General

Version	Type	Description	ID
19.1.0.0	CORR	The issues with the route numbers being repeated and the incorrect date formats in service notices have been fixed.	TI-12086
19.1.0.0	CORR	The error that occurred when resending account activation email messages in TransitNow has been fixed.	TI-12448
19.1.0.0	CORR	The issue of service alerts for stops notifications not being displayed has been fixed.	TI-12939
19.1.0.0	CORR	The issue of service notice data not being imported from TransitMaster has been fixed.	TI-13456
19.1.0.0	CORR	The following changes have been added to allow the logging of all incoming real-time data in a file: Added a new context property "INFO/SoapInterface/Soap Message Log File Limit" to limit the size of the soap message log file. If the value set is 0, there is no limit to the file size. The incoming real-time data will be logged in a single file until it reaches the size limit. The rest of the data will be logged in another file. The file names include the time stamp of the first received real-time data.	TI-12257
19.2.0.0	ENH	Added functionality to get the stop accessibility information from the line details.	TI-14379
19.2.0.0	CORR	The issue of unnecessary content appearing on TransitNow activation email messages has been fixed	TI-13570
19.2.0.0	ENH	DB-Schema change: A new field, LockedTimeStamp has been added to the Registered Users table. This is used to save the time value in the database when a user account is locked and relates to the TravelerInformation > FixedRoute > TransitNow > Password > AutomaticUserAccountUnlockPeriod property.	TI-13957
19.3.0.0.	CORR	The issue of special characters appearing encoded in SMS messages sent with TextMarks has been fixed.	TI-14794
19.4.0.0	CORR	Fixes: In some instances, the Tp4 Workstation or Client shell may send the user's credentials to the SrvShell in an HTTP Basic Authorization header field, which is open text and therefore not considered secure.	DEVCORE3-5364
19.4.0.0	ENH	Added a new trace switch, Info/Lookup/ICDInterface/Trace, to control general trace logging in the CDBLog as well as a number of verbose trace messages, mainly focused on the ICDInterface::Default method.	TI-15714
19.4.0.0	CORR	The issue of the current date instead of the trip date being used to calculate the expiry and delivery time for Imminent Arrival notifications past midnight has been fixed.	TI-15291
19.5.0.0	CORR	The issue of incorrect identity field values being returned when using an Oracle database with Real Application Clusters (RAC) has been fixed.	DEVCORE3-4644
19.6.0.0	ENH	Improved logging of the Service Shell if errors occurred when calls were made to the INFO-MON shell to refresh the cached data.	TI-13556
19.6.0.0	CORR	The issue of users, who have the advanced drop-off notifications enabled, not receiving separate notifications for all their bookings on a given date has been fixed. Previously, users with multiple bookings on a given date only received a notification for the first trip of that date.	TI-15856
19.7.0.0	CORR	The issue of cancellations and detours from TransitMaster not being applied to both the arrival and departure times of a stop in the middle of the affected route has been fixed.	TI-14767
19.7.0.0	CORR	The issue of the incorrect order that services were run when the Service Shell was started has been fixed.	DEVCORE3-5377
19.7.0.0	CORR	An issue where updating context properties in the Client Shell resulted in TCF Event notifications for the change being posted twice has been fixed.	DEVCORE3-5404
19.7.0.0	CORR	The issue of the CoreMQ services not starting or causing errors when more than one Service Shell are running in the same server has been fixed. When configuring a Trapeze application that requires the Cmn_Lookup service group but does not require INFO-MON CoreMQ, one or more of the following service groups may be included instead of Cmn_Lookup in the profile file: Cmn_LookupRemarks Cmn_LookupSubscriptions Cmn_LookupRealTime Cmn_LookupComments Add Cmn_LookupBase if using any of these Lookup groups.	TI-16515
19.8.0.0	CORR	The issue of the temperature in Celsius on the Wayside screen incorrectly being converted to the Fahrenheit scale has been fixed. (The format is set in the Core/Locale/Formats/Temperature context property.)	TI-14349
19.9.0.0	CORR	The following changes have been made to secure the file upload functionality in Highwire: Three security keys have been added: Hiwire/FileUpload/Allow - Allows files to be uploaded. Hiwire/FileUpload/SpecifySubDirectory - Additional permission to allow uploading to a specific location. Hiwire/FileUpload/AllowFileOverwriting - Additional permission to allow overwriting of files. Three new properties have been added: Hiwire/FileUpload/Directory - Sets the file directory to be used for uploads only. It is empty by default, which will disable the uploading of files. Hiwire/FileUpload/MinimumFileSize and Hiwire/FileUpload/ MaximumFileSize - Controls the file sizes allowed. The defaults are 0 and 4MB although both properties are set in bytes to allow for better control if needed. Note: The Hiwire/FileUploadDir property has been made hidden. This property is no longer used by Highwire but may still be used in markup that tries to access existing files which were uploaded. The following restrictions have been added: Uploaded files can have a filename up to 255 characters. This matches OWASP's recommendation and the NTFS filename limit. Uploaded files must have alphanumeric filenames with exceptions for underscores and dots. When checking file extensions, only the last extension is considered. Uploads are trapped within the set upload directory. If a subdirectory path is provided, the absolute path of the final upload directory must be within the directory defined in the context property. The system does technically allow for a relative path so long as the absolute path remains within the upload directory, for example, D:\upload\..\upload\wow is valid if the upload directory is D:\upload since the absolute path is D:\upload\wow.	TI-17071 This task is associated with TI-17065.
