CRITICAL SECURITY VERSION UPDATE:
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13
almostcompletely
About
- Username
- almostcompletely
- Joined
- Visits
- 325
- Last Active
- Roles
- Member
Comments
-
Did you try my $config['cookie_secure'] = true; solution?
-
INSERT INTO `mytable` (staffid,datefrom,dateto,bhmode,daysequivelent) VALUES(70,"2023-01-20","2023-01-20",1,1); SELECT LAST_INSERT_ID(); Works fine from MySQL CLI. It's not the database. I have the same problem with another Fuel site too. v1…
-
auto_increment is on. The table and the code has been running for a number of years. $el = $this->xx_model->find_one('','id DESC); $id = $el['id'] works.
-
Open up your browser's debug console (F12?) and reload the page. You should get some more clues as to what's going on. Your NGINX server logs should also give you some clues.
-
Also check Apache has mod_rewrite installed and enabled. Use phpinfo() to check.
-
Turned out this is caused by the Search module. Line 59: https://github.com/daylightstudio/FUEL-CMS-Search/blob/master/models/Search_model.php $full_text_indexed = implode($full_text_fields, ', '); Should be: $full_text_indexed = implode…
-
No difference unfortunately. I can see session files appearing in my tmp directory. Could it be an encryption thing? EDIT: Turned out to be $config['cookie_secure'] = true; The HTTPS cert was broken and the site was defaulting to HTTP.
-
Local movies can eat up your hosting diