This update (c47d0e4) brings with it the following improvements:
- Session variables can now be used to store information for anonymous users. Only pre-approved variables can be used, and they have very limited size.
- Whenever you perform an activity that stores some kind of information, you will now get a flash message about what happened when the page redirects. This message was not displayed earlier. Flash messages can have three severities: info, warning and error.
- Anonymous users can now set their language preference using the manage_language() template function. This is not available in the default template, but sites can choose to use this feature as required. All three language settings can be set.
- Session authentication and information is now stored in a Redis database that should allow much higher concurrency than our old solution.
- Avoid logging a lot of event information that is never displayed anywhere. Also removed 34 million old events which are no longer needed.
- The session ID is no longer logged with the login event, which could be used by certain privileged users to hijack sessions. This is no longer possible.
- The online request handler now shows the IP addresses associated with the sessions if you're logged in as a global administrator. Guests are also displayed in the table.
- Whenever you hide or show the left/right panels or the message of the day, this is now stored in a session variable instead of a cookie.
- The user panel (right side of the screen) now stores in a session variable which section is open on page refresh.
- When you close the file browser, the last folder you were in is stored in a session variable and the next time you open it without a specific location you should be back where you were.
- Whenever the message of the day is added or changed the users that have hidden it will see it again.
- Flash messages are now used on CEFR sites to inform about report sent. This allows users to return to the report after sending it.
- When storing an object using JSON response mode, the serialized object is now returned to the caller.
- Fix a partially hidden logout button issue in Google Chrome.
- Fix a bug where the value 0 is not considered a valid label.
- Make multi-select in the inbox and outbox more consistent with normal UI behavior.
- The old time log request handler which was replaced with the page views report has now finally been removed. It's not been usable since February 2014.