4images Forum & Community

4images Help / Hilfe => News & Announcements => Topic started by: kai on July 06, 2012, 03:05:46 PM

Title: 4images 1.7.11
Post by: kai on July 06, 2012, 03:05:46 PM
:flag-de: Die neue Version 4images 1.7.11 wurde veröffentlicht. Das Release bringt Detailverbesserungen und behebt bugs und sicherheitsrelevante Fehler.
Wir empfehlen allen Nutzern ein Update auf die aktuelle Version. Alle Änderungen und Features sind in der Datei "docs/Changelog.txt" aufgelistet.

:flag-en: The new version 4images 1.7.11 has been released. This release comes with some improvements, bugfixes and security fixes.
We recommend all users to update to the current version. All changes and features are listed in "docs/Changelog.txt".

Download:
http://www.4homepages.de/4images/download.php

Demo:
http://www.4homepages.de/4images/demo.php


Für Feedback zur 4images 1.7.11 Version bitte diesen Thread (http://www.4homepages.de/forum/index.php?topic=30828.0) nutzen.

Please use this thread (http://www.4homepages.de/forum/index.php?topic=30828.0) for feedback about the 4images 1.7.11 version.
Title: Re: 4images 1.7.11
Post by: kai on July 06, 2012, 03:15:35 PM
=========================================================
ChangeLog Version 1.7.11
=========================================================
- [1.7 - 1.7.10] Security fix for XSS issue in admin/categories.php
- [1.7 - 1.7.10] Security fix for sql injection in admin/categories.php
- [1.7 - 1.7.10] Security fix for open redirect vulnerability in admin/index.php
- [1.7 - 1.7.10] Security fix for XSS issue
- Fixed auto-login in sessions.php
- Fixed email notification to user after activation by admin (http://www.4homepages.de/forum/index.php?topic=29623.0)
- Fixed sql error if apostrophe in name of image (http://www.4homepages.de/forum/index.php?topic=29950.0)
- Changed DB default settings from TYPE to ENGINE (http://www.4homepages.de/forum/index.php?topic=29627.0)
- template with 960px width used as default


Geänderte Dateien / Changed Files:
---------------------------------------

details.php
rss.php
admin/categories.php
admin/index.php
admin/users.php
data/database/default/mysql_default.sql
includes/db_mysql.php
includes/functions.php
includes/search_utils.php
includes/sessions.php
Title: Re: 4images 1.7.11
Post by: kai on July 25, 2012, 01:28:20 PM
Here is a detailed list of what has been changed in the php files from 4images 1.7.10 -> 1.7.11.
(The best way for yourself to compare the code of files is to use Winmerge (http://winmerge.org/).)



details.php
search for
$meta_keywords  = !empty($image_row['image_keywords']) ? implode(", ", explode(",", $image_row['image_keywords'])) : "";

replace with
$meta_keywords  = !empty($image_row['image_keywords']) ? strip_tags(implode(", ", explode(",", $image_row['image_keywords']))) : "";

rss.php
search for
function format_rss_html($text) {
  $text = format_text(trim($text), 1, 0, 1);

  return $text;
}

replace with
function format_rss_html($text) {
  $text = format_text(trim($text), 2, 0, 1);

  return $text;
}

admin/categories.php
search for
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? $HTTP_GET_VARS['cat_parent_id'] : 0;

replace with
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? intval($HTTP_GET_VARS['cat_parent_id']) : 0;

admin/index.php
search for
if ($redirect != "") {
  show_admin_header("<meta http-equiv=\"Refresh\" content=\"0; URL=".$site_sess->url($redirect)."\">");
  echo "<p><a href=\"".$site_sess->url($redirect)."\">".$lang['admin_login_redirect']."</a></p>";
  show_admin_footer();
  exit;
}

replace with
if ($redirect != "") {
  if (strpos($redirect, '://') === false) {
    show_admin_header("<meta http-equiv=\"Refresh\" content=\"0; URL=".$site_sess->url($redirect)."\">");
    echo "<p><a href=\"".$site_sess->url($redirect)."\">".$lang['admin_login_redirect']."</a></p>";
    show_admin_footer();
  } else {
      redirect('home.php');
  }
  exit;
}

