Release Note
30 posts
Sep 26 2022
FORMCYCLE 7.2.0
Features
Form designer
- PDF importer
- You can now open a PDF document in the form designer. This opens the PDF importer, which lets you copy form fields and texts from the PDF to the Xima® Formcycle form. The importer also offers several convenience features to help you with the conversion of PDF forms to web forms.
- New form element Invisible Container
- The invisible container is similar to the standard container element. The main difference is that by default, the invisible container does not have a padding on each corner. In other words, you can nest as many invisible containers as you want to group elements without that having an effect on the visual appearance of the form.
- If you are using the Leitfaden plugin, you should update it to the current version. The invisible container element from the plugins is replaced by the built-in invisible container from Xima® Formcycle.
- Enter custom formulas for conditions in the form designer
- Previously, form field conditions such required-if or visible-if only let you select a single form element with a value to check. Now, you can also enter a custom formula that may contain references to multiple form elements.
- The formula must be a valid JavaScript expression (and not a statement). You can use variables such as [%tf1%] to easily reference the values of form fields.
- Note: Custom formulas are incompatible with server validation. Even if server validation is enabled, custom formulas are not validated by the server, submitted data will be accepted at face value.
- Free text input for select elements with auto complete
- A select element displayed as a combo box offers you the option to enable auto complete. Auto complete lets the user enter text and suggests available options depending on the entered text. Available options are validates, the user cannot enter text that does not correspond to an available options.
- This release adds a new option to select elements that allows the user to enter arbitrary text, even if that text does not correspond to an existing option.
Workflow designer
- New workflow action Create protocol entry
- This action lets you create protocol entries for the form record with a custom message. These protocol entries can be viewed in the history tab of the inbox.
- New workflow action Form record history as PDF
- This action lets you create a PDF document with the history of a form record as it can be seen in the history tab of the inbox.
- Free content selection for the HTTP request action
- Until now, the HTTP request action only let you send requests where the body was either URL encoded (application/x-www-form-urlencoded) or a multipart body (multipart/form-data).
- Now you can either freely enter plain text or select a binary data for the request body content. You can also use this feature, for example, to interact with a JSON based REST API.
Changes
- The license details in the license menu now also include a note about whether the Azure AD and WebDAV features are enabled.
- Email notifications regarding failed system updates are now sent with their priority set to High.
- Changes to the WebDAV connections menu:
- Modifications made to WebDAV connections (creating a new connection, editing or deleting an existing connection) are now logged in the client protocol.
- WebDAV connections cannot be deleted anymore when they are still used by the workflow of an existing form.
- When a proxy server was configured in the JVM (Java runtime environment), that proxy server is used when sending emails via the email action, unless a different proxy server was configured explicitly.
- You can disable this behavior via the application property defaults.http.use_system_properties.
- Removed the option that was added in version 7.1, which let you output the select options of select elements in multiple columns when creating a Word export. In order to position the select option in multiple columns, an additional table was created in the Word document, which interfered with Word functions such as rmt(), as those would affect the additional table with the select options, not the surrounding table as they did previously.
Fixes
Backend
- Fixed file downloads in various menus in the backend. Downloading a PDF or Word export in Firefox does not result in a popup warning anymore.
- You can now use more than one reply to address again in the email action. Also fixed the email body type selection.
- Issues when deleting planned timed events of form copies were fixed.
- Invalid application sessions do not prevent new logins anymore.
- Form record from forms that make use of widget plugins can now be opened on the inbox frontend server again.
- Due to backwards compatibility, the no-argument usage sel1.con() of the Word function con nows gets interpreted as sel1.con(""), and checks whether one of the field values is empty. This is for legacy support only, we recommend that for newly created Word documents, you always use quotation marks to avoid ambiguity.
- Additionally, you can now also use the new Word function sel1.empty(). It lets you check whether there are either no values or one of the values is empty. We recommend you use this function for select elements to check whether no or an empty value was selected.
- Minor UI fixes in backend menus.
Form designer
- Fixed issues when searching for form elements in the form designer.
- Fixed minor issues with how the form was displayed within the form designer and how CSS was loaded. There are also new versions of some widget plugins that should be installed, such as for the Google reCAPTCHA Plugin.
- When switching from a custom CSS theme to the defaul theme, that theme is now applied immediately to the form in the form designer.
