91
xgarb
Re: Open holes and hacked
  • 2007/6/3 18:15

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Quote:

wtravel wrote:
It could be useful to add a .htaccess file in the uploads folder that makes sure only .jpg .gif and .zip files are accessible from the web. .


Stick this in your .htaccess file in any upload directory..

AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi 
Options 
-ExecCGI


from..http://www.askapache.com/htaccess/security-with-apache-htaccess.html#show-source-code



92
xgarb
Re: XOOPS_URL is not included in your REFERER
  • 2007/5/17 9:17

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Try altering /class/xoopssecurity.php

/**
    * Check the user agent's HTTP REFERER against XOOPS_URL
    *
    * @param int $docheck 0 to not check the referer (used with XML-RPC), 1 to actively check it
    *
    * @return bool
    **/
    
function checkReferer($docheck=1)
    {
        
$ref xoops_getenv('HTTP_REFERER');
        if (
$docheck == 0) {
            return 
true;
        }
        if (
$ref == '') {
            return 
true//was false
        
}
        if (
strpos($refXOOPS_URL) !== ) {
            return 
false;
        }
        return 
true;
    }


see thishttps://xoops.org/modules/smartfaq/faq.php?faqid=310 and this for more infohttps://xoops.org/modules/smartfaq/faq.php?faqid=9



93
xgarb
Re: Protector 3.02 - documentation available
  • 2007/4/22 18:45

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Thanks for that, very useful docs..

Also thanks go to GI for an essential module.



94
xgarb
Re: Number of pages in NewBB
  • 2007/2/12 17:51

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Quote:

Skythe wrote:
anyone? its getting out of hand .x


https://xoops.org/modules/newbb/viewtopic.php?topic_id=13241&forum=2&post_id=52993#forumpost52993

sorted!



95
xgarb
Add thread subject to Notification Option
  • 2005/12/2 17:08

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


you need to move three lines....


$myts =& MyTextSanitizer::getInstance();
$tags['POST_CONTENT'] = $myts->stripSlashesGPC($HTTP_POST_VARS['message']);
$tags['POST_NAME'] = $myts->stripSlashesGPC($HTTP_POST_VARS['subject']);



and then in notification.php

add
$subject $subject." : ".$tags['POST_NAME'];

above
$notification->notifyUser($template_dir$template$subject$tags);


(about line 673)

to get the thread subject in the email.

I've done mimimal testing and only just know what I'm doing so test it!

Thanks,

xgarb



96
xgarb
Re: Aston Themes Hacked ?
  • 2005/8/4 20:49

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Yep, I agree a little green light for up to date and a red one for update available. Maybe version numbers and changelogs too.

I guess this might be a bit of a hit on server resources for you guys. You could limit the check to once per day.

Also I recommend..http://www.listmessenger.com/ You could run mailing lists totally seperate to Xoops.org membership (a good thing as people may not be members or have an up to date address).

You could have multiple newsletters ie...
One for new versions
One for urgent security updates
One for general whatever

You might be able to stick some advertising on there as well



97
xgarb
Re: Themes and the Inbox
  • 2005/7/31 14:18

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


<{php}>
GLOBAL $xoopsUser;
$pm_handler =& xoops_gethandler('privmessage');
$uid = $xoopsUser->getVar('uid');
$criteria = new CriteriaCompo(new Criteria('read_msg', 0));
$criteria->add(new Criteria('to_userid', $uid));
$msgcount = $pm_handler->getCount($criteria);
$GLOBALS['xoopsTpl']->assign('msgcount', $msgcount);
<{/php}>


<{if $msgcount > 0}>
<a href="<{$xoops_url}>/viewpmsg.php"><img src="<{$xoops_imageurl}>/email.gif" title="You have <{$msgcount}> new PMs" width="22" height="22" /></a>
<{else}>
<a href="<{$xoops_url}>/viewpmsg.php"><img src="<{$xoops_imageurl}>/noemail.gif" title="You have no new PMs" width="22" height="22" /></a>
<{/if}>



98
xgarb
Community Building
  • 2005/6/3 11:54

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


As I think XOOPS major strength is as a community builder here are my wishes/ideas..

1) Notification system can be filtered for users or groups so on huge sites members can elect to be notified of new posts etc from only a select group or users. Maybe integrated with a buddy list.

2) Profile area upgraded. Members have a sort of control panel for there own ID. Can change font sizes, colours, site images etc. Members can choose which blocks they see. Some blocks mandatory, some they can choose. People love to configure their environment.

3) Some sort of personal content management system - they can store images, docs and other things they might want to share regularly. Keep buddy lists. Store messages.

I'm trying to think of how communities develop and how a site can grow with them. The site I run on XOOPS is fairly quiet (about 3 online at any time). The members like it like this, they know each other. I want to build membership but allow members to keep the feeling of intimacy by allowing them to create their own 'areas'.

I've recently realised that a site should come from the members to me and not me to the members, to be slightly pretentious about it!

Thanks for reading!

xGarb



99
xgarb
Re: SQL debug - execution time
  • 2005/1/14 10:53

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


thanks for the input. looks like it was the shared sql server being overloaded as a new sql server has just been bought online by my host.

Thanks,

xGarb



100
xgarb
SQL debug - execution time
  • 2005/1/12 14:41

  • xgarb

  • Not too shy to talk

  • Posts: 154

  • Since: 2003/3/30


Hi all,

In SQL debug I have the following...

Execution Time
XOOPS took 24.346750021 seconds to load.

Does this indicate a problem with the MySQL database or are other factors involved in the execution time figure?

My site seems to randomly slow and stop, I've played with the caching and deleted the files in templates_c. I want to make sure that it could only be the SQL server before contacting my host.

Thanks,

xGarb




TopTop
« 1 ... 7 8 9 (10) 11 12 13 14 »



Login

Who's Online

207 user(s) are online (128 user(s) are browsing Support Forums)


Members: 0


Guests: 207


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits