1.4966 - Fixed charts for negative hours.
  • 1.19.1.4965 - Removed unneeded subtotal row on reports, fixed printing of 0 subtotals.
  • 1.19.1.4964 - Fixed totals for 0 hours to not have minus sign.
  • 1.19.1.4963 - Initial work done to support negative durations, some issues remain.
  • 1.19.1.4962 - Introduced conditional display of label.users if there are no inactive users.
  • 1.19.1.4961 - Some rearrangements in translation files.
  • 1.19.1.4960 - Separated users section on reports in 2 for active and inactive users.

Home Download Video Free Buy Legal Sitemap Contact
Login
Hosting and content management by Anuko