Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - kai

Pages: 1 ... 4 5 6 7 [8] 9 10 11 12 ... 48

106

News & Announcements / Re: 4images 1.7.9

« on: November 20, 2010, 01:25:30 PM »

Here is a detailed list of what has been changed in the php files from 4images 1.7.8 -> 1.7.9.
(The best way for yourself to compare the code of files is to use Winmerge.)

Root files

global.php

find:
function addslashes_array($array) {

insert before:
if (!function_exists("date_default_timezone_set")) {
 function date_default_timezone_set($timezone) {
 return true;
 }
}

find:
@include(ROOT_PATH.'config.php');

insert before:
// Initialize CSRF protection configuration
$csrf_protection_enable = 1;
$csrf_protection_frontend = 1;
$csrf_protection_backend = 1;
$csrf_protection_expires = 7200;
$csrf_protection_name = '__csrf';
$csrf_protection_xhtml = 1;

find:
include_once(ROOT_PATH.'includes/captcha_utils.php');

insert after:
//-----------------------------------------------------
//--- CSRF protection ---------------------------------
//-----------------------------------------------------
include_once(ROOT_PATH.'includes/csrf_utils.php');

member.php

find:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 }
 }
 remove_searchwords($image_id);

replace with:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
 }
 }
 }
 remove_searchwords($image_id);

find:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 }
 }
 add_searchwords($image_id, $search_words);

replace with:

$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
 }
 }
 }
 add_searchwords($image_id, $search_words);

Admin files

admin/admin_functions.php

find:
echo "<form action=\"".$site_sess->url($phpscript)."\"".$upload." name=\"".$name."\" method=\"post\">\n";

replace with:
echo "<form action=\"".$site_sess->url(safe_htmlspecialchars(strip_tags($phpscript)))."\"".$upload." name=\"".$name."\" method=\"post\">\n";

find:
echo "<a href=\"".$site_sess->url($url)."\"".$target.">[".$text."]</a>  ";

replace with:
echo "<a href=\"".$site_sess->url(safe_htmlspecialchars(strip_tags($url)))."\"".$target.">[".$text."]</a>  ";

find:
echo "<a href=\"".$site_sess->url($url)."\" class=\"navlink\">".$title."</a> $extra\n";

replace with:
echo "<a href=\"".$site_sess->url(safe_htmlspecialchars(strip_tags($url)))."\" class=\"navlink\">".$title."</a> $extra\n";

admin/admin_global.php

find:
include_once(ROOT_PATH.'admin/admin_functions.php');

insert after:
if ($csrf_protection_enable && $csrf_protection_backend) {
 csrf_start();
}

admin/backup.php

find:
if (is_file(ROOT_PATH.DATABASE_DIR."/".$file) && $file != "." && $file != ".." && preg_match("/\.sql$/i",$file))

replace with:
if (is_file(ROOT_PATH.DATABASE_DIR."/".$file) && $file != "." && $file != ".." && preg_match("/\.sql/i",$file))

admin/checkimages.php

find and delete (line 345):
$image_thumb_file = "";

find:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column.'_'.$i]);

insert after:
if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
 }

find:
echo "<td>Found in: ".(($cat_name == "" && !$key) ? "[root folder]" : "$cat_name (ID:$key)")."</td>\n";

replace with:
echo "<td>" . $lang['cni_foundin'] . ": ".(($cat_name == "" && !$key) ? "[root folder]" : "$cat_name (ID:$key)")."</td>\n";

admin/images.php

find:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);

insert after:
if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
}

find:
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column.'_'.$i]);

insert after:
if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
}

admin/validateimages.php

find:
$search_words[$image_column] = $image_cache[$key][$image_column];

insert after:
if ($image_column == 'image_keywords') {
 $search_words[$image_column] = explode(',', $search_words[$image_column]);
}

admin/plugins/migrate_keywords.php

find:
"image_keywords" => $image_keywords,

replace with:
"image_keywords" => explode(',', $image_keywords),

includes files

includes/constants.php

find:
define('MAX_SEARCH_KEYWORD_LENGTH', 25);

replace with:
define('MAX_SEARCH_KEYWORD_LENGTH', 60);

find:
define('SCRIPT_VERSION', '1.7.8');

replace with:
define('SCRIPT_VERSION', '1.7.9');

includes/page_header.php

find:
$site_template->un_register_vars("user_loginform");
 unset($user_box);
}

insert after:
if ($csrf_protection_enable && $csrf_protection_frontend) {
 csrf_start(true);
}

includes/search_utils.php

find:
function prepare_searchwords($val, $for_search = false)
{
 $val = strip_tags(trim($val));
 $val = convert_special($val);
 $val = strtolower($val);