19.9.0.0	ENH	DB-Schema changes for Floodgate Messaging: A new table was added, MassNotificationProdRecipient to allow call bundling. This means that clients with the same number are grouped together and only receive a single notification. The table has three fields: massNotificationProdRecipId, productRecipientId, and massNotificationRecipientId. The ProductRecipientId field was removed from the MassNotificationRecipient table.	TI-17408
19.9.0.0	CORR	The issue of stops marked as Node Only also being shown in the Stops list of a selected route has been fixed.	TI-12974
19.10.0.0	CORR	The error that occurred related to Last Import Time shown in the CDBlog has been fixed.	TI-17423
19.10.0.0	ENH	Logging to report certificate verification failures was improved to show more detail. This addresses an issue where the Client Shell would not connect to the Service Shell over SSL when the certificate chain contained more than one trusted authority.	DEVCORE3-5435
19.12.0.0	CORR	Stops shown for the selected route in the Passing Routes results in the Next Departures screen are now sorted based on distance.	TI-11892
19.12.0.0	CORR	The issue of the link to confirm the change in a user's email address not being formed properly has been fixed.	TI-17750
19.12.0.0	CORR	The issue of the SMSCarrier field not being saved in the database when a new user is created in TransitNow has been fixed. (The context property, TravelerInformation > FixedRoute > TransitNow > Notification > SMS > EnableSMSGateway must be enabled.)	TI-18165
19.14.0.0	ENH	Improved Structured Exception (SE) handling with the addition of the ability to terminate the application abnormally when the first SE occurs and to generate a crash dump that can provide better data on the cause of the error.	DEVCORE3-5478
19.15.0.0	CORR	The issue that occurred when the event service was under heavy usage causing exceptions in the log and the Service Shell becoming unresponsive has been fixed.	DEVCORE3-5482
19.15.0.0	ENH	When the application is configured to generate a crash dump on an exception, the log now includes a trace output with the name and path of the dump file and the type of the exception.	DEVCORE3-5484
19.16.0.0	ENH	A crash dump file is now generated during shutdowns from exception handling action.	DEVCORE3-5500
19.18.0.0	ENH	The following new switches have been added to enable and control the monitoring of long running ODBC SQL statements: Core > SQL > ODBC > Statement Monitor > Enable Core > SQL > ODBC > Statement Monitor > Report Threshold Core > SQL > ODBC > Statement Monitor > Report Blocked Transactions	DEVCORE3-5524
19.20.0.0	CORR	The issue of the ODBC Statement Monitor blocked query report not working with the Oracle native ODBC 12 (or earlier) driver has been fixed.	DEVCORE3-5530
19.21.0.0	ENH	Users can now select from multiple choices when defining context properties in the Client Shell.	DEVCORE3-5392
19.22.0.0	CORR	The issue of contents of other folders sometimes being shown together with those of the selected folder in the Properties screen has been fixed	DEVCORE3-5539
19.26.0.0	ENH	The following two context properties were created to update the ValidateSmartCard method to include validations for Cubic smart cards: PASS > PassInfoServer > SmartCard > Cubic > NumberOfIdDigits: A comma-separated list of values representing the number of digits that comprise a valid Cubic card ID. PASS > PassInfoServer > SmartCard > Cubic > ValidIdPrefixes: A comma-separated list of valid prefixes for Cubic card IDs. Card IDs must be numeric so it is assumed that the values for this property are also numeric.	MODTE-400
19.27.0.0	ENH	A new context property was added: PASS > PassInfoServer > SmartCard > AllowUserManagementExpression to support Smart card method updates. This is a client expression that’s used to determine if a given client is allowed to manage their smart card information. If it is set to True or if it’s blank, then the client is allowed. Otherwise they aren’t allowed.	MODTE-432
19.29.0.0	CORR	Fixed an issue of unexpected socket closures that can occur when a Workstation or Client Shell that previously called an HTTP 1.0 third party service later calls a Tp6 Service Shell or Schedule Server also with an HTTP 1.0 message but which expects an HTTP 1.1 message.	DEVCORE3-5581
19.31.0.0	CORR	The issue of no valid adherence information that occurred when the service determining real-time schedule adherence incorrectly assessed trip times has been fixed.	MPSTE-2624
19.32.0.0	ENH	When OPS schedule data is used, the Investigation Tool now filters by Division ID even if no Vehicle Car Number is provided.	MPSTE-2716
19.33.0.0	CORR	Fixed the result of supplying the wrong returned parsed data from Transit Master to the Service Adjustment when using the ICD Interface.	MPSTE-2848

