-v2.6.
-Improve sanitization per Issue #4.
-Github user @robre pointed out some typos in sanitizeCore.php, specifically lines 95 & line 96 from v2.4.
-These bugs mean to me that I need to review more of this code.
-Thank you, @robre!
-v2.0.
-Consolidate some code in similar fashion to the recent HRC2 refactor.
-Now when no extension is specified a default will be used instead of displaying a 404 error.
-Tweak auto-cleaner to make it work in a safer, more reliable way.
-Add conversion and archive support for tar.bz2.
-Now when bulk archives are created any converted files will be included in the archive as well as the originals.
-Fix the way files sync between locations and the way symlinks are controlled.
-v1.9.
-Added checks for dangerous files to all Convert operations and to the GUI.
-Fix PDF files showing the image options button when there is no div to display.
-Added this changelog to keep track of thoughts, changes, and ideas.
-v1.6.
-Refactor the way required directories are handled.
-Use a for loop to define and create required directories instead of using a bunch of WET static code.
-Separated the mechanisms for replacing index files in hosted directories for document root protection.
-v1.4.
-After being unable to get the janitor working and finally getting frustrated by how terrible it's always been I decided to go a different route with auto-cleanup.
-This seems to work much better and it's about 1/4 the amount of code as before.
-v1.2.
-Added support for .mov video files.
-Tweaked displayed options for .mp4 files.
-Added back and refresh buttons to gui2.
-Fix 256mb max filesize.
-Tweak dropzone settings.
-Now 10 files upload in parallel with no filesize limit.
-v0.9.
-GUI about 3/4 of the way done.
-Fixed bugs, finished GUI page 2 of 3.
-Now we configure and fine tune the core outputs and design a third GUI element for returning the converted files to the user.
-Plus a whole bunch of testing/fixing after that...
-v0.8.9.
-Already moved away from user-agent as a token variable. Async callbacks don't work.
-Now we have 2x server-provided tokens. One is unique and the other is derived from a hash of the first token and the config Salts.
-So even if an attacker spoofs the IP and guesses a correct token with active temp files he's still going to need to craft a second token using the first token and 6x server-side salts in order to access files that will probably be deleted within minutes anyway.
-v0.8.8.
-HRConvert2 now enables more secure passive identification of users by introducing a $Token variable.
-The token is set by the server and given to the client to use for accessing their files.
-The token is NOT the only factor in identifying users.
-The token is used to hash a UUID along with the IP and user-agent.
-If the IP is blank or masked we do our best to identify it by various means.
-If the user-agent is blank we hash 2x 10-digit random numbers and use that instead.
-This should be good enough to avoid collisions on LAN's with crazy DHCP as well as being open to an internet full of bots, botnets, and proxies.
-v0.8.6.
-Enabled styles on GUI.
-Styled select boxes.
-Enabled $Font from the config to actually control fonts used in the GUI.
-Added a bunch of icons and credits.
-Tweak GUI element placement through the entire app.
-Refactored WET code to DRY code by removing common elements from the GUI and organizing them into header.php and footer.php.
-v0.8.5.
-Uploading works. Files are stored according to the config.php file.
-Directory generation works.
-AutoClean (should) work.
-Fixed virus scanning.
-Tweaked GUI elements, div structure.
-Added $TOSURL and $PPURL to config.php, for dynamic Terms of Service/Privacy Policy references in GUI's.
-Need to work on convertGui2.php. It's probably gonna need JQuery and Ajax to convert and download files without refresh.
-Maybe eventually combine the GUI pages and hide elements that are done being used.
