XOOPS Web Application System :: Forum

Re: ¿Bug in Profile? [by Mamba]

Fri, 10 Jun 2022 22:46:57 +0000

Xoops Bug Reports::¿Bug in Profile?
What version of XOOPS 2.5.11 did you use? The Beta 1 from Releases, or directly the latest code from: https://github.com/XOOPS/XoopsCore25

Also, was it during installation? Was there debug info about the code line where it happened?

What PHP version do you use?

Re: bbcode and url [by geekwright]

Tue, 06 Apr 2021 22:22:42 +0000

Xoops Bug Reports::bbcode and url
Nothing new, here. This has been that way for a long time.

The url xoopscode tag expects a fully qualified URL. Partials lead to security exposures very quickly. There is no one size fits all way to resolve scheme-less URLs. XOOPS can for example work fine in a directory under a domain.

There is a siteurl tag which always prepends the full XOOPS_URL with a trailing slash. That is useful when transferring content between a prototype and a production system without changes.

Re: xoopsClone issues [by luciorota]

Thu, 12 Sep 2019 13:58:59 +0000

Xoops Bug Reports::xoopsClone issues
Thanks

Quote:

One potential problem is that the XoopsObject has no internal knowledge of it's primary key, so while the object is marked new, it still has any auto-increment PK set. You can work around this issue by doing a $newObject->destroyVars('key-variable-name'); to clean up after a clone.

In fact this is a problem I encountered

Also $vars[$key]['changed'] property si cloned as false, for this reason the cloned object cannot be correctly stored in the database.

In your opinion, can it make sense to correct the xoopsClone() method to create working objects?
Thx

Re: white page after search [by Mamba]

Fri, 16 Mar 2018 20:12:39 +0000

Xoops Bug Reports::white page after search
Oops! Sorry for that! It is fixed now.

Thanks for reporting!

Re: Addtional textsanitizer extensions do not work [by Mamba]

Sat, 25 Nov 2017 00:53:06 +0000

Xoops Bug Reports::Bug in custom code in class textsanitizer
Sounds more like cache problem...

I'm glad that it's working now.

Re: Bug /class/textsanitizer/youtube [by Roby73]

Mon, 24 Aug 2015 20:56:18 +0000

Xoops Bug Reports::Bug /class/textsanitizer/youtube
Now work fine.
I tried to fix the regular expressions but i made a mistake.

Re: Publish comment problem [by Roby73]

Sat, 08 Aug 2015 23:18:59 +0000

Xoops Bug Reports::Publish comment problem
Thank you very much, you are my hero!!!
I did this several times definitely, but i had a total amnesia.

Re: [Security-Bug]Missing ratelimiting at login panel can result in a brute force [by Mamba]

Sun, 11 Jan 2015 17:19:02 +0000

Xoops Bug Reports::[Security-Bug]Missing ratelimiting at login panel can result in a brute force
Thank you very much!

Please send me a Private Message with details.

XOOPS 2.5.7 Security issues reported by Narendra Bhati (incl. in 2.5.7.1 Patch) [by Mamba]

Tue, 23 Dec 2014 15:42:15 +0000

Xoops Bug Reports::XOOPS 2.5.7 Security issues reported by Narendra Bhati (incl. in 2.5.7.1 Patch)
We wanted to thank Narendra Bhati, who notified us about security issues in 2.5.7 (see this article about the 2.5.7.1 Security Patch).

Now that hopefully everybody updated their XOOPS installations, we wanted to list the issues reported by Narendra separately so he can submit it and get the appropriate credit:

1. Reflected XSS
2. Stored XSS
3. NO HTTP ONLY FLAG
4. Issue of improper work of Protector
5. Clickjacking

It is thanks to people like Narendra that XOOPS is improving and getting better, and we very much appreciate these contributions, as they show power of Open Source!

If you haven't yet updated your XOOPS installation, please do it ASAP!!!

Re: Xoops problem to index search engine image [by mojtabajml]

Fri, 21 Feb 2014 13:14:45 +0000

Xoops Bug Reports::Xoops problem to index search engine image
heyula it seems robot.txt format is wrong. this is google webmaster analysis:

 robots.txt analysis 
Value     Result 
Line 1: User - agent : Mediapartners - Google     Syntax not understood 
Line 2: Allow : /     No user-agent specified 
Line 3: User - agent : *     Syntax not understood 
Line 4: Disallow : / cgi - bin /     No user-agent specified 
Line 5: Disallow : / tmp /     No user-agent specified 
Line 6: Disallow : / cache /     No user-agent specified 
Line 7: Disallow : /class/     No user-agent specified 
Line 8: Disallow : / images /     No user-agent specified 
Line 9: Disallow : /include/     No user-agent specified 
Line 10: Disallow : / install /     No user-agent specified 
Line 11: Disallow : / kernel