Releases: grezniczek/redcap_survey_auth
REDCap Survey Auth
Bugfixes
REDCap Survey Auth
- Add protection for Public Reports
REDCap Survey Auth
New feature: Public dashboard protection
Other changes
- Framework v12
- Action tag description
- Revised docs
REDCap Survey Auth
New LDAP feature: Optional fallback to full name/email from REDCap's user table.
REDCap Survey Auth
- Fix potentiall error when using LDAP on PHP8.1+
- Code reorganization
REDCap Survey Auth
Critical security bug fix:
- REDCap logged the POST request, including the clear-text password, in
redcap_log_view.
As the module cannot prevent REDCap from logging non-standard survey POST request, it now does the next best thing: It runs the query below (limited to the specific project and instrument) as soon as it gets control (redcap_survey_page_top hook), thus deleting the log entry disclosing the password.
Run
DELETE FROM redcap_log_view WHERE miscellaneous LIKE "// POST%[redcap_survey_auth-password]%"against your database to sanitize the table from any previous logins accross all projects!
As the module cannot prevent REDCap from logging non-standard survey POST request, it now does the next best thing: It runs the query above (limited to the specific project and instrument) as soon as it gets control (redcap_survey_page_top hook).
REDCap Survey Auth
- Bugfix: @SURVEY-AUTH now works in multi-arm projects.
- Change: Removed system option to turn off @SURVEY-AUTH on non-public surveys.
REDCap Survey Auth
Bugfix: Support IF action tag on public surveys
REDCap Survey Auth
- Compatiblity fix:
@SURVEY-AUTHcan now be used inside@IF - Bugfix: Some JavaScript was missing from the login page
- Minimum REDCap version bumped to 12.0.7.
REDCap Survey Auth
- Changed the way the url for login form submission is generated.