REDCap Change Log

Version 9.5.0 - (released 12/05/2019)

BUG FIXES & OTHER CHANGES:

  • New Action Tag: @HIDDEN-PDF - Hides the field only in the downloaded PDF of one or more instruments (including blank PDFs, PDFs with data, and compact PDFs with data). Note: Other @HIDDEN action tags will not hide fields inside PDF exports, so @HIDDEN-PDF must be used specifically to hide fields in PDFs.
  • New hook functions
    • redcap_pdf - Allows for the interception of a PDF being generated or the manipulation of the $metadata or $data arrays that will be used to generate the PDF.
    • redcap_email - Allows REDCap's normal email-sending process to be intercepted or have the email parameters manipulated prior to sending. The parameters passed into this hook function are the exact same ones utilized by the REDCap::email() method.
  • Improvement: More rich text editors - The rich text editor is now available when composing survey invitations. This includes composing Automated Survey Invitations or invitations to be sent via the Participant List or via the Survey Options on data entry forms.Improvement: The rich text editor is now available on the Email Users page in the Control Center and also for the Survey Confirmation Email option on the Survey Settings page.
  • Improvement: The Configuration Check page now checks if any hook functions are missing from the Hook Functions file used by the REDCap installation. If any are missing, instructions are provided in order to add them.
  • Medium security fix: If a very tech-savvy user knows how the data dictionary upload process works, then they could manipulate certain POST parameters in a request to REDCap and thus be able to bypass the protection that prevents regular users from adding or modifying a Dynamic SQL Field on an instrument. If they are successful, they could potentially add a Dynamic SQL Field with whatever SQL query they wish and thus possibly extract sensitive information from the REDCap database (from any project or database table), albeit in a very limited format (i.e., in the form of drop-down field choices). (Ticket #20988)
  • Major bug fix: When exporting a Project XML file for a project containing a survey that utilizes the Survey Confirmation Email setting, in which a file attachment exists for the confirmation email, it would mistakenly export the doc_id value as-is in the XML file and thus create a new project having that same doc_id value for the confirmation email's attachment. This would cause the new project's attachment to point to the other project's file (rather than to a newly created file), and so if the attachment got deleted in the new project, it would mistakenly also remove the file in the original project and vice versa (assuming these projects exist on the same REDCap server). And if the Project XML file originated from a different REDCap server, then there is a chance that the file attachment in the new project might mistakenly point to any file stored in the entire REDCap system, including a file that might contain sensitive information (PHI). This could potentially expose sensitive information to a survey participant who is not authorized to access it.
  • Change/improvement: The HTML tags THEAD and TFOOT are now officially allowed for use in HTML-based user-provided input, such as field labels, survey instructions, etc. (Ticket #74574)
  • Improvement: Major performance improvement with regard to web server RAM usage when using the method REDCap::evaluateLogic() a lot in a module, hook, or plugin. In some cases where it was being called hundreds of times in a single request, it might cause PHP to run out of memory.
  • Change: If the "File Upload field enhancement: Password verification & automatic external file storage" setting has been enabled in a project, then when a user attempts to delete a file for a File Upload field (including the deletion of older revisions for that field), it is now required for users to provide a reason (in the text box in the "Delete file?" popup) in order delete the file. In previous versions, providing a reason was only optional.
  • Bug fix: If alerts from the Email Alerts external module are being converted into Alerts & Notifications, during the conversion process it will now additionally disable each original Email Alert individually to prevent a possible issue of the old Email Alerts somehow running via a cron job even though the Email Alerts module will have been disabled for the project after the conversion has been completed.
  • Bug fix: When the REDCap Shared Library is disabled at the system level, it would still mistakenly be available to use within projects. (Ticket #74474)
  • Change: All English language on the Alerts & Notifications page was translated.
  • Bug fix: If a user has Survey Distribution Tools rights but does not have Project Setup/Design rights, then if no surveys have been enabled in the project yet and the user clicks the Survey Distribution Tools link on the left-hand menu, they are presented with an "Access Denied" message, which is confusing because it pertains to the Online Designer and not to the Survey Distribution Tools page. This has been changed to give a more accurate and helpful error message. (Ticket #73168)
  • Bug fix: When using Shibboleth authentication, it was mistakenly not recording the time of the user's login in the redcap_log_view table in the database. (Ticket #72847)
  • Bug fix: If a user attempts to use the @CHARLIMIT or @WORDLIMIT action tags on the record ID field, it would display the words/characters remaining immediately below the record ID field on the first instrument, but it would not actually work there. It was never intended for these action tags for work for the record ID field, so this behavior could be confusing. It has been modified so that these action tags will simply be ignored and not used for the record ID field. (Ticket #74690)
  • Bug fix: If a closing square bracket ] exists in a choice label of a multiple choice field, then if that field is referenced in the branching logic of a field on a survey/form, it might cause the branching logic to not work correctly. (Ticket #74878)
  • Bug fix: If a multiple choice field was changed to a descriptive field, it would mistakenly maintain the old field choices in the metadata for that field. Those choices would never get utilized on a form or survey at all but could be seen on the Codebook page. (Ticket #74685)
  • Bug fix: In some instances where users must request from administrators that their project be moved to production, clicking the "Cancel request" button to cancel the "move to production" request might mistakenly display the wrong message to the user, thus causing some confusion. (Ticket #74420)
  • Bug fix: If any non-Latin/multi-byte characters exist in a record name in a project, then when REDCap builds the record list (an internal, invisible process) to display all the record names on the Record Status Dashboard, reports, Add/Edit Records page, etc., it might mistakenly garble the record names, thus causing them not to display correctly anymore. (Ticket #58989)
  • Bug fix: If a user attempts to import data for a repeating instrument or repeating event in which the redcap_repeat_instance field has a value greater than "9999" or less than "1", it would silently accept the value without displaying an error and would mistakenly not save the data correctly. (Ticket #74376)

Version 9.4.2 - (released 11/22/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: Line breaks may be preserved in data values in CSV data exports - When creating/editing a report, the section "Additional report options" contains a new setting: "Remove line breaks/carriage returns in all text data values (only applicable for CSV Raw and CSV Label data exports)". This setting will be enabled by default for all existing reports and for any new reports being created. The option will effectively enabled (i.e., will remove line breaks) when exporting Reports A and B in order to be consistent with their current behavior in previous versions. This option is only used for CSV data exports and not for reports or exports to statistical analysis packages. (Ticket #32418)
  • Improvement: Added “Copy” and “Paste” options to the [right-click] context menu for all rich text editors.
  • Bug fix: The server-side processing of logic and branching logic might mistakenly fail with an error if the logic contains a checkbox variable name in which a checkbox choice containing a dash ("-") is referenced (e.g., [my_checkbox(193-1)] = "1").
  • Fixes and updates for the External Module Framework
  • Bug fix: A JavaScript error was being thrown on the Survey Settings page. (Ticket #74014)
  • Bug fix: A JavaScript error was being thrown on the Online Designer's "Edit Field" dialog when attempting to set a checkbox field choice's coded value to the value "length". This would mistakenly prevent the user from saving their changes to the field. (Ticket #74024)
  • Improvement: When creating a Clinical Data Mart project, there are two new fields that exist on the Medications instrument: RxNorm display and RxNorm code. These fields will capture the RxNorm values (if available) for each medication that is imported into the project from the EHR.
  • Bug fix: Alerts would mistakenly still send recurring notifications after a project had been deleted. This would occur for up to 30 days after the project deletion, after which the project would get truly removed from the back-end database tables.
  • Bug fix: When adding the left/middle/right Slider labels via the Online Designer, it would mistakenly not save the labels correctly in certain circumstances, thus causing the middle label to become the right label if a left label is not defined, for example. (Ticket #74198)
  • Bug fix: When enabling an instrument as a survey in the Online Designer, if the user clicks on the "Set Up My Survey" tab at the top of the "Survey Settings" page, it will mistakenly cause the survey settings not to get saved properly when the user is enabling an instrument that is not the first instrument in the project. (Ticket #74085)

Version 9.4.1 - (released 11/15/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: A custom email “display name” can be set for the email sender when sending an email for Alerts & Notifications, the Survey Email Confirmation option on the Survey Settings page, and when sending survey invitations via Automated Survey Invitations, via the Participant List, or via the Compose Invitation option on a data entry form.
  • Improvement: The email “display name” for most outgoing emails is now automatically populated and thus is able to be displayed in the recipient’s email client. Previous versions did not use the display name but left it blank for outgoing emails. For user requests that are triggered by users, such as production change requests, API token requests, etc., the user’s first and last name from their My Profile page will be used automatically as the display name in those emails. For emails originating from REDCap administrators that are automated by the system, the email display name will the “Name of REDCap Administrator” setting (from the General Configuration page) or else the “Contact name to display on Home page” (from the Home Page Configuration page), which is dependent upon the type of email being sent.
  • Improvement: New system-level setting “Suppress usage of the Universal FROM Email address for specified email domains” on the General Configuration page - If the setting “Universal FROM Email address” is enabled for the system, then the Universal FROM Email address will be used for all outgoing emails. But if one or more domain names (e.g., vanderbilt.edu) are specified for “Suppress usage of the Universal FROM Email address for specified email domains”, then the Universal FROM Email address will NOT be used for any outgoing emails in which the FROM/sender's email address matches one of those domains. Instead the FROM/sender's email address will remain as-is.
  • Improvement: The module/plugin method REDCap::email now has new parameters that can be passed to it: BCC, FromName, and Attachments. The parameter BCC represents the email address of someone being BCC'd on the email (if using more than one email address, they must be separated by commas and/or semicolons). The parameter FromName represents the sender's email display name that will be displayed in the recipient's email client next to the sender's email address (e.g., "Rob Taylor"). And the parameter Attachments should be an array of one or more file attachments, in which the array keys will represent the file name as seen in the email client and the corresponding array values will represent the full file path of the attachment file on the REDCap server. A new example is provided on the "Developer methods for Plugins, Hooks, & External Modules" page to illustrate how to use these new parameters.
  • Minor security fix: An SQL Injection vulnerability was found on the File Repository page, in which a malicious user could potentially exploit it by manipulating the query string of certain HTTP requests utilized within that page.
  • Bug fix: When adding an attachment file for an Alert, it would mistakenly not attach the file to the outgoing notification if the file's size exceeded 3 MB. It now correctly allows the attachment file size no greater than the smallest of the following two values: 1) the maximum allowed file size of attachment files in the current REDCap installation (as defined in the Control Center), or 2) the typical maximum attachment size for most email clients, which is 10 MB. (Ticket #67970)
  • Bug fixes and changes for the REDCap External Module Framework
  • Bug fix: If using a File Upload field as an Alert's email attachment, the file would mistakenly fail to get attached to the outgoing email notification. Bug emerged in REDCap version 9.4.0 (Standard).
  • Bug fix: When performing a CSV data export of a report in a project that contains many records (e.g., tens of thousands), in which the report has some filters defined, it might mistakenly produce a CSV file that with no headers on the first line, but instead the first line of the CSV file would be blank.
  • Bug fix: When performing a JSON data export of a report in a project that contains many records (e.g., tens of thousands), in which the report has some filters defined, it might mistakenly produce invalid JSON that has two or more commas separating some records (instead of just a single comma).
  • Bug fix: When downloading the PDF of an instrument with data, if the PDF includes a repeating instrument/event, it might mistakenly only display the first repeating instance in the PDF or might not display any repeating instances at all. (Ticket #73478)
  • Bug fix: When using a Data Quality rule that has real-time execution enabled while the Data Resolution Workflow feature is enabled, if a discrepancy is found while submitting data on a data entry form, some wrong text would be displayed inside the popup dialog that displays the discrepancies. (Ticket #73449)
  • Bug fix: Seven "Vital Signs" fields and their associated LOINC codes were mistakenly missing from the field mapping page for Clinical Data Pull and Clinical Data Mart.
  • Bug fix: If an alert is set to "Send on next [X]" or "Send after lapse of time", it might mistakenly not send the very first notification if it is set to send multiple times as a recurring notification. However, it would still correctly send all recurring notifications after the first one (whether or not the first one sent). (Ticket #73663)
  • Bug fix: The Clinical Data Pull (CDP) informational popup on the Project Setup page was mistakenly missing some important information about the need for users to initially launch the embedded REDCap window inside their EHR before they may begin utilizing CDP.
  • Bug fix: When exporting a PDF of one or more instruments, it would sometimes not be able to output correctly the number representing the total pages in the PDF (e.g., the "9" when displaying "Page 1 of 9" at the top right). It would sometimes mistakenly display a strange rectangle character instead. Due to various technical limitations, this issue could not be corrected for all scenarios, so for the time being, the total page count (i.e. the text "of X" at the top right) has been completely removed from all PDFs. Thus it now only displays "Page 1", "Page 2", etc., at the top right rather than additionally displaying the total page count after the current page number. (Ticket #70886)
  • Bug fix: When entering data into a number-validated field on a survey while using a mobile device, it would mistakenly prevent the usage of the backspace key on the device's keyboard. Bug emerged in REDCap v9.4.0. (Ticket #73747)
  • Bug fix: When using Missing Data Codes in a project, and a checkbox field on a data entry form has a missing data code entered for it, in which that checkbox is set to be a "required" field, it would mistakenly display the "Some fields are required" prompt for that field. (Ticket #73700)
  • Bug fix: When using Missing Data Codes in a project, and a datetime field on a data entry form is used in the calculation of a calculated field on that same page, it would mistakenly append a space+"0" to the datetime field's value when selecting a missing data code for that field, thus causing the data not to save correctly for the datetime field after clicking a Save button to save the form. (Ticket #73698)
  • Bug fix: Data Quality rule F might return false positives or might not return some discrepancies for fields that exist on repeating instruments or repeating events in which those fields' branching logic contains Smart Variables. (Ticket #72025, #73543)
  • Bug fix: A JavaScript error occurs on a survey when deleting the file for a File Upload field, in which it might cause branching logic on the page not to be triggered after the file deletion if any fields on the page have branching logic that utilizes that File Upload field. Bug emerged in REDCap 9.4.0 Standard. (Ticket #73793)
  • Change: The icons for Project Bookmarks and Custom Application Links that are displayed on a project's left-hand menu have been updated as Font Awesome icons to match all the other icons on the menu.
  • Bug fix: If using WebDAV as the file storage method for uploaded files in REDCap, it would mistakenly return an error if any valid files that are 0 bytes in size were attempted to be uploaded and stored. (Ticket #73681)
  • Bug fix: If using the Universal FROM Email Address, it would mistakenly set the "Sender" (i.e., the "-f" sendmail parameter) as the real sender's address and not as the Universal FROM Email Address, which would cause emails not to send successfully for certain systems (e.g., AWS SES). Bug emerged in REDCap 9.4.0 Standard. (Ticket #73866)
  • Bug fix: If a survey title contains any HTML tags, those HTML tags would not transfer to the new project when creating a project from the Project XML file of the original project. (Ticket #73914)
  • Bug fix: When using Missing Data Codes in a project, if a File Upload field has a missing data code saved for it, it would mistakenly display a "Download" button for the field on reports and also would mistakenly output the text "[document]" in a CSV Raw or Labels export file. (Ticket #73907)
  • Bug fix: When using Missing Data Codes in a project, in which a user is exporting data containing missing data codes in CSV Labels format, it might mistakenly display the raw missing data code value for some field types instead of the label for the missing data code.
  • Change: The popup for displaying Project Notes on the My Projects page might not behave correctly under certain conditions. It is now displayed in a better format to avoid these issues. (Ticket #71813)

Version 9.4.0 - (released 11/07/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Missing Data Codes (i.e., “Data Missingness” functionality)
    • Fields that have a blank/missing value may be marked with a custom 'Missing Data Code' to note why the value is blank. These missing codes may be used to aid in data analysis by specifying why a field lacks a value. Users may enable custom missing data codes at the project-level in the Additional Customizations popup on the Project Setup page. The missing codes should be coded just like the choices of a multiple choice field with code + comma + label, in which the codes can only have letters, numbers, dots, dashes, and underscores (e.g., '-999, Not asked' or 'UNK, Unknown'). If no codes are entered, this feature will remain disabled. After missing data codes have been set up in a project, you will see an 'M' icon next to each field when viewing a data entry form. Click the icon to open your list of missing data codes, and select one. Once selected, it will save the missing code as the literal data value for the field. Missing data codes can be used for any field type (e.g., date, slider, file upload fields).
    • If utilizing missing data codes, the functionality will be enabled on all fields by default, and the code will be saved as the literal data value for the field.
    • New action tag @NOMISSING can disable the missing data option for a given field
    • Behavior with branching logic – If a field should be hidden by branching logic, REDCap will ask the user (except on surveys) if they wish to delete the value of the field being hidden. But if the field has a missing data code saved for it, it will still hide the field but will not remove the missing data code as the field’s value. This allows a field to still be “blank” and have a missing code while being hidden by branching logic.
    • New isblankormissingcode() function for branching logic, logic, and calculations - Returns a boolean (true or false) if the field value is blank/null/"" or if the value is a Missing Data Code, in which Missing Data Codes have been explicitly defined in the project on the Project Setup page under Additional Customizations. E.g. isblankormissingcode([age]), in which if "age" has a value of "UNK" (which might be a Missing Data Code in a project), then it will return TRUE. And if the field has any non-blank/non-null value that is also not a Missing Data Code, it will return FALSE.
    • Missing data codes can be imported via API, Data Import Tool, or REDCap::saveData (for plugins/hooks/modules)
    • All the missing data codes are displayed for reference at the top of the Codebook page
    • When creating/editing a report, a new option exists under the “Addition report options” section: “Display any Missing Data Codes in place of blank values (where applicable)”. This option will allow users (based on their preference) to show or not show the Missing Data Codes (if they have been saved for any field in any record) in the report or export.Note: In PDF exports of data collection instruments, any Missing Data Codes will be represented as blank values in the PDF.
    • Changes for Data Quality Rules
      • DQ rule A and B (for finding blank values) will continue to return only truly blank values and thus will not return fields with missing data codes saved as the value.
      • New rule - DQ “Rule I (Fields containing missing data codes)” has been added as a new rule for specifically finding fields with missing data codes saved as the value.
      • DQ rule F (Hidden fields that contain values) will ignore fields that have a missing data code saved as the value because it is allowable for such fields to be hidden by branching logic while still maintaining a missing data code as a value.
  • Improvement: If the Clinical Data Mart has been enabled for the system, the Control Center's System Statistics page now lists the following stats related to Data Mart under the "Modules Utilized" section: 1) Records with data values imported via Data Mart, and 2) Projects with data values imported via Data Mart.
  • Improvement/change: If a user is viewing a data entry form that has been enabled as a survey and then clicks "Compose survey invitation" in the survey options at the top right of the page, if they compose and send an invitation that is marked to be sent "Immediately", it will display a popup to inform the user that it is recommended that they leave the page very soon before the respondent has a chance to enter any data on the survey page. This is done because if the respondent begins entering data on the survey immediately after receiving the invitation, and then the user (while still viewing the data entry form) saves the form, the user could unwittingly erase the respondent's data values that were just entered.
  • Change: When enabling the Twilio telephony services in a project, REDCap no longer performs a check to ensure that Twilio's "Request Inspector" feature is disabled. Due to technical issues with not being able to automatically disable the Request Inspector via Twilio's API for some REDCap server configurations, REDCap no longer forces the Request Inspector to be disabled but instead provides text to inform users during the Twilio setup process that it is *highly* recommended that they disable the Request Inspector manually in their Twilio account (especially if collecting identifying information) and provides information on where/how to do such.
  • Change: REDCap now utilizes PHPMailer for all emails sent out.
  • Improvement/change: If the Universal “From” Email Address option is being utilized for the system, the sender’s email address now gets set as the Display Name in the email received. In previous versions, no Display Name is ever set for outgoing emails. So instead of the recipient only seeing that the sender is no-reply@vumc.org (assuming this to be the catch-all universal address, for example), it instead will appear to be from “joe.user@gmail.com <no-reply@vumc.org>. This is an improvement because it provides the recipient with more context with regard to who the sender is.
  • Bug fix: When editing a field in the Online Designer, if the field contains a backslash (\) in any field attribute, such as field label, note, annotation, etc., it would mistakenly replace it with two or three backslashes when displaying the field's attributes in the Edit Field popup dialog. (Ticket #73203)
  • Bug fix: When the API method "generateNextRecordName" is called, it would return a fatal PHP error and mistakenly not complete the API request. (Ticket #73143)
  • Bug fix: When exporting the Project XML file for a project that contains a "Dynamic Query (SQL)" field, there is a chance that the choices of the SQL drop-down field might contain identifying information (e.g. PHI) - depending on the query - and thus might output that identifying information in the metadata of the resulting Project XML file, which might bypass user privileges with regard to data exports. To prevent this possible issue, any SQL fields contained in Project XML files will have all their options removed from the XML file. (Ticket #73126)
  • Bug fix: A user whose REDCap account is suspended could mistakenly load the Clinical Data Pull (CDP) page when launched as an embedded page inside the EHR. However, the user would not be able to access any CDP projects and would not be able to add any EHR data to them.
  • Bug fix: If a data collection instrument was previously set as a repeating instrument or was part of a repeating event, then if data was collected on multiple repeating instances of the instrument, and then the instrument was set to no longer be repeating, viewing that instrument afterward might mistakenly cause some data from the now-orphaned repeating instances to be displayed as data values for the fields on the instrument, thus possibly causing the data values for instance #1 to get overwritten if the instrument was then saved.
  • Bug fix: When a multiple choice field is opened for editing in the Edit Field popup on the Online Designer, it might mistakenly display a space at the beginning of each choice in the "Choices" text box (with the exception of the first choice). However, this would not affect how the choices would be displayed on a data entry form or survey.
  • Bug fix: When not currently using "Table-based" or "LDAP & Table-based" authentication in which a user had previously been created as a Tabled-based user, it would mistakenly display the "Reset Password" button option for the user when viewing their account on the Browse Users page in the Control Center. This button is not applicable and thus should not be displayed.
  • Bug fix: If the Universal "From" Email Address option is being utilized for the system, any alerts that have notifications sent out will mistakenly have the Universal "From" address (rather than the true sender that is defined in the alert) as the "from" address listed in the "View Notification" dialog in the Notification Log.
  • Bug fix: If a user is modifying a calc field's equation via the Online Designer, in which certain Smart Variables are used in the calculation, then when the user attempts to save the edited calc field, it would prevent them from doing so and would display an erroneous error message saying that the calculation is not syntactically valid. And if the user is an administrator, it would allow it to be saved but would mistakenly display the error message.

 

Version 9.3.8 - (released 11/01/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: When using the CDIS services Clinical Data Pull and Clinical Data Mart, users may now import medications with statuses other than “active”, such as “stopped”, “on-hold”, and “completed” medications. (Previous versions only imported “active” medications.) In CDP, these have been added as three new fields that can be mapped on the project mapping page. In Data Mart, medications with any of the four statuses now get imported into the Medications repeating instrument, and a new field named “Medication status” was added to the Medications instrument to store the status value for each medication.
  • Bug fix: If values of different data types/lengths are being used in the datediff() function, it might return incorrect or unexpected results. Instead, it will now consider both parameters as the same data type (as being both dates, both datetimes, or both datetimes w/ seconds) as determined from the length of the longest parameter value when datediff() is processing the calculation. For example, if the values "2019-10-02" and "2019-10-03 12:00:00" are being used in a datediff() with "h" units, it will thus consider the first value as equivalent to "2019-10-02 00:00:00" and thus return a value of "36".
  • Bug fix: When completing a Twilio-enabled survey as either an SMS survey or Voice Call survey, it would mistakenly not trigger any Alerts & Notifications. (Ticket #72159)
  • Bug fix: When creating a new Alert in a project that does not have an Alerts yet, the drop-down list for the "Send on next..." option in Step 2 in the Alert popup would mistakenly be empty with no options to choose. (Ticket #72816)
  • Bug fix: When using the Data Search feature in a project containing more than 20,000 records, in which the Record ID field is selected by default in the drop-down list when the page loads, it would still mistakenly search for the entered term across all fields in the project rather than just across the Record ID field if the user did not change the selected field in the field drop-down list.
  • Bug fix: When using the email domain whitelist while adding a new Table-based user that has an email address that is valid for the email domain whitelist but is not in the exact same case (e.g. "gmail.com" vs "Gmail.com"), then it would mistakenly set the user's email address to a blank value when creating their account, which would cause their password-reset email not to be sent to them. (Ticket #72822)
  • Bug fix: When downloading a file via Send-It, in which the filename contains a comma, some web browsers might throw an error, thus preventing the user from successfully downloading the file. (Ticket #72538)
  • Bug fix: When viewing an embedded audio file for a Descriptive field on a survey or data entry form, it would mistakenly cut off part of the audio controls when being viewed in Internet Explorer. (Ticket #71532)
  • Bug fix: When using the Publication Matching module in the Control Center, it might mistakenly get rate-limited by PubMed due to too many requests in a small amount of time, thus causing emails to be sent out mistakenly to PI's with 0 publications. It now waits a little longer between requests to PubMed to prevent this. (Ticket #58322)
  • Bug fix: If an administrator does not have the user account option checked for "Allow this user to create or copy projects?", it would mistakenly not allow them to create or copy projects. Administrators should always have this privilege, which overrides their account level setting. (Ticket #72288)
  • Bug fix: Four LOINC labs were mistakenly missing from the field mapping page for Clinical Data Pull and Clinical Data Mart.

