In this Section

REDCap Change Log

REDCap Change Log

Version 8.7.3 - (released 9/19/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • New options for Data Exports
    • Improvement: When exporting a report, a new “Data formatting options” section appears in the export dialog to allow users to choose the CSV delimiter character to be used in CSV Raw Data and CSV Labels exports. Options include comma (default), tab, semi-colon, pipe, and caret. This is useful in certain cases when the resulting data file needs to have another delimiter, such as a tab, for example. In addition, the two API methods “Export Records” and “Export Reports” have a new analogous parameter “csvDelimiter” that will set the CSV delimiter character if using “csv” as the format in the API request. See the API documentation for full details. (Ticket #30939)
    • Improvement: When exporting a report, a new “Data formatting options” section appears in the export dialog to allow users to optionally force all numbers into a specified decimal format. It will default to “Use fields’ native decimal format”, but provides the choices “Use period/full stop” and “Use comma” as the decimal character for all numbers. This will allow projects that have fields with period/full stop decimals (calc fields, number validated fields) and those with comma decimals (comma-as-decimal validated fields) to all be exported in the same uniform number format, thus providing greater consistency in the data being exported. In addition, the two API methods “Export Records” and “Export Reports” have a new analogous parameter “decimalCharacter” that will set specified decimal format for all numbers in the API request. See the API documentation for full details. (Ticket #30939, #34597)
  • Improvement: New optional parameters added to the API Export Records method to filter data returned based on when a record was created or modified
    • dateRangeBegin – To return only records that have been created or modified *after* a given date/time, provide a timestamp in the format YYYY-MM-DD HH:MM:SS (e.g., '2017-01-01 00:00:00' for January 1, 2017 at midnight server time). If not specified, it will assume no begin time.
    • dateRangeEnd – To return only records that have been created or modified *before* a given date/time, provide a timestamp in the format YYYY-MM-DD HH:MM:SS (e.g., '2017-01-01 00:00:00' for January 1, 2017 at midnight server time). If not specified, it will use the current server time.
  • Improvement: The Record Status Dashboard will now remember the user's last selection for the "page number" drop-down and the "records per page" drop-down, so that when they return to the dashboard in that project in the future, it will already have their last selections pre-selected for those two drop-downs. Note: It already remembers the user's last selection for "dashboard displayed" and "data access group". (Ticket #48913)
  • Improvement/change: When a user copies a project via the "Copy the project" button on the Other Functionality page, it now logs the PID (project_id) and project title of the new project in the copied project, and it now also logs the PID and project title of the originating project in the newly created project. So now it should be much easier for users to see if someone copied a project, and if so, determine which project is the one that had been created from the original. (Ticket #47208, #42783)
  • Improvement: Two new parameters "exportAsLabels" and "exportCsvHeadersAsLabels" were added to the plugin/module method named REDCap::getReport. These allow developers to designate whether to output data as raw values vs labels, as well as choose to export CSV headers as labels rather than as variable names (for CSV outputFormat only). (Ticket #49173)
  • Improvement: If one or more External Modules are enabled in a project, it now allows the user to choose if they want to copy over the module configuration settings when copying the project. In previous versions, it would always copy the settings without asking, even though the modules were disabled by default. So now users have a choice.
  • Bug fix: After completing a data import in a project with thousands or tens of thousands of records, many project pages would sometimes become unresponsive for quite a while.
  • Bug fix: When viewing the To-Do List in the Control Center, some requests might mistakenly still show up in the request counts even though the requester's account has been deleted from the REDCap system. (Ticket #48846)
  • Bug fix: Certain database queries that check to make sure that a project's reports are in the correct order were getting run more than necessary, which would sometimes cause certain pages in a project to run slowly.
  • Bug fix: For large screens, project pages might mistakenly have an empty column of whitespace on the far right. (Ticket #49155)
  • Bug fix: The External Module framework methods setDAG() and addAutoNumberedRecord() were not updating the record list cache table, thus causing some record lists (e.g., Record Status Dashboard) to become out of sync with the data in the redcap_data database table. Bug emerged in REDCap 8.7.2 Standard. (Ticket #49215)
  • Bug fix: After editing the branching logic of a field in the Online Designer, it would mistakenly chop off the first character in the branching logic when displaying it in red text on the page for the field. (Ticket #49098)
  • Bug fix: When using DDP on FHIR to add a patient to a project, in some cases it would navigate to an incorrect non-existing record named "Undefined" in the REDCap project after clicking "View patient in project" button after creating the record via DDP on FHIR.
  • Bug fix: When using DDP on FHIR, some LOINC codes related to Multiple Sclerosis were mistakenly missing from the DDP field mapping page.
  • Bug fix: When creating a new Table-based user in the Control Center, in which the user's attributes contain special/non-Latin characters, then depending on the server's MySQL collation_connection, it might not save the user's attributes correctly in the database but may instead mistakenly garble them. (Ticket #48983)
  • Bug fix: The To-Do List page in the Control Center would mistakenly display with the action buttons overlapping the previous column in the table. (Ticket #49096)
  • Change: When a REDCap administrator enables or disables either the DDP on FHIR module or the DDP Custom module, it now explicitly states this on the Logging page, whereas previous versions merely logged the action generically as "Modify project settings".
  • Bug fix: When using DDP on FHIR, the information page/popup that describes how to use DDP to users was mistakenly missing the specific codings required for the three demography fields "sex", "race", and "ethnicity". The required multiple choice codings for those fields are now listed in the DDP on FHIR informational page that is accessible on the DDP on FHIR Control Center page and via the popup on a project's Project Setup page.
  • Bug fix: When launching multiple patients using DDP on FHIR inside the EHR interface (i.e., multiple tabs during same session), if the user returned to an older tab/patient during the same session, it might mistakenly confuse it with the latest patient that was loaded, thus losing that tab's proper context for the patient and causing confusion for the user.
  • Bug fix: If using MySQL 8.0 as the database, in certain cases the Control Control might erroneously display the "Database structure is incorrect" warning even though nothing is wrong with the database tables. (Ticket #49580)
  • Bug fix: If using certain non-English languages as the system language, the login page might mistakenly truncate the "Username:" or "Password:" labels. (Ticket #48547)
  • Bug fix: When exporting a project's Project XML file, for certain server configurations, it would cause the XML file to have all linefeeds removed from Section Headers and Field Labels. Note: This fix will not fix any Project XML files that have already been generated but will fix this issue for any XML files generated in the future. (Ticket #48719)
  • Bug fix: If there exists piping, calculations, or conditional logic using the Smart Variables first-event-name or last-event-name that happens to be prepended to a checkbox field, in which a checkbox choice is explicitly specified inside parentheses, it would mistakenly return a list of all the checked-off checkbox labels instead of the checked-off status for the specified choice. (Ticket #49378)
  • Bug fix: When a user attempts to place a production project into draft mode, it might mistakenly just reload the same page with no changes, thus preventing the project from being put in draft mode. (Ticket #6346)
  • Fixes and updates for External Modules Framework
  • Bug fix: If an External Module was using the API endpoint for assets (non-PHP pages), it would mistakenly enforce authentication on those assets, which would cause issues for certain authentication types, such as Shibboleth.

Version 8.7.2 - (released 9/7/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: Performance boost – Certain pages in projects with thousands or more records should now load much faster in most cases. This includes the Record Status Dashboard, various pages utilizing Data Access Groups, and certain reports. Reports A and B should especially see significantly faster loading (excluding when viewing “all” pages in report A or B).
  • Improvements related to viewing or creating reports
    • New report option that will combine checkbox options into a single column of only the checked-off options. Previously, any checkbox fields in a report would have their choices represented as separate columns in the report, but with this new setting, they can now all be represented as a single column with comma-delimited values and comma-delimited labels. Note: If data is exported to a stats package on a report using this option, checkbox fields will be represented as text fields in the stats package’s syntax file that gets generated by REDCap.
    • Report description – Users may now optionally set a description for a report, in which the description gets displayed as text below the report title on the report page. This allows users to provide instructions or explanatory text for the report. Note: HTML may be used in the description to add links or to style the text.
    • Change: When exporting a report, it now includes the report’s title as part of the resulting export files’ file name. This should make it easier to distinguish different exported data sets if a user is exporting several reports for a given project.
    • Improvement/bug fix: In previous versions it was very difficult (and sometimes impossible) to create reports with lots of fields in projects that contained >1000 total fields. In some cases, it would cause the Create Report page to be very sluggish or even to crash in some cases. This should no longer happen, and users should be able to easily create reports with thousands of fields, if they wish, with no problem.
  • Improvement: If using "Local" file storage for uploaded files, inline image attachments for Descriptive fields and also survey logos will load on the page with their proper width and height already set, which should cause shifting/disturbance on the page due to the images loading slightly later than the page itself.
  • Bug fix: When setting the value of the Rate Limiter on the General Configuration page in the Control Center, it would display a soft validation error if a value was entered that was less than 60. It should instead allow all integers to be entered with a minimum possible value of "0".
  • Bug fix: If a POST request to REDCap exceeds the maximum number of POST parameters according to the max_input_vars setting in the PHP.INI configuration file, it might truncate the parameters sent and mistakenly not display an error message, thus only saving part of the data submitted without informing the user of such. It now properly returns an error message to let the user knows if this ever occurs. This includes API requests. (Ticket #47117)
  • Bug fix: Updated some outdated text on the "Administrators & Acct Managers" page in the Control Center. (Ticket #47531)
  • Change: When exporting a data dictionary, it will now automatically prepend the Field Annotation column with a single space character if the value begins with an "@" sign. This is to prevent issues when loading the data dictionary into Microsoft Excel, which uses "@" to denote the beginning of an equation. When the data dictionary is re-uploaded back into REDCap, the extra space will be subsequently removed to maintain the integrity of the initial value in the data dictionary as it was exported.
  • Bug fix: If a record in a project has some survey invitations scheduled, and then the record is renamed, its associated invitations would mistakenly get disassociated from the record, thus causing the invitations not to get delivered. (Ticket #47887)
  • Bug fix: When using the "DDP on FHIR" module and launching a REDCap window inside an EHR interface, if the user navigates inside a REDCap project in that window, it would mistakenly display the left-hand project menu when it should instead keep the menu invisible in that window. Bug emerged in REDCap 8.7.0.
  • Bug fix: If a user placed their cursor into any text input field and clicked their Backspace button on their keyboard, it would cause a JavaScript error. In most cases, this would go unnoticed; however, some browsers might display a popup alerting the user of this error, which could confuse the user.
  • Bug fix: Drop-down fields using the auto-complete option would react very slowly when typing text into them if the number of drop-down options was very large (>1000). For larger drop-down fields, it now requires more characters (based on the drop-down size) to be initially typed before it begins performing the auto-complete functionality. For example, if the drop-down contains more than 200 options, it requires at least 1 character to be entered before auto-complete is activated, and if it contains more than 500 options, then requires 2 characters (and so on, up to 4 characters max). Bug emerged in REDCap 8.7.0 (related to jQuery 3).
  • Bug fix: The Repeating Instruments tables displayed at the bottom of the Record Home page would mistakenly be displayed vertically rather than horizontally. Bug emerged in REDCap 8.7.0.
  • Bug fix: Minor aesthetic styling fixes due to Bootstrap 4 issues. This additionally includes reports not printing correctly in Firefox. (Ticket #47920)
  • Bug fix: When viewing the "Copy existing choices" popup when adding/editing a field in the Online Designer, many of the choices might mistakenly overlap each other, thus making some impossible to read.
  • Bug fix: The REDCap cron job was mistakenly being counted toward "Page Hits" as displayed on the Control Center's Activity Graphs page. (Ticket #46074)
  • Bug fix: When using the e-Consent Framework in a project, in which a record has an e-Consent PDF file associated with it and a user deletes the record, it would mistakenly not delete the record's e-Consent entry. This would cause problems if another record was created later using the same record name, in which it would prevent the saving of that new record's e-Consent file. (Ticket #38660)
  • Change: Minor changes made to login process for AAF authentication.
  • Change: When exporting data to SPSS, date and datetime fields are now represented as A500 and text fields as A1000 in the SPSS syntax file, whereas previously they were all represented as A30000, which could cause very slow processing when loading the data into SPSS. (Ticket #37115)
  • Bug fix: When using "Japanese (Shift JIS)" for a project's "character encoding for exported files" setting, and the project's PDF Customization setting has the PDF header text (e.g., Confidential) in Kanji/Japanese, then the PDF header text would mistakenly not display correctly in the PDF. (Ticket #48035)
  • Bug fix: LDAP allows for spaces to be used in usernames, and even though REDCap users could successfully log into REDCap while having a space in their username, REDCap would not allow such users to be added to projects, in which it would display an error message stating "User names can only contain letters, numbers, underscores hyphens and periods". If using "LDAP or "LDAP & Table" authentication, it will now allow users to be added to a project via the User Rights page even if their username contains a space. (Ticket #48169)
  • Bug fix: When using literal date or datetime values inside a datediff() function in the "Add/Edit Branching Logic" popup in the Online Designer and testing the logic against a record, it might mistakenly state the field should be hidden when instead it should be shown (or vice versa). Related, if using literal dates inside a datediff() function in the branching logic of a field, and a user goes to export a PDF with saved data of that field's instrument for an existing record, the field might mistakenly be hidden in the PDF when instead it should be shown (or vice versa). (Ticket #47717)
  • Bug fix: When using "Japanese (Shift JIS)" for a project's "character encoding for exported files" setting, the Kanji text might not display correctly if the PDF is opened on certain devices. The remedy this, the internal font in the PDF has been changed from Gothic to Kozmin. (Ticket #48035)
  • Bug fix: When using a Stop Action on a checkbox on a survey, in which the "Enhanced checkbox and radio button" option is enabled for the survey, then if a participant triggers the Stop Action but chooses to "Continue survey" (rather than ending the survey), it would mistakenly not uncheck the checkbox choice they had selected. (Ticket #48273)
  • Bug fix: Using an X-instance Smart Variable that is appended to a variable or Smart Variable containing a parameter with a colon (e.g., [mycheckbox:checked][last-instance]) might mistakenly not be parsed correctly, thus possibly returning an incorrect value. (Ticket #48251)
  • Bug fix: When the record ID field in a project has field validation, and the Scheduling page is being used in a longitudinal project to create a new record (assuming record auto-numbering is not enabled), the Scheduling page would mistakenly not employ the field validation if a record name was entered in an incorrect format. This only occurs for certain field validation types. (Ticket #46643)
  • Bug fix: When using the Smart Variables "previous-event-name" or "next-event-name" in a calculated field while viewing the first or last event, respectively, it would mistakenly display the error prompt stating that there was an error in the calculation. Instead, it now silently replaces those with a blank value (wrapped in quotes) in the equation to prevent an error from occurring in order to force a blank value to be returned. (Ticket #48631, 48669)
  • Bug fix: When using the X-event-name Smart Variables as prepended to a field variable, in which the variable name contains a number, it might not parse the Smart Variable correctly, thus causing it to replace it with a blank value or the value from the wrong event. (Ticket #48576)
  • Bug fix: If PHP's Multi-Byte String extension is not enabled on the web server, then REDCap might throw a fatal PHP error when attempting to send an email. (Ticket #48757)
  • Bug fix: Some data entry forms, especially for records that have repeating instruments with many repeating instances saved (i.e., hundreds or more), would load very slowly, sometimes causing the page to time out and never fully load. They should now load much faster. (Ticket #40634)
  • Bug fix: When calling the method REDCap::getPDF inside a hook in a project, in which the current user does not have full data export privileges, the method would mistakenly fail to output the PDF. The method should work regardless of the user's project-level rights. (Ticket #48756)

Version 8.7.1 - (released 8/15/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: Calculations that exist on a repeating instrument or repeating event might mistakenly not get calculated when importing data via API or Data Import Tool or when executing Data Quality rule H.
  • Bug fix: When cross-event branching logic is used on a field in a longitudinal project, in which some events being referenced in the logic do not contain any data for a given record, in some cases the PDF export of an instrument would mistakenly not correctly determine if the field should be hidden or not in the PDF, and thus it might hide the field when it should display it (or vice versa). This bug only affects the PDF. (Ticket #42206)
  • Bug fix: The action of creating or modifying a Custom Record Status Dashboard was mistakenly not getting logged on the project Logging page.
  • Bug fix: The default browser behavior of navigating back to the previous page after a user clicks their keyboard's Backspace button was mistakenly occurring in "search" input type fields, which are predominate in External Modules and their configuration pages.
  • Bug fix: An error message on the Data Import Tool had incorrect text. (Ticket #47040)
  • Bug fix: In longitudinal projects in production, the "select all" and "deselect all" links on the "Designate Instruments for My Events" page would mistakenly allow the user to select/deselect already-designated instruments. Instead it should only allow the user to select/deselect instruments that are not yet designated. (Ticket #47020)
  • Bug fix: Small SQL issue caused if upgrading to 8.7.0 from an earlier version. (Ticket #47020)
  • Bug fix: In a longitudinal project that has multiple arms and is also using the Double Data Entry module, the Record Status Dashboard would mistakenly not display any form status icons on the page for a user that is Double Data Entry person 1 or 2.
  • Bug fix: Minor alignment or placement issues for elements on certain pages (due to introduction of Bootstrap 4), such as the position of the main project window on iPads and also the placement of "Upcoming Calendar Events" table at the bottom of the Project Home page. (Ticket #47074, #47230)
  • Various fixes and updates for the External Modules framework

Version 8.7.0 - (released 8/9/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Integration with Microsoft Azure Blob Storage for file storage - see the File Upload Settings page in the Control Center to set up file storage on Azure Blob Storage.
  • Improvement: A "Copy existing choices" link was added to the "Add Matrix of Fields" popup on the Online Designer page (just like the same link in the "Add New Field" popup on that same page) to copy the choices from an existing multiple choices field to that matrix of fields. (Ticket #46680)
  • Change/improvement: The JS/CSS front-end libraries jQuery and Bootstrap have been upgraded to jQuery 3 and Bootstrap 4.
  • Change: Added a new check on the Configuration Check page that detects if the current MySQL user (or the MySQL user used for Easy Upgrade) has CREATE table privileges but does not have either ALTER or DROP table privileges. If the user has CREATE but not ALTER and DROP privileges, then it would cause REDCap to mistakenly create many database tables with names beginning with "redcap_ztemp", which are created as temporary tables when testing the MySQL user's privileges.
  • Change: When exporting data in CSV format (raw data or labels) on the "My Reports & Exports" page, it now maintains all double quotes in free-form text, whereas previous versions would replace all double quotes with single quotes in a CSV export. Note: When exporting to stats packages, it will still replace double quotes with single quotes for compatibility purposes.
  • Bug fix: When using the E-signature feature at the bottom of a data entry form, if the username is in an incorrect case or has trailing spaces, it would mistakenly fail during the initial E-signature login. It should instead be trimming the username of any whitespace at the beginning or end, and should be evaluating the username as case insensitive since this is how the regular login behaves.
  • Bug fix: If an external module has its configuration permissions set to "Require module-specific user privilege" on the External Modules page in the Control Center, and a user has been given the rights to configure the module in a project, then if a REDCap administrator opened the User Rights page in the project to edit that user's module rights and unchecked every module and saved it, the user would mistakenly still have access to the modules to which they previously had access. This only occurs when all modules are unchecked on the User Rights page. (Ticket #44112)
  • Bug fix: When using a logo on a survey and also using the "Save & Return Later" feature, if a respondent chose to return to a survey, then upon loading the survey page to enter their return code, a JavaScript error would occur on the page. (Ticket #46143)
  • Change/improvement: Elements on survey pages have been modified to work better for accessibility purposes, such as with screen readers.
  • Change: Some language was hard-coded in previous versions. The following things have now had their text abstracted so that they is now translatable: the buttons for uploading/deleting files in the File Repository, the "Generate Schedule" button on the Schedule page, and the "Auto Logout Warning" popup. (Ticket #26708)
  • Various fixes and updates for the External Modules framework
  • Bug fix: If any projects used Twilio telephony services for surveys and had an Automated Survey Invitation set to use the "Participant's Preference" as the delivery method, then new invitations scheduled by the ASI might mistakenly not include a survey link if an individual participant's preference is "Email Invitation". (Ticket #42868)
  • Change: The footer of survey pages now says "Powered by REDCap", whereas previous versions have "REDCap X.X.X - © 20XX Vanderbilt University". For non-survey pages, the footer will remain the same.
  • Bug fix: When executing a custom Data Quality rule that contains a single variable in the logic, extra discrepancies might mistakenly be returned in some cases, especially if the project is longitudinal and/or contains repeating instruments/events. (Ticket #45695)
  • Bug fix: When piping the Smart Variable [previous-event-name] or [next-event-name] when it is prepended to a variable name, it might mistakenly replace it incorrectly by replacing just the Smart Variable (but not the field variable) with six underscore characters or with nothing (depending on the context). (Ticket #46001)
  • Bug fix: The PHP LogicTester class mistakenly contained some debugging code that prints SQL out on the page. (Ticket #46864)

Version 8.6.5 - (released 8/3/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When upgrading from a REDCap version lower than 8.4.0 to version 8.4.0 or higher, if any projects used Twilio telephony services for surveys and had an Automated Survey Invitation set to use the "Participant's Preference" for the delivery method, then new invitations scheduled by the ASI might not include a survey link (when needed) upon being scheduled. (Ticket #42868)
  • Bug fix: When using Twilio telephony services for surveys and having it make voice calls to participants, each voice call would mistakenly have an unnecessarily long pause at the beginning of the call.
  • Bug fix: When importing data values for a repeating event via Data Import Tool or via API but not including the form status field in the imported data set for any of the instruments on which the imported fields are located, those repeating instances on the repeating event might get orphaned in some user interfaces, such as in the Record Status Dashboard, and thus do not become visible until the user attempts to create a new instance through the user interface and then saves the form. (Ticket #46285)
  • Bug fix: AAF Authentication was mistakenly being excluded during CSRF token check.
  • Bug fix: When piping the Smart Variable [event-name] when it is prepended to a variable name, it might mistakenly replace it incorrectly by replacing it with the current event name without square brackets around it. (Ticket #46001)
  • Bug fix: In certain cases Smart Variables were not getting evaluated correctly when used inside the conditional logic of Automated Survey Invitations, thus causing invitations not to get scheduled appropriately. (Ticket #44104)
  • Bug fix: On the Project Modifications page, when clicking the Compare button to view the differences between old and new choices of a multiple choice field, it would mistakenly always display "0" for the record count for every choice, even if some records do have that choice saved. This issue appears to only occur in specific versions of PHP. (Ticket #25851)
  • Bug fix: In a report or via the API, if the user is requesting specific records and also specific events to be returned, if there is no data for those events for those records, then it would mistakenly return empty "ghost" rows as if data does exist on those events, which is confusing. (Ticket #46342)

Version 8.6.4 - (released 7/30/2018)

BUG FIXES & OTHER CHANGES:

  • Bug fix: The upgrade or install pages would fail to load if running PHP 5.3 or 5.4, thus preventing the administrator from upgrading or installing REDCap. This bug emerged in REDCap 8.6.2, and it exists in both 8.6.2 and 8.6.3.

Version 8.6.3 - (released 7/30/2018)

BUG FIXES & OTHER CHANGES:

  • Critical security fix: An SQL Injection vulnerability was found on several pages that could be potentially exploited by manipulating the URL query string of an HTTP request by a malicious user, including non-REDCap users through publicly available URL end-points that do not enforce authentication. It appears very unlikely that this vulnerability could be used to extract information from a REDCap database. But if enough knowledge is known about REDCap internally, it might be possible for an outsider to upload files into random projects in REDCap; however, there is no evidence that those same files could be executed or downloaded, and thus the files would essentially be orphaned (would not be accessible through the user interface in any way) and would simply take up unnecessary space on the file server. This bug appears to exist in every version of REDCap since version 4.0.0.
  • Major bug fix: On survey pages, data entry forms, and other pages where conditional logic and calcs are evaluated, those pages may take an exorbitant amount of time to load (and in some cases may never successfully load at all). This appears to only affect certain Windows server environments.

Version 8.6.2 - (released 7/18/2018)

BUG FIXES & OTHER CHANGES:

  • Change/improvement: Better regional support for AWS S3 file storage
    • If using Amazon Web Services (AWS) S3 for file storage in REDCap, you may now use many of the newer regions/endpoints around the world. The previous S3 library in REDCap would only work for certain regions of the world, whereas now it works for all available AWS regions.
    • The S3 configuration options on the File Upload Settings page in the Control Center now require a “region” to be provided (or else “us-east-1” is used by default). This refers to the region name (e.g., ap-northeast-2) and NOT the endpoint URL. Previous versions of REDCap required providing the endpoint URL. If you had already set an endpoint URL for this in REDCap, then during the upgrade, REDCap will automatically translate the endpoint URL into a region name for you so that everything will continue to work normally.
    • Note: Because of this change, PHP 5.5.0 or higher is now required for using AWS S3 file storage in REDCap.
  • Change/improvement: When displaying the filename of an uploaded file on a File Upload field on a form or survey, if the filename is very long (>34 characters in length), it now truncates the filename with an ellipsis closer to the middle of the filename rather than at the end. This allows the file extension to be visible, whereas in previous versions it was impossible to tell what type of file it is without downloading it if the filename was long.
  • Change: When viewing a partially completed or fully completed survey response on a data entry form, the text color and background color of the red box near the top of the page have been changed to reflect the state of the response more accurately (i.e., it is no longer displayed as a red box, which often evokes a sense of there being an error). If the response is partially completed, it is displayed as an orange box, whereas if it is fully completed, it is displayed as a green box. The box color is thus consistent with the color instrument status icons used.
  • Major bug fix: On some occasions, DDP on FHIR was mistakenly not parsing all the data being received from the EHR, thus some clinical data values from the EHR were not being stored in REDCap.
  • Bug fix: When using the biomedical ontology search for a text field on a form or survey, it was mistakenly including Semantic Types Ontology (STY). It now excludes Semantic Types Ontology from biomedical ontology search unless field validation is STY. (Ticket #44910)
  • Bug fix: In REDCap Messenger, it might display that there are unread messages for the user to read even though there are none.
  • Bug fix: When a survey has "Save & Return Later" enabled, and a respondent clicks the "Start Over" button upon returning to the survey, the survey page mistakenly does not display the survey instructions at the beginning of the survey. (Ticket #44838)
  • Bug fix: The record drop-down list displayed in the Online Designer both in the "Add/Edit Branching Logic" popup and also in the "Add/Edit Field" popup for calc fields would mistakenly not display the Custom Record Label and Secondary Unique Field labels.
  • Bug fix: The record drop-down list displayed in the Online Designer both in the "Add/Edit Branching Logic" popup and also in the "Add/Edit Field" popup for calc fields would be too long for projects with large amounts of records, which could cause the page to load very slowly or not load at all. To remedy this, the record drop-down list now only displays the first 200 records.
  • Bug fix: If using AWS S3 for file storage and a user attempts to copy a project that contains files for File Upload fields, files for Signature fields, or attachments for Descriptive fields, then none of those files would get copied to the new project from the original project. (Bug emerged in REDCap 8.6.1.)
  • Change: Small change to "Easy Upgrade" instructions for easier setup
  • Change: The database tables "redcap_surveys_response_users" and "redcap_surveys_response_values" were removed because they were never really used for anything, so they were taking up lots of database space unnecessarily.
  • Change: When viewing a partially completed or fully completed survey response on a data entry form, the process of displaying the number of contributors to the response in the red box near the top of the page was resulting in very slow page loads in many circumstances. To provide a better user experience for this, it now displays a "View all contributors" link instead, which can be clicked to reveal the users who have contributed to that response.
  • Bug fix: The rendering of the Participant List was unnecessarily slow due to some incorrect queries that were pulling information not needed. This fix should make the Participant List load much faster, especially for larger projects with thousands of records.
  • Bug fix: In the "Compose Survey Invitations" popup on the Participant List page, the "Previously Sent Email" drop-down list displayed under "Load message box with text from a previous email?" would mistakenly load email text containing static, unique survey links from previously sent invitations (which could cause major issues if used verbatim for new invitations) when instead it should have been loading the invitation text containing the Smart Variable [survey-url] in place of the static survey link.
  • Change: Very small wording change to the certification text on the certify page when using the e-Consent Framework on a survey.
  • Change: On the "Edit a Project's Settings" page in the Control Center, it now does not display the drop-down list of projects if viewing the settings of a specific project, but instead provides a link to "Select another project", which will then display the drop-down list. This helps the page load faster if there are many (>10,000) projects that exist in the REDCap system.
  • Change/improvement: The REDCap Shared Library can now be disabled (if desired) at the project level by an administrator on the "Edit a Project's Settings" page in the Control Center. If disabled for a given project, all Shared Library buttons and all references to the Shared Library will no longer appear in the project.

Version 8.6.1 - (released 7/11/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: Smart Variables are now able to be utilized in Data Quality rule logic. Note: In many cases, Smart Variables in the logic may cause Data Quality rules to take much longer to complete, which is due to the fact that the logic has to be re-evaluated for *every* item being processed by the DQ rule, whereas normally the logic only needs to be evaluated just once at the beginning of when the DQ rule is executed.
  • Improvement: Data Quality rule H (i.e., "Incorrect values for calculated fields") and auto-calcs (i.e., the process of calc fields being triggered by data imports or cross-form/cross-event calculations) can now handle Smart Variables that are used inside calculated field equations. In previous versions, such calc fields could only successfully run while on a data entry form or survey page.
  • Bug fix: When creating/editing an Automated Survey Invitation and in Step 3 setting the option "Send after lapse of time" that would result in a send time occurring in the year 2038 or afterward, it would mistakenly set the send time to be 1/1/1970 or 12/31/1969 instead. (Ticket #44459)
  • Change: The file install.php is no longer included in the list of replacement non-versioned files, which are provided in case the non-versioned files in REDCap ever change in the future. Since install.php is only used during the install process, there is no need for it to stay updated afterward.
  • Change/improvement: When using the Easy Upgrade module, links to the LTS changelog and Standard Release changelog pages on the REDCap Community site are now included inside the box that lists new versions that are available.
  • Change/improvement: The MySQL setting "SQL_SAFE_UPDATES" is now automatically set to be disabled for the database connection used by REDCap and also has been set as disabled in the REDCap upgrade SQL script that is output by the Upgrade Module. This is done in order to prevent some MySQL clients from mistakenly enabling safe updates, which might cause some queries not to get executed successfully during an upgrade, and to prevent issues with REDCap running on database servers that might have safe updates enabled by default in the MySQL configuration file.
  • Improvement: A Data Access Group can no longer be deleted if one or more records are still assigned to it. If a user attempts to delete a DAG that contains records, it will prevent such and display an error message.
  • Bug fix: When using the Smart Variables [form-link] and [record-name] inside the email subject or email message of an Automated Survey Invitation, it would mistakenly not pipe the record name into the form link URL for [form-link] and would mistakenly replace [record-name] with "______" instead of the real record name. (Ticket #44549, #44550)
  • Bug fix: The "DDP on FHIR" page that gets displayed inside the EHR user interface was mistakenly missing a link to the "DDP on FHIR" information page that provides all the information about that module.
  • Bug fix: If a slider field exists on an instrument that is currently locked, the user would mistakenly still be able to modify the slider position and value. Note: This would not affect the slider's value at all since the instrument could not be saved until it was unlocked. So at most, this could cause confusion. (Ticket #44608)
  • Updates and fixes for the External Module Framework
  • Bug fix: In a calculated field or in branching logic that has cross-event logic while referencing a field that exists on a repeating instrument from another event, it would mistakenly assume instance #1's value to always be blank/null for that field and thus cause the logic or calculation to come to an incorrect result. (Ticket #44474)
  • Bug fix: If a suspended user gets unsuspended by an administrator either via the Browser Users page in the Control Center or via a Sponsor Dashboard request, the user would mistakenly get suspended again within the next day if they did not log into REDCap soon after being unsuspended.
  • Bug fix: If a sponsor had made a request to an administrator via an action in the Sponsor Dashboard, if the administrator was using a link in the email to process requests (as opposed to using the To-Do List), the administrator might mistakenly try to process the same request twice, which could cause issues. Now if an administrator attempts to process an already-processed request, it will display an error message letting them know that it has already been processed and therefore cannot be processed again.
  • Bug fix: Users might mistakenly receive a notification email stating that they have an unread message in a conversation in REDCap Messenger, even though the conversation has been deleted.

Version 8.6.0 - (released 7/2/2018)

BUG FIXES & OTHER CHANGES:

  • New feature: Easy Upgrade
    • Administrators may now upgrade to a more recent version of REDCap in an easier and more automated fashion with just a couple clicks. The Easy Upgrade process (if fully enabled) allows REDCap administrators to upgrade REDCap using only the REDCap user interface in the Control Center (i.e., direct access to the web server or database server is not required).
    • Setup instructions will be displayed in the Control Center at the top of the page in blue regarding the steps that need to be performed to enable the Easy Upgrade feature, which requires the three following things in order to function:
      • When using this feature, REDCap will auto-download the upgrade zip file of a REDCap version and will extract it on the REDCap web server, which requires that the REDCap application (e.g., Apache, IIS) must have “write” permissions to the main “redcap” webroot directory on the server. The setup instructions in the Control Center will notify you regarding the permission status of REDCap to be able to write to the “redcap” webroot.
      • REDCap needs to be able to make outbound HTTP requests to https://redcap.vanderbilt.edu, which hosts the web service that serves the REDCap upgrade files that are downloaded by the application during the Easy Upgrade process.
      • A MySQL user with elevated privileges (e.g., CREATE, ALTER, DROP tables) is required for this feature since it will need to sometimes create, modify, and even delete database tables during the upgrade process. The setup instructions for this feature in the Control Center provides two different methods for accomplishing this. 1) The current MySQL user that REDCap utilizes can be given elevated privileges. This is often not recommended because some security experts view this as a potentially exploitable weakness, such as if a malicious user somehow manages to discover an SQL injection vulnerability in the application to take advantage of those elevated privileges, or 2) A new MySQL user can be created with elevated privileges for the explicit purpose of using the Easy Upgrade process (and also the Auto-Fix method seen below for fixing the database structure). This new MySQL would never be used for normal REDCap database connection calls. For both of these two options, REDCap will provide the SQL required to increase the user privileges or to create the new MySQL user, respectively.
    • If a particular upgrade is not able to complete the Easy Upgrade process because it recommends that REDCap first be taken offline before executing the upgrade SQL script, the Easy Upgrade feature will still be able to auto-download the REDCap upgrade file, but it will redirect the administrator to the Upgrade Module to complete the upgrade manually. This will occur only a small minority of the time for an upgrade.
    • Once the Easy Upgrade feature has been successfully enabled, a cron job will check several times a day for any new REDCap versions that might have been released. If there are any new versions available, it will display a list of the versions at the top of the Control Center page to allow an administrator to choose the version to which to upgrade. The latest (most recent) version will be highlighted as the recommended upgrade path. If the REDCap installation is on the LTS branch, it will recommend the latest LTS version, whereas it will recommend the latest Standard Release version if the REDCap installation is on Standard Release. But regardless, the administrator will have control over which version to which they wish to upgrade.
    • Note: This feature will not be able to be used until another version of REDCap is released after this one (since this feature can only be used when there is an upgrade available).
    • Note: The Easy Upgrade feature cannot be used if the REDCap web server is using load balancing (multiple application servers). This is because the source code would only get downloaded to a single server (rather than to all of them) during the upgrade process.
  • Improvement: For the error message that says "Your REDCap database structure is incorrect!", which is found on the Configuration Check page and also on the main Control Center "Notifications" page, if the "Easy Upgrade" feature has been activated in REDCap or if REDCap’s MySQL user has elevated privileges (e.g., CREATE, ALTER, DROP tables), it will display an "Auto-Fix" button in the red box that will allow administrators to automatically fix the database structure issues by simply clicking the button. This action is often much easier for users than executing the SQL in the database directly to fix this issue.
  • Improvement: Regarding the green box that appears in the Control Center after a REDCap version directory has been loaded on the server, if it detects any other REDCap versions on the server that might be possible upgrade paths, it will list each one, and it will note if upgrading to that particular version would require taking REDCap offline temporarily for the upgrade or if the upgrade can be completed without taking REDCap offline.
  • Improvement: Improved data export for biomedical ontology fields - If fields using the biomedical ontology auto-suggest feature are being exported to a stats package, it will now render those fields as multiple choice fields (rather than as free-form text fields) in the resulting stats package syntax file, in which all the cached choices for those ontologies will be output as separate choices (values and labels) for those fields in the syntax file. Note: Since some ontologies contain thousands of choices, all possible choices will not be output in the syntax file, but instead only the cached choices that have been saved in that REDCap project for those ontologies will be output as choices in the syntax file.
  • Change/improvement: A new "Administrator Resources" section was added near the top of the Control Center's left-hand menu. It contains links to the REDCap Community site, the public Project REDCap site, and the REDCap Training Materials site.
  • Major bug fix: If an Automated Survey Invitation has conditional logic containing a datediff() function that is explicitly using "now" as a parameter, the cron job that runs several times a day to trigger any datediff+now ASIs would mistakenly fail to schedule invitations for this ASI. Note: The issue does not exist for datediff+today ASIs but only for datediff+now ASIs. (Ticket #43783)
  • Bug fix: When clicking the +- options at the top of a survey page to increase or decrease the font size of the survey text, in some cases with particular nested HTML tags, it would mistakenly compound the size changes unnecessarily, thus causing the font size to be too large or too small for some blocks of text.
  • Bug fix: When downloading a "compact" PDF containing data, if a multiple choice field contains many choices (e.g., >20) it might mistakenly display only that field on a page by itself.
  • Bug fix: When downloading the CSV file of users on the Browse Users page in the Control Center, it would mistakenly have the resulting filename ending with ".csv.csv" instead of just ".csv". (Ticket #43774)
  • Bug fix: When referencing a repeating instance number in the conditional logic of an Automated Survey Invitation and then selecting a record using the "Test logic with a record" option, it would mistakenly cause a PHP fatal error. (Ticket #44104)
  • Bug fix: When a user has De-identified data export privileges in a project and attempts to export a PDF containing data, in which MDY- or DMY-formatted date/datetime fields are being piped into labels in that PDF, then instead of the piped values being replaced with "[*DATA REMOVED*]" as expected, they would mistakenly be replaced with "00.00.0000 REMOVED*]". (Ticket #44123)
  • Bug fix: If an external module has its configuration permissions set to "Require module-specific user privilege" on the External Modules page in the Control Center, then if a user in a project gives another user the rights to configure that module, it would save that setting correctly. However, if the user reloaded the User Rights page to edit that same user's rights again, it would mistakenly appear that the user no longer has config permissions for that module (i.e., the module's checkbox would be unchecked), even though they were just given such rights. (Ticket #44112)
  • Bug fix: When using the [survey-queue-link] Smart Variable with custom text to display, in certain situations it may mistakenly cut off the first word of the custom text or not display the custom text at all. (Ticket #44224)
  • Bug fix: When setting an account expiration time for a user on the Browse Users page (via "View User List By Criteria"), if the administrator's date format preference is set to Y-M-D on their My Profile page, then the pre-filled expiration time in the Set Account Expiration popup might mistakenly be in Y-M-D H:M:S format when instead it should only be in Y-M-D H:M format, thus throwing a date-formatting error when submitting the action. (Ticket #44228)
  • Bug fix: If using MySQL 8.0 or later for REDCap's database, it would erroneously display the "database structure is incorrect" error in the Control Center when nothing is really incorrect about the database tables. (Ticket #42594)
  • Bug fix: Minor changes to some database tables, which were mistakenly created with BTREE indexes, which is a type of index that is not compatible with some versions of MySQL or MariaDB.

Version 8.5.2 - (released 6/22/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: The REDCap Mobile App v3.0 and later supports the Repeating Instruments and Events feature in REDCap projects. This version of the mobile app will be released on 6/22/2018 in the Google Play Store, and will also be released in the Apple App Store shortly thereafter (pending approval).
  • Improvement: A new setting has been added to both "DDP Custom" and "DDP on FHIR" that, if enabled, will convert source system timestamps (i.e., dates of service associated with temporal fields such as labs) from GMT time into local/server time. If the source system (e.g., EHR) has temporal data with dates/times of service that are being output in Greenwich Mean Time (GMT), setting this option to 'Yes' will automatically correct all associated timestamps so that they appear in local time in the DDP adjudication popup. This option was added because some EHRs/external systems might output associated timestamps in GMT/UTC time rather than in local time. Note: This uses the server's timezone setting in PHP.INI to determine what the "local time" is. This option can be enabled at the bottom of the "DDP Custom" page or "DDP on FHIR with EHR Launch" page in the Control Center.
  • Change: Added "Postal Code (France)" as a new field validation type.
  • Bug fix: When clicking the "Download upgrade script" button in the REDCap Upgrade Module (as opposed to copy-and-pasting the contents of the textarea box on that page), the upgrade script would mistakenly be missing the SQL query "REPLACE INTO redcap_history_version...". This would not have any adverse effects on the systems though. (Ticket #43372)
  • Bug fix: When viewing reports, the same SQL query would mistakenly get run many times unnecessarily, thus reducing performance on the report page. (Ticket #42764)
  • Change: Extra protection has been added to the username/password form when using the E-signature feature on a data entry form in order to prevent browsers from auto-filling the username/password.
  • Bug fix: When clicking the "Fix calcs now" button when viewing the results of Data Quality rule H, if the first instrument of an event is locked for a given record, then any calc fields existing on that same event (even on other instruments) would mistakenly not have their values fixed by DQ rule H. (Ticket #23433)
  • Bug fix: Fixed incorrect instructions in an error on the Configuration Check page in the Control Center. (Ticket #43672)
  • Bug fix: When exporting a Project XML file that contains multiple choice fields that have choice labels containing a "less than" sign followed immediately by a number or letter, it would mistakenly truncate that choice label in the XML file. (Ticket #43675)

Version 8.5.1 - (released 6/14/2018)

BUG FIXES & OTHER CHANGES:

  • Medium security fix: A user access vulnerability was found in External Modules that have plugin pages that require authentication, in which a malicious user could potentially gain access to a module's plugin pages without having first logged in to REDCap (assuming the module installed in REDCap has plugin pages associated with it - many modules do not). This means that information displayed on that module page might be publicly accessible (able to be viewed without logging in) if a malicious user knows how to navigate to a particular External Module's plugin page and manipulate the query string URL in a very specific way. Note: This would not grant anyone access to other pages in the REDCap project but only to that particular module's plugin page to which they are manipulating the URL (i.e., standard REDCap pages are not affected by this; only module pages are vulnerable).
  • Minor security fix: When using the Double Data Entry module and merging two records into a new third record, if a File Upload field has a file that has been uploaded for either record, then the merge process would mistakenly display a text box to allow the user to enter a value (such as a different Doc ID) for the File Upload field, which does not make sense to allow during the merge process. However, this could allow the user to inadvertently enter the Doc ID of a file to which they do not have access (in the current project or in another project to which they have access), thus allowing them to have unauthorized access to a file if they have some special knowledge regarding how REDCap stores documents. From now on, users are no longer given the option to enter a value for a File Upload field on the merge page, and thus they can only choose one of the two existing options. (Ticket #42221)
  • Bug fix: Many project pages would not function at all if using MySQL version 8.0 or higher. (Ticket #42264)
  • The outdated training video on Instrument Development was updated.
  • Bug fix: When a calc field's value is being piped somewhere on the same form or survey page where the calc field is located, and if a Smart Variable is utilized in the calculation, then the calculated value might not get piped and propagated correctly when the page immediately loads. (Ticket #42687)
  • Bug fix: When using WebDAV for file storage and uploading files larger than 2 GB in size, they would mistakenly fail to upload successfully. (Ticket #42416)
  • Bug fix: When performing the EHR Launch for "DDP on FHIR", it might mistakenly display the erroneous error message "The 'state' parameter is incorrect!" for specific FHIR configurations. (Ticket #42583)
  • Bug fix: When enabling the aggregate survey results display on a survey, if respondents are allowed to return to the survey without needing a return code, it would mistakenly still ask the respondent for a return code if returning directly to the aggregate survey results page. (Ticket #42568)
  • Bug fix: The variable names of fields were mistakenly being displayed next to the field labels of fields on the survey's aggregate survey results page. It should not display the variable names on surveys but only on the "Stats & Charts" page within the project.
  • Bug fix: When using the Dynamic Data Pull module (either DDP on FHIR or DDP Custom), the date comparison function for evaluating timestamps for temporal mapped fields might exclude some values if their timestamps fall right on the edge of the date range. This means that some values might mistakenly not appear in the list of DDP values to adjudicate from the EHR/source system. For this to occur would likely be rare. (Ticket #42444)
  • Bug fix: Cross-event branching logic or calculations would mistakenly not evaluate correctly for unchecked checkboxes referenced on other events. (Ticket #42585)
  • Change: For DDP on FHIR, 25 more LOINC lab codes were added to the DDP field mapping process.
  • Bug fix: When using certain Smart Variables inside the query of an SQL field, if that SQL field's value is being piped somewhere on the same form or survey page where the field is located, then if the value of the SQL field has already been saved, the SQL field's value would mistakenly not get piped when the page loads but only when the field's value was modified again while on that page. (Ticket #41868)
  • Bug fix: When a field's value is being piped into the field label of a required field, in which that required field is submitted on a survey or form without a value, the resulting popup error "Some fields are required!" would mistakenly display the pre-piped version of the field labels in the popup rather than performing the piping before displaying the labels. (Ticket #42577)
  • Bug fix: When using the Data Search feature on the "Add/Edit Records" page in a longitudinal project, if a value is entered that has a match inside a record name (record ID field), then some of the options returned in the search would often not navigate the user to a data entry page when clicked but would instead mistakenly just reload the "Add/Edit Records" page. (Ticket #42965)
  • Bug fix: When using the To-Do List to process a "move to production" request, in which the request has been moved to "low priority" status, it would display the erroneous error message "Error: Request not valid", thus preventing the administrator from processing the request. (Ticket #43036)
  • Bug fix: Record names displayed in the Participant List would not wrap to the next line but would mistakenly get truncated, thus preventing users from viewing the full record name in some cases. (Ticket #43059)
  • Bug fix: REDCap Messenger would mistakenly run in the background when using the EHR Launch functionality in the "DDP on FHIR" module. This could mistakenly lead to some JavaScript errors, which might get displayed in the EHR interface.
  • Bug fix: When using AWS S3 or WebDAV for file storage, some uploaded files (even those imported via the API or Mobile App) might have a copy mistakenly left in the /redcap/temp/ directory on the web server under a random name, in which the temp files never get deleted. (Ticket #43127)
  • Bug fix: For certain server configurations or directory structures, the Cron Jobs page in the Control Center might go into an infinite loop and never fully load the page. (Ticket #43144)
  • Bug fix: If branching logic or calculations are used for a field on a survey page, in which the logic/calc references the current survey's Form Status field, it would mistakenly assume the Form Status value to always be "" (blank) rather than the true status value of 0, 1, or 2. This does not affect data entry forms but only survey pages.
  • Change: When composing a survey invitation and clicking the "Preview" tab, instead of displaying the survey link as "Sample Survey Link" or "SURVEY TITLE", it now displays the actual survey title as the link text. Additionally, when clicking the "Send text email", this same thing now occurs in the email that is received. (Ticket #38955)
  • Bug fix: The database variable "collation_connection" was not getting set correctly when initializing the database connection. In most cases, this would not affect anything at all since it would only affect institutions who had recently performed a fresh installation (not an upgrade) of REDCap 8.5.0 and then afterward migrated to a new server or upgraded MySQL in which the collation_connection setting in MY.CNF (or MY.INI) was different from the original server.
  • Bug fix: If using custom link text for the Smart Variable [survey-link] when used inside a survey invitation's text, it would mistakenly fail to use the defined custom link text for the Smart Variable and instead would revert to using the survey title as the link text.
  • Change: Added "Postal Code (Germany)" as a new field validation type.

Version 8.5.0 - (released 5/29/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: DDP on FHIR with EHR Launch
    • REDCap’s “DDP on FHIR with EHR Launch” feature provides the ability to launch a REDCap window while inside an EHR and to quickly and seamlessly import clinical data from the EHR into a REDCap project. As a built-in module in REDCap that can be enabled by an administrator, this feature can interface with any EHR system that has “SMART on FHIR” web services enabled.
    • What is DDP on FHIR? DDP on FHIR (Dynamic Data Pull from EHR) is a special feature for importing data into REDCap from an EHR (electronic health record system), such as Epic, Cerner, etc. It provides an adjudication process whereby REDCap users can approve all incoming data from the EHR before it is officially saved in their REDCap project. DDP on FHIR can only be enabled by a REDCap Administrator, so you should contact them if you wish to utilize DDP on FHIR for this project.
    • How the DDP on FHIR works: DDP on FHIR has the ability to fetch data from the EHR system both manually in real time and automatically at a regular interval. From the EHR interface, DDP on FHIR can create new records in a DDP-enabled REDCap project. Additionally, if a user knows the patient identifier (e.g. medical record number), then they could optionally enter the MRN for a record in a DDP-enabled REDCap project, after which it will then go and immediately retrieve the patient data from the EHR in real time.
    • For more documentation on “DDP on FHIR”, please see https://redcap.vanderbilt.edu/redcap_v8.5.0/Resources/misc/redcap_ddp_fhir_setup.zip To view a 5-min overview video of DDP, please see https://tinyurl.com/redcapddp (note: this video is not specific to DDP on FHIR since the video was originally created for DDP Custom years ago, but it contains most of the functionality in DDP on FHIR (i.e., it does not showcase the EHR Launch feature of DDP on FHIR).
  • Improvement: PDF Customization Options – Users may change or remove the “Confidential” text displayed in the header of all PDFs in a project. Also, instead of displaying the REDCap logo and REDCap website URL at the bottom right of all PDF pages, they can instead choose to display the text “Powered by REDCap” in small font. These two settings are project-level, so they will be applied to every page of a PDF for all instruments in a project (for both forms and surveys). These settings can be found in the Additional Customizations popup on the Project Setup page. (Ticket #25326)
  • Change/improvement: Protection has been added to help prevent the REDCap database connection's client character set (e.g., latin1, utf8, utf8mb4) from being affected 1) due to changes to the MY.CNF (or MY.INI for Windows) configuration file in MySQL, 2) due to a server upgrade, or 3) due to migrating to a new servers. The current database connection's client character set will be stored in the redcap_config database table, and if the client character set ever changes on its own due to one of the reasons above, REDCap will automatically keep using the existing character set from the redcap_config table in order to maintain the correct encoding to prevent data corruption.
  • Change/improvement: New installations of REDCap will utilize utf8mb4 as the default character set for both the database columns (previously set to utf8[mb3]) and client connections (previously set to that of the database server), which is defined in the MY.CNF (or MY.INI for Windows) configuration file in MySQL, or set to latin1 if non-existent. This default has been changed because utf8mb4 encoding can allow for a greater variety of non-Latin characters to be stored in the database. Existing installations will not be able to utilize utf8mb4 encoding but instead will keep using their existing encoding (if other than utf8mb4).
  • Bug fix: When installing REDCap, it would mistakenly not auto-set the value of the REDCap Base URL on the install page.
  • Bug fix: If using MariaDB 10.2 (or higher) for the REDCap database, the REDCap Control Center would display the erroneous error message "Your REDCap database structure is incorrect!". (Ticket #28083, #32131, #41911)
  • Bug fix: When using the "Add/Edit Branching Logic" popup in the Online Designer, if certain Smart Variables are used in the branching logic, and then the user selects a record from the "Test logic with a record" drop-down, it might display an erroneous message saying the the logic is not syntactically correct.
  • Bug fix: When performing a data import of radio buttons in a matrix that has ranking enabled, it would sometimes display an erroneous error message if two or more matrixes of questions are being imported at one time, thus preventing the import from completing. (Ticket #39804)
  • Bug fix: When using Dynamic Data Pull (either DDP Custom or DDP on FHIR) and the MRN field is being used as the Secondary Unique Field in the project, then if an MRN is entered on a form and the "Duplicate value!" error message popup is displayed, it would mistakenly not be possible to close the popup, thus causing the user to have to reload the page. (Ticket #41879)

Version 8.4.5 - (released 5/22/2018)

  • Change/improvement: For DDP on FHIR (for early adopters), the number of labs that are listed in the field mapping process has been greatly reduced to a more curated list that now excludes irrelevant LOINC fields that might not ever be used in an EHR. This should make it easier to find relevant labs from the EHR during the mapping process.
  • Change/improvement: When using DDP Custom or DDP on FHIR, Step 1 of the field mapping process in a project now displays the "select all/deselect all" links for categories even when sub-categories exist for that category. In previous versions, it would not display the "select all/deselect all" links for categories when sub-categories existed, which made it difficult to select lots of fields in a category that were themselves not in a sub-category. So this reduces the number of clicks required in some cases.

Version 8.4.4 - (released 5/17/2018)

  • Change: If one or more external modules have been made "discoverable" in the system or if one or more modules have been enabled in a project, the "External Modules" link that is displayed on a project's left-hand menu will no longer appear for users unless they 1) have Design/Setup privileges or 2) have been given explicit user permissions for configuring at least one module enabled in the project. In previous versions, if at least one module had been made "discoverable", then the "External Modules" link would always appear in every project for every user, which proved to be undesirable for many users at many institutions. So this change has been made so that the link appears less to users who do not need to see it. Note: The link will still always appear to REDCap administrators, and also will still appear to users that have module configuration rights or Design/Setup privileges when modules have been either enabled in the project or made "discoverable" in the system.
  • Change: For installations where only administrators can move projects to production, more protection has been added with regard to admins approving requests to move projects to production so that if a user makes a request, then cancels it, and then makes another slightly different request for the same project, it will no longer allow the canceled request to be approved, even if an administrator clicks the link to the request in an email. This provides better protection against a project's data from accidentally getting erased when moving to production. (Ticket #39772)
  • Bug fix: When calling the API method "Export Project XML" and setting the parameter "returnMetadataOnly" as FALSE, it would mistakenly not return data but would only ever return just the metadata.
  • Bug fix: The Smart Variables [survey-queue-link] and [survey-queue-url] were mistakenly not working when used inside the email subject or email message for an Automated Survey Invitation.
  • Bug fix: When piping a project variable inside the email subject for an Automated Survey Invitation, it would mistakenly not successfully pipe the field's data unless that same variable was piped into the email message also.
  • Bug fix: When downloading a PDF of an instrument that contains a matrix of fields, the matrix headers might mistakenly overlap the radio buttons or checkboxes of the first field in the matrix under specific circumstances. (Ticket #40969)
  • Bug fix: When using record auto-numbering for a data import (via Data Import Tool, API, or Mobile App) that contains data for a repeating instrument or repeating event, then all the data for a given record in the import might be reduced from multiple instances/events of data to a single event/instance of data, thus causing much of the data to mistakenly not get imported. (Ticket #41283)
  • 8.4.4: Bug fix: Due to changes to non-versioned files in previous versions of REDCap 8.4.X, plugin files not located in the /redcap/plugins/ directory would mistakenly fail to load. (Ticket #40608, #41404)
  • Bug fix: When viewing the "Stats & Charts" page, if a field has some missing values, and the user clicks the link to view the record names that have missing values, it might mistakenly return incorrect records-instances. This only occurs in projects having repeating instruments or repeating events. (Ticket #37674)
  • Bug fix: When importing data (via Data Import Tool or API) into a longitudinal project and setting true/"yes" for the import option "Allow blank values to overwrite existing saved values?" when importing blank values for checkbox fields into a longitudinal event for which the checkbox's instrument is not designated, it would display the erroneous error that the checkbox field "exists on an instrument that is not designated for the event". (Ticket #37627)
  • Bug fix: When adding a new field to an instrument on the Online Designer while in Draft Mode, if the field is being added between a section header and another field, in which the instrument begins with that section header, then the new field would get successfully created but would mistakenly not be visible in the Online Designer on that instrument, thus leaving it in a quasi-orphaned state. (Ticket #41359)

Version 8.4.3 - (released 5/11/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When using the designated email invitation field (project-level or survey-level versions of the email field) and saving a value for the email field on a survey or data entry form, when REDCap attempts to synchronize the value across all events/instances where the field is located, it would mistakenly not add the value to events or instances where the email field has never had a value saved. This could result in the email field's value appearing to be lost/deleted in some contexts. (Ticket #40615)
  • Bug fix: When uploading a data dictionary containing Smart Variables in either branching logic or calculations, it would mistakenly display an error and prevent the user from completing the upload.
  • Bug fix: When piping text that contains a dollar sign followed by a number, it would often mistakenly remove the dollar sign and the number that immediately follows it when displaying that piped text.
  • Bug fix: When a record is selected on a project's Logging page, under certain specific conditions it might mistakenly display "Perform instrument-event mappings" logged events.
  • Updates and fixes for External Modules framework
  • Bug fix: When viewing the Participant List for a project using the Twilio telephony module for surveys, if a user attempts to change the invitation preference for a participant in the participant list, then the popup window might mistakenly get obscured by the page footer. (Ticket #40150)
  • Change/improvement: When a table-based user account is created or has their password reset link emailed to them, the email now includes extra text to remind them to set up their password recovery security question after logging in. (Ticket #40324)
  • Bug fix: When opening the Data History popup for a given field on a data entry form, in certain cases it might mistakenly display the logged events for another field (for the same record) if the other field's variable name exists as the last portion of the current field's variable name (e.g., the field "his_field" would return logged events for the field "this_field" for the same record-event).
  • Bug fix: If running REDCap on certain versions/configurations of PHP 5.3, it would not be possible to upgrade or install REDCap. (Ticket #40852)
  • Bug fix: There was mistakenly no way to force REDCap to verify the SSL certificate if using SSL/TLS for the database connection, thus it assumed that it should never need to verify it. Since some institutions require SSL certificate verification when using an encrypted database connection, the line "$db_ssl_verify_server_cert = true;" should be added to the database.php file in order to force SSL certificate verification for the database connection. Note: The line of code below was added to the database.php file in the REDCap downloadable install zip file. $db_ssl_verify_server_cert = false; // Set to TRUE to force the database connection to verify the SSL certificate
  • Change/improvement: On the "Stats & Charts" page, the variable name is now displayed next to the field label for each field displayed on the page.
  • Bug fix: When viewing a record on the Record Home Page, on certain occasions if a user clicks on a repeating instrument that has a gray status icon, it might mistakenly create instance 2 as the first instance of that repeating instrument, rather than creating instance 1. This appears to affect only repeating instruments, not repeating events.
  • Bug fix: In a longitudinal project that is using the Smart Variables [first-instance] or [last-instance] that are appended to a project variable name in logic, calcs, or piping, it would mistakenly return a blank value if the unique event name is prepended to the variable name.
  • Bug fix: When using the randomization module in a project, in which one of the randomization strata fields has a choice that is hidden using the action tag @HIDECHOICE, then when randomizing a record on a data entry form, it would mistakenly display the choices in the randomization popup that should be hidden for the strata field. (Ticket #38987)
  • Bug fix: When using a [X-event-name] Smart Variable inside branching logic to reference a field on another event, it would mistakenly display the branching logic error popup.
  • Bug fix: When piping data from a matrix checkbox field to a place on the same page, it would mistakenly not pipe it correctly until the page was reloaded. (Ticket #41037)
  • Bug fix: When a calc field exists on a repeating instrument or repeating event, and a field on another form/event triggers that calc field, then if no data had ever been entered into the calc field's form, it would mistakenly change the form status icon to red when instead it should stay gray (since only the calc field has data on that form). (Ticket #40940)

Version 8.4.2 - (released 5/1/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: If a slider field with a saved value on a form or survey gets focus (via tabbing into the field or if the field is the first field on a form), then if the user does not change the value of the slider after putting focus on it, then it would mistakenly remove the slider's existing value, thus erasing its value if the user saves the form/survey. (Ticket #40445)
  • Change/improvement: Slight performance improvement on "Add/Edit Records" page for longitudinal projects using the Custom Record Label.
  • Bug fix: When adding a project as a project template in the Control Center, the popup dialog might fail to display if some projects contain certain special characters in their project title. (Ticket #40283)
  • Bug fix: When the Response Limit option has been set for a survey, instead of displaying the custom text on the survey page whenever the limit has been reached, for specific versions of PHP it would mistakenly just display a blank page. (Ticket #39659)

Version 8.4.1 - (released 4/29/2018)

BUG FIXES & OTHER CHANGES:

  • New REDCap class method for developers: REDCap::getReport – Plugin, hook, and module developers may utilize this method to return a report, which has been created in a project, in one of the following formats: Array, JSON, CSV, or XML. This is the REDCap class equivalent of the “Export Reports” API method.
  • Bug fix: In some very rare cases, branching logic, calculations, and various conditional logic would not get parse correctly and would cause errors. (Ticket #39856)
  • Bug fix: On some specific server configurations, the REDCap Upgrade module would not set certain server path constants correctly. (Ticket #40203)
  • Bug fix: In certain cases, the @NONEOFTHEABOVE might not work on surveys or forms and might cause the user to get stuck and have to reload the page. (Ticket #40182)
  • Bug fix: After running Data Quality rule H, the "Fix calcs now" button would mistakenly not work. (Ticket #40285)
  • Bug fix: For longitudinal projects using a public survey on multiple arms, regarding all arms except the first arm, the public survey link would mistakenly be blank on the Public Survey Link page. (Ticket #40311)
  • Bug fix: When survey invitations are being scheduled for many participants at once on the Participant List, in which some piping is being performed in the invitation's subject or body, then it might take an abnormally long time to complete the scheduling of all those invitations and might even time out and fail on certain occasions.
  • Changed: When viewing the Smart Variables documentation from a project-level context, it will now use the project-level language for the documentation, whereas if viewed outside a project-level context, it will use the system language. It was previously only displaying the documentation in the system language. (Ticket #39949)
  • Change/improvement: The main Control Center page now displays a warning message if any non-versioned files are outdated and need to be replaced. In previous versions, this warning would only appear on the Configuration Check page.
  • Bug fix: When using the Twilio telophony module for sending survey invitations while also using Automated Survey Invitations that contain conditional logic containing datediff+today or datediff+now, if the ASI has "Participant Preference" as the invitation type, then in certain cases (but not all the time) it would mistakenly send the invitation via email rather than via the participant's preferred delivery method. And if those participants do not have an associated email address, then the invitation would simply fail to send, as noted in the Survey Invitation Log. (Ticket #29316)
  • Bug fix: When piping checkbox fields with the "checked" or "unchecked" attribute, in certain cases it might mistakenly not display the correct checked/unchecked choices, respectively. (Ticket #39950)

