The new blocks module designed to work with the recoded Themes engine has been committed to CVS. This new module, while fully working will probably undergo some enhancement before the release of .8 MS1 with use of the new Ajax library a priority. All block management is now fully integrated with the Blocks module, from block position tags to assigning blocks to block positions. Despite these new additions, the block management interface remains fairly simple and intuitive, improving usability over the .7x block control system.
Also newly committed in the past few days is the PostNuke Ajax framework. This framework is already in use within the Permissions module as a demonstration of what can be achieved. PostNuke's Ajax implementation is based around the prototype.js script and script.aculo.us libraries, which as well as providing nice visual effects are fairly easy to implement for the module developer. This framework was made possible in .8 through core changes to the pnInit() function, which can now be passed a parameter determining what parts of the core should be loaded. In the case of an Ajax framework it is important to limit the initialisation process to an absolute minimum of components for performance reasons. Again, with this in mind each module that wishes to use Ajax functionality should use a new Ajax entry point 'pnajax.php' in their modules. This reduces the number and size of files that are loaded with each Ajax call, but does not prevent you from calling other functions in your module should you require them.
Full documentation on how to use the Ajax Framework should be available with the final .8 release, however in the meantime developers are invited to update their CVS copies and look at what has been achieved so far.
For some time now, the Permissions module interface has been far from ideal, especially on sites where you have large numbers of permissions. In this situation, the PostNuke Ajax library can be put to very good use, as demonstrated by the demonstration currently in CVS. It is now possible to order permissions through a 'drag and drop' interface, create new permission rules, and also test any permission you have written through an easy to use interface all without reloading the page. Furthermore, you can filter permissions by group for an easy review of a single group's access rights on your website.
We anticipate that the Ajax libary can have many more uses across the codebase for .8, and over time these will be implemented. PostNuke now has a solid Ajax framework upon which third party developers can begin to develop their own Ajax-based modules for use with .8.
For the new Ajax tableless module administration layouts to work correctly in tableless themes (such as the andreas08 theme in CVS) use has been made of a pn-clearfix class. This has been adapted from positioniseverything. While these changes were prompted by the introduction of Ajax sorting to lists in CVS, the class can be applied in any relevant situation.
With the increasing use of hooks modules across the codebase with the advent of complete API compliance, it was necessary to introduce a dependencies system to PostNuke .8. This system allows modules that support or require particular hooks a way of informing the user of this requirement. In PostNuke .8, the core system will inform site administrators if they are lacking a module which can add functionality to their site. Additionally, the system prevents conflicting modules being installed together. It is up to module authors to set module dependencies in their pnversion.php file, stating a minimum and/or a maximum version required. An example of this is in CVS, in the form of the pnCategories pnversion.php file. When the .8 MS1 release is available, module authors are encouraged to look at this system and use it to their advantage when creating modules in the future.
Through the .8 PostNuke User's module it is now possible to choose the hash method in use on your site. The addition of both SHA-1 and SHA-256 encryption can add security in sensitive environments, and additionally the ability to change hash method can help when integrating PostNuke with other applications. The hash method changes have been implemented in such a way as to ensure you can change hash method at any point, you are not tied to a particular hash method at installation time.
More security options for sessions in PostNuke .8 are now available. You can now choose whether to sign cookies sent by your website, decide how long forms on your website should be valid for (through the authkey timeout) and finally enable IP checks to ensure session IP addresses do not change mid-session, which can occur if multiple people use the same account. PostNuke also now supports the setting of a secure host name for HTTPS, if your site does not support HTTPS through its normal domain name.
When disabling your site in .7x it was important to remember to stay logged in, or you would be locked out of your site with the PostNuke Swiss Army Knife as your only way back in. In .8 this changes, now an admin logon form is available on the site disabled screen to allow you to get back in to a disabled site.
At this stage, many of the key features of .8 are nearing completion, and we remain on track for our target Milestone 1 release window of the third week of April. Third party developers are especially encouraged to use this release to test their code for compatibility with .8, as due to the core changes some modules will need updating. Meanwhile, if you are interested in seeing the latest state of the .8 codebase before the Milestone release you are welcome to download the latest CVS snapshot.