19.1.0.0

CORR

The issues with the route numbers being repeated and the incorrect date formats in service notices have been fixed.

TI-12086

19.1.0.0

CORR

The error that occurred when resending account activation email messages in TransitNow has been fixed.

TI-12448

19.1.0.0

CORR

The issue of service alerts for stops notifications not being displayed has been fixed.

TI-12939

19.1.0.0

CORR

The issue of service notice data not being imported from TransitMaster has been fixed.

TI-13456

19.1.0.0

CORR

The following changes have been added to allow the logging of all incoming real-time data in a file:

Added a new context property "INFO/SoapInterface/Soap Message Log File Limit" to limit the size of the soap message log file. If the value set is 0, there is no limit to the file size.
The incoming real-time data will be logged in a single file until it reaches the size limit. The rest of the data will be logged in another file. The file names include the time stamp of the first received real-time data.

TI-12257

19.2.0.0

ENH

Added functionality to get the stop accessibility information from the line details.

TI-14379

19.2.0.0

CORR

The issue of unnecessary content appearing on TransitNow activation email messages has been fixed

TI-13570

19.2.0.0

ENH

DB-Schema change: A new field, LockedTimeStamp has been added to the Registered Users table. This is used to save the time value in the database when a user account is locked and relates to the TravelerInformation > FixedRoute > TransitNow > Password > AutomaticUserAccountUnlockPeriod property.

TI-13957

19.3.0.0.

CORR

The issue of special characters appearing encoded in SMS messages sent with TextMarks has been fixed.

TI-14794

19.4.0.0

CORR

Fixes: In some instances, the Tp4 Workstation or Client shell may send the user's credentials to the SrvShell in an HTTP Basic Authorization header field, which is open text and therefore not considered secure.

DEVCORE3-5364

19.4.0.0

ENH

Added a new trace switch, Info/Lookup/ICDInterface/Trace, to control general trace logging in the CDBLog as well as a number of verbose trace messages, mainly focused on the ICDInterface::Default method.