 $val = preg_replace('/[\n\r]+/', ',', $val);

 if ($for_search) {
 $search_array = array(
 "/\s+\+/",
 "/\s+\-/"

);

replace with:
function prepare_searchwords($val, $for_search = false)
{
 if (!is_array($val)) {
 $val = strip_tags(trim($val));
 $val = convert_special($val);
 $val = strtolower($val);

 $val = preg_replace('/[\n\r]+/', ',', $val);

 if ($for_search) {
 $search_array = array(
 "/\s+\+/",
 "/\s+\-/"
 );

 $replace_array = array(
 " and ",
 " not "
 );

 $val = preg_replace($search_array, $replace_array, $val);
 } else {
 $val = str_replace("*", "", $val);
 }

 $search_array = array(
 "/&(?!(#[0-9]+|[a-z]+);)/si",
 "#([^]_a-z0-9-=\"'\/])([a-z]+?)://([^, <>\n\r]+)#si",
 "#([^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^, <>\n\r]*)?)#si",
 "#[-_'`´]+#s",
 "#[\n\t\r^\$<>\"\|@\?%~\+\.\[\]{}:\/=!§\\\\]+#s"
 );

find:
$replace_array = array(
 " and ",
 " not "
 );

replace with:
$replace_array = array(
 " ",
 " ",
 " ",
 "",
 " "
 );

find:
$val = preg_replace($search_array, $replace_array, $val);
 } else {
 $val = str_replace("*", "", $val);
 }

 $search_array = array(
 "/&(?!(#[0-9]+|[a-z]+);)/si",
 "#([^]_a-z0-9-=\"'\/])([a-z]+?)://([^, <>\n\r]+)#si",
 "#([^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^, <>\n\r]*)?)#si",
 "#[-_'`´]+#s",
 "#[\n\t\r^\$<>\"\|@\?%~\+\.\[\]{}:\/=!§\\\\]+#s"
 );

 $replace_array = array(
 " ",
 " ",
 " ",
 "",
 " "
 );
 $val = preg_replace($search_array, $replace_array, $val);

 if (empty($val)) {
 return array();
 }

replace with:
$val = preg_replace($search_array, $replace_array, $val);

 if (empty($val)) {
 return array();
 }

 $split_words = preg_split("/\s+/", $val);
 } else {
 $split_words = $val;
 array_walk($split_words, 'trim_value');
 $split_words = array_unique(array_filter($split_words));
 }

find and delete:
$split_words = preg_split("/,+/", $val);

find:

$len = strlen(preg_replace("/&(#[0-9]+|[a-z]+);/siU", "_", $word));

if ($len >= MIN_SEARCH_KEYWORD_LENGTH && $len <= MAX_SEARCH_KEYWORD_LENGTH && !in_array($word, $stopword_list)) {

  $clean_words[] = $word;
    }
  }

insert after:
  if ($for_search) {
    // Add whole string for image_keyword search
    $clean_words[] = implode(' ', $clean_words);
}

includes/sessions.php

find:

if (@ini_get('register_globals')) {

replace with:

$register_globals = strtolower(@ini_get('register_globals'));

if ($register_globals && $register_globals != "off" && $register_globals != "false") {

107

News & Announcements / Re: 4images 1.7.9

« on: November 20, 2010, 12:59:41 PM »

Here is a detailed list of what has been changed in the php files from 4images 1.7.8 -> 1.7.9.
(The best way for yourself to compare the code of files is to use Winmerge.)

Language files:

lang/deutsch/admin.php

find:
$lang['field_keywords'] = "Keywords";
$lang['field_keywords_ext'] = "Keywords Keywords durch Leerzeichen getrennt eingeben.";

replace with:
$lang['field_keywords'] = "Schlüsselwörter";
$lang['field_keywords_ext'] = "Schlüsselwörter Schlüsselwörter durch Komma getrennt eingeben.";

find:
$lang['field_keywords_contains'] = "Keywords enthält";

replace with:
$lang['field_keywords_contains'] = "Schlüsselwörter enthält";

find:
$lang['cni_media_file_rename'] = "Media Dateiname wurde umbenannt von {from} zu {to}";
$lang['cni_media_file_rename_error'] = "Fehler bei Umbenennen der Media Datei von {from} zu {to}";
$lang['cni_thumb_file_rename'] = "Thumbnail Dateiname wurde umbenannt von {from} zu {to}";
$lang['cni_thumb_file_rename_error'] = "Fehler bei Umbenennen der Thumbnail Datei von {from} zu {to}";
$lang['cni_copy_success'] = "Kopiere Original Datei in {name} Ordner.";
$lang['cni_copy_thumb_success'] = "Kopiere Thumbnail in {name} Ordner.";

