It has been a busy couple of months since the v1.2.0 beta release, and we are now pleased to announce the stable release of v1.2.1. This version is by far our biggest and best update to date and resolves many issues found in the beta release along with other large changes to ArcticDesk, as outlined below. The full changelog can be found at the end of this announcement.
Security Enhancements
We'd like to thank Patrick at Rack911.com for reporting a few security concerns with ArcticDesk that we have now resolved. This version introduces a new uploads handler that is far more secure and allows the uploads folder to be moved out of the webroot. We’ve also enhanced our SQL sanitization functions and improved the coverage to ensure we have every SQL statement covered to prevent against SQL injection attacks. Furthermore, we've added a robust HTML purifier to clean any user submitted content to block any XSS attacks. If you're running v1.1.2 or below, we recommend that you update your installation to v1.2.1 as soon as possible to take advantage of the new security features.
New REST API
We have completely rewritten our REST API in this version to better fit with the REST standard model. The new API contains far more functionality than the previous iteration and we plan to add even more functions in future releases. The new API has been fully documented in our online documentation (link below). http://www.arcticdesk.com/docs/REST_API
Multiple Email Support
Departments can now have multiple email addresses assigned to them, so you're able to accept tickets for a single department from various email addresses. This is particularly useful if you have multiple brands or operate multiple websites. We see this as the first step to true multi-company support, a feature that we have currently planned for v1.3.0.
General Speed Improvements
We have been cleaning up a lot of code, and thus we believe that you will find this version far quicker than previous versions. We have been working hard to cut down and optimize the number of queries that are called per page, and we'll carry on making these improvements throughout the next version.
New WHMCS Integration
As the REST API has been rewritten, we have also released a new version of the WHMCS integration, which fixes a number of issues and greatly enhances the overall stability. Version 1.4 of the integration is now available to download at our client area.
Changelog
New Features
(AD-276) - Added gravatar support
(AD-418) - Added multi-email for departments
(AD-449) - Re-added merge, lock & unlock buttons to ticket grid
(AD-504) - Now allow forcing SSL over whole frontend
(AD-530) - New REST API with full online documentation
Enhancements
(AD-446) - Check servers when server is added/edited
(AD-455) - Announcements RSS now uses SEO links when enabled
(AD-456) - Applied ticket labels now show on the ticket grid
(AD-460) - Using CKEditor on the ticket notes textarea
(AD-467) - Added option to add attachments to ticket notes
(AD-472) - Updates to the ticket number generation, added additional options
(AD-482) - Added the option of assigned operators to ticket filters
(AD-518) - Allow the uploads folder to be moved out of publicly accessible folders
(AD-519) - Added server side checking for uploads to ensure only allowed file types are uploaded
(AD-524) - Now include the ticket message in the ticket opened email template
Bug Fixes
(AD-441) - Fixed issue with ticket subjects not returning to unread BOLD after a new reply
(AD-447) - Fixed issue where subdepartments could not be hidden from filters if the parent department was selected
(AD-448) - Fixed issue whereby inactive operators still recieved email notifications
(AD-450) - Fixed serialization issue on PHP Windows
(AD-454) - Fixed issue where a link in a comment would cause it to display incorrectly
(AD-459) - Fixed issue where ticket filters did not work under certain situations
(AD-462) - Fixed issue where the due time was null when the user replied to the same ticket twice in a row
(AD-464) - Fixed WHMCS integration to work with new API
(AD-465) - Fixed CSRF vulnerability within admin panel
(AD-466) - Fixed issues with the 'IS NOT' option in filters
(AD-468) - Improved the design of suggested knowledgebase articles on submitting a ticket
(AD-469) - Fixed IMAP collection issues that caused a loop and prevented emails from deleting
(AD-470) - Fixed incorrect user name displaying on frontend template when logged in
(AD-480) - Fixed the add label dropdown on the ticket grid
(AD-481) - Fixed issue with ticket filter options not being ticked when editing the filter
(AD-483) - Fixed issue that prevented license information from displaying correctly
(AD-484) - Fixed issue with admin popup notifications displaying the incorrect message on new ticket
(AD-493) - Announcements RSS no longer shows announcements from hidden categories
(AD-503) - Fixed issue with elements not loading properly over HTTPS on the frontend
(AD-525) - Fixed issue with the take ownership reply option not working as intended
(AD-526) - Fixed issue with the send email tab in edit user
(AD-529) - Fixed issue with internal ticket emails being sent to wrong operators
Add Comment