Version 9.3.7 - (released 10/25/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: Major performance improvement when loading the Participant List page for projects with surveys. For projects with thousands of records or more, this page should be significantly faster.
  • Improvement: Performance improvement for record searching on the "Add/Edit Records" page when entering part of a record name in the "Enter a new or existing [Record ID]" text box. For projects with thousands of records or more, this functionality should be much faster.
  • Improvement: Performance improvement for projects using record auto-numbering, in which the process of generating the record name of the next potential record is much faster, especially for projects with many records.
  • Change: The "Data Search" feature on the "Add/Edit Records" page will no longer allow users to search over "All fields" if a project contains more than 20,000 records. This is done for performance reasons so that it does not bog down the database server.
  • Bug fix: When exporting a report for a project that has lots of records (~10k+) and also has repeating instruments/events enabled, then if the report contains one or more sort fields in Step 4 (other than the Record ID field), then the report might not properly sort the resulting data or it might mistakenly have some rows of data missing in the resulting data. Note: This does not affect reports but only data exports. Bug emerged in REDCap 9.3.6.
  • Bug fix: Data Quality rule F might return false positives for fields that exist on repeating instruments or repeating events in which those fields' branching logic contains Smart Variables. (Ticket #72025)
  • Bug fix: When using Automated Survey Invitations (ASIs) in a project where a given ASI should be triggered for Instrument B when an instrument/survey (Instrument A) is completed, if a survey invitation for Instrument B has already been scheduled to be sent via the ASI, and then a user sets Instrument B's Form Status as "Complete" on the data entry form (as opposed to completing it as a survey or by setting it as complete by clicking the "Save & Mark Survey as Complete" button on the data entry form), then it would mistakenly not delete the invitation scheduled for Instrument B. (Ticket #71902)
  • Change: When creating a new Clinical Data Mart project, all the text fields for labs and vital signs values no longer have number validation on them. The field validation has been removed in order to handle some of the newer non-numerical data types that might be output by FHIR for labs and vitals.
  • Bug fix: If a project's record count has not been pre-calculated and stored in the redcap_record_counts database table, then a user imports some records, and then they navigate to a page that displays the record count but does not display a list of records (e.g., Project Home Page), the record count might get mistakenly out of sync and report the wrong number of records in the project until it is reset at some point in the future.
  • Bug fix: If a calculation or branching logic references a checkbox field on another instance of a repeating instrument/event, it might mistakenly display an error saying that there is an error with the calculation or branching logic, respectively.
  • Bug fix: When an Alert is triggered in a project, immediately after the notification gets sent, the REDCap script would halt suddenly with a PHP error that says "An unknown error has caused the REDCap page to halt...". This would only occur on certain web server configurations, especially those using a secure SSL/TLS connection to the MySQL database server. (Ticket #72412)
  • Bug fix: If hosting REDCap on Google App Engine, it might mistakenly not send all emails if several emails are being sent in a batch by a single request.
  • Bug fix: When using the Clinical Data Mart, if a user had no privileges to run a Data Mart revision multiple times, then the warning "You can not run this revision" warning might mistakenly be displayed to the user even if the revision had never been run.
  • Bug fix: Users could mistakenly upload a data dictionary that contains a Matrix Group Name with trailing spaces, which would be accepted during the upload but would cause issues when trying to modify the matrix via the Online Designer.
  • Bug fix: If a calculated field's equation references fields that exist on repeating instruments/events that do not yet have any data in them, then the calc field might mistakenly display an error message on the data entry form or survey page when trying to perform the calculation. This mostly occurs when the field(s) being referenced exist outside of the current event being viewed. (Ticket #64805)
  • Bug fix:When exporting a PDF of one or more instruments with saved data,if all fields in the final section of an instrument have branching logic,then on certain occasions the section header immediately preceding that final section might mistakenly get displayed in the PDF when instead it should not.(Ticket#71134)

Version 9.3.6 - (released 10/11/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: Performance improvement for large data exports that might have previously taxed the REDCap servers or might have failed to complete altogether for some large projects. An internal auto-batching mechanism is now utilized to limit the performance hit to the servers (both database and web server) when exporting large quantities of data (via API or user interface) in order to improve the user experience and to prevent REDCap processes from using up too many server resources. Note: This does not necessarily mean that data exports will be faster; in fact, some exports might be slightly slower as a means of preserving server resources used by REDCap processes.
  • Improvement: Performance improvement for when REDCap is generating the record list cache for a project, especially for projects with Data Access Groups. For each project, REDCap maintains a record list in a database table that is used throughout a project. This record list improves overall performance, especially for large projects. Every few days the record list cache is automatically rebuilt internally. The process of rebuilding the record list is now more efficient, faster, and less error-prone than in previous versions.
  • Improvement/change: The Codebook now denotes if an instrument is enabled as a survey, in which it is noted immediately to the right of the instrument name.
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on survey pages, in which a malicious user could potentially exploit it by manipulating the URL on the page as a means of injecting JavaScript into a calculated field on the page.
  • Change: Users will no longer be allowed to display all pages of a report (by selecting “ALL” from the report’s page selection drop-down list) if it has been determined that such a report would display more than 500,000 data points (i.e., table cells) on the report page. This is to help prevent users from causing performance degradation to the REDCap server and also to improve user experience (assuming the page would take a very long time to load and might even cause the user’s web browser to crash).
  • Bug fix: When using a survey theme, the "Save signature" button in the popup for a Signature field would always be displayed as blue rather than conforming to the survey theme.
  • Bug fix: Stats for Clinical Data Pull projects were not being reported successfully when an institution reports its REDCap stats.
  • Bug fix: The System Statistics page in the Control Center was still saying "Dynamic Data Pull" instead of "Clinical Data Pull".
  • Bug fix: For projects containing Data Access Groups, the record list might get out of sync and mistakenly not display some records or record-DAG assignments properly if the project has a large number of records (e.g., >5000).
  • Fixes and updates to the External Module Framework
  • Bug fix: The collapse functionality was not working correctly for the tables displayed on the REDCap Mobile App page under the “App Data Dumps” tab.
  • Change: If any projects have enabled both the Randomization module and the Double Data Entry module together in the same project, it now displays a warning at the top of the Project Home page to inform the users that these two are not compatible with each other and thus might cause various issues if used together in the same project.
  • Bug fix: The cron job for Alerts & Notifications might mistakenly put the wrong notifications stuck in a "sending" state, in which some might never send.
  • Change: Added new database table indexes for improved performance.
  • Bug fix: If a longitudinal project contains a Custom Record Label whose fields are not prepended with a unique event name, it might mistakenly not display the Custom Record Label correctly in some contexts, such as the Record Home Page. Bug emerged in 9.1.14 LTS and 9.3.5 Standard. (Ticket #71812)
  • Improvement/change: The API method "Export Project Info" now includes a new attribute named "external_modules", which will output a comma-delimited list of all External Modules that are enabled in that project. Note: It will include only the unique module name (not the module title or module version).
  • Bug fix: The redcap_connect.php file was mistakenly not setting the database collation_connection and charset settings immediately after the database connection has been established. It has now been updated to include this. Note: The previous version also had this similar change, but this fix addresses something else that didn’t get completely done in the previous release.
  • Bug fix: For Alerts & Notifications, if an alert is set to "send immediately" and "every time the form/survey is saved", then a user uploading a file for a File Upload field on that form when the form is already complete would mistakenly cause the notification to be sent (meaning that the alert is triggered by the upload itself and not by the form being saved via clicking the Save button). (Ticket #70650)
  • Change: The drop-down record list near the top of the Data Quality module now only displays the first 10,000 record names for projects containing more than 10,000 records. This is to prevent excessive load on the server and also to prevent the user's browser from crashing for very large projects.

Version 9.3.5 - (released 10/3/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: If the "File Upload field enhancement: Password verification & automatic external file storage" setting has been enabled in a project, then when a user attempts to delete a file for a File Upload field (including the deletion of older revisions for that field), it will provide a text box in the "Delete file?" popup in order to allow the user to optionally provide a reason for why they are deleting the file (if they wish), after which this reason will be logged on the Logging page.
  • Improvement: The bottom of the "Clinical Data Interoperability Services" page in the Control Center has a new setting "Allow the patient's email address to be imported from the EHR?". It is initially set to "No", but if changed to "Yes", it will display the "email address" field in the field mapping tree for both Clinical Data Pull and Clinical Data Mart, thus allowing users to import a patient's email address into REDCap, if they desire. Previous versions of REDCap did not allow the patient email address to be imported. (Ticket #70967)
  • Bug fix: When exporting and importing a Project XML file of a REDCap project that contained slider fields with slider labels, the slider labels would mistakenly not get preserved in the new project created from the Project XML file. (Ticket #60742)
  • Bug fix: The CDIS services (Clinical Data Pull, Clinical Data Mart) were only utilizing the valueQuantity attribute in FHIR for lab values and were mistakenly ignoring other FHIR attributes that might be available, such as valueCodeableConcept, valueString, valueRange, valueRatio, valueSampledData, valueAttachment, valueTime, valueDateTime, valuePeriod. This means that some data from the EHR might appear not to import into REDCap because REDCap was not looking for them in the correct place. These other FHIR attributes, while used far less than valueQuantity, are still possible places where data may be retrieved. CDP and Data Mart now both check these attributes when extracting FHIR data from an EHR. (Ticket #70325)
  • Bug fix: Smart Variables would mistakenly not work when used in the conditional logic of a survey in the Survey Queue. (Ticket #70640)
  • Bug fix: Certain Smart Variables (e.g., current-instance) would mistakenly not work when used in the Custom Record Label. (Ticket #71051)
  • Bug fix: When exporting and importing a Project XML file of a REDCap project that contained reports and report folders, the reports might mistakenly not get assigned correctly into their respective report folders in the new project created from the Project XML file. (Ticket #70986)
  • Bug fix: Data Quality rule F might return false positives for fields that exist on repeating instruments or repeating events in which those fields' branching logic contains Smart Variables. (Ticket #71211)
  • Bug fix: A single LOINC lab was mistakenly missing from the field mapping page for Clinical Data Pull and Clinical Data Mart.
  • Bug fix: If an alert has an "alert expiration" time set, then the Notification Log would mistakenly display projected send times that exist beyond the expiration time for any recurring notifications on that alert.
  • Bug fix: If a custom Data Quality rule contains logic that references values in repeating instruments or repeating events, it might not return valid discrepancies in its results or might return false positives. (Ticket #70868)
  • Change: Updated phpmailer library to version 6
  • Bug fix: The record list might get out of sync and mistakenly not display some records or record-DAG assigments properly if the record list cache has not completed while users are importing new records via API, Mobile App, or Data Import Tool.
  • Bug fix: The redcap_connect.php file was mistakenly not setting the database collation_connection and charset settings immediately after the database connection has been established. It has now been updated to include this.

Version 9.3.4 - (released 9/25/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: If a user is importing data via the API into a locked instrument, it might mistakenly allow the data to be modified. It should not allow data to be modified once an instrument is locked. Bug emerged in REDCap 9.1.6 (LTS) and 9.2.3 (Standard).
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the "Customize & Manage Locking/E-signatures" page, in which a malicious user could potentially exploit it by manipulating the Lock Record Custom Text values on the page in a very specific way.
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the "Alerts & Notifications" page, in which a malicious user could potentially exploit it by manipulating an alert's email subject in a very specific way.
  • Improvement: On the Survey Settings page, the "Redirect to a URL" option now allows the Smart Variable [survey-url] to be used - e.g., [survey-url:other_survey]. (Ticket #70613)
  • Change: If the "Name of REDCap Administrator" setting is set to something other than blank/null on the "Edit a Project's Settings" page in the Control Center for a given project, then the blue button on the project's left-hand menu will have the button text as "Contact X" (where X is the name entered) rather than the hard-coded text "Contact REDCap Administrator". (Ticket #70799)
  • Bug fix: If a user that is not an administrator copies a project with some External Modules enabled and clicks the option to copy “all settings for External Modules”, it would result in a fatal error and not copy the project successfully.
  • Bug fix: When using a survey theme, the "Upload file" button in the popup for a File Upload field would always be displayed as blue rather than conforming to the survey theme.
  • Bug fix: When using the Publication Matching module in the Control Center, it might mistakenly get rate-limited by PubMed due to too many requests in a small amount of time, thus causing emails to be sent out mistakenly to PI's with 0 publications. It now waits a little longer between requests to PubMed to prevent this. (Ticket #58322)
  • Bug fix: When uploading an allocation table as a CSV file on the Randomization module's Setup page, if the CSV file is UTF-8 encoded and contains a BOM (Byte Order Mark), then it would mistakenly display an error and prevent if from being uploaded. (Ticket #70808)
  • Bug fix: If the Secondary Unique Field is enabled and also contains an @DEFAULT action tag, then it could mistakenly allow that default value to get saved across multiple records (rather than enforcing it as unique). In this scenario, it now auto-checks the default value when the form/survey is immediately opened to prevent the possibility of that default value not getting checked. (Ticket #70775)
  • Bug fix: If a calculated field contains a colon inside its equation, then when exporting the project's data dictionary or Project XML file and reimporting them, it would mistakenly remove all colons inside the calc field's equation. (Ticket #56279)
  • Bug fix: The "Compare" button on the Data Comparison Tool might not display correctly or might fail to function if using a non-English language for the project. (Ticket #70871)

Version 9.3.3 - (released 9/11/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: Some code in the External Modules Framework was not compatible with PHP 5.5, thus causing every page to crash after installing or upgrading to REDCap 9.1.11 (LTS) or 9.3.2 (Standard Release). (Ticket #70186)
  • Bug fix: When using the Clinical Data Pull or Clinical Data Mart to import EHR data into a REDCap project, in certain situations a valid FHIR access token stored in the REDCap database might mistakenly get deleted, thus it would no longer be usable by the user to which it belonged.
  • Bug fix: When surveys are embedded in iframes in certain web pages, then File Upload fields might not work on the survey. Bug emerged in REDCap 9.3.0.
  • Bug fix: If deploying REDCap on Microsoft Azure using Azure Quick Start, for certain configurations the REDCap cron job might crash unexpectedly and then cause normal REDCap pages not to load, resulting in a fatal PHP error. (Ticket #70090)
  • Bug fix: If values from fields are piped into the choice labels of drop-down fields in a project, then when downloading the PDF of that instrument with data, it would mistakenly not pipe the data into the choice labels but just display the field variable names in the PDF. (Ticket #70080)

Version 9.3.2 - (released 9/5/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: The "Cancel" button on data entry forms now displays a confirmation prompt after being clicked to ask the user if they truly wish to cancel and lose all their changes. (Ticket #22360)
  • Bug fix: When using the Twilio telephony module for sending survey invitations while also using Automated Survey Invitations, if the ASI has "Participant Preference" as the invitation type, then if a record is being created on a survey page or data entry page, in which it immediately triggers the ASI to be scheduled/sent, it would mistakenly send the invitation via email rather than via the participant's preferred delivery method. And if those participants do not have an associated email address, then the invitation would simply fail to send, as noted in the Survey Invitation Log.
  • Bug fix: After uploading a file for a File Upload field on a form or survey, it might mistakenly display the text "lang_send_it" rather than the text "Send-It" for the Send-It link on the field.
  • Bug fix: For specific PHP installations, the PHP function "cal_days_in_month" could not be found by the cron job and would cause the Automated Survey Invitation's Datadiff cron job to crash unexpectedly. (Ticket #69757)
  • Bug fix: If the "Universal FROM" email address is set for the REDCap installation, that email address would mistakenly not get used when sending Alerts & Notifications but would instead send the email with its "From" address as the same as the Reply-To address (i.e., the sender). (Ticket #69787)
  • Bug fix: Emails for Alerts & Notifications would mistakenly fail to send if hosting REDCap on Google Cloud's Google App Engine infrastructure.
  • Bug fix: When using Automated Survey Invitations (ASIs) in a longitudinal project with multiple ASIs where a given ASI has conditional logic and is also set to be triggered off of the completion of another survey, although the ASI might get correctly triggered when a survey is completed, it might mistakenly not get triggered when that same survey is completed as a data entry form (with its form status set as "Completed", which should be equivalent to the survey being completed with regard to ASI conditions). (Ticket #69539)
  • Bug fix: Some English language phrases were mistakenly not translated with regard to certain actions related to uploading files for File Upload fields. (Ticket #69117)
  • Bug fix: When viewing the Project Revision History page for a production project, it might mistakenly not say "Approved Automatically" for some revisions that were approved automatically, thus creating some confusion and making it appear as if the user approved their own request, which is not true. (Ticket #69825)
  • Change: When a user copies a project that has Double Data Entry enabled, it will no longer have Double Data Entry enabled in the new project by default but instead will require that an administrator enable it for that new project.
  • Bug fix: For Alerts & Notifications, if an alert is set to be sent "just once" and is not set to "send immediately", then after the email notification has been scheduled and then sent, saving the record again would mistakenly cause the alert to get scheduled again, thus resulting in unwanted duplicate notifications to the recipient. This would not occur unless the record was modified after a previously-scheduled notification had already been sent.
  • Bug fix: If a multiple choice field contains a choice label containing "<$", such as "1, <$20", then it might cause all following choices for that field to be truncated and not displayed when viewing an exported PDF of the data entry form.

Version 9.3.1 - (released 8/29/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement/change: When an administrator is reviewing the email from a user requesting to have a project deleted (via a button click on the Other Functionality page for production projects), the email subject now includes the project ID (PID) to allow admins to track emails for projects more easily and not get them confused with one another.
  • Bug fix: When using the Data Resolution Workflow in a project, users on the Resolve Issues page would not be able to utilize the filter drop-downs in the table due to a JavaScript error.
  • Bug fix: If using the Twilio telephony services when REDCap's authentication is set to "Shibboleth", it would mistakenly not be possible to initiate a voice call via SMS, such as when sending an SMS for a public survey, in which the SMS says to reply back in order to begin a voice call. (Ticket #68974)
  • Bug fix: Some English language phrases were mistakenly not translated with regard to certain actions related to uploading files for File Upload fields. (Ticket #69117)
  • Bug fix: When importing data (via Data Import Tool or API) into a repeating instrument in a classic/non-longitudinal project, it would mistakenly allow the import to complete successfully even when the "redcap_repeat_instrument" field is missing from the import file, in which it could erroneously add duplicate rows of the data in the database back-end (rather than updating the existing values already in the database). It now correctly returns an error in this case if the "redcap_repeat_instrument" field is missing or blank when importing data for a repeating instrument.
  • Bug fix: When importing data (via Data Import Tool or API) into a repeating instrument or repeating event, in which the form complete status field is not included in the import data set, the form status would not get appropriately logged when it gets automatically added to the database back-end.
  • Bug fix: When importing data (via Data Import Tool or API) into a repeating instrument or repeating event, if the record does not already exist in the project, it might mistakenly not add the record ID field value to the database back-end during the import process, thus causing the record to appear not to exist (or to have no data) on certain pages in the project, such as the Record Status Dashboard.
  • Bug fix: When exporting data via the API "Export Records" method with type=eav for a project with repeating forms/events, it would mistakenly not order the values for a given record according to the repeating instance number but would instead mix up all the instances' values within that record without any order. (Ticket #69190)
  • Bug fix: When the content size of a POST request on the REDCap web server exceeds PHP's "post_max_size" setting, in the error message displayed it mistakenly reports the post_max_size in Bytes rather than in MB, which is inaccurate and confusing. (Ticket #69352)
  • Bug fix: When creating/modifying a report on the "Data Exports, Reports, and Stats" page and using a certain web browser (e.g., Safari, IE), users would mistakenly not be able to click inside the text fields in Step 2 where it says "Type variable name or field label". (Ticket #68312)
  • Bug fix: Some survey links might mistakenly still work and load the survey page, even though their respective instrument or event has been deleted in the project. (Ticket #66810)
  • Bug fix: On the Survey Settings page in a project, if the setting "Allow survey respondents to view aggregate survey results after completing the survey?" is enabled, and then the user attempts to add a URL to the "Redirect to a URL" setting but mistakenly enters an invalid URL, the user might get stuck in a popup loop where it is impossible to close both of the popups that appear on the page, thus forcing them to have to reload the page and lose anything they had set. (Ticket #67096)
  • Bug fix: If a checkbox field exists on a repeating instrument, and that instrument contains either branching logic or a calculated field that references the checkbox field on another instance of that instrument (e.g., "if ([mycheckbox][previous-instance] = '1', ..., ...)"), then when the instrument is saved, it could cause any checked checkboxes from *other* repeating instances to get saved for the current instance. (Ticket #69199)
  • Fixes and updates for the External Modules Framework

Version 9.3.0 - (released 8/15/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: File Version History for File Upload fields (project-level setting)
    • This feature allows a new file to be uploaded onto a File Upload field that already has a file uploaded for it. If a file has already been uploaded, the field will have a new link “Upload new version”, and after being clicked, it will allow the user to upload another file without having to delete the existing one. The old/existing file will not be deleted but will still be accessible as an older version of that file in the Data History popup (by clicking the “H” icon next to the field). Within the Data History popup, a user may view, download, or delete any existing version of the file that exists, in which all versions of the file will be displayed in a table format and listed in chronological order with regard to being uploaded.
    • “Import File” API behavior: When the File Version History feature is enabled for a project, and the “Import File” API method is used to import a file into a File Upload field that already has a file saved for it, the new file will overwrite the existing file but keep the existing file in the File Version History, thus not deleting it. This is different for projects that have the File Version History disabled, in which importing a new file will delete the existing file.
    • For all upgrades/installs, this feature will be enabled for the system and for all projects. It may be disabled for all projects by disabling the system-level setting, which is located on the Modules/Services Configuration page in the Control Center. Alternatively, it may be left enabled at the system level, and you may set it so that all new projects (created in the future) will have the feature enabled or disabled, which can be done on the Default Project Settings page in the Control Center. While this feature will be enabled by default for all projects, if you wish to disable it for all existing projects, then you may run the following SQL on the database after the upgrade: UPDATE redcap_projects SET file_upload_versioning_enabled = 0;
  • New feature: File Upload field enhancement: Password verification & automatic external file storage (project-level setting) - requires PHP 5.6.0
    • This feature allows users to utilize extra functionality regarding the use of File Upload fields in a project. It must first be enabled at the system level (at the bottom of the Modules/Services Configuration page in the Control Center). It is disabled by default for all projects, but users with 'Project Setup & Design' rights can enable it for a project in the Additional Customizations popup on a project's Project Setup page.
    • How it works: Any user that is uploading a file for a File Upload field on a data entry form or survey will be asked to confirm that the file is the correct file. And when on data entry forms specifically, it will additionally ask the user to enter their REDCap password as part of the verification process. Once confirmed, the file will successfully upload, and in addition to saving the file normally in REDCap, it will also store a duplicate copy of the file on a secure, external server using the configuration settings defined in the Control Center.
    • The connection to the external file server can be set up as WebDAV or SFTP, in which the details/credentials must be provided when enabling this system-level setting at the bottom of the Modules/Services Configuration page in the Control Center.
    • This feature may be utilized for projects wishing to adhere to certain regulatory compliance, such as 21 CFR Part 11 for FDA trials. Please note that enabling this feature does not make the feature or your REDCap installation automatically “Part 11 compliant”. It is assumed that if using this for Part 11 compliance that you have already gone through all the processes of documenting and validating your REDCap environment (or parts of it) to validate it as “Part 11 compliant” beforehand.
  • Improvement: The Control Center's left-hand menu now contains a text field for entering a project's PID (project ID), after which it will direct the user to that project. This provides a quick way of navigating to a project when you have the PID.
  • Improvement: The Data History Popup for File Upload fields now provides more detailed information, such as the filename of the uploaded file.
  • Improvement: When using the Clinical Data Mart feature and fetching data from the EHR, it now provides to the user a summary of all the types of data that were imported during the fetch and how many data points were imported for each category (e.g., Demographics, Medication Order).
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the Data Import Tool page, in which a malicious user could potentially exploit it by manipulating the CSV data import file in a very specific way and then uploading it on the page. Note: This issue does not occur for administrator accounts but only for regular users.
  • Minor security fix: Some SQL Injection vulnerabilities were found on the Calendar and Scheduling pages, in which a malicious user could potentially exploit them by manipulating the query string or POST parameters of an HTTP request.
  • Bug fix: When using the "Export Records" API method and using the dateRangeBegin and/or dateRangeEnd parameter with type=eav, then the dateRangeBegin and dateRangeEnd parameters would mistakenly get ignored in the request. This only occurs for "eav" type and not for "flat" type.
  • Bug fix: When using the Twilio telephony module for sending survey invitations while also using Automated Survey Invitations, if the ASI has "Participant Preference" as the invitation type, then in certain cases (but not all the time) it would mistakenly send the invitation via email rather than via the participant's preferred delivery method. And if those participants do not have an associated email address, then the invitation would simply fail to send, as noted in the Survey Invitation Log.
  • Bug fix: If any REDCap usernames contain a space (since spaces are allowed in Active Directory usernames), it would not be possible for administrators to view that user on the User Information page when selecting that user or searching for that user on the page. (Ticket #68259)
  • Bug fix: In the Alerts & Notifications module, if an alert is set to be triggered by conditional logic only and is set to send multiple times as a recurrence and also has the "ensure logic is still true" option checked, then if a notification gets scheduled when a user saves a data entry form or survey page (because the conditional logic becomes true) and then later on saves another form/survey, which causes the conditional logic to no longer be true, it would mistakenly fail to remove the recurring notification from the Notification Log. The notification does not get sent in the end, which is correct, but it is mostly confusing to the user because it remains in the Notification Log until that point.
  • Bug fix: When running REDCap on specific Windows server environments, email notifications might mistakenly not get sent via Alerts & Notifications. (Ticket #68696)
  • Bug fix: The Python example code generated in the API Playground for the "Import File" method contained an error.
  • Bug fix: Date fields and datetime fields would mistakenly not get sorted correctly in a report when clicking their header at the top of the report table. (Ticket #22139)
  • Bug fix: Some minor database transactions might mistakenly cause an InnoDB deadlock. This would not necessarily cause any performance problems but might be displayed as an error in the database log.
  • Bug fix: When the [survey-link] Smart Variable is piped into various settings (e.g., field label, ASI email, Alerts & Notifications email), if it has [first-event-name] or [last-event-name] prepended to it, it might mistakenly output a link that does not work because it has no value for the "href" attribute in the link's HTML. (Ticket #68697)
  • Bug fix: When using the Scheduling module and scheduling dates that traverse the Daylight Saving Time change in the Fall season, it could cause all generated dates that occur after the Fall DST change to be one day earlier than they should be. (Ticket #68944)

Version 9.2.5 - (released 8/1/2019)

BUG FIXES & OTHER CHANGES:

  • Change: Minor changes to Clinical Data Mart
    • When creating a Data Mart project, it is now optional for a user to provide a list of MRNs when setting the initial Data Mart configuration. If some MRNs are provided, empty records containing only those MRNs will be automatically created/seeded in the project after the first Data Mart revision has been approved by an administrator.
    • After the first Data Mart revision has been approved, the MRN list on the Data Mart page will no longer be visible because the Fetch button will now fetch data based solely on the MRNs associated with records in the project (rather than using an MRN list from the configuration page, which was the case for older versions of Data Mart). So from this point on, the Data Mart will fetch data for ALL records in the project that have an MRN associated with it.
  • Bug fix: If a user is completing a survey by clicking the "Save & Mark Survey as Complete" button on a data entry form (as opposed to completing it on the survey page itself), it would mistakenly not delete any scheduled invitations/reminders for the survey that was just completed. This would cause confusion because the respondent would receive an invitation to a survey that had already been completed. (Ticket #67777)
  • Bug fix: If using both a project-level and survey-level survey invitation email field in a project, then in certain cases, such as if a record has a value the project-level email field but not for the survey-level email field, the Survey Invitation Log and Participant List might mistakenly not display the correct email address and might also not display the record name for a given invitation/participant. (Ticket #68046)
  • Bug fix: If an alert in a longitudinal project has File Upload fields as attachments, in which it is set to use the file for the "[Current Event]" (as opposed to a specific event in the project), then it might mistakenly fail to attach the file to the notification.

Version 9.2.4 - (released 7/26/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When attempting to send/schedule an email manually via the Participant List, it would mistakenly fail to do so and would note that "0" invitations were scheduled/sent. Bug emerged in REDCap 9.2.3 (Standard).

Version 9.2.3 - (released 7/26/2019)

BUG FIXES & OTHER CHANGES:

  • Medium security fixes: Several SQL Injection vulnerabilities were found on certain pages related to the Mobile App, the API, Shared Library, Data Comparison Tool, and the Calendar, in which a malicious user could potentially exploit them by manipulating the query string or POST parameters of an HTTP request.
  • Major bug fix: Some pages related to the Calendar, such as the calendar popup and some background AJAX requests for setting calendar event attributes, were mistakenly not checking to ensure that the user had "Calendar" user privileges when accessing those pages. This was also true for the "Scheduling" module, in which no user privileges at all were being applied to any pages related to Scheduling. All pages related to Scheduling should have been applying the "Calendar" user privileges. They have been changed so that now all Scheduling pages are connected to "Calendar" user privileges, and the User Rights page now lists "Calendar & Scheduling" together as a user right option (only display "& Scheduling" for that item when the Scheduling module is enabled) to help re-enforce to the user that the same user rights are applied to both Calendar and Scheduling, which is how it was intended to behave originally.
  • Improvement: In a project with repeating instruments, the Record Home Page now displays a count of total instances of a given repeating instrument next to the instrument name in the tables of instances displayed at the bottom of that page.
  • Improvement/change: When an administrator is reviewing drafted production changes, the pre-filled "confirmation email" option on that page now includes the project ID (PID) in the subject of the email to the requester to allow admins to track emails for projects more easily and not get them confused with one another.
  • Bug fix: When performing a data import, in which the data import file contains many thousands of fields, it could cause the import process to crash unexpectedly and not finish because of a MySQL #2006 error due to some SQL queries being too long, which occurs when a query's length exceeds the MySQL "max_allowed_packet" setting. Many queries involved in the data import process have been modified to deal with the possibility of long queries being constructed. (Ticket #67401)
  • Bug fix: The Browse Users page might mistakenly display an internal SQL query on the page. (Ticket #66980)
  • Bug fix: All REDCap logos should have had the Registered Trademark symbol rather than "TM", according to the trademark owned by Vanderbilt University.
  • Bug fix: If date or datetime fields were used in a calculated field in a multi-page survey, in which the survey page containing the calculation is being skipped due to all fields on the page being hidden by branching logic or action tags, then it would mistakenly cause the date/datetime field's value to have its date format mangled and then saved in an incorrect format. (Ticket #67473, #67255)
  • Bug fix: For certain project setups that utilize a multi-page survey that has fields with branching logic referencing fields on repeating instruments, some pages of the survey might mistakenly get skipped if all the fields on the page have branching logic.
  • Bug fix: For certain project setups that utilize a multi-page survey that has fields with branching logic, some pages of the survey might mistakenly take an extremely long time to load if all the fields on the page have branching logic.
  • Bug fix: When editing a user role on the User Rights page in a project, users could mistakenly set a blank value as the role name, which would cause issues with being able to utilize it and even delete it. It now prevents users from setting a role name with a blank value. (Ticket #67636)
  • Bug fix: The Smart Variables [survey-time-completed] and [survey-date-completed] would mistakenly not work when referencing repeating surveys or surveys on a repeating event, in which an instance number or [X-instance] Smart Variable is appended to them (e.g., [survey-time-completed:followup][last-instance]). (Ticket #67636)
  • Bug fix: If a development project has some Alerts & Notifications set, and some records have been entered and have subsequently triggered some alerts, then if the project is moved to production, in which all records are kept and not deleted, then it would mistakenly delete everything in the Notification Log, including erasing all notifications already sent and erasing all recurring notifications that should be sent in the future. It should only delete the Notification Log if the user chooses to delete all records when moving the project to production.
  • Bug fix: If adding new table-based users in bulk via a CSV file on the "Add Users (Table-based Only)" page in the Control Center, if the user already exists in the system but is somehow not a table-based user (which can happen if using LDAP+Table authentication), then it would mistakenly convert that existing user to a table-based user and send them an email to set their password.

Version 9.2.2 - (released 7/19/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When using a Data Quality Rule with Real-time Execution enabled in a project with the Randomization module enabled, in which during the randomization process the DQ rule returns a discrepancy for one or more strata fields used in the randomization configuration, it would properly prevent the randomization process from occurring but would mistakenly remove that whole allocation row from the allocation table, which means that that particular randomization allocation could never be used afterward because it was permanently deleted. This could cause major problems for the project. (Ticket #67062)
  • Major bug fix: If a user has access to a project but does not have "File Repository" access in that project, then if they know how to manipulate certain URLs in REDCap, they might be able to download files uploaded into the "User Files" section of the File Repository page in that project. Note: They would not be able to download files from the "Data Export Files" section or "PDF Survey Archive" section, but only from the "User Files" section. (Ticket #22974)
  • Bug fix: The Browse Users page might mistakenly display an internal SQL query on the page. (Ticket #66980)
  • Bug fix: Although it is recommended that the @NOW action tag only be used for datetime fields, if a date field has @NOW, it would mistakenly fail to generate a date value (as if using @TODAY) when the field is blank. In previous versions, this worked correctly. Bug emerged in REDCap 9.2.0.
  • Bug fix: An Australian institution name was mistakenly hard-coded into the code on the login page when using the "AAF (Australian Access Federation) & Table-based" authentication method. (Ticket #66984)
  • Bug fix: If the REDCap web server is not able to make outbound HTTP requests, it might cause the Online Designer page to load slowly (or not at all) when attempting to edit an instrument. (Ticket #67017)
  • Bug fix: In a multi-page survey when all the fields on a given survey page are hidden due to branching logic, in which the page will be automatically skipped, it would mistakenly only skip a maximum of 100 pages at a time, which could be confusing when it displays a blank survey page to the respondent after skipping 100 pages. (Ticket #66721)
  • Bug fix: The results of an SQL field might not get parsed/displayed correctly for certain SQL queries that return a number as the value of the first field of the query. (Ticket #67285)
  • Bug fix: If the PDF Auto-Archiver is enabled for a survey that is set to "offline", if a participant follows a survey link to attempt to take the survey, it would appropriately inform them that the survey is offline, but it would mistakenly save a PDF in the PDF Survey Archive of a blank record. For the participant, everything seems to operate normally despite this issue. (Ticket #61335)
  • Bug fix: After exporting the Project XML file for a longitudinal project that contains events with a "<" followed by a space in the event name (e.g., "event < 2"), it would mistakenly throw an error when attempting to create a new project from the XML file. (Ticket #61324)
  • Bug fix: When entering the Smart Variable [survey-time-completed] or [survey-date-completed] into branching logic in the "Add/Edit Branching Logic" popup in the Online Designer, it would mistakenly note that there is an error in the logic. (Ticket #67232)
  • Bug fix: When clicking the arrow icon or pencil icon on the Codebook page in order to modify the field in the Online Designer, it might cause the rich text editor not to load correctly for field labels in the "Edit Field" popup.

Version 9.2.1 - (released 7/12/2019)

BUG FIXES & OTHER CHANGES:

  • Bug fix: The Smart Variable [user-email] was mistakenly not working. (Ticket #66937)

Version 9.2.0 - (released 7/12/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • 10 new Smart Variables
    • [project-id] - The Project ID (i.e., PID) of the current REDCap project.
    • [user-fullname] -The current user's first and last name (as listed on their My Profile page).
    • [user-email] - The current user's primary email address (as listed on their My Profile page).
    • [redcap-base-url] - The base web address for the REDCap installation.
    • [redcap-version] - The current REDCap version number of the REDCap installation.
    • [redcap-version-url] - The base web address of the current REDCap version directory for the REDCap installation.
    • [survey-base-url] - The base web address for surveys for the REDCap installation.
    • [instrument-name] - The unique instrument name of the current survey or data entry form. It will return a blank value if not in an instrument context.
    • [instrument-label] - The instrument label of the current survey or data entry form. It will return a blank value if not in an instrument context.
    • [survey-title] - The survey title of the instrument specified by the 'instrument' parameter (if provided). If the 'instrument' parameter is not provided, the current survey instrument will be used, else it will return a blank value if not in an instrument/survey context.
  • 4 new Action Tags
    • @NOW_SERVER - Loads the REDCap server's date+time into a blank Text field - similar to the @TODAY tag but additionally includes the time portion. If the field has validation, the value will adjust to match the date format. NOTE: The time used will be the REDCap server's local time, which might be different from the user's local time if in another timezone. Also, do not use this tag on fields with branching logic because it will always prompt the user to erase the value, so look at using @HIDDEN instead if you wish to hide the field.
    • @TODAY_SERVER - Loads the REDCap server's date into a blank Text field - similar to the @NOW tag but without the time portion. If the field has validation, the value will adjust to match the date format. Also, do not use this tag on fields with branching logic because it will always prompt the user to erase the value, so look at using @HIDDEN instead if you wish to hide the field.
    • @NOW_UTC - Loads the current UTC/GMT date+time into a blank Text field - similar to the @TODAY tag but additionally includes the time portion. If the field has validation, the value will adjust to match the date format. NOTE: The time used will be the current UTC/GMT time, which might be different from the user's local time if in another timezone. Also, do not use this tag on fields with branching logic because it will always prompt the user to erase the value, so look at using @HIDDEN instead if you wish to hide the field.
    • @TODAY_UTC - Loads the current UTC/GMT date into a blank Text field - similar to the @NOW tag but without the time portion. If the field has validation, the value will adjust to match the date format. Also, do not use this tag on fields with branching logic because it will always prompt the user to erase the value, so look at using @HIDDEN instead if you wish to hide the field.
  • Improvement: The email sent to the REDCap administrator that contains a link to the page for reviewing production project changes now includes the project ID (PID) in the email subject to allow admins to track emails for projects more easily and not get them confused with one another. (Ticket #48141)
  • Bug fix: If the rich text editor in the Online Designer was used to style the field label of the record ID field, this styling would not be reflected when the record ID field label is displayed at the top of the data entry forms but instead the HTML would mistakenly be removed from the field label on the page. This would also occur if the record ID's field label was styled manually with HTML (i.e., not using the rich text editor). Note: On other pages throughout a project, any HTML in the record ID's field label is intentionally removed. (Ticket #66237)
  • Bug fixes and updates for the External Module Framework
  • Bug fix: The Bootstrap version change in REDCap 9.1.1 mistakenly caused tabs to no longer function on the login page when using the "AAF (Australian Access Federation) & Table-based" authentication method. (Ticket #66411)
  • Bug fix: If a user utilizes an HTML tag for styling a REDCap Messenger conversation or tags a user in a conversation, then it would mistakenly display raw/uninterpreted HTML in the Messenger conversation window. (Ticket #66433)
  • Bug fix: When exporting a PDF containing data of an instrument or survey, if any radio button fields displayed in the PDF have a multiple choice option with "0" as the raw/coded value, then that radio button choice would always be marked as "selected" in the PDF, even if it is not truly selected on the webpage (i.e., is not the real value). (Ticket #66394)
  • Bug fix: When viewing the popup of repeating events (but not repeating instruments) for a record on the Record Status Dashboard after clicking the "stack" status icon for a given record/event/instrument, it would mistakenly not display the piped version of the Custom Event Label (if defined) for each event displayed in the table in the popup. This has always worked when viewing a list of repeating instruments that have a Custom Repeating Instrument Label, but was not working if it was a repeating event that had a Custom Event Label. (Ticket #14382)
  • Bug fix: If a data quality rule's logic contains fields from a repeating instrument or repeating event, in which neither an instance number nor an X-instance Smart Variable is not appended to those fields in the logic, then if the "real-time execution" option is enabled for the data quality rule and if a user submits the repeating instrument/event on which those fields are located, it might mistakenly return a false positive for a discrepancy existing, even if the logic does not evaluate as TRUE for the current repeating instance. (Ticket #66244)
  • Bug fix: The icon/link that users can click to navigate to the REDCap Messenger informational page was mistakenly not visible in the Messenger left-hand panel. It should have been displayed to the left of the "Create new conversation" button. It has been fixed so that it is visible now.
  • Bug fix: The rich text editor for field labels and section headers in the Online Designer was mistakenly being enabled by default for new fields being created. It was actually intended that it should be disabled by default for new fields, but could always be enabled manually by the user, if desired. (Ticket #66422)
  • Bug fix: If a report has report logic containing fields from a repeating instrument or repeating event, the report might mistakenly return an extra row (which is mostly gray-colored since it pertains to a non-repeating row of data) if instance 1 of the record evaluates as TRUE for the report logic. This only appears to occur if the "Show data for all events or repeating instruments for each record returned" option is checked in Step 3 of editing the report. (Ticket #64767)
  • Bug fix: When setting up the Survey Login feature in the Online Designer, the drop-down lists displaying fields that can be selected as login fields would mistakenly display HTML tags in the drop-down labels if the fields contained any HTML in their field label (whether using the rich text editor or manually-entered HTML). The HTML now no longer displays in the drop-down. (Ticket #66607)
  • Bug fix: If an alert is set to be triggered "Using conditional logic during a data import or data entry" and also has the "ensure logic is still true" option enabled and is set to "Send immediately", then if the conditional logic has become true and has already sent the initial notification, it would mistakenly keep sending a new notification every time the record is saved while the conditional logic is still true. Instead it should only send it once (per repeating instance).
  • Bug fix: If a project that is using randomization has branching logic defined for the randomization field and/or strata fields, in which a record is randomized on the data entry form and then (without reloading the page) a field is modified on the form which then causes the randomization/strata fields to be hidden, those fields would mistakenly be hidden and their values would be erased. This could cause major issues in the project for future randomizations. This behavior not occur if the page is reloaded after randomization has occurred. The randomization/strata fields should never be hidden by branching logic after randomization has occurred. (Ticket #66652)
  • Bug fix: When viewing the Record Home Page in a longitudinal project that has both repeating instruments and repeating events, if the record being viewed contains multiple instances of a repeating event, then the "+" button in the main table for any repeating instrument might mistakenly navigate to an incorrect repeating instance of that instrument, such as skipping some instance numbers. This does not affect the quality of data in any way, but it can cause repeating instances to sometimes be incorrectly numbered for repeating instruments. (Ticket #62960)
  • Bug fix: If an alert is set to "Send at exact date/time", it might mistakenly not send the very first notification if it is set to send multiple times as a recurring notification. However, it would still correctly send all recurring notifications after the first one (whether or not the first one sent).

Version 9.1.2 - (released 6/27/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Rich text editor for field labels and section headers
    • For any field on an instrument in the Online Designer, users may optionally utilize the rich text editor for styling field labels or section headers with many text-formatting options. The rich text editor allows users to change the color of text (including background color), create tables, add text of varying sizes, bullet lists, and more. For any field labels that were originally created without the rich text editor, users may optionally enable the rich text editor for any field by clicking the 'Use the Rich Text Editor' checkbox. It may also be disabled afterward at any time just the same. Rich text is enabled by default for any new fields being created via the Online Designer.
    • Note: The PDF export of surveys/instruments will *not* reflect all the styling of the rich text editor, so keep in mind that line breaks and paragraphs should be represented well in PDFs, but other text-formatting options, such as large text, bullet points, and colors are not able to be translated into the PDF export of the instrument. This is a current limitation in REDCap.
  • Improvement: For "Clinical Data Mart" projects, a new option was added on the Project Setup page to enable a process that will auto-fetch all clinical data twice a day (based on Data Mart configuration) using a cron job. Similar to the other project-level Data Mart options on Project Setup, this option can only be enabled or disabled by a REDCap administrator. This feature will be useful in cases where new data is being entered into the EHR, after which that data needs to be imported into the project without having a person manually fetch the data for each record one at a time.
  • Medium security fixes: Cross-Site Scripting (XSS) vulnerabilities were discovered on several pages, in which a malicious user could potentially exploit them by manipulating user inputs in various locations throughout the application.
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the Data Import Tool page, in which a malicious user could potentially exploit it by manipulating the CSV data import file in a very specific way and then uploading it on the page.
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the page that displays the error message whenever any REDCap page fails the Cross-Site Request Forgery (CSRF) check, in which a malicious user could potentially exploit it by manipulating the HTTP referrer being sent to the webpage.
  • Change/improvement: Added the security headers "X-XSS-Protection" and "X-Content-Type-Options" to provide more protection for each web request made to REDCap.
  • Change: A new setting has been added called “Can REDCap server access the web (make outbound HTTP calls)?” on the General Configuration page in the Control Center. This setting can be set to "No" if the REDCap server has no connectivity to the World Wide Web. This helps prevent some REDCap pages from becoming very slow to load because they are making background requests to external websites.
  • Bug fix: When using the Survey Queue in a project that has multiple arms, the queue might mistakenly display the surveys for a survey participant in an incorrect order. (Ticket #64506)
  • Bug fix: For certain projects, enabling an instrument as a survey in the Online Designer might display the error message "An error occurred. Please try again.", but if the page is reloaded, it will show that the survey was actually created successfully.
  • Bug fix: When a survey participant is completing a survey with the e-Consent Framework enabled, in which the participant is using a mobile device (iOS or specific Android software/hardware), the last survey page would mistakenly only display the first page of the inline PDF (if more than one page) when it should instead display all pages of the PDF. (Ticket #46978)
  • Bug fix: When logic with fields from repeating instruments is used for a custom Record Status Dashboard filter, in specific complex cases the dashboard might mistakenly not display all the records that match that filter logic. (Ticket #65198)
  • Bug fix: Some field labels, section headers, or custom event labels that contain certain number patterns, such as a number followed by a colon, might not get displayed correctly, in which odd characters and semi-colons might get mistakenly inserted before or after them in the block of text. (Ticket #64880)
  • Bug fix: If a user uploads a file for a File Upload field or a Signature field on a data entry form, and the user then leaves the page without clicking the Save button, it would correctly upload the file but would mistakenly not trigger any Automated Survey Invitations or Alerts that have logic that references that field.
  • Bug fix: When choosing to "Copy" an instrument via the "Choose action" drop-down on the Online Designer, if the instrument was enabled as a survey and contained any stop actions, those stop actions would mistakenly not get copied to the new instrument. (Ticket #62275)
  • Bug fix: When using the @DEFAULT action tag on a multi-page survey, in which a survey field's value is being set using a field value from a previous page in the survey, then the action tag would mistakenly not function at all if the "Require a Reason" feature had been enabled for the project. (Ticket #54083)
  • Bug fix: In the Online Designer, when creating a new matrix of fields immediately above a section header, it would mistakenly delete that section header below when saving the new matrix. (Ticket #62559)
  • Change: On the Clinical Data Pull’s project list page (seen after launching REDCap inside an EHR), it now displays a link “View EHR patient identifier keys” that (when clicked) displays all possible EHR patient identifier strings for the institution’s EHR. This is to aid in setup of CDP and/or Clinical Data Mart since this value must be entered on the configuration page for Clinical Data Interoperability Services to be able to work properly for most EHR vendors.
  • Bug fix: When viewing the Stats & Charts page for a project with repeating instruments or repeating events, in which the report being viewed has filter logic containing fields from a repeating instrument/event, it might mistakenly include non-relevant data in some bar charts or scatter plots on the page. (Ticket #60147)
  • Bug fix: When clicking the "Survey Queue" option at the top right of a survey page, the survey queue would be displayed as too wide and would be off the page and not viewable if the respondent was viewing the survey on a mobile device. (Ticket #62318)

Version 9.1.1 - (released 6/21/2019)

BUG FIXES & OTHER CHANGES:

