What's new in SCMS 1.0.1:

August 29th, 2011

· Licensed Under GPLv3
· Full XHTML 1.0 Strict Conformity
· Full CSS 2.1 Conformity
· OOP (Object-oriented programming)
· RBAC (Role Based Access Control)
· MVC (Model-View-Controller) Design Pattern
· Singleton Design Pattern
· Designed for PHP5+ (Uses PDO)
· Strict IO (Input/Output) Validation
· Supports Mysql or any PDO driver supported database (still untested)
· Custom Session Handling With Idle Session Expiration & Session Identifiers Regeneration
· User Account Locking With Both Automatic & Manual Unlocking Methods
· Login Attempts & Session Event Logging
· Per Action Optional SSL/TLS (Transport Layer Security) Enforcement
· Password Aging/Expiration
· Support for "secure" (When run over SSL/TLS) AND "httponly" Cookies
· Improved CSRF (Cross Site Request Forgery) Protection By Using Random Protection Tokens
· Support for all PHP5 Hashing Algorithms as well as MySQL's AES and DES Encryption
· Additional CSRF and Bot Protection using Optional CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) Images
· Optional Session Data Storage Encryption
· Optional Session IP Checking (Prevents Session Hijacking)

What's new in SCMS 1.0:

August 22nd, 2011

· Various PHP.INI configuration directives fixes, a reversion to XHTML 1.0 Transitional, and the removal of the buggy installer.

What's new in SCMS 1.0 RC4:

April 11th, 2011

· Validation was added for SCMS configuration.
· A Web installer was added.

What's new in SCMS 1.0 RC3:

April 7th, 2011

· Changes: Directories were restructured.
· The database layer was rewritten to use the PDO driver.
· Object models were added. XHTML mark-up was changed from Transitional to Strict.
· Session database storage bugs, including CAPTCHA and CSRF session data loss, were fixed.
· A plug-in and model class auto-loader was added.
· SCMS dynamic configuration was implemented.
· Many bugs were fixed, including problems with account locking and error handling, and there were many code cleanups and optimizations (less)

What's new in SCMS 1.0 RC1:

January 19th, 2011

· New User and Role views were added with paging, and Session and Login views were renamed.
· A new configuration directive, RecordPerPage, was added.
· A problem in which captchas were not being saved in the session was fixed.
· The router now passes method parameters via URL (using reflection).
· The font of captcha was changed to a clearer font, since the previous font made the numeral for one look like the letter "I".
· An error controller was added for 404 and other SCMS errors.
· The database now prevents reconnection if a connection is already present.
· All hashed passwords are now salted using xor'ed scmsEncryption_Salt.

What's new in SCMS 0.91 Alpha:

September 21st, 2009

· A simple CAPTCHA is included in scms/scms_include/captcha. An scmsUseCaptchaS constant has been added for enabling/disabling image CAPTCHAs.
· Captcha Images have been added to ALL AUTHENTICATED forms. The old $_SESSION['scms_logins'] variable has been removed from authenticate.php and main.php.
· Bugs have been fixed in Update() in scms_users.php.
· The old code bugFixRequirePath.php has been removed from all includes.

What's new in SCMS 0.9 Alpha:

September 7th, 2009

· A quick and dirty installer was added with the same settings as Joomla's.
· All PHP supported hashing algorithms were added.
· MySQL credentials were moved to the configuration file.
· DES and AES encryption were removed from scmsAccountLocking_HashAlgo.
· Some CSS bugs were fixed.
· Functionality to retrieve a forgotten password or request a new password was added.
· CSRF protection was improved.
· Some bugs with the login page were fixed.