search for
if ($action == "frames") {
  if ($goto != "") {
    $framesrc = $site_sess->url($goto);
  }
  else {
    $framesrc = $site_sess->url("home.php");
  }

replace with
if ($action == "frames") {
  if ($goto != "" && strpos($goto, '://') === false) {
    $framesrc = $site_sess->url($goto);
  }
  else {
    $framesrc = $site_sess->url("home.php");
  }

admin/users.php
search for
else {
    $activation = 0;
  }

replace with
else {
    if ($config['account_activation'] == 2 && $user_row['user_level'] == USER_AWAITING) {
        $activation = 1;
    } else {
        $activation = 0;
    }
  }

data/database/default/mysql_default.sql
use the mysql_default.sql from 1.7.11 package

includes/db_mysql.php
search for
  function Db($db_host, $db_user, $db_password = "", $db_name = "", $db_pconnect = 0) {
    $connect_handle = ($db_pconnect) ? "mysql_pconnect" : "mysql_connect";
    if (!$this->connection = @$connect_handle($db_host, $db_user, $db_password)) {
      $this->error("Could not connect to the database server ($db_host, $db_user).", 1);
    }
    if ($db_name != "") {
      if (!@mysql_select_db($db_name)) {
        @mysql_close($this->connection);
        $this->error("Could not select database ($db_name).", 1);
      }
    }
    return $this->connection;
  }

replace with
function Db($db_host, $db_user, $db_password = "", $db_name = "", $db_pconnect = 0) {
    $connect_handle = ($db_pconnect) ? "mysql_pconnect" : "mysql_connect";
    if (!$this->connection = @$connect_handle($db_host, $db_user, $db_password)) {
      $this->error("Could not connect to the database server ($db_host, $db_user).", 1);
    }
    if ($db_name != "") {
      if (!@mysql_select_db($db_name)) {
        @mysql_close($this->connection);
        $this->error("Could not select database ($db_name).", 1);
      }
    }
    return $this->connection;
  }

  function escape($value) {
    return mysql_real_escape_string($value, $this->connection);
  }

includes/functions.php
search for
function check_email($email) {
  return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_`{|}~]+@([-0-9A-Z]+\.)+([0-9A-Z]){2,4}$/i', $email)) ? 1 : 0;
}


replace with
function check_email($email) {
  return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_`{|}~]+@([-0-9A-Z]+\.)+([0-9A-Z]){2,}$/i', $email)) ? 1 : 0;
}

includes/search_utils.php
search for
$word_cache = array();
    foreach ($split_words as $word) {
      $word_cache[$word] = 1;
      $allwords_sql .= ($allwords_sql != "") ? ", '".$word."'" : "'".$word."'";
    }

replace with
$word_cache = array();
    foreach ($split_words as $word) {
      $word_cache[$word] = 1;
      $allwords_sql .= ($allwords_sql != "") ? ", '".addslashes($word)."'" : "'".addslashes($word)."'";
    }

search for
$sql = "INSERT INTO ".WORDMATCH_TABLE." (image_id, word_id".$match_insert_key_sql.")
              SELECT DISTINCT $image_id, word_id".$match_insert_val_sql."
                FROM ".WORDLIST_TABLE."
                WHERE word_text = '$key'";
      $site_db->query($sql);

replace with
      $sql = "INSERT INTO ".WORDMATCH_TABLE." (image_id, word_id".$match_insert_key_sql.")
              SELECT DISTINCT $image_id, word_id".$match_insert_val_sql."
                FROM ".WORDLIST_TABLE."
                WHERE word_text = '" . addslashes($key) . "'";
      $site_db->query($sql);

includes/sessions.php
search for
if (secure_compare($this->read_cookie_data("userpass"), md5($this->user_info['user_password'])) && $this->user_info['user_level'] > USER_AWAITING) {
        $this->set_cookie_data("userpass", $this->user_info['user_password']);
      }

replace with
if (secure_compare($this->read_cookie_data("userpass"), md5($this->user_info['user_password'])) && $this->user_info['user_level'] > USER_AWAITING) {
        $this->set_cookie_data("userpass", md5($this->user_info['user_password']));
      }


If you want to get rid of the update notice in the admin area, edit the value in constants.php.


thanks to Crazymodder!