about two weeks ago we released DaDaBIK 5; we are very happy to say that so far it has been a great success, even beyond expectations.Thanks a lot for your support and for all the positive messages I have received in my personal mailbox!
While developing DaDaBIK 5, we took into serious consideration user requests, suggestions and needs.
We want to continue on this path for the next releases, asking which is the feature you consider the most important for the future DaDaBIK. Please take a few seconds to
vote in the poll
If your favourite feature is not in the list you can also add it.
I am really glad and released to announce that DaDaBIK 5 is finally here!
DaDaBIK 5 comes with a new GUI and tons of new features, including:
- A completely new granular permissions manager
- PHP hooks to extend DaDaBIK capabilities
- HTML templates for data grids.
I am sure it will bring its users to a new level in terms of Web Database Application Rapid Development, please take the time to check it out the BRAND NEW DEMO.
You can find all the (20+) new features, changes, security and other fixes reviewing the change log. As you can see, also the Website has been completely re-designed.
There are now three versions of DaDaBIK: BASIC, PRO and ENTERPRISE, you can review the features of each here
All the customers who bought DaDaBIK in the last two months can upgrade to DaDaBIK 5 PRO for free and to DaDaBIK enterprise paying €50.
All Supporters and Patrons (customers who bought DaDaBIK paying €50/€100, at any time) can upgrade to DaDaBIK 5 ENTERPRISE for free.
Write to payments at dadabik dot org if you want to use your upgrade option.
version 4.6 stable is now available. It provides several bug fixes, you can find the complete list in the change log.
The security alert is about the documentation:
"The documentation section about multiple instances of DaDaBIK has been (at least for the moment) removed. That section was not up-to-date and referred to a version of DaDaBIK which still didn't have the authentication feature: the result is that if users followed those instructions having authentication ON, a user authenticated on the first (not admin) instance could also access the /admin instance without authentication. This is not a proper bug but could lead to a false sense of security."
DaDaBIK 5 will be available in about two weeks; having about twenty new features, it will bring users to a new level in terms of Web Database Application Rapid Development
DaDaBIK v. 4.6 beta is out!
The first big, long awaited news is that DaDaBIK now officially supports UTF-8, allowing the correct handling of content in almost any known language and writing system. While some hacks for adding UTF-8 support have been posted on the forum during the last years, this feature has never been officially introduced because of the drawbacks involved: PHP doesn't offer a complete support for multibyte encoding and using DaDaBIK with UTF-8 content could lead to unexpected and bad results such as content corruption.
The new version of DaDaBIK has been completely revised in order to work well with UTF-8 content; furthermore, in order to reduce dependencies with external libraries, which can make the UTF-8 support implementation even trickier, the use of ADOdb has been discontinued and the PDO extension is now used for all the DBMSs.
The move to PDO also means less software footprint, theoretically better performances (they were not tested in details though) and changes in minimum requirement: the new ones are PHP >= 5.1 with mbstring extension enabled and one of the following MySQL >= 5.0 or PostgreSQL >= 7.4 or SQLite >= 3. The database default charset must be UTF-8 if you need to handle UTF-8 content.
There are still some cases in which the correct handling of UTF-8 is not guaranteed, see http://www.dadabik.org/index.php?function=show_documentation#bugs for further details.
Version 4.6 beta comes with a long list of fixed bugs, a couple of them about security, you can find it as usual reading the change log ; a new known bug about field and table names has also been added to the documentation, again, all the details in the change log.
The second big news is about version 5.0 alpha, which will be probably available in a couple of months with an impressive number of new features, most of them already implemented, including:
- A completely new permissions manager which allows to set, for each user or group, which operations (read, delete, update, create and details) are allowed on each form and field.
- Customizable data grid: the sytle of the data grid will be completely customizable using an HTML template, for example it will be possible to get a google-style results view instead of the classical results data grid very easily just by working on the template.
- Filter feature: a quick, customizable, search form a the top of the results data grid.
- Static pages: the possibility to add static, custom, pages to the DaDaBIK application (e.g. an help page).
- SQL-filled fields: a new field type whose value during insertion is specified by a custom SQL query.
- Form desing customization: the possibility to choose if a form field has to be positioned close to the previous one in the same form row or in a new one (current behaviour).
- Master/details view available not ony with the edit function but also with the details function.
- A brand new graphic interface (maybe, this is not sure!)
Yes, a lot of work has been done, but I am satisfied because the messages of appreciation I am receiveing from the customers are beginning to repay all the efforts :)
a new version of DaDaBIK, 4.5 patch level 1, is available. This is mainly a security enhancement/maintenance release and, as usual, all the users who purchased v. 4.5 beta or v. 4.5 can have v. 4.5 pl1 for free writing an e-mail to payments @ dadabik.org having "free upgrade" as subject and forwarding the invoice or the payment receipt.
This version introduce quite a big change about passwords storage security: DaDaBIK used to store users' passwords using the encryption provided by md5(); while this approach allows for a first level of security, because passwords are not stored in clear text into the database, it does not prevent some type of attacks which a malicious user can do after having obtained the encrypted passwords, such as attacks based on pre-hashed lists or rainbow tables.
For this reason, DaDaBIK, as other popular Web applications such as WordPress did, moves to phpass for managing the password storage. phpass is a framework which supports three password hashing methods (CRYPT_BLOWFISH, CRYPT_EXT_DES and an md5-based method) and chooses the best one according to what the current system can provide. All three employ salting, stretching, and variable iteration counts. This change makes the attacks much more difficult to be successfully executed.
All the user are strongly encouraged to upgrade.
For the complete list of the bugs fixed you can check the Change log.
In the next few weeks I will post about version 5.0, which is probably going to be released in Fall 2012 and will contain an impressive number of new features, including a highly granular permissions manager. Stay tuned!