- The form preview now also supports privacy policies or imprints hat are configured to be shown as a dialog.
- All available CSS classes are now suggested again when entering the CSS classes for a form element.
Frontend forms
- When a form made use of upload fields with the automatic upload features enabled and also had a button with the action Submit no save, it was not possible to submit the form again after the submit button was clicked once. This is now fixed.
- The client-side validations is now performed always performed, even when a form had a button with the action Submit no save and is submitted multiple times.
- The marker that indicates whether a form field is a required field is now always set correctly, even when required-if conditions are combined with element repetitions.
For plugin developers
- Added a new plugin interface: IPluginAuthenticationLogic. The existing plugin interface IPluginAuthenticatorType only works for form authentications that are done before the form is opened. Once authenticated, the user is always redirected to the requested form. This new plugin interface lets you define your own authentication logic, including custom redirections. For example, you could use this to implement custom login buttons for forms.
- The plugin IPluginAuthenticatorType now also allows direct clients to be used, which authenticate the user directly without redirecting to a page from the identity provider. This allows you, for example, to implement a custom authentication via HTTP request headers.
- Updates Pac4J to version 5.5.0. You should check authentication plugins that make use of the Pac4J API and adjust them if required.
Checksums
Sep 08 2022
FORMCYCLE 7.1.1
Fixes
- Fixes a bug that sometimes resulted in the content of the JavaScript, CSS and meta section in the form designer being deleted.
- The content of the versions menu with the workflow and form versions is loaded correctly again.
Checksums
Aug 23 2022
FORMCYCLE 7.1.0
Features
- Support for WebDAV.
- This feature requires an appropriate license.
- The new backend menu Data, WebDAV connection lets you set up connections to a WebDAV server.
- The new workflow action Save to WebDAV server lets you transmit files to another system via the WebDAV protocol.
- New switch condition added to the workflow.
- Use the switch action to check a value against many multiple cases. For each case, you can then run different actions. Compared with existing yes/no conditions, the switch makes your workflow easier to read, especially when you have many cases. For example, if you have a select field selMartialStatus, you can use the switch condition to test the value against the possible options single, married, divorced, widowed, in a partnership.
- Automatic database and system updates when launching Xima® Formcycle
- Xima® Formcycle can now run all requires updates when it is started, so that you do not have to run a manual update anymore via the backend. This reduces the time it takes to update the system, and helps to avoid down times.
- For new installations, this feature is enabled by default.
- For existing installations, you can enable this feature in the backend via the menu System, Database.
- Login via Azure AD
- The backend menu External users (authenticators) now lets you retrieve users from an Azure AD.
- URL for monitoring the frontend server status
- Use the URL https://<domain>/<context>/monitor/fs/connection?name=MyFrontendServer to check whether the master is connected to a certain frontend server. You can also trigger a reconnection when the server is not connected.
- Due to security concerns, this URL is disabled by default. To enable it, you need to configure the application properties monitoring.enabled and monitoring.allowed.hosts.
- Support for internationalized email addresses and UTF-8 headers
- Xima® Formcycle can now send emails to internationalized email addresses such as 山田太郎@株式.会社, provided the email server supports it.
- To enable support for internationalized email addresses, go to the system or client mail server settings and enable the option Server suppports UTF-8 message headers (RFC6532).
Changes
Backend
- To avoid issues when migrating data between different database systems, Xima® Formcycle now always treats all names case insensitiv. For example, when you have a client file named demo.txt, you cannot create a new file named Demo.txt anymore, even if your database supports it. No migration is required for existing systems that make use of such names. However, on the long term, we recommend you avoid these kind of name conflicts.
- Fixes issues with downloading forms from password protected form stores. Also, the form store is now always displayed in the correct language.
- If the hardware ID of a server has changed, when you attempt to update the license via the license menu page, a dialog shows up that lets you choose whether you want to register a new hardware ID or overwrite an existing one.
- You can now use callback links with URL parameters for external users (authenticator). This may be necessary when the identity provider does not allow URL parameters in the callback URL.
Inbox
- Previously, the inbox had only a predefined filter to display form records that arrived latest. It is now possible to filter form records to any modification range.
- The appointment view of the inbox now displays appointments faded out, when they belong to form records that are either saved or are waiting for a double opt-in.
