Banshee, the secure PHP framework


7 March 2018, 10:55

The current version of Banshee uses Bootstrap v3.3.7. This version is vulnerable for XSS, but it is not exploitable via Banshee. Banshee doesn't allow users to set the data-target property of a tag. When a patch is available, it will be applied to the next version of Banshee.

I know Bootstrap v4 has been released, but I don't really like its new design. So, I'm sticking with Bootstrap v3 for now.

Tags: security
by Hugo Leisink
18 February 2018, 14:30

Just a small bugfix release with a few minor new features.

Tags: release
by Hugo Leisink
18 October 2017, 09:21

I used Hacktoberfest 2017 to request a new logo for Banshee. The result of that request is this:

I'm happy with it! Hope you like it too. Many thanks to Karillith, who created it for me.

Tags: promo
by Hugo Leisink
14 September 2017, 16:45

The most important change in this release is the license that's being used. Banshee is from now on licensed under the MIT license.

A cool new feature is that you no longer will lose data when your session has timed out and you press a save button. The login module saves your data and hands it over to the right module after a succesful login.

Tags: release
by Hugo Leisink
24 February 2017, 12:48

In this major release of the Banshee PHP Content Management Framework, the most important changes are:

  • PHP 7-only: Banshee v6.0 requires PHP 7. This dependency can mainly be found in the new error handler and the usage of several PHP 7-only crypto functions.
  • View: The output library has been renamed to 'view', to be more in line with MVC.
  • Namespace: All Banshee libraries use a Banshee namespace to prevent conflicts with third party libraries.
  • New CSRF protection: This version has improved protection against Cross-Site Request Forgery.
  • Composer: You can include third party libraries via Composer.
Tags: release
by Hugo Leisink