Weblog

Version 6.4 of the Banshee PHP framework has been released. This version allows you to create e-mail forms in an easy way. This is done by entering a script in the page CMS module. The script below is used to create the contact form at this website.

{{line Name}}
{{email E-mail address}}
{{required text Question or comment}}

In the CMS page administration page, click on the help button in the 'New page' page for more information about the script syntax.

The most important change in this release is the POST protection library. It offers protection against CSRF and re-post. The MySQL command line tool dependency has been removed from the setup module.

I got fed up with the previous design of the Banshee website, so I created a new one.

The current version of Banshee uses Bootstrap v3.3.7. This version is vulnerable for XSS, but it is not exploitable via Banshee. Banshee doesn't allow users to set the data-target property of a tag. When a patch is available, it will be applied to the next version of Banshee.

I know Bootstrap v4 has been released, but I don't really like its new design. So, I'm sticking with Bootstrap v3 for now.

Just a small bugfix release with a few minor new features.