TI-15714

19.4.0.0

CORR

The issue of the current date instead of the trip date being used to calculate the expiry and delivery time for Imminent Arrival notifications past midnight has been fixed.

TI-15291

19.5.0.0

CORR

The issue of incorrect identity field values being returned when using an Oracle database with Real Application Clusters (RAC) has been fixed.

DEVCORE3-4644

19.6.0.0

ENH

Improved logging of the Service Shell if errors occurred when calls were made to the INFO-MON shell to refresh the cached data.

TI-13556

19.6.0.0

CORR

The issue of users, who have the advanced drop-off notifications enabled, not receiving separate notifications for all their bookings on a given date has been fixed. Previously, users with multiple bookings on a given date only received a notification for the first trip of that date.

TI-15856

19.7.0.0

CORR

The issue of cancellations and detours from TransitMaster not being applied to both the arrival and departure times of a stop in the middle of the affected route has been fixed.

TI-14767

19.7.0.0

CORR

The issue of the incorrect order that services were run when the Service Shell was started has been fixed.

DEVCORE3-5377

19.7.0.0

CORR

An issue where updating context properties in the Client Shell resulted in TCF Event notifications for the change being posted twice has been fixed.

DEVCORE3-5404

19.7.0.0

CORR

The issue of the CoreMQ services not starting or causing errors when more than one Service Shell are running in the same server has been fixed. When configuring a Trapeze application that requires the Cmn_Lookup service group but does not require INFO-MON CoreMQ, one or more of the following service groups may be included instead of Cmn_Lookup in the profile file:

Cmn_LookupRemarks
Cmn_LookupSubscriptions
Cmn_LookupRealTime
Cmn_LookupComments

Add Cmn_LookupBase if using any of these Lookup groups.

TI-16515

19.8.0.0

CORR

The issue of the temperature in Celsius on the Wayside screen incorrectly being converted to the Fahrenheit scale has been fixed. (The format is set in the Core/Locale/Formats/Temperature context property.)

TI-14349

19.9.0.0

CORR

The following changes have been made to secure the file upload functionality in Highwire:

Three security keys have been added:
- Hiwire/FileUpload/Allow - Allows files to be uploaded.
- Hiwire/FileUpload/SpecifySubDirectory - Additional permission to allow uploading to a specific location.
- Hiwire/FileUpload/AllowFileOverwriting - Additional permission to allow overwriting of files.
Three new properties have been added:
- Hiwire/FileUpload/Directory - Sets the file directory to be used for uploads only. It is empty by default, which will disable the uploading of files.
- Hiwire/FileUpload/MinimumFileSize and Hiwire/FileUpload/
  
  MaximumFileSize - Controls the file sizes allowed. The defaults are 0 and 4MB although both properties are set in bytes to allow for better control if needed.
  
  Note: The Hiwire/FileUploadDir property has been made hidden. This property is no longer used by Highwire but may still be used in markup that tries to access existing files which were uploaded.
The following restrictions have been added:
- Uploaded files can have a filename up to 255 characters. This matches OWASP's recommendation and the NTFS filename limit.
- Uploaded files must have alphanumeric filenames with exceptions for underscores and dots.
- When checking file extensions, only the last extension is considered.
- Uploads are trapped within the set upload directory.

If a subdirectory path is provided, the absolute path of the final upload directory must be within the directory defined in the context property.

The system does technically allow for a relative path so long as the absolute path remains within the upload directory, for example, D:\upload\..\upload\wow is valid if the upload directory is D:\upload since

the absolute path is D:\upload\wow.

TI-17071

This task is

associated with

TI-17065.

19.9.0.0

ENH

DB-Schema changes for Floodgate Messaging:

A new table was added, MassNotificationProdRecipient to allow call bundling. This means that clients with the same number are grouped together and only receive a single notification. The table has three fields: massNotificationProdRecipId, productRecipientId, and massNotificationRecipientId.
The ProductRecipientId field was removed from the MassNotificationRecipient table.

TI-17408

19.9.0.0

CORR

The issue of stops marked as Node Only also being shown in the Stops list of a selected route has been fixed.

