I don't have PHP5 and am tired of waiting for my host to upgrade. Is there a hack for this as rabideau mentioned?

Thank you so much!

Ok, my Fantastico says that I should upgrade from .15 to .16 but when I try to do it I get a message that says I should only upgrade through Fantastico if I haven't installed any mods (which I have) so I'm stuck.

Do I really need to upgrade? If so, how?

Thanks for helping me clarify what it is that I'm wanting!

I'm needing for members to be able to assign themselves to a usergroup during registration. I'd also need to be able to go in as admin to change it in case of a mistake.

What would be the best way to go about doing this? I'm not very comfortable hacking away at the code...

Quote:

Click on the System Admin module then you will see the section called "Avatars"

Hello, I'm building a research site. I'm going to need the membership broken down into 4 separate groups in order to track their responses more accurately. What would be the best way to do this? The groups will be chosen by the members' responses to a short preliminary survey.

Is there already a module that can do this (not SmartProfile, no PHP 5) or am I looking at having to have a module specifically made for this?

Thanks so very much.

- This is a big part of why I went with Xoops. A nice helpful forum!

Hello everyone. I just got the Protector module installed and set up. The confusion is because I'm not understanding what I'm supposed to do now.

The security advisory says

'register_globals' : on Not secure
This setting invites a variety of injecting attacks.
If you can put .htaccess, edit or create...

/home/domain/public_html/xoopsinstall/.htaccess

php_flag register_globals off - I don't have this file. How do I create it? What goes in it, just that snippet?

'allow_url_fopen' : on Not secure
This setting allows attackers to execute arbitrary scripts on remote servers.
Only administrator can change this option.
If you are an admin, edit php.ini or httpd.conf.
Sample of httpd.conf:
php_admin_flag allow_url_fopen off
Else, claim it to your administrators. - I'm confused here, where would this file be located? Is this something that I need to talk to my host about?

'session.use_trans_sid' : on Not secure
Your Session ID will be diplayed in anchor tags etc.
For preventing from session hi-jacking, add a line into .htaccess in XOOPS_ROOT_PATH.
php_flag session.use_trans_sid off - Where am I supposed to put this line?

'XOOPS_DB_PREFIX' : XOOPS Not secure
This setting invites 'SQL Injections'.
Don't forget turning 'Force sanitizing *' on in this module's preferences. Is this the same as the Sanitizing null-bytes setting in the preferences? I don't understand.

~~ At least I managed to edit the mainfile.php by myself