  • Medium security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on many pages, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Minor security fix: Updated the Bootstrap and jQuery libraries, which were outdated and contained minor security vulnerabilities.
  • Improvement: The file attachment option for data queries in the Data Resolution Workflow popup can now be disabled at the system level for all projects. This option is located on the "File Upload Settings" page in the Control Center as "Allow file attachments to be uploaded for data queries in the Data Resolution Workflow?". If set to "Disabled", it will merely not display the "Upload document" option for an open data query in the Data Resolution Workflow popup on a data entry form.
  • Improvement: For "Clinical Data Mart" projects, users may now download and upload the Data Mart configuration as a CSV file on the "Clinical Data Mart" page. This CSV file may be used to create a new revision of the Data Mart configuration.
  • Bug fix: If an alert is set to be triggered when completing an instrument with any form status, it would mistakenly not get triggered if any Required Fields on the instrument were left blank. (Ticket #64639)
  • Change: Removed unnecessary "error_log" statements throughout the code. (Ticket #64858)
  • Bug fix: If an Automated Survey Invitation has a large lapse of time set for the units of days, hours, or minutes in Step 3 of the ASI setup, it could mistakenly cause survey invitations not to be scheduled appropriately (Ticket #65074)
  • Bug fix: In the API Playground, the dynamically-generated code at the bottom of the page might mistakenly not escape apostrophes that are used in an API parameter value, thus outputting code that would cause an error rather than running successfully for the given programming language.
  • Bug fix: If a report has a report filter than references a field in a repeating event or repeating instrument, on certain occasions it might mistakenly not filter correctly and thus not return the correct results in the report. (Ticket #65481)
  • Bug fix: When testing the validity of an external URL for REDCap to make requests to (e.g., when adding a Data Entry Trigger), the test might mistakenly not be accurate with regard to whether the URL is valid. (Ticket #65521)
  • Bug fix: The table of logged events on the project Logging page might mistakenly cause the username to overflow in the table row if the username is long.
  • Bug fix: If a survey or data entry form contains a matrix with many fields, in which the height of the matrix is bigger than the height of the user's web browser window, the matrix headers might mistakenly not float at the top of the page (thus staying always visible as the page is scrolled) if some of the fields in the matrix are being hidden by branching logic.
  • Bug fix: When attempting to upload a CSV import file for Automated Survey Invitations on the Online Designer, it would fail with no error message and would instead display an empty pop-up box to the user. (Ticket #65037)
  • Bug fix: When a user is typing text into a biomedical ontology auto-search field on a survey or data entry form, it would mistakenly log each keystroke for the field in REDCap's redcap_log_view database table, which could cause the user's IP address to get banned in REDCap, thus locking them out temporarily. (Ticket #42552)
  • Bug fix: When an alert is set to be sent when logic becomes true during data import or data entry, even though the alert is set to send just once, it might mistakenly keep sending every time a record is uploaded during a data import.
  • Bug fix: When modifying an existing alert to send "just once" when it previously was set to send "multiple times", it would mistakenly not save that setting correctly if the number of minutes/hours/days for "multiple times" is not set to "0". (Ticket #64668)
  • Bug fix: In certain cases, calc fields on multi-page surveys might inadvertently get skipped and thus not calculated if all questions on that page are being hidden by either branching logic or by the @HIDDEN or @HIDDEN-SURVEY action tag. This might cause data entry workflow issues (e.g., fields being skipped mistakenly) if some fields on that page have branching logic that is triggered by a hidden calc field on that page.
  • Bug fix: When clicking the Records or Fields table header on the My Projects page's list of projects, it would mistakenly not sort the column correctly if any numbers contained a non-numeric character, such as a comma or decimal. (Ticket #64861)
  • Bug fix: When attempting to upload a CSV import file for Automated Survey Invitations on the Online Designer, it would fail with an error message if the email subject and email body were not provided in the import file. This would cause issues in certain use cases, such as when using Twilio telephony services, that do not require and email subject or body. So the subject and body are now no long required as part of the import file. (Ticket #65037)
  • Bug fix: If a user does not have Edit Access privileges for a specific report, then it would mistakenly display the Edit Report button at the top of the report and also the report's "Stats & Charts" page. However, if they clicked the button, it would not let them edit the report but would merely take them back to the "My Reports & Exports" page. (Ticket #65724)
  • Bug fix: When clicking an option in the "Copy existing choices" popup in the Online Designer, it might mistakenly replace the ">" and "<" signs with their HTML character code when copying the choices into the Choices textbox inside the Edit Field popup. (Ticket #64268)

Version 9.1.0 - (released 5/30/2019)

BUG FIXES & OTHER CHANGES:

  • New feature: Clinical Data Mart
    • The Data Mart module can pull clinical data from the EHR in bulk (i.e., dozens or hundreds of patients at once), as compared with the Clinical Data Pull (CDP) that pulls patient data from the EHR just one patient at a time. Both Data Mart and CDP utilize REDCap’s “Clinical Data Interoperability Services” infrastructure, which can interface with any EHR system that has FHIR web services enabled. If CDP has already been set up and enabled in REDCap, then enabling Data Mart is very simple and requires no further setup other than enabling it on the CDIS page in the Control Center.
    • Overview
      • To use the Data Mart feature and create a Data Mart project, a user must be given explicit permissions for this by a REDCap administrator on the Browse Users page in the Control Center. Once they have been given permissions, they can navigate to the Create New Project page in REDCap to see a new option to create a Clinical Data Mart project. Note: If they have not yet launched the REDCap window from inside their EHR, it will inform them that they must first do so before proceeding. This must be done because launching the REDCap window inside the EHR, which is always the first step before a user can use either CDP or Data Mart. When creating the Data Mart project, the user defines the data pull configuration when creating the project - e.g., chooses specific MRNs, date range, and data fields from the EHR.
      • Once the project has been created, the whole structure of the project (i.e., the fields and forms) will be pre-defined. To begin pulling clinical data from the EHR, the user must navigate to the Clinical Data Mart page using the link on the left-hand project menu. On that page, they may request changes to their existing Data Mart configuration (if they wish to add new MRNs, new fields, or modify the date range) and/or pull data from the EHR using the “Fetch clinical data” button near the top of the page. By default, users will only be able to pull data just one time and will not be able to modify the Data Mart configuration after initially being set when the project is created. However, an administrator can change these settings (see below) on the Project Setup page so that they may pull data as often as they wish or to allow them to make configuration changes when needed.
      • Field mapping is not required for Data Mart projects since the project structure/instruments are pre-defined when the project is created. Demographics is created as a single data collection form, and the following forms are created as repeating instruments: Vital Signs, Labs, Allergies, Medications, and Problem List. Each data value on the repeating instruments are represented as a separate repeating instance of the form.
    • User permissions
      • A user's REDCap account must be given Data Mart privileges by a REDCap administrator on the Browse Users page in the Control Center, after which the user will be able to create a Data Mart project and pull EHR data. (Note: This is not a project-level user right but a REDCap user account privilege.) Also, there is no optional User Access Web Service as there is with CDP to further control user access for pulling data.
      • In order to pull data from the EHR, users must have access to the EHR and must have launched at least one patient in the REDCap window inside the EHR user interface.
      • Users with Project Setup/Design rights in a Data Mart project will be able to request changes to the data pull configuration (if needed and if the project-level setting has been enabled).
    • For more details about Data Mart and CDP, see the information on the CDIS page in the Control Center in v9.1.0 (including the downloadable Overview PDF), which is also available here: https://redcap.vanderbilt.edu/redcap_v9.1.0/Resources/misc/redcap_fhir_overview.pdf
  • Improvement: When using the Clinical Data Pull module, it now displays the patient's MRN inside the adjudication popup dialog. This makes it easier to confirm that a user is looking at the correct patient's data.
  • Improvement: When using the Clinical Data Pull module, the process of determining which FHIR access token is the best to use and still viable for a given user/patient has been much improved to reduce common token errors that have occurred in previous versions.
  • Bug fix: When creating a Custom Record Status Dashboard that has filter logic, in which the logic contains Smart Variables and also the logic references fields in repeating instruments or repeating events, the dashboard might mistakenly not display the correct records. (Ticket #64045)
  • Bug fix: If an Alert is set to be triggered when an instrument is saved and also has conditional logic, in which the instrument is a repeating instrument or is on a repeating event and also the logic references a field within that repeating instance, then the Alert would mistakenly not get triggered (unless using a [X-instance] Smart Variable for all repeating fields in the logic).
  • Bug fix: If data values are being piped onto a form/survey (into field labels, etc.) in a longitudinal project, in which the values are being piped from another event (e.g., [other_event][field:checked]) and also the piping fields have colons in them (e.g., [field:value], [field:checked]), it might mistakenly cause the data not to get piped but would stay blank on the page.
  • Fixes and updates for the External Module framework, including a fix for module icons not displaying correctly on the left-hand project menu.
  • Bug fix: When using the PDF Auto-Archive for a survey in a project that has the project-level setting "Character encoding for exported files" set to "Chinese (UTF-8)" on the "Edit a Project's Settings" page in the Control Center, the Auto-Archive version of the PDF will mistakenly have unusually wide spacing for some text in the PDF, whereas PDFs of the survey downloaded from the data entry form will have typical spacing.

Version 9.0.3 - (released 5/24/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: Users are not able to create new projects (or request new projects be created) if they are using any version of Internet Explorer. Bug emerged in REDCap 9.0.2. (Ticket #64135)
  • Medium security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on many pages, in which a malicious user could potentially exploit it by adding specific user-defined HTML that gets displayed on certain webpages throughout the application (e.g., in field labels on instruments; in survey instructions).
  • Improvement: Added support for Traditional Chinese in exported PDFs. Previous versions only supported Simplified Chinese in exported PDFs of instruments/surveys if the project encoding was set to “Chinese (UTF-8)”. Now on the “Edit a Project’s Settings” page and “Default Project Settings” page in the Control Center, it lists both “Simplified Chinese (UTF-8)” and “Traditional Chinese (UTF-8)” in the “Character encoding for exported files” option. Note: The only difference between the two Chinese encoding options are the fonts embedded inside exported PDFs; it does not affect other exported file types, such as CSV files.
  • Improvement: On the Alerts & Notifications page, the email "From" address is now displayed in the right-hand Email box for each alert.
  • Bug fix: The field mapping page for Clinical Data Pull (CDP) and Dynamical Data Pull (DDP) Custom would mistakenly not load the field table correctly if attempting to map new source fields for the project.
  • Bug fix: When moving a project to production while deleting all records or when erasing all records in a project, any records that have received an Alert or have an Alert scheduled will mistakenly still be shown on the Alerts & Notifications page afterward. (Ticket #63257)
  • Change: For Alerts & Notifications, in Step 2B ("send it how many times?"), the "Just once" option now has more clarifying text for longitudinal projects or projects with repeating instruments/events to explain that the alert will be triggered at a per-event and per-repeating-instance level.
  • Bug fix: When suspending or unsuspending a user on the Browse Users page in the Control Center, the user search feature above will mistakenly no longer perform auto-complete functionality when typing in that text box (unless the page is refreshed). (Ticket #64071)
  • Change: Improved accessibility on survey pages for users with visual impairments using screen readers
  • Bug fix: When running a Data Quality rule or performing a data import of fields used in a calculation, the resulting calculations that get saved might be incorrect if the project is longitudinal and if Smart Variables are used in the rule's logic. (Ticket #63606)
  • Bug fix: When running Data Quality rule H or performing a data import of fields used in a calculation, the resulting calculations that get saved might be incorrect if the project is longitudinal and if Smart Variables are used in the calculation. (Ticket #63156)
  • Bug fix: When an Automated Survey Invitation has conditional logic that references fields on multiple events, including an event that does not yet have any data saved for it, then the ASI might mistakenly not get triggered appropriately if the project is both longitudinal and also has either repeating events or repeating instruments. (Ticket #59942)
  • Bug fix: If an MDY- or DMY-formatted date/datetime field is piped into the choice label of a drop-down field, then the date value might get scrambled and not formatted correctly when displaying the date inside the drop-down label on a form or survey. (Ticket #64223)
  • Bug fix: If users are not allowed to create/copy projects but must request them be created/copied, then when an administrator is approving a "Copy Project" request in which some users are in user roles in the project but the requester has chosen not to copy the user roles into the new project, then it could cause the newly created project to have a "ghost" role (with no apparent name) that is still attached (in certain regards) to the old project. For example, if a user in the "ghost" role had an API token in both the new and original project, then when using the token to make API requests in the new project, it might mistakenly think that the token belongs to the old project instead. (Ticket #63667)
  • Bug fix: An example link on the "Help & FAQ" page was mistakenly linking to the wrong example website.

Version 9.0.2 - (released 5/17/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: Force e-Consent signature fields to be erased when modifying responses - The e-Consent Framework setup on the Survey Settings page has a new option to allow users to specify up to five signature fields in the current survey, in which it will force all signature field values to be erased in the survey if the participant clicks Previous Page button while on the certification page (i.e., the last page of the survey). In many situations when using e-Consent, it is required that if the participant completes all the survey responses and gets to the certification page but then decides to go back to modify some responses, the field (or multiple fields) where they supplied their signature must first be erased, thus forcing them to re-sign the survey before they complete it. This new e-Consent Framework option helps to comply with this particular situation. Note: Only freeform text fields, signature fields, and number fields may be used as e-consent signature fields here, and those fields must be Required fields.
  • Improvement: Custom message for e-Consent Framework settings - In the e-Consent Framework section on the Modules/Services Configuration page in the Control Center, an administrator may define custom text (including HTML styling), in which that custom text will be displayed at the bottom of the e-Consent Framework section on the Survey Settings page in every project. This may be utilized for informing users of some information surrounding the use of the e-Consent Framework at the local institution, for example.
  • Bug fix: Some Email Alerts might mistakenly not migrate into Alerts & Notifications in certain situations due to a query failing during the conversion process.
  • Bug fix: In the Alerts & Notifications module, if an alert is set to be triggered by conditional logic only, it might mistakenly keep sending notifications whenever a form/survey is submitted so long as the condition is true, even when it is set to only send just one time.
  • Bug fix: In the Alerts & Notifications module, if an alert was migrated from the Email Alerts module, in which the alert's "Email From" address did not correspond to any email address belonging to a user in the project, then it would mistakenly set it to a blank value when re-saving the alert, thus causing the email not to send or to send with an incorrect From address.
  • Bug fix: In the Alerts & Notifications module, if an alert's email text is modified as HTML, in which an IMG tag is manually added that references an image URL on the current REDCap server, it would mistakenly get converted to a relative URL (i.e., the beginning of the URL would be removed). (Ticket #63664)
  • Bug fix: In the Alerts & Notifications module, if an alert has one or more static attachment files, and the REDCap installation is not using "Local" file storage for uploaded files (as seen at the top of the File Upload Settings page in the Control Center), then while it would successfully send the notification, it would mistakenly not attach the attachments to the email notification that is sent. (Ticket #63664)
  • Bug fix: The Clinical Data Pull (CDP) would not function successfully on Cerner systems because part of REDCap’s OAuth2 authorization process for FHIR only worked for Epic.
  • Bug fix: Icon not positioned correctly on the General Configuration page in the Control Center. (Ticket #63566)
  • Bug fix: If a user navigates to the Codebook page in a project and does not have "Project Setup & Design" user privileges in the project, it would mistakenly display the tabs for the "Online Designer" and "Data Dictionary" pages near the top of the Codebook page. Bug emerged in 9.0.0. (Ticket #63573)
  • Bug fix: If using MySQL 8 for the REDCap database, the Calendar page in a project might mistakenly not display any calendar events on the page. (Ticket #63434)
  • Bug fix: In certain situations, the External Module framework might mistakenly call a function twice on the Data Comparison Tool page, thus causing the page to crash fatally and preventing it from loading in certain projects.
  • Bug fix: The Clinical Data Pull (CDP) would not function successfully on Cerner systems because FHIR requests for pulling labs and vitals were mistakenly not utilizing the correct format for LOINC codes passed in the request's query string.
  • Bug fix: If a survey has the PDF Auto-Archiver enabled (with or without the e-Consent Framework enabled), when the survey is completed, it would mistakenly log the action as a Data Export action as if a user has manually downloaded the PDF. It should not log this event and is confusing to users.
  • Bug fix: When using the Twilio telephony services for surveys, in which a telephone/number field has been designated as the "phone number field for survey invitations", it would mistakenly not display the record name on the Survey Invitation Log to prevent users from viewing it *unless* the Designated Email Field was enabled for the project or if a Participant Identifier had been entered in the Participant List. (Ticket #49955)
  • Bug fix: When viewing a non-saved instance of a repeating event on a data entry form, the form status icons on the left-hand menu might mistakenly show the cumulative status of all the existing saved instances of the repeating event when instead it should display a gray stack icon since the current form-event-instance has not yet been saved. (Ticket #63956)
  • Bug fix: When using the "Quick Add" dialog while editing a new or existing report on the "Data Exports, Reports, and Stats" page, unchecking the checkbox next to a field or clicking the "Deselect All" link for an instrument would mistakenly not remove the field from the underlying report on the page. (Bug emerged in REDCap 9.0.1.)
  • Bug fix: When opening the "Set up Survey Queue" popup in the Online Designer, if the project contained many records (e.g., 1000+) and also many surveys, then the popup might not be able to open at all.
  • Bug fix: When a survey participant partially completes a public survey and then returns to the survey to complete it later, it would mistakenly say "Response is only partial and is not complete" in the PDF if a user downloads the response as a PDF from the data entry form. (Ticket #62831)

Version 9.0.1 - (released 5/10/2019)

BUG FIXES & OTHER CHANGES:

  • Change: Replaced many of the older icons in the user interface with Font Awesome icons, especially on the left-hand project menu and left-hand Control Center menu.
  • Change: Consolidated the two project pages “Record Locking Customization” and “E-signature and Locking Mgmt” into a single two-tabbed page named”Customize & Manage Locking/E-signatures”. Note: If user only has access to one of these pages, they will simply not see the other page/tab.
  • Bug fix: When enabling the Clinical Data Pull (CDP) module in a project, it would mistakenly say "Enable DDP on FHIR" in the Logging. It should instead say "Enable the Clinical Data Pull (CDP) module" in the Logging since that module was renamed and is no longer called "DDP on FHIR".
  • Bug fix: The FHIR web service requests made by the Clinical Data Pull module would mistakenly make calls to the FHIR "Observation" endpoint using a format that was not compatible with some Epic installations. This was modified to a slightly more compatible format. (Ticket #63080)
  • Bug fix: In the Alerts & Notifications module, it was mistakenly not allowing users to use Signature fields in the Message Attachment section of an alert.
  • Bug fix: In the Alerts & Notifications module, for alerts set to trigger when saving a specific form or survey with conditional logic set, in which the alert is set to repeat after initially being sent, then if the "ensure logic is still true" option has been checked and a recurring notification has already been scheduled for a record, it would mistakenly not remove the recurring notification when the logic becomes false. And this only occurs if an initial notification has already been sent for that record for that alert.
  • Bug fix: In the Alerts & Notifications module, whenever an alert is created or modified, the Logging page might get too wide when displaying the details of this event.
  • Bug fix: In the Alerts & Notifications module, the Logging page might mistakenly display logged events when Alerts are created or modified when selecting a record from the "filter by record" drop-down.
  • Bug fix: After being triggered, if an Alert is set to be scheduled after a delay (rather than sending immediately) and is set to only send one time, the Notification Log page would mistakenly display the record multiple times, all with the same time. Also, the Notification Log's "end time" might mistakenly get forcibly set to the current time and prevent users from viewing notifications that are scheduled to be sent in the future. (Ticket #63087)
  • Bug fix: When clicking the form status stack icon on the Record Home Page or Record Status Dashboard for a repeating instrument/event, the popup displaying all the repeating instances would sometimes not be positioned correctly on the page and might be too narrow.
  • Bug fix: When using the @DEFAULT action tag in a repeating survey, it might mistakenly think that the current survey has data and thus would prevent the action tag from operating, even when no data exists for that survey on that repeating instance.
  • Bug fix: When importing data (via the Data Import Tool or API import) for a repeating event, if the field "redcap_repeat_instance" is not included as a field in the imported data set, instead of returning an error message, it would mistakenly allow the data to get imported. While this causes no problems for the first imported batch of data, any subsequent imports would mistakenly get piled on top of the existing data in the database (rather than updating the existing values), thus causing duplicate/multiple rows of data to pile up in the database for a given record/event/field, which could have various negative consequences, such as making some project pages very slow. Now it will instead return an error message if data for a repeating event is being imported in which the field "redcap_repeat_instance" is not included as a field in the imported data set. (Ticket #63128)

Version 9.0.0 - (released 5/3/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Alerts & Notifications
    • The Alerts & Notifications feature allows you to construct alerts and send customized email notifications. These notifications may be sent to one or more recipients and can be triggered or scheduled when a form/survey is saved and/or based on conditional logic whenever data is saved or imported. When adding/editing an alert, you will need to 1) set how the alert gets triggered, 2) define when the notification should be sent (including how many times), and 3) specify the recipient, sender, message text, and other settings for the notification. For the message, you may utilize customized options such as rich text, the piping of field variables (including Smart Variables), and uploading multiple file attachments. While similar in many respects to Automated Survey Invitations, Alerts & Notifications allow for greater complexity and have more capabilities. For example, alerts apply to both data entry forms and surveys, and they also allow for more options regarding who can be the recipient of a notification (project users, survey participants, etc.).
    • System-level permission settings – On the “Modules/Services Configuration” page in the Control Center (at bottom of page), administrators may adjust the settings that determine if normal users are able to use email field variables in an alert’s To/CC/BCC field and/or use email addresses entered manually as freeform text into an alert’s To/CC/BCC field. These settings will be determined based on the comfort level and/or policy of the local REDCap institution. By default, REDCap will allow normal users to use email fields and freeform text emails (i.e., both are enabled by default), but this can be easily changed immediately after installation or upgrading. Additionally, if Yes is chosen for allowing freeform emails to be entered, the admin may limit those emails to a specific whitelist of email domain names (e.g., vumc.org, mmc.edu) to provide some additional restriction there.
    • Converting existing Email Alerts into Alerts & Notifications – If your REDCap installation currently has the Email Alerts external module installed and is being used in projects, there will be an option (a green button) at the top left of the Email Alerts configuration page to convert all the Email Alerts in a given project into Alerts & Notifications. This is an opt-in setting, and must be done for each project one at a time. It will present a dialog popup with information so that the user understands that there are some differences between EA and A&N, but overall, everything will be able to be converted, although the alerts might look slightly different afterward as A&N’s. Once the Email Alerts are converted, the Email Alerts module will be automatically disabled for the project, and the user will be redirected to the A&N page. Note: The conversion instructions notes that if (for whatever reason) the A&N’s are not behaving like the user anticipated, they can easily revert back to using Email Alerts again by 1) deactivating all the A&N’s that were created from the conversion, and 2) have an administrator re-enable the Email Alerts module.
  • Improvement: The rich text editors on the Survey Settings page have now been updated to a newer version of the TinyMCE package. (Note: IE9 and IE10 will still use the older version of the rich text editor because they are not compatible with the newer one.)
  • Improvement: New records can now be created directly from the Record Status Dashboard. If record auto-numbering is enabled, it will display an “Add new record” button, otherwise it will display a text field for users to enter a new record name to create.
  • Improvement: Links to the Online Designer, Data Dictionary Upload page, and Codebook were added to the left-hand project menu for easier navigation. Also, a new section “Project Home and Design” was added on the left-hand menu to contain all these links, as well as the Project Home and Project Setup page links.
  • Change: The Quick Tasks box on the Project Home page was removed since all the pages listed inside it are now located on the left-hand project menu, thus making the Quick Tasks box redundant.
  • Bug fix: Certain types of HTML tags in a field label might cause parsing issues when exporting to stats packages, especially SAS. To prevent this, all HTML tags will now be removed from field labels as they are included in the stats package syntax files. (Ticket #57751)
  • Bug fix: When calling the "Export Records" API method, if any invalid values were passed in the API request parameters "events", "fields", or "forms", it would often ignore the incorrect value and would mistakenly not return an error. Additionally, in this scenario it might mistakenly return all events, all fields, or all forms, respectively, rather than limiting the data returned to only the valid values in those filter parameters. (Ticket #54273)
  • Bug fix: If a production project is in Draft Mode, and a matrix field's label has been modified *and* the field has data saved for one or more records, this is now considered a critical issue during the production change approval process because of specific cases where changing a matrix field's label can change its meaning and thus negate the existing data - much more so than with regular non-matrix fields. (Ticket #60834)
  • Bug fix: If a repeating instrument is enabled as a repeating survey, and then later the instrument is set to no longer be repeating via the "repeatable instruments" dialog on the Project Setup page, it would mistakenly still display the repeating survey icon (i.e., green circle arrow) next to the instrument in the Online Designer. (Ticket #60869)
  • Bug fix: If running a REDCap server with PHP 7.3, then the PDF Auto-Archiver would fail, as well as attempts to add PDF attachments to confirmation emails when surveys are completed. In all cases, it would crash with an HTTP 500 sever error. (Ticket #55868)
  • Bug fix: Some Smart Variables, especially those related to repeating instance, would mistakenly not pipe correctly inside survey instruction text and survey completion text.