- Improved the syntax of word fill functions. Parameters should now be enclosed in quotation marks. This lets you use arbitrary characters, including special characters. For example: selTrainPass.cb("1. class") oder selBookTitle.cb("The Final Odyssey is \"Comet Cowboy\"")
Workflow
- The actions Create text file and Export as XML now let you access the content of the created files via variables.
- The POST request of the old workflow now lets you add custom headers as well.
Frontend forms
- JQuery and JQuery UI were updated to the current version.
- The function $.xutil._load now also restores the number of element repetitions as well as the values of repeated elements.
- The data type email for input fields does not allow a dot at the end of email addresses anymore. Domain names may end on a dot to indicate that it is a fully qualified domain name. However, in practice, many common email providers do not allow such email addresses.
Form designer
- In the form designer it is possible to define for each form field in which status and for which user groups it should be available. If a form field is not available, the values are no longer displayed in the data table of the inbox anymore.
- You can now select the number of print export columns for select elements. You can find this option in the form designer in the tab Advanced (at the bottom in the panel Word and PDF export). When the number of columns is set to a value greater than 1, the select options are placed next to each other in columns when you create a Word or PDF export.
Fixes
Backend
- In full screen mode of the rich text editor, the button for the placeholder dialogue now works again.
- When you download a file in the backend, now always in a new browser tab to avoid losing the currently opened page.
- Several minor UI fixes.
Inbox
- Web Content Accessibility Guidelines (WCAG) conformity in the inbox has been improved.
- If there are multiple values for a form field, that values are all displayed in the data table of the inbox.
Workflow
- If an unhandled exception occurs in the new workflow, the error page now always appears. It doesn't matter that another response page has been defined in an action that has already been executed.
- LDAP workflow actions that use an existingLDAP query are executed correctly again.
- Fixed an issue where filling a form field in a Word document filling a form field in a Word document was sometimes not possible.
Frontend forms
- The session ID is now correctly forwarded when saving temporarily. In the case of forms with login, it was previously necessary to log in again after saving the form.
- The conformity of web forms to the German accessibility guidelines (Verordnung zur Schaffung barrierefreier Informationstechnik) has been improved..
Form designer
- The Word and PDF export feature now generates the correct Word function for creating checkboxes if used within repeated containers.
- Form fields can have conditions that control whether they are visible, required, or editable. Such a condition may also reference a hidden variable field. Server validation now validates such conditions correctly as well.
- If own HTML is entered in the rich text editor via the source code view in the form designer, this is now kept as far as possible and no longer cleaned up.
- Improvement regarding false positives in relation to bot detection.
For plugin developers
- PrimeFaces was update to version 11.
- Updated pac4j. Plugins that provide custom authenticators should be checked and may required adjustments.
- The builtin class PluginServletActionRetVal for the return value of servlet action plugin now contains constructors for all available parameters. Use of a custom implemenation of IPluginServletActionRetVal should be avoided, since these custom classes may not be available when communicating with a frontend server.
- The form preview in the form designer is now placed inside a shadow root. This improves the encapsulation of the designer CSS and the form CSS, and prevents custom form CSS from affecting the layout of the designer.
- As a consequence, widget plugins now also need to separate their CSS.
- IPluginFormElementWidget#getCssData has to return only the CSS required for the form layout.
- IPluginFormElementWidget#getCssDataForDesignerUi has to return only the CSS that is needed to style the form designer UI.
- @font-face rules need to be added outside the shadow root, not all browsers support @font-face within a shadow root yet (e.g. chromium)
- In addition, due to the shadow root, it is no longer possible to directly select elements in the form, starting at document context. If a widget plugin contains custom JavaScript for the designer that selects elements within the form preview, the JavaScript needs to be adjusted.
- The function IFormDesigner.getFormDesignPanel() can be used to access the element in which the form is located. Inside this element, it is now possible to search for child elements in the form. For example:
- As a consequence, widget plugins now also need to separate their CSS.
import { instance } from "@de-xima/fc-form-designer";
function main() {
// Instead of selecting elements directly from the global scope
$(".XTextField");
// Select elements starting from the form design panel
instance().getFormDesignPanel().find(".XTextField");
}
function main() {
// Instead of selecting elements directly from the global scope
$(".XTextField");
// Select elements starting from the form design panel
instance().getFormDesignPanel().find(".XTextField");
}
Checksummen
Jul 19 2022
FORMCYCLE 7.0.16
Fixes
- It is possible to use text templates within the form for the privacy policy or the imprint. In some cases invalid HTML was generated which could not be displayed by some browsers and also prevent certain plugins from working, such as the language switch plugin.
