xoops forums

Forum Index


Board index » All Posts (geekwright)




geekwright

Not too shy to talk
Posted on: Yesterday 21:28
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#1

Re: enable https ssl for entire site

Make sure the definition of XOOPS_URL in mainfile.php has the https:// protocol.


geekwright

Not too shy to talk
Posted on: 1/12 18:44
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#2

Re: Mobile issue

That might be a problem, but it is not the problem I encountered.

Only happens at smaller window widths - 767px is where it starts.

All links -- the title, author and "read the complete article" links included, do nothing. The browser won't recognize the link exists, as it is covered by a transparent layer that seems to be the top right block title area (author area).

When you log out and go to the screen, the same thing happens, with the non-transparent login block title.

Happens consistently on multiple devices, browsers and networks. At 768px or wider, everything works fine. (Several tablets worked fine in landscape, but failed in portrait orientation.)

Quote:

Bleekk wrote:
Hi,

the problem is the publisher module and I think all other modules have the same problem.
On the publisher index page the articles display only the first 200 character.
if you use tags like
[center] or [url]
they will be cut off at the and of the 200 chars.

first problem is that this tags are also counted as chars and the second is that they are cut off. so you can have a opening tag but now closing and that breaks the whole design of the website.


geekwright

Not too shy to talk
Posted on: 1/11 23:04
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#3

Mobile issue

First, love this theme!

I ran in to a problem with the publisher main page when I was looking in with my phone.

Back on the desktop, playing in chrome I was able to get a better idea of what I was seeing. I didn't look for the cause, just tried to reproduce it.

When I am signed in, and shrink the window to the point where the top menu collapses, everything looks great, but I can't click on any of the links to the full articles. A simple inspect shows me that the search block is invisibly covering the content?

When going in anonymously, in the same conditions, the header of the login block covers the entire page.

Resized Image


Other than that issue, everything looks fantastic from tiny to huge. Thanks for all the great work you've put in!


geekwright

Not too shy to talk
Posted on: 1/7 22:21
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#4

Re: new theme for xoops.org

Quote:

Bleekk wrote:
Quote:
other suggestion
- change the old message icons & dhtml icons form
I would love to change it. Any ideas?
...


There are a few changes in this area coming soon in 2.5.9. Mage has done some excellent work, and a few more tweaks are in the works. That work in progress is the big reason we went with 2.5.8.1 instead of pushing out 2.5.9. Bleekk, as soon as it is ready, I would love to have you review it.

By the way, awesome work on the new theme!! You rock!


geekwright

Not too shy to talk
Posted on: 1/3 13:38
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#5

Re: XOOPS Publisher 1.04 Final available for Testing before official release

Quote:

lolothom wrote:

Error: Handler does not exist
Name: category in file /include/functions.php line 87

lolo


I cannot reproduce this.

I downloaded publisher from here:
https://github.com/mambax7/publisher/releases/tag/1.04_FINAL

Extracted it to modules directory and renamed the extracted directory from publisher-1.04_FINAL to publisher.

Installed on a fresh copy of XOOPS 2.5.8.1 and the only problem I've noted so far is a missing constant, _AM_MODULEADMIN_ADMIN_FOOTER, on some of the admin pages.

The first step to resolve this would be to verify your publisher installation.


geekwright

Not too shy to talk
Posted on: 12/31 23:57
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#6

XOOPS PHPMailer Security Patches Released

The XOOPS Development Team is pleased to announce the release of security patches for XOOPS 2.5.8 and XOOPS 2.5.7.2.

These patches includes the latest version of PHPMailer to address a serious vulnerability. All XOOPS users are encouraged to update as soon as possible.

Both full distributions and patch files (from the most recent prior release) for both the 2.5.7 and 2.5.8 series are available.

Any users that are running older XOOPS versions are advised to update to XOOPS 2.5.8.1 now.


Get XOOPS 2.5.8.1

Release files are available on GitHub.

The 2.5.8.1 files are also mirrored on the XOOPS File Repository on SourceForge

Get XOOPS 2.5.7.3

Release files are available on the XOOPS File Repository on SourceForge


geekwright

Not too shy to talk
Posted on: 12/28 22:51
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#7

Re: PHP Mailer exploit Xoops ?

Dev's been busy tracking a moving target (PHPMailer had 4 releases in 2 days.)

Just copying in 5.2.21 won't work for every installation, as there were some changes in how the classes were organized. It should work if the transport is PHP mail(), but other configurations may fail without some changes to XoopsMultiMailer.

But, the vulnerability only affects the PHP mail() transport. If the Email delivery method configuration is set to SMTP or sendmail, the vulnerability does not apply.

Good description of the bugs at github.com/PHPMailer/PHPMailer/

The issue depends on a user input of the from address that contains the exploit code. XOOPS core uses a fixed config for the from address, so that mitigates the risk.

Working out the plans for a security patch. Detail will follow when ready and tested.


geekwright

Not too shy to talk
Posted on: 12/26 19:12
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#8

Re: htaccess and uploads dir

That .htaccess file is for defense in depth. It is supposed to make sure that even if a script file, like a .php file, is uploaded to the directory, it will not be allowed to run.

There are a lot of different ways a sever can be configured, and some of those will throw an error if a .htaccess file is found, especially in a subdirectory.

There are supposed to be other checks along the way that prevent uploading script files, so if it is causing problems, the .htaccess file can be deleted. As an added protection, make sure the directory permissions are as restrictive as possible, i.e. 0755, or 0775.


geekwright

Not too shy to talk
Posted on: 2016/11/4 22:29
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#9

Re: How to turn off Advanced registration form?

Quote:

masel wrote:
...
Can I disable the second Advanced registration form?
...


Go to the Profile administration area "Registration Steps." From there, you can delete the Advanced step completely.

You can add anything from the old Advanced step to the remaining Basic step. Edit the Field definition, and set "Show in registration form" to Basic.


geekwright

Not too shy to talk
Posted on: 2016/10/17 20:45
geekwright
geekwright (Show more)
Not too shy to talk
Posts: 188
Since: 2010/10/15
#10

Re: Upgrade from 2.5.7.2 to 2.5.8.

Thanks for the report and the persistence! That helps a lot.

I just opened issue 239 on GitHub to track this. It is actually a tricky little problem.

Glad you got it fixed. Thanks again!



TopTop
(1) 2 3 4 ... 10 »