21
svaha
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/20 19:18

  • svaha

  • Just can't stay away

  • Posts: 896

  • Since: 2003/8/2 2


In the preferences of the contact module I can fill in my name, an introduction message, if I want captcha and so on.

When I click on the module icon in the the modules menu, this leads me to the index.php file of the contact module and not to the preferences page.

I can't show you at the moment because of a problem with the servage database server, but I see this screen instead of the preferences menu :http://www.amevita.eu/modules/contact/index.php

I hope this is clear for you
What doesn't kill me,
makes me stronger.

http://exm.amevita.eu
http://www.amevita.eu
http://www.alohaspirit.nl

22
Arslanbey
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/20 19:37

  • Arslanbey

  • Just popping in

  • Posts: 10

  • Since: 2007/10/14


You, New XOOPS 2.0.18 Full SEO Make Please

23
svaha
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/20 20:52

  • svaha

  • Just can't stay away

  • Posts: 896

  • Since: 2003/8/2 2


Quote:

Giba wrote:
Quote:

svaha wrote:
In the preferences of the contact module I can fill in my name, an introduction message, if I want captcha and so on.

When I click on the module icon in the the modules menu, this leads me to the index.php file of the contact module and not to the preferences page.

I can't show you at the moment because of a problem with the servage database server, but I see this screen instead of the preferences menu :http://www.amevita.eu/modules/contact/index.php

I hope this is clear for you


oky, please, send-me link for download this version module contact 1.6 for analysing problem redirect.

Thanks


You can download it here :http://exm.amevita.eu/modules/wfdownloads/visit.php?cid=3&lid=2

What doesn't kill me,
makes me stronger.

http://exm.amevita.eu
http://www.amevita.eu
http://www.alohaspirit.nl

24
Shine
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/20 21:30

  • Shine

  • Just can't stay away

  • Posts: 822

  • Since: 2002/7/22


Don't get me wrong, I really love to see progress on the XOOPS and developing. But I have to say naming it XOOPS and giving it the versionnumer 2.0.18 is also confusing me.
Does it mean that this XOOPS version is going to follow up the official XOOPS version 2.0.17 ?
In what way the XOOPS core dev team is involved?
Or are we getting a third XOOPS release which isn't compatible with 2.0.17 and 2.2 ?
How many teams are developing XOOPS seperately?

Again I am totally XOOPS lost..... and would like to get some clarification.
Thanks in advance!

25
skenow
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/20 22:20

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


I would caution against allowing editing blocks by anyone except an admin, unless you can restrict by group and disallow HTML and PHP blocks. Nor should the frontend editor allow changing of block types. Please consider the security of such actions.

26
script_fu
Re: Testing Xoops Total 2.0.18 Package.

Quote:

skenow wrote:
I would caution against allowing editing blocks by anyone except an admin, unless you can restrict by group and disallow HTML and PHP blocks. Nor should the frontend editor allow changing of block types. Please consider the security of such actions.


Huh?

Are you aware of an issue with the edit blocks code? The edit blocks code can only be used by admin no one else.

27
script_fu
Re: Testing Xoops Total 2.0.18 Package.

According to Giba in this post XOOPS Brasil intends to go commercial.

This is where my support for their work stops.


Quote:

Giba wrote:
Quote:

aph3x wrote:
I'll be taking a break from xinfo & x.org and internet all together for about a week i presume, as I'm moving for an undetermined period of time in another country so I'll need some time to get settled, unpack, get to know the surroundings, get me an internet connection etc etc.

Hopefully internet will be installed by the time i get there this Wednesday but i kinda doubt it as i never had luck with this things, but i guess I'll be killing me time making some themes if otherwise.

Anyway..see you all in a while


We are close to publishing a complete recast the site www.xoops.net.br and most already know the theme that developed in partnership with the Xoops-Mexico.

Taking advantage of great ability and quality in the manufacture of aph3x theme of our friend, I would love to have a new theme with colors close to existing today and with some effects Drag and Drop for use in xoops.

The reformulation is providing a big change in the way we provide support in Brasil and will be much more professional. It will be divided into sub-sites and their compartments and users will be shared.

Only there will be a single login for all sectors namely:

Http://www.xoops.net.br Home-main.
Http://www.xoops.net.br - XOOPS Development and modules.
Http://docs.xoops.net.br-All Documentation for End-User.
Http://temas.xoops.net.br/ - Repository on-line themes and download themes.
Http://translat.xoops.net.br - XOOPS Translations and modules online.
Http://addons.xoops.net.br - Repository of modules translated or not. We do not know yet whether it will be addons or another name yet.
Http://suporte.xoops.net.br All-free aviation area with forums, developers, and more.
- Supporthttp://comercial.xoops.net.br not free.


There will be more forum in the Home. This page will only be allowed tutorials, news, and issues related to xoops.

All contents of any sub-site can only be read if you are registered on the site.

This information is being told here at first hand but our project is the old well over 1 year.

in portuguese:

Nós estamos próximo de publicar uma reformulação completa no site www.xoops.net.br e a maioria já conhece o theme que desenvolvi em parceria com o Xoops-México.