- When the privacy policy or the imprint was shown as a link that opens a dialog, when the user clicked on the link the occasionally got reloaded.
- Some form element conditions such as "hidden if" let you clear the form field when it is hidden. When combined with repeated form elements, this resulted in the internal form field "*_dyn_size" getting cleared as well. When the form element was set to not be editable after the first submission, this could lead to data loss.
- Forms contains a form element with a "editable if" or "disabled if" condition could not be submitted anymore. This is now possible again.
- When reopening forms with a repeated appointment picker, all selected appointments are displayed correctly now.
Checksums
Jun 24 2022
FORMCYCLE 7.0.15
Fixes
- The previous 7.0.13 release introduced added a server side validation feature that rejects data from form elements that are disabled or unavailable due to a state or user group condition. This resulted in issues when the form contains multiple form elements with the same name but conflicting conditions and one of those elements is a form variable (hidden input field). The behavior was changed so that data is rejected only when all form fields with the same name are disabled or unavailable and none of those fields are form variables.
Checksums
FORMCYCLE 7.0.14
Changes
- When create a blank PDF or Word document from a form, the options of a select element are displayed as checkboxes. The indentation of these checkboxes was removed, they now align with the remainder of the document.
Fixes
- Fixed an error that occurred when a form was copied and OracleDB was used.
- Malware plugins can now be used with frontend servers.
- Dates and times are localized properly in the response page after booking an appointment via an appointment picker
- The title in the browser tab with a form designer now always displays the correct name of the opened form.
- The name and alias input fields in the designer do not allow inputs longer than 255 characters anymore. Using longer names was not possible in previous versions either and resulted in an error when the form was saved.
- When multiple form stores with URLs that share the same origin are used, importing a form resulted in the form getting imported multiple times. This was fixed.
- The previous 7.0.13 release introduced added a server side validation feature that rejects data from form elements that are disabled or unavailable due to a state or user group condition. This resulted in issues when the form contains multiple form elements with the same name but conflicting conditions. The behavior was changed so that data is rejected only when all form fields with the same name are disabled or unavailable.
- Fixed small issues regarding W3C conformity (applies only when W3C mode is enabled)
- The attribute autocomplete is now set only when that attribute is allowed on the element.
- Previously, a SPAN element was created for form elements of type text. Starting with version 7.0.14, a DIV element is created instead. This allows block elements such as heading (H1, H2, etc) to be used in a W3C conforming manner.
- Small fixes in the backend UI.
Checksums
May 24 2022
FORMCYCLE 7.0.13
Features
- Added a new malware scanner plugin type. This plugin type makes it possible to scan for malware and viruses in files with the virus scanner software of your choice. When a malware scanner plugin is installed, files uploaded in the backend and files uploaded by users via frontend form are scanned for malware. We currently offer plugins for Microsoft Defender (Windows) and ClamAV (Linux).
- Added a new role permission for deleting form records. This permission controls whether a user is allowed to delete form records in the inbox. By default, all users with access to the inbox are granted this permission.
- Previously Xima® Formcycle blocked any attempts to include backend pages in third-party pages via iframes. This is still the default, but you can add exceptions for third-party pages that are allowed to include backend pages, see System General.
- Added new placeholder variables for selected elements displayed as questions. For example, let's say you have got a form with a select element named sel1, with 3 questions Q1, Q2, Q3 and 3 answers A1, A2, A3. When the selected answers are Q1-A1, Q2-A1, Q2-A2, Q3-A1, Q3-A2, Q3-A3, then:
- [%sel1%] resolves to A1;A1,A2;A1,A2,A3
- [%sel1_0%] resolves to A1, [%sel1_1%] resolves to A1,A2, and [%sel1_2%] resolves to A1,A2,A3
Changes (Backend)
- The configuration page Data LDAP connections lets you connect query an existing active directory. Previously a username and password were required, which meant that you could not connect to public directories. The username and password are now optional.
