Hello everyone,
The following versions of Totara have now been released:
- 2.7.6
- 2.6.23
- 2.5.30
- 2.4.33
- 2.2.40
These versions do contain security fixes and for this reason we strongly recommend upgrading.
Each release also includes bug fixes and improvements.
Thanks to Chris Wharton at Catalyst, Haitham Gasim at Kineo, Jo Jones at Kineo, Joby Harding at Mindclick and Russell England at Vision by Deloitte for their contributions.
Changelogs are as follows:
Release 2.7.6
Security issues:
TL-7157 Added a new workaround for password autocompletion issues in some modern browsers
This fix works around an issue whereby some modern browsers would
automatically fill any password field in any form with a users stored
password for the site.
This would only occur after the user had made the decision to save Totara
authentication credentials within the browser.
Previously implemented directives telling the browser to not automatically
fill in the field are now ignored.
Improvements:
TL-3202 HR Import now correctly enforces required user fields
It was previously possible to not include some required user fields when
using HR Import.
First and last name columns are now automatically required if user creation
is allowed, and the email field is automatically required if duplicate
emails are not allowed and user creation is allowed.
It is possible to exclude the first name, last name and email columns if
only the user update and/or delete options are enabled.
TL-5955 Added new events for the creation and deletion of RPL course and activity completions
TL-6436 Added an option to reset notifications to default for Face-to-face notifications
Sites that have been upgraded through Totara 2.4 may have Face-to-face
activities that do not have the complete series of notifications a newly
created Face-to-face activity would have.
This improvement introduces a means of resetting the default notifications
allowing those sites that have Face-to-face activities with missing
notifications to reset the default notifications if they wish in order to
get them back.
TL-6807 Added a date format setting for HR Import of users when using an external database source
TL-6817 Added new capabilities to allow the delegation of language settings control
Two new capabilities have been added to allow delegation of control of
language settings and language packs.
Previously this was controlled by the site config capability.
By default only site administrators have these new capabilities.
The two new capabilities are:
* totara/core:langconfig - Allow access to edit language settings.
* tool/langimport:managelanguages - Allow installing and uninstalling of
language packs.
TL-6929 Improved Behat tests that use Totara navigation
TL-6994 Improved the performance of scheduled reports if the export to file system option is enabled
Previously scheduled reports with the export to file system option turned
on would be generated twice, once for the recipient of the report and once
for the file system.
The code now only generates the report once and uses it for both the
recipient and the file system.
TL-7109 Changed audience strings to reflect what start and end dates actually do
TL-7130 Improved the redirect on saving changes when editing Totara menu items
The current behaviour is that you will get redirected back to the index
page when you save any settings. This means that you will have to go back
to the edit page and then navigate to the "Access" tab in order to set
custom access rules after having set the visibility to "Use custom access
rules".
The new behaviour is to redirect to the "Access" tab when the visibility
setting is changed to "Use custom access rules".
Bug fixes:
TL-3550 Fixed the incorrect removal of completed Feedback 360 requests if JavaScript is disabled
This issue was caused by behaviour inconsistency between JS being enabled
and disabled.
If JS was enabled when editing a Feedback 360 with completed requests and
the user clicked add users the page would be lost and the completed
requests would be incorrectly removed.
The basic interface now behaves in the same way as the enhanced interface.
TL-6455 Fixed the formatting of report names used within in the Graphical Reports block
Report names that contain special characters are now displayed correctly
within the Graphical Reports block.
TL-6487 Fixed the display of competencies achieved through course completion on the My Team page
Previously the number of competencies achieved for each team member was
been incorrectly displayed on the My Team page if one or more competencies
had been achieved through course completion due to stats not being
correctly recorded.
This has been fixed and an upgrade step ensures all stats are correct.
TL-6512 Fixed course reminder escalation messages being sent for all historical course completions
TL-6575 Fixed report builder column order when exporting to Excel in RTL languages
TL-6645 Changed Certification Completion report source columns to use certification status rather than program status
Several fields in the certification completion report source were changed
so that their information is determined by the certification status value
rather than the program status. The Status column now shows the same data
as the Record of Learning: Certifications Status column. Is Complete was
changed to Is Certified and Is Not Complete to Is Not Certified. Those two,
as well as Is In Progress and Is Not Started were changed to reflect the
correct state of the certification. Columns and filters in existing reports
have been converted, but customised column headers need to be updated
manually to reflect the change. Users should check any saved searches which
use these filters, as they may no longer show the information that is
expected.
TL-6708 Fixed course custom field data being saved after events
Course custom field data is now being saved before the course_created and
course_updated events, allowing observers of those events to access custom
field data.
TL-6767 Fixed HR Import producing a fatal error if more than 65336 import errors were encountered
TL-6811 Fixed an undefined variable notice when editing a course
TL-6908 Fixed the display of stage titles when exporting an Appraisal
When an Appraisal had a long stage title and either a short description or
no description at all the title would sometimes be cut off in the PDF that
was produced by the export.
This was affecting the interface and PDF snapshots.
TL-6955 Fixed Face-to-face Session report source Role columns and filters not working
These columns and filters are now selectable and use language strings.
TL-6964 Improved validation when creating main menu items with custom access rules
This changes improves the validation of main menu custom access rules to
ensure items cannot be created within invalid rules.
TL-6983 Fixed non-unique query parameter names in report builder filters
Report builder filters were previously attempting to generate unique
parameter names by hashing a combination of information about the filter.
This could lead to duplicate parameter names being generated on occasion
causing an error.
This has been fixed to use sequential param names instead ensuring a
parameter name is always unique.
TL-6986 Fixed the Face-to-face Manager approval radio button disappearing when user signup note is disabled
TL-6989 Fixed conflicting content option aliases for report builder reports
TL-7046 Fixed client side form validation on forms without a header
TL-7048 Fixed the sending of certification alerts so that suspended users are excluded
TL-7083 Fixed a missing include when trying to search for a program or certification
TL-7095 Removed all uses of the sql_fullname function from within the Site Logs report source
TL-7099 Fixed over restrictive capability checks when uploading custom certificate images
User with the totara/core:modconfig capability may now upload custom
certificate images through the certificates module setting.
This makes it consistent with the other module settings.
TL-7102 Fixed the cancel button when editing a course section summary
Previously the cancel button when editing a course section summary would
not cancel the action but instead complete it.
The cancel button now correctly disregards any changes the user has made.
TL-7110 Fixed program exceptions not being triggered when creating new a assignment
Previously if an assignment was added to a program or certification, and a
completion date was set, all in one step (without saving in between) then
exceptions for those assignments were not being checked.
The fix for this issue ensures exceptions are correctly checked and
triggered.
TL-7122 Removed the incorrect commas at the end of lines for when displaying Face-to-face room details
TL-7142 Added a new capability for the certificate modules "email teachers" setting and updated its language strings
Previously the setting was sending notifications to everyone with the
mod/certificate:manage capability, which resulted in all site managers
receiving the messages.
The setting is now called send notifications and it uses a new capability
mod/certificate:receivenotification which defaults to only the editing and
non-editing trainer roles, if you want your site managers or custom roles
to receive these notifications you will have to give them the capability.
TL-7149 Fixed the display of certification status within report builder filters
TL-7156 Fixed the display of certification renewal status in the Record of Learning report
TL-7196 Reset Required Learning menu item cache when programs or certifications are completed
When the last Required Learning program or certification was completed, the
Required Learning menu item was not being immediately removed. This was
causing an error message if it was subsequently selected.
New features:
TL-6407 Added a new colours custom setting to graphs in report builder
It is now possible to specify graph series colours in the custom settings
for a report builder report.
Colours can now be specified using the following syntax in the custom
settings input:
colours = #ff0000,#00ff00,#0000ff
While it is possible to use any colours the browser supports we strongly
recommend only hexadecimal colours are used.