Aproveitando a ótima capacidade e qualidade na confecção de theme do nosso amigo aph3x, eu amaria ter um novo theme com cores próximas da existente hoje em dia e com alguns efeitos Drag and Drop para utilizar no xoops.

A reformulação está prevendo uma grande mudança na forma como iremos dar o suporte no Brasil e será muito mais profissional. Será dividida em sub-sites e seus compartimentos e usuários serão compartilhados.

Só irá existir um único login para todos os setores a saber:

http://www.xoops.net.br - Home main.
http://www.xoops.net.br - Development XOOPS and modules.
http://docs.xoops.net.br - All Documentation for End-User.
http://temas.xoops.net.br/ - Repository on-line themes and download themes.
http://translat.xoops.net.br - Traduções XOOPS and modules on-line.
http://addons.xoops.net.br - Repositório de módulos traduzidos ou não. Não sabemos ainda se será addons ou outro nome ainda.
http://suporte.xoops.net.br - All area supporte free with foruns, colaboradores, and more.
http://comercial.xoops.net.br - Support not free.


Não irá mais existir fórum na Página principal. Nesta página só será permitido tutoriais, notícias, e assuntos relacionados ao xoops.

Todo o conteúdo de qualquer sub-site só poderá ser lido se estiver registrado no site.

Esta informação está sendo informada aqui em primeira mão embora o nosso projeto seja bem antigo a mais de 1 ano.

My friend aph3x, is possible ? This is one great work.

28
skenow
Re: Testing Xoops Total 2.0.18 Package.
  • 2007/10/21 12:43

  • skenow

  • Home away from home

  • Posts: 993

  • Since: 2004/11/17


Quote:

script_fu wrote:
Quote:

skenow wrote:
I would caution against allowing editing blocks by anyone except an admin, unless you can restrict by group and disallow HTML and PHP blocks. Nor should the frontend editor allow changing of block types. Please consider the security of such actions.


Huh?

Are you aware of an issue with the edit blocks code? The edit blocks code can only be used by admin no one else.


Only if you set permissions correctly.

From Securing your site

Quote:

13. Never give admin rights to anyone, especially to the XOOPS blocks admin.

29
script_fu
Re: Testing Xoops Total 2.0.18 Package.

Quote:

skenow wrote:
Quote:

script_fu wrote:
Quote:

skenow wrote:
I would caution against allowing editing blocks by anyone except an admin, unless you can restrict by group and disallow HTML and PHP blocks. Nor should the frontend editor allow changing of block types. Please consider the security of such actions.


Huh?

Are you aware of an issue with the edit blocks code? The edit blocks code can only be used by admin no one else.


Only if you set permissions correctly.

From Securing your site

Quote:

13. Never give admin rights to anyone, especially to the XOOPS blocks admin.


Im confused so here is the code.

<?php
/**
 * xos_logos_PageBuilder component class file
 *
 * @copyright    The XOOPS project https://xoops.org/
 * @license      http://www.fsf.org/copyleft/gpl.html GNU public license
 * @package      xos_logos
 * @subpackage   xos_logos_PageBuilder
 * @version        $Id: theme_blocks.php 694 2006-09-04 11:33:22Z skalpa $
 * @author       Skalpa Keo <skalpa@xoops.org>
 * @since        2.3.0
 */
/**
 * This file cannot be requested directly
 */
if ( !defined'XOOPS_ROOT_PATH' ) )    exit();

include_once 
XOOPS_ROOT_PATH '/class/xoopsblock.php';
include_once 
XOOPS_ROOT_PATH '/class/template.php';

/**
 * xos_logos_PageBuilder main class
 *
 * @package     xos_logos
 * @subpackage  xos_logos_PageBuilder
 * @author         Skalpa Keo
 * @since       2.3.0
 */
class xos_logos_PageBuilder {
    
    var 
$theme false;
    
    var 
$blocks = array();    

    function 
xoInit$options = array() ) {
        
$this->retrieveBlocks();
        if ( 
$this->theme ) {
            
$this->theme->template->assign_by_ref'xoBlocks'$this->blocks );
        }
        return 
true;
    }
    
    
/**
     * Called before a specific zone is rendered
     */
    
function preRender$zone '' ) {
    }
    
/**
     * Called after a specific zone is rendered
     */
    
function postRender$zone '' ) {
    }    
    
    function 
retrieveBlocks() {
        global 
$xoopsUser$xoopsModule$xoopsConfig;

        
$startMod = ( $xoopsConfig['startpage'] == '--' ) ? 'system' $xoopsConfig['startpage'];
        if ( @
is_object$xoopsModule ) ) {
            list( 
$mid$dirname ) = array( $xoopsModule->getVar('mid'), $xoopsModule->getVar('dirname') );
            
$isStart = ( substr$_SERVER['PHP_SELF'], -) == 'index.php' && $xoopsConfig['startpage'] == $dirname );
        } else {
            list( 
$mid$dirname ) = array( 0'system' );
            
