Re: 2.0.18.1 --> 2.5 update - what modules ? [Module troubleshooting]

2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 6:01
peterr
Just can't stay away
Posts: 518
Since: 2004/8/5 9

I currently use 2.0.18.1 , and

Quote:

Apache version 2.2.13
PHP version 5.2.10
MySQL version 5.0.91-community

The phpinfo() says 'Server API CGI ' , so I assume php runs in CGI mode.

These are the only modules I currently use:

Liaise - 1.26
protector - 3.4
Site Map - 1.30
Smartobject - 0.9
Smartsection - 2.13
Wflinks - 1.03C
Xhld0 - 3.07

I see protector is now in the core 2.5 , so I don't have to be concerned about that.

What about those other modules ? Are they still in use, safe to use with 2.5, safe to upgrade to, or even, should I use a different module (like Smartsection has gone over to ??cube or something).

I have always had to modify XOOPS userinfo.php as follows (lines added between //BEGIN and //END statements)


$xoopsOption['pagetype'] = 'user';



include 'mainfile.php';



include_once XOOPS_ROOT_PATH.'/class/module.textsanitizer.php';

//BEGIN - 20070412.1 - mod to stop guests from viewing registered user profiles



$xoopsUser or redirect_header('index.php', 3, _NOPERM);



//END - 20070412.1 - mod to stop guests from viewing registered user profiles

include_once XOOPS_ROOT_PATH . '/modules/system/constants.php';

This was always added, because I never liked the fact that a guest user could do this:

http://www.example.com/userinfo.php?uid=1

and find out the username of 'admin' ; not real good for security. Hopefully XOOPS has come a bit further now, in that respect, and there would be no need for that mod.

What about the security side of things (apart from installing protector) ? I used to have some php settings like ..


# XOOPS security measures



php_flag session.use_only_cookies on

php_flag session.use_trans_sid off



# Protector module



php_flag register_globals off

php_flag allow_url_fopen off



# Don't display php errors to terminal, log to an error file



php_value display_errors 0

php_value log_errors 1

php_value error_log /home/username/somepathname/somefilename_error.log

but I don't think I can have them like that with php running as CGI

Are they still needed, or need to be different values, or other settings now ?

Thanks,

Pete

Re: 2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 10:50
Mamba
Moderator
Posts: 11366
Since: 2004/4/23

Quote:

Smartobject - 0.9
Smartsection - 2.13

Switch to Publisher

Support XOOPS => DONATE
Use 2.5.10 | Docs | Modules | Bugs

Re: 2.0.18.1 --> 2.5 update - what modules ?

2011/1/21 11:32
peterr
Just can't stay away
Posts: 518
Since: 2004/8/5 9

Quote:

Mamba wrote:
Switch to Publisher

Thanks, will do. I may be better to do a clean install also, as there may be a need to cleanup files a bit.

Liaise - 1.26 - I may be better to go for one that has a 'captcha', like Contact 1.7 by trabis, or I see XForms has a captcha

Site Map - 1.30 - still seems 'current' and okay.

Wflinks - 1.03C - seems not to have been updated for ages, and weblinks may be better ??

Xhld0 - 3.07 - D3 Pipes may be better, later version

Thanks,

Peter

Stats
Goal:	$100.00
Due Date:	May 31
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

2.0.18.1 --> 2.5 update - what modules ?

Re: 2.0.18.1 --> 2.5 update - what modules ?

Re: 2.0.18.1 --> 2.5 update - what modules ?

Login

Search

Recent Posts

Re: Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Rebuilding and Updating a 20 years old Xoops Website from 2.0.18? to 2.5.11

Re: NewBB v 5.1.0 b 6

Re: NewBB v 5.1.0 b 6

NewBB v 5.1.0 b 6

Re: XOOPS 2.5.11 search user is not working

Re: oledrion

Re: oledrion

Re: oledrion

Re: oledrion

Who's Online

Donat-O-Meter

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}