Version 8.4.0 - (released 4/18/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Smart Variables
    • Smart Variables are dynamic variables that can be used in calculated fields, conditional/branching logic, and piping. Similar to using project variable names inside square brackets - e.g., [heart_rate], Smart Variables are also represented inside brackets - e.g., [user-name], [survey-link], [previous-event-name][weight], or [heart_rate][previous-instance]. But instead of pointing to data fields, Smart Variables are context-aware and thus adapt to the current situation. Some can be used with field variables or other Smart Variables, and some are meant to be used as stand-alone. There are many possibilities.
    • 35 Smart Variables are available. They can reference things with regard to users, records, forms, surveys, events/arms, or repeating instances. Documentation and examples for using Smart Variables are included on the Project Setup page, Online Designer, and other places throughout REDCap in a popup and alternatively as a standalone page.
    • Note: While Smart Variables can be used for filters in reports and for filters for Custom Record Status Dashboards, they are not yet able to be utilized in Data Quality rule logic.
  • Improvement: SQL fields can utilize Smart Variables
    • Utilizing Smart Variables in SQL fields can be very powerful because they allow the query to be truly dynamic and change from context to context or record to record, rather than it always being a static query that gets executed against the database.
    • Note: When using Smart Variables inside the query of an SQL field, you do NOT need to wrap the Smart Variable in quotes or apostrophes because the Smart Variable itself will be replaced with a value already wrapped in single quotes. Also, the value of the Smart Variable will be SQL-escaped when placed inside the query so that no user can inject values to manipulate the query. This has no effect on how one constructs the query, but for security purposes it is good to know that this is being done.
  • Improvement: Custom Record Labels now use proper piping syntax and can also utilize Smart Variables.
    • Because Custom Record Labels existed long before the concept of piping was created in REDCap, they did not adhere to typical piping concepts – e.g., they could not use prepended event names; they would display the raw value of a multiple choice field whereas piping would instead display the label of a multiple choice field. There also used to be certain limitations Custom Record Labels, in which they could only use data from fields on the very first event (of the current arm). Now that Custom Record Labels can be used like regular piping, they can target fields on any event in a project, and they can also utilize Smart Variables.
    • Note: Any longitudinal projects existing before the upgrade that currently use Custom Record Labels will automatically have all fields in the Custom Record Label prepended with the [first-event-name] Smart Variable in order to maintain the existing behavior from previous versions that could only pull data from the first event of the current arm. So prepending [first-event-name] allows existing longitudinal projects to maintain the way they worked prior to the upgrade to this REDCap version.
  • Improvement/change: New method for composing survey invitation text using Smart Variables for survey link
    • When composing a survey invitation, the standard text and survey link are no longer automatically appended to the survey invitation text at the time the email is sent. Instead, users must now specify all the entirety of the text of the email (including the stock text and survey link that used to be appended automatically, if they wish) and therefore must supply [survey-url] and/or [survey-link] in the text if they wish to provide the participant with a link to the survey.
    • If the user forgets to enter the survey URL Smart Variable in the text, REDCap will automatically suggest to them that they should.
    • If using the Twilio telephony module for sending invitations, the standard instructional text will still be appended in the SMS message as in previous versions EXCEPT for the “Email invitation” and “SMS invitation (contains survey link)” invitation types, which require [survey-url] and/or [survey-link] in the SMS text in order for the participant to receive a survey link.
    • Note: All survey invitations that were scheduled prior to this upgrade will still have the standard text and survey link appended to their survey text. Additionally, during the upgrade to this version, all saved configurations for Automated Survey Invitations (ASIs) will have the standard text and survey link automatically appended to the saved ASI email text, thus allowing the ASI behavior to remain exactly the same after the upgrade and allowing it to be backward compatible.
  • New feature: New syntax for referencing fields on repeating instances in piping, logic, and calculations
    • Fields that exist on a repeating instrument or on a repeating event can be referenced using a new syntax (note: repeating events and instruments are used the exact same way). This is done by appending the “repeat instance” number to the field inside square brackets – e.g., [weight][2], which points to repeating instance #2 for the field “weight”.
    • Please note the distinction that unique event names should be *prepended* to variables whereas repeating instance numbers must be *appended* to them. For example, if the field “weight” exists on a form in the event “Visit Data” in a longitudinal project, you might reference instance #2 for that field on that specific event with the following: [visit_data_arm_1][weight][2].
    • Smart Variables can be used in place of the repeating instance number, in which there are 5 instance-related Smart Variables: [previous-instance], [next-instance], [current-instance], [first-instance], and [last-instance]. For example, if you wish to use @DEFAULT action tage to carry over data from the previous instance of a repeating instrument, it might be set up as follows: @DEFAULT=”[weight][previous-instance]”.
  • Improvement: Piping can now be used for checkbox fields
    • Piping from Checkbox fields is slightly different than with other field types because checkboxes allow for multiple saved values. There are options to display a list of checked choices, unchecked choices, or a specific choice.
      • [my_checkbox:checked] - Appending ':checked' will display a comma-delimited list of choice labels that have been checked - e.g., 'Sunday, Tuesday, Thursday'. Note: If neither ':checked' nor ':unchecked' is appended to the variable, then it will default to ':checked'.
      • [my_checkbox:unchecked] - Appending ':unchecked' will display a comma-delimited list of choice labels that have NOT been checked - e.g., 'Monday, Wednesday, Friday, Saturday'.
      • [my_checkbox(code)] - If a coded value of the checkbox is included inside parentheses after the variable name - e.g., [my_checkbox:(2)] - then it will output the word 'Checked' or 'Unchecked' regarding whether or not that specific choice has been checked off.
    • Please note that while the checkbox piping options listed above will return the text labels, you may also append ':value' to the variable to return the raw value instead of the label. For example, [my_checkbox:checked:value] and [my_checkbox:unchecked:value] might return '1, 3, 5' and '2, 4, 6, 7', respectively, and [my_checkbox(2):value] will return 1 or 0 if checked or not checked, respectively.
  • Improvement: Multiple choice fields can now have their raw value (as opposed to their choice label) piped by appending “:value” to the variable name – e.g., [my_radio_field:value]. Note: This can also be used for SQL Fields to display the raw value of the SQL Field drop-down.
  • Improvement: Multiple choice fields can now have their raw value (as opposed to their choice label) piped inside an @DEFAULT action tag by appending “:value” to the variable name – e.g., @DEFAULT=”[my_radio_field:value]”.
  • Minor security fixes: Some Cross-Site Scripting (XSS) vulnerabilities were found on various pages in which a malicious user could potentially exploit them by manipulating the query string or POST parameters of particular HTTP requests. Part of this batch of fixes includes a change in the REDCap API's "content-type" HTTP header for CSV exports from "text/html" to "text/csv" as an extra preventative measure to protect against XSS.
  • Major bug fix: On some extremely rare occasions when loading a public survey, it might mistakenly display the data from a previous response rather than displaying the page with all fields blank.
  • Change/improvement: If a REDCap installation is using two-factor authentication and has the Google Authenticator option enabled, then when new users initially verify their email address when first logging in to REDCap, it will now display the instructions for setting up the Google Authenticator app on that page after the email verification is successful. This will be necessary for installations that are utilizing Google Authenticator as the only two-factor option and also are not using Table-based authentication. (Note: This functionality does not apply to installations using Table-based authentication since that does not require email verification.)
  • Bug fix: The "expand" link would mistakenly not work for the "Custom text to display at the top of the Help & FAQ page" textbox field on the General Configuration page in the Control Center.
  • Bug fix: When deleting a repeating event instance on the Record Home page, it might mistakenly delete all files uploaded to any File Upload fields on other repeating instances of that event. (Ticket #37988)
  • Various fixes and updates for External Modules framework
  • Bug fix: When viewing the Survey Invitation Log in a project using the Twilio telephony services for surveys, it would mistakenly display the "Record" and "Participant Phone" headers for the wrong columns in the table.
  • Bug fix: When using the REDCap Mobile App for a project that contains Descriptive fields that have inline images, if the file storage setting has been set to "WebDAV" on the File Upload Settings page in the Control Center, the images would mistakenly not get synced to the mobile app correctly.
  • Bug fix: The action tags @NONEOFTHEABOVE and @MAXCHECKED would not work well together and would cause @NONEOFTHEABOVE to malfunction when using both tags on a single checkbox field. (Ticket #38119)
  • Bug fix: When using a custom Data Quality rule to find a field with a blank value, in which the field exists on a repeating instrument, it would not always return the correct results. (Ticket #37067)
  • Bug fix: When using the Google Authenticator app for two-factor authentication and an administrator clicks the "Send instructions via email" for 2-step login on the Browse Users page, it would mistakenly try to embed the QR code image in the email sent. But if the user was not currently logged into REDCap, then it would mistakenly display a broken image in the email contents instead.
  • Various fixes and updates for External Modules framework
  • Bug fix: The documentation for action tags @TODAY and @NOW mistakenly state that a field using either action tag would be disabled and not editable, which is no longer true but used to be true in older versions. (Ticket #32537)
  • Bug fix: When uploading an instrument zip file in the Online Designer, it would mistakenly truncate the form name to 50 characters in length when instead it should be truncating it to 64 characters if the form name was longer than that.
  • Bug fix: When using the PDF Auto-Archiver for a survey, if the project has all its data erased via the "Erase all data" button on the Other Functionality page or if the project is moved to production while opting to delete all records, then it mistakenly would not delete all the archived PDF files in the File Repository. (Ticket #38660)
  • Bug fix: When clicking the "exclude" or "remove exclusion" link in the discrepancy results in the Data Quality module when using a non-English language for the text of that project, it would mistakenly only show the text in English right after clicking those links. It should instead display them in the project language. (Ticket #38408)
  • Bug fix: If using an SSL database connection for MySQL, plugins and some external modules pages would mistakenly return an error and not load. After upgrading to this version, an administrator will need to download the zip file containing outdated non-versioned files on the Configuration Check page, and then follow the instructions there. (Ticket #37763)
  • Change/improvement: Non-versioned files (e.g., redcap/index.php, redcap/surveys/index.php) now make a database connection via redcap_connect.php to determine the current REDCap version (when appropriate). In previous versions, those files would naively assume the highest numbered version that was inferred from the REDCap version directory name, which would sometimes lead to erroneous conclusions about the correct version number.
  • Bug fix: On very rare occasions, creating a new user role in a project might mistakenly result in displaying an error to the user that states that an email could not be sent to the user, which does not make sense because there is no user in this context. This was supposedly fixed in the previous version but was not. (Ticket #37465)
  • Bug fix: When deleting a form's data using the "Delete data for THIS FORM only" button at the bottom of a data entry page, if it is a repeating instrument, it would mistakenly fail to mention that this action would only delete the current repeating instance of the form, not all repeating instances of that form.
  • Bug fix: The SQL mapping file for installing the DDP Custom demo web service might cause an SQL error and not execute successfully if DDP mapping has already been performed for any DDP Custom project in the system.
  • Bug fix: The Dynamic Data Pull (DDP Custom or DDP on FHIR) module was mistakenly unable to utilize repeating instruments or repeating events for capturing temporal data.
  • Change/improvement: Added stats for e-Consent Framework usage on the Control Center's System Statistics page.
  • Change: Added extra note at the bottom of the REDCap Messenger informational page that states that entering PHI or PII into a Messenger's conversation title is highly discouraged because conversation titles are much more visible than conversation text.
  • Change/improvement: When using the Copy Project button on the Other Functionality page, it now copies the Record Locking Customization settings for the project.
  • Change/improvement: When using the Copy Project button on the Other Functionality page, it now displays an option to the user to copy all custom record status dashboards in the project.
  • Bug fix: When using AAF authentication, the cross-site request forgery (CSRF) protection would not work properly.
  • Bug fix: When an unsuccessful login attempt occurs in REDCap, it now only logs the username value entered if the value is a valid REDCap user's username. If not, it instead logs it as "[not_valid_username]" in the redcap_log_view database table. This fixes a potential security hole in which some users might mistakenly enter their password in the username login field, in which it would log their password in plain text in the redcap_log_view database table and thus could be viewable to anyone with direct access to the backend database.
  • Bug fix: When adding a new user in REDCap (in several places throughout the application), if user attempts to create a username containing an ampersand, it would not allow it even though the error message says that ampersands are allowed. This error message text is incorrect because ampersands are not allowed in REDCap usernames. (Ticket #39267)
  • Bug fix: When running Data Quality rule H, it might mistakenly not return some discrepancies in very specific cases. This would most often occur when the calculated value has a decimal while the saved value does not contain a decimal (and vice versa). (Ticket #38488)
  • Bug fix: When using a Live Filter on the "Stats & Charts" page of a report, in which no results should be displayed for the selected Live Filter, it would mistakenly display all records in the charts and stats tables on the page. (Ticket #39349)
  • Bug fix: When using conditional logic, report filters, etc., in which certain text is used inside double quotes or single quotes (i.e., text that is used internally by REDCap as special processing tokens), it would sometimes mistakenly return no results instead of the desired results. (Ticket #32295, #39418)
  • Change: New DDP on FHIR setup instructions for Cerner were added to the DDP on FHIR zip file.
  • Change: The BioPortal biomedical ontology web service is now called through a secure method (SSL/HTTPS) by REDCap. This will not affect how the ontology field search works, but provides more security by encrypting all the requests being sent from REDCap to the data.bioontology.org website. (Ticket #39613)
  • Bug fix: Inside the red box that appears at the top of the data entry form when viewing a survey response, it would mistakenly report that other users contributed to the survey response, even though those users may have entered data on another instrument for that record. This issue cannot be fixed for existing responses, but the issue will no longer occur for any new responses created. Additionally, the text that denotes the users that have contributed after the survey was completed would be incorrect if users may have entered data on another instrument for that record, but this issue (unlike the other one described above) will be fixed retroactively for existing responses and for new responses. Also, both of these issues would mistakenly include calc fields when determining contributors; however, calc fields will no longer be considered because they can be triggered from data being entered elsewhere for a record. (Ticket #38545)
  • Bug fix: When exporting data to a stats package for a project that contains repeating instruments, the choices listed for the field "redcap_repeat_instrument" in the stats package's syntax file would mistakenly have the instrument label repeated multiple times for that field if that instrument were set to be repeating on multiple events in the project. (Ticket #38529)
  • Bug fix: When viewing the Public Survey Link page of a project containing multiple arms, if the first data collection instrument is not designated for the first event of the current arm, it would mistakenly display the public survey link of another arm (typically the first arm). It now displays a warning on the page to inform the user to fix this issue by designating the first instrument for the first event of that arm. (Ticket #39647)

Version 8.3.2 - (released 3/15/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Survey-specific email invitation fields
    • This is a new option on the Survey Settings page that can be enabled for any given survey, in which a user may designate an email field for sending survey invitations for that survey only.
    • The email field being utilized for the survey can exist on any instrument in the project, and you may use a different email field on each survey. You may also use the same email field for multiple surveys.
    • This feature is similar to the project-level email invitation field except that it is employed only for the survey where it has been enabled. This allows users to have data entry workflows that require multiple surveys where the participant is different for each survey. Using this feature, multiple people can be emailed a survey invitation, after which all the survey data they enter goes into the same record in the project.
  • Improvement: The REDCap::getParticipantEmail method has a new optional parameter ($instrument) that can be utilized, in which $instrument is the unique/back-end name of the data collection instrument. This parameter only needs to be passed when utilizing the survey-specific email invitation field for a given survey, in which there might exist a different email address for that specific survey than for other surveys in the project.
  • Improvement: The datepicker widgets and timepicker widgets that are displayed on data entry forms and survey pages now have their language abstracted so that it will display the months, days of the week, and buttons in the language set for the project.
  • Bug fix: When using the Data Search feature on the "Add/Edit Records" page, clicking the keyboard's down arrow button mistakenly no longer selects an option returned from the search. (Ticket #37144)
  • Bug fix: In a longitudinal project, when a user clicks the "Delete data for THIS FORM only" button on a data entry form, if data exists on other events for the current record AND the form being deleted is the only form containing data on the current event, then that event would mistakenly still show up in reports and data exports even though it no longer contains any data and shows gray status icons for all the instruments in the event. In the previous version, this bug was fixed for most scenarios (traditional longitudinal and repeating instruments) except not for repeating events. This now fixes the issue for repeating events. (Ticket #35814, #37290)
  • Bug fix: If a user requests that their project be moved to production by an administrator, in which the administrator does not use the To-Do List nor the link in the request email but instead just goes to the project directly to move it to production, then the original request would mistakenly not get removed from the To-Do List. (Ticket #37159)
  • Bug fix: When searching by project title on the Browse Projects page when a username has not been entered in the user search box, it would mistakenly assume that a username named "Search" was entered. This only occurs when using Internet Explorer. This would also cause the user button at the top right of the page to mistakenly say "User does not exist". (Ticket #37497)
  • Bug fix: On very rare occasions, creating a new user role in a project might mistakenly result in displaying an error to the user that states that an email could not be sent to the user, which does not make sense because there is no user in this context. (Ticket #37465)
  • Change: On the Browse Users page, it will no longer display the "Verified" or "Not yet verified" flag next to a user's email address if the user is a Table-based user. This is because the email verification is only ever utilized for non-Table-based authentication. (Ticket #37474)

Version 8.3.1 - (released 3/9/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: REDCap will routinely check to see if any External Modules have updates available for download in the REDCap Repo. If some do, it will display a message in the Control Center to allow an administrator to easily update the modules.
  • Improvement: If the REDCap installation has been set to report its REDCap stats "manually" (rather than "automatically") on the General Configuration page, it will provide a new button on the Control Center "Notifications" page that says "Try auto-sending stats", which will double check if the server is able to send its REDCap stats automatically. And if the button is clicked and is successful, it will automatically set the installation's reporting method to automatic.
  • Improvement: Sponsor Dashboard requests that are listed on the To-Do List page will now have the selected users' usernames in the To-Do List item's comment so that the administrator may reference this (if needed) while processing the request.
  • Improvement: When the Google Authenticator option has been enabled while using two-factor authentication, it now displays a button on the Browse Users page in the Control Center that, when clicked, will email the user the instructions for setting up Google Authenticator for their REDCap account. This feature will be useful when all other two-step login options have not been enabled and the user cannot successfully log in to REDCap.
  • Various fixes and updates for External Modules framework.
  • Change: When using the designated email invitation field (enabled on the Project Setup page), if the field is located on an instrument that gets used on multiple longitudinal events or if it is located on a repeating instrument/event, all occurrences of the field will now be forced to have the same value. This means that if one value is entered for the field, that value will always be the value seen in other events or other repeating instances of the instrument. And if the value is changed on any event or repeated instance, then that value will be updated on all events or repeating instruments/events where the field has a value. This will keep the field's value in sync in all locations since the underlying assumption of the designated email invitation field is that there is really only one single value, which is the email address of the survey participant.
  • Bug fix: On the Project Templates page in the Control Center, it would mistakenly display deleted projects in the project drop-down list when choosing a project to enable as a project template. (Ticket #36672)
  • Bug fix: When the "Save & Return Later" setting is enabled on a survey and the "Allow respondents to return without needing a return code" option is checked, if a participant's email address is known when they click the "Save & Return Later" button on the survey page, it would mistakenly display some text on the page that implied that they would need a Return Code to return to the survey, which is incorrect. (Ticket #36729)
  • Bug fix: In a longitudinal project, when a user clicks the "Delete data for THIS FORM only" button on a data entry form, if data exists on other events for the current record AND the form being deleted is the only form containing data on the current event, then that event would mistakenly still show up in reports and data exports even though it no longer contains any data and shows gray status icons for all the instruments in the event. (Ticket #35814)
  • Bug fix: In a longitudinal project, the Scheduling module might mistakenly crash due to a fatal PHP error when attempting to generate a schedule for a record. This was often due to using either a negative Day Offset value or negative Offset Range value for certain Start Date values. Bug emerged in REDCap 8.2.2. (Ticket #36592)
  • Bug fix: REDCap Messenger might throw a JavaScript error after being opened because certain web browsers are beginning to deprecate synchronous AJAX requests in JavaScript. (Ticket #36970)
  • Change: When exporting data to SPSS, the resulting SPSS syntax file now defines Text fields as A30000 rather than A500 to allow for Text fields with text longer than 500 characters.
  • Bug fix: When using the @NOW action tag for a date field (rather than a datetime field), it mistakenly inserts the full timestamp into the date field, which results in a field validation error. It now instead inserts only today's date as a value into the field, as if @TODAY were used. (Ticket #36969)
  • Bug fix: If a slider field on a survey or data entry form is set to display its numerical value, if "100" is selected for the slider, the text field would partially cut off the value being displayed. (Ticket #37048)
  • Bug fix: When using "<>", "<", or "<=" in the choice labels for drop-down, radio, or checkbox fields on an instrument, they would not display correctly on the page but instead might omit those operators or instead display nothing as the choice label. (Ticket #37007)

Version 8.3.0 - (released 3/1/2018)

NEW FEATURES, BUG FIXES & OTHER CHANGES:

  • New features: PDF Auto-Archiver & e-Consent Framework
    • PDF Auto-Archiver
      • Upon survey completion, a compact PDF copy of the survey response can be automatically stored in the project's File Repository, from which the archived PDFs can be downloaded at any time.
      • This setting is located on the Survey Settings page in the Online Designer, thus it can be enabled for any given survey in a project.
    • e-Consent Framework
      • This feature, which works together with the PDF Auto-Archiver, provides functionality for user’s to implement electronic consent (e-Consent) using a survey as the consent form, such as for capturing the consent of a research study participant.
      • The e-Consent Framework option adds two things to the typical survey-taking process. 1) Before a participant completes the survey, an extra certification page is added to end of the survey that displays an in-line PDF copy of their survey responses in which they will be asked to confirm that all information in the document is correct. Once they confirm all is correct, the survey will then be marked as complete. The survey will not be considered complete until they fulfill the certification step. 2) Upon completion of the survey, a static copy of their responses in the form of a consent-specific PDF will be stored in the project's File Repository. The consent-specific PDF will have the values of the e-Consent Framework Options inserted at the bottom of each page in the PDF. These values (i.e., name, date of birth, etc.) are added to the PDF as extra documentation of the identity of the person who is consenting.
      • A participant’s IP Address is also recorded and displayed in the File Repository after the e-Consent process, but this option to collect the IP address can also be optionally disabled at the system level (if desired) on the Modules/Services Configuration page in the Control Center.
      • The e-Consent Framework feature can be disabled at the system level (if desired) on the Modules/Services Configuration page in the Control Center.
      • In addition to storing the e-Consent PDFs in a project’s File Repository, you may also optionally enable the External Storage option (requires PHP 5.6.0+), which will automatically store the PDFs on a separate file server (using WebDAV or SFTP). This external file server may serve as a giant “vault” for your entire REDCap installation’s consent forms. This is a system-level setting that can be enabled on the File Upload Settings page in the Control Center.
  • New feature: New method REDCap::getValidFieldsByEvents for plugins, hooks, and modules. This method returns an array of field names belonging to instruments that are designated for specified events in a longitudinal project. The method also contains the option to include or exclude the project's Record ID field.
  • Improvement: The Survey Invitation Log now contains an extra column on the right-hand side to allow users to delete many scheduled invitations at once (rather than having to delete them one at a time).
  • Improvement: Checkbox fields may now be utilized in the DDP Custom or DDP on FHIR modules when importing data from external sources/EHRs. This will be useful because certain systems might record some non-temporal fields (e.g., race) as multi-value fields. Note: If multiple values are detected from the DDP source system/EHR for a field that is neither a temporal field nor a checkbox field, it will display a red warning message in the DDP adjudication popup informing the user that multiple values have been detected and that only one value can be imported unless they convert the field into a checkbox field.
  • Improvement: The Configuration Check page in the Control Center now checks to see if the REDCap server can communicate with all the various third party websites/services that are used within REDCap. These include Twilio, PROMIS, BioPoral, Bit.ly, and IS.GD.
  • Bug fix: When deleting an individual survey invitation or modifying an invitation's send time on the Survey Invitation Log, the logging would mistakenly state that "SYSTEM" performed the action rather than the user's username.
  • Various fixes and updates for External Modules framework
  • Bug fix: On the Field Comment Log page in a project, if a user is using the Internet Explorer web browser, clicking the "Apply filters" button would mistakenly cause it mistakenly to search for the keywords "Keyword" and "search" even when the "Keyword search" text box has been left blank. This would often cause it to return no results, which is confusing. (Ticket #36266)
  • Bug fix: Projects that use repeating events or repeating instruments will now *always* output the "redcap_repeat_instrument" and "redcap_repeat_instance" fields in a report or data export, as well as the output of REDCap::getData, regardless of whether the report/export contains any repeating data or not. In previous versions, it would mistakenly only output those fields if any data in the report/export was repeating. This means that the number of columns would vary unpredictably based on the filters applied to the report/export (or based on the parameters passed to REDCap::getData), which is confusing and inconsistent with how reports/exports typically behave. (Ticket #36263)
  • Bug fix: When a record is deleted in a project (either via the user interface or via API), the logging page would mistakenly display the event name for the logged event, which is confusing because the record as a whole was deleted, not just for a specific event. It now no longer displays the event name for the logged event, and if the project contains multiple arms, it will instead display the number and name of the arm from which the record was deleted. (Ticket #36358)
  • Bug fix: When viewing the data entry form of a repeating instrument, in which the "Current instance" drop-down list is displayed at the top of the page, if a user clicks the "+" button inside the drop-down rather than clicking the "Add new" text, it would mistakenly take the user to an incorrect page.
  • Bug fix: When viewing/exporting a report or using the REDCap::getData() method in a longitudinal project with multiple arms, in which the user is exporting data from an arm that currently has no records in it (i.e., the data set being returned should be empty because there is no data from that arm to return), then it would mistakenly output a list of all records from other arms but with blank/default values. (Ticket #36470)
  • Bug fix: In a longitudinal project with multiple arms, in which a record exists on more than one arm, if a user clicks the "Lock all instruments across all events" on the Record Home page on a certain arm, it would mistakenly lock all the instruments/events on other arms in addition to the current arm. It should only lock the instruments on the current arm. Note: The unlocking process does not appear to be affected by this issue.
  • Bug fix: When using DDP Custom or DDP on FHIR and adjudicating temporal data for several different events, if a field value is adjudicated in one event, it might mistakenly get marked as adjudicated for that same field in other events. This causes the field to be hidden in the DDP adjudication popup when viewing the other events, so it makes it appear as if it has already been adjudicated when it has not.
  • Bug fix: On certain occasions, the Scheduling module might mistakenly crash due to a fatal PHP error when attempting to generate a schedule for a record. This appears to only occur for PHP 5.3. (Ticket #36592)

Version 8.2.3 - (released 2/23/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement/change: To help with troubleshooting PHP errors occurring on the REDCap server, the line "global $log_all_errors; $log_all_errors= true;" can be added to the database.php file, which will log all PHP errors, warnings, and notices to the designated PHP log file. (Ticket #35868)
  • Improvement: On the "Browse Users" page, the "View User List By Criteria" tab has a new display option "Has never logged in" to help administrators quickly find users (typically when using Table-based authentication) that have a REDCap account but have never actually logged in to REDCap.
  • Improvement: The REDCap::getData method for plugins/modules now has an alternative way of passing parameters to the method. Rather than providing the method's parameters individually, they instead may be passed to the method in an associative array, in which each key in the array exactly matches the parameter names listed above (must match case). Note: Not all the parameters have to be included in the array, but only the ones one wishes to set explicitly. Example: $params = array('return_format'=>'json', 'filterLogic'=>'[age] >= 18', 'fields'=>array('dob','record_id')); $data = REDCap::getData($params);
  • Major bug fix: If a longitudinal project has more than one arm and also has the Secondary Unique Field enabled, if a record exists in multiple arms, then whenever a user saves a value on a form or survey for the Secondary Unique Field, it would mistakenly set that value for all events in all arms for that record when instead it should only set that value for all events in the current arm.
  • Minor security fix: Some Cross-Site Scripting (XSS) vulnerabilities were found on various pages in which a malicious user could potentially exploit them by manipulating the HTTP Referrer header of an HTTP request.
  • Bug fix: When viewing a record on a data entry form that exists on a repeating event and then clicking a PDF download option to download that instrument with saved data, the resulting PDF would mistakenly contain all the repeated instances of the instrument for that record instead of just the current instance being viewed. This issue does not occur for repeating instruments but only for instruments on a repeating event.
  • Bug fix: For a matrix of fields displayed in the Online Designer, the matrix headers were not aligning correctly with the radio button/checkbox for the fields. This only occurred when viewing a matrix in the Online Designer.
  • Bug fix: When using the date-picker or datetime-picker widget to select a date/time on a form, survey, or other page in REDCap, the field validation alert might get called prematurely, which can cause it to be displayed to the user unnecessarily or may even cause the user to get stuck (because the widget keeps displaying whenever it is closed) and have to reload the whole page. (Ticket #35735)
  • Various fixes and updates for External Modules framework
  • Bug fix: When uploading a file using Send-It, if the recipients text box is left blank when the submit button is clicked, it would forever say "Working...", in which the user would have to manually reload the page in order to start over. (Ticket #35986)
  • Bug fix: When using the Record Status Dashboard in a project with Data Access Groups, if the paging drop-down has a specific page selected and then the user selects a Data Access Group from the DAG drop-down, it could mistakenly try to display a "page" of records that does not exist for the new resulting data set and thus would display "no records", which could be confusing. In this case, it will now revert back to page 1 if the selected page no longer exists for the new DAG selection. (Ticket #36053)
  • Bug fix: When using the Randomization module in a project and attempting to randomize a record on a data entry form in which the @NOW or @TODAY action tag is used *and* piping is also being performed on the same form, then the "Randomize" button would fail to appear if the user was specifically using iOS (Mobile Safari web browser). (Ticket #35998)
  • Bug fix: On the Sponsor Dashboard and Browser Users pages, it would mistakenly allow a user to utilize the actions "Reset password", "Set account expiration", and "Extend account expiration" on users that have been suspended. It should not allow those actions on suspended users.