replace with:
$lang['cni_thumbnail_rename_success'] = "Thumbnail umbenannt von {from} nach {to}";
$lang['cni_thumbnail_rename_error'] = "Fehler beim Umbenennen des Thumbnails von {from} nach {to}";
$lang['cni_copy_success'] = "Datei wurde in den Ordner {name} kopiert.";
$lang['cni_copy_error'] = "Fehler beim Kopieren der Datei in den Ordner {name}.";
$lang['cni_copy_thumb_success'] = "Thumbnail wurde in den Ordner {name} kopiert.";
$lang['cni_copy_thumb_error'] = "Fehler beim Kopieren des Thumbnails in den Ordner {name}.";

find:
$lang['cni_working'] = "Datei {file} wurde Bearbeitet";

replace with:
$lang['cni_working'] = "Datei {file} wurde bearbeitet";
$lang['file_not_found'] = "Datei nicht gefunden";

lang/english/admin.php

find:
$lang['field_keywords_ext'] = "Keywords Keywords must be separated by commas or newlines.";

replace with:
$lang['field_keywords_ext'] = "Keywords Keywords must be separated by commas.";

lang/english/main.php

find:
$lang['keywords_ext'] = "Keywords: Keywords must be separated by commas or newlines.";

replace with:
$lang['keywords_ext'] = "Keywords: Keywords must be separated by commas.";

lang/spanish/admin.php

find:
$lang['field_keywords_ext'] = "Palabras clave Las palabras clave deben estar separadas por espacios.";

insert after:
$lang['field_keywords_ext'] = "Palabras clave Introducir palabras separadas por comas.";

108

Language Packs / Re: [Language] Italian language files 1.7.9 Full

« on: November 20, 2010, 12:49:09 PM »

Grazie!!!

109

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

« on: November 18, 2010, 10:30:37 AM »

@ x23piracy:
Ich kann den Fehler nicht nachvollziehen. Löschen von Bildern aus Lightbox oder Löschen der gesamten Lightbox klappt ohne Probleme.

Hier gibts einen Extra-Thread für Dich:
http://www.4homepages.de/forum/index.php?topic=28295.0

110

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

« on: November 18, 2010, 09:23:06 AM »

Schlüsselwörter sollten per Komma getrennt eingegeben werden. Das "," ist das Trennzeichen.
Wir werden den Hilfetext entsprechend ändern.

@ mawenzi:
Upload des Bildes mit den gleichen Keywords, Titel, etc. funktioniert problemlos:
http://demo.4homepages.de/details.php?image_id=76
Eine SQL-Fehlermeldung tritt nicht auf.

111

Installation, Update & Configuration / Re: 1.7.8 to 1.7.9 files updates

« on: November 17, 2010, 04:24:00 PM »

Yes, we will post the changes asap.

Additionally you can use http://winmerge.org/ to compare the changed files.

112

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

« on: November 17, 2010, 09:45:17 AM »

Quote from: mawenzi on November 16, 2010, 10:20:16 AM

@andi ...

... ja richtig, mit der Bearbeitung von "Uhuru Peak" ... und der oben gezeigten Fehlermeldung ... werden wieder alle drei Bilder gefunden ...
... aber ich werde dir heut Abend nochmal ein solches Beispiel aufzeigen ...
... und wie gibst du deine Keywords ein ? ... mit Komma oder neuer Zeile ? ...

Hi mawenzi,

kannst du wie geschrieben nochmal ein eindeutiges Beispiel bei deiner Galerie zeigen?

thx

113

News & Announcements / 4images 1.7.9 Changelog

« on: November 11, 2010, 09:25:03 AM »

=========================================================
ChangeLog Version 1.7.9
=========================================================
- Added CSRF protection system (see docs/CSRF.english.txt or docs/CSRF.deutsch.txt)
- Security Fix for XSS issue in admin/admin_functions.php
- Fixed "Support for PHP4" (http://www.4homepages.de/forum/index.php?topic=27939.0)
- Fixed "multi-word search in 1.7.8" (http://www.4homepages.de/forum/index.php?topic=28028.0)
- Fixed "Uploadfehler nach Update von 1.7.7 auf 1.78" (http://www.4homepages.de/forum/index.php?topic=27829.0)
- Fixed "Can't login" (http://www.4homepages.de/forum/index.php?topic=27782.0)
- Fixed "Check new images - thumbnail not saved if already existed." (http://www.4homepages.de/forum/index.php?topic=27739.0)
- Fixed "Database Backup shows only *.sql files (no *.sql.gz)" (http://www.4homepages.de/forum/index.php?topic=27757.0)
- Fixed "Beschreibung nicht in Suche eingeschlossen" (http://www.4homepages.de/forum/index.php?topic=27747.0)