Version 8.11.11 - (released 4/26/2019)

BUG FIXES & OTHER CHANGES:

  • Bug fixes and updates for External Module framework
  • Bug fix: If hyperlinks exist inside multiple choice labels on a survey that has Enhanced Choices enabled, the hyperlinks might mistakenly not be displayed in the correct color (depending on the survey design settings) and thus might not be readable.
  • Bug fix: For multi-page surveys having fields with branching logic, in very specific situations some pages of the survey might mistakenly get skipped over. (Ticket #62299)
  • Bug fix: When a hook or External Module is using REDCap::saveData() on a project page and importing data into another project, it may mistakenly change the global variable $Proj to point to the other project, thus causing possible issues on the page after the REDCap::saveData() method has been called.
  • Bug fix: When importing data for a repeating instrument or event (via API or Data Imort Tool), it would mistakenly be possible to import a non-integer number value (e.g., 2.1, 5.44) for the redcap_repeat_instance field.
  • Bug fix: The Action Tag @NONEOFTHEABOVE fails to work if it references a choice not wrapped in quotes and is also followed by other text in the Field Annotation - e.g., ""@NONEOFTHEABOVE=0 @INSTANCETABLE_HIDE". (Ticket #61939)
  • Bug fix: When using the Twilio telephony services for surveys, in which a telephone/number field has been designated as the "phone number field for survey invitations", it would mistakenly not display the record name on the Survey Invitation Log to prevent users from viewing it. Since a field's value is being used, the response is already de-anonymized (i.e., a user can connect the participant in the Participant List to a specific record), thus it should not hide the record name in the Survey Invitation Log. (Ticket #49955)

Version 8.11.10 - (released 4/19/2019)

BUG FIXES & OTHER CHANGES:

  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on the Data Import Tool page, in which a malicious user could potentially exploit it by manipulating data values for a specific field being imported in the CSV data file.
  • Change: The Data History Widget on data entry pages now displays the "seconds" component of the "Date/Time of Change" timestamp for when the data value was added/modified. This allows users to view the logging items with greater granularity for when data changes are made in narrow windows of time.
  • Bug fixes and updates for the External Module framework
  • Bug fix: On the Online Designer, when using the "Test logic with a record" feature for the Advanced Branching Logic Syntax in the "Add/Edit Branching Logic" popup or the "Test calculation with a record" for a Calculation in the "Add/Edit New Field" popup, it would mistakenly say that there was an error in the syntax every time if the project is longitudinal. (Ticket #54822)
  • Bug fix: On the Survey Settings page, if a survey has the e-Consent Framework enabled, and then an administrator disables the e-Consent Framework for all projects in the system (via the Modules/Services Configuration page in the Control Center), then the Survey Settings page would mistakenly still display the e-Consent Framework options. (Ticket #62075)
  • Bug fix: When the Double Data Entry module is enabled in a project, and the current user is DDE person #1 or #2, it would not display the form status icons with the correct color on the Record Status Dashboard but would instead mistakenly always display them as gray status icons. This bug emerged in the previous version. (Ticket #62212)
  • Bug fix: The Clinical Data Pull (CDP) would not function successfully on Cerner systems because part of REDCap’s OAuth2 authorization process for FHIR only worked for Epic.
  • Bug fix: When using Google reCAPTCHA for surveys, if the REDCap server was not able to communicate with the Google server (even temporarily), it would effectively prevent participants from ever reaching the survey. It now goes ahead and allows the participant to take the survey without successfully passing the reCAPTCHA if the Google server does not respond back within 5 seconds. (Ticket #61969)
  • Bug fix: When using Google reCAPTCHA for surveys, the REDCap footer text was mistakenly not being displayed on the reCAPTCHA page, and the style/locations of the survey title and logo were slightly incorrect on the reCAPTCHA page. (Ticket #61969)

Version 8.11.9 - (released 4/12/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: The DateDiff+Today/Now cron job would sometimes crash due to a fatal PHP error caused when processing the [survey-link] Smart Variable in the message of an Automated Survey Invitation. This would occur only under very specific conditions, and it would result in many projects/records not having their ASI datediff logic being processed, thus the ASI's survey invitations would not get successfully scheduled in these cases and might cause invitations from other unrelated projects not to get scheduled either. (Ticket #61346, #61213)
  • Major bug fix: When a project is using a public survey that has "Save & Return Later" enabled with "Allow respondents to return without needing a return code" enabled, then if a participant clicks the "Save & Return Later" button on the public survey and leaves the survey open on the "Your survey responses were saved!" page while another participant partially or fully completes the survey, and then if the original participant clicks the "Continue Survey Now" button on the "Your survey responses were saved!" page, then the original participant will mistakenly create a brand new record/response whenever they submit survey page again after returning. (Ticket #61764)
  • Improvement: Added links to "select all" or "deselect all" for the checkbox options on the "Copy Project" page.
  • Bug fix: When viewing the Field Comment Log popup on a data entry form, if the username in the User column is very long, it would mistakenly not wrap in the table but instead would overflow into the next column. Note: This was only partially fixed in a previous version. (Ticket #60923)
  • Bug fix: The page footer on project pages would sometimes not be displayed at the very bottom of the page if the left-hand menu was taller than the right side of the page.
  • Bug fix: In a project that has sent many survey invitations (e.g., >50,000), it could cause both the Public Survey Link page and the Participant List page to load very slowly and in some cases never fully load at all.
  • Bug fix: When using the Clinical Data Pull, it would mistakenly make a POST request (instead of a GET request) to the Conformance Statement (metadata) endpoint. This would only cause issues with certain EHRs/configurations. (Ticket #61549)
  • Bug fix: For some pages in REDCap, the PHP constant "PAGE" might mistakenly get set as "/index.php" rather than "index.php", which could cause problems for existing External Modules or hooks that must utilize the value of PAGE to determine the current location. This has now been changed so that any slashes at the beginning of PAGE will be trimmed off before it gets defined. (Ticket #61776)
  • Bug fix: When exporting data in CSV Labels format for projects whose language is set to a language other than the default English, it would mistakenly always display *all* the choice labels for checkbox fields in the export file, rather than outputting the choice labels for only the checkbox options that had been selected for that field. (Ticket #60620)
  • Change: Added note about e-Consent feature on the REDCap Home Page.
  • Bug fix: When the Double Data Entry module is enabled in a project, and the current user is DDE person #1 or #2, it would not display the form status icons with the correct color on the left-hand menu when viewing a record but would instead mistakenly always display them as gray status icons. (Ticket #57484)
  • Change: More explanatory info was added on the Survey Settings page for Question Numbering, Question Display Format, and Response Limit.
  • Bug fix: The DateDiff+Today/Now cron job would mistakenly get run for projects that had been deleted in the past 30 days. It now ignores any projects that have been deleted by a user.
  • Bug fix: When using the e-Consent Framework for a survey, the resulting PDF of the consent survey would mistakenly not obey the project-level PDF Customization setting to show or hide the REDCap logo/URL under specific conditions. This would vary depending on if certain settings were set for the e-Consent Framework, such as having first/last name fields defined or consent version. (Ticket #58221)
  • Bug fix: When using the e-Consent Framework for a survey, if custom PDF header text is set under the project-level PDF Customization settings, it would mistakenly not get displayed on the resulting PDF of the consent survey.

Version 8.11.8 - (released 4/4/2019)

BUG FIXES & OTHER CHANGES:

  • Minor security fix: If a malicious user is able to find the URL endpoint at which REDCap Messenger's message history can be downloaded as a CSV file for a given conservation, they could potentially exploit it by manipulating the query string of the HTTP request, which might allow them to download other users' conversations to which they do not have access.
  • Minor security fix: If the hook functions file (as defined on the General Configuration page in the Control Center) begins with "http" or "ftp", then REDCap will not attempt to call/include that path.
  • Major bug fix: When using Smart Variables in the conditional logic of an Automated Survey Invitation, in which the logic also contains a datediff function using "today" or "now" as a parameter in the function, it would often cause the ASI cron job to not correctly parse the logic and thus not schedule the invitations at the correct time, or it might mistakenly cause the cron job to crash unexpectedly without finishing scheduling all other ASIs for other surveys.
  • Bug fix: When using branching logic or a calculation that contains a X-event-name or X-instance Smart Variable connected, in which it references an event or instance that does not exist (e.g., [previous-event-name] while on the first event), it would not fail gracefully but would mistakenly display an error message saying that the logic/calculation is incorrect.
  • Bug fix: When completing an Adaptive survey or Auto Scoring survey from the REDCap Shared Library, the "redcap_survey_complete" hook would mistakenly not pass a value for the "record" and "response_id" parameters in the hook. (Ticket #60668)
  • Bug fix: If the Clinical Data Pull feature is enabled for a project, it would still mistakenly display "DDP" (instead of "CDP") in a couple places in the project (Record Status Dashboard, Logging page).
  • Bug fixes and updates for External Modules framework
  • Bug fix: If a multi-page survey contains a matrix of fields, in which those fields are used in branching logic or in a calculation on another page on that survey, it would mistakenly display the matrix fields on the survey page containing the fields that reference them in their logic/calc. (Ticket #61134)
  • Bug fix: A single LOINC lab was mistakenly missing from the field mapping page for Clinical Data Pull.
  • Bug fix: If a multi-page survey contains a page in which every field on the page is a Descriptive field and also has branching logic, it would mistakenly always skip the page regardless of whether all the fields were hidden by branching logic.
  • Bug fix: When the redcap_survey_identifier field is displayed in a report or data export, it would mistakenly only display the participant identifier value on the first event of a given record and would not display it if the first instrument was a repeating instrument. It now always displays the participant identifier value in the redcap_survey_identifier column of a report/export for every row/item for a given record. (Ticket #59811)
  • Bug fix: The FHIR web service requests made by the Clinical Data Pull module would mistakenly make calls to the FHIR "Observation" endpoint using a slightly incorrect format according to HL7's FHIR standards. This does not appear to affect CDP when interfacing with Epic but when interfacing with other EHR vendors (notably Cerner). (Ticket #61150)
  • Bug fix: The code for generating the Survey Queue setup table was mistakenly referencing variables that had not been defined. However, this did not affect anything. (Ticket #61030)
  • Bug fix: If the setting "Auto-suspend users after period of inactivity" is enabled, and some users who are suspended have not had any activity within the designated period of inactivity, then if the user has a sponsor and the user's sponsor puts in a request to have them unsuspended, the user would mistakenly get re-suspended within a day. (Ticket #58909)
  • Bug fix: If a normal user is copying a project and is also in a User Role, it would mistakenly not give them their current role's privileges in the new project but instead would give them the privileges that they had before being put into a role in the copied project. (Note: The user will always be removed from the user role in the new project and will always be given User Rights and Project Setup/Design Privileges.) (Ticket #55767)
  • Bug fix: If an administrator is viewing the table of users on the Browse Users page, if they check the checkbox next to a user and then click the "Fetch for selected" link (under "Time of latest password reset"), it would display an erroneous error message about no users being selected if all the selected users are suspended. It should instead work for all table-based users regardless of whether the users are suspended or not. (Ticket #60625)
  • Change: The form status field on a data entry form has a blank drop-down option which serves no purpose. The blank option has been removed. (Ticket #60849)
  • Bug fix: When exporting an Project XML file containing data from a project, if any multiple choice option labels contain ASCII control codes, it would mistakenly prevent the data from being restored completely in the new REDCap project being created. (Ticket #34968)
  • Change: The Configuration Check page in the Control Center now ensures that the REDCap server can communicate with the Google reCAPTCHA API service, if enabled. (Ticket #60764)
  • Bug fix: The plugin/module method named "REDCap::evaluateLogic" might mistakenly not interpret logic correctly it it contains checkbox fields and if the project is classic/non-longitudinal. (Ticket #60998)
  • Bug fix: The upgrade page would attempt to display a non-existent icon in a button on the page. (Ticket #60560)
  • Bug fix: Fixed a page layout issue that occurred at specific page widths. (Ticket #60317)

Version 8.11.7 - (released 3/24/2019)

BUG FIXES & OTHER CHANGES:

  • Medium security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on many pages, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Major bug fix: When the Clinical Data Pull (CDP) is enabled on a project, if extra data is imported from the EHR for several patients at one time via the cron job (after a user has already pulled some patient data from the EHR for those patients), in certain cases it might mistakenly not clear out data from another patient whose data is being fetched and thus inadvertently add one patient’s data to another patient.
  • Bug fix: Some data exports were not getting correctly logged as "Data Export" on the project logging page, specifically when downloading PDFs with data and downloading an "exported data file" or an "exported syntax file". It now lists "Data Export" as the proper Action for these events and also displays them when filtering the logging page by event="Data Export". (Ticket #59278)
  • Bug fix: When updating the value of the Secondary Unique Field or the designated survey email field for a project that is either longitudinal or has repeating events/forms, it would mistakenly not log the value change across all events/instances as it should since a new value for those fields gets propagated to every event/instance in the project to keep them all in sync. They now all get logged as separate logged events, which allows the value to always appear in the Data History widget on the data entry page. (Ticket #59586)
  • Bug fix: When performing piping of a field with the Smart Variable [X-instance] appended to the field variable, it would sometimes mistakenly not perform the piping at all. (Ticket #59671)
  • Bug fix: When performing piping of the Smart Variable survey-time-completed or survey-date-completed with the parameter ":value" appended to the end of it, it would mistakenly throw an error on a survey or data entry form if it was being used in branching logic or in a calculated field. (Ticket #59885)

Version 8.11.6 - (released 3/15/2019)

BUG FIXES & OTHER CHANGES:

  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on certain pages, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Bug fix: Incorrect text was displayed in the Edit User popup on the User Rights page that mistakenly referenced "Clinical Data Pull" instead of "DDP" in projects with DDP Custom enabled.
  • Change: Support was added to External Module framework to support return values for hooks. Specifically, the hook redcap_custom_verify_username was modified so that if it returns result “status” of “1” or TRUE, it will display a green message box containing the return “message”, whereas if return “status” is “0” or FALSE, it will display a red message box containing the return “message”.
  • Bug fix: If a survey that has Survey Auto-Continue enabled is a repeating instrument and is then followed by another survey that is a repeating instrument, then if respondent completes the first survey, it will mistakenly take them to repeating instance #2 of the following survey, thus skipping over instance #1.
  • Bug fix: Fixed typo in Clinical Data Pull error message. (Ticket #59005)
  • Bug fix: When launching patients in the EHR embedded window for the Clinical Data Pull, in certain situations, especially if the user does not have access to all the FHIR end-points (often due to a limitation in their EHR privileges), it might mistakenly cause the FHIR access token in the database to get removed for that user for that patient, thus resulting in an error message to the user stating that there are no available access tokens that can be used.
  • Bug fix: When using the Data Resolution Workflow, the Resolve Issues page might mistakenly display negative counts for certain data query statuses.
  • Bug fix: When importing data where the field "redcap_repeat_instance" has a numerical value but the current event/form in the data (i.e., CSV row) does not exist on a repeating instrument or repeating event, it would mistakenly allow the data to be imported, but the imported data would immediately be orphaned since that data would not be accessible in the user interface. It now gives an error for this situation. This issue was supposedly fixed in the previous version (and the version before that), but mistakenly it would sometimes display a false positive for this issue and return the error under legitimate circumstances, specifically when only checkbox fields were being imported (not including the record ID field, event name, or repeat fields). (Ticket #57699)
  • Fixes and updates for the External Module Framework
  • Bug fix: When viewing the REDCap login page on a mobile device (device width <575 pixels), it would mistakenly display a "Go to My Projects" button on the page. (Ticket #59494)
  • Bug fix: When using the Data Resolution Workflow in a project and opening a data query on a field on a data entry form, the floating Save button that appears next to the field when the field is selected was mistakenly not being displayed in the correct location on the page if the field, specifically when navigating from a link on the Resolve Issues page for a radio button field. (Ticket #59373)
  • Bug fix: When using the "Test logic with a record" feature when setting up an Automated Survey Invitation, on certain occasions it might return an incorrect response. (Ticket #59030).
  • Bug fix: The HTML character code " " might mistakenly get displayed in the text of PDFs downloaded for an instrument but only if downloading the blank PDF (without data). (Ticket #58790)
  • Bug fix: When using the Randomization module with strata fields, in which one or more strata fields exist as part of a matrix of fields, it would mistakenly cause a JavaScript error to occur on the data entry form where the strata fields are located, thus preventing the form from being saved successfully. (Ticket #59639)
  • Bug fix: The field count for projects on the My Projects page was mistakenly not including Descriptive fields. This could be confusing for users. It now includes all fields in the field count now. (Ticket #60004)
  • Bug fix: When performing piping of a field with the Smart Variable [next-event-name], [previous-event-name], or [event-name] prepended to the field variable, it would sometimes mistakenly not perform the piping at all. (Ticket #44559)

Version 8.11.5 - (released 2/21/2019)

BUG FIXES & OTHER CHANGES:

  • Bug fix: When there exist a lot of branching logic and several matrices of fields together on a survey page or data entry form, the page will scroll very slowly for the user. Bug emerged in REDCap 8.11.0. This issue was improved upon in the previous version but still existed for instruments with many hundred fields or more. (Ticket #58443)
  • Bug fix: When downloading the CSV file of Automated Survey Invitations on the Online Designer, the file's filename might mistakenly begin and end with an apostrophe, thus preventing it from being opened correctly on the user's computer. (Ticket #58445)
  • Bug fix: If a matrix of fields exists on a data entry form, then the matrix's floating headers might mistakenly get partially obscured by the floating box of Save buttons that appear at the top right of the page. (Ticket #58484)
  • Bug fix: When importing data where the field "redcap_repeat_instance" has a numerical value but the current event/form in the data (i.e., CSV row) does not exist on a repeating instrument or repeating event, it would mistakenly allow the data to be imported, but the imported data would immediately be orphaned since that data would not be accessible in the user interface. It now gives an error for this situation. This issue was supposedly fixed in the previous version, but mistakenly in the previous version it would sometimes display a false positive for this issue and return the error under legitimate circumstances. (Ticket #57699)
  • Bug fix: The example Java code generated by the API Playground for the "Export Records" API method contained an error. (Ticket #58488)
  • Bug fix: Some specific PROMIS assessments that are downloading from the REDCap Shared Library as part of a battery might be mistakenly labeled as "Auto-scoring" or "Adaptive" in the Online Designer after being downloaded when such instruments are actually neither "Auto-scoring" nor "Adaptive". (Ticket #58488)
  • Bug fix: If using the Survey Auto-Continue feature to continue to a survey that is a repeating survey instrument, if any repeating instances have already been created for that repeating survey, then after completing the first survey, it would mistakenly say that the repeating survey has already been completed. It should instead advance the respondent to the next available repeating instance of the repeating survey so that a new repeating instance can be added via survey. (Ticket #58624)
  • Bug fix: When exporting an Project XML file containing data from a project, if any text field values contain ASCII control codes, it would mistakenly prevent the data from being restored completely in the new REDCap project being created. (Ticket #34968)
  • Bug fix: Fixed a typo in the Twilio configuration instructions. (Ticket #58731)
  • Bug fix: When downloading the Project XML file (metadata only) for a project, it might mistakenly begin and end the XML filename with an apostrophe.

Version 8.11.4 - (released 2/15/2019)

BUG FIXES & OTHER CHANGES:

  • Text changes: The “DDP on FHIR” feature was renamed “Clinical Data Interoperability Services”. The main (and currently only) feature under the “Clinical Data Interoperability Services” umbrella of services is the “Clinical Data Pull” (CDP). Other services will be added in future versions of REDCap, such as “Clinical Data Mart”.
  • Bug fix: After the initial schedule is generated for a record on the Scheduling page, if the user modifies one of the dates in the schedule so that it is the same as the maximum date or minimum date (if a min/max is set for an event), then on certain occasions it would mistakenly display a popup saying that the new date is out of range when in fact it is not.
  • Bug fix: When there exist a lot of branching logic and several matrices of fields together on a survey page or data entry form, the page will inevitably get slower and slower as more and more branching logic gets triggered on the page during data entry. This could eventually cause the page to ultimately become unresponsive in certain situations. Bug emerged in REDCap 8.11.0. (Ticket #58019)
  • Bug fix: Several project pages might appear too narrow for specific screen sizes. Bug emerged in REDCap 8.11.2.
  • Bug fix: Updated an outdated item on the Help & FAQ page regarding how often the ASI cron job runs (Ticket #58205).
  • Bug fix: When using the @DEFAULT action tag to have a date/datetime field reference itself from a previous repeating instance on a repeating instrument, it would mistakenly not pipe in the value correctly on the first instance of that instrument, thus mangling it with a value of "[]" or "00-00-0000" or other non-sensical value. (Ticket #17157)
  • Bug fix: When using the Data Resolution Workflow in a project and opening a data query on a field on a data entry form, the floating Save button that appears next to the field when the field is selected was mistakenly not being displayed in the correct location on the page. (Ticket #57905)
  • Bug fix: For specific server configurations and project sizes, the project Logging page might take an exorbitant amount of time to load when initially loading the page. (Ticket #58251)
  • Bug fix: When importing data where the field "redcap_repeat_instance" has a numerical value but the current event/form in the data (i.e., CSV row) does not exist on a repeating instrument or repeating event, it would mistakenly allow the data to be imported, but the imported data would immediately be orphaned since that data would not be accessible in the user interface. It now gives an error for this situation. (Ticket #57699)
  • Bug fix: When calling the API method "Export Survey Participants" while utilizing the designated survey email field in the project, it would mistakenly omit the values for the participant's email address or record name in the API response. (Ticket #58349)
  • Bug fix: When calling the API Method "Export Records" with the "format" parameter set to "odm", it would mistakenly not include all files from File Upload and Signature fields, which are expected to be base64-encoded inside the ItemDataBase64Binary tags in the resulting XML. (Ticket #54301)
  • Bug fix: On the To-Do List page in the Control Center, if an administrator clicks the icon to add a comment to a To-Do List item, the "Submit" button in the resulting popup displayed would not be sized or positioned correctly. (Ticket #54301)

Version 8.11.3 - (released 1/31/2019)

BUG FIXES & OTHER CHANGES:

  • Improvement: When copying a project, there are now separate options for copying users and/or user roles. In previous versions, these were combined as a single choice "Copy users and roles", but now users may decide to copy one or the other. (Ticket #36687)
  • Bug fix: If an individual project was set to "Offline" status by an administrator, any survey invitations in that project that had been scheduled to send would mistakenly still send. Invitations should not be sent out unless the project is in "Online" status. (Ticket #57045)
  • Change: If the current date or current timestamp is used in the REDCap upgrade script with regard to storing the date of the upgrade and when setting the send-time of system notifications via Messenger, it will now use the database's date and time at the time of the SQL script execution instead of the hard-coded values generated by the web server on the Upgrade page. (Ticket #57079)
  • Bug fix: If upgrading from 8.11.0 or 8.11.1 to 8.11.2, it would mistakenly provide some SQL to fix database errors after completing the upgrade. (Ticket #57103)
  • Bug fix: Many API requests would mistakenly return a "503" HTTP status code error on certain errors when it should instead return a "400" error.
  • Bug fix: When downloading a PROMIS Battery from the REDCap Shared Library, it would mistakenly not display the battery survey pages according to the PROMIS guidelines, in which the battery title should be displayed on every page (not the title of each individual assessment) and that the survey instructions are only seen on the first assessment of the battery. This will only affect batteries that will be downloaded in the future from the Shared Library. Also, although these particular title and instructions settings will be set when a battery is downloaded, it will always be possible for a user to modify the title and/or instructions afterward, if they wish (though it is not preferred).
  • Bug fix: When a participant completes a PROMIS adaptive survey or PROMIS auto-scoring survey that finishes after only one question, it might mistakenly not save the survey completion time of the survey response.
  • Change: Added a link to the Codebook page on the Data Import Tool instructions to allow users to more easily find the raw coded values for multiple choices fields that they wish to import.
  • Change: The output of the REDCap Cron Job now displays the current server time on which each job completed. The timestamp is listed in parentheses after the word "done!" for each job.
  • Bug fix: The last column in the Participant List table might not be displayed fully. (Ticket #57184)
  • Bug fix: Under certain conditions, REDCap Messenger's "System Notifications" section would mistakenly not display the messages for that section in the Messenger panel. (Ticket #57247)
  • Bug fix: When selecting to view Report B on the "Data Exports, Reports, and Stats" page for a longitudinal project, if the report is displayed as a multi-page report and specific events have been selected as a filter by the user, then if the user selects another report page to view using the page drop-down selector, it would mistakenly lose the event filter for the report (because the "events" parameter would not get included in the URL) and thus would display rows from every event on the page. (Ticket #57254)
  • Bug fix: For certain server configurations, when REDCap is creating a cache of a project's record list in a database table (as an invisible, back-end process to the user), it might mistakenly doubly UTF8-encode some record names, resulting in a database query error, thus causing the record list caching process to constantly fail and possibly display an outdated list of records in the user interface (e.g., Record Status Dashboard). (Ticket #56523)
  • Change: The "Survey Settings" page in the Online Designer now gives slightly more emphasis to the "e-Consent Framework" feature to make it easier for users to find it on the page.
  • Bug fix: If a Custom Record Status Dashboard has filter logic that references fields from a repeating instrument, it might mistakenly return an empty set, thus resulting in a dashboard with no records displayed, when it is known that some records should be displayed. Bug emerged in REDCap 8.11.2 (Standard). (Ticket #57234)
  • Bug fix: The lab field "Ketones Ur-mCnc" (LOINC 49779-2) was mistakenly missing from the DDP on FHIR list of mappable fields.
  • Bug fix: The cron job "AutomatedSurveyInvitationsDatediffChecker2" might mistakenly crash if SQL fields are piped into the email subject or email message of Automated Survey Invitations that contain datediff + today or now in the ASI conditional logic. (Ticket #57356)
  • Change: When a user clicks the "Help & FAQ" link on a project's left-hand menu, it will now load the "Help & FAQ" page in a new window to prevent the user from losing their current page context in the project as they view the "Help & FAQ" page.
  • Bug fix: When editing the project title, purpose, etc. in the Modify Project Settings popup on a project's Project Setup page, if Research is selected for Purpose, then the fields for entering the Name of the P.I. would mistakenly not wrap together, thus leaving the last name field on a row by itself. (Ticket #57417)
  • Bug fix: When exporting Report B (i.e., without creating a new report from the selections of Report B) on the "Data Exports, Reports, and Stats" page, if a specific instrument is not selected but "All instruments" are left selected, it might mistakenly not list any fields in the resulting stats package syntax file (for R, SAS, Stata, SPSS), thus preventing the exported data from loading properly in the stats package.
  • Bug fix: On the Cron Jobs page in the Control Center, the suggested command to set up the REDCap cron job on a Windows server was mistakenly not escaping paths that contained a space in them. This has been fixed to present the correct command. (Ticket #57426)

