Support Forums - All Posts - XOOPS Web Application System

Forum Index

Board index » All Posts (jayjay)

« 1 ... 7 8 9 (10) 11 12 »

security bug in control panel

2004/2/4 14:24
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Hi everyone!

I found a rather bad security issue in the administration menu. On my site I have denied access to the system admin module for the group originally called "webmasters". I renamed that group to "moderators" and then made a new group called "webmasters", which has full access to the site. I had to do this to make full use of the phpwiki module.

Anyway, the thing is that although my "moderators" group has no rights to the system admin module, this module can still be accessed by simply typing "http://www.my-url.com/modules/system/admin.php". The module button doesn't pop up however.

Has anyone else experienced this? Can this security issue be solved?

PS: I'm using XOOPS 2.0.5.2

Greets

Topic | Forum

Re: Backup templates before module update?

2004/1/29 12:28
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

That's a nice idea! I'll do that too in the future...

Thanks!

Topic | Forum

Re: Mydownloads rc2 release date?

2004/1/29 12:27
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Oops, somebody got out of bed the wrong side :-/

I'm merely asking because rc2 has been announced several times on this site the last months, but it still isn't released.

Just checking if this great module will get an update soon

Topic | Forum

Re: changing modules headers

2004/1/29 9:42
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

I disagree. Your method isn't very safe.

I believe the safest and fastest way of editing templates is through cloning the default set and editing templates web based.

When you mess up some templates (which happens all too often

, you can always fall back to the default template set. You are however editing this default set...

Of course you can do whatever you want. Don't you just love freedom

Topic | Forum

Re: Backup templates before module update?

2004/1/29 9:32
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Tried that already, but I get a "zlib not supported" error. Can I circumvent this somehow? My provider is extremely slow: it'll take them months to give me zlib support :-/

Maybe an idea for the next XOOPS version: implement download and upload of templates at the module level.

Topic | Forum

Re: Mydownloads rc2 release date?

2004/1/29 9:26
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

No one here knows anything about the release date of mydownloads rc2?

Topic | Forum

Backup templates before module update?

2004/1/28 14:33
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Hi all!

When you update a module to a higher version, is it necessary to save the module templates you edited? Will they be overwritten in the db by the default templates?

If this is the case, then is there a simple way of backing up templates? Or do I have to go to my template set and press download at every single template?

Thanks in advance!

Topic | Forum

Re: changing modules headers

2004/1/28 14:13
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Don't know if this is still an issue, but there's a far better way of doing this. Instead of changing templates in html and uploading them through ftp, you should duplicate the default template set in XOOPS (go to config-sysadmin-templates) and change your lay-out through the XOOPS web interface. Just edit the duplicated templates you just made. All changes immediately take effect.

PS: Don't forget to set to set your new template set as the new default in general settings.

Topic | Forum

Re: allow file uploads

2004/1/28 10:19
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

You could use mydownloads rc1:
https://xoops.org/modules/news/article.php?storyid=1037

It's a beta however so it has lots of bugs (some of which may be fixed).

Bye!

Topic | Forum

100

Mydownloads rc2 release date?

2004/1/28 10:10
jayjay
Not too shy to talk
Posts: 175
Since: 2003/9/10

Hi all!

I've used mydownloads rc1 (with bugfixes) for a while now, but I am still awaiting the release of mydownloads rc2. Does anyone know the release date? I found a rc2 beta but am hesitant to use it.

Bye!

Topic | Forum

Top

« 1 ... 7 8 9 (10) 11 12 »

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Forum Index

security bug in control panel

Re: Backup templates before module update?

Re: Mydownloads rc2 release date?

Re: changing modules headers

Re: Backup templates before module update?

Re: Mydownloads rc2 release date?

Backup templates before module update?

Re: changing modules headers

Re: allow file uploads

Mydownloads rc2 release date?

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}