Recent Posts

Pages: 1 2 3 4 5 [6] 7 8 9 10
51
Feedback & Suggestions / 4images 1.10 - Feedback
« Last post by kai on January 23, 2023, 05:06:47 PM »
Please use this thread for feedback and comments about the 4images 1.10 release.
For general bug reporting and troubleshooting please use this forum.

Bitte nutzt diesen Thread fuer Feedback, Kommentare und Anregungen zum 4images 1.10 Release.
Fuer allgemeine Bug Reports und Troubleshooting bitte dieses Forum nutzen.
52
News & Announcements / Re: 4images 1.10
« Last post by kai on January 23, 2023, 05:04:43 PM »
=========================================================
ChangeLog Version 1.10
=========================================================
- Added ability to ignore images on "Validate images" page
- Fixed wrong results when searching on "Edit images" page (thanks to kp, https://www.4homepages.de/forum/index.php?topic=33113.0)
- Fixed error when checking for new images in currently empty categories (thanks to kp, https://www.4homepages.de/forum/index.php?topic=33113.0)
- Fixed missing functions for error output in install.php (thanks to qBass17, https://www.4homepages.de/forum/index.php?topic=33114.0)
- Fixed incomplete downloadable configuration file in install.php
- Fixed uncaught file system permission error in install.php
- Fixed error when logging in with invalid credentials
- Fixed several warnings related to undefined variables
- Security fix for XSS in category descriptions (thanks to rishaldwivedi)
- Security fix for XSS in /admin/index.php login (thanks to Piyush Patil)
- Security fix for SQL injection in /admin/images.php (thanks to Andrey Stoykov)
- Disabled PHP execution in templates by default and added notice to update docs (thanks to Andrey Stoykov)
- Added notice about MySQL 8.x not being supported to installation docs
53
News & Announcements / 4images 1.10
« Last post by kai on January 23, 2023, 05:03:51 PM »
:flag-en: The new version 4images 1.10 has been released. This release brings a bunch of bug fixes and improvements.
We recommend all users to update to the current version. All changes and features are listed in "docs/Changelog.txt".

:flag-de: Die neue Version 4images 1.10 wurde veroeffentlicht. Das Release beinhaltet einige Bug fixes und Verbesserungen.
Wir empfehlen allen Nutzern ein Update auf die aktuelle Version. Alle Aenderungen und Features sind in der Datei "docs/Changelog.txt" aufgelistet.

Download:
https://www.4homepages.de/download-4images

Demo:
https://www.4homepages.de/demo

Please use this thread for feedback about the 4images 1.10 version.

F?r Feedback zur 4images 1.10 Version bitte diesen Thread nutzen.
54
Bug Fixes & Patches / Re: MAIN_SCRIPT error (with fix) on 1.9 on PHP 8.1.12
« Last post by kai on January 13, 2023, 08:17:00 AM »
Yes, this will be fixed in the next version.
55
Discussion & Troubleshooting / Is it possible to allow specific members or user groups to upload to a category?
« Last post by abda53bd on January 12, 2023, 09:50:56 PM »
I'd like to have each member have access to upload only to their member category and not to other members categories. Is this currently possible?
56
Bug Fixes & Patches / MAIN_SCRIPT error (with fix) on 1.9 on PHP 8.1.12
« Last post by abda53bd on January 12, 2023, 09:25:08 PM »
PHP Fatal error:  Uncaught Error: Undefined constant "MAIN_SCRIPT" in includes/page_header.php:83

I get this error after creating a new account on a new install and trying to log in.

Fix:
file: global.php
line 27 add:


if(!defined('MAIN_SCRIPT')){
define('MAIN_SCRIPT', __FILE__);
}

It's possible this only happens on non-verified accounts
57
News & Announcements / Re: 4images 1.9
« Last post by kai on December 30, 2022, 02:20:04 PM »
thanks for reporting!

We will review the issues and fix them in the next release.
58
Bug Fixes & Patches / Re: PHP 8 Fix for V1.9
« Last post by kp on November 01, 2022, 12:55:10 PM »
Found a new PHP8 bug in this version.
By using the admin-function "Edit images" (German: Bilder bearbeiten) the result is strange when there are no filters set. Sometimes I got 0 images, sometimes 5000 sometimes all of them. This comes from the new handling in misusing a compare of string with an integer.

A fix you can find here: https://www.4homepages.de/forum/index.php?topic=33113.new#new
59
News & Announcements / Re: 4images 1.9
« Last post by kp on November 01, 2022, 12:52:47 PM »
Found another PHP8 bug in this version.
The admin-function "Edit images" (German: Bilder bearbeiten) the result is strange when there are no filters set. Sometimes I got 0 images, sometimes 5000 sometimes all of them. This comes from the new handling in misusing a compare of string with an integer.
The problem is in the file admin\images.php at line 664.
Here you have to change
if ($image_id != "") {
to
if ($image_id != 0) {

If you aren't experienced enough to change this, you can load my attached fixed file and replace it at your webspace.
Would be cool if the 4images guys could add this fix to there 1.9(.1) package.
60
Bug Fixes & Patches / Re: PHP 8 Fix for V1.9
« Last post by kp on October 31, 2022, 10:53:13 AM »
Hey,
I'm not a responsible person but I kept on eye on your post.
As I can see, the first "bug" is within the Admin area. So nobody could go there and can do something bad. On the other hand it looks for me, that 4images is cleaning all parameters.
So are you really sure that there is a real bug? I can't really find out on the page what the result is with this security tool.

About Cross Site Scripting I had not looked at yet.

Quote from: Bugfixed on October 02, 2022, 03:08:55 PM
Thank you.

Hello there. There are 2 security vulnerabilities here, I wonder if the developers can release a patch for it? Thanks in advance, it's urgent.
https://packetstormsecurity.com/files/163818/4images-1.8-SQL-Injection.html
https://packetstormsecurity.com/files/162946/4Images-1.8-Cross-Site-Scripting.html

Versions 1.8 and 1.9 seem to be affected.
Pages: 1 2 3 4 5 [6] 7 8 9 10