Neue Dateien / New Files:
---------------------------------------
- includes/csrf_utils.php

Geänderte Dateien / Changed Files:
---------------------------------------
global.php
member.php
admin/admin_functions.php
admin/admin_global.php
admin/backup.php
admin/checkimages.php
admin/images.php
admin/validateimages.php
admin/plugins/migrate_keywords.php
includes/constants.php
includes/page_header.php
includes/search_utils.php
includes/sessions.php

Sprache / Language:
---------------------------------------
- admin.php
   - edited: $lang['field_keywords_ext']
   - added: $lang['cni_thumbnail_rename_success']
   - added: $lang['cni_thumbnail_rename_error']
   - added: $lang['cni_copy_success']
   - added: $lang['cni_copy_error']
   - added: $lang['cni_copy_thumb_success']
   - added: $lang['cni_copy_thumb_error']
   - added: $lang['file_not_found']

114

Feedback & Suggestions / 4images 1.7.9 - Feedback

« on: November 11, 2010, 09:22:03 AM »

Bitte nutzt diesen Thread für Feedback, Kommentare und Anregungen zum 4images 1.7.9 Release.
Für Bug Reports und Troubleshooting bitte dieses Forum nutzen.

Please use this thread for feedback and comments about the 4images 1.7.9 release.
For bug reporting and troubleshooting please use this forum.

115

News & Announcements / 4images 1.7.9

« on: November 11, 2010, 09:21:16 AM »

Die neue Version 4images 1.7.9 wurde veröffentlicht. Das Release bringt Detailverbesserungen, behebt einge bugs und zwei sicherheitsrelevante Fehler.
Wir empfehlen allen Nutzern ein Update auf die aktuelle Version. Alle Änderungen und Features sind in der Datei "docs/Changelog.txt" aufgelistet.

The new version 4images 1.7.9 has been released. This release comes with some improvements, bugfixes, 2 security fixes and minor changes.
We recommend all users to update to the current version. All changes and features are listed in "docs/Changelog.txt".

Download:
http://www.4homepages.de/4images/download.php

Demo:
http://www.4homepages.de/4images/demo.php

Für Feedback zur 4images 1.7.9 Version bitte diesen Thread nutzen.

Please use this thread for feedback about the 4images 1.7.9 version.

116

Mods & Plugins (Releases & Support) / Re: PHPTHumb for Smaller detail image preview (to save traffic)

« on: November 10, 2010, 05:16:51 PM »

Attention:

We recommend NOT to use PHPTHumb until they released a fixed version!

The current version 1.7.9-200805132119 (released May 28, 2008) has a big security leak.
Attackers can compromise your server.

Secunia rated this vulnerability as "highly critical".

http://secunia.com/advisories/39556/

117

Mods & Plugins (Releases & Support) / Re: [Mod] Chaptcha can mathematics

« on: November 02, 2010, 07:42:54 PM »

rated 5 stars

118

Discussion & Troubleshooting / Re: How Google does not index img5796.search.htm?sessionid

« on: November 02, 2010, 07:12:24 PM »

Plz read the text in the link I posted.
You can also use Google Webmaster tools.

119

Chit Chat / Re: php bbcode

« on: November 02, 2010, 11:40:12 AM »

Thanks you V@no!

120

Discussion & Troubleshooting / Re: How Google does not index img5796.search.htm?sessionid

« on: October 30, 2010, 02:02:20 PM »

You can use a pattern matching filter in robots.txt

http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=156449&from=40360&rd=1

Pages: 1 ... 4 5 6 7 [8] 9 10 11 12 ... 48

4images Forum & Community

News:

Show Posts

Messages - kai

News & Announcements / Re: 4images 1.7.9

News & Announcements / Re: 4images 1.7.9

Language Packs / Re: [Language] Italian language files 1.7.9 Full

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

Installation, Update & Configuration / Re: 1.7.8 to 1.7.9 files updates

Discussion & Troubleshooting / Re: Probleme mit Version 1.7.9

News & Announcements / 4images 1.7.9 Changelog

Feedback & Suggestions / 4images 1.7.9 - Feedback

News & Announcements / 4images 1.7.9

Mods & Plugins (Releases & Support) / Re: PHPTHumb for Smaller detail image preview (to save traffic)

Mods & Plugins (Releases & Support) / Re: [Mod] Chaptcha can mathematics

Discussion & Troubleshooting / Re: How Google does not index img5796.search.htm?sessionid

Chit Chat / Re: php bbcode

Discussion & Troubleshooting / Re: How Google does not index img5796.search.htm?sessionid