- When a form store provides an icon, that icon is shown in the import dialog instead of the generic form store icon.
- The form designer lets you translate the form into different languages. Previously, you could select all languages that were installed on the system that hosts the Xima® Formcycle server, but you could not add custom language codes. Since version 7.0.13, you can select between one of the languages configured on the Files & templates I18N variables page. To add a custom language, add a new language to the i18n variables. In addition, you can also show all languages previously available if that becomes necessary.
Changes (Frontend)
- When printing a form, it always uses up the entire available width. This also fixes the zoom feature of the print service plugin.
- The JavaScript functions jQuery.fn.autocompleteDB and jQuery.fn.autocompleteLDAP allow additional parameters to be passed to the query via the params argument. Previously, you could only pass string parameters, now you can also pass HTML elements and JQuery instances - the value of the form element is then sent as a parameter to the query.
- Improved performance for forms with select elements and many conditions.
- Improved variables replacement in various properties of a form element in the form designer:
- Form-specific variables such as [%$PROJECT_ALIAS%] or [%$PROJECT_TITLE%] are now replaced.
- Variables in the default value of select elements are now replaced.
Fixes
- Improved the detection when the connection to the database is lost and when the database is available again.
- When selecting a database type, no error message regarding missing drivers is shown anymore when you select MySQL 5 and the driver is installed on the system.
- Improved server validation when a form element is unavailable or disabled due to the state or user group condition
- Fixed a bug in the automatic height calculation of textarea elements.
- A bug related to upload elements with automatic uploads was fixed: Files were not saved correctly when the form element had an underscore in its name.
- The correct English translation is shown for appointment elements when the language is changed, e.g. via the languages switcher plugin.
- When the server validation is enabled for a form element and an existing form record is submitted again, only the newly submitted data were validated previously. This was fixed so that the existing data is taken into account as well.
- Saving form data in the offline app did not work when select elements contained options with a value longer than a single character. This can be fixed by updating to Xima® Formcycle 7.0.13.
- Minor bug fixes related to server validation.
- Minor bug fixes in the form and workflow designer.
- The very first form version backup is now loaded correctly as well.
- When inserting a form template and the template was a container or fieldset, sometimes elements in the container or fieldset were removed and not inserted correctly.
- Sometimes the form preview did not display correctly.
- Workflow actions could be dragged and dropped to multiple drop points simultaneously, which resulted in the action being added multiple times. This was fixed so that an action can be dropped only to one drop point at a time.
- Minor bug fixes in the backend UI.
Checksums
Apr 01 2022
FORMCYCLE 7.0.12
Changes
- Update the included Spring framework dependency to the latest version. Previous version contain a version of the Spring framework that is vulnerable to CVE-2022-22965. Currently, we are not aware of any scenario where this vulnerability can be exploited. We still recommend you upgrade to the latest Xima® Formcycle version.
Checksums
Mar 22 2022
FORMCYCLE 7.0.11
Features
- Automatic uploads: When you open a form and select an upload, the file is only transmitted to the server when you submit the form. For larger files, this may take a long time. To alleviate long submission times, you can now enable the new automatic upload feature in the form designer. When enabled, files are uploaded in the background while you can continue to fill out the form. You can also interact with automatic uploads programmatically via xutil.ajaxUploadManager.
- Image compression for uploads: Images uploaded by users can end up large, such as when they take an image with their mobile phones. You can enable the new image compression feature in the form designer for upload elements. When enabled, uploaded images are compressed and scaled automatically. To save space, the original file is discarded.
Changes
- You can now add more than one form store URL in the Look & Feel menu in the backend. When you want to create a new form on the forms overview page, one option is displayed for each form store that lets you import forms from that store.
- At places where you can configure a database connection in the backend, a warning is now shown when no driver is installed for the selected database type.
- The inbox lets you select and run user-defined workflow event. Previously, the selection used the names of the workflow processing chain, which was confusing to some users. Now, the names of the user-defined events are displayed.
- Selecting CSS classes in the form designer: The form designer lets you choose and add CSS classes to a form element. Previously, you could only add CSS classes that were defined in an existing CSS file. Now, you can add any arbitrary CSS class, and classes from CSS files are offered as suggestions. In addition, you can now also add CSS classes to the container of a form element.
- Variables in the configured extension of an upload element are now replaced.
