XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk


« 1 ... 27230 27231 27232 (27233) 27234 27235 27236 ... 29422 »


272321
kevincam
Re: Best for articles management

  • 2004/2/15 5:25

  • kevincam

  • Just popping in

  • Posts: 14

  • Since: 2003/2/25


Found a bug in XF-Section.

category.php
line 68
here is the corrected line:
$indeximage_select->setExtra("onchange='showImgSelected(\"image\", \"indeximage\", \"".$wfsConfig['sgraphicspath']."\", \"\", \"\")'");

I had to add: , \"\"
which set the last parameter for the javascript function showImgSelected() to be empty.
Topic | Forum


272322
Catzwolf
Re: Add spaw WISIWYG editor to newbb

  • 2004/2/15 5:17

  • Catzwolf

  • Home away from home

  • Posts: 1392

  • Since: 2007/9/30


Quote:

Beast wrote:
I'd like to try this hack, can you please make it available again?

I am having trouble putting a table in a forum post... it adds a heap of blank lines before the table. I know that Tiny Content can get around this, but I don't know how it does it.


The problem is due to the way that XOOPS handles linebreaks, linebreaks are replaced with < br /> and this is what causes the problem.

When displaying the data you have to 'switch' this off by changing the switch from 1 to 0.
Topic | Forum


272323
Catzwolf
Re: wfsection - index needs to be specified

  • 2004/2/15 5:13

  • Catzwolf

  • Home away from home

  • Posts: 1392

  • Since: 2007/9/30


Quote:

Wingz wrote:
Updated wfsection in 2.0.6, and I have only one apparent problem - when wfsection is called from the menu there is just a blank page shown ('done' is shown in the browser).

However, if the entire URL is typed;
http://www.mysite.org/modules/wfsection/index.php

then the index page is shown instantly.

No other module has this problem; any ideas please? Already lost hundreds of comments in the upgrade and this is incredibly frustrating.


Hi Wingz,

I have no idea why WF is doing this and would like to know if anyone else has the same problem as yourself.

I will install this version on a test server and see what I can come up with.

I am really sorry about the comments
Topic | Forum


272324
Beast
Re: BUG when tables in Forums or News

  • 2004/2/15 5:03

  • Beast

  • Just popping in

  • Posts: 26

  • Since: 2003/9/7 2


Quote:

Anonymous wrote:
Yes its a bug and being looked into


I thought I would bump this thread from two years ago to mention that this bug is still here. The 'fix' of removing all the line breaks in the html code does work, but it's painful to have to do that.
Topic | Forum


272325
Olorin
Re: EMERGENCY: security hole of Agenda-X

  • 2004/2/15 4:58

  • Olorin

  • Just popping in

  • Posts: 50

  • Since: 2003/7/5 1


Knowing how friendly to Xoopseres you are, I'm really disappointed with you this time, GIJOE. If you believe in you are capable of fixing the security hole, confident that wjue is unable to fix it, why don't you help wjue make the secure Agenda-X....

And I'm afraid it's quite natural for us to think GIJOE concealed the onokazu's post which solves this problem on purpose. Since I know you must have known the information on xoops.jp for the temporary fix when you started this thread....

You said wjue must take you for his foe. But, as for me, it seems to be you that take wjue for your foe...

Unfortunately, I'm not a skilled PHP coder, though I want to know the cause of this security hole. What was the problem? Is this security hole only related with global_register? What about open_basedir, or safe_mode?

You said Agenda-X would damage the value, and quality of Xoops. Moreover you stated pical is worth deserving the no.1 calendar module...

But what is XOOPS at all? XOOPS itself consists of thousands of ordinary users who know nothing about PHP. What we have to care is not the name of Xoops, but the community of XOOPS itself... Do you wana still keep developing such a top notch module even if nobody uses Xoops?

Well, what I want to say is that many people still use agenda-x, and they don't want to lose the data. However you suggested that they should remove agenda-x and use other alternatives, which results in abandoning the past data.

Of cource, considering its potential threat, it is the best way to remove the module, though...

==The files which need fixing==
- modules/agendax/addevent.inc.php
- modules/agendax/i18n.php
- modules/agendax/config.inc.php
- modules/agendax/admin/admin_header.php

- modules/agendax/addevent.inc.php
BEFORE
Quote:
include($agendax_path.\"/checkemail.inc.php\");

AFTER
Quote:
require_once './config.inc.php';
include($agendax_path.\"/checkemail.inc.php\");


- modules/agendax/i18n.php
BEFORE
Quote:
include_once $agendax_path.'/gettext.php';

AFTER
Quote:
require_once './config.inc.php';
include_once $agendax_path.'/gettext.php';

- modules/agendax/config.inc.php
BEFORE
Quote:
$agendax_path = XOOPS_ROOT_PATH.'/modules/agendax';

AFTER
Quote:
if (!defined('XOOPS_ROOT_PATH')) {
exit();
}
$agendax_path = XOOPS_ROOT_PATH.'/modules/agendax';

- modules/agendax/admin/admin_header.php
BEFORE
Quote:
if (!isset($agendax_path)) $agendax_path =XOOPS_ROOT_PATH.'/modules/agendax';
if (!isset($agendax_path)) $agendax_url = XOOPS_URL.'/modules/agendax';

AFTER
Quote:
require_once '../config.inc.php';
Topic | Forum


272326
Dave_L
Re: Inserting data into module table

  • 2004/2/15 4:57

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Do you mean inserting the data into a MySQL database table, or displaying it in an HTML table?
Topic | Forum


272327
Dave_L
Re: EMERGENCY: security hole of Agenda-X

  • 2004/2/15 4:53

  • Dave_L

  • XOOPS is my life!

  • Posts: 2277

  • Since: 2003/11/7


Quote:
the first operator of these functions:
include(), include_once(), require(), require_once()
should not be started by variables.


For example: include_once ("$variable/functions.inc.php");
Topic | Forum


272328
Wingz
wfsection - index needs to be specified

  • 2004/2/15 4:51

  • Wingz

  • Just popping in

  • Posts: 71

  • Since: 2002/8/23


Updated wfsection in 2.0.6, and I have only one apparent problem - when wfsection is called from the menu there is just a blank page shown ('done' is shown in the browser). Eg:
http://www.mysite.org/modules/wfsection/

However, if the entire URL is typed;
http://www.mysite.org/modules/wfsection/index.php

then the index page is shown instantly.

No other module has this problem; any ideas please? Already lost hundreds of comments in the upgrade and this is incredibly frustrating.
Topic | Forum


272329
GIJOE
Re: EMERGENCY: security hole of Agenda-X

  • 2004/2/15 4:45

  • GIJOE

  • Quite a regular

  • Posts: 265

  • Since: 2003/8/13


hi Mithrandir.

I'm sorry to have unpleasant time for my articles.
But as I wrote in subject, it is an emergency security hole.
Thus I have no time to select gentle words.
(And because of my poor skills for English.)

Removing all files of the module is only way to protect all of XOOPS site.
(Though .htaccess is a good manner, all of XOOPS site is not usable this)

If register_globals on, GPCS are registered as globals.
Although wjue had been reported its vulnerablity from well skilled programmers like onokazu, he patched only G and says "sufficiently safe".

I feel that it is irreverent unworthy of a modules developper.

Quote:
I write modules, but I have NO idea, whether it is a secure one or if there are similar problems with them. Therefore, I would be very happy to get some more guidelines as to how to avoid opening security holes.

Of course, this is the most important thing.

----------------------------------------
the first operator of these functions:
include(), include_once(), require(), require_once()
should not be started by variables.
----------------------------------------

Though it differs accurately, pardon it by such an explanation please.
(I have little free time and little skill to explain the vulnerablity plainly by English.)
Topic | Forum


272330
Catzwolf
Re: Best for articles management

  • 2004/2/15 4:38

  • Catzwolf

  • Home away from home

  • Posts: 1392

  • Since: 2007/9/30


Quote:

dheltzel wrote:
Excuse my relative ignorance of the XOOPS development process, but wouldn't it be helpful to release a preview, beta, RC, or whatever you want to call it, to get more eyes looking for problems? You know, the old "with enough eyes, all bugs are shallow" thing.

It's your project and I doubt my post will change the way you see things, but I like to try new code, find and fix things and feel like I'm giving something back to the community, instead of being merely a "consumer" of OSS goods.

The slow, secretive development process was what caused me to abandon XOOPS a year ago and go find another CMS. I'm back because I like the way the code base works and I see that the new releases are much improved, but I'm still a bit confounded by the dev community. Not that you don't produce good code, but that the development process is more like proprietary software than the Bazaar approach that I'm accustomed to.

I appreciate the code and the way it is licensed, but it is little wonder that so many folks are inclined to fork code, as that is the only avenue they see to make improvements and give them back to the community.


I take it this one is aimed at myself

This is nothing about being secretive or anything else about my code, its all there to pick at

The reason why it has taken so long for me to release a new version of WF-Section is a long long list, but mainly due to health issues, other projects and working on developing Xoops. Plus the fact that I have re-written, removed many bugs and added many new features to WF-Sections.

Trust me, no one is more frustrated by the long release time than myself and if I could have released it well before now I would have.
Topic | Forum






[Advanced Search]

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

102 user(s) are online (54 user(s) are browsing Support Forums)

Members: 0

Guests: 102

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: May 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits