Last version we have released our new finance module and today I can already provide you with some great news. Version 3.56 brings improvements for profile pictures, an optimized transaction journal and a fresh group homepage! Furthermore, a security vulnerability has been closed that requires your attention. Let’s get started right away, without wasting much time.
Group-Homepage in fresh design
In the last weeks we have been working on the group homepage. A great feature to present public groups and also to show them on your own homepage. We have completely revised this group homepage and given it a facelift. It now shines in new splendor. The fresh design does not only look up-to-date, but information becomes more visible and the suitable group can be found much faster now.
The new group homepage comes in three different views: list, large tiles and small tiles.
The new detailed pages put the group in the right light and make it shine. We have also revised the registration process. It is now much easier to register for a group. This applies to people who are already logged in, as well as completely new people who do not yet have an account.
If I am logged in, I will see my profile picture and also that of my family and possibly people with the same e-mail address. I can now register my whole family for the church retreat in one step.
If I am not logged in, I will be asked to enter my e-mail address first. ChurchTools will then send me a registration link. With this link it is first checked if this email address already exists in ChurchTools and if so, I will be redirected with my profile. If this address is new, I can register again and enter my name.
This new login workflow facilitates many scenarios, such as family logins, but also prevents double accounts caused by annoying typos.
Good to know: The new group homepage has to be integrated into the own homepage. The old group homepage will run a few more versions parallel to the new one, so nothing will break. But in time we will remove it from ChurchTools.
IT Security: CSRF – Adapting External Tools (ChurchDBSync)
We are always looking to increase security in ChurchTools. It is important to us that your data is safe. To ensure this we have closed a vulnerability in the security of ChurchTools. For those interested: This is a CSRF security gap.
Important: If you have written your own external tools that use the old AJAX API or use DBSync, then an update is mandatory. The AJAX API now requires a CSRF token to authenticate the request. For more information see our help pages.
In an extreme emergency, the CSRF-Token Check can be temporarily disabled in the admin settings. This will automatically reopen the vulnerability, but your own tools will be usable again for the time being. But the tools still need to be updated! We will remove these settings soon to eliminate this attack vector completely.
ChurchDBSync: Customers who synchronize data from Optigem with ChurchTools must update to version 1.37!
Profile pictures
The group pictures have already done it, now follow the profile & family pictures. Your portrait can now be cropped directly in ChurchTools and a focal point can be added. ChurchTools will then ensure that the image is cropped for other formats.
This change has the nice side-effect that the app has become faster, because the images can be loaded in optimized resolutions, thus increasing performance.
Donor in transaction journal
ChurchTools finance is designed primarily for churches. Therefore donations play an important role for the majority of our customers. To reflect this we have added a column “Donor” to the transaction journal. Thus it is immediately obvious which transaction is a donation and who made it. This small detail takes the cashiers another good step forward and speeds up their work.
Add multiple songs to the schedule
On Sunday we sing worship songs to the glory of God. So that all participants know on Sundays what is being sung, we use the agenda in ChurchTools. But there is one thing that has taken a lot of effort so far: Adding songs to the agenda. Each song had to be added individually. This is now much easier.
Using the “New Song” dialog, you can now check several songs and add them to the agenda with a single click. ChurchTools remembers the selections until the songs are added. That means you can use the filter and search function to check the songs individually. The song will be added to the agenda even if the song is currently not visible in the list, e.g. because the list was restricted by the search field.
Now it is even much faster to plan the perfect service. 🙂
Further changes
If this is not enough for you, you will find all changes of this and earlier versions in our Changelog.
We hope you like the new version as much as we do. As always, you may leave praise and criticize in our forum.