- The note warning users that they are using an outdated browser now shows up for all versions of Internet Explorer.
- New JavaScript functions were added that let you control the appointment picker programmatically: jQuery.fn.appointmentPicker
Bug fixes
- The inbox lets you filter form records by their subject again.
- The workflow action Date and time offers several pre-defined date formats. Some were incorrectly labeled, this has been corrected. Also, a few more pre-defined formats were added.
- Show the correct error message when submitting a form with an uploaded file that has a size of 0 bytes.
- Server validation is now correctly skipped when the submit button does not require the form to be validated. Note: this requires the settings Validate submit button to be enabled in the form designer.
- Variables in the default HTML response page are replaced, even when no explicit response page was set in the workflow.
- The variable section to the bottom of the form designer lets you add hidden variable input fields to the form. Variables within the default value of non server-only variables are now replaced.
- Visibility and read-only conditions are evaluated correctly for select elements with auto complete enabled, even when such an element is hidden or disabled initially.
- Text area elements with the option auto resize enabled adjust their size correctly even when such as element is initially hidden.
- All users can see and change the available states and user groups for state and user group based restrictions in the form designer.
- Minor bug fixes for the server validation feature.
- Minor UI fixes for the backend user interface.
Checksums
Feb 14 2022
FORMCYCLE 7.0.10
Changes
- The workflow event After state change is now triggered even when a state change action to the current state of the form record was executed.
- Saved form records or form records waiting for confirmation of a double opt-in are locked and now also do not reveal any information about the form record subject or process ID. These records are also no longer exportable.
- If files are uploaded that cannot be read, a corresponding error message is displayed. This can happen, for example, if a virus scanner restricted access to the file or deleted the file. This adjustment affects both the backend as well as frontend forms.
- Form records of offline forms can still be opened and submitted. See the access settings of a form that lets you configure this behavior.
- The Quartz scheduler can be configured via application settings. The following parameters can now be customized:
- The number of threads in the thread pool.
- The time for re-executing triggers.
- The time until a trigger is considered to have failed.
- The name of upload elements was previously limited to 100. The name can now be up to 255 characters long.
- The default value for the number of connection attempts to the frontend server has been increased to 50.
- Temporary directory for uploads in backend has been adjusted.
- Configuring custom CSS for the backend requires an appropriate license.
- Improved log messages when the form record limit is reached.
Bug fixes
- Security improvements. Among other things, the logging library used has been updated to the latest version. See also here.
- Error messages that occur during server-side validation are now correctly displayed for repeated elements.
- Filtering by keywords in the form overview also works with numeric values as keywords.
- Fixed an error when deleting elements from repeated upload elements. Files are also no longer lost when resubmitting the form.
- Fixed an error when determining the content type and character encoding for the HTML response page and HTTP request actions.
- The color of links, such as in the label text of elements, is no longer overridden and can also be adjusted via CSS.
- When W3C compliant mode is disabled, the HTML attribute name is still set for containersand fieldsets.
- Also for Fieldset & Container elements, the HTML attribute data-org-name or org-name (when W3C compliant mode is disabled) is set.
- When cleaning file names in file generating actions, characters before the last slash are no longer truncated.
- No more unnecessary redirection when opening forms without access restrictions.
- URL parameters are preserved when redirecting within a form session.
- When sending form invitations, the form-specific inbox view is updated.
- Fixed an error in the workflow designer that could prevent it from opening.
- The tile for importing forms from the form store is not displayed if no URL for a form store has been set in the system.
- Fixed an error when importing forms with KERBEROS access.
- Hidden form elements are excluded during server-side validation. Conditional visibility is now also taken into account.
- The value of xf-action is no longer encoded if server-side button validation is disabled in the form designer. In old forms this is disabled by default, and when xf-action is accessed via JavaScript, you can now access the plain value again as in previous versions.
- Conditions are evaluated correctly for image elements.
- Form variables, which are used in the form, are now also replaced during redisplay. In addition, system variables in the Identifier for duplicate data sets are also replaced correctly.
- If the number of repetitions of a form element is negative, this value is treated as 0.
- Errors in server-side validation of repeated form elements are now displayed.
- When using FORMCYCLE with a Microsoft SQL Server database, more than 2100 form records can now be exported from the inbox.
- Fixed minor user interface bugs.