Re: 2.0.18.1 --> 2.5 update - what modules ? [Module troubleshooting]

2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 6:01
peterr
Just can't stay away
Posts: 518
Since: 2004/8/5 9

I currently use 2.0.18.1 , and

Quote:

Apache version 2.2.13
PHP version 5.2.10
MySQL version 5.0.91-community

The phpinfo() says 'Server API CGI ' , so I assume php runs in CGI mode.

These are the only modules I currently use:

Liaise - 1.26
protector - 3.4
Site Map - 1.30
Smartobject - 0.9
Smartsection - 2.13
Wflinks - 1.03C
Xhld0 - 3.07

I see protector is now in the core 2.5 , so I don't have to be concerned about that.

What about those other modules ? Are they still in use, safe to use with 2.5, safe to upgrade to, or even, should I use a different module (like Smartsection has gone over to ??cube or something).

I have always had to modify XOOPS userinfo.php as follows (lines added between //BEGIN and //END statements)

 $xoopsOption['pagetype'] = 'user'; 
 
include 'mainfile.php'; 
 
include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php'; 
//BEGIN - 20070412.1 - mod to stop guests from viewing registered user profiles 
 
$xoopsUser or redirect_header('index.php', 3, _NOPERM); 
 
//END - 20070412.1 - mod to stop guests from viewing registered user profiles 
include_once XOOPS_ROOT_PATH . '/modules/system/constants.php';

This was always added, because I never liked the fact that a guest user could do this:

http://www.example.com/userinfo.php?uid=1

and find out the username of 'admin' ; not real good for security. Hopefully XOOPS has come a bit further now, in that respect, and there would be no need for that mod.

What about the security side of things (apart from installing protector) ? I used to have some php settings like ..

 # XOOPS security measures 
 
php_flag session.use_only_cookies on 
php_flag session.use_trans_sid off 
 
# Protector module 
 
php_flag register_globals off 
php_flag allow_url_fopen off 
 
# Don't display php errors to terminal, log to an error file 
 
php_value display_errors 0 
php_value log_errors 1 
php_value error_log /home/username/somepathname/somefilename_error.log

but I don't think I can have them like that with php running as CGI

Are they still needed, or need to be different values, or other settings now ?

Thanks,

Pete

Re: 2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 10:50
Mamba
Moderator
Posts: 11409
Since: 2004/4/23

Quote:

Smartobject - 0.9
Smartsection - 2.13

Switch to Publisher

Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

Re: 2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 11:32
peterr
Just can't stay away
Posts: 518
Since: 2004/8/5 9

Quote:

Mamba wrote:
Switch to Publisher

Thanks, will do. I may be better to do a clean install also, as there may be a need to cleanup files a bit.

Liaise - 1.26 - I may be better to go for one that has a 'captcha', like Contact 1.7 by trabis, or I see XForms has a captcha

Site Map - 1.30 - still seems 'current' and okay.

Wflinks - 1.03C - seems not to have been updated for ages, and weblinks may be better ??

Xhld0 - 3.07 - D3 Pipes may be better, later version

Thanks,

Peter

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

2.0.18.1 --> 2.5 update - what modules ?

Re: 2.0.18.1 --> 2.5 update - what modules ?

Re: 2.0.18.1 --> 2.5 update - what modules ?

Login

Search

Recent Posts

XOOPS MyMenus 1.54.0 Beta 10

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Re: XOOPS MyMenus 1.54.0 Beta 7

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}