Contributions:
* Chris Wharton at Catalyst NZ - TL-6964
* Haitham Gasim at Kineo - TL-6955
* Jo Jones at Kineo - TL-6767
* Joby Harding at Mindclick and Russell England at Vision by Deloitte - TL-6708
Release 2.6.23
Security issues:
TL-7157 Added a new workaround for password autocompletion issues in some modern browsers
This fix works around an issue whereby some modern browsers would
automatically fill any password field in any form with a users stored
password for the site.
This would only occur after the user had made the decision to save Totara
authentication credentials within the browser.
Previously implemented directives telling the browser to not automatically
fill in the field are now ignored.
Improvements:
TL-3202 HR Import now correctly enforces required user fields
It was previously possible to not include some required user fields when
using HR Import.
First and last name columns are now automatically required if user creation
is allowed, and the email field is automatically required if duplicate
emails are not allowed and user creation is allowed.
It is possible to exclude the first name, last name and email columns if
only the user update and/or delete options are enabled.
TL-6436 Added an option to reset notifications to default for Face-to-face notifications
Sites that have been upgraded through Totara 2.4 may have Face-to-face
activities that do not have the complete series of notifications a newly
created Face-to-face activity would have.
This improvement introduces a means of resetting the default notifications
allowing those sites that have Face-to-face activities with missing
notifications to reset the default notifications if they wish in order to
get them back.
TL-7109 Changed audience strings to reflect what start and end dates actually do
Bug fixes:
TL-6487 Fixed the display of competencies achieved through course completion on the My Team page
Previously the number of competencies achieved for each team member was
been incorrectly displayed on the My Team page if one or more competencies
had been achieved through course completion due to stats not being
correctly recorded.
This has been fixed and an upgrade step ensures all stats are correct.
TL-6512 Fixed course reminder escalation messages being sent for all historical course completions
TL-6575 Fixed report builder column order when exporting to Excel in RTL languages
TL-6767 Fixed HR Import producing a fatal error if more than 65336 import errors were encountered
TL-6908 Fixed the display of stage titles when exporting an Appraisal
When an Appraisal had a long stage title and either a short description or
no description at all the title would sometimes be cut off in the PDF that
was produced by the export.
This was affecting the interface and PDF snapshots.
TL-6955 Fixed Face-to-face Session report source Role columns and filters not working
These columns and filters are now selectable and use language strings.
TL-6983 Fixed non-unique query parameter names in report builder filters
Report builder filters were previously attempting to generate unique
parameter names by hashing a combination of information about the filter.
This could lead to duplicate parameter names being generated on occasion
causing an error.
This has been fixed to use sequential param names instead ensuring a
parameter name is always unique.
TL-6989 Fixed conflicting content option aliases for report builder reports
TL-7048 Fixed the sending of certification alerts so that suspended users are excluded
TL-7102 Fixed the cancel button when editing a course section summary
Previously the cancel button when editing a course section summary would
not cancel the action but instead complete it.
The cancel button now correctly disregards any changes the user has made.
TL-7110 Fixed program exceptions not being triggered when creating new a assignment
Previously if an assignment was added to a program or certification, and a
completion date was set, all in one step (without saving in between) then
exceptions for those assignments were not being checked.
The fix for this issue ensures exceptions are correctly checked and
triggered.
TL-7142 Added a new capability for the certificate modules "email teachers" setting and updated its language strings
Previously the setting was sending notifications to everyone with the
mod/certificate:manage capability, which resulted in all site managers
receiving the messages.
The setting is now called send notifications and it uses a new capability
mod/certificate:receivenotification which defaults to only the editing and
non-editing trainer roles, if you want your site managers or custom roles
to receive these notifications you will have to give them the capability.