Version 8.11.2 - (released 1/24/2019)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: When a project is using a public survey that has "Save & Return Later" enabled with "Allow respondents to return without needing a return code" enabled, then if a participant clicks the "Save & Return Later" button on the public survey and leaves the survey open on the "Your survey responses were saved!" page while another participant partially or fully completes the survey, and then if the original participant clicks the "Continue Survey Now" button on the "Your survey responses were saved!" page, then the original participant will mistakenly have the other participant's response loaded for them on the survey page.
  • Change/improvement: When using the e-Consent Framework, a new option was added to the Survey Settings page: "Allow e-Consent responses to be edited by users?". If left unchecked (default), then users will not be able to edit a completed e-Consent response (although it can be locked or e-signed by a user with locking/e-signature privileges). If the setting is checked, then users will be able to modify the survey response so long as they have "Edit survey responses" privileges for that survey instrument. Note: If the e-Consent survey response is modified after being completed, this will not affect the e-Consent PDF file that was stored in the File Repository.
  • Change/improvement: In the popup dialog for moving a project to production, it now displays the number of records in the project to help the user decide if they wish to keep all data or have all records deleted when moving to production.
  • Bug fix: When using REDCap::getData() in a module, plugin, or hook, in which some filter logic is passed as a parameter and is expected to return an empty result set (because there are no matches for the filter logic), it might instead mistakenly return results with blank values for all fields being returned (with the exception of the record ID field and pseudo-fields, such as redcap_event_name), even though those fields might actually have non-blank values. (Ticket #56806)
  • Bug fix: When a user selects to display "ALL" records on the Record Status Dashboard in a project containing a large amount of records, if the page ends up crashing due to too many records being displayed, then the user would mistakenly never be able to view the Record Status Dashboard again without it crashing (because it remembers to show all records the next time the page is visited). (Ticket #56662)
  • Bug fix: If a calc field utilizes Smart Variables in its calculation, and a user performs a data import or executes Data Quality rule H, then other calculated fields in the project might have their value mistakenly set as the calculated result of the other calc field, thus overwriting the correct value of that other calc field. This is rare but can occur in specific situations depending on the structure of the project and the order of the calc fields involved. (Ticket #56731)
  • Bug fix: The Google reCAPTCHA box on the Public Survey Link page might cause the "Link Actions" and "Link Customizations" sections to be misaligned on the page for some non-English languages. (Ticket #56868)
  • Bug fix: If the Data Resolution Workflow is enabled in a project, then incorrect language is displayed inside the "Data Quality rules were violated!" popup on a data entry form whenever a Data Quality rule has "real time execution" enabled.
  • Bug fix: When viewing the Field Comment Log popup on a data entry form, if the username in the User column is very long, it would mistakenly not wrap in the table but instead would overflow into the next column.
  • Bug fix: When a user attempts to access a REDCap project that has been set to "Offline" on the "Edit a Project's Settings" page by an administrator, it would mistakenly display the default system-offline message rather than the project-offline message. (Ticket #56938)
  • Bug fix: Certain project pages might not display correctly on tablets (causing the main right-hand window to display below the left-hand menu), especially if the project's language is set to a non-English language. (Ticket #56872)

Version 8.11.1 - (released 1/23/2019)

BUG FIXES, & OTHER CHANGES:

  • Bug fix: If running REDCap on PHP 5.5, the Online Designer page would mistakenly not load. Bug emerged in REDCap 8.11.0. (Ticket #56859)

Version 8.11.0 - (released 1/22/2019)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Microsoft Azure Quick Start – Method for quickly deploying a full, production-ready REDCap server environment on Microsoft Azure Cloud Platform. This includes a completely automated way for deploying the server infrastructure as well as a fully automated installation of REDCap. For details, see the top of the pagehttps://projectredcap.org/software/requirements/ (Note: The REDCap “Easy Upgrade” feature does not yet work with Azure but is expected to in a later REDCap version).
  • New feature: The "Survey Link Lookup" external module was integrated into REDCap
    • This feature allows administrators to take a survey URL and find and navigate to the corresponding project, survey, record and data entry form. The Survey Link Lookup page is located under the “Projects” section on the left-hand menu in the Control Center.
    • If this external module was already enabled on the REDCap installation, it will automatically be disabled during the upgrade process to prevent any possible conflicts.
  • New feature: The "REDCaptcha" external module was integrated into REDCap
    • This feature allows users to utilize the Google reCAPTCHA functionality to help protect public surveys from abuse from “bots”, which are automated software programs that might enter trash data into surveys. The feature must first be enabled at the system level on the Modules/Services Configuration page in the Control Center since it requires an administrator generate a new Google API pair of keys that will be used for this functionality. Once the site key and secret key are set, users will then be able to choose to enable the Google reCAPTCHA functionality on the Public Survey page in their project, after which the public survey will display the reCAPTCHA checkbox and “I’m not a robot” text on a survey page prior to allowing the participant to view the public survey. This feature is not employed on any private survey links because those are unique to a record and thus would never be made publicly available like a public survey link would.
    • Note: A survey participant will never have to pass the reCAPTCHA test more than once per day on a given device/computer.
    • Additional note: If this external module was already enabled on the REDCap installation, it will NOT automatically be disabled during the upgrade process. Thus you may consider disabling the module after the upgrade if you wish the utilize this new integrated feature.

 

  • New feature: The "Sticky Matrix Header" external module was integrated into REDCap. This feature will cause matrix headers to float and stick to the top of a page on either a survey or data entry form so that the matrix headers are always visible, which is helpful for matrices with many rows. If this external module was already enabled on the REDCap installation, it will automatically be disabled during the upgrade process to prevent any possible conflicts.
  • New feature: The "Codebook Concertina" external module was integrated into REDCap. This feature will display Expand and Collapse buttons for each instrument listed on the Codebook page in a project. If this external module was already enabled on the REDCap installation, it will automatically be disabled during the upgrade process to prevent any possible conflicts.
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on certain pages, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Improvement: When enabling an instrument as a survey or editing an existing survey's survey settings, it now displays a "Save Changes" button at the top of the page (next to the Cancel button) so that the user does not necessarily have to scroll all the way to the bottom to submit the page.
  • Change: PHP 5.5 is now the minimum required PHP version. In previous versions, the minimum required PHP version was PHP 5.3.
  • Change/improvement: When viewing a survey response on a data entry form that had been completed using the E-consent Framework, users with Record Locking privileges will now be able to Lock and E-sign the instrument. Previously in all versions of REDCap version 8.10.X, the entire instrument was read-only, including the Locking and E-signature options. (Ticket #54874)
  • Improvement: If a URL is included in a message posted on REDCap Messenger (including those sent via General Notifications from an administrator), the URL will be displayed as a clickable link to the user in the Messenger panel.
  • Change/improvement: The Custom Record Label and Secondary Unique Field values are now displayed with the record name in the table on the "PDF Survey Archive" tab in the File Repository if the "PDF Auto-Archiver" is enabled for one or more surveys in a project. In previous versions, it did not display them next to the record name.
  • Change: For projects in production, the settings on the Record Locking Customization page can now be edited by any user that has "Record Locking Customization" privileges in the project. In previous versions, only REDCap administrators could modify this page's settings while in production. This change will alleviate the burden of administrators for many production projects needing to make changes on this page.
  • Bug fix: In server environments with PHP error reporting enabled, it would display a deprecation notice regarding the constructor of several PHP classes. (Ticket #55557)
  • Bug fix: When viewing an individual user on the Browse Users page in the Control Center, if the user is a Table-based authentication user and their secondary or tertiary email address has not yet been verified, then it would mistakenly not display the buttons to auto-verify the address or re-send the verification email to the user. This only occurs if the user is a Table-based user.
  • Bug fix: When a form or survey is submitted, in which there do not exist any fields on the instrument that are used in a calculated field anywhere in the project, then it would mistakenly trigger the calculation of all calc fields in the project. It should instead only trigger calculations if a field being submitted is used in a calculation. (Ticket #55192)
  • Bug fix: The "Export Survey Participants" API method would mistakenly not include some participants in the resulting API response if those participants had not first been viewed by a user either on the Participant List page or on the data entry form for the survey instrument that was passed as a parameter in the API request. Once a user had viewed the data entry form or Participant List for that instrument, the participants would then appear in the API export. (Ticket #55517)
  • Bug fix: When creating a project and selecting the option to upload a REDCap Project XML file, if the user fails to upload an XML file and then clicks the "Create Project" button, it would mistakenly create an empty project. It should instead give a warning to the user to upload an XML file and prevent the user from submitting the page. (Ticket #55731)
  • Bug fix: When a user makes a request to an administrator that a project be copied, it would mistakenly not check off some of the checkboxes on the Copy Project page when the administrator loads the page via the link in the email or via the To-Do List. This includes the following options: All report folders, All data quality rules, All project bookmarks, and All custom record status dashboards. (Ticket #55751)
  • Bug fix: When attempting to rename a record to "0" on the Record Home Page, it would fail and return an error message to a user. (Ticket #55723)
  • Bug fix: When using the Smart Variables form-link, form-url, survey-link, or survey-url to create links/URLs either to or from a repeating instrument or repeating event, it might mistakenly add the instance number of the current context to the URL when instead it should evaluate whether or not the instance number makes sense to be added to the target URL. (Ticket #54776)
  • Bug fix: When using Twilio telephony services for surveys, U.S. phone numbers having the area code "463" would mistakenly not work for SMS or voice calls unless the number has a "1" prepended to it. (Ticket #55668)
  • Change: The System Statistics page in the Control Center would load very slowly for large installations, especially if they had DDP Custom or DDP on FHIR enabled. The page has been reconfigured to fetch all DDP-related stats asynchronously.
  • Bug fix: When adding/editing/deleting a Report Folder or assigning/unassigning a report to a Report Folder and then closing and re-opening the Report Folder popup, the user would mistakenly no longer be able to perform any actions inside that popup (as if its elements were locked). (Ticket #55878)
  • Bug fix: When a user enters an incorrect password on the login page, it might mistakenly cause some of the custom login text (if any) to become disproportionally enlarged. (Ticket #55945)
  • Bug fix: When creating/editing a record on a data entry form, in which the record name contains a forward slash or back slash, it may cause a Data Quality rule with Real Time Execution not to get triggered correctly or cause the Required Field popup alert not to display correctly. (Ticket #56093)
  • Bug fix: If a participant partially completes a survey using the "Save & Return Later" feature, in which there is no email address associated with that participant (either via the participant list or via the designated survey email invitation field), then the page that gets displayed immediately after clicking the "Save & Return Later" button might mistakenly display the text "You have just been sent an email containing a link for continuing the survey" for a moment and then suddenly disappear, which could be confusing.
  • Bug fix: When inline images are used for Descriptive fields on a survey or form, then if the user is viewing the page on a mobile device and the image's native width is smaller than the width of the page, it would mistakenly not resize it correctly and would make it too small on the page. It now makes the image wider on the page for better viewing of it.
  • Bug fix: When printing a page in the Control Center, the left-hand menu would mistakenly not be removed from the print-out when using Firefox. (Ticket #56340)
  • Bug fix: The "Announcement text to display at top of Home page and My Projects page" would mistakenly not get displayed at the top on the REDCap Home Page if the "Additionally display text on login page?" option is set to "No". (Ticket #56618)
  • Bug fix: If the biomedical ontology auto-suggest functionality is disabled as the system level, it would mistakenly prevent users on the Online Designer from setting a min or max limit for a Text field in the "Add Field"/"Edit Field" popup. (Ticket #56499)
  • Bug fix: When entering a number- or integer-validated text field on a form or survey on an Android device, it would mistakenly open the full keyboard when typing in the field rather than displaying a more appropriate number-centric keyboard. (Ticket #56447)
  • Bug fix: When entering a number-validated text field on a form or survey on an iOS device, it would mistakenly open the full keyboard when typing in the field rather than displaying a more appropriate number-centric keyboard.
  • Bug fix: "event_id" was mistakenly not listed as a reserved field name to prevent users from using it as a field's variable name. (Ticket #56627)
  • Bug fix: When an administrator is approving a "Move project to production" request on the To-Do List page, the To-Do List popup would mistakenly not automatically close after the request was approved or if the admin clicked Cancel to close the request. (Ticket #56457)
  • Bug fix: When using the @MAXCHECKED action tag for a checkbox field, if a user clicked on the checkbox’s label (rather than on the checkbox itself), it would appear to keep the checkbox unchecked if the @MAXCHECKED limit has been reached, but it would mistakenly save the checkbox as checked. (Ticket #56658)
  • Bug fix: For specific screen widths, the nav items at the top of the page on the Home page, My Projects page, etc. would mistakenly not be visible.
  • Bug fix: When performing a data import in projects with repeating instruments or repeating events, the "redcap_repeat_instance" field could mistakenly be imported with a value of "0", which should never be allowed because it must always be an integer larger than "0". (Ticket #28842)
  • Bug fix: If a required field is changed to be a Descriptive field, it would still mistakenly display the "must provide value" text below the Descriptive field's label on a survey page or data entry form. (Ticket #56719)
  • Bug fix: After selecting the "Export Reports" API method in the API Playground, the "Report ID" drop-down list would mistakenly not get rendered correctly, thus preventing users from utilizing it on that page. (Ticket #56707)
  • Bug fix: When using the survey-link or survey-url Smart Variable in the email message for an Automated Survey Invitation, in which the instrument name is appended to the Smart Variable (e.g. [survey-link:survey_2]), then if the appended instrument name is different from the survey instrument for the current ASI, it would mistakenly replace the Smart Variable with the link to the current ASI survey rather than with the explicitly specified one. (Ticket #55400)
  • Bug fix: When using the first-event-name or last-event-name Smart Variable in branching logic or in a calculated field, in certain cases it might not get interpreted correctly, thus mistakenly resulting in a branching logic error message on a survey page or data entry form. (Ticket #56583)
  • Bug fix: When setting the conditional logic for an Automated Survey Invitation in a longitudinal project, if any fields are prepended with the Smart Variable [event-name], it would cause the ASI not to send the invitation if step 2 had the "Ensure logic is still true before sending invitation?" option selected while Step 3 was set to "Send immediately". (Ticket #55919)
  • Bug fix: When setting the conditional logic for an Automated Survey Invitation in a longitudinal project, if any fields are prepended with the Smart Variable [event-name] and the user selected a record from the "Test logic with a record" drop-down, it would mistakenly return "False" even when the condition is actually True.
  • Bug fix: When setting the branching logic for a field in the "Add/Edit Branching Logic" popup on the Online Designer, if a user selected a record from the "Test logic with a record" drop-down, it would mistakenly return "False" even when the condition is actually True. (Ticket #56623)
  • Bug fix: When a repeating instrument is being used as a survey and is being displayed in the Survey Queue, then it may mistakenly display the text "All surveys in your queue have been completed" on the Survey Queue if only 6 surveys have been completed in the queue (including all instances of the repeating survey), which could be confusing to respondents who might want to keep taking the repeating survey. Since a repeating survey is by definition open-ended and can be taken over and over again without end, the Survey Queue should never state "All surveys in your queue have been completed" if the queue contains at least one repeating survey. (Ticket #56540)

 

Version 8.10.1 - (released 12/20/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: New options added to Secondary Unique Field functionality - In the "Additional Customizations" popup on the Project Setup page, users may now choose to optionally display the Secondary Unique Field's value in conjunction to displaying a record name on various project pages (in previous versions it was always displayed regardless). If left unchecked, the uniqueness of the value will still be checked during data entry or import, but the Secondary Unique Field's value will not be displayed next to the record name anywhere (e.g., in record lists, record status dashboards, reports). A second option has also been added that dictates whether or not the field label of the Secondary Unique Field will be displayed next to the value (if the value is set to be displayed next to a record name).
  • Improvement: The External Modules Framework now has a new "Update All" button in the Control Center to allow administrators to easily upgrade all their installed modules to the latest version of each module with a single button click.
  • Change/improvement: The "Help & FAQ" page was updated with new content.
  • Change/improvement: Super API Tokens can now be used for the "Export REDCap Version" API method. In previous versions, only project-level API tokens could be used for this method. This will allow users to be able to obtain the REDCap version number outside the context of a project.
  • Change: Dashes/hyphens can now be used as the raw coded value for multiple choice fields.
  • Bug fix: When clicking the "Close Survey" button after completing a survey, in certain cases REDCap will not be able to close the tab, and certain browsers might mistakenly redirect the user to the page where survey access codes are typically entered. (Ticket #54305)
  • Bug fix: The "Test URL" buttons have been removed from the "DDP on FHIR" page in the Control Center because they did not work most of the time, thus giving administrators the impression that the URL entered was incorrect.
  • Bug fix: When accessing REDCap using DDP on FHIR while in an EHR-embedded window, if the session ended and the user logged back in, it would mistakenly not remember that the user is inside the embedded window and would thus not hide all appropriate elements from the user interface that it should.
  • Bug fix: For DDP on FHIR, the coded multiple choice options for sex, race, and ethnicity were not complete and, in some cases, incorrect for certain EHR configurations. During the upgrade process, these choice options for existing DDP on FHIR projects will have both their data and metadata translated into the new options. The field sex will now have options M, F, and UNK, while ethnicity and race will be replaced by a long list of LOINC codes to represent them properly.
  • Change: The "email" field was removed from the "DDP on FHIR" field mappings list due to potential privacy issues related to the possibility of users obtaining patient email addresses.
  • Bug fix: When the system is performing the back-end process of caching a record list in a project, if a record name contained a special character, it might cause the record list caching process to silently fail. This would go unnoticed, with the exception of viewing a specific Data Access Group's records, in which it would mistakenly display all records in the project rather than just the records assigned to that DAG.
  • Bug fix: When an administrator is viewing the "API Tokens" page in the Control Center or the "Manage All Project Tokens" tab on a project's API page, the "Last Used" column for a given user might mistakenly display "Never" instead of the last time the user made an API request for the project. This appears to occur due to a case sensitivity issue with the username, in which the case of the user seen on the Browse Users page in the Control center does not exactly match the case of the username with which the user logged in or with which the user is listed on the project's User Rights page. (Ticket #54748)
  • Bug fix: The auto-logout warning displayed to the user after a period of inactivity on a page would mistakenly display the wrong text after their session has officially expired. Once expired, it would mistakenly say "You will be automatically logged out of REDCap in 30 SECONDS due to inactivity..." when instead it should say "Due to inactivity, your REDCap session has expired...". It was displaying the 30-second warning twice. (Ticket #54746)
  • Bug fix: When using the "Preview" and "Test email" functionality when composing a survey invitation in a multi-arm project, if any fields are being piped into the email, in which the field being piped is prepended with the unique event name of an event from an arm other than specifically Arm 1, then it mistakenly would not replace the field with the text "PIPED DATA" as expected but would instead replace it with "______". (Ticket #54559)
  • Bug fix: When creating a new record in a non-longitudinal/classic project that only contains one data collection instrument, if the user clicks the Cancel button on the data entry form before saving/creating the record, it would mistakenly just reload that form rather than redirecting the user back to the "Add/Edit Records" page. (Ticket #54752)
  • Bug fix: When calling the API Method "Export Project XML", it might mistakenly not include all files from File Upload and Signature fields even though the exportFiles parameter had been set to TRUE (assuming that returnMetadataOnly=FALSE). (Ticket #54301)
  • Bug fix: When calling the API Method "Importing Repeating Instruments and Events" for a classic/non-longitudinal project, it would mistakenly return an error stating that the event name was not included in the request. The event name is actually not required when using this method for classic/non-longitudinal projects.
  • Change: General updates and fixes for the External Modules Framework.
  • Bug fix: When viewing a record on a data entry form in a project that contains one or more repeating instruments, it would mistakenly only display the number of repeating instances of a form on the left-hand instrument menu if the user was currently viewing any form that had been set as a repeating instrument. It should always display the number of repeating instances next to each repeating instrument on the left-hand menu for a given record. (Ticket #54846)
  • Bug fix: When viewing a record on a data entry form in a project that contains one or more repeating instruments, for all repeating instruments displayed on the left-hand instrument menu, it would mistakenly display the form status stack icon representing the status color of the first instance of the repeating instrument rather than displaying an icon representing all the instances (e.g., red stack icon representing all instances having "complete" status, blue stack icon representing mixed status types). This excludes the icon displayed for the currently selected form/instance, which was correctly displaying the form status icon of the currently viewed repeating instance. (Ticket #54846)
  • Bug fix: When using the data search feature on the "Add/Edit Records" page in a project, in which no results are returned from a given search, in some cases the "Searching..." text might mistakenly still be displayed afterward (instead of the text being hidden), thus incorrectly implying that the search has not yet finished. This could be confusing and mislead the user. (Ticket #54818)
  • Bug fix: When using an SQL field that contains a comma in the results for the data values that are returned from the SQL query, after selecting and saving an option with a data value that contains a comma, it will save the value correctly but in certain cases may mistakenly cause the value to not get pre-selected when a user returns later to the form, which could cause a blank value to mistakenly overwrite the saved value unbeknownst to the user if the form is saved again. (Ticket #54988)
  • Bug fix: If a project's metadata is exported via the Project XML file, in which a multiple choice field contains an HTML break tag (<br>) in its choice option label, then if a new project is created from the XML file, it might mistakenly add extra choices to that field if any text exists after the HTML break tag for a given choice. (Ticket #55122)
  • Bug fix: The "record" column in the table on the Survey Invitation Log page would mistakenly not wrap the record name and thus would truncate longer record names displayed in that column.

Version 8.10.0 - (released 12/6/2018)

BUG FIXES & OTHER CHANGES:

  • New API method: “Import Repeating Instruments and Events” – Allows users to import a list of the repeated instruments and repeating events for a project as a means of setting which instruments and events should be repeatable.
  • New feature: Many project components added to the Project XML file – When downloading the Project XMLofmetadataormetadata+data on the Project Setup->Other Functionality page, it nowprovidescheckboxes to allow users to incorporate the project components listed below in the XML file. This means that all these things will be easily transferable now when exporting/importing the Project XML to create a new project on the same REDCap server or on a different REDCap server. Note: The server on which a project is being created using a Project XML file must also be on REDCap 8.10.0 or higher in order for these components to be added, otherwise it will simply ignore these components when creating the new project.
    • Data Access Groups (including DAG assignments for records if data is included in the XML file)
    • Data Quality Rules
    • User Roles
    • Surveys and survey settings (including a survey logo, if used)
    • Automated Survey Invitations
    • Survey Queue
    • Reports
    • Report Folders
    • Record Status Dashboards
    • DDP Field Mappings (for DDP Custom and DDP on FHIR) – administrator must still enable DDP in the project manually
  • Change: Survey responses that were completed using the e-Consent Framework will no longer be editable (this includes no editing on data entry forms, surveys, Data Import Tool, API, and Mobile App). In previous versions, completed e-consent surveys were editable.
  • Bug fix: After adding fields to a report via the "Quick Add" dialog popup on the "Data Exports, Reports, and Stats" page, those new fields would mistakenly not be draggable afterward if the user wishes to move a field to another position in the report.
  • Bug fix: For certain server configurations related to PHP’s decoding of HTML entities, the Survey Settings page might not be able to properly store or display the survey instructions text or the survey completion text if they contain certain non-Latin characters.
  • Bug fix: Users would mistakenly be allowed to use the @DEFAULT action tag for Signature fields and File Upload fields. This can cause synchronicity issues of a single file being associated with multiple fields, and thus should not be allowed. It will now ignore the @DEFAULT action tag if used for such fields.
  • Bug fix: When viewing the Draft Mode production changes page in a project, if the project had been initialized in the REDCap Mobile App, then it would mistakenly give the warning "Please note that they *may* be affected by these changes and may not be able to successfully imported their data from the app afterward..." even though no current users have Mobile App user privileges anymore. It should only be displaying the warning if at least one person in the project still has Mobile App privileges and has initialized the project in the app at some point in the past.
  • Bug fix: When exporting data via the "Export Records" API method with type="eav" and providing Filter Logic as a parameter in the API request in which no records should be returned based on that filter logic, it would mistakenly return all records instead.
  • Change: When granting a user access to a project via the User Rights page, in which the "notify user via email" checkbox is checked, it now includes a link directly to the project in the resulting email to the user, whereas previous versions only included a link to the main REDCap home page.

