Quote:

Well, that's exactly what the system I described to nekro does. And to correct him: it doesn't require MySQL 5... it uses the MySQL MERGE storage engine which has been introduced in MySQL 3.23.25.

Here's how to use it:
- Install the 1st site, using the DB prefix "site1"
- Install the 2nd site, using the DB prefix "site2"
- Use phpMyAdmin to execute the following queries



(if you didn't use site1/site2 when installing, edit the queries)

This will delete the site2 users/groups tables, and create "virtual" ones that point to the equivalent site1 tables. So, in the facts there is only 1 list of users/groups that is used by both sites.

There's no need to hack anything, and if the users table format is modified in a future version, there will be no problem to upgrade... just ensure you upgrade "site1" first, and the subsites after.

PS: I just wrote the queries while posting this, so make a backup of these 3 tables before trying, there might be a typo in the SQL... you never now.
PS2: If you have control over your MySQL permissions, you can even change the queries to have the site2 tables point to tables in another database, by replacing "site1_xxx" by "thesite1db.site1_xxx". Just ensure the MySQL user used by subsites have access to the users/groups/users_groups_link tables of the main site database.
PS3: If you don't understand PS2, forget about it... Just install all site using the same database/user/pwd, and use different prefixes.

You're right in your analysis, now this is not a "bug", it's normal behavior. What you're pointing is that it's a nonsense to have gc_maxlifetime smaller than session_expire.

Now the fact the custom session settings allow you to customize session_expire, but not gc_maxlifetime is a problem.

1) It's been temporarily solved in 2.0.14 (in common.php, line 245, gc_maxlifetime is forced so it's equal to session_expire)
2) It's been completely handled in the 2.3 branch, where the session preferences panel gives you the possibility to change a lot more settings than before (like gc_maxlifetime, gc_probability...)

skalpa.>

The tar.gz package contains an incorrect xoops.md5 file
I'll update it, it the only error you got are about those 3 files, ignore them.

skalpa.>

Quote:

XOOPS completely works with PHP5, I personally develop using PHP 5.2-dev (now, it depends on the modules you use: it may not be the case for all).
The notices by themeselves do not mean anything doesn't work, nevertheless, upgrading to 2.0.14 will make them disappear.

The message you got just means your theme is not correctly installed: maybe you installed the theme incorrectly or renamed its folder (some themes do not allow you to do this).

skalpa.>

I found the bug in WF-Links that makes it incompatible with XOOPS 2.0.14.
The point is that it's really a WF-Links problem that was invisible with old versions, and manifests itself now that I changed the XoopsForm output to make it standard compliant, so there was nothing really possible on XOOPS side.

The problem: the "add link" admin page contains 2 form elements named "cid". One is an hidden element whose value is always 0, the other one is the category selectbox.
With 2.0.13, the hidden element was displayed before the other one, so it seems the posted value was the one of the selectbox.
2.0.14 does not write hidden elements between <tr> tags anymore (as it's invalid HTML), but after the other ones, and now the new link is created with a category ID of "0" (the value of the hidden form element).

So, to make WF-Links work you have to remove this hidden element that shouldn't be here anyway:
in admin/index.php (around line 95 in my version), remove this line
Quote:

and that should fix it

EDIT: McDonald fiexd it already as far as I could see... sorry for this useless post .

If you got this as a single package, then would you mind sending us back a copy of the source files you got ?

According to the GPL, as James said, they don't have the rights to restrict people on their own additions, so it would be nice to be able to check what they changed and see if we can't make everybody benefit from those changes.

It would be a fair return.

Well, I don't like to disturb others' way to handle their own part, but I'd like to give my 2c here for once.

In general, I don't think xoops.org should be an advertising platform for other products (whether these are forks or not doesn't change anything here IMO). Talking about other similar programs in constructive discussions is OK, but I'll agree with the moderation of free threads like this one.

Now, when it comes to "forks" in particular here's my personal position on the two recent ones:
- I'm thinking of adding a link to the XOOPS Cube site somewhere in the new xoops.org. There are many reasons behind this, one being the will to clarify the situation between these projects that use a similar name, and another being that both our dev team and the japanese one communicate and respect each other, sharing information about security issues that arise, and sharing the vision that open-source projects compete by trying to be the best, not by using filthy tricks like this one.
- I'm far from having this opinion of code-plus. Catzwolf is one person who was given the code of the XOOPS modules 3 years ago: he just took them, made them his own, starting to develop them alone without contributing anything back and putting an end to an age where development of modules meant enhancements to the core. Now he's doing the same with the core itself: his multilang code is phppp's, his LDAP code is pemen's (both XOOPS core devs)... and next to this, the credits file or changelog that were here have been completely removed, replaced with a file just naming him as "Developers". Thus, I don't really appreciate that. He's allowed to do what he wants, but I believe "we" already give him enough already, and that maybe he should find another place for his promotion.

But again, it's just a personal opinion, so I'll accept your decision whatever it is.

skalpa.>

Quote:

It's because what I did is just a quick fix: I'm actually busy preparing 2.0.14, and one of first things I'd like to work on once this is done will be to redo both the groups and blocks administration page entirely to something really more convenient than what there is now, so you won't have this problem eternally .

skalpa.>

As stupid as it sounds, you can't... (but you're free to post it as a feature request, it would be a no-risk 5mins change ).
Anyway, if you really need that right now, you can find the following lines in class/xoopsblock.php:

and replace the function call by $show_func( $options, $this );

once this is done, you should get the current XoopsBlock object instance passed as a 2nd parameter (and thus access the block id using $yourparamname->getVar( 'bid' ) from the block function).

PS: It's for 2.0.x... for 2.2.x the file to change is kernel/block.php
PS2: The feature requests trackers can be accessed by using the "Report core bug" on the left, then "Feature requests"

skalpa.>

A patch will be published during the night (in 6-7 hours).

In the meantime if your server is endangered, you can apply the fix manually...

- Open mainfile.php
- Add the following lines around the end, just above the "if"


So it looks like:


PS: If you have the protector module installed then the snippet has to be inserted before the "precheck" include (nevertheless, a site with protector is shielded against this vulnerability).

skalpa.>