Version 8.2.2 - (released 2/15/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: The "Browse Projects" page has a new option to perform a keyword search on the project title to find projects more quickly. This option can be used with or without the username search at the same time on that page. When searching by project title, it will order the project list based on best match with the keywords entered.
  • Improvement: Added new "Record ID" column in the Survey Invitation Log table to allow users to find specific invitations more efficiently. Note: If the record name should not be displayed in order to preserve the anonymity of a response (e.g., participant identifier is not used, designated email field is not used), it will instead display an icon indicating that the record name cannot be displayed.
  • Improvement: Added new filter on the Survey Invitation Log table to allow users to filter the invitations by record ID.
  • Improvement/change: Added new "Record ID" column in the Participant List table. In previous versions, the record ID was appended to the email address in the "Email" column. Having its own column will allow users to find specific participants more efficiently.
  • Improvement: When opening the "Add/Edit Branching Logic" popup in the Online Designer, it could sometimes be very slow to open if the project contains many fields, especially many multiple choice fields. The popup could even be slow when the selected field does not even have branching logic yet. To improve this, it now defaults to selecting the "Advanced" option first when the popup opens and only attempts to load the "Drag-N-Drop" draggable field choices when that option has been selected by a user. While this won't completely alleviate the issue of the "Drag-N-Drop" option being slow when there are many fields, this will make it much more palatable in a majority of situations when branching logic is being added/edited in the Online Designer. (Ticket #1905)
  • Improvement: If a field has branching logic, the Online Designer now displays the logic (up to the first 65 characters) on the field so that the user can view it easily without having to open the Add/Edit Branching Logic popup.
  • Change/improvement: The Control Center login option "Disable autocomplete feature in user's browser for username/password fields on REDCap login page?" has been improved to work more dependably in more browsers. Also, other pages with "password" type fields, such as the File Upload Settings page in the Control Center, have also been improved to prevent accidentally injecting a user's username and password in places where not appropriate or not correct. (Ticket #35339)
  • Change/improvement: If an administrator is moving a project in production back to development status and the project is in Draft Mode, it will now automatically create a Data Dictionary Snapshot of the drafted changes and store the snapshot on the Project Revision History page.
  • Major bug fix: When using the "Save & Return Later" survey feature, and a participant has partially or fully completed a survey, in certain cases if they use the return code and enter it while using the public survey link (as opposed to a private/unique survey link), it might mistakenly create a new record instead of modifying the existing record.
  • Bug fix: When viewing the Participant List of a survey that is a repeating instrument or is on a repeating event, REDCap would mistakenly add extra placeholder rows in the Participant List if the instrument is utilized on multiple events. These extra ghost/placeholder rows would point to non-existing instances of an instrument. Note: If these placeholder rows have already been created in the Participant List, then unfortunately they will not be able to be removed. (Ticket #34741)
  • Bug fix: When a non-CSV file is being uploaded into a place where only CSV files are permitted (e.g. Data Import Tool, Data Dictionary), it would mistakenly provide a link to a Microsoft webpage that no longer exists. The link URL has now been replaced with a working link.
  • Bug fix: When performing a data import in a project with repeating instruments or repeating events, in which the redcap_repeat_instance field is included in the import file but is mistakenly given a non-numerical value, then the data values on that row might mistakenly be saved in the database incorrectly. (Ticket #35143)
  • Bug fix: In the Scheduling module when using a Start Date with the year 2038 or higher, it would mistakenly return dates in the year 1969 for the projected schedule that is generated. (Ticket #35178)
  • Bug fix: When a sponsor sends a request via the Sponsor Dashboard, after a REDCap administrator approves the request, the confirmation email being sent back to the sponsor would mistakenly mention the approver's username in the email body rather than the requester's username.
  • Change/improvement: When a sponsor sends a request via the Sponsor Dashboard, after a REDCap administrator approves the request, the confirmation email being sent back to the sponsor now lists the usernames of all the users to which the sponsor request was applied.
  • Bug fix: Fixed compatibility issues when using REDCap with PHP 7.2. This includes a fatal PHP error on the REDCap install page, and a fatal PHP error when downloading a PDF of an instrument. (Ticket #35240)
  • Bug fix: On the Data Dictionary upload page, it might mistakenly display some uninterpreted HTML tags and some misformatted text for warnings and errors on the page after uploading a Data Dictionary. (Ticket #35499)
  • Bug fix: If running PHP 5.3 on the REDCap server, in certain situations the Configuration Check page might mistakenly fail to mention that PHP 5.4 or higher is required in order to use External Modules.
  • Bug fix: When using the "Save & Return Later" survey feature with the option enabled to "Allow respondents to return and modify completed responses", if a respondent begins a public survey and clicks "Save & Return Later", and then returns to the partially completed survey using a private survey link (not using the public survey link as before) and completes the survey, and then returns to the completed survey again using the public survey link (not the private survey link), using the return code they obtained the first time they visited the survey (not the return code they obtained later that is tied to the private link), and then they click "Save & Return Later", it will mistakenly set the survey status back to incomplete even though the survey has been completed. (Ticket #35210)
  • Bug fix: When downloading a "compact" PDF of a survey response for a survey that has question auto-numbering enabled, the question numbers displayed in the compact PDF will not be correct when compared to the real order in which the questions appeared on the survey page.
  • Bug fix: When downloading a PDF of an instrument while on a data entry form, in which data has been modified on the form, after clicking a "download PDF" option it would mistakenly display a confirmation prompt letting the user know that they will be abandoning the page, which is not true. So the prompt is unnecessary and confusing.
  • Bug fix: When downloading a file attachment for a Descriptive field on a survey, in which data has been modified on the survey page, it would mistakenly display a confirmation prompt letting the participant know that they will be abandoning the page, which is not true. So the prompt is unnecessary and confusing. (Ticket #35436)
  • Change: If the secondary unique field is enabled and contains HTML tags in its field label, those tags will now be stripped out when displaying the label and value of the secondary unique field throughout a project, such as on a report, top of data entry page, and the left-hand project menu when a record is selected. This hash been changed because HTML tags in the field label could distort the user interface in unpleasant ways.
  • Bug fix: If a report is being sorted by the record ID field in descending order or the record ID field is sorted as asc/desc with one or two other sort fields, and the project has record auto-numbering enabled but the record ID field does not have integer/number validation, then the report would fail to order the results correctly.
  • Bug fix: When viewing the "Stats & Charts" page for a report, slider fields and calc fields would mistakenly not have a scatter plot displayed for them.
  • Bug fix: The field label of the Secondary Unique Field would mistakenly get displayed even if the field has no value. It should not display the label unless there is a value. (Ticket #35637)
  • Bug fix: When importing data into a project in XML format via the API or via the plugin method REDCap::saveData(), in certain cases it would not gracefully handle an error in the XML but would instead mistakenly cause a PHP fatal error. (Ticket #35368)
  • Bug fix: If a survey is using "Save & Return Later" with the option "Allow respondents to return without needing a return code" enabled, then if a participant clicks the "Save & Return Later" button at the bottom of the survey, in the email that REDCap sends to the participant with the survey link needed to continue the survey, the email text would mistakenly mention that a return code would be needed, which is not correct. (Ticket #33365)
  • Change/improvement: When performing an API export in JSON format for the API methods Export Users, Export Project Info, Export Survey Participants, and Export Events, while the values in the API response were all correct, some API scripts were having trouble with the fact that some integers were returned in string format (surrounded in quotes) rather than as literal integers in the JSON response. Now they should all be returned as literal integers.

Version 8.2.1 - (released 2/1/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: A new system-level setting was added on the Control Center's "User Settings" page: "Allow normal users to modify the 'Repeatable Instruments & Events' settings for projects while in production status". This setting is enabled by default, but if disabled by an administrator, normal users will not be able to open or save the 'Repeatable Instruments & Events' popup dialog on the Project Setup page while the project is in production, in which only administrators will be able to do so.
  • Improvement/change: The Font Awesome 5 iconic font and CSS toolkit is now included as part of REDCap.
  • Improvement/change: The project Logging page now provides useful contextual information for the ASI logged event "Automatically schedule survey invitation", in which it will display the record name, survey title, and event name (if longitudinal).
  • Improvement/change: The project Logging page now logs when a survey invitation that was scheduled via ASI gets deleted due to the ASI option "Ensure logic is still true before sending invitation?", in which the logged event will display useful contextual information, such as the record name, survey title, and event name (if longitudinal).
  • Improvement/change: The project Logging page now logs when a survey invitation is deleted or when its send-time is modified on the Survey Invitation Log, in which the logged event will display useful contextual information, such as the record name, survey title, and event name (if longitudinal).
  • Performance improvement: For projects containing a large amount of records (i.e., thousands or tens of thousands), some pages in the project might become very slow, and if a user repeatedly attempts to open a page that is initially slow to open, often due to slow database queries being executed, then those queries can get backlogged on the database server and reduce performance over time. A new mechanism has been implemented that will improve server performance in these cases by actively killing off any abandoned MySQL processes that are still running on the server.
  • Major bug fix: When downloading the CSV export of a survey's Participant List, a race condition might occur if multiple users are downloading the list (or if multiple requests are coming from the same user) near-simultaneously, in which it could possibly return a Participant List export file that contains Survey Access Codes that do not really exist and are therefore not valid access codes. (Ticket #34862)
  • Bug fix: The setting for "External Modules: Alternate module directories" on the Modules/Services Configuration page in the Control Center did not have clear examples and had confusing instructions.
  • Bug fix: The dashboard page in the Randomization module might mistakenly not get rendered correctly and thus may not be viewable if malformed HTML exists in the field label or choice label of the randomization field or a criteria field.
  • Bug fix: The "Set up Survey Queue" popup in the Online Designer would mistakenly note that the first survey instrument is not displayed in the popup and therefore cannot be used in the Survey Queue. However, this is no longer true (but was true in earlier versions), so that incorrect text has now been removed.
  • Change: The icons used to represent projects with "archived" status now use the Font Awesome "archive" icon instead.
  • Bug fix/change: When an administrator is processing a request submitted via the Sponsor Dashboard in which the things being requested are no longer applicable (e.g., if a user was requested to be suspended, but the user has been suspended through other means before the request was processed), it would display a confusing message to the administrator. Now in these situations it lets the administrator know that there is nothing to do and that they should contact to the requester to let them know that the request does not need to be completed.
  • Improvement: A new "hide suspended users" option was added to the Sponsor Dashboard to allow sponsors to hide suspended users when viewing that page.
  • Bug fix: For a survey that does not have "Save and Return Later" enabled, if a respondent returns to an incomplete survey response using a unique survey link, it would mistakenly display the "Start Over" button to allow them to erase their answers even if the response had been locked by a user on the data entry form. Respondents should not be able to modify data or erase data if the form has been locked. This has been changed so that if the response is locked, it will not display the "Start Over" button and will inform the respondent that they cannot do anything until a survey administrator has unlocked their response. (Ticket #34676)
  • Bug fix: Fields having any of the "Number (comma as decimal)" validations would mistakenly not have their scatter chart or descriptive stats displayed on the "Stats & Charts" page for a report.
  • Bug fix: When copying an instrument via the "Copy" action in the Online Designer, if the instrument contains a "calc" field in which its equation has been left blank, it would display an error stating that the instrument could not be copied.

Version 8.2.0 - (released 1/25/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • Medium security fixes: Many Cross-Site Scripting (XSS) vulnerabilities were found in various pages in which a malicious user could potentially exploit them by manipulating the query string or POST parameters of an HTTP request.
  • Minor security fixes: Some Cross-Site Scripting (XSS) vulnerabilities were found on the "Create users (bulk upload)" section of the "Add Users" page in the Control Center, in which a malicious user could potentially exploit them by manipulating the contents of the CSV file that an administrator uploads on that page to create new Table-based users.
  • New feature: Sponsor Dashboard
    • The Sponsor Dashboard can be utilized by users who have been designated as a sponsor for another REDCap user. In many cases a sponsor is a secondary contact person for the user or someone that helps manage the account (or perhaps they requested that the account be created). The Sponsor Dashboard allows sponsors to manage their sponsored users by viewing various information about them, such as username, name, expiration, suspended status, and some general activity. The dashboard contains various functions to allow sponsors to make requests to REDCap administrators to help manage their sponsored users by performing the following actions: 1) resetting passwords (Table-based authentication only), 2) Setting/expiring a user’s account expiration, 3) suspending users, and 4) unsuspending users.
    • A link to the dashboard will be displayed at the top of the My Projects page for any users that are a sponsor.
    • If an institution decides not to allow sponsors to use the Sponsor Dashboard, it can be disabled on the User Settings page in the Control Center.
    • Note: The User Settings page in the Control Center also contains a setting “Default amount to set/extend user expiration times”, which sets the default time (in days) for setting or extending a user’s account expiration time when requested by a sponsor. In the specific case where the expiration time is being set (not extended), the administrator has the ability to modify the exact expiration time during the request approval process.
  • Improvement: Major improvements to the “Browse Users” page in the Control Center – Borrowing from the functionality of the new Sponsor Dashboard, administrators may now perform the following actions on many users at once: 1) resetting passwords (Table-based authentication only), 2) Setting/expiring a user’s account expiration, 3) suspending users, and 4) unsuspending users.
  • New API method: Export Repeating Instruments and Events - This method allows you to export a list of the repeated instruments and repeating events for a project. This includes their unique instrument name as seen in the second column of the Data Dictionary, as well as each repeating instrument's corresponding custom repeating instrument label. For longitudinal projects, the unique event name is also returned for each repeating instrument. Additionally, repeating events are returned as separate items, in which the instrument name will be blank/null to indicate that it is a repeating event (rather than a repeating instrument).
  • Improvement: New "compact" option for PDFs of forms/surveys in which a compact-formatted PDF is produced that excludes fields that have no data saved and excludes unselected multiple choice options, thus producing a smaller PDF file. (Note: Section headers and descriptive fields will still be included.) On all pages that offer a PDF download option, there is now an extra "compact" option. The REDCap::getPDF() developer method and the "Export PDF file" API method both have the compact option added as a new parameter that can be passed to the method.
  • Improvement: Minor aesthetic improvements in the display of PDFs of forms/surveys, such as divider lines between questions and gray background color for section headers.
  • Change/improvement: When adding/editing Automated Survey Invitations, the "Send after lapse of time" value for "days" may now be 4 digits in length (specifically up to 7300 days = 20 years), whereas previous versions limited the days unit to 3 digits. This change allows for a much longer wait time before sending the scheduled invitations. (Ticket #3082)
  • Bug fix: If attempting to enable the Twilio SMS and Voice Call services on a REDCap server that is not publicly available to the web (i.e., on a private network or behind a firewall), it would mistakenly allow the Twilio module to be enabled in a project even if the Twilio Request Inspector had not been disabled for the Twilio account being used.
  • Bug fix: If a survey is using "Save & Return Later" with the option "Allow respondents to return without needing a return code" enabled, then if a participant takes a survey using a public survey link and clicks the "Save & Return Later" button at the bottom of the survey, REDCap would mistakenly email them the public survey link rather than their private survey link which would normally allow them to return to their survey response to begin where they left off. The public survey link that gets emailed to them would mistakenly not allow them to continue their survey response.
  • Bug fix: If text data that contains line breaks/carriage returns is piped into another field value via piping inside an @DEFAULT action tag, the piped text would mistakenly contain HTML break tags (e.g., <br>) rather than proper line breaks/carriage returns.
  • Bug fix: If a project's "Character encoding for exported files" option (on the Edit A Project' Settings page) is set to "Chinese (UTF-8)", then the webpage would crash with a fatal PHP error whenever a user attempted to download a PDF of one or more data entry forms. (Ticket #32892)
  • Bug fix: When piping a radio button field into another field's label on the same instrument, if the piped field is modified on that page, thus instantly piping the new selected value's choice label, the choice label being piped would mistakenly be non-bolded text, even though the rest of the field label remains as bolded text.
  • Bug fix: For a project that utilizes the randomization module, if any of the strata fields being used in the randomization have field labels or field notes into which data is being piped, then the randomization dialog popup that displays these strata fields would mistakenly not have the data piped into their labels/notes. (Ticket #33282)
  • Bug fix: When a project contains repeating instruments, and a report is created that contains fields from a repeating instrument, the "Stats & Charts" view of that report might mistakenly display an incorrect number of missing values for fields on a repeating instrument. (Ticket #32078)
  • Bug fix: On a data entry form or survey that utilizes a calc field or certain action tags anywhere on the page, a random blank text field might mistakenly have a red sidebar appear on the input field for no reason.
  • Bug fix: If an External Module is utilizing the API endpoint URL, and a new REDCap version has been placed on the web server but the upgrade has not been completed yet, then the API endpoint would mistakenly redirect to the wrong place. (Ticket #33520)
  • Bug fix: For surveys that have no questions and have been set to "One section per page (multiple pages)" in their survey settings, it would mistakenly display the Form Status field on the survey page. (Ticket #33467)
  • Bug fix: In a production project in draft mode when adding a matrix of fields in the Online Designer and assigning it a matrix group name that already exists, it mistakenly allows the user to add that matrix group name, but then subsequently displays an error message when the whole matrix setup is saved. (Ticket #33661)
  • Bug fix: When using the Data Search feature on the "Add/Edit Records" page, the "Searching..." text/spinner would not accurately reflect the search request time but would mistakenly disappear on some long searches, thus making it appear that the search has completed when it actually has not. (Ticket #7805)
  • Various fixes for External Modules framework
  • The Help & FAQ page content was updated
  • Bug fix: When using the @TODAY or @NOW action tag for a field on a survey instrument, although the action tags will correctly insert the date/timestamp when the instrument is opened as a survey page, it would mistakenly not do this on the data entry form. Note: This only occurs on an instrument that has been enabled as a survey and is being opened as a data entry form when the field has no value. (Ticket #33609)
  • Bug fix: The "simultaneous users" check that prevents two different users from viewing the same record/instrument/event in the same project would not successfully stop a user from viewing the data entry form if the user already on the form performs one of the following actions: 1) upload a file onto a File Upload field, 2) download a file, 3) delete a file, or enter a value into the Secondary Unique Field (if enabled).
  • Bug fix: In certain rare cases, if a respondent clicks the download link for a File Upload field on a survey page, it might mistakenly display an error page rather than downloading the file.
  • Bug fix: When deleting a message in REDCap Messenger, in which a non-English language is being used for the system, it mistakenly would tell the user to type the translated version of the word "delete" for the local language; however it was instead expecting the user to literally type the English word "delete", not the translation of the word. For technical reasons, the English word must be typed, so the instructions have been changed to clarify this. (Ticket #34174)

Version 8.1.1 - (released 12/21/2017)

BUG FIXES & OTHER CHANGES:

  • Medium security fixes: Many Cross-Site Scripting (XSS) vulnerabilities were found in various pages in which a malicious user could potentially exploit them by manipulating the query string or POST parameters of an HTTP request.
  • General updates and improvements for External Modules framework, including the following bug fix: The "discoverable" setting for modules (set in the Control Center for a given module) was not quite working correctly, in which a regular user could navigate to the Project Module Manager page in their project and view all modules that have been enabled in the system, when instead they should only be able to view the modules that have been made discoverable.
  • Change: When field values get modified via the action tags @TODAY, @NOW, @LATITUDE, @LONGITUDE, and @USERNAME, it now displays the red side bar on the right side of the text field (just like calculated fields do when changed) to denote there was a value that changed. (Ticket #32537)
  • Change: The action tags @TODAY and @NOW will no longer hide the Today/Now button, will no longer hide the date-picker icon, and will no longer make the field read-only by default. From this version onward, users will need to additionally use @READONLY in order to accomplish those things. For backward compatibility, the REDCap upgrade process will automatically replace all instances of the @TODAY and @NOW action tags with "@TODAY @READONLY" and "@NOW @READONLY", respectively, to maintain the existing behavior for fields already using @TODAY and @NOW. (Ticket #32537)
  • Change: Updated a few PHP files that have old-style PHP class constructors that will not be compatible with upcoming versions of PHP 7
  • Bug fix: If a survey instrument contains a date or datetime field, in which a respondent completed the survey and left the date/datetime field blank, and then afterward a user added the @TODAY or @NOW action tag to the field, then if a user opened the response on the data entry form, it would mistakenly insert the current date value or current timestamp into the blank field even though the form was still in read-only mode (i.e., the user had not yet clicked the "Edit Response" button near the top of the form). (Ticket #32537)
  • Bug fix: If using the @MAXCHECKED action tag on a checkbox on a survey that has the "enhanced radio buttons and checkboxes" option enabled, it would mistakenly not work correctly, in which it would invisibly prevent the respondent from selecting more checkboxes than the action tag allows, but it would *appear* to allow more selections to be checked than allowed. So it sort of works but does not note to the respondent that it is working as advertised.
  • Bug fix: When using repeating instruments in a multi-arm longitudinal project, in which a record exists in multiple arms at the same time, it would mistakenly display the tables of repeating instrument data from other arms at the bottom of the Record Home Page for a given record. It should only be displaying tables for repeating instances from the current arm, not from other arms. (Ticket #32284)
  • Bug fix: If the path to the hook functions file contains a dash/hyphen, it would mistakenly cause REDCap Hooks not to be called. (Ticket #32336)
  • Bug fix: If viewing the drafted changes page for a production project, in which a multiple choice field's choices do not have a space immediately after the comma that follows the coded value for a given choice (e.g., "1,one", as opposed to "1, one"), then if a user clicks the Compare button in the drafted changes table on that page, it would mistakenly not display any of the choices for the field in the resulting dialog popup that is opened.
  • Bug fix: If using the Data Search feature on the "Add/Edit Records" page in a project, in which there exists a lot of matches for the search term entered by the user (e.g., if the project has lots of records) *and* the project has either Custom Record Labels or Secondary Unique Field enabled, then REDCap would mistakenly cause way too many queries to be made to the database, which could cause a major load on the database server. (Ticket #31544)
  • Bug fix: If exporting a Project XML file for a project that contains repeating instruments, in which a repeating instrument existed beforehand but has since been deleted, that instrument would mistakenly still persist in the <redcap:RepeatingInstrumentsAndEvents> section of the Project XML file. However, this would not affect anything if using the Project XML file to create a new REDCap project (i.e., the instrument would still remain deleted).
  • Bug fix: If an administrator is on the "Security & Authentication" page in the Control Center, and the cursor is placed in either of the two text boxes for entering IP address ranges for Two Factor Authentication, if the text box is left blank for those, it would mistakenly display a prompt saying that the IP ranges entered are not correct, which would keep popping up and could only be resolved by refreshing the page.
  • Bug fix: Text displayed on a few certain buttons and icons would mistakenly get truncated for non-English languages, especially French. (Ticket #32668)
  • Bug fix: When using the @NONEOFTHEABOVE action tag on a checkbox that is inside a matrix, when it displays the confirmation dialog asking the user to clear out the other checkbox selections, it would mistakenly not display that choice's label correctly in the dialog. (Ticket #32748)
  • Bug fix: For certain server configurations or certain versions of PHP, any branching logic or calculations that are not syntactically correct might mistakenly produce fatal PHP errors. (Ticket #32486)
  • Change: For projects utilizing the Twilio telephony services for surveys, extra informational text has been added to inform the user that Action Tags do not operate on SMS surveys or Voice surveys, which may have been unclear in previous versions due to lack of documentation. This extra text has been added to the Action Tag popup that lists all the Action Tags, and it has also been added to the "Analyze surveys for SMS & Voice Calls" popup, in which it will display a notice for any field that has Action Tags.

Version 8.1.0 - (released 12/11/2017)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New action tag: @MAXCHOICE
    • Causes one or more specified choices to be disabled (i.e., displayed but not usable) for a checkbox, radio button, or drop-down field after a specified amount of records have been saved with that choice. For example, @MAXCHOICE(0=50,1=75,2=50) would imply that once 50 records have selected the '0' coded choice, that choice will become disabled for any record viewed afterward that does not have that choice saved, such as when the form/survey is opened for a new record, and thus 75 records for choice '1', 50 for choice '2', etc.
    • The format must be the action tag name followed by the choice designations inside parentheses, in which each will follow the format of ChoiceCode=MaxCount with each choice separated by commas. Note: For longitudinal projects, when counting the number of choices saved for records, it will treat all events as separate, meaning that in the example above, choice '0' can have a max number of 50 selections in EACH event in the project.
    • Note: This action tag not only gets employed when a form or survey is loaded but also when a form or survey is submitted in order to prevent users/respondents from going over the max amount specified. If a user submits a form/survey, at which point the maximum has been reached due to simultaneous users entering data just before them, it will not save that field’s value (but will save all the other fields on the form/survey), and it will reload the form/survey and tell the user to make another selection for the field.
  • New action tag: @MAXCHECKED - Allows a checkbox field to have a maximum number of checkboxes that can be checked. If other checkbox options are clicked after the maximum has been reached, those choices will not be able to be checked. The format must be @MAXCHECKED=#, in which # is a positive integer. For example, @MAXCHECKED=3 will allow a maximum of 3 checkbox choices to be checked. NOTE: This action tag can only be utilized by Checkbox fields, and it does not get enforced during data imports.
  • New feature: New option to allow respondents to return to a partially completed or fully completed survey response without needing a return code. When enabling "Save & Return Later" for a survey on the Survey Settings page, it will still default to requiring a return code in order for a respondent to continue the survey where they left off. But a user may opt to allow respondents to return to and continue their survey with only the survey link (i.e., without needing a return code in addition to the link) to view and modify their previous responses on that survey. Note: A warning exists in bold text in the informational popup for this feature that states the following: "If you are collecting identifying information (e.g., PII, PHI), for privacy reasons it is HIGHLY recommended that you leave the option unchecked so as to enforce a return code."
  • Change: For PDF exports of data entry forms with data, if a field that is normally removed from exports due to users having export rights of "De-Identified" or "Remove all tagged Identifier fields" is being used in the Custom Record Label or Secondary Unique Field value in the PDF file, that field value will no longer be piped in the PDF file but will instead be redacted (i.e., replaced with the text "[*DATA REMOVED*]"). This change is made to increase security/privacy regarding de-identification of data in data exports.
  • Bug fix: When clicking the "Erase all data" button on the Other Functionality page when utilizing surveys in a project, on some occasions it may mistakenly return an error message saying that it could not delete all data, even though it did successfully delete all project data.
  • Bug fix: REDCap Messenger would sometimes mistakenly open when navigating to a new page even though it was just closed, and sometimes it would close on a new page when it was just opened on the previous page.
  • Bug fix: If a user is on a data collection instrument that has been enabled as a survey, in which the record has not yet been created, if the "Save & Mark Survey as Complete" button is clicked on the data entry form, it would save the form but would mistakenly not set the survey as complete. (Ticket #31784)
  • Bug fix: If a user is on a data collection instrument that is a repeating instrument and has also been enabled as a survey, if the "Save & Mark Survey as Complete" button is clicked on the data entry form, it would save the form but would mistakenly not set the survey as complete for the correct repeat instance of the instrument.
  • Bug fix: When viewing the drafted changes in the Project Modification Module of a production project, if a field has branching logic that is being modified, in which neither the old nor the new branching logic has spaces and both are longer than 90 characters, then the logic text might not display correctly in the table on that page. (Ticket #31765)
  • Bug fix: If a project previously had repeating instruments or repeating events enabled, in which some repeating data was collected, after which repeating instruments/events was disabled, both the Record Status Dashboard and the left-hand project menu might mistakenly display an incorrect status icon (the "stack" status icon) for a non-repeating instrument/event.
  • Bug fix: When creating a project by importing the REDCap project XML file that was exported from another project, it would mistakenly remove all carriage returns/line breaks in field labels. (Ticket #31908)
  • Change: Changed the word "approve" in the production changes email sent to REDCap administrators so that it is now replaced with "review & approve" for clarity.

Version 8.0.3 - (released 12/1/2017)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: The datediff() function can now utilize the “now” variable as one of the two date/time parameters (in a similar way as the “today” variable). This is not only true for calc fields, but also for ASI logic, DQ rules, report filters, etc. You may use a time, date, datetime, or datetime_seconds field with the “now” parameter in datediff. Note: If using a date field with “now”, it will assume midnight (00:00) for the time component for the date field.
  • Improvement: Fields whose values have numbers with a comma as the decimal mark (e.g., "3,14" - European number format) now work in calculated fields. In previous versions, using a number with a comma would result in a blank returned value for the calc field. Note: The calculated value that is returned from a calculation will still have a dot/period as the decimal mark (if it contains a decimal), so in this way, it will convert into all calc field input values into dot/period format when performing the calculation, thus still returning numbers in dot/period format as all previous versions have.
  • Minor security fixes: Some Cross-Site Scripting (XSS) vulnerabilities were found in various pages in which a malicious user could potentially exploit them by manipulating the query string of an HTTP request.
  • Change: When piping field values into an @DEFAULT action tag when the piped value is blank/non-existent, it now no longer replaces the [variable] with "______" but instead replaces it with "" (i.e., nothing), which is viewed as more preferable since the value is being input as a field value. This is only true for piping specifically within the @DEFAULT tag and not for piping in general. (Ticket #23454)
  • Change/improvement: External Modules now supports modules with the module version in X.Y.Z format. In previous versions, only X.Y versioning was allowed.
  • Bug fix: The @HIDECHOICE action tag was mistakenly not hiding the choices of checkboxes or radio buttons on survey pages where the "enhanced radio buttons and checkboxes" option was enabled. It was only hiding them when the enhanced option was disabled. (Ticket #31001)
  • Bug fix: If a project in production status is in draft mode, and the Move Field icon is clicked for a field in the Online Designer in order to move a field, in which the field is the first field on a data collection instrument, then after being moved, the project's instruments might not display correctly in the Online Designer, such as making some fields not even viewable on any instrument in the Online Designer view. This issue would persist while still in draft mode, but would eventually resolve once the drafted changes were approved. Note: This issue would not affect how fields or instruments are displayed on data entry forms or survey pages when entering data.
  • Change: Account Managers no longer have the ability to delete administrator accounts (via the Browse Users page). Also, the following text has been added for clarification in the instructions on the "Designating REDCap Administrators and Account Managers" page: "Account managers have powers such as deleting users, which could thus impact projects, so this role in not intended to be delegated to those operating as project managers or ordinary users". (Ticket #26191, #31020)
  • Bug fix: If two users are simultaneously on the Online Designer or Data Dictionary page in a project in production status that is in draft mode, in which one user clicks the "Submit changes for review" button immediately after the other user clicks the "Remove all drafted changes" link, it would mistakenly delete all the fields in the project if the submitted changes were approved by an Administrator.
  • Bug fix: If a user enters data on a repeating instrument but fails to enter a value for a required field, and then the user clicks the "Ignore and go to next form" button in the "Some fields are required" prompt, in which the next form is *not* a repeating instrument, then it would mistakenly take the user to the next form but on an incorrect instance, which may cause some data to not get stored properly on that second form. When clicking the "Ignore and go to next form" button, it should always take the user to instance #1 of the next form unless the user is currently on a repeating event. (Ticket #29801)
  • Bug fix: When uploading a data dictionary containing calc fields, it might mistakenly display an error stating that some equations are not syntactically correct, which is ultimately caused due to line break characters from Mac Excel (as opposed to Windows Excel line breaks).
  • Bug fix: When clicking the H icon next to a field to open the Data History Widget on a data entry form, it would mistakenly omit any logged events for "Update record (API) (Auto calculation)". (Ticket #31362)
  • Bug fix: When downloading a PDF of a data entry form, on specific occasions it may mistakenly crash and return an error message saying "FPDF error: Interlacing not supported...". (Ticket #31101)
  • Bug fix: When downloading the Project XML file (metadata or metadata+data file), it might mistakenly duplicate a checkbox field's choices numerous times in the metadata section of the ODM XML file. (Ticket #29287)
  • Bug fix: When assigning a user to a user role on the User Rights page in a project, if the user is using certain versions of Internet Explorer, the "Notify user via email?" checkbox would sometimes mistakenly not get displayed after clicking the "Assign to role" button. (Ticket #30764)
  • Change: The field validation for North American phone numbers is now more permissible and allows a greater variety of numbers to be used, such as 8XX and 900 numbers.
  • Bug fix: When the survey login is used in a longitudinal project, if three fields are set to be the login field, in which the same field is used but on different events or arms, although it would save the settings correctly, if the survey login popup was later reopened after being saved, the event/arm drop-down for the login field #3 would mistakenly have the event/arm value of login field #1. (Ticket #18430)
  • Change: When clicking the "No Access" option for an instrument in Data Entry Rights when adding/editing a user's privileges on the User Rights page, it now automatically deselects the "Edit survey responses" checkbox if the instrument has been enabled as a survey.
  • Bug fix: When using other languages as the stock text for a project, a JavaScript error may occur on the Survey Settings page for an instrument when a user attempts to set "Send confirmation email" as "No" after first setting it as "Yes", which may prevent the section from closing or re-opening. (Ticket #30713)

Version 8.0.2 - (released 11/17/2017)

BUG FIXES & OTHER CHANGES:

  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was found in a page used by various functionality dealing with user accounts, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request. (Ticket #30806)
  • Change: The REDCap::evaluateLogic() method was changed slightly with regard to what it returns. This has been changed so that if the logic parameter string is not syntactically correct or if any of the parameters are invalid (e.g., record or event does not exist), it will now return NULL. In previous versions, it would return FALSE in this case, which made it difficult to troubleshoot issues with incorrect parameters being used.
  • Change: For added flexibility, the Survey Queue setup dialog in the Online Designer will now display the project's first data collection instrument (assuming the instrument has been enabled as a survey), whereas previous versions did not allow the first instrument to be enabled in the Survey Queue.
  • Change: When viewing a repeating instrument's data entry form for a record in a project, the "current instance" drop-down displayed near the top of the page no longer displays the instance number in a fraction format where it shows the total instances following by a slash (e.g., 2/5). It now only displays the instance number (and the custom label, if defined). This was changed because it led to confusion in cases where some instances were deleted, thus leaving gaps in the middle but still showing the max instance as the total instances, which is not the same thing and is confusing.
  • Bug fix: For some server configurations, if the Configuration Check page recommends that the administrator replace some outdated non-versioned files, the resulting zip file that they download might be corrupted due to gzip compression issues. (Ticket #30569)
  • Bug fix: When a user is viewing the Data Export Files tab on the File Repository page in a project, and they set the "filter by" drop-down to Stata, R, SPSS, or SAS, then in the results displayed in the table below, the Data CSV file would mistakenly not be downloadable. (Ticket #30578)
  • Bug fix: When creating a new Data Quality rule that is attempting to find blank values (via [field]=""), if all the fields being referenced in the rule logic are blank/null for a given record, the rule would mistakenly not return any discrepancies for that record. (Ticket #30655)
  • Bug fix: When viewing the Configuration Check page in the Control Center, if the "mbstring" PHP extension is not installed on the web server, it would mistakenly throw a fatal PHP error on that page during the "able to send emails" check. (Ticket #30657)
  • Bug fix: In longitudinal projects that utilize the survey queue to display surveys across multiple events, the survey queue would mistakenly order the surveys by instrument order rather than by event order. This has been fixed so that it now orders surveys in the queue by event order so that all the surveys in a given event are grouped together. (Ticket #30704)
  • Bug fix: When a survey is enabled in the survey queue in a longitudinal project, and then that survey instrument is removed from a given event (via the Designate Instruments page), thus orphaning the survey-event in the survey queue, if no other survey-events are enabled in the survey queue, then the Survey Queue button in the Online Designer might mistakenly still have a green checkmark icon next to it, even though no survey-events are enabled in the queue anymore. Also, in this case the survey-event may mistakenly get displayed in a record’s survey queue when the survey is no longer designated for that event.
  • Bug fix: When the survey login is used in a longitudinal project, if multiple fields are set to be the login field, in which the same field is used but on different events or arms, then it would mistakenly not save both instances of the field but would only save one. (Ticket #18430)

Version 8.0.1 - (released 11/9/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: Added new plugin/hook/module method named REDCap::evaluateLogic(), which returns whether a string of logic (e.g., branching logic) evaluates as true or false based on the data of a given record in a given project.
  • Improvement: New "clickjacking prevention" option at the bottom of the "Security & Authentication" page in the Control Center allows administrators to enable this option if they want to prevent REDCap pages from being embedded in external websites (e.g., embedding a survey page inside an iframe on another website). Preventing clickjacking is often regarded as an improvement to security. Note: If you wish to allow REDCap users to embed REDCap pages in external websites, do not enable this option but leave it as "Allow...".
  • Minor security fixes: Some Cross-Site Scripting (XSS) vulnerabilities were found in various pages in which a malicious user could potentially exploit them by manipulating the query string of an HTTP request.
  • Bug fix: When copying a project with surveys, the value of the "Allow participants to download a PDF of their responses at end of survey?" survey setting would mistakenly not get copied to the new project. (Ticket #28639)
  • Bug fix: When downloading a PDF of a data entry form with data, in which the user is downloading all forms for all records or all forms for a single record, it would mistakenly not display the locking/e-signature timestamps in the PDF. (Ticket #29915)
  • Bug fix: When downloading a PDF of a survey response with data, on certain occasions it might mistakenly display incorrect survey completion timestamps in the PDF. (Ticket #29930)
  • Bug fix: On the Record Status Dashboard when clicking on the form status stack icon (representing multiple repeating instances of a form or event) in a longitudinal project that has multiple arms, it might mistakenly not display the floating table of instances but instead would display a horizontal black line after clicking the icon. (Ticket #29927)
  • Bug fix: In longitudinal projects using repeating events, the Record Home Page might mistakenly display some form status icons in the wrong column in the table for records that have more than one instance saved of a repeating event. (Ticket #30077)
  • Bug fix: When one or more fields in a matrix contain certain special characters in their field label, it might prevent the "Edit Matrix of Fields" popup from being displayed after clicking the pencil icon on the Online Designer. (Ticket #30250)
  • Bug fix: On certain occasions, rule E in the Data Quality module will mistakenly return discrepancies that have blank/null values, which should never be returned when running rule E. (Ticket #14976, #28576)
  • Bug fix: If a Notes field is using the @READONLY action tag, the "expand" link displayed on the survey or form below the text box would mistakenly not work. (Ticket #30433)
  • Bug fix: If a project is utilizing the randomization module, and the randomization field somehow already has a value saved for it prior to a given record being randomized, then it will now disable that field on the data entry form and prevent the record from being randomized. (Ticket #30427)
  • Bug fix: If a project that has repeating instruments or repeating events is using the Data Resolution Workflow module, and a value is marked as Verified on the first instance of a repeating instrument/event, then if a value is changed on another instance of that instrument or event, respectively, then it would mistakenly De-verify the field on the first instance rather than on the current instance. (Ticket #30457)
  • Bug fix: If a project that has repeating instruments or repeating events is using a Data Quality rule with Real-time Execution enabled, if the DQ rule finds discrepancies when saving a repeating instrument/event, in which the user is not on the first instance, then in the DQ discrepancy popup, it might mistakenly display some data values from the first instance of the instrument/event rather than from the current instance. (Ticket #30477)
  • Bug fixes were addressed in the External Modules framework, such as some modules throwing a PHP error when being enabled, and its TinyMCE rich text editor was upgraded.
  • Bug fix: Fixed typo in "Branching Logic Errors Exist!" popup

Version 8.0.0 - (released 11/3/2017)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: External Modules
    • External Modules are individual packages of software that can be downloaded and installed by a REDCap administrator. Modules can extend REDCap's current functionality, and can also provide customizations and enhancements for REDCap's existing behavior and appearance at the system level or project level. Modules can utilize REDCap hooks and also can have REDCap plugin pages as part of them.
    • A new page in the Control Center allows administrators to navigate to the REDCap Repo (Repository of External Modules) and download any module listed in the REDCap Repo. Only administrators may enable modules, either at the system level or project level, although the permissions regarding who can configure a module (after it has been enabled for a project) is something that can be set at the module level by an administrator on the Control Center’s Module Manager page. Each module has its own set of configuration options, which are all defined by the creator of the module.
    • If you or your users experience any issues with a given module, you are encouraged to notify the author of the module rather than posting a Bug Report on the REDCap Community site.
  • Improvement: On the Public Survey Link page in a project, a new button "Open Public Survey + Logout" has been added to increase security in case users want to open the public survey while ensuring that the participant cannot access their REDCap account in the other browser tab. (Ticket #29686)
  • Bug fix: The font size of any links that were placed in a survey's instructions, field labels, or acknowledgment text would appear too small if the survey was set with "Large" or "Very Large" text size.
  • Bug fix: Fixed typo in Data Import Tool
  • Bug fix: If a user is uploading a Data Dictionary containing a PROMIS CAT (computer adaptive test) survey, in which the CAT contains some multiple choice fields that have duplicate codings, it would mistakenly prevent the user from uploading the Data Dictionary. It should be ignoring duplicate codings in CATs.
  • Bug fix: If a user is uploading a Data Dictionary containing a PROMIS CAT (computer adaptive test) survey and the user modified the Choices column for a CAT field in the Data Dictionary, it would mistakenly accept those changes and allow the Data Dictionary upload to proceed, thus corrupting the CAT's field metadata. This would not affect participants taking the CAT in any way (i.e., the survey would still appear correctly when taking it), but it might cause the CAT not to display correctly when a user views a participant's CAT response on a data entry form afterward.
  • Bug fix: If a user enters data on a repeating instrument but fails to enter a value for a required field, and then the user clicks the "Ignore and go to next form" button in the "Some fields are required" prompt, in which the next form is also a repeating instrument, then it would mistakenly take the user to the next form but on the same instance number that the previous form was on, which may cause some instance numbers to get skipped on the second form. When clicking the "Ignore and go to next form" button, it should always take the user to instance #1 of the next form if the next form is a repeating instrument.
  • Bug fix: Improving compliance with SMTP email servers by added a space after the "Cc:" and "Bcc:" email headers since some SMTP servers might reject emails sent from previous REDCap versions, which had no space in those headers. (Ticket #3943)
  • Bug fix: When editing or adding a calc field in the Online Designer, it would mistakenly still show the results in the section "test calculation with a record" if that option had just been used for another calculated field that was being edited or added previously while on that page, thus mistakenly showing results that do not correspond to the current field being edited/added (Ticket #29682)
  • Bug fix: When opening the Automated Survey Invitation setup popup in the Online Designer, if a particular ASI has been set as "inactive" beforehand, then when the popup opens, it would mistakenly display all the ASI setup options as blank as if it had never been set up before. (Ticket #29765)
  • Bug fix: When the Project Modification Module displays a list of "fields to be deleted", it would mistakenly truncate the count of records/events that would be affected by the field being deleted. (Ticket #29770)
  • Bug fix: If a user opens a data entry form on a repeating event, it would mistakenly never enable the Survey Options at the top right of the page, even if the form has been saved already. (Ticket #29857)
  • Bug fix: When using Twilio telephony services for surveys and then opening the "Analyze surveys for SMS & Voice Calls" popup on the Project Setup page, it would incorrectly say that no surveys have been enabled (even though they have) if the user had failed to check at least one of the checkbox options under the "Choose survey invitations types to use" section in the Twilio configuration. (Ticket #18658)
  • Bug fix: When adding/editing the logic for a Data Quality rule, in which the logic contains a "less than" (<) character followed immediately by a function name (e.g., round) - i.e., without a space between the "<" and the function name, then the rest of the logic would get truncated when displaying the logic in the table of Data Quality rules. (Ticket #30088)

Version 7.6.10 - (released 10/25/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: Emails sent from REDCap now follow a more standardized format by including both HTML text and plain text in each email, thus making emails a bit more likely to be received by their recipients without them getting flagged as spam.
  • Major bug fix: If a user is in REDCap Messenger and using the "Search by person" option in the Search Conversations feature, then after selecting a username to search on, if the user being searched for has a conversation that has the *exact* same title as one of the current user's conversations' titles, then it would return the other user's conversation in the result (and mistakenly allow its messages to be viewed by the current user) even if the current user does not have access to that conversation. This bug is very rare since it requires using the "Search by person" option (as opposed to the "Search by keyword" option) while also requiring that both users have access to a conversation that is different but has the exact same title.
  • Bug fix: Data Resolution Workflow popup dialog might mistakenly appear empty if some comments or logged events contain certain special characters. (Ticket #29391)
  • Bug fix: The Record Home Page would not display some form status icons correctly for repeating instruments in which the first instance of the instrument does not exist - most likely because it was deleted at some point. (Ticket #28821)
  • Bug fix: The tables of repeating instruments displayed at the bottom of the Record Home Page might not display in the correct order.
  • Bug fix: If field labels contain certain special characters, then when creating/modifying a report, the auto-suggest feature when typing variable names in Step 2 or 3 would mistakenly not work. (Ticket #29354)
  • Bug fix: Confusing text is mistakenly displayed for the instructions on the "Request delete project" button on the Other Functionality page in a project that is in production status. (Ticket #29355)
  • Bug fix: Confusing text is displayed when in draft mode in a production project after a data dictionary has been uploaded. It now states explicitly that the changes have been made to the draft and thus have not been committed to the live version of the project. (Ticket #29430)
  • Bug fix: The Publication Matching module would mistakenly treat a PI's email address as separate emails if it was found to be typed in different cases (lower vs upper) in different REDCap projects. This would cause some PIs to receive emails saying that they had publications to review in REDCap, but it would say "0 publications" when they clicked the link in the email to open the page. Note: While this should fix the issue going forward, it may not fix it for publications already pulled from PubMed for the PIs. (Ticket #29381)
  • Change: For PDF exports of data entry forms with data, if a field that is normally removed from exports due to users having export rights of "De-Identified" or "Remove all tagged Identifier fields" is being piped into a label, field note, etc. in the PDF file, that field value will no longer be piped in the PDF file but will instead be redacted (i.e., replaced with the text "[*DATA REMOVED*]"). This change is made to increase security/privacy regarding de-identification of data in data exports.
  • Bug fix: When submitting data on a data entry form or survey page, the server-side validation mistakenly does not check the values submitted for an "SQL" type field. (Ticket #29401)
  • Bug fix: If a File Upload field has a file uploaded for it but also has the @READONLY action tag, the link to download the file would mistakenly be disabled, thus preventing users from downloading the file. The download link should be enabled to allow users to download the file. (Ticket #29484)

Version 7.6.9 - (released 10/18/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: Updated the Help & FAQ page with new content.
  • Major bug fix: Users could not create new user roles or edit user roles in a project. Bug was introduced in version 7.6.8. (Ticket #29067)
  • Major bug fix: Automated Survey Invitations would mistakenly not get scheduled for longitudinal projects where the conditional logic contains datediff+today and also contains cross-event logic in which one of the events has no data (i.e., empty event of gray status icons). This same issue would also occur for custom Data Quality rules, in which it would mistakenly not return any discrepancies for records if the rule logic contains datediff+today and also contains cross-event logic in which one of the events has no data. (Ticket #28516)
  • Minor security fix: While REDCap already protects against BREACH attacks by outputting invisible random text of random length onto each web page, it was mistakenly not protected if 302 redirect requests inside REDCap were being analyzed. (This refers to the few scripts in REDCap that serve as a pass-through by outputting an HTTP 302 status code and merely redirect the user to another page.) To prevent BREACH attacks through analysis of REDCap's 302 redirects, it now outputs a new HTTP header with each request, in which the header's value is random text of random length. In this way, even 302 redirect requests will return with a random content-length each time.
  • Bug fix: A fatal PHP error can occur on every project page if the REDCap web server is running PHP 5.3 or 5.4. This appears to only occur if the External Modules beta version is installed on the REDCap server. (Ticket #28628)
  • Bug fix: If a survey queue is set up in a longitudinal project, and then the event-form designations are modified afterward, it might mistakenly display some surveys in the survey queue that should not be displayed. (Ticket #28696)
  • Bug fix: If a report is being sorted by the record ID field in descending order, and the project has record auto-numbering enabled but some of the record names are not numerical (because they were created via a data import or before record auto-numbering was enabled), then the report would fail to order the results correctly. This occurs because the report would falsely assume that all record names were numerical merely because record auto-numbering was enabled, in which case it would try performing a numerical sort, which does not work as expected with non-numerals. REDCap now only attempts to perform a numerical sort of the sort fields if the fields are truly numbers (i.e., have "number" or "integer" validation or are a slider or calc field).
  • Bug fix: The cron job to trigger Automated Survey Invitations that have datediff+today in their conditional logic would stop suddenly if any ASI logic was syntactically incorrect, thus preventing other later ASIs in that same project from getting run. Additionally, the cron job might mistakenly be checking ASIs that had been disabled. (Ticket #28516)
  • Bug fix: A fatal PHP error can occur on every project page if the REDCap web server is running PHP 5.3 or 5.4. This appears to only occur if the External Modules beta version is installed on the REDCap server. (Ticket #28628)
  • Bug fix: For longitudinal projects with multiple arms and with repeating instruments, on the Record Home Page or Record Status Dashboard when clicking on the form status "stack" icon for a repeating instrument with multiple instances saved, it would mistakenly not display the floating popup list of all the instances for that instrument but would instead display an empty box. (Ticket #28970)
  • Bug fix: The Safari browser might mistakenly throw JavaScript errors on survey pages.

Version 7.6.8 - (released 10/10/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: When a calc field's value is changed, it will now display a red border on the right edge of the calc field's text box to subtly indicate that the displayed value is different from the stored value in the database. And if the calculated value gets changed so that its value matches the stored value again, the red border will disappear. This will help users make note of when calculations have been triggered and if there is any disparity between the displayed value and the stored value.
  • Major bug fix: If a calculated field in a longitudinal project is using cross-event calculations, in which at least one of the fields in the calculation has a prepended event name (e.g., [enrollment_arm_1][field]) while also one of the fields does not have a prepended event name (e.g., [feld]), then even though the calculated value displayed on the form/survey appears correct prior to saving, the field might mistakenly get saved with a blank value when pressing the Save button. This would not be noticeable by the user when entering data but only seen in a report/export or when running Data Quality rule H. Note: This issue does not appear to affect Automated Survey Invitations, calculations performed during data imports, or Data Quality rule H, but it only occurs when saving data on data entry forms and surveys in this very specific scenario described above. To fix this issue after upgrading REDCap, the user can run Data Quality rule H in the project, or an administrator can use the "Find Calculation Errors in Projects" page in the Control Center to find any affected projects.
  • Bug fix: If the PHP memory_limit configuration setting was set in units of "G" (for gigabytes) in the PHP.INI file, it would get interpreted incorrectly when attempting to increase PHP memory allocation.
  • Bug fix: When printing out a survey containing responses where some "enhanced radio buttons and checkboxes" have been selected on the survey, it would be confusing in the printout as to which choice was selected. (Ticket #28111)
  • Bug fix: Project pages would not render correctly due to JavaScript errors occurring on every page if the using Internet Explorer 8. (Ticket #28178)
  • Bug fix: When viewing a read-only survey response on a data entry form (i.e., prior to clicking the "Edit response" button), if a calculated field's value changed when the page loaded, then if the user attempted to close the browser tab or clicked a link to navigate to another page, it would mistakenly prompt them with the "Save your changes?" dialog. It should only prompt them with that dialog if they were in edit mode for that survey response.
  • Bug fix: When the Data History popup for a field on a data entry form, if two events for the field occurred at the same exact time, such as saving data with an auto-calculation event right after, those two events might mistakenly not be displayed in the correct order in the popup.
  • Bug fix: When using Table-based authentication and a user is asked to set up their password recovery question, their email address would not get displayed correctly inside the prompt if their email address contains an apostrophe, in which this would prevent them from fully setting up their recovery question. (Ticket #28439)
  • Bug fix: When a data export takes more time to complete than the set auto-logout time for REDCap, it would mistakenly prevent the data export from completing fully because the "Your REDCap session has expired" dialog would appear on the page even if the user is actively moving their cursor around or clicking on the page, which normally restarts the auto-logout timer to prevent the auto-logout from occurring while a user is still active on a page.
  • Bug fix: When using the Data Resolution Workflow module in a project containing repeating instruments while also using Data Access Groups, some of the charts displayed on the the Resolution Metrics page, specifically "Number of open queries (by data access group)" and "Number of closed queries (by data access group)", would mistakenly display incorrect counts in the chart. This issue was supposed to have been fixed in the previous release but mistakenly was only partially fixed.
  • Bug fix: If the Data Resolution Workflow (DRW) is enabled on a project, and a user has DRW user privileges but does not have Data Quality user privileges, then the "Data Quality" link would mistakenly be displayed on the left-hand menu. (Ticket #28514)
  • Bug fix: When importing data via the Data Import Tool or API import records method, if a variable in the import mistakenly had some uppercase letters when all letters should be lowercase, the error message to the user would omit those uppercase letters when displaying the incorrect variable names to the user, thus making it difficult to understand the error message to learn what is wrong. (Ticket #28293)

Version 7.6.7 - (released 10/2/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: If using "LDAP & Table-based" authentication and an LDAP user logs in to REDCap when a Table-based user account already exists under the same username (i.e., a username conflict), then the LDAP user would mistakenly get successfully authenticated into REDCap and would be able to view and access all the other user's projects as if they were the other user. This has been changed so that now if a username conflict occurs, in which a Table-based username is the same as a valid LDAP user's username, then when the LDAP user attempts to log in, REDCap will not allow them to log in but will give them an informational note about the username conflict and will recommend that they contact their local administrator about how to resolve the issue.
  • Major bug fix: When using the REDCap mobile app to import data for auto-numbered records into a project in REDCap that is on version 7.6.4, 7.6.5, or 7.6.6, under very specific circumstances it might not perform the record-autonumbering correctly during the import process and might mistakenly overwrite an existing record on the server with data from a new record from the mobile app. Upgrading a user's REDCap mobile app to the latest version will prevent this issue, and upgrading REDCap to versin 7.6.7 will also prevent this issue going forward.
  • Bug fix: If the Rate Limiter on the General Configuration page in the Control Center is set to "0" or a blank value, it would mistakenly ban the IP address of every user that attempted to use REDCap.
  • Bug fix: In a multi-arm longitudinal project using the Scheduling module, in which a record has been scheduled for more than one arm, the "View or Edit Schedule" page's record drop-down list would mistakenly display the record only for a single arm rather than for all arms for which it had been scheduled.
  • Change: Added a new flag on the General Configuration page in the Control Center to note if the REDCap server is a development/test/staging server (i.e., a non-production server). If the server is indeed flagged as a development/test/staging server, then REDCap will enable full PHP error reporting, thus outputting all PHP errors to the user interface in the event of an error. This can be used to aid developers or other technical folks when troubleshooting certain REDCap errors or PHP issues.
  • Bug fix: When exporting data to a statistical analysis package (i.e., SAS, SPSS, R, Stata), if the project contains Data Access Groups and also Repeating Instruments/Events, it would mistakenly list the DAG field and Repeating Instrument/Instance fields in the wrong order in the stats package's syntax file that gets generated. This would prevent users from loading the data into the stats package. (Ticket #27883)
  • Bug fix: If a user fails to enter data for a required field that exists on a repeating event, then when the required field popup prompt is displayed, if the user clicks the "Ignore and go to next form" button, it would mistakenly redirect them to the first instance of the event rather than to the current instance. (Ticket #27891)
  • Bug fix: When using the Data Resolution Workflow module in a project containing repeating instruments while also using Data Access Groups, some of the charts displayed on the the Resolution Metrics page, specifically "Number of open queries (by data access group)", "Number of closed queries (by data access group)", "Avg time to query resolution (by data access group)", and "Avg time for query response (by data access group)", would mistakenly display incorrect counts in the chart. (Ticket #27888)
  • Bug fix: When viewing drafted production changes for a project on the Control Center's To-Do List page, if a user clicks the Compare button next to a multiple choice field that has been modified inside the popup, then when they close the popup (which is a popup inside a popup), it would also mistakenly close the whole To-Do List popup (the parent popup), thus causing the user to have to re-open it again. This issue has been fixed for Chrome, Safari, and IE 11. Note: There is currently no known way to fix this bug for Firefox or older versions of IE at this time, unfortunately. (Ticket #27915)
  • Bug fix: If a Data Quality rule has been created and is set with the Real Time Execution (RTE) option, the DQ rule would fail to perform RTE on a data entry form if the form exists on repeating event, in which it would mistakenly not report any discrepancies that exist. This only occurs on repeating events but not on repeating instruments (Ticket #27960)
  • Bug fix: If data from a Notes field is being piped into a label of another field, then if the text itself contains line breaks, that text would mistakenly have double line breaks for each single line break when exporting a PDF of the instrument with data. (Ticket #27983)

Version 7.6.6 - (released 9/27/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When using Automated Survey Invitations in a longitudinal project, under certain conditions ASIs with datediff+today would mistakenly not get evaluated, and thus invitations would not get scheduled/sent. This might have occurred with the second or more invitation for an instrument configured across more than one event between versions 7.4.0 and 7.6.6.
  • Minor security fix: When sending emails of any kind, REDCap now performs an extra validation on the From email address of the email being sent to ensure it is a valid email address, thus preventing any kind of injection by malicious users like those seen in the PHP mail issues CVE-2016-10033 and CVE-2016-10045.
  • Bug fix: When logging into REDCap using a mobile device, the error message would mistakenly not display if an invalid username or password was entered, which could be confusing as to why the login failed. On non-mobile devices, the error message displays properly.
  • Bug fix: When viewing surveys in the Safari browser in which the survey's "Size of survey text" is set to "Large", checkboxes and radio button fields would mistakenly not display correctly and would overlap one another a little.
  • Bug fix: When using the Survey Login on a survey that has the "Save & Return Later" option disabled, it would mistakenly display the "Save & Return Later" at the bottom of the survey page if the participant had just logged in via Survey Login. (Ticket #27389)
  • Bug fix: The Record Home Page and Record Status Dashboard could load unreasonably slowly for projects containing lots of fields, many of which have stored data values. (Ticket #27161)
  • Bug fix: When clicking the "unlock all instruments" link on a multi-arm longitudinal project's left-hand menu while viewing a record belonging to an arm that is not on the first arm, it would mistakenly not unlock all the locked instruments for that record. (Ticket #27740)
  • Bug fix: When piping data into a label, in which the data being piped contains text that looks similar to HTML tags but is not an actual HTML tag (e.g., "hello <123>"), the text inside the <...> would get mistakenly removed from the downloaded PDF file of the data collection instrument with data. (Ticket #27467)

Version 7.6.5 - (released 9/22/2017)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: Attach PDF of responses in confirmation email - When using the “Send confirmation email” option on the Survey Settings page for a survey, that section now contains an additional option to “Include PDF of completed survey as attachment”, which will add the PDF of their responses sent to the participant in their confirmation email. This new option contains the following warning as a reminder to users: “WARNING: Since email is not considered a secure form of communication, the PDF attachment option is NOT recommended if the survey contains questions asking for identifying information (e.g., PHI).”.
  • Minor security fix: A Blind SQL Injection vulnerability was found on the User Access Dashboard page in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Minor security fix: Modified how files get deleted in a project's File Repository so that a POST parameter is used instead of query string parameter, which could subvert Cross-site Request Forgery (CSRF) protection.
  • Bug fix: REDCap Messenger was mistakenly not disabled in public projects (i.e., having no authentication enabled). Because public projects do not utilize REDCap authentication and thus store session information differently than regular projects, REDCap Messenger will be permanently disabled from inside a public project.
  • Bug fix: When the Data Resolution Workflow module is enabled in a project, and a user is viewing the DRW popup that details the history of a data query, if a user that contributed to that data query has since been deleted from the system, then it would display a blank value where their username would be in the popup history. It now says "[User deleted from system]" if the user has been deleted from the system since it is not possible to determine the username of the deleted user for that event. (Ticket #26835)
  • Bug fix: When a respondent is viewing the Stats & Charts after completing a survey, the Download Image button would fail to download an image of the chart. (Ticket #27072)
  • Bug fix: When using the Randomization module in a project and randomizing a record, strata fields that are radio buttons would mistakenly not display correctly in the randomization popup but would have the choice label overlaying the radio button itself. (Ticket #27030)
  • Bug fix: When the text-to-speech feature is enabled on a survey, clicking the speaker icon next to a survey question in order to have it speak the text would mistakenly cause the question choice to become selected/unselected for radio buttons and checkbox fields. (Ticket #27103)
  • Bug fix: When downloading a data dictionary snapshot from the Project Revision History page, if the dictionary contained any UTF-8 encoded characters, then the snapshot might not open correctly in some CSV viewers, such as Microsoft Excel, in which those UTF-8 characters would get mangled and be unreadable, whereas the normal data dictionary download (i.e., non-snapshot CSV) would open correctly and could be viewed normally with no mangling of characters.
  • Bug fix: The data import process (Data Import Tool or API) would mistakenly prevent users from importing a value for a checkbox field that has a negatively valued choice (e.g., "-1"), in which it displays an erroneous error. This appears to only occur in longitudinal projects. (Ticket #16235)
  • Bug fix: When deleting a file for a File Upload field by 1) individually deleting it on a data entry form, 2) deleting the whole data entry form's data via the Delete button at the bottom of the form, or 3) deleting a whole event's data (longitudinal projects only) for a record on the Record Home page, it would mistakenly not remove the file from the REDCap server after 30 days, even though the file appears deleted to the user. All "deleted" files should remain on the server for 30 days, after which they are deleted by a cron job, but in these scenarios, the files would mistakenly stay on the server forever as orphaned from the records to which they were originally attached. (Ticket #27303)

Version 7.6.4 - (released 9/13/2017)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: Record auto-numbering for data imports (Data Import Tool, API, and Mobile App). For the Data Import Tool, the user may enable the new setting “Force record auto-numbering”, and in the API, the new parameterforceAutoNumber=true can be used, which will create new record names that are auto-generated by REDCap during the import process. In an upcoming version of the REDCap Mobile App, the mobile app will provide this API parameter automatically for records created in the app that did not previously exist in the project on the server. Note: This feature can only be utilized for projects with record auto-numbering enabled. Also, a record number must still be provided as a placeholder during the data import (to associate multiple rows with the same record), but that record name will be automatically changed to a new record ID generated by REDCap.
  • Improvement: When adding new choices for a multiple choice field in the Online Designer, it will now display an error message if any choices have duplicate codings (e.g., two choices both coded as "4" - "4, Pink" and "4, 4"), thus letting the user know that they should remove any duplicates because duplicates will be automatically removed when saving the field.
  • Change: A record's survey queue now only displays surveys that have been explicitly enabled in the survey queue for the project. In previous versions, it would display all completed surveys for that record, regardless of whether they were enabled in the queue. From here on out, if a user wants a survey to appear in the queue, then it should explicitly be enabled in the queue when set up on the Online Designer page. (Ticket #25965)
  • Bug fix: When viewing the Data History popup for a field, in which the record has been added to multiple arms in the project but was deleted from at least one arm, no data would be displayed in the popup for the field mistakenly.Bug fix: In certain rare cases on the Project Modification Module for multiple choice fields, the Compare button would mistakenly not parse the old/new choices correctly and give strange results displayed on the page and in the comparison popup.
  • Bug fix: If a user clicks the Enter key on their keyboard while their cursor is in the report title text box on the Create New Report page, it would mistakenly open the User Access popup.
  • Bug fix: For certain web server configurations, using the Create Custom Survey Link button on the Public Survey Link page might mistakenly not create a short link successfully.
  • Bug fix: When attempting to upload a non-XML file on the CDISC ODM tab in the Data Import Tool page, it would mistakenly display an empty popup with no error text. (Ticket #26116)
  • Bug fix: When using the @NONEOFTHEABOVE action tag on a checkbox field, if a user clicks the option to trigger the "none of the above" prompt, then it would mistakenly not trigger calculations or branching logic on the page that are affected by the unchecking of some of those checkboxes. (Ticket #26328)
  • Minor security fixes: Some Cross-Site Scripting (XSS) and Blind SQL Injection vulnerabilities were found in the Calendar module and Online Designer, respectively, in which a malicious user could potentially exploit them by manipulating the query string of an HTTP request.
  • Bug fix: When clicking the "learn about Action Tags" link in the instructional text near the top of the Online Designer page (when viewing an instrument's fields), the popup displayed would mistakenly show the Add buttons next to each tag. It should not be showing those buttons except when editing a field.
  • Bug fix: In very specific use cases where a date or datetime field is utilized in a calculation to check if the date/time is blank or not blank, it might mistakenly not be able to parse the calculation correctly or (in some extreme cases) might result in an incorrect value. This would only occur if one of the following four scenarios exist inside an "if" statement's condition for a calculated field: 1) "...and [date]=''", 2) "...or [date]=''", 3) "...and [date]<>''", or 4) "...or [date]<>''".
  • Bug fix: When using the API Import Records method using "eav" format and importing data into fields that exist on a repeating instrument, it might return an erroneous error stating that the values for 'redcap_repeat_instance' and 'redcap_repeat_instrument' were not provided, which is incorrect.
  • Bug fix: When using both Repeating Instruments and Repeating Events in a project, on certain occasions the Record Home Page might mistakenly display a "stack" form status icon (representing multiple instances of data) for instruments that actually have no data. (Ticket #26094)
  • Bug fix: If an SQL field has choices with values that contain commas, apostrophes, or quotes, then in some cases the drop-down might mistakenly not have the correct value pre-selected for the field when a data entry form or survey page is loaded, in which the field would appear blank with no option selected. (Ticket #26176)
  • Change: When setting a new URL for a project's Data Entry Trigger, it would remove the URL from the text box if the URL failed to be verified as a valid web address. It now no longer removes the value from the text box on failure but leaves it as-is. (Ticket #26315)
  • Change: When a data export takes longer than three minutes, it provides an extra notice in the progress popup (i.e., "Exporting data...") that informs the user that the export process may possibly take longer than 30 minutes and recommends that they not stop then restart the process, as it may cause it to take longer than usual. This message is to prevent users from repeatedly attempting long data exports, which in some cases could create performance issues on the REDCap server.
  • Bug fix: After scheduling a record in the Scheduling module, the "View or Edit Schedule" page might mistakenly display some HTML tags (e.g., "<br/>") inside the Notes column when viewing a record's schedule. (Ticket #26550)
  • Bug fix: Exporting a PDF of an instrument that was downloaded from the REDCap Shared Library can cause a fatal PHP error if the project's "Character encoding for exported files" is set to "Japanese (Shift JIS)" or "Chinese (UTF-8)" on the "Edit A Project's Settings" page. (Ticket #26766)
  • Bug fix: When entering certain YouTube video URLs as a Descriptive field's external video, it might mistakenly not parse the URL correctly, thus causing the video not to be playable on data entry form or survey. (Ticket #26672)
  • Bug fix: After a REDCap administrator approves a production draft mode request, the To-Do List in the Control Center would mistakenly display the request time of the last production change for all the previous production changes that have been requested in the past for that one project. (Ticket #26635)
  • Change: In the CSV Labels export data set, it now translates the choice labels Yes/No, True/False, and Checked/Unchecked in the CSV file if the project's language has been set to another language other than the default English. (Ticket #26279)
  • Bug fix: If the record ID field in a project was used as a Survey Login field, it would malfunction and always get counted as correct during the login process, even if an incorrect value was entered by a participant. This would effectively allow participants to bypass the survey login if the record ID field was the only login field being used for survey login. To prevent this issue, the record ID field is now no longer allowed to be used as a survey login field. (Ticket #26456)
  • Bug fix: When using the Double Data Entry module on a longitudinal project with multiple arms, if a user is DDE person #1 or #2, they would mistakenly see all records (across all arms) in the record list on the "Add/Edit Records" page, when instead they should only see the records that belong to the currently selected arm. (Ticket #26371)
  • Bug fix: The Control Center text discussing where a project's grant number is displayed was incorrect and has been changed to "Name of grant to be cited (optional) - displayed when users export data". (Ticket #22780)
  • Bug fix: If the REDCap server's PHP.INI configuration has the post_max_size variable set in units of gigabytes ("G") rather than megabytes ("M"), it might display an erroneous error on certain occasions saying that it has "exceeded the REDCap server's maximum submission size". (Ticket #26966)

Version 7.6.3 - (released 8/23/2017)

BUG FIXES & OTHER CHANGES:

  • Bug fix: If a project contains one or more fields using the Biomedical Ontology functionality, and a user copies the project with all its records, then the Biomedical Ontology labels that were cached for the original project mistakenly do not get copied, which can cause the value to get accidentally erased on a data entry form or survey if a user places their cursor into the Biomedical Ontology field but does not re-enter the value. (Ticket #25451)
  • Bug fix: On the Control Center's System Statistics page, the "Responded" count under "Survey invitations sent" might be slightly inaccurate. (Ticket #25361)
  • Bug fix: If a field has branching logic that includes a calc field that itself is used by another calc field, then the complex chaining of branching and calculations might not get updated on the data entry form or survey page whenever a user modifies a field's value that triggers the original calculation. The result would be that some fields might not get hidden/displayed by branching logic on the page until the page is reloaded.
  • Bug fix: Fixed typo on Locking Management page.
  • Bug fix: If a user exceeds the maximum number of failed login attempts in a set period of time and thus gets temporarily locked out, it would mistakenly not allow them to log in even if an administrator had reset their password afterward. It would instead make them wait until after the lock-out window of time had elapsed before they could log in with their new password, which is incorrect and confusing. (Ticket #23516)
  • Bug fix: If a field has branching logic that utilizes the datediff function, then when a user is hand-entering a value for a date/datetime field used in that datediff function, it might mistakenly display a popup error stating "Calculation errors exist" at the point at which the user has typed only a partial value for the field. (Ticket #25418)
  • Change: For a repeating instrument or an instrument on a repeating event, in which the instrument is enabled as a survey, if the current instance of the repeating instrument/event has not yet been saved, then it will now disable the Survey Options drop-down list at the top of the data entry form until the form has first been saved. And if a user tries to click the drop-down before that repeating form/event has first been saved, it will tell them to click the "Save & Stay" button before they can access the Survey Options. This will prevent ghost/placeholder instances from appearing in the Participant List, which occurred in previous versions. The previous behavior was regarded as generally undesirable, although not necessarily considered a bug. (Ticket #21843)
  • Bug fix: In the add/edit user privileges popup on the User Rights page, where a user can click the "Explain these settings" link to open the "Settings pertaining to project records" popup, which that explains the Create Records, Rename Records, and Delete Records privileges, that popup contained information that was very outdated and no longer correct. That text has now been updated.
  • Bug fix: When a user is viewing drafted changes in the Project Modification Module of a project in production status, if any multiple choice fields have had a choice re-labeled or had a choice removed, then when clicking the Compare button for the field, the record count in the Choices Change Summary popup would not have correct counts for choices listed as Unchanged, in which Unchanged choices would always mistakenly have "0" for "Number of records having this value". (Ticket #25851)
  • Bug fix: When clicking the Create Custom Survey Link button on the Public Survey Link page in a project, some REDCap servers might have difficulty creating a custom link successfully because REDCap was making a call to http://is.gd rather than http://is.gd For better compatibility, this has now been changed so that the https address is always called.
  • Bug fix: When a user has been assigned to a Data Access Group (DAG) and is creating a new record, if record auto-numbering is disabled in the project and the user uploads a file for a File Upload field on a data entry form before clicking a Save button on the page to create the record, then if the user later leaves the page without saving their changes via a Save button, the record would mistakenly not get assigned to the user's DAG but would instead not belong to any DAG.

Version 7.6.2 - (released 8/10/2017)

BUG FIXES & OTHER CHANGES:

  • Bug fix: When deleting a document that has been uploaded to a File Upload field on a survey, it would mistakenly display a box inside the field that asks the respondent to enter their survey access code. This only occurred on surveys and not on data entry forms.
  • Bug fix: Changed "Content-type" header to "Content-Type" in the Message PHP class because some email tools do not function properly if that header is in a different case. (Ticket #25051)
  • Change: When using the Data Resolution Workflow's dashboard for data queries that have been opened via a custom Data Quality rule that contains two or more fields in its rule logic, it now displays the record number in the dashboard as a clickable link that goes to the Record Home Page for the record. Whereas in previous versions, the record number was not a link but only text. (Ticket #24960)
  • Bug fix: When viewing the Data Resolution Workflow's Resolve Issues page and exporting the dashboard table as a CSV file, it might mistakenly output HTML character codes (e.g., ') for apostrophes, quotes, and non-breaking spaces in the CSV file. (Ticket #24833)
  • Bug fix: When clicking the "Unlock all instruments" link on a longitudinal project's left-hand menu after selecting a record, it would mistakenly only unlock the data entry forms in the current event being viewed rather than in all events for the record. Additionally, the "Lock all instruments" link on some occasions might mistakenly display an erroneous error message after being clicked. (Ticket #24861)
  • Bug fix: If two-factor authentication is enabled, and a normal user logs into REDCap when the entire system has been taken offline (via the System Status setting on the General Configuration page), then it would mistakenly display the two-step login screen and an empty, malformed popup rather than displaying the offline message. (Ticket #25148)
  • Change: Modified the explanation text for @NOW and @TODAY action tags for greater clarity with regard to their usage. (Ticket #24847)
  • Bug fix: Line breaks inside field labels do not work well in Excel on Macs when downloading a data dictionary and then re-uploading it, in which the line breaks would often get doubled after re-uploading it into REDCap. Technically, it now replaces as carriage return+line feed characters with simply a line feed character to prevent this doubling effect. (Ticket #21681)
  • Bug fix: On the Record Status Dashboard page in a project, a database query would sometimes fail specifically for MySQL 5.7 only, in which it would be unable to retrieve all the form status values to display for records on the page.
  • Bug fix: When deleting a user-uploaded file on the File Repository page in a project, it would not successfully delete the file on certain occasions.
  • Change: Added new note at top of Online Designer (when viewing an instrument's fields) that mentions using Action Tags and includes a link to open the Action Tag documentation popup to learn more about them.
  • Bug fix: On very specific and seemingly random occasions, a relatively long field label in a right-aligned field might not display correctly in the PDF download of the instrument, in which it would mistakenly display the label as one word per line rather than wrapping the text as expected. (Ticket #15336)
  • Bug fix: When a field has branching logic that is dependent on another field that is hidden/displayed due to branching logic, if a field upstream on a form/survey has a value that is later changed, then all the chained branching logic on the page would mistakenly not cascade through all fields as it should, thus leaving some fields displayed that should be hidden.

Version 7.6.1 - (released 8/4/2017)

BUG FIXES & OTHER CHANGES:

  • Change/improvement: The "Require Reason for Change" feature, which can be enabled in the Additional Customizations popup on the Project Setup page, no longer requires a reason when adding data to an empty data entry form (i.e., having a gray status icon). In previous versions, it would prompt the user for a reason even when adding new data to a form that had never had data entered before, which was deemed as unnecessarily aggressive, thus making the feature less useful to many users. So now in the event that data has never before been entered on the current instrument for a given record, the user will not be prompted for a reason (that is, until they return to the instrument at a later time and add/edit/delete data). Note: The Regulatory & Software Validation Committee has reviewed this change, and has approved it for general use.
  • Bug fix: Fixed incorrect language in plugin/hook documentation for the REDCap::saveData() method. (Ticket #24619).
  • Bug fix: When using the "Test calculation with a record" functionality for a calc field in the Edit Field popup in the Online Designer, it would mistakenly return a non-numerical value (rather than a blank value) in certain cases where an "if" statement is set to return a non-numerical value for a specified condition. It will now return "[No value]" instead. (Ticket #24612).
  • Bug fix: When using a Custom Record Label for a project, in which the fields used in the Custom Record Label exist on a repeating instrument, it would mistakenly not pull those fields' data correctly, thus causing those fields to be blank in the Custom Record Label. In this case, it now pulls the data for those fields from the first instance of the repeating instrument. (Ticket #24610)
  • Bug fix: When entering a value into a Text field or Notes field that triggers branching logic, if branching is triggered while the user is typing (before they leave the field), it would mistakenly display the "Erase current value?" prompt for any fields on the page that have values that are trying to be hidden by branching logic. It should only display that prompt when leaving the current field, not while the user is still typing inside the field.
  • Bug fix: If a calc field's equation includes another calc field, then some downstream calculations might not get updated on the data entry form or survey page whenever a user modifies a field's value that triggers the original calculation.
  • Change: The text of an error message has been modified for greater clarity when an administrator goes to approve production changes but there are no changes to approve. This happens when a user has taken the project back out of draft mode after initially requesting their changes be approved. (Ticket #24774)
  • Bug fix: On some occasions REDCap Messenger might mistakenly throw a JavaScript error if Messenger was initially closed when the page loaded but then was opened. This is due to AJAX synchronicity issues. (Ticket #24930)
  • Bug fix: When entering an email address in certain email fields on Configuration pages in the Control Center, the field validation would reject email addresses that have newer domain names (e.g., rob@cabrini.technology). (Ticket #24686)
  • Bug fix: If using the REDCap::getPDF() method inside a REDCap hook that gets called on a survey page, it would mistakenly force a PDF download on the page, in which the PDF would be corrupted and not able to be opened, instead of returning the contents of the PDF as a string to the hook. (Ticket #24999)
  • Bug fix: If a field utilizes the @NOW or @TODAY action tag on a survey or data entry form, and that field's value is also piped somewhere on that page, then the field's value will mistakenly not get automatically piped when the page initially loads. (Ticket #24994)

Version 7.6.0 - (released 7/27/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: Improved accessibility on surveys when using screen readers. Additionally, tabbing now works correct when tabbing through “Enhanced Radios and Checkboxes”, and the spacebar can be used to select a choice, as is always the case with standard radios and checkboxes.
  • New action tag: @CHARLIMIT - Sets the maximum number of characters that can be entered into a Text field or Notes field, and also displays the number of characters remaining. The format must follow the pattern @CHARLIMIT=??, in which ?? is the desired max character count (alternatively, the number value can be inside single or double quotes). NOTE: This action tag cannot be used at the same time as @WORDLIMIT for the same field. NOTE: This action tag does *not* get applied during any data imports (via API or Data Import Tool) but only operates when viewing survey pages and data entry forms.
  • New action tag: @WORDLIMIT - Sets the maximum number of words that can be entered into a Text field or Notes field, and also displays the number of words remaining. The format must follow the pattern @WORDLIMIT=??, in which ?? is the desired max word count (alternatively, the number value can be inside single or double quotes). NOTE: This action tag cannot be used at the same time as @CHARLIMIT for the same field. NOTE: This action tag does *not* get applied during any data imports (via API or Data Import Tool) but only operates when viewing survey pages and data entry forms.
  • New action tag: @RANDOMORDER - Randomizes the order of multiple choice field options as displayed on survey pages and data entry forms, in which their order will be different each time the page is loaded. NOTE: This action tag can only be utilized for the following field types: Checkbox, Radio, Drop-down, Yes-No, and True-False. This tag also works for enhanced radios and checkboxes on surveys.
  • New action tag: @HIDECHOICE - Hides one or more choices of a multiple choice field. This action tag is useful if you wish to retire a particular choice after utilizing it for a while in data collection, thus allowing you to hide the choice from that point after without orphaning any of the choice's data, which would happen if you simply deleted the choice. The format must follow the pattern @HIDECHOICE='??', in which the coded values should be inside single or double quotes for the choice(s) you wish to hide. If more than one choice needs to be hidden, then provide all the coded values separated by commas. For example, to hide the choice 'Monday (1)', you would have @HIDECHOICE='1', but if you wanted to additionally hide 'Tuesday (2)', you would have @HIDECHOICE='1,2'. NOTE: If the hidden choice has already been selected for a given record, then the choice will not be hidden on the survey or form for that record/event. NOTE: Hidden choices will still appear in reports and data exports. NOTE: This action tag can only be utilized for the following field types: Checkbox, Radio, Drop-down, Yes-No, and True-False. NOTE: This action tag works only in limited fashion with a matrix of fields, in which it will simply hide the checkbox/radio but still display the column for that choice in the matrix.
  • New action tag: @ NONEOFTHEABOVE - Allows for the designation of a checkbox choice to be a 'none of the above' option, thus ensuring that no other choices are checked if that one choice is selected. This means that if that particular option is selected, it will alert the user that all other checked-off choices will be unchecked. And if the 'none of the above' option is already checked when the user checks off another choice, it will automatically uncheck the 'none of the above' option. This action tag makes it possible to have a 'none of the above' option without the risk of users mistakenly having other choices selected at the same time. The format must follow the pattern @NONEOFTHEABOVE=??, in which ?? is the coded value of the 'none of the above' checkbox choice - e.g., @NONEOFTHEABOVE=98. Alternatively, it is possible to set multiple options as a 'none of the above' option at the same time, in which the coded values must be comma delimited inside single or double quotes - e.g., @NONEOFTHEABOVE='45,99'. This is useful for certain situations, such as if you have a 'none of the above' option and also have a 'refuse to answer' option, thus allowing either of those to be the only option that can be selected at a time. NOTE: This action tag can only be utilized by Checkbox fields.
  • Improvement: New "Save & Exit Record" button on data entry forms - After being clicked, the user is taken back to the Record Home Page to select another record or create a new one.
  • Improvement: New "Save & Go To Next Record" button on data entry forms - After being clicked, the user is taken to the Record Home Page for the record that follows the record just edited (according to the record order seen on the Record Status Dashboard).
  • Minor security fix: The Bootstrap framework was upgraded to the latest version (3.3.7) due to a minor vulnerability in the framework.
  • Improvement: The Configuration Check page in the Control Center will now detect if any non-versioned files(that reside in the main "redcap" directory but are not inside a version directory) are out-of-date, and if so, will provide a zip file of the files to be replaced.
  • Improvement: Branching logic now begins to get executed slightly earlier when leaving a text field (e.g., via tabbing) on a data entry form or survey page. This eliminates certain workflow issues, such as when a user's cursor mistakenly skips over previously hidden fields that become suddenly visible due to branching logic being triggered by leaving the initial field. So overall, it improves the behavior of tabbing through a survey or form when branching logic is used.
  • Improvement: Branching logic and calculations now get executed more efficiently when triggered by adding/modifying field values on a survey page or data entry form, in which they now get executed only for the fields for which they are a trigger. This is much better than executing branching logic and calculations for all fields on the page, which was the case in previous versions.
  • Improvement: The App Data Dumps tab on a project’s REDCap Mobile App page now displays the records and the uploaded file list in a more manageable fashion for any emergency data dumps that are listed on that page.
  • Bug fix: When using the Survey Auto-Continue feature for a set of surveys that exist on a Repeating Event in a longitudinal project, if a participant completes a survey, it would always mistakenly send them to the next survey in the first instance of the Repeating Event instead of sending them to that survey in the current instance of the Repeating Event. So their responses for the following surveys would not get stored in the correct instance of the Repeating Event.
  • Bug fix: In some cases where date values might have trailing spaces (e.g., "2017-12-31 "), it would mistakenly cause the datediff() function to not always work correctly in calculated fields and in Automated Survey Invitation conditions, among other places where datediff() can be utilized. (Ticket #24243)
  • Change: When opening the "Upload document" popup for a File Upload field, it now no longer displays the field's variable name in the popup. It now only displays the field label. Displaying the variable name was deemed unnecessary and unuseful, especially for survey participants.
  • Bug fix: If a user loads a survey page or data entry form, in which a required field already has a value at the time the page is opened, then if the value is removed and the page is saved, it would mistakenly give the required field prompt saying that the required field was left blank, which is incorrect.
  • Bug fix: When repeating instruments have been enabled in a project, and some instances of a repeating instrument have been deleted for a given record, then when viewing the record on the Record Status Dashboard, the form status icon displayed in the table for the repeating instrument might be an incorrect color (e.g., blue stack icon instead of green stack icon). (Ticket #23370)
  • Bug fix: When copying a project, in which the reports are copied but users/roles are not copied, if a report had custom user access set, then that same report in the new project would end up in a limbo state where it appears that all users can access it but mistakenly no one can access it (except users with Edit Reports privileges via the "My Reports & Exports" page). (Ticket #23918)
  • Change: On the Project Modification Module, the Commit, Reject, and Reset/Delete buttons at the bottom of the page for administrators now have a short description next to them to explain what they do (in case administrators get skittish about clicking the buttons without fully understanding them first).
  • Change: Removed the use of expression(this.width > ...) in CSS inline style of embedded images (e.g., survey logo, descriptive field attachment) since it is no longer necessary in the web browsers that REDCap supports.
  • Bug fix: When viewing the Data History popup for a field when viewing a record on a data entry form, if the record had been deleted in the past but later another record was created with the same record name, then it would mistakenly also display the logging for the deleted record in the Data History popup. (Ticket #24444).
  • Bug fix: When using the datepicker/datetimepicker widget for setting the value of a text field, if the field has a min or max range validation set, then it would prevent the user from selecting a new month or year in the datepicker if the existing value in the field is currently out of range. This made it extremely difficult to use the datepicker well if range validation is used on the field. (Ticket #24049).
  • Bug fix: When clicking the Compare button for a multiple choice field on the Draft Mode field comparison page, if a multiple choice option has a comma in its label, then the resulting popup comparing the choices would mistakenly truncate the choice label at the comma. (Ticket #24566).

Version 7.5.2 - (released 7/18/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: In very specific scenarios, deleting a record in a project might mistakenly delete a scheduled survey invitation for a record with the same name in another unrelated project. This would result in random survey participants not receiving their invitations. This issue occurs very seldom. (It was thought that the major bug fix listed in REDCap 7.4.5's release notes was responsible for this, but it was found not to be.)
  • Bug fix: When entering the equation for a calc field in the Edit Field popup in the Online Designer, if the project is in Draft Mode while in production, then any fields referenced in the calculation that exist only in Draft Mode will cause the logic checker to mistakenly say "Error in syntax" right below the equation in the popup. (Ticket #23886)
  • Bug fix: If viewing a survey that has "enhanced radio buttons and checkboxes" enabled, it would display a checkbox with Left/Horizontal alignment on the survey mistakenly as a single column of buttons rather than as two columns. Horizontally-aligned radios/checkboxes should always display as two columns of buttons, except on small mobile devices.

Version 7.5.1 - (released 7/12/2017)

BUG FIXES & OTHER CHANGES:

  • Medium security fix: A cross-site scripting vulnerability was found that could be exploited by a malicious user by manipulating the query string of an HTTP request or REDCap link.
  • Medium security fix: A cross-site scripting vulnerability was found that could be exploited by a malicious user by manipulating text strings input into conversation titles or messages in REDCap Messenger.
  • Major bug fix: On certain occasions, the cron job that schedules Automated Survey Invitations containing conditional logic using datediff() with "today" as a parameter might mistakenly remove survey invitations that have been scheduled for another project. This would result in random survey participants not receiving their invitations. This issue occurs very seldom.
  • Minor security fix: A couple functions (e.g., deleting files in the File Repository or on File Upload fields) were mistakenly not being protected from Cross-site Request Forgery (CSRF) attacks by potential malicious users.
  • Change: A note was added for clarification at the bottom of the Data Quality module to denote that for Rule E the term 'outlier' refers to a value that is more than two standard deviations from the mean.
  • Bug fix: When clicking the "Tell me more" link inside the Survey Login popup in the Online Designer, it would mistakenly display the hidden instructional text.
  • Bug fix: When using the Data Dictionary Upload page to import a field that has a certain type of invalid branching logic, then it can mistakenly throw a fatal PHP error and prevent the file from successfully uploading rather than gracefully catching the error. (Ticket #23658)
  • Bug fix: When exporting the REDCap XML file (containing metadata and data) on the Other Export Options page, that option's download icon's "title" attribute would mistakenly say "Download PDF with all data", which is incorrect. (Ticket #23674)
  • Bug fix: The Data Dictionary upload process would mistakenly not catch the error where a min or max validation range is provided without a value for the field validation type. (Ticket #23440)
  • Bug fix: When "enhanced radio buttons and checkboxes" are enabled on a survey, radio or checkbox fields that have vertical alignment were mistakenly not displaying their choices as one choice per line, which is what vertical alignment dictates, but instead they were displaying as two choices per line - except on mobile devices in which it always displays one choice per line. (Ticket #23748)
  • Bug fix: When adding a custom Data Quality rule for a project in production, it might mistakenly return an error saying that the fields in the rule logic do not exist as real fields in the project. (Ticket #23515)
  • Bug fix: For longitudinal projects with multiple arms in which the project has the Custom Record Label or Secondary Unique Field enabled, if a user views a calendar event that is attached to a record (either as an ad hoc calendar event or generated via the Scheduling module), then when viewing the calendar event in the popup, it would mistakenly only display the Custom Record Label or Secondary Unique Field for records in the first arm. For records existing only in other arms, the value would mistakenly be blank. (Ticket #23367)
  • Bug fix: When repeating instruments have been enabled in a project, and some instances of a repeating instrument have been deleted for a given record, then when viewing the record on the Record Home Page, the form status icon displayed in the table for the repeating instrument might be an incorrect color (e.g., red stack icon instead of green stack icon). (Ticket #23370)
  • Change: The PHP constant USERID and global variable $userid set by REDCap will now always be lower case regardless of whether a user has logged in using a different case for their username. (Ticket #23062)
  • Change/improvement: When using Twilio telephony services in a project and having respondents complete surveys via SMS messages, if a respondent has SMS auto-reply enabled for their phone number, it can cause an infinite loop of bounce-backs that will quickly deplete the REDCap user's Twilio account of funds. The SMS survey will now max out at 10 invalid responses per minute before automatically ending the survey. (Ticket #23050)

Version 7.5.0 - (released 6/29/2017)

NEW FEATURES, BUG FIXES & OTHER CHANGES:

  • New feature: PDF download for survey respondents - On an instrument's survey settings page, a user may enable the option "Allow participants to download a PDF of their responses at end of survey?". This option will display a button for the survey participant to download a PDF file of their responses for the survey they just completed. Users may also download this same copy of the PDF since it has been added as a new PDF download option at the top of data entry forms.
  • New feature: Allow users to generate API tokens on their own - A new optional setting on the User Settings page in the Control Center will grant all users or selected users the ability to generate API tokens on their own without a REDCap administrator having to generate them on their behalf. If set to "Yes, allow selected users", then an administrator will have to enable the setting on a given user's account via the Browse Users page to allow them to generate their own tokens. If set to "Yes, allow all users", then any user will be able to generate their own API token for a project any time they wish. Note: This system-wide setting on the User Settings page defaults to "No, an administrator must approve each token request", which is the behavior in previous versions of REDCap.
  • Medium security fix: A cross-site scripting vulnerability was found that could be exploited by a malicious user or survey respondent uploading a specially designed file for a File Upload field (or manipulate the HTTP request during the upload process) on a survey page or data entry form.
  • Improvement: When copying a project that has the Dynamic Data Pull (DDP) module enabled, it will now copy the DDP field mappings in the project. Note: The DDP module will still be initially disabled in the new project, but after an administrator enables it for the user, the mappings that were copied will then appear.
  • Bug fix: When clicking the "Add new" button on the Record Home Page to add a new repeating event for a record, if the event/form table is large enough on the page, the table may mistakenly disappear on certain occasions after clicking the button. (Ticket #23165)
  • Bug fix: If a logged-in user knows how to manipulate a specific HTTP request to the REDCap server, they might be able to learn the project title of any given project.
  • Bug fix: For longitudinal projects with multiple arms that utilize repeating instruments, if a record exists on more than one arm, the Record Home Page would mistakenly display the repeating instruments tables from other arms for that record.

Version 7.4.3 - (released 6/22/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: When the Data Resolution Workflow module is enabled for a project, the Resolve Issues page now has an Export button to allow users to download the data resolution dashboard as a CSV file. The page also allows users to view "all status types" using the first filter drop-down in the dashboard table.
  • Change: When designating instruments for events on a longitudinal project's "Designate Instruments for My Events" page, normal users will no longer be able to undesignated an instrument from an event if the project is in production (REDCap administrators will still be allowed to do this though). This is to protect users from mistakenly undesignating instruments after collecting data in production, which would orphan the data.
  • Change/improvement: The Data Search feature on the "Add/Edit Records" page performs slightly better regarding the ranking of search results returned, in which it now lists exact word matches first in the list of results. Additionally, the Data Search feature now returns a maximum of 25 matching values, whereas previous versions returned a maximum of 15.
  • Bug fix: A user might not receive email notifications regarding new REDCap Messenger messages if they have had Mobile App or API activity after logging out and then receiving new messages.
  • Bug fix: When viewing a survey or data entry form on a tablet, in which an inline image attachment is displayed in a Descriptive field on the page, it would mistakenly display the image at a smaller size than expected if the image is larger than 250 pixels wide.
  • Bug fix: When typing a calc equation, branching logic, report filer, etc. into a text box where it provides variable auto-suggestions, depending on the REDCap server configuration, it might mistakenly not display suggestions for fields but instead display an error message.
  • Bug fix: When a project is in production but not in Draft Mode, it would mistakenly display the "REDCap Shared Library" button and "Check For Identifiers" link on the Project Setup page. (Ticket #22605)
  • Bug fix: When exporting and re-importing a project XML file of metadata to create a new project, if any multiple choice fields have option labels that contain HTML tags, then all options for that field that do not contain HTML in their label would mistakenly get lost and would not appear in the newly created project. (Ticket #22610)
  • Bug fix: When entering branching logic in the "Add/Edit Branching Logic" popup on the Online Designer, if the project is in production and in Draft Mode, then it would mistakenly report "Error in syntax" if the logic contains a variable name that is on a new instrument that exists in Draft Mode but not in the production version of the project. (Ticket #22604)
  • Bug fix: When using the drag-n-drop option in the "Add/Edit Branching Logic", the operator drop-down was missing "<>" as an option. (Ticket #22596)
  • Bug fix: When clicking the "reset" link for a radio button field on a data entry form or survey page, if fields immediately below to become visible due to branching logic after the link is clicked, then in certain cases the value of the radio button field would mistakenly not get reset.

Version 7.4.2 - (released 6/13/2017)

BUG FIXES & OTHER CHANGES:

  • Bug fix: When clicking the "fetch" link for a user on the User Access Dashboard, in which the user has never accessed that particular project, the spinning icon would mistakenly continue to spin forever instead of displaying "never".
  • Bug fix: When a participant is using the Survey Login feature to log in to a survey, it would mistakenly not display the survey instructions on the first survey page unless the "Save & Return Later" option had been enabled for the survey. It now always displays the instructions on the first page regardless. (Ticket #21646)
  • Bug fix: When clicking the "fetch" link for a user on the User Access Dashboard, in which the user's username has an "@" sign in it (e.g., their username is their email address), the spinning icon would mistakenly continue to spin forever instead of displaying the timestamp or "never".
  • Bug fix: When executing a rule on the Data Quality module, if the discrepancy results return fields whose field label text is not saved correctly (mangled encoding that results in a black diamond character), then the popup containing the discrepancies will mistakenly not open when the user clicks the "view" link for that rule.
  • Bug fix: If a survey participant has clicked the button to change the survey font size at the top of the survey, and then they view a survey page where a drop-down field or text field is initially hidden by branching logic but is revealed later via branching logic on that page, the previously hidden field will mistakenly be very thin and almost invisible.
  • Bug fix: If the Scheduling module is enabled in a project, it would mistakenly allow a user that does not have "Create Record" user privileges to create a new record if they click the "Generate Schedule" button without having selected a record from the "choose existing unscheduled" drop-down list. (Ticket #10111)
  • Bug fix: When a participant is taking a PROMIS/Neuro-QoL survey (adaptive or auto-scoring only) for the first time ever for the REDCap server, it might mistakenly fail to auto-retrieve the PROMIS API keys if the REDCap server's institution name or grant funding text on the General Configuration page contains HTML tags. This would prevent the PROMIS service from functioning at all.
  • Bug fix: When sorting projects in the My Projects list by clicking the Records or Fields header in the table, it would mistakenly not sort them correctly if the number contained a comma. (Ticket #21778)
  • Bug fix: When executing Data Quality rule F in a project that has checkbox fields on Repeating Instruments, it might mistakenly display false positives as discrepancies for those checkbox fields. (Ticket #13555)
  • Change/improvement: To allow text boxes to expand flexibly, an "Expand" link was added below the "Send confirmation email" message box on the Survey Settings and also below the User Comments text box on the Browse Users page when editing a user's account in the Control Center.
  • Bug fix: If an "Account Manager" is searching for other users on a project's User Rights page or the Browse Users or Browse Projects pages in the Control Center, it would mistakenly not list suspended users in the results returned.
  • Change: The "Review Drafted Changes" page in a production project now gives a bigger warning if a user is attempting to change the Record ID field's variable name after data collection has begun.
  • Bug fix: If the survey confirmation email is enabled or if survey notifications are enabled for a given survey that is enabled as a repeating survey, it would mistakenly not send the emails if the survey has the "Before survey is completed" option set for the location of the repeating button on the survey page. (Ticket #22276)
  • Bug fix: The Repeating Instrument tables displayed at the bottom of the Record Home Page for a project with Repeating Instruments might mistakenly display the tables in incorrect order.
  • Bug fix: If a file is uploaded to a File Upload field on a data entry form or survey for an existing record, and then the link is clicked to download the file, it would only display "ERROR!", which is non-descriptive and confusing, whereas now it gives a more full error message stating that the form/survey must first be saved before the file can be downloaded. Also, if a file is uploaded and then deleted via the "Remove file" link, it would mistakenly display "ERROR!" in that field with no option to re-upload a field. Additionally, to be consistent with all this behavior, users will no longer be able to send the file via the Send-It button below it until the data entry form has first been saved and reloaded. (Ticket #22022)
  • Bug fix: The drop-down list of records on the "Add/Edit Records" page would mistakenly display HTML tags if the Custom Record Label or Secondary Unique Field label contained HTML tags. (Ticket #22351)
  • Bug fix: When importing data for checkbox fields via the Data Import Tool or API, in which the checkbox exists on a Repeating Instrument, it would mistakenly display an error saying that the value cannot be imported. (Ticket #22387)
  • Bug fix: When viewing the My Projects page, Control Center, or other non-project pages, the top nav bar might mistakenly be displayed as two rows rather than one. (Ticket #22469)
  • Change: Invitation reminders are now displayed by default in the Survey Invitation Log. In previous versions, the "Display invitation reminders?" checkbox would have to be checked in order to see the reminders. Not initially seeing the reminders would cause some users to mistakenly assume that nothing was scheduled.
  • Change/improvement: When adding a secondary or tertiary email address to a REDCap user account, the language has been modified on the email verification page for greater clarity when the current logged-in user clicks the link and they are not the requester. This can happen sometimes when one user is authorizing another user to use their email address for their REDCap account's secondary or tertiary email. (Ticket #21780)

Version 7.4.1 - (released 5/29/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: If a record has any calendar events (included scheduled events) that will occur in the next 7 days, it will display a button above the table on the Record Home Page. The button will note how many calendar events there are for the current record in the 7 days, and when clicked, it will display the next 7 days worth of calendar events in agenda mode view.
  • Improvement: If a record has any survey invitations that are scheduled to be sent in the next 7 days, it will display a button above the table on the Record Home Page. The button will note how many upcoming invites are scheduled for the current record in the 7 days, and when clicked, it will display a table of the send time and survey title for the next 7 days worth of scheduled invites.
  • Improvement: When the Dynamic Data Pull (DDP) module is enabled for a project, it will now display a record's number of items to adjudicate when viewing the record on the Record Home Page, and additionally clicking the View button allows to user to adjudicate new items for the record on the Record Home Page.
  • Improvement: When the Dynamic Data Pull (DDP) module is enabled for a project, the DDP adjudication popup now displays a gray header for each data entry form of fields displayed in the popup. This makes it more clear to which form the fields belong.
  • Bug fix: If the REDCap web server is running PHP 7.1, numeric survey access codes for Twilio telephony services could never be created and could cause some processes to go into infinite loops until the PHP script crashed. (Ticket #21169)
  • Bug fix: When using Twilio telephony services and sending an SMS survey invitation for participants listed in the Participant List for the first instrument, it would mistakenly keep asking the participant for their survey access code via SMS after they initially replied back via SMS, thus preventing them from starting the survey. (Ticket #20303)
  • Bug fix: If the 'records' parameter in the API "Delete Records" method is passed as a string instead of an array, it would mistakenly return a "1" for success, even though it did not delete any records. (Ticket #21424)
  • Bug fix: When the cron job is running for the Publication Matching module, it might mistakenly throw a fatal PHP error and halt the cron job mid-way through completing in certain situations. (Ticket #21347)
  • Bug fix: If a field used in the Survey Login has another field's value being piped into its field label, then the Survey Login screen would mistakenly not perform the piping. (Ticket #19610)
  • Bug fix: When one of the "Number...comma as decimal" field validation types is used for a field that also has a field min/max range validation set, then when importing data into the field via Data Import Tool, it would display erroneous error messages saying that the value is out of range. (Ticket #20959)
  • Bug fix: When using the designated survey email field on a survey, if a value is entered for the field, then the field would mistakenly be disabled on the survey page. It should only be disabling the field on the survey if the user entered the email address into the Participant List and if the user has also enabled the designated email field, which exists on that survey. This is done to prevent the email address in the Participant List and the email from the designated email field from getting out of sync. But it should not be disabling the field if the email value does not come from the Participant List. (Ticket #21504)

Version 7.4.0 - (released 5/17/2017)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: REDCap Messenger
    • REDCap Messenger is a communication platform built directly into REDCap. It allows REDCap users to communicate easily and efficiently with each other in a secure manner. At its core, REDCap Messenger is a chat application that enables REDCap users to send one-on-one direct messages or to organize group conversations with other REDCap users. REDCap Messenger is also the best and easiest way to share documents with other REDCap users, in which you can upload documents and embed pictures inside any given conversation.
    • View more info here
    • Watch 10-minute video on REDCap Messenger
  • Improvement: The generic field validation error message ("The value you provided could not be validated because it does not follow the expected format. Please try again.") has been improved, in which it now additionally displays "Required format:" and the name of the field validation (e.g., "Datetime (D-M-Y H:M)") in the error prompt so that there is no ambiguity about what the format should be.
  • Bug fix: When calculated fields utilize date/datetime fields in certain ways, such as inside the condition of if() functions or comparing the date/datetime value to "" or "NaN", it can return an incorrect value on data entry forms (via JavaScript) or during a data import or Data Quality rule H (via PHP). (Ticket #21030)
  • Bug fix: When searching for users in the Control Center on the Browse Users and Browse Projects pages, it would mistakenly not return suspended users in the search. (Bug emerged in REDCap 7.3.6.)
  • Bug fix: Reports that use advanced logic containing datediff functions strung together with ORs (e.g., datediff(...)>6 or datediff(...)<40 ) would not return any matching records/events for the datediffs that contained one or both date parameters having blank/null values. This appears to only affect reports.
  • Change/improvement: The password security questions for Table-based users have now had their language abstracted, so they are now translatable like other stock text in REDCap.
  • Bug fix: If a survey instrument has fields from it being displayed in a report that is set to show the survey identifier and survey timestamp fields, in which that survey instrument is set to be a repeating instrument or is on a repeating event, then the survey identifier and timestamp fields would mistakenly only ever display a blank value instead of the real value in the report.
  • Bug fix: In a project with Double Data Entry enabled, if a user is DDE user #1 or #2 and enters a page where DDE users are not allowed (e.g., Data Import Tool) and is thus presented with a yellow error message stating that the page is disabled, it would mistakenly make the links on the project's left-hand menu into dead links or will point to the wrong URL.
  • Change: The font size of the text fields for Link Label and Link URL on the "Set up project bookmarks" page were too small.
  • Change: On the API page in a project, for users that are not Administrators, it no longer displays a list of all users in the project who have API tokens. This is to adhere to a more conservative security policy. (Ticket #20048)
  • Bug fix: Data Quality rule G would mistakenly return discrepancies for checkboxes that exist on an instrument set as a Repeating Instrument. (Ticket #19259)
  • Bug fix: On the Record Home Page of a project that has repeating instruments, it would mistakenly display the table listing all instances saved for a repeating instrument even if the user does not have Data Entry user privileges to that particular instrument. It now no longer displays the table. (Ticket #20554)
  • Bug fix: SQL fields were mistakenly not displaying on the "Stats & Charts" page. (Ticket #20195)
  • Change/improvement: Added an optimized version of the cron job that checks all conditional logic in Automated Surveys Invitations that use "today" inside a datediff() function.
  • Bug fix: When creating a Custom Record Status Dashboard with filter logic that returns no records, it would mistakenly display all the project's records in the dashboard table on the page. (Ticket #21103)
  • Bug fix: If HTML tags are used in the Custom Record Label, then those tags will mistakenly be displayed at the top right corner of an exported PDF containing record data. It now strips out any HTML tags in the PDF for the Custom Record Label. (Ticket #21229)
  • Bug fix: If creating a project using a Project XML file that contains a data collection instrument with no fields other than the Form Status field, that instrument would mistakenly not get created in the new project, and if longitudinal, will throw an error and prevent the project from even being created.
  • Bug fix: When repeating events are enabled in a longitudinal project, if a user clicks the "Add new" button on the Record Home Page to add a new repeating event, then the column mistakenly does not duplicate correctly if the table is wide and employing floating table headers/column. (Ticket #20267)
  • Bug fix: When renaming a Data Access Group on the DAG page, if the DAG name contains non-Latin characters, it would mistakenly not saved the DAG name correctly. (Ticket #20958)
  • Bug fix: The "Order by another field" customization on the Project Setup page's "Additional customizations" popup was no longer working on the drop-down list of records on the Record Home Page. Bug emerged in version 7.0.0. (Ticket #15091)
  • Bug fix: If a field utilizes the @DEFAULT action tag on a survey or data entry form, and that field's is also piped somewhere on that page, then the field's value will mistakenly not get automatically piped when the page initially loads. (Ticket #21288)
  • Bug fix: Values for the fields "redcap_repeat_instrument" and "redcap_repeat_instance" would not get fully validated during a data import, thus causing the data to get mistakenly imported into non-repeating events/instruments and orphaning some of the data after the import completed. (Ticket #21100, #20028)

Version 7.3.6 - (released 5/17/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: Specific usages of the "if" function in calc fields would cause opposite results for auto-calcs and for Data Quality rule H. This includes the usages below. (Ticket #17479, #18945, #17882)
    • if ([field] = "NaN", ... , ...)
    • if ([field] <> "NaN", ..., ...)
    • if ([field] = "", ..., ...)
    • if ([field] <> "", ..., ...)
  • Change: The user auto-suggest on the User Rights page no longer returns suspended users when searching for users to add to the project.
  • Change: The DataQuality::renderResolutionTable method was not checking for $_GET['assigned_user_id'] in resolve.php. (Ticket #20630).
  • Bug fix: At the top of the data entry form when viewing a survey response, it would incorrectly list an API user as a contributor to that response when the API user has imported data values for *any* field for that record, not just fields on that particular survey instrument. It now only lists contributors who have modified values on that instrument. (Ticket #20452)
  • Bug fix: When executing Rule C "Field validation errors (incorrect data type)" in the Data Quality module, it would mistakenly return false positives in the discrepancy list when there exist no fields in the project having field validation and also when there are no slider fields or calc fields.
  • Bug fix: When sending multiple attachments in an email sent from a hook or plugin using the Message class in REDCap, it would mistakenly attach extra empty text files to the email for some email providers.
  • Bug fix: The auto-generated unique event name for events in a longitudinal project might mistakenly begin or end with an underscore, which might cause erroneous errors when using a unique event name in report filter logic or in other similar logic. (Ticket #20301)
  • Change/improvement: Alt text was added to the increase/decrease font images displayed at the top of the survey page. (Ticket #20577)
  • Bug fix: The API Playground mistakenly displays a drop-down of events for the Delete Record method when it should instead display a drop-down of arms. (Ticket #20599)
  • Bug fix: The data search on the Add/Edit Records page will mistakenly never return any results when searching over "All fields" when the REDCap web server is running PHP 7. (Ticket #20111)
  • Bug fix: When renaming a record on the Record Home Page, it would mistakenly allow users to enter illegal characters in the record name, such as ampersands, apostrophes, plus signs, and pound signs. (Ticket #19719)

Version 7.3.5 - (released 4/28/2017)

BUG FIXES & OTHER CHANGES:

  • Bug fix: If a survey has "Enhanced Radios and Checkboxes" enabled, and a radio or checkbox is selected by a participant on the survey page and then the field gets hidden by branching logic, then if the field later becomes visible again due to branching logic, it would mistakenly still seem to be selected even though it is not really selected. (Ticket #19034)
  • Bug fix: If using the Online Designer's "Copy" button to copy an instrument containing a matrix of fields, it would mistakenly not append the specified suffix (e.g., "_v2") to the matrix group name but would instead append a random string of alpha-numeric characters. (Ticket #19333)
  • Bug fix: If deleting an event of data on a record's Record Home Page, it would mistakenly not delete all the event data if the event contained one or more repeating instruments that had some data saved on non-first instances of the instrument. (Ticket #17694)
  • Bug fix: If a user is locking all forms across all events on the Record Home Page for a record that has repeating events of data in a project with Repeating Events enabled, it would mistakenly not lock any empty forms (i.e., having a gray status icon) that exist on a repeating event, excluding the first repeating instance. Additionally, empty forms on repeating events (excluding the first repeating instance) were showing up as locked on the Record Home Page (i.e., having lock icon) even though they were not really locked. (Ticket #17615)
  • Bug fix: When using the Scheduling module in a longitudinal project that contains repeating instruments, in certain cases a record might mistakenly not be displayed in the "choose existing unscheduled" drop-down on the Scheduling page, thus preventing the user from scheduling certain records. (Ticket #17272)
  • Bug fix: When enabling the Survey Login feature in a multi-arm longitudinal project, if a record does not exist in an arm whose fields/events are specified as the login fields, then the survey login page would mistakenly display an error saying that the login form could not be displayed (and thus provide no way to log in to the survey). In this scenario, it should instead bypass the survey login form and display the survey page since the record exists in another arm as the specified login fields, thus the record should not be subject to it. (Ticket #18430)
  • Bug fix: When using the Survey Queue and selecting the option to display the survey in the queue "when the following survey is completed", it was only checking to see if that instrument was completed as a survey. It should have also been checking if the instrument had been set to a Form Status of "Complete" on a data entry form, which is how Automated Survey Invitations have always behaved for this same setting. This was causing some surveys to show up as not having been completed in the participant's survey queue. (Ticket #15640)
  • Bug fix: When using the Survey Queue and referencing a value from a repeating instrument inside the conditional logic for the survey queue item, it might mistakenly not display the survey in the queue or might show it as not having been completed when it was completed as a data entry form. (Ticket #15640)
  • Bug fix: When viewing a tall multi-page report in a project, in which it utilizes the floating headers on the report table, if the user switches between pages of the report, it might mistakenly cause part of the table headers to suddenly appear below the page footer at the bottom. (Ticket #19676)
  • Bug fix: When importing data via the Data Import Tool, if any error messages contain a comma in the text, it would mistakenly truncate the error message at the comma when displaying it on the page for the user.

Version 7.3.4 - (released 4/21/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: The redcap_repeat_instance and redcap_repeat_instrument values will now be sent as parameters for Data Entry Triggers. Note: If the current event/instrument is not a repeating event or repeating instrument, respectively, then these parameters will not be included in the DET request. (Ticket #18794)
  • Improvement: The repeat_instance parameter was added to the following hook functions: redcap_data_entry_form, redcap_data_entry_form_top, redcap_save_record, redcap_survey_complete, redcap_survey_page, and redcap_survey_page_top. NOTE: In order to utilize this new parameter in REDCap, you must add $repeat_instance as the last parameter in the function definition of the functions above in your hook functions file on your web server. (Ticket #18794)
  • Improvement: The repeat_instance parameter was added to the REDCap::getPDF() method for plugins/hooks. (Ticket #18794)
  • Bug fix: When renaming a record on the Record Home Page, it would mistakenly not trim off any spaces accidentally added to the beginning or end of the new record name, thus leaving the record in a limbo state where it is not accessible in data entry forms and could not be deleted.
  • Bug fix: If a text field that lacks integer or number validation has a trailing space in its value and is then used in the equation of a calculated field, the resulting calculation as seen on data entry forms and survey pages might mistakenly be incorrect, whereas data imports and Data Quality rule H would perform the calculation correctly. (Ticket #19037)
  • Change: Added a "Cancel" button to the bottom of the Data Dictionary Upload page and Data Import Tool to more easily allow users to start over when halfway through the upload process. (Ticket #19035)
  • Bug fix: In certain versions of Internet Explorer, the "Cancel" button would not work correctly and would mistakenly submit the form on the following pages: Copy Project page and Create/Edit Survey page. (Ticket #18996)
  • Bug fix: When collapsing many repeating events on the Record Home Page (by clicking the left/right arrow button), then uncollapsing them, then repeating this process several times, the user's browser may get bogged down and crash. And it may even mistakenly ban the user's IP address from REDCap, after which they would have to be unbanned.
  • Bug fix: When exporting data to a stats package (e.g., SPSS, SAS, R, Stata) for a project that contains repeating events or repeating instruments, if the report being exported does not include any fields from a repeating event or repeating instrument, then the fields listed in the stats package's syntax file might not line up with the fields contained in the resulting CSV data file, thus making it impossible to load the data into the stats package. (Ticket #18996)
  • Change: The Configuration Check page in the Control Center now recommends that you upgrade to PHP 5.4.0 or higher if you are currently running PHP 5.3 on your REDCap web server. It notes that while most of REDCap's functionality works fine with PHP 5.3, it has shown to provide inconsistencies on rare occasions when evaluating particular types of equations for calculated fields. So for better performance and accuracy, it is recommended that you upgrade to PHP 5.4.0 or higher.
  • Change/improvement: When using both Data Access Groups and Double Data Entry in a single project and merging two records that both belong to the same DAG, previous versions did not automatically assign the merged third record to the same DAG. It now automatically assigns the new third record to the same DAG in that case. (Ticket #18767)
  • Bug fix: When the Data Resolution Workflow module is enabled, and a user attempts to respond to an open query by uploading a file, the file would mistakenly fail to upload.
  • Bug fix: When the Data Resolution Workflow module is enabled, and a user enters a value for a field that has an open query, which causes the "Save and then open Data Resolution Pop-up" button to appear, if the button is clicked on a repeating instrument or on a repeating event, then it would mistakenly redirect the user back to the first instance of the data entry form (rather than the current instance) after successfully saving the form's data.

Version 7.3.3 - (released 4/13/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When viewing the Record Home Page for a record, in which the main table on the page is wide enough or tall enough that it invokes the floating header or floating first column, then if the user clicks the down arrow button on the main table to collapse it, it might mistakenly not be possible for the user to uncollapse the table, even after refreshing the page, thus making it impossible to navigate fully throughout a record. (Ticket #18819)
  • Change: On certain rare occasions, the table displayed on the Record Home Page, on the Record Status Dashboard, on the Designate Instruments For My Events page, and on all reports might not display properly but might have its columns or rows appear misaligned in some way, thus making it difficult to view the table or navigate it well. If this occurs, users can now disable the floating table headers for that table/page in that specific project (and have it remember that choice) by clicking the "Table not displaying properly?" link that is now displayed near the top right of the table. It will also have a [?] link to click, which opens a popup with an explanation of what it means to disable that functionality. (Ticket #18822)
  • Bug fix: When performing a data export to SAS or SPSS, in which some fields in the export data set have "datetime" or "datetime w/ seconds" field validation, those fields would mistakenly not get added to the syntax file produced for both SPSS and SAS. Bug emerged in REDCap 7.3.1 (Standard). (Ticket #18579)
  • Bug fix: When viewing the popup for setting up Repeatable Instruments/Events on the Project Setup page, if the project is longitudinal and a custom label is set for a repeating instrument, then when the popup is reopened later after saving, it might mistakenly display one of the custom labels for that instrument in every event, rather than just in the event in which it was specified. This won't change anything in how the custom labels are implemented unless the values are re-saved after initially saving though.
  • Bug fix: In a longitudinal project with repeating events enabled, if a user adds data for several repeating events, in which one of the instruments on a repeating event has a gray status icon, then the corresponding icon(s) for that instrument/event for that record would not display correctly on the Record Status Dashboard, such as displaying a gray status icon when it should display a red stack status icon. (Ticket #18073)
  • Bug fix: When viewing the popup for the Data Resolution Workflow on a repeating instrument, the table rows that show the data value changes for the field in the popup would mistakenly always show the first instance's data, not the current instance of the repeating instrument. (Ticket #18873)

Version 7.3.2 - (released 4/6/2017)

BUG FIXES & OTHER CHANGES:

  • Change: In REDCap 7.3.1 (Standard), the Codebook page required Project Setup/Design privileges to view it, although in previous versions it did not require any special user privileges in order to view the page. However, due to good arguments made against the change in 7.3.1, the change has been reverted, and the Codebook will now be fully viewable to all users in the project just as it was in versions prior to 7.3.1.
  • Improvement: On the Logging page in projects that have Data Access Groups, a user that is not assigned to a DAG will be able to filter the logging results by records in a DAG. Below the "Filter by record" drop-down at the top, it will display a "Filter by records in a DAG" drop-down that is viewable only by users not currently assigned to a DAG.
  • Bug fix: If an apostrophe exists in the name of a User Role, then the role could not be edited when clicked on the User Rights page. It would instead mistakenly throw a JavaScript error.
  • Bug fix: When exporting a PDF of a data entry form with data, in which the form is enabled as a repeating instrument, if a checkbox field on the instrument has branching logic, it might mistakenly not display the checkbox in the PDF when it should be displayed. (Ticket #17621)
  • Bug fix: When deleting an event of data for a repeating event on the Record Home Page in a longitudinal project, it would remove the event instance from the Record Home Page, but the event instance would mistakenly still appear in reports and data exports. (Ticket #17859)
  • Bug fix: The bug fix in REDCap 7.3.0 LTS that dealt with the usage of "" and "NaN" in calc fields mistakenly did not get incorporated into the Data Quality rule H and auto-calc implementation of calculated fields (via PHP), but it only got incorporated into the JavaScript-fired calculations on data entry forms, thus causing erroneous results to appear when executing Data Quality rule H for very specific cases where >"" or ="" were used in a calculation. (Ticket #17882)
  • Bug fix: When enabling Twilio telephony services in a project and ensuring that the Request Inspector has been disabled for that Twilio account, it would mistakenly fail and never allow the user to enable Twilio services for that project. This was due to a recent change in Twilio's API methods. (Ticket #18040)
  • Bug fix: When data quality rules have very long logic, they can take up an inordinate amount of the page, making it very difficult to view or execute several at once. (Ticket #17548)
  • Bug fix: When moving a project to production and opting to delete all data, it mistakenly says that it will also delete all data dictionary snapshots, which is not correct. All data dictionary snapshots will be preserved. The text will be corrected. (Ticket #17785)
  • Bug fix: "MySQL over SSL" is now fully supported. In previous versions, it would fail to connect in certain instances, such as if using a self-signed SSL certificate or if using Table-based authentication.
  • Bug fix: When saving data in a hook or plugin using the REDCap::saveData method, if the event name field is not included when saving data for a longitudinal project, then it would appear to save the data to the first event of the record, but the record would not show up in any record lists if the record did not exist beforehand. (Ticket #17881)
  • Bug fix: HTML tags were mistakenly not being interpreted but were being displayed as-is for the institution name and organization name in project, as well as any custom text displayed at the top of the project home page, the top of data entry forms, and the top of Record Home page (Ticket #17912)
  • Bug fix: When executing a custom Data Quality rule containing fields in a project that has repeating events/instruments enabled, in which the fields utilized in the rule's logic are not located on a repeating event/instrument, it might mistakenly return duplicate discrepancies in the results.
  • Bug fix: When using the "Copy" instrument action on the Online Designer, if the first field in the instrument has a section header above it, that section header would mistakenly not get copied into the new instrument.
  • Bug fix: When a longitudinal project has long event names that have non-Latin characters in their name, it may mistakenly throw an error when attempting to create a new project using the project's XML metadata file. (Ticket #17055)
  • Bug fix: When a project with surveys has already sent out survey invitations (excluding public survey links) to participants, and then records were later deleted via the "Erase All Data" option or by deleting all records when moving the project to production, the records' survey links would mistakenly still be active and could be used by the participant (even though the record no longer exists in the project), which would create a new record. (Ticket #17457)
  • Bug fix: When a user is requesting that an administrator move their project to production, the confirmation popup that the user sees mistakenly displays a blank space inside parentheses when it should be displaying the user's email address there. (Ticket #18197)
  • Bug fix: When a user downloads an Instrument Zip file for an instrument on the Online Designer, certain server configurations would result with an error and not export the zip file successfully due to GZIP HTTP compression being enabled by mistake for that particular process. (Ticket #18094)
  • Bug fix: When using the "Time Limit for Survey Completion" feature on a survey, the link icon in the Participant List would mistakenly still be displayed even if the participant's link had already expired.
  • Bug fix: When using the "Time Limit for Survey Completion" feature on a survey, the "Link Expiration" column might mistakenly not appear in the Participant List or the column might not properly display any icons if the time limit for the survey was set using only minutes (i.e., the days and hours text boxes were left blank).
  • Bug fix: When exporting a PDF of an instrument with data, in which data is being piped into text on that instrument and the data contains line breaks/carriage returns, it might mistakenly display a rectangular symbol in the PDF at the beginning of each line of the piped data. (Ticket #17947)
  • Bug fix: On the Logging page in a project, if a user has set the time range filters at the top, and then changes the "Displaying events (by most recent)" option, it would mistakenly reset the time range filters back to blank values. (Ticket #18057)
  • Bug fix: When changing the time of a scheduled survey invitation on the Survey Invitation Log, it would mistakenly not always update the new date/time with the updated time submitted. (Ticket #17791) Abstract survey invitation language – link
  • Bug fix: In a longitudinal project that contains multiple arms, survey participants from another arm might mistakenly be displayed when viewing a survey/event's Participant List that belongs to a different arm. It will now no longer display participants from other arms. (Ticket #18354)
  • Bug fix: When adding a matrix of fields via the Online Designer for an instrument that does not yet have any fields, if the project is in production in Draft Mode, then the new matrix might mistakenly not display at all on the Online Designer or the data entry form until either a new field is added to the instrument or until a data dictionary is uploaded. (Ticket #16871)
  • Bug fix: When the Project Notes text is very long for a given project, the text can sometimes render outside its black box when displayed on the My Projects page. (Ticket #17414)
  • Bug fix: When importing data via Data Import Tool or API for a project that has Data Access Groups, in which the data being imported contains the field redcap_data_access_group, it might mistakenly throw an error stating that the unique DAG name is not valid when it actually is. (Ticket #18087)
  • Bug fix: For certain server configurations, in a longitudinal project with repeating events enabled, it might mistakenly think that some of a record's repeating events have repeating instruments within them (showing a stacked status icon inside a repeating event column), which is not possible. (Ticket #17596)
  • Post-release fix: For REDCap web servers running PHP 5.3, some components of the Repeating Instruments/Events do not work correctly in longitudinal projects. In the setup of repeating instruments/events on the Project Setup page, it would mistakenly display the letter "W" inside the custom label text box if a longitudinal event has been selected as a repeating event. Also, the Record Home Page for a given record would mistakenly display the stack status icon for instruments in a repeating event, which is very confusing, when it should only ever display that icon for a repeating instrument. These issues only arise for longitudinal projects and only when running PHP 5.3.

Version 7.3.1 - (released 3/17/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: When creating/editing reports in projects that have repeating instruments, a new option has been added to Step 3 (filtering): "Show data for all repeating instruments for each record returned?". This option is very similar to the "Show data for all events for each record returned" option found when editing reports in longitudinal projects in which it applies record-level filtering as opposed to row-level filtering ("row" referring to the rows in the report table displayed). This new option provides greater precision for controlling filters used on data in repeating instruments. For example, if a filter references a field from a non-repeating instrument, then it might filter out all data from repeating instruments and thus not display them in the report, which could be confusing. But with this option checked, it will return all repeating instances (as separate rows) for any record that matches that filter. In this way, it allows you to apply the filter to non-repeating fields while still including fields from repeating instruments in your report. This was not possible in previous REDCap versions.
  • Change: When deleting a project while in production, if the project contains no records, it will delete the project immediately rather than sending a request to the REDCap Administrator to delete it. In previous versions, an Administrator would have to delete production projects regardless of whether the project contained records or not.
  • Bug fix: Removed all instances of the PHP function set_magic_quotes_runtime() and get_magic_quotes_runtime() because they are deprecated in PHP 7.0 and later. (Ticket #16893)
  • Change: Added a note in the "Compose survey invitation" popup on the data entry form to make users aware that if they manually enter an email address into the "To" field for the survey invitation, it is a one-time use only and that any other invitations sent out at other times will instead go to the email address found in the Participant List for that participant. No functionality has changed regarding this, but some users were not aware of this behavior.
  • Change: When exporting data to Stata, it now uses syntax for newer versions of Stata. This also includes declaring datetimes more properly than in previous versions of REDCap. (Ticket #13531)
  • Bug fix: The API Playground might mistakenly allow the user to make rapid sequentially requests to the server by holding down the up/down arrow on the multi-select fields on the page. Also, for the Import Records method on the API Playground, the "Update" link has been removed, in which the "data" parameter is now updated when the user leaves the Data field instead, because users were not aware that the "Update" link had to be clicked at all, which caused lots of confusion.
  • Bug fix: When exporting data in CDISC ODM (XML) format on the "Data Exports, Reports, and Stats" page, if any "File Upload" fields are included in the data set but they do not have a file uploaded for them, then it would mistakenly output an empty file in the XML file and would cause issues when importing the XML file to a REDCap project.
  • Bug fix: When a project is in Draft Mode while in production, and the first instrument is a survey, and then via the Online Designer the user moves another non-survey instrument into the first form position, it would mistakenly cause all the survey timestamps from the original first instrument to be associated with the instrument that was moved (this will occur only after the drafted changes are approved).
  • Change: For security purposes, the hashing algorithm used for hashing the answer to password recovery questions (for Table-based authentication only) will be updated to a stronger algorithm. This will unfortunately cause all Table-based users to have to set their password recovery question again the next time they log in to REDCap; however, it is anticipated that this will cause very little inconvenience to users.
  • Bug fix: When piping data from a text field that has the biomedical ontology auto-suggest enabled, it would mistakenly pipe in the raw value instead of the label. (Ticket #12705)
  • Bug fix: Cross-form branching logic does not always work successfully on a repeating event. (Ticket #16372)
  • Bug fix: A fatal PHP error might occur when uploading files on some REDCap web server configurations that do not have the PHP function mime_content_type(). It is currently not know why this function would be missing for some configurations.
  • Bug fix: The "Export Records" API method would mistakenly not export the redcap_repeat_instrument and redcap_repeat_instance fields when exporting data from a repeating instrument or repeating event in EAV format.
  • Bug fix: When creating a new REDCap project from a Project XML metadata file, in which the project is not longitudinal but contains repeating instruments, it might not enable the repeating instruments in the newly created project.
  • Change: Normal users are now allowed to enable (or modify) repeating instruments/event in a project while the project is in production. In previous versions, they could only do this while in development.
  • Bug fix: When clicking the "Move" icon for a field in the Online Designer, if some fields in the project have very long Field Labels, then it might cause display issues for the drop-down list of field inside the popup that is displayed because the drop-down is too wide.
  • Change: The Codebook page in a project now requires that a user have Project Setup/Design privileges in order to access it. This was changed to be more consistent with other places where Project Setup/Design privileges are applied.
  • Bug fix: The "Repeatable instruments and events" video on the Training Videos page mistakenly displays the wrong video title inside the popup when viewing the video. (Ticket #16502)
  • Change: For better compatibility with Shibboleth authentication, the format of the Send-It download URL has been reverted to its pre-7.0 format. Note: The current format will also work in 7.3.1 and is backward compatible in case any Send-It files had been sent out just prior to upgrading to this version.

Version 7.3.0 - (released 3/10/2017)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Response Limit for surveys - Users may set a response limit for any given survey to prevent respondents from starting the survey once a set number of responses have been collected. Note: It can be set so that the response count included either completed responses only or both partial and completed responses. Users may also set custom text to be displayed to respondents on the survey page when the response limit has been reached.
  • New feature: Time Limit for Survey Completion – Users may set the amount of time (in days, hours, and/or minutes) that each respondent has to complete a given survey based on when they were initially sent the survey invitation. Note: This feature excludes public survey links. When enabled, a new column is displayed on the Participant List where it denotes if a participant’s survey link has expired and also displays the expiration time if you hover over the icon. If the icon is clicked, the user can permanently override the link expiration time by setting it further in the future (to give the respondent more time), or else to expire the link sooner (or even immediately).
  • Improvement: The survey options at the top of a data entry form now include a new option “Log out + Open survey”, which will simultaneously open the survey in a new browser tab while logging out the REDCap user in the current tab. This makes it easier for users to log out of their REDCap session in case they walk away from the computer while a participant takes the survey, thus ensuring that the participant is not able to go into the first tab and access the user’s REDCap account and projects.
  • Improvement/change: Better protection against accidentally overwriting survey responses when opening surveys from a data entry form. When clicking the "Open survey" option at the top of a data entry form, it will display a popup on the data entry form to inform the user that it is recommended that they leave the page without saving it in order to avoid overwriting or erasing the survey responses that had been collected in another browser tab on the survey page.
  • Bug fix: REDCap would not be able to make outbound requests properly if the REDCap web server is using a proxy.
  • Bug fix: The use of [field]="" inside the condition of an IF statement for a calculated field does not behave as users would expect, and this often requires users to use [field]="NaN" as an alternative for checking if a field's value is blank/null. Now [field]="" will work as one would expect and will work identically to [field]="NaN".
  • Bug fix: Drop-down fields with autocomplete enabled will mistakenly display little arrows in front of the choice labels in Google Chrome only. (Ticket #15862)
  • Bug fix: After being on any page for more than 3 minutes, it would disable certain jQuery-enabled triggers, such as auto-complete drop-down fields on data entry forms and any custom Bootstrap components. (Ticket #15989, #14863)
  • Bug fix: When upgrading REDCap, if the new REDCap version directory has been uploaded to the web server but the upgrade has not been completed yet, then the REDCap cron job would mistakenly not run until the upgrade has completed. It will now always run when it is supposed to, even in the midst of an upgrade. (Ticket #15991)
  • Bug fix: If running PHP 7.1 or higher on the REDCap web server, the Data Resolution Workflow popup would mistakenly fail to open when a user tries to open it. (Ticket #16040)
  • Bug fix: If doing a user search using "all user attributes" on the Browser Users page in the Control Center, it would mistakenly always return every user in the system. (Ticket #16026)
  • Change: Added "language" option for users submitting an instrument to the REDCap Shared Library so that they can specify the language of their instrument's text. Note: Instruments in the Shared Library are now searchable by language.
  • Bug fix: The "email" field validation would mistakenly not accept email addresses containing accent marks and other valid UTF-8 characters. (Ticket #15874)
  • Bug fix: When downloading PDFs containing record data, it would sometimes mistakenly display duplicate pages for an instrument for longitudinal projects only. (Ticket #12797, #14945)
  • Bug fix: When viewing the Survey Invitation Log, for certain situations, some invitations might mistakenly not be displayed on the page.
  • Bug fix: When editing an existing report that uses advanced logic in Step 3, if a user clicks the "Switch format: Use simple logic" link, the drop-down list of fields in that section would mistakenly not be displayed, thus making it impossible set set a filter unless the user reloads the page.
  • Bug fix: When setting up an Automated Survey Invitation and using conditional logic, if a record is selected in the "test logic with a record" option *and* the project is in production, then it might mistakenly return "[No value]" rather than True or False regarding whether the condition is true/false for a given record.
  • Bug fix: The field name auto-suggest feature for branching logic, calculations, ASIs, etc., would mistakenly suggest checkboxes in the wrong format (i.e., without parentheses with a value inside them). It now suggests checkboxes in the correct syntax. (Ticket #15510)
  • Bug fix: On the Randomization page in a project, the drop-down lists of fields might be too wide for the page. (Ticket #16559)
  • Change: The cell borders where added back to the report table, Record Home Page table, and Record Status Dashboard table for better readability of the table contents.
  • Bug fix: The "Print Page" button on reports would cause the report to not look correctly in the print preview if the report table was too wide or too tall to fit on the page.
  • Bug fix: The Record Home Page's table might have its rows/column misaligned if the table is too wide or too tall. (Ticket #16150)
  • Bug fix: When clicking the "Show Stats Only" button on the "Stats & Charts" page, it might mistakenly still show the "Download Image" button if all the field plots have not fully loaded yet on the page. (Ticket #6534)

Version 7.2.2 - (released 2/23/2017)

BUG FIXES & OTHER CHANGES:

  • Minor security fixes: Cross-site scripting vulnerabilities and SQL injection vulnerabilities were found on several different pages, in which the vulnerabilities could possibly be exploited by a malicious user.
  • Bug fix: Many improvements regarding the rendering of tables for reports, Record Status Dashboard, and Record Home Page due to floating headers/columns not lining up correctly.
  • Bug fix: A few PHP files contained \r (CR) characters without \n (LF) characters immediately following them, which caused issues when uploading the REDCap source code to certain web servers.
  • Bug fix: When using Send-It to send a file from a data export, a File Repository file, or from a File Upload field, it would result in an error when the user would click the "Send It!" button. (Ticket #12747)
  • Bug fix: When clicking the "Lock all instruments across all events" option on the Record Home Page, it would mistakenly only lock instruments for events that contain data. This mistakenly changed in a previous version and is now set back to the way it was originally where it would lock all forms across all designated events regardless of whether there is data in the form or in the event.
  • Bug fix: If running PHP 7.1 or higher on the REDCap web server, any API import method with content in XML format would fail. (Ticket #15764)
  • Bug fix: When doing a CSV Raw data export while exporting the survey fields, the header text for "Survey Timestamp" would mistakenly be blank. (Ticket #14316)
  • Bug fix: If running PHP 7.1 or higher on the REDCap web server, any Data Quality rule would fail when executed. (Ticket #15582)
  • Bug fix: The font resize option at the top of surveys mistakenly does not increase/decrease all text uniformly on the page. (Ticket #15749)
  • Bug fix: If running PHP 7.1 or higher on the REDCap web server, the biomedical ontology auto-suggest feature for Text fields would always return nothing from the search.
  • Bug fix: When creating or editing a report and adding a new field in Step 2, if the user hits the Enter key while in the text field when the text field is empty, it would mistakenly display the "List of users with access" popup.

Version 7.2.1 - (released 2/16/2017)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: If a user's Data Export permissions are "De-Identified" or "Remove all tagged Identifier fields" when they are using the Export Records API method, in which they specify a list of fields (or forms) by variable name (or form name) in their API request, then if every one of those specified fields are also fields that would normally get removed due to their export privileges, then it would mistakenly return data for all the fields in the project. (Ticket #15003)
  • Medium security fix: A malicious user or survey respondent could uploaded a specially designed file for a File Upload field on a survey or data entry form, and then exploit it by getting a REDCap Administrator to then navigate to a specially crafted link, which might allow them to escalate certain Administrator privileges and take advantage of them, even capturing their login information.
  • Minor security fixes: Several cross-site scripting vulnerabilities were found on various pages, such as the User Rights and Project Setup pages, in which the vulnerability could possibly be exploited by a malicious user.
  • Improvement: If an individual project has been set as "offline" on the "Edit a Project's Settings" page in the Control Center, it will note this in red letters on the My Projects page or Browse Projects page for the project.
  • Bug fix: The record status dashboard and report tables would not always have their rows aligned correctly, and some table columns might be missing a border. (Ticket #15055)
  • Bug fix: If viewing a report and viewing the "ALL" option for paging in order to view all pages of the report, then if the user clicked the table header to sort the table, it would mistakenly display the page-sorting note that should only be displayed when viewing a single page of the report.
  • Bug fix: Enhanced radio buttons on surveys were not vertically aligned correctly but mistakenly had extra padding above them. (Ticket #14996)
  • Bug fix: For certain MySQL installations, it would always keep displaying the "Your REDCap database structure is incorrect" error message in the Control Center, even though there was not an issue. Bug emerged in REDCap 7.2.0. (Ticket #15069)
  • Bug fix: When viewing a data entry form of a repeating instrument that is also enabled as a survey, the survey options drop-down at the top of the form will mistakenly be disabled if the instance number is greater than "1" and the form has not the form saved yet. (Ticket #14629)
  • Bug fix: When viewing a data entry form of a repeating instrument that is also enabled as a survey, and the user chooses to compose a survey invitation using the survey options drop-down at the top of the form, it would mistakenly always send the survey link pointing to the first instance of the survey rather than to the correct instance number. (Ticket #14629)
  • Bug fix: When a repeating instrument is also enabled as a survey with the repeat survey button option set to be "Before the submit button in the survey", if any required fields on the survey were left blank and the repeat survey button was clicked, it would mistakenly not prompt the respondent to enter the required fields that were left blank and would mark the survey as completed. (Ticket #14092)
  • Bug fix: When using the Twilio telephony services for surveys, in certain cases it would not always erase the logs on the Twilio website of SMS messages sent via REDCap. It now does a much more comprehensive job of deleting SMS messages than before. (Ticket #11167, #13676)
  • Bug fix: The "E-Signature and Locking Management" page would mistakenly display instruments that have locking capabilities disabled as set on the "Record Locking Customization" page. (Ticket #15020)
  • Bug fix: The drop-down Topic list on the "Help & FAQ" page was not scrollable, which made it impossible to view the bottom items of the list if your browser window was not very tall.
  • Bug fix: When executing a user-defined Data Quality rule in a longitudinal project, it might mistakenly return duplicate results for any discrepancy found.
  • Bug fix: When using the REDCap Mobile App, it was mistakenly not logging the REDCap user in the mobile app specific logs on the different tabs in the REDCap Mobile App page in a project. Bug emerged in REDCap 7.1.0.
  • Bug fix: If a user has been given "De-Identified" data export privileges in a project that contains surveys, then when exporting data from the "Data Exports, Reports, and Stats" page, it should automatically pre-select the checkbox to force date-shifting the survey completion timestamp fields because survey timestamps can be considered identifiers (PHI) in many cases. (Ticket #15145)
  • Bug fix: When the Dynamic Data Pull (DDP) module is enabled in a project, it might mistakenly display duplicate values for a field inside the DDP adjudication popup. This usually occurs when a single source field is mapped to many different REDCap fields in the project. Additionally, if a user chooses not to select any fields in the adjudication popup but wants to mark them all as having been adjudicated, then it would never cause the number of items left to be reduced after clicking the Save button, thus always showing that X items are left to adjudicate.
  • Bug fix: If users use "!=" instead of "<>" in a calculated field's equation, it would not always evaluate the calculation correctly when viewing the form or survey where the calc field is located. (Ticket #15339)
  • Bug fix: Horizontally-aligned slider fields would mistakenly display as vertical on mobile devices only. (Ticket #15390)
  • Bug fix: HTML tags places inside the rule name of a Data Quality rule would get escaped and be viewable as-is rather than interpreted as HTML.
  • Bug fix: If a Custom Record Status Dashboard is sorted in descending order by the record ID field, then even though record auto-numbering is enabled in the project, it would mistakenly sort the record names as text rather than sorting them using a numerical sort. (Ticket #15303)
  • Bug fix: If running specific versions of PHP on the REDCap web server, the Field Comment Log popup would crash and never display the popup. (Ticket #15333)
  • Bug fix: Some text was missing when describing the Duo two-factor authentication option in the Control Center.
  • Bug fix: When attaching a YouTube video to a Descriptive field on a survey or data entry form, at the end of the video it would mistakenly display other recommended videos (added automatically at the end by YouTube). It has now been set to never do that.
  • Change: A count of the number of users is now displayed at the top of the user list table on the Project Home page.

Version 7.2.0 - (released 2/9/2017)

NEW FEATURES & IMPROVEMENTS:

  • New feature: Custom Record Status Dashboards
    • Users can build and save custom versions of the Record Status Dashboard to customize the dashboard to their liking.
    • Custom dashboards have many configuration options. Users can give each dashboard a title and a description/instructions, and can choose the instruments to include or exclude in the dashboard's display. Similar to building reports in REDCap, Custom Record Status Dashboards allow users to sort the records in the dashboard by another field's value, and one can set filter logic to filter the records displayed in the dashboard to a specific subset of the total records (e.g. [age] > 30 and [diabetes] = "1"). There are aesthetic controls as well, such as being able to display the dashboard headers vertically, which will transpose them 90 degrees for a more compact display on the page.
    • Only users with Project Setup/Design privileges may create custom dashboards. Once a custom dashboard has been created, it will be viewable and usable by all users in the project. Users may create as many custom dashboards as they like in a project. To create a custom dashboard, navigate to the Record Status Dashboard in a project, and click the blue "Create custom dashboard" button to get started.
  • New feature: Text searching and ordering on reports – Users now have a search box displayed at the top of every report where they can type text to search the report, in which it will only show the rows in the currently viewed report that match the search string that is typed. Additionally, any column in a report can have its column header clicked to sort the table according to the values in that column (in ascending or descending order).

BUG FIXES & OTHER CHANGES:

  • Medium security fixes: Several cross-site scripting vulnerabilities were found on various pages, in which they could possibly be exploited by a malicious user.
  • Change: The DataTables plugin for jQuery is now included in REDCap by default, so any plugins that display REDCap’s page header/footer will automatically have the DataTables JavaScript and CSS loaded in the plugin.
  • Improvement: For longitudinal projects containing multiple arms, the Record Status Dashboard now displays each arm separately in a tabbed interface rather than trying to fit all arms in a single table, which typically is not the best way to view multiple arms of records.
  • Improvement: Checkbox fields on reports are now displayed better with their field label spanning all the choices as a row above all the choices and displaying just the choice text and variable in the individual choice column headers on the second row of the header. This groups the checkbox options together much better and is much more intuitive to read and interpret.
  • Improvement: The Group ID number for each Data Access Group (DAG) is now displayed in the DAG table on the Data Access Groups page in a project. The Group ID number is the number that is automatically generated by REDCap and is automatically prepended with a dash/hyphen to the record name when a user assigned to a DAG is creating a new record. The Group ID number is now displayed in the table on the page so that users are aware of what each DAG's Group ID number is.
  • Minor security fix: A cross-site scripting vulnerability was found on the Project Setup page, which could possibly be exploited by a malicious user.
  • Minor security fix: An SQL injection vulnerability was found on the Control Center's Browse Users page, which could possibly be exploited by a malicious user that has compromised an administrator's account.
  • Change: Question numbers displayed on surveys are now displayed as right-aligned, whereas in previous versions they were left-aligned. This is to reduce the gap between the question number and the question text for a more readable and intuitive display.
  • Bug fix: When making a call to the Import Metadata API method, it would mistakenly always return "18" as the response rather than returning the number of fields that were actually imported.
  • Bug fix: When creating a Project Bookmark in a project and using the Link Type="REDCap Project", the project list would mistakenly include deleted projects. (Ticket #13855)
  • Bug fix: When choosing the "Lock all instruments" option from the record action drop-down on the Record Home Page of a given record, in longitudinal projects it would mistakenly lock instruments on events that do not contain data. Bug emerged in REDCap 7.0.0.
  • Bug fix: After choosing the "Lock all instruments" option from the record action drop-down on the Record Home Page of a given record, it would mistakenly not display the lock icon on that page for instruments with a gray status icon (it should always display the lock icon for all instruments on all events containing data). Bug emerged in REDCap 7.0.0.
  • Bug fix: If the Double Data Entry module is enabled in a project, and a user clicks one of the "Compare" buttons at the top of the Data Comparison Tool page immediately after merging a record, it will mistakenly save some values in the back-end database table, thus mistakenly creating an additional new record that has no relation to the other existing records. (Ticket #13394)
  • Bug fix: If a user leaves a required field blank on a repeating instrument or repeating event, it will reload the data entry form to display the error message, but will mistakenly load the first instance of the form/event rather than the correct instance being saved. (Ticket #14099)
  • Bug fix: The input fields inside the "Enable reminders" box in the Compose Invitations dialog on the Participant List page were too small to read.
  • Bug fix: IF running PHP 7.X on the web server, then the API Playgound page might crash on specific occasions with a fatal PHP error when attempting to view the code produced at the bottom of the page for various programming languages.
  • Bug fix: If scheduling a survey invitation via the Compose Survey Invitations popup on the Participant List page and setting a reminder to "send at exact date/time", then the reminder would mistakenly send immediately rather than at the time defined. (Ticket #14314)
  • Bug fix: When deleting a record on the Record Home page when the record name contains a space, the message displayed after successfully deleting the record would mistakenly have a "%20" in place of the space in the record name displayed.
  • Bug fix: When using the Dynamic Data Pull (DDP) module and mapping fields with composite mapping (i.e., many-to-many mapping), it might mistakenly not save those mappings correctly, which might prevent data from being pulled into them correctly from the source system and would also cause issues displaying the mapping page correctly afterward.
  • Bug fix: The record count on the System Statistics page in the Control Center might mistakenly be slightly higher than the actual count.
  • Bug fix: When using Send-It to send a file from a File Upload field, from a data export, or from the File Repository, it would mistakenly display the "Select a file" option to upload a new file when it should instead display the filename of the file.
  • Bug fix: When a calculated field is located on a repeating instrument, it may mistakenly not show up in Data Quality rule H as a discrepancy when there is a discrepancy between the saved value and the true calculated value.
  • Bug fix: When the record ID field is located on a repeating instrument, it may mistakenly cause discrepancies to show up as duplicates in Data Quality rule H.
  • Bug fix: When executing Data Quality rule F, it would mistakenly return discrepancies for checkbox fields that were hidden by branching logic but had all their choices unselected. (Ticket #13555)
  • Bug fix: When calling the API Delete Records method, it was mistakenly checking the wrong user permissions. It should have been checking to require that the user has API Import/Update permissions and Record Delete permissions. (Ticket #14328)
  • Bug fix: When a project is in production but not in draft mode, it would mistakenly display the "Download Data Dictionary with drafted changes" link on the Project Setup page. It should only display that link when the project is in draft mode. (Ticket #14851)
  • Bug fix: When viewing a data entry form or survey page using a recent version of Android, depending on the device, the backspace button may get inadvertently disabled on the device's keypad for integer-validated text fields only, thus preventing users from removing an integer that was entered into a field. The fix for this has a downside, which is that integer-validated text fields will now no longer display just the device's keypad on Android devices but will instead display the full alphabetic keyboard.
  • Bug fix: The REDCap Language File Creator/Updater would create corrupted language files to be used for translation due to presence of the HTML character code " in certain string of language text in the English.ini file. (Ticket #14843)
  • Bug fix: When using the To-Do List in the Control Center and clicking the info button on the right for a given item in the list, some of the text revealed in the box would not be completely viewable. (Ticket #14368)
  • Bug fix: When copying a data collection instrument via the Online Designer's "choose action" button, if a field on the instrument has a new resulting variable name that is longer than 100 characters, then it would result in an error and prevent the user from copying the instrument. (Ticket #14770)
  • Bug fix: When users are not allowed to copy projects on their own but must request administrators to do so for them, if an administrator processes a "copy project" request via the link sent in the email (rather than directly via the To-Do List in the Control Center), then the request item will mistakenly not get marked as "completed" on the To-Do List page. (Ticket #14891)
  • Bug fix: If a user is typing branching logic or a calculation into a text field where it provides the variable auto-suggest feature and logic validation in real time, then in some cases if the user does this a lot in a short amount of time, it might mistakenly ban the user's IP address and lock them temporarily out of REDCap. (Ticket #14405)
  • Bug fix: If scheduling a survey invitation via the Compose Survey Invitation popup on a data entry form and setting a reminder to "send at exact date/time", then the reminder would mistakenly send immediately rather than at the time defined.
  • Bug fix: When uploading an attachment file onto a Descriptive field in the Online Designer, if the file's filename link is clicked to re-download the file inside the Edit Field popup, it would mistakenly display an error.
  • Bug fix: After creating a custom link for a public survey link, it would mistakenly not provide a way for users to remove the custom link (i.e., the red X was not being displayed) on the Public Survey Link page.
  • Bug fix: When importing data in EAV format using the Import Records API method for classic (non-longitudinal) projects only, it might mistakenly not update the value of fields that already have data and instead simply add the new value to the back-end database, leaving the field with more than one value stored.
  • Bug fix: If a multi-page survey has some pages that might get completely skipped because all fields on the page have branching logic, then if the survey instrument is also enabled to be a Repeating Instrument in the project, then it would mistakenly fail to skip the page when branching logic dictates that it should be skipped. (Ticket #13764)

Version 7.1.2 - (released 1/20/2017)

BUG FIXES & OTHER CHANGES:

  • New module: Find Calculation Errors in Projects - This new page in the Control Center allows administrators to determine if any projects in the entire REDCap system contain calculation errors. It is possible in certain cases that the data saved for calculated fields in projects might not be accurate. This might be due to a user modifying a calc field's equation after data collection has begun, or perhaps due to software bugs that may have occurred in REDCap in the past that affected calculations. This new module will not fix any incorrect calculations in projects, but it will identify projects with issues so that the administrator or a user in the project can go to the Data Quality module in the project and run Rule H, which will help fix any calculation errors.
  • Bug fix: When using the Save & Return Later feature on a survey that is enabled as a Repeating Survey (via Repeating Instrument feature), it would mistakenly ask for the Return Code (or ask for the respondent to log in if Survey Login is enabled) on the repeated instances of the survey after the first one has been entered. (Ticket #13240)
  • Bug fix: When a user's password has been reset and they are emailed a link to reset their password, on certain random occasions when the click the link in their email, it will fail to begin the password reset process and will also mistakenly display an "Access Denied" message stating that the user is now locked out of REDCap temporarily for X minutes. (Ticket #7457, #11260, #1710, #13109)
  • Bug fix: If a user on a data entry form leaves spaces before or after a value entered in a text field, the prompt that asks them if they want the spaces trimmed mistakenly gets displayed in the wrong vertical position on the webpage in certain cases. (Ticket #13486)
  • Bug fix: If a project has repeating instruments that are enabled as surveys, and a user clicks the "Delete data for THIS FORM only" button at the bottom of a data entry form, then it would mistakenly not remove that instance of the instrument from the Participant List.
  • Bug fix: If a project has repeating instruments that are enabled as surveys, and a Custom Label has been set for the repeating instrument, then it would mistakenly not display the custom label for Instance #1 in the Participant List.
  • Bug fix: If a project has repeating instruments that are enabled as surveys, and a Custom Label has been set for the repeating instrument, then it would mistakenly not display the custom label for Instance #1 in a record's Survey Queue.
  • Bug fix: If a project has repeating instruments that are enabled as surveys, then on certain occasions in longitudinal projects, it might mistakenly only display the first instance of the survey in a record's Survey Queue.
  • Bug fix: Data Quality rule F would mistakenly return discrepancies for visible fields with branching logic and have data saved for them rather than only fields that are currently hidden. (Ticket #13555)
  • Bug fix: If a field is given the variable name "length", then the "Reset" link will not work for the field if it is a radio or slider field. Also, a slider field with that variable name will not get enabled when initially clicked by the user. (Ticket #13595)
  • Bug fix: If using a custom message to display to users when creating/copying a project, then if a user goes to copy a project, it will mistakenly bypass the custom message prompt and copy the project regardless. (Ticket #13674)
  • Bug fix: If the randomization module is enabled on a longitudinal project with multiple arms, in which a record exists on multiple arms (one of which is the arm that contains the randomization field), then if the record is deleted from the non-randomization arm, then its randomization allocation would mistakenly get removed from the randomization arm. This means that the record's allocation would get removed mistakenly as if it were never randomized and thus allow another record to mistakenly take its allocation later. (Ticket #13278)
  • Change: When viewing a report that displays data from a repeating instrument or event, it will now gray out the cell of the redcap_repeat_instrument and redcap_repeat_instance columns for the base instance row of a record (i.e., where the redcap_repeat_instance field has a blank value), thus denoting that that field is not relevant for that row of data (since the row is displaying non-repeating data only).

Version 7.1.1 - (released 1/13/2017)

BUG FIXES & OTHER CHANGES:

  • Improvement: When opening the Field Comment Log, it now places the user's cursor inside the text box automatically as a convenience to the user.
  • Improvement: When a user is on a data entry form or survey and hovers over the choice label of a radio button field, the cursor changes to the "hand" cursor to indicate that they can click on the label to select the choice rather than thinking they have to click the radio element itself.
  • Minor security fix: A cross-site scripting vulnerability was found on the Data Import Tool page, which could possibly be exploited by a malicious user. (Ticket #13193)
  • Change: Action Tags are now listed alphabetically by name in the "What are Action Tags?" popup on the Online Designer.
  • Change: For plugin/hook developers, the background color of the Bootstrap CSS class "btn-default" was being overridden (on purpose) in all versions of REDCap 7.X, and this caused some issues for plugins/hooks that utilized that button class because it was the same color as when the button is active. This change has been reverted so as not to conflict with the Bootstrap btn-default class, and now REDCap uses a CSS class named "btn-defaultrc" instead for general default-style buttons.
  • Bug fix: When viewing the Stats & Charts page in a project, clicking the "Show Stats Only" button would cause the "Download image" button to sometimes obscure the stats table for the field. (Ticket #6534)
  • Bug fix: The wrong text is displayed at the top of the My Projects page right before the User Access Dashboard link. Bug emerged in version 7.1.0.
  • Bug fix: When exporting a PDF of data when the "Character encoding for exported files" has been set to "Chinese (UTF-8)", then it will result in a fatal PHP error if the REDCap web server is running PHP 5.4.0 or higher. (Ticket #13334)
  • Bug fix: If text containing HTML comments (e.g., <!--...-->) is added to a field label, survey instructions, or other text that appears on surveys and data entry forms, it might mistakenly prevent the full rendering of the page and might make it impossible to enter and save data successfully. (Ticket #13214) Bug fix: If text containing HTML comments (e.g., <!--...-->) is added to a field label, survey instructions, or other text that appears on surveys and data entry forms, it might mistakenly prevent the full rendering of the page and might make it impossible to enter and save data successfully. (Ticket #13214) Bug fix: If text containing HTML comments (e.g., <!--...-->) is added to a field label, survey instructions, or other text that appears on surveys and data entry forms, it might mistakenly prevent the full rendering of the page and might make it impossible to enter and save data successfully. (Ticket #13214) Bug fix: If text containing HTML comments (e.g., <!--...-->) is added to a field label, survey instructions, or other text that appears on surveys and data entry forms, it might mistakenly prevent the full rendering of the page and might make it impossible to enter and save data successfully. (Ticket #13214)
  • Bug fix: When a survey Stop Action has been enabled for a drop-down field that has the auto-complete option enabled, then if the Stop Action is triggered after selecting a choice, the value of that field would mistakenly not get saved. It would still save all other field data on the survey, but it would not save the value of the field triggering the Stop Action. This would not affect all drop-down fields but only those with the auto-complete option enabled.
  • Bug fix: When merging two records in a Double Data Entry project, slider fields would mistakenly not have a way to enter a new value in the third column of the merging table, thus making it impossible to set a value other than those from the two records being merged. For sliders on that page, it now displays an integer-validated text field with 0-100 range limit as a slider substitute since creating an actual slider on the page is a bit complex due to certain technical dependencies. (Ticket #13196)

Version 7.1.0 - (released 1/6/2017)

BUG FIXES & OTHER CHANGES:

  • New feature: Better device management for the REDCap Mobile App – The Mobile App page in a project now contains better methods for keeping track of the activity of the mobile app used on many devices at a time for a single project.
    • Each device that has initialized the project in the mobile app will be displayed in a device list on the page. It will initially display the device’s UUID, but each can be given their own nickname (e.g., Kenya tablet, Rob’s iPhone). The nickname will be displayed on the Mobile App page’s activity tables, dashboard, and file download tables so that users may track which device is doing what.
    • Each device can be blocked, if needed, without having to revoke the API token for many (or all) of your devices. Blocking behaves similar to revoking a user’s API token except it allows you to do it on a per-device basis. You might want to block a device if it were stolen, for instance. This helps protect your data from being corrupted or from falling into the wrong hands.
    • The mobile app log files can now be viewed on the Mobile App page without having to download them to view them.
  • Medium security fix: Cross-site scripting and SQL Injection vulnerabilities were found on several pages, which could possibly be exploited by a malicious user.
  • Major bug fix: Calculation errors may (in specific situations) occur on surveys or data entry forms if a calculation uses a number-validated or integer-validated field in its equation, in which the result might mistakenly get calculated as "0" instead of leaving the calc field as blank. This might also cause the "Erase value" prompt to appear on data entry forms as well.
  • Major bug fix: In specific situations, Data Quality rule H and auto-calculations may differ from the calculation performed on surveys or data entry forms if a calculation uses any of the advanced functions where many values can be used as parameters (e.g., min, max, mean, sum, stdev). The discrepancy occurs in Rule H and auto-calculations when all the values referenced inside the function have a blank/null value. (Ticket #12771)
  • Bug fix: If the equation of a calc field contains a tab character, it will display an error on the survey or data entry form where the calc field is located.
  • Change: The OpenSSL extension for PHP is now required for REDCap 7.1.0 and later versions. Previous versions of REDCap used the Mcrypt extension, which is currently deprecated in PHP 7.1 and will be removed in PHP 7.2. Mcrypt is currently used in REDCap for minor encryption routines and also for encrypting and storing DDP data values (from the DDP source system), so OpenSSL will be used to replace Mcrypt for typical encryption functionality in REDCap.
  • Bug fix: The cached count of records in a project (displayed on the My Projects page) would mistakenly not get reset when clicking the Erase All Data button on the Other Functionality page or when deleting all records while moving the project to production status.
  • Bug fix: When copying a project containing surveys using the "Copy the project" button on the Other Functionality page, it would mistakenly not copy over the Enhanced Choices option (if enabled) or the Repeating Survey options (if the Repeating Instruments functionality is enabled) from the Survey Settings page for each survey.
  • Bug fix: For projects with Repeating Instruments enabled that are also enabled as surveys with the Repeating Survey option enabled, if the Survey Queue is also enabled, then there is the possibility that only the first instance of a repeating survey will display in the Survey Queue instead of all the saved instances.
  • Bug fix: When creating a new project whose purpose is set to "Research", the text box for entering the project PI's middle initial is not wide enough. (Ticket #12786)
  • Bug fix: If the Data Resolution Workflow is enabled in a project and a user is viewing the dialog/popup of data query actions and logged data, on certain occasions it might mistakenly not display all the items in correct chronological order. (Ticket #12825)
  • Change: The text describing the Project Notes field when creating a new project was modified slightly to inform the user that the notes are displayed on the My Projects page, which was not explained in prior versions. (Ticket #12843)
  • Bug fix: When upgrading REDCap, if the version directory has been placed on the REDCap web server and the administrator is on the REDCap Upgrade page, the link on that page to the Language File Creator/Updater page would mistakenly redirect them to the REDCap Home page instead of the correct page.
  • Bug fix: When opening a To-Do List request in the popup dialog on the To-Do List page in the Control Center, the top of the popup would be mistakenly hidden underneath the top navigation bar, thus making it impossible to close the popup.
  • Bug fix: When editing a report and changing the field/variable used for a filter in Step 3, in which the filter field being modified is not the last filter in the report, then it would display a new filter field at the bottom with an incorrect filter number value (e.g., displays "Filter 3" for the last filter when it should say "Filter 8" instead). (Ticket #12766)
  • Bug fix: In the API documentation for the API method "Export Project XML", the paragraph of text for the "exportFiles" parameter was displaying the wrong text. (Ticket #12974)
  • Bug fix: When attempting to send a signature file or uploaded file via Send-It from a data entry form, it would display an erroneous error message when the file is sent, thus preventing it from being sent. (Ticket #12747)