Version 8.9.3 - (released 11/28/2018)

BUG FIXES & OTHER CHANGES:

  • New feature: AWS Quick Start – Method for quickly deploying a full, production-ready REDCap server environment on AWS (Amazon Web Services) CloudFormation. This includes a completely automated way for deploying the server infrastructure as well as a fully automated installation of REDCap, including the ability to utilize the REDCap “Easy Upgrade” feature. For details, see the top of the page https://projectredcap.org/software/requirements/
  • New features relating to Data Privacy (e.g., GDPR) – The new settings listed below are available on the “Edit a Project’s Settings” page for a given project. Thus these must be enabled by a REDCap administrator on a per-project basis
    • (optional) Delete a record's logging activity when deleting the record - If enabled, this will delete all the data values and actions logged for the given record being deleted as seen on the Project Logging page. Note: For multi-arm longitudinal projects, this feature will delete the record's logging for the given record only in the current arm. This feature can be used to aid in compliance with GDPR or similar regulations that require 'right to erasure'.
    • (optional) Auto-delete all Data Export Files in the File Repository that were created more than X days ago – To enable this setting, an administrator may set a value from 1 to 999 to set the number of days after which all Data Export files will get automatically deleted from the project’s File Repository. This feature can be used to aid in compliance with GDPR or similar regulations that require 'right to erasure'. NOTE: This will only delete files under the Data Export Files tab. No other types of files in the File Repository will be deleted.
    • (optional) Custom footer text for survey pages - Custom text may be provided (including HTML-formatted text) that will be displayed either via a modal dialog or inline at the bottom of all survey pages in the project. This could potentially be used for display a data privacy statement or other similar things that should be displayed on the same page where data is collected. Note: This is only display on survey pages.
  • Change/improvement: When composing a survey invitation on the Participants List page or via Survey Options on a data entry form, the "From"/sender drop-down list now displays all the email addresses (primary, secondary, and tertiary) of all users in the project, which is how the setup dialog for Automated Survey Invitations has always behaved. In previous versions, these two places would only allow the user to choose from the current user's email addresses as the "From"/sender address. This provides more flexibility, and establishes greater consistency between all the interfaces for scheduling survey invitations.
  • Major bug fix: If a slider field on a data entry form has a value set, and then the user clicks the balloon icon next to any field to open the Field Comment Log popup, it would mistakenly set the slider value to 50, sometimes unbeknownst to the user. This does not occur on survey pages but only data entry forms. (Ticket #53371)
  • Improvement: If a REDCap cron job fails to complete (often due to a fatal PHP error), it will now send an email to the REDCap Administrator (using the email address listed on the General Configuration page in the Control Center) to inform them of this error. The email will note which cron job failed and when, as well as the details of the PHP error itself. This should help some folks troubleshoot issues if this ever occurs. (Ticket #19260)
  • Bug fix: If a user is viewing a project's Record Status Dashboard in which some records has been assigned to Data Access Groups, then under certain rare conditions (e.g., users bookmarking a link to the RSD after a DAG has been deleted in the project) users might not see all the records on the RSD anymore, which could be confusing. (Ticket #53335)

Version 8.9.2 - (released 11/16/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: A new search utility was added to the top of the “Help & FAQ” page to make finding keywords easier on the page. It allows for multiple word matches and also “exact phrase” matching. When performing the search, all matching questions/answers will be displayed on the page with the keywords being highlighted while non-matching questions/answers will be hidden on the page.
  • Improvement: The DDP field mapping page (for both DDP Custom and DDP on FHIR) now has a CSV import/export capability that allows users to easily import an existing DDP mapping rather than having to set the field mapping manually via point-and-click. This will save users a lot of time for those who wish to test the same mapping in multiple projects and/or on multiple REDCap installations.
  • Improvement: A new "Filter by event" option was added to the Logging page: "Record deleted (only)". This allows users to display only the logged events in which a record was deleted in the project.
  • Bug fix: Certain web browsers (e.g., Chrome) would mistakenly be allowed to pre-fill Notes fields on a survey page or data entry form, which might also cause other fields on the page (such as Text fields or Radio button fields) to have values inserted into them as well.
  • Bug fix: Under certain conditions when a field on a survey/form is using the @DEFAULT action tag, and the survey/form has already been saved at least once (i.e., does not have gray form status icon), it might mistakenly display the red bar on the right side of the field as if the value has changed even though it has not.
  • Change: Upgrading the Font Awesome library to version 5.5
  • Change: More debugging information was added to DDP on FHIR’s adjudication popup to provide more information to REDCap administrators in the event that a FHIR access token fails to pull data from the EHR.
  • Bug fix: When downloading certain PROMIS Adaptive or Auto-Scoring instruments from the REDCap Shared Library, viewing a completed survey response on its data entry form might mistakenly display a popup error due to malformed branching logic, specifically for the T-Score field.
  • Bug fix: If a user has "De-Identified" or "Remove all tagged Identifier fields" privileges and then exports a PDF of a form with saved data, then any multiple choice fields that are tagged as an Identifier field would still have all their choices displayed, although it would not display which choice was selected, which is confusing because it appears as if the field has a blank value rather than having its value redacted due to user privileges. In this situation, it now no longer displays the field choices but instead says "[*DATA REMOVED*] so that the user understands that the saved value was removed from the PDF.
  • Change: Added a small note on the DDP mapping page (for both DDP Custom and DDP on FHIR) that the MRN field cannot exist on a repeating instrument/event. This message is only displayed when repeating instruments/events exist in the project.
  • Change: Data Quality rules A and B have always ignored checkbox fields. But since a checkbox field can be set as "required", in which it produces an error message if no checkbox option is checked, then DQ rule A and B appear to be inconsistent with regard to whether a checkbox field can truly be empty/blank. To make these consistent when interpreting the missingness of checkbox fields, DQ rules A and B will no longer ignore checkboxes but will return discrepancies for a checkbox if it has no options checked. (Ticket #53120)
  • Bug fix: The FHIR scope "patient/Patient.read" was missing when "DDP on FHIR" makes calls to the EHR. This caused "DDP on FHIR" not to function for some EHRs, such as Cerner. (Ticket #53285)
  • Bug fix: When using "DDP Custom" or "DDP on FHIR" in which a value already exists in REDCap for a mapped DDP field but a blank value exists (i.e., is missing) for the field in the EHR/source system, it would mistakenly prompt the user to overwrite the existing value with the blank/missing value. Missing values from the EHR/source system should instead just be ignored. (Ticket #53258)
  • Bug fix: When exporting the PDF of saved data (all records) on the Other Export Options tab on the "Data Exports, Reports, and Stats", if any data is being piped into a field note, field label, etc., it would mistakenly pipe the values from the first record into the text of all the subsequent records in the PDF.
  • Bug fix: Certain popup alert boxes would mistakenly not get displayed in the proper place on the page. This includes the "Value removed!" alert for matrix ranking, the "Cannot select choice!" alert when using @MAXCHECKED on a checkbox field, and all field auto-suggest boxes that are displayed when typing into a text box for ASI conditional logic, Data Quality rule logic, advanced filters for reports, etc.

Version 8.9.1 - (released 11/9/2018)

BUG FIXES & OTHER CHANGES:

  • Improvement: When copying a project, a new checkbox has been added to the Copy Project page to copy "all report folders". In the previous version, it would always copy all reports and report folders if the "all reports" option was checked, but now it allows reports to be copied without copying report folders, if need be.
  • Major bug fix: Only for certain versions of Internet Explorer, if a user with lock/unlock privileges enters a data entry form that is already locked, then clicks the Unlock button at the bottom of the form, enters some data, and then clicks the Lock checkbox to lock the form again, it would submit the form immediately after checking the Lock checkbox, thus locking the form again, but it would mistakenly not save any of the data that had been entered on the form prior to being locked again.
  • Change: Users that do not have "Project Design and Setup" privileges will no longer be able to navigate to or view the Project Setup page in a given project. Since such users cannot effectively perform any actions on the Project Setup page (i.e., everything on the page is disabled), it does not make much sense for them to be able to access it at all. (Ticket #52327)
  • Bug fix: When downloading multiple Adaptive or Auto-Scoring instruments from the REDCap Shared Library into the same project, the T-Score field and Std Error field would conflict and thus cause those fields on the subsequent instruments to be renamed, in which it would append random alphanumeric characters to the variable names. This would make it difficult to have the same variable names consistently if all the same instruments were downloaded in different projects.
  • Bug fix: If a user enters a value for a datetime field on a form or survey and then immediately removes the value, they would mistakenly be presented with a validation error message, which should not occur. This could cause the user to be stuck in an infinite loop on the page, in which the prompt keeps appearing, thus causing the user to have to reload the page and possibly lose any data entered. (Ticket #52024)
  • Bug fix: If using the Data Resolution Workflow in a project, and a user views an open query, it would mistakenly display data values for all fields in the query, even if the user has "No Access" user privileges to that field's data entry form. In this case, it now redacts the data value and instead displays a message stating that the field's value cannot be displayed because the user does not have view access. (Ticket #49956)
  • Bug fix: If the REDCap installation has the "Survey Base URL" set on the "General Configuration" page in the Control Center, then if a survey participant is viewing a Survey Queue for a record and then clicks the "Begin Survey" button for a given survey, it would mistakenly send the participant to the the wrong URL, in which it would be using the default "REDCap Base URL" instead of the "Survey Base URL". (Ticket #52502)
  • Bug fix: If viewing the Record Status Dashboard in a project where only one arm exists, but the arm is not arm "1" but another number, then clicking the record name link in the dashboard table will mistakenly take the user to the first arm, where the record does not exist. (Ticket #52575)
  • Bug fix: If a multi-arm longitudinal project has surveys using Automated Survey Invitations on multiple arms, in which at least one of the ASI's condition logic references a field/event on another arm, then if that ASI condition becomes true for a given record, it would mistakenly schedule the survey invitation even if the record does not exist on that arm. The record must exist on a given arm before a survey invitation can be scheduled for that arm for that record. (Ticket #52174)
  • Bug fix: On the Control Center's System Statistics page, the "Data values pulled from source system via DDP" count for both DDP Custom and DDP on FHIR would mistakenly inflate the true count. This was caused by mistakenly counting temporal values multiple times in longitudinal projects or in projects with repeating instruments/events if the same value was imported into multiple events/instances for a given record. This often depends on the window of time (i.e., day offset) being used, in which a larger day offset value would pull in more duplicate values.
  • Change: The alert that is displayed on a survey page or data entry form that notifies the user that an unvalidated text field begins or ends with extra spaces has been disabled so that it no longer notifies users when this occurs. This is due to reports of general annoyance by several users at the feature. This feature may possibly be re-added in the future and modified to be more user friendly, but for now it has been disabled for all projects indefinitely.
  • Bug fix: When using "DDP on FHIR" in a project that does not have any demographics fields mapped on the DDP Field Mapping page, then if a patient is launched inside the REDCap window from within the EHR user interface, and the user chooses to add the patient to a project, then it would return a strange JSON-encoded message and would mistakenly take the user to the wrong page if they clicked "View patient in project" immediately after creating the record.
  • Bug fix: When using "DDP on FHIR" with the setting "Convert source system timestamps from GMT to local server time?" set to "Yes" on the "DDP on FHIR" setup page in the Control Center, it might sometimes mistakenly not pull in some temporal data (e.g., labs, vitals) when the data value's date of service is close to the edge of the window of time in which REDCap is querying from the EHR. For example, if a lab field's associated date field has a value of 2018-11-06, and the DDP Adjudication window has a +-3 day offset value set, which should search for all values from 2018-11-03 to 2018-11-09 (including those days), then some values saved on 2018-11-03 or on 2018-11-09 might not get returned from the EHR. This bug is the result of the data being stored in GMT/UTC time in the EHR while REDCap is querying the EHR using the local time.
  • Bug fix: When using Google Authenticator as a Two-Factor Authentication option, and an Account Manager (as opposed to an Administrator) clicks the "Send Google Authenticator instructions via email" button for a user on the Browse Users page in the Control Center, it would mistakenly fail and give an error message. This only occurs if the user clicking the button is an Account Manager. (Ticket #52597)
  • Change/improvement: When importing data via the Data Import Tool, if a CSV data file is re-uploaded on the second page after the initial attempt (e.g., due to errors displayed after the first attempt), it now hides all the error messages on the page after clicking the Upload File button to re-upload the file. Thus it resets the page so that the user does not get confused thinking that the previous errors apply to the current upload if the re-upload process takes a while. (Ticket #52518)
  • Change/improvement: When importing data via the Data Import Tool and an error is detected in the data file, the header text of the error message has been changed slightly to prevent confusion so that users more clearly understand that the file was not fully uploaded. (Ticket #52519)
  • Bug fix: If a user clicks the "Show plots only" or "Show plots & stats" button on the "Stats & Charts" page in a project, it will mistakenly display the "Download image" button for fields on the page that do not have a graph displayed, in which clicking the button for such fields would cause it to download an unopenable/unviewable PNG file. (Ticket #51565)
  • Bug fix: If a field on a repeating event or repeating instrument has branching logic, in which fields in the logic exist on that same repeating event/instrument, then the field might mistakenly not get displayed in the PDF export with saved data.
  • Bug fix: If REDCap is set up to connect to the MySQL database via SSL, it would mistakenly not display the "REDCap server is offline!" message to users if the database connection failed. Additionally, for installations not using an SSL database connection, the "REDCap server is offline!" message would be inconsistent in its text being displayed depending on whether the user was on the REDCap Home Page/My Projects page as opposed to accessing a page in which "/redcap_vX.X.X/" appears in the URL (where X.X.X is your current version). (Ticket #51758)
  • Bug fix: If a user's account was suspended due to inactivity and afterward an administrator unsuspended the user using the green "Unsuspend User" button on the Browse Users page under the "View User List By Criteria" tab (as opposed to unsuspending a single user when viewing the user account under the "User Search" tab on that page), then if the cron job that suspends users due to activity gets run before the user logs in to REDCap the next time, the cron job would mistakenly suspend them again. (Ticket #52768)
  • Bug fix: Users that do not have "Add/Edit/Organize Reports" privileges in a project would mistakenly see the "Organize" link on the left-hand menu that would allow one to create Report Folders. It should not display the link for users with such user rights. (Ticket #52801)
  • Bug fix: If a participant is returning to a multi-page survey that has the "Save & Return Later" option enabled, and the survey exists on a repeating event or is a repeating instrument, then if the current survey page being opened by the participant is not the first repeating instance of the survey but is a later repeating instance, then it might mistakenly start the participant on the wrong page of the survey to which they are returning. It normally should take them to the page containing the last question having data. (Ticket #50898)
  • Change: On the "Add/Edit Records" page for projects in development status, the notice that real data should not be entered into a project while in development has been moved more to the top of the page to make it more prominent as a reminder to users.

Version 8.9.0 - (released 11/2/2018)

NEW FEATURES, BUG FIXES, & OTHER CHANGES:

  • New feature: Report Folders - Reports can now be organized into folders in any given project. If a user has "Add/Edit Reports" privileges, they will see an "Organize" link on the left-hand project menu above the project’s reports. They will be able to create folders and then assign their reports to a folder, after which the project's reports will be displayed in collapsible groups on the left-hand menu.
  • New feature: “Edit Access” for reports - In addition to setting "View Access" when creating or editing a report, users can now set the report's "Edit Access" (under Step 1) to control who in the project can edit, copy, or delete the report. This setting will be very useful if one wishes to prevent certain users from modifying or deleting particular reports.
  • New feature: Report search - A new search feature exists on the left-hand menu to allow users to search within the title of that project’s reports to help them navigate to a report very quickly.
  • Improvement: The Browse Users page in the Control Center now displays a "Can create projects?" column in the user table to indicate if the user has privileges to create or copy a project on their own. This is only available if users in the system are allowed to create/copy projects (as opposed to requesting them be created by an admin).
  • Minor security fix: A Cross-Site Scripting (XSS) vulnerability was discovered on certain pages, in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Minor security fix: An SQL Injection vulnerability was found on surveys pages and data entry pages in which a malicious user could potentially exploit it by manipulating the query string of an HTTP request.
  • Major bug fix: If a user has "De-identified" or "Remove all tagged Identifier fields" data export user privileges in a project, and then the user downloads a PDF of a data entry form with saved data, in which the form is a repeating instrument or repeating event, it would mistakenly not remove the appropriate data from the PDF as required according to their user privileges. (Ticket #52190)
  • Change: Changed the text "Manage Survey Participants" to "Survey Distribution Tools", which more clearly describes the pages in that section.
  • Bug fix: Users using certain browsers (e.g., Firefox) on the "Create New Report" or "Edit Existing Report" page would mistakenly be unable to place their mouse cursor into the input fields in Step 2 on that page, thus preventing them from adding new fields to the report using the auto-complete functionality. (Ticket #52055)
  • Bug fix: When performing a data import (either via API or via Data Import Tool) in which the first instrument of a record is locked, it would mistakenly prevent the data import from completing, thus resulting in an error, even if the user is not attempting to update values on the first instrument.
  • Bug fix: Uploading, editing, or deleting a file in the File Repository of a project would fail if the project's language was set to anything other than the default "English" language. Bug emerged in REDCap 8.7.0. (Ticket #51457)
  • Bug fix: The data dictionary import process would fail if any calculated fields in the data dictionary contained Smart Variables in their calculation. (Ticket #51346)
  • Bug fix: If using a custom record label in a longitudinal project, in which the custom record label references a field that exists on an event that is not the first event of the current arm, then it might not display the custom record label at all. (Ticket #50733)
  • Bug fix: Some cron jobs were mistakenly shifting by a minute or two each day with regard to the time they should be run by the system. They will now be run at the exact minute they are expected to based on their previous run time + their defined frequency to run.
  • Bug fix: When using DDP on FHIR to add a patient to a project from inside the EHR interface, in certain cases the add-patient process would fail and simply return a dialog saying "ERROR".
  • Bug fix: If a report in a project is created, copied, reordered, or deleted, then on occasion it may mistakenly cause many (or all) of the existing reports to be reordered in a seemingly random fashion. (Ticket #42809)
  • Bug fix: When using the Publication Matching module, if REDCap is upgraded to a newer version after an email has been sent to a PI regarding a possible publication match, then the link in the email would not redirect to the correct webpage properly. (Ticket #52023)
  • Bug fix: If custom Homepage Announcement text is set for the system and the current user is sponsor of a user, then the custom text would mistakenly not stretch as wide as the My Projects table. (Ticket #51782)
  • Bug fix: If a field on a repeating event/form has a specific repeating instance number that is referenced in a calc field or branching logic (e.g., [weight][2] > 150), then even if the specific repeating instance of the event/form exists, it will throw an error on the data entry form or survey page if the field itself does not have a value saved for the repeating instance that is explicitly referenced.
  • Bug fix: When using certain non-English languages for the translated text in a project, the title/hover-over text for the repeating survey icon in the Online Designer would mistakenly get truncated. (Ticket #52126)
  • Bug fix: When piping data from a repeating event/instrument onto another instrument or event, especially a non-repeating instrument/event, then the PDF download of that instrument with saved data might mistakenly not pipe the data into the labels in the PDF.
  • Bug fix: In a multi-arm project using the Scheduling module, opening a record from the Calendar page and then clicking "view schedule" from the calendar popup would load the "View or Edit Schedule" page but might mistakenly not pre-select the record in the record drop-down list on that page.
  • Bug fix: When viewing the Browse Projects page in the Control Center, any projects that have been deleted in the past 30 days but have not yet been removed from the system would have a missing status icon on the far right of the projects table. It should instead be displaying a red cross icon for the status.
  • Bug fix: The plugin/hook/module method REDCap::getReport now more strictly checks the value of the third parameter ($exportAsLabels) to ensure it is a boolean. (Ticket #52382)
  • Bug fix: When using a bookmarked link of a page in the Plugins, Hooks, and External Modules documentation after REDCap is upgraded to a newer version, then the bookmark would not redirect to the correct webpage properly. (Ticket #51824)
  • Change: Added extra admin-specific error message in DDP on FHIR when a FHIR access token fails. This is to help troubleshoot access token issues.
  • Bug fix: If a conversation in Messenger is attached to a project, it would mistakenly display the HTML <br> tag when hovering over the conversation title. (Ticket #52308)
  • Bug fix: If certain Smart Variables (e.g., [survey-queue-link]) are used in the email text of an Automated Survey Invitation, which also uses datediff with "today" or "now" as a datediff parameter, then it would prevent the ASI+datediff cron job from fully running. Note: This would only affect a small percentage of the total invitations being sent out. (Ticket #51081)

Version 8.8.2 - (released 10/17/2018)

BUG FIXES & OTHER CHANGES:

  • Change: If a user loads a data entry form without a record in context, in which it displays the Incomplete/Complete Records drop-downs for choosing a record (this page can only be navigated to by clicking the "Show data collection instruments" link on the left-hand project menu and then selecting a form), if the project exceeds 25,000 records, it will truncate the drop-downs so that they only display the last 25,000 records ("last"=those at the end when viewing an ordered list of all records). This is to improve performance by preventing the page from having to output so much HTML to the client.
  • Change: Added suggested change to the REDCap install page regarding the sample MySQL script for creating a new MySQL user. (Ticket #51144)
  • Bug fix: If text has been set for the Home Page setting "Announcement text to display at top of Home page and My Projects page" and the setting "Additionally display text on login page?" is set to "No" (which is a new feature in v8.8.1), then it would mistakenly display the custom Home Page text below the login form when a user is logging in, even though it is not supposed to. Bug emerged in REDCap 8.8.1. (Ticket #50889)
  • Bug fix: The table listing all the user rights/roles on the User Rights page in a project would mistakenly not display the last column or two of the table. (Ticket #50876)
  • Bug fix: When using the Twilio Telephony Services for surveys and setting up an Automated Survey Invitation in which the Invitation Type is "SMS Invitation (contains survey link)", it would mistakenly add the survey link twice to the SMS message. And in the version of REDCap just prior to this one, it was mistakenly adding the survey link if it was not included in the SMS message for the ASI, which should not occur because the instructions state that the survey link will not be automatically added to the SMS when using the "SMS Invitation (contains survey link)" invitation type. So if using "SMS Invitation (contains survey link)" invitation type, it will not add the survey link unless the [survey-url] Smart Variable is used in the SMS message for the ASI. (Ticket #50596)
  • Bug fix: If a field exists on a repeating instrument, and a value is being imported for that field (via Data Import Tool or API) in which no value is provided for the redcap_repeat_instrument field for that row of data, it would mistakenly allow the data to be imported without errors, and that data might become orphaned and be inaccessible on certain pages (e.g., Record Home Page, Record Status Dashboard) after the import has completed.
  • Bug fix: In certain cases, the left-hand project menu might display the link "View/Edit Records" when instead it should always display the "Add/Edit Records" unless the user does not have "Create Record" privileges.
  • Bug fix: When clicking the pencil icon on the Online Designer, it would mistakenly not open the "Add Field"/"Edit Field" dialog if the user was using Internet Explorer. Bug emerged in REDCap 8.8.1 (Standard). (Ticket #51359)
  • Bug fix: For certain SFTP server configurations, the system-level feature "e-Consent Framework: PDF External Storage Settings" might mistakenly not save files successfully to the SFTP server.