TI-12974

19.10.0.0

CORR

The error that occurred related to Last Import Time shown in the CDBlog has been fixed.

TI-17423

19.10.0.0

ENH

Logging to report certificate verification failures was improved to show more detail. This addresses an issue where the Client Shell would not connect to the Service Shell over SSL when the certificate chain contained more than one trusted authority.

DEVCORE3-5435

19.12.0.0

CORR

Stops shown for the selected route in the Passing Routes results in the Next Departures screen are now sorted based on distance.

TI-11892

19.12.0.0

CORR

The issue of the link to confirm the change in a user's email address not being formed properly has been fixed.

TI-17750

19.12.0.0

CORR

The issue of the SMSCarrier field not being saved in the database when a new user is created in TransitNow has been fixed. (The context property, TravelerInformation > FixedRoute > TransitNow > Notification > SMS > EnableSMSGateway must be enabled.)

TI-18165

19.14.0.0

ENH

Improved Structured Exception (SE) handling with the addition of the ability to terminate the application abnormally when the first SE occurs and to generate a crash dump that can provide better data on the cause of the error.

DEVCORE3-5478

19.15.0.0

CORR

The issue that occurred when the event service was under heavy usage causing exceptions in the log and the Service Shell becoming unresponsive has been fixed.

DEVCORE3-5482

19.15.0.0

ENH

When the application is configured to generate a crash dump on an exception, the log now includes a trace output with the name and path of the dump file and the type of the exception.

DEVCORE3-5484

19.16.0.0

ENH

A crash dump file is now generated during shutdowns from exception handling action.

DEVCORE3-5500

19.18.0.0

ENH

The following new switches have been added to enable and control the monitoring of long running ODBC SQL statements:

Core > SQL > ODBC > Statement Monitor > Enable
Core > SQL > ODBC > Statement Monitor > Report Threshold
Core > SQL > ODBC > Statement Monitor > Report Blocked Transactions

DEVCORE3-5524

19.20.0.0

CORR

The issue of the ODBC Statement Monitor blocked query report not working with the Oracle native ODBC 12 (or earlier) driver has been fixed.

DEVCORE3-5530

19.21.0.0

ENH

Users can now select from multiple choices when defining context properties in the Client Shell.

DEVCORE3-5392

19.22.0.0

CORR

The issue of contents of other folders sometimes being shown together with those of the selected folder in the Properties screen has been fixed

DEVCORE3-5539

19.26.0.0

ENH

The following two context properties were created to update the ValidateSmartCard method to include validations for Cubic smart cards:

PASS > PassInfoServer > SmartCard > Cubic > NumberOfIdDigits: A comma-separated list of values representing the number of digits that comprise a valid Cubic card ID.
PASS > PassInfoServer > SmartCard > Cubic > ValidIdPrefixes: A comma-separated list of valid prefixes for Cubic card IDs. Card IDs must be numeric so it is assumed that the values for this property are also numeric.

MODTE-400

19.27.0.0

ENH

A new context property was added: PASS > PassInfoServer > SmartCard > AllowUserManagementExpression to support Smart card method updates. This is a client expression that’s used to determine if a given client is allowed to manage their smart card information. If it is set to True or if it’s blank, then the client is allowed. Otherwise they aren’t allowed.

MODTE-432

19.29.0.0

CORR

Fixed an issue of unexpected socket closures that can occur when a Workstation or Client Shell that previously called an HTTP 1.0 third party service later calls a Tp6 Service Shell or Schedule Server also with an HTTP 1.0 message but which expects an HTTP 1.1 message.

DEVCORE3-5581

19.31.0.0

CORR

The issue of no valid adherence information that occurred when the service determining real-time schedule adherence incorrectly assessed trip times has been fixed.

MPSTE-2624

19.32.0.0

ENH

When OPS schedule data is used, the Investigation Tool now filters by Division ID even if no Vehicle Car Number is provided.

MPSTE-2716

19.33.0.0

CORR

Fixed the result of supplying the wrong returned parsed data from Transit Master to the Service Adjustment when using the ICD Interface.

MPSTE-2848