TL-7149 Fixed the display of certification status within report builder filters
TL-7156 Fixed the display of certification renewal status in the Record of Learning report
Contributions:
* Haitham Gasim at Kineo - TL-6955
* Jo Jones at Kineo - TL-6767
Release 2.5.30
Security issues:
TL-7157 Added a new workaround for password autocompletion issues in some modern browsers
This fix works around an issue whereby some modern browsers would
automatically fill any password field in any form with a users stored
password for the site.
This would only occur after the user had made the decision to save Totara
authentication credentials within the browser.
Previously implemented directives telling the browser to not automatically
fill in the field are now ignored.
Improvements:
TL-6436 Added an option to reset notifications to default for Face-to-face notifications
Sites that have been upgraded through Totara 2.4 may have Face-to-face
activities that do not have the complete series of notifications a newly
created Face-to-face activity would have.
This improvement introduces a means of resetting the default notifications
allowing those sites that have Face-to-face activities with missing
notifications to reset the default notifications if they wish in order to
get them back.
TL-7109 Changed audience strings to reflect what start and end dates actually do
Bug fixes:
TL-6512 Fixed course reminder escalation messages being sent for all historical course completions
TL-6767 Fixed HR Import producing a fatal error if more than 65336 import errors were encountered
TL-6908 Fixed the display of stage titles when exporting an Appraisal
When an Appraisal had a long stage title and either a short description or
no description at all the title would sometimes be cut off in the PDF that
was produced by the export.
This was affecting the interface and PDF snapshots.
TL-7048 Fixed the sending of certification alerts so that suspended users are excluded
TL-7085 Replaced a hardcoded "Participants" string in Appraisals with a translatable string
TL-7102 Fixed the cancel button when editing a course section summary
Previously the cancel button when editing a course section summary would
not cancel the action but instead complete it.
The cancel button now correctly disregards any changes the user has made.
TL-7110 Fixed program exceptions not being triggered when creating new a assignment
Previously if an assignment was added to a program or certification, and a
completion date was set, all in one step (without saving in between) then
exceptions for those assignments were not being checked.
The fix for this issue ensures exceptions are correctly checked and
triggered.
TL-7142 Added a new capability for the certificate modules "email teachers" setting and updated its language strings
Previously the setting was sending notifications to everyone with the
mod/certificate:manage capability, which resulted in all site managers
receiving the messages.
The setting is now called send notifications and it uses a new capability
mod/certificate:receivenotification which defaults to only the editing and
non-editing trainer roles, if you want your site managers or custom roles
to receive these notifications you will have to give them the capability.
TL-7149 Fixed the display of certification status within report builder filters
TL-7156 Fixed the display of certification renewal status in the Record of Learning report
TL-7241 Fixed the creation of embedded reports on a clean installation
Previously, embedded reports were only being generated the first time that
each report was accessed. Now, they are also all created when the Manage
Reports page is first accessed.
Contributions:
* Jo Jones at Kineo - TL-6767
Release 2.4.33
Security issues:
TL-7157 Added a new workaround for password autocompletion issues in some modern browsers
This fix works around an issue whereby some modern browsers would
automatically fill any password field in any form with a users stored
password for the site.
This would only occur after the user had made the decision to save Totara
authentication credentials within the browser.
Previously implemented directives telling the browser to not automatically
fill in the field are now ignored.
Bug fixes:
TL-6512 Fixed course reminder escalation messages being sent for all historical course completions
TL-7102 Fixed the cancel button when editing a course section summary
Previously the cancel button when editing a course section summary would
not cancel the action but instead complete it.
The cancel button now correctly disregards any changes the user has made.
Release 2.2.40
Security issues:
TL-7157 Added a new workaround for password autocompletion issues in some modern browsers
This fix works around an issue whereby some modern browsers would
automatically fill any password field in any form with a users stored
password for the site.
This would only occur after the user had made the decision to save Totara
authentication credentials within the browser.
Previously implemented directives telling the browser to not automatically
fill in the field are now ignored.
(Edited by Andy Kirk (Totara) - original submission Tuesday, 18 August 2015, 7:26 AM)