Version 8.8.1 - (released 10/5/2018)

IMPROVEMENTS, BUG FIXES & OTHER CHANGES:

  • Improvement: REDCap admins may now, if they wish, prevent normal users from contacting admins in REDCap Messenger. This option can be enabled under the "REDCap Messenger" section on the "Modules/Services Configuration" page in the Control Center. If set to "prevent users from messaging admins", then users will not be able to add any REDCap admins to any new or existing conversation in Messenger. However, admins will still be able to add normal users and other admins to a new or existing conversation.
  • Improvement: The "Sponsor Dashboard" and the Control Center's "Browse Users" page now have a new action button: "Re-send account creation email". This new action is only available for REDCap installations with either "Table-based" or "LDAP & Table-based" authentication. Clicking the button will send the user the same email (which includes the link to set their password) that was sent to them when their Table-based account was created. This will often be used in case the user did not receive the original email (for whatever reason).
  • Improvement: Under the "PDF Customization Options" section in the Additional Customizations popup on the Project Setup page, a new option has been added: "Display or hide the Secondary Unique Field value (if enabled) at the top right corner of the PDF". This option will be useful, for example, when sending the PDF to a survey participant, in which the Secondary Unique Field value should not be known or viewable to the participant.
  • Improvement: When selecting a color for an item under "Custom survey theme options" on the Survey Settings page, the color-picker now allows users to provide the Hex color code (e.g., #0b5394) to choose the color of the item. (Ticket #8321)
  • Change/improvement: The option "Announcement text to display at top of Home page and My Projects page" on the "Home Page Configuration" page in the Control Center now has an extra option that says "Additionally display text on login page?", which will give admins the ability to opt out of displaying that text on the login page, which it currently does by default. (Ticket #21796)
  • Major bug fix: If importing new records into a project via Data Import Tool or API Import Records, it would mistakenly not update the record count in the project to reflect the new records that were added.
  • Major bug fix: If a user in a Data Access Group is creating a new record and uploading a file for a File Upload field on a form or survey prior to clicking the Save button, which would create the record, it will correctly assign that record to the user's DAG, but that record might mistakenly not show up for the users in that DAG when viewing a report, Record Status Dashboard, Add/Edit Records page, or other pages that display a list of records. This issue would usually correct itself after 3 days.
  • Bug fix: If a user attempts to create a new record on the Add/Edit Records page, in which the record contains a tab character (via copy-and-pasting the record name from elsewhere), it would mistakenly not inform the user that tab characters are not permitted in record names and would simply remove them when loading the Record Home Page for that new record. (Ticket #50347)
  • Bug fix: If a user adds Custom Event Labels for a longitudinal project, and then converts the project to classic/non-longitudinal format, the Custom Event Label for the first event would mistakenly still appear on the Record Home Page. Custom Event Labels should only appear when a project is longitudinal. (Ticket #49885)
  • Change: The language has been abstracted to allow for translation for the popup that appears on data entry forms and survey pages when a user leaves spaces at the beginning or end of a text box's value. (Ticket #37401)
  • Bug fix: The notification in the Control Center that informs REDCap admins that a new External Module update is available would mistakenly display versions of modules that were not compatible with the current REDCap version. However, if the admin clicked the blue button to visit the REDCap Repo and then returned back to REDCap afterward, it would temporarily resolve this issue. (Ticket #49957)
  • Bug fix: If a user creates a thread in REDCap Messenger that is connected to a project, and then navigates into a different project, in which the Messenger panel is initially closed while in that project, then when the background AJAX call for Messenger runs after being on a page for 60 seconds, it would mistakenly cause a JavaScript error and might cause some functionality of Messenger not to work correctly. (Ticket #24930)
  • Bug fix: The plugin/hook/module method named REDCap::evaluateLogic might not interpret the event context correctly depending on the value passed as the $event parameter. (Ticket #49420)
  • Bug fix: Fixed issue related to performance boost from REDCap 8.7.2 that caused some very large projects to be extremely slow on certain pages temporarily if multiple users were using the project simultaneously.
  • Bug fix: In a longitudinal project that is in production, if a user attempts to un-designate an instrument for an event on the "Designate Instruments for My Events" page, specifically using the CSV file upload option, it would mistakenly allow the user to do so, even though only REDCap admins should be able to un-designate instruments for events while in production. (Ticket #48290)
  • Bug fix: When using a date or datetime field with DMY or MDY format as the record ID field, it would mistakenly not save the record name correctly when trying to create the record, but instead it would mangle the date format. (Ticket #49373)
  • Bug fix: If branching logic or a calculation on a repeating instrument or repeating event utilizes the Smart Variable "current-instance" (e.g., [yesno_var][current-instance]*1), then when viewing the first repeating instance of that instrument/event, it would mistakenly not perform the branching logic or calculation correctly if the value for that field in the logic/calc changes while on that page. (Ticket #50094)
  • Change: When viewing the “Add New Field”/”Edit Field” popup in the Online Designer, it will now ask the user to choose the ontology service that they wish to use (it did not do this in previous versions), even though there is just one to choose. After choosing “BioPortal Ontology Service”, it will then display all the ontologies available for BioPortal, as it has done in the past. This extra step was added to allow for more custom ontology services to be added in the future. But for now, BioPortal is the only service currently available by default in REDCap.
  • Bug fix: When using the Twilio Telephony Services for surveys and setting up an Automated Survey Invitation in which the Invitation Type is "SMS Invitation (contains survey link)", it would mistakenly add the survey link twice to the SMS message. (Ticket #50596)
  • Bug fix: When downloading a PROMIS Battery from the REDCap Shared Library, it would mistakenly enable the Survey Auto-Continue option for all instruments in the battery when instead it should enable it for all except for the last one.
  • Bug fix: When running Data Quality rule F, in which some fields being evaluated exist on a repeating instrument, it might mistakenly display them in the list of discrepancies when in fact it is a false positive. (Ticket #49640)
  • Bug fix: Calculated fields would sometimes hit a precision limit in JavaScript and mistakenly return a blank value for the calc field rather than the correct numerical result, which might need to be displayed in scientific (exponential) notation. (Ticket #50578)
  • Bug fix: When using LDAP or LDAP & Table-based authentication, it was mistakenly not allowing users to be assigned to a user role in a project if the username contained a space. (Ticket #50791

Version 8.8.0 - (released 9/30/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • New feature: PROMIS Batteries – 15 batteries of instruments are now available in the REDCap Shared Library. A battery is a set of instruments that can be downloaded from the Shared Library as a bundle, in which they are meant to all be taken together one after another within a single battery. When downloading from the Shared Library, the survey auto-continue feature will be enabled for these instruments to allow a participant to automatically continue from one to another to simulate the battery functionality.
  • Improvement: A project's Record ID field can now be used as a Live Filter in any given report, thus allowing users to easily view the report for a single record.
  • Bug fix: When hitting the Enter button while inside a date or datetime field that triggers calculations or branching logic on the same page of a form or survey, it might mistakenly display erroneous error prompts stating that something is syntactically incorrect with the calculation or branching logic, which is not the case.
  • Bug fix: When piping a value from a date or datetime field into the @DEFAULT action tag of another date/datetime field that has either MDY or DMY date format, the value would mistakenly get mangled and thus be incorrect when the page initially loads. (Ticket #17157)
  • Bug fix: When uploading a file for a File Upload field, under certain conditions it might mistakenly cause multiple rows to be added to the redcap_data database table for that record. (Ticket #50178)
  • Bug fix: Fixed issue related to performance boost from REDCap 8.7.2 that caused some very large projects to be extremely slow on certain pages temporarily if multiple users were using the project simultaneously.
  • Bug fix: If records exist in an arm in a multi-arm project, and then that arm is deleted, those records in that now-deleted arm might mistakenly appear on certain pages, such as the Record Status Dashboard or Add/Edit Records page. (Ticket #50353)
  • Bug fix: When using DDP on FHIR and opening a record on the Record Home Page while viewing it inside the EHR, a JavaScript error might mistakenly occur, thus sometimes preventing the DDP adjudication dialog from opening.
  • Bug fix: When creating a new Table-based user in the Control Center, in which the user's attributes contain special/non-Latin characters, then depending on the server's MySQL collation_connection, it might not save the user's attributes correctly in the database but may instead mistakenly garble them. This bug was supposedly fixed in REDCap 8.7.3 but was mistakenly not. (Ticket #48983)
  • Bug fix: When mapping an EHR field on the DDP mapping page in a longitudinal project using DDP on FHIR, and clicking the "Copy mapping to other event" for a given field, it might mistakenly also copy the category header that immediately follows that field, which makes the page look confusing to the user.

Version 8.7.4 - (released 9/20/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: If a user has data export privileges of "De-identified" or "Remove all tagged Identifier fields", and then the user exports a report in which every field in the report gets removed due to their export privileges, then it would mistakenly export data for *all* the fields in the entire project. (Ticket #48976)
  • Major bug fix: If a user attempted to put a production project into Draft Mode on the Online Designer page, it would fail and merely reload the page. (Ticket #49866)
  • Bug fix: The projects table on the Browse Project page in the Control Center was cut off on the right side. (Ticket #49773)
  • Change: Added the HTML tags <map> and <area> to the list of allowed tags that can be used in user-defined text (e.g., field labels, survey instructions). (Ticket #49526)
  • Bug fix: If a field was using @DEFAULT, @NOW, or @TODAY action tags, and that field was also being piped into text somewhere on that same page, then the field values would mistakenly not get piped when the page initially loads. (Ticket #49839)

Version 8.7.3 - (released 9/19/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • New options for Data Exports
    • Improvement: When exporting a report, a new “Data formatting options” section appears in the export dialog to allow users to choose the CSV delimiter character to be used in CSV Raw Data and CSV Labels exports. Options include comma (default), tab, semi-colon, pipe, and caret. This is useful in certain cases when the resulting data file needs to have another delimiter, such as a tab, for example. In addition, the two API methods “Export Records” and “Export Reports” have a new analogous parameter “csvDelimiter” that will set the CSV delimiter character if using “csv” as the format in the API request. See the API documentation for full details. (Ticket #30939)
    • Improvement: When exporting a report, a new “Data formatting options” section appears in the export dialog to allow users to optionally force all numbers into a specified decimal format. It will default to “Use fields’ native decimal format”, but provides the choices “Use period/full stop” and “Use comma” as the decimal character for all numbers. This will allow projects that have fields with period/full stop decimals (calc fields, number validated fields) and those with comma decimals (comma-as-decimal validated fields) to all be exported in the same uniform number format, thus providing greater consistency in the data being exported. In addition, the two API methods “Export Records” and “Export Reports” have a new analogous parameter “decimalCharacter” that will set specified decimal format for all numbers in the API request. See the API documentation for full details. (Ticket #30939, #34597)
  • Improvement: New optional parameters added to the API Export Records method to filter data returned based on when a record was created or modified
    • dateRangeBegin – To return only records that have been created or modified *after* a given date/time, provide a timestamp in the format YYYY-MM-DD HH:MM:SS (e.g., '2017-01-01 00:00:00' for January 1, 2017 at midnight server time). If not specified, it will assume no begin time.
    • dateRangeEnd – To return only records that have been created or modified *before* a given date/time, provide a timestamp in the format YYYY-MM-DD HH:MM:SS (e.g., '2017-01-01 00:00:00' for January 1, 2017 at midnight server time). If not specified, it will use the current server time.
  • Improvement: The Record Status Dashboard will now remember the user's last selection for the "page number" drop-down and the "records per page" drop-down, so that when they return to the dashboard in that project in the future, it will already have their last selections pre-selected for those two drop-downs. Note: It already remembers the user's last selection for "dashboard displayed" and "data access group". (Ticket #48913)
  • Improvement/change: When a user copies a project via the "Copy the project" button on the Other Functionality page, it now logs the PID (project_id) and project title of the new project in the copied project, and it now also logs the PID and project title of the originating project in the newly created project. So now it should be much easier for users to see if someone copied a project, and if so, determine which project is the one that had been created from the original. (Ticket #47208, #42783)
  • Improvement: Two new parameters "exportAsLabels" and "exportCsvHeadersAsLabels" were added to the plugin/module method named REDCap::getReport. These allow developers to designate whether to output data as raw values vs labels, as well as choose to export CSV headers as labels rather than as variable names (for CSV outputFormat only). (Ticket #49173)
  • Improvement: If one or more External Modules are enabled in a project, it now allows the user to choose if they want to copy over the module configuration settings when copying the project. In previous versions, it would always copy the settings without asking, even though the modules were disabled by default. So now users have a choice.
  • Bug fix: After completing a data import in a project with thousands or tens of thousands of records, many project pages would sometimes become unresponsive for quite a while.
  • Bug fix: When viewing the To-Do List in the Control Center, some requests might mistakenly still show up in the request counts even though the requester's account has been deleted from the REDCap system. (Ticket #48846)
  • Bug fix: Certain database queries that check to make sure that a project's reports are in the correct order were getting run more than necessary, which would sometimes cause certain pages in a project to run slowly.
  • Bug fix: For large screens, project pages might mistakenly have an empty column of whitespace on the far right. (Ticket #49155)
  • Bug fix: The External Module framework methods setDAG() and addAutoNumberedRecord() were not updating the record list cache table, thus causing some record lists (e.g., Record Status Dashboard) to become out of sync with the data in the redcap_data database table. Bug emerged in REDCap 8.7.2 Standard. (Ticket #49215)
  • Bug fix: After editing the branching logic of a field in the Online Designer, it would mistakenly chop off the first character in the branching logic when displaying it in red text on the page for the field. (Ticket #49098)
  • Bug fix: When using DDP on FHIR to add a patient to a project, in some cases it would navigate to an incorrect non-existing record named "Undefined" in the REDCap project after clicking "View patient in project" button after creating the record via DDP on FHIR.
  • Bug fix: When using DDP on FHIR, some LOINC codes related to Multiple Sclerosis were mistakenly missing from the DDP field mapping page.
  • Bug fix: When creating a new Table-based user in the Control Center, in which the user's attributes contain special/non-Latin characters, then depending on the server's MySQL collation_connection, it might not save the user's attributes correctly in the database but may instead mistakenly garble them. (Ticket #48983)
  • Bug fix: The To-Do List page in the Control Center would mistakenly display with the action buttons overlapping the previous column in the table. (Ticket #49096)
  • Change: When a REDCap administrator enables or disables either the DDP on FHIR module or the DDP Custom module, it now explicitly states this on the Logging page, whereas previous versions merely logged the action generically as "Modify project settings".
  • Bug fix: When using DDP on FHIR, the information page/popup that describes how to use DDP to users was mistakenly missing the specific codings required for the three demography fields "sex", "race", and "ethnicity". The required multiple choice codings for those fields are now listed in the DDP on FHIR informational page that is accessible on the DDP on FHIR Control Center page and via the popup on a project's Project Setup page.
  • Bug fix: When launching multiple patients using DDP on FHIR inside the EHR interface (i.e., multiple tabs during same session), if the user returned to an older tab/patient during the same session, it might mistakenly confuse it with the latest patient that was loaded, thus losing that tab's proper context for the patient and causing confusion for the user.
  • Bug fix: If using MySQL 8.0 as the database, in certain cases the Control Control might erroneously display the "Database structure is incorrect" warning even though nothing is wrong with the database tables. (Ticket #49580)
  • Bug fix: If using certain non-English languages as the system language, the login page might mistakenly truncate the "Username:" or "Password:" labels. (Ticket #48547)
  • Bug fix: When exporting a project's Project XML file, for certain server configurations, it would cause the XML file to have all linefeeds removed from Section Headers and Field Labels. Note: This fix will not fix any Project XML files that have already been generated but will fix this issue for any XML files generated in the future. (Ticket #48719)
  • Bug fix: If there exists piping, calculations, or conditional logic using the Smart Variables first-event-name or last-event-name that happens to be prepended to a checkbox field, in which a checkbox choice is explicitly specified inside parentheses, it would mistakenly return a list of all the checked-off checkbox labels instead of the checked-off status for the specified choice. (Ticket #49378)
  • Bug fix: When a user attempts to place a production project into draft mode, it might mistakenly just reload the same page with no changes, thus preventing the project from being put in draft mode. (Ticket #6346)
  • Fixes and updates for External Modules Framework
  • Bug fix: If an External Module was using the API endpoint for assets (non-PHP pages), it would mistakenly enforce authentication on those assets, which would cause issues for certain authentication types, such as Shibboleth.

Version 8.7.2 - (released 9/7/2018)

IMPROVEMENTS, BUG FIXES, & OTHER CHANGES:

  • Improvement: Performance boost – Certain pages in projects with thousands or more records should now load much faster in most cases. This includes the Record Status Dashboard, various pages utilizing Data Access Groups, and certain reports. Reports A and B should especially see significantly faster loading (excluding when viewing “all” pages in report A or B).
  • Improvements related to viewing or creating reports
    • New report option that will combine checkbox options into a single column of only the checked-off options. Previously, any checkbox fields in a report would have their choices represented as separate columns in the report, but with this new setting, they can now all be represented as a single column with comma-delimited values and comma-delimited labels. Note: If data is exported to a stats package on a report using this option, checkbox fields will be represented as text fields in the stats package’s syntax file that gets generated by REDCap.
    • Report description – Users may now optionally set a description for a report, in which the description gets displayed as text below the report title on the report page. This allows users to provide instructions or explanatory text for the report. Note: HTML may be used in the description to add links or to style the text.
    • Change: When exporting a report, it now includes the report’s title as part of the resulting export files’ file name. This should make it easier to distinguish different exported data sets if a user is exporting several reports for a given project.
    • Improvement/bug fix: In previous versions it was very difficult (and sometimes impossible) to create reports with lots of fields in projects that contained >1000 total fields. In some cases, it would cause the Create Report page to be very sluggish or even to crash in some cases. This should no longer happen, and users should be able to easily create reports with thousands of fields, if they wish, with no problem.
  • Improvement: If using "Local" file storage for uploaded files, inline image attachments for Descriptive fields and also survey logos will load on the page with their proper width and height already set, which should cause shifting/disturbance on the page due to the images loading slightly later than the page itself.
  • Bug fix: When setting the value of the Rate Limiter on the General Configuration page in the Control Center, it would display a soft validation error if a value was entered that was less than 60. It should instead allow all integers to be entered with a minimum possible value of "0".
  • Bug fix: If a POST request to REDCap exceeds the maximum number of POST parameters according to the max_input_vars setting in the PHP.INI configuration file, it might truncate the parameters sent and mistakenly not display an error message, thus only saving part of the data submitted without informing the user of such. It now properly returns an error message to let the user knows if this ever occurs. This includes API requests. (Ticket #47117)
  • Bug fix: Updated some outdated text on the "Administrators & Acct Managers" page in the Control Center. (Ticket #47531)
  • Change: When exporting a data dictionary, it will now automatically prepend the Field Annotation column with a single space character if the value begins with an "@" sign. This is to prevent issues when loading the data dictionary into Microsoft Excel, which uses "@" to denote the beginning of an equation. When the data dictionary is re-uploaded back into REDCap, the extra space will be subsequently removed to maintain the integrity of the initial value in the data dictionary as it was exported.
  • Bug fix: If a record in a project has some survey invitations scheduled, and then the record is renamed, its associated invitations would mistakenly get disassociated from the record, thus causing the invitations not to get delivered. (Ticket #47887)
  • Bug fix: When using the "DDP on FHIR" module and launching a REDCap window inside an EHR interface, if the user navigates inside a REDCap project in that window, it would mistakenly display the left-hand project menu when it should instead keep the menu invisible in that window. Bug emerged in REDCap 8.7.0.
  • Bug fix: If a user placed their cursor into any text input field and clicked their Backspace button on their keyboard, it would cause a JavaScript error. In most cases, this would go unnoticed; however, some browsers might display a popup alerting the user of this error, which could confuse the user.
  • Bug fix: Drop-down fields using the auto-complete option would react very slowly when typing text into them if the number of drop-down options was very large (>1000). For larger drop-down fields, it now requires more characters (based on the drop-down size) to be initially typed before it begins performing the auto-complete functionality. For example, if the drop-down contains more than 200 options, it requires at least 1 character to be entered before auto-complete is activated, and if it contains more than 500 options, then requires 2 characters (and so on, up to 4 characters max). Bug emerged in REDCap 8.7.0 (related to jQuery 3).
  • Bug fix: The Repeating Instruments tables displayed at the bottom of the Record Home page would mistakenly be displayed vertically rather than horizontally. Bug emerged in REDCap 8.7.0.
  • Bug fix: Minor aesthetic styling fixes due to Bootstrap 4 issues. This additionally includes reports not printing correctly in Firefox. (Ticket #47920)
  • Bug fix: When viewing the "Copy existing choices" popup when adding/editing a field in the Online Designer, many of the choices might mistakenly overlap each other, thus making some impossible to read.
  • Bug fix: The REDCap cron job was mistakenly being counted toward "Page Hits" as displayed on the Control Center's Activity Graphs page. (Ticket #46074)
  • Bug fix: When using the e-Consent Framework in a project, in which a record has an e-Consent PDF file associated with it and a user deletes the record, it would mistakenly not delete the record's e-Consent entry. This would cause problems if another record was created later using the same record name, in which it would prevent the saving of that new record's e-Consent file. (Ticket #38660)
  • Change: Minor changes made to login process for AAF authentication.
  • Change: When exporting data to SPSS, date and datetime fields are now represented as A500 and text fields as A1000 in the SPSS syntax file, whereas previously they were all represented as A30000, which could cause very slow processing when loading the data into SPSS. (Ticket #37115)
  • Bug fix: When using "Japanese (Shift JIS)" for a project's "character encoding for exported files" setting, and the project's PDF Customization setting has the PDF header text (e.g., Confidential) in Kanji/Japanese, then the PDF header text would mistakenly not display correctly in the PDF. (Ticket #48035)
  • Bug fix: LDAP allows for spaces to be used in usernames, and even though REDCap users could successfully log into REDCap while having a space in their username, REDCap would not allow such users to be added to projects, in which it would display an error message stating "User names can only contain letters, numbers, underscores hyphens and periods". If using "LDAP or "LDAP & Table" authentication, it will now allow users to be added to a project via the User Rights page even if their username contains a space. (Ticket #48169)
  • Bug fix: When using literal date or datetime values inside a datediff() function in the "Add/Edit Branching Logic" popup in the Online Designer and testing the logic against a record, it might mistakenly state the field should be hidden when instead it should be shown (or vice versa). Related, if using literal dates inside a datediff() function in the branching logic of a field, and a user goes to export a PDF with saved data of that field's instrument for an existing record, the field might mistakenly be hidden in the PDF when instead it should be shown (or vice versa). (Ticket #47717)
  • Bug fix: When using "Japanese (Shift JIS)" for a project's "character encoding for exported files" setting, the Kanji text might not display correctly if the PDF is opened on certain devices. The remedy this, the internal font in the PDF has been changed from Gothic to Kozmin. (Ticket #48035)
  • Bug fix: When using a Stop Action on a checkbox on a survey, in which the "Enhanced checkbox and radio button" option is enabled for the survey, then if a participant triggers the Stop Action but chooses to "Continue survey" (rather than ending the survey), it would mistakenly not uncheck the checkbox choice they had selected. (Ticket #48273)
  • Bug fix: Using an X-instance Smart Variable that is appended to a variable or Smart Variable containing a parameter with a colon (e.g., [mycheckbox:checked][last-instance]) might mistakenly not be parsed correctly, thus possibly returning an incorrect value. (Ticket #48251)
  • Bug fix: When the record ID field in a project has field validation, and the Scheduling page is being used in a longitudinal project to create a new record (assuming record auto-numbering is not enabled), the Scheduling page would mistakenly not employ the field validation if a record name was entered in an incorrect format. This only occurs for certain field validation types. (Ticket #46643)
  • Bug fix: When using the Smart Variables "previous-event-name" or "next-event-name" in a calculated field while viewing the first or last event, respectively, it would mistakenly display the error prompt stating that there was an error in the calculation. Instead, it now silently replaces those with a blank value (wrapped in quotes) in the equation to prevent an error from occurring in order to force a blank value to be returned. (Ticket #48631, 48669)
  • Bug fix: When using the X-event-name Smart Variables as prepended to a field variable, in which the variable name contains a number, it might not parse the Smart Variable correctly, thus causing it to replace it with a blank value or the value from the wrong event. (Ticket #48576)
  • Bug fix: If PHP's Multi-Byte String extension is not enabled on the web server, then REDCap might throw a fatal PHP error when attempting to send an email. (Ticket #48757)
  • Bug fix: Some data entry forms, especially for records that have repeating instruments with many repeating instances saved (i.e., hundreds or more), would load very slowly, sometimes causing the page to time out and never fully load. They should now load much faster. (Ticket #40634)
  • Bug fix: When calling the method REDCap::getPDF inside a hook in a project, in which the current user does not have full data export privileges, the method would mistakenly fail to output the PDF. The method should work regardless of the user's project-level rights. (Ticket #48756)

Version 8.7.1 - (released 8/15/2018)

BUG FIXES & OTHER CHANGES:

  • Major bug fix: Calculations that exist on a repeating instrument or repeating event might mistakenly not get calculated when importing data via API or Data Import Tool or when executing Data Quality rule H.
  • Bug fix: When cross-event branching logic is used on a field in a longitudinal project, in which some events being referenced in the logic do not contain any data for a given record, in some cases the PDF export of an instrument would mistakenly not correctly determine if the field should be hidden or not in the PDF, and thus it might hide the field when it should display it (or vice versa). This bug only affects the PDF. (Ticket #42206)
  • Bug fix: The action of creating or modifying a Custom Record Status Dashboard was mistakenly not getting logged on the project Logging page.
  • Bug fix: The default browser behavior of navigating back to the previous page after a user clicks their keyboard's Backspace button was mistakenly occurring in "search" input type fields, which are predominate in External Modules and their configuration pages.
  • Bug fix: An error message on the Data Import Tool had incorrect text. (Ticket #47040)
  • Bug fix: In longitudinal projects in production, the "select all" and "deselect all" links on the "Designate Instruments for My Events" page would mistakenly allow the user to select/deselect already-designated instruments. Instead it should only allow the user to select/deselect instruments that are not yet designated. (Ticket #47020)
  • Bug fix: Small SQL issue caused if upgrading to 8.7.0 from an earlier version. (Ticket #47020)
  • Bug fix: In a longitudinal project that has multiple arms and is also using the Double Data Entry module, the Record Status Dashboard would mistakenly not display any form status icons on the page for a user that is Double Data Entry person 1 or 2.
  • Bug fix: Minor alignment or placement issues for elements on certain pages (due to introduction of Bootstrap 4), such as the position of the main project window on iPads and also the placement of "Upcoming Calendar Events" table at the bottom of the Project Home page. (Ticket #47074, #47230)
  • Various fixes and updates for the External Modules framework