$isStart = !@empty( $GLOBALS['xoopsOption']['show_cblock'] );
        }
        
        
$groups = @is_object$xoopsUser ) ? $xoopsUser->getGroups() : array( XOOPS_GROUP_ANONYMOUS );
        
        
$oldzones = array(
            
XOOPS_SIDEBLOCK_LEFT                => 'canvas_left',
            
XOOPS_SIDEBLOCK_RIGHT                => 'canvas_right',
            
XOOPS_CENTERBLOCK_LEFT                => 'page_topleft',
            
XOOPS_CENTERBLOCK_CENTER            => 'page_topcenter',
            
XOOPS_CENTERBLOCK_RIGHT                => 'page_topright',
            
XOOPS_CENTERBLOCK_BOTTOMLEFT        => 'page_bottomleft',
            
XOOPS_CENTERBLOCK_BOTTOM            => 'page_bottomcenter',
            
XOOPS_CENTERBLOCK_BOTTOMRIGHT        => 'page_bottomright',
        );
        foreach ( 
$oldzones as $zone ) {
            
$this->blocks[$zone] = array();
        }
        if ( 
$this->theme ) {
            
$template =& $this->theme->template;
            
$backup = array( $template->caching$template->cache_lifetime );
        } else {
            
$template =& new XoopsTpl();
        }
        
$xoopsblock = new XoopsBlock();
        
$block_arr = array();
        
$block_arr $xoopsblock->getAllByGroupModule$groups$mid$isStartXOOPS_BLOCK_VISIBLE);
        foreach ( 
$block_arr as $block ) {
            
$side $oldzones$block->getVar('side') ];
            if ( 
$var $this->buildBlock$block$template ) ) {
                
$this->blocks[$side][] = $var;
            }
        }
        if ( 
$this->theme ) {
            list( 
$template->caching$template->cache_lifetime ) = $backup;
        }
    }
    
    function 
buildBlock$xobject, &$template ) {
        
// The lame type workaround will change
                
global $xoopsUser;
        
$block = array(
            
'module'    => $xobject->getVar'dirname' ),
            
'title'        => ($xoopsUser && $xoopsUser->isAdmin()) ? $xobject->getVar'title' ).
                                                                                                  
"<a href=".XOOPS_URL."/modules/system/admin.php?fct=blocksadmin&op=edit&bid=".$xobject->getVar('bid').
                                                       
"> <img src=".XOOPS_URL."/images/icons/edit1.gif"." title="._EDIT." alt="._EDIT."  /> </a>".
                                                       
"<a href=".XOOPS_URL."/modules/system/admin.php?fct=blocksadmin&op=delete&bid=".$xobject->getVar('bid').
                                                       
"> <img src=".XOOPS_URL."/images/icons/delete1.gif"." title="._DELETE." alt="._DELETE."  /> </a>" $xobject->getVar'title' ) ,
            
//'name'        => strtolower( preg_replace( '/[^0-9a-zA-Z_]/', '', str_replace( ' ', '_', $xobject->getVar( 'name' ) ) ) ),
            
'weight'    => $xobject->getVar'weight' ),
            
'lastmod'    => $xobject->getVar'last_modified' ),
            
'id'        => $xobject->getVar('bid'), // it is not needed and i just add it for those theme designers that want to have a Smarty variable. ( <{$block.id}> ==> block id )
        
);

        
//global $xoopsLogger;
        
        
$xoopsLogger =& XoopsLogger::instance();
        
        
$bcachetime intval$xobject->getVar('bcachetime') );
        
//$template =& new XoopsTpl();
        
if (empty($bcachetime)) {
            
$template->caching 0;
        } else {
            
$template->caching 2;
            
$template->cache_lifetime $bcachetime;
        }
        
$tplName = ( $tplName $xobject->getVar('template') ) ? "db:$tplName"db:system_block_dummy.html";
        
$cacheid 'blk_' $xobject->getVar('bid');

        if ( !
$bcachetime || !$template->is_cached$tplName$cacheid ) ) {
            
$xoopsLogger->addBlock$xobject->getVar('name') );
            if ( ! ( 
$bresult $xobject->buildBlock() ) ) {
                return 
false;
            }
            
$template->assign'block'$bresult );
            
$block['content'] = $template->fetch$tplName$cacheid );
        } else {
            
$xoopsLogger->addBlock$xobject->getVar('name'), true$bcachetime );
            
$block['content'] = $template->fetch$tplName$cacheid );
        }
        return 
$block;
    }
    
    
}


There are no permissions to set its only for admin. You can set permissions inside of XOOPS for edit blocks. The standard is checked yes for webmasters. If you are a webmaster you can edit if your not you can't.

Edit: My Post was backwards. About edit blocks.

30
script_fu
Re: Testing Xoops Total 2.0.18 Package.

So the code is secure. What skenow is trying to say is be careful do not give anyone webmaster status thats not trusted.

Login

Who's Online

151 user(s) are online (99 user(s) are browsing Support Forums)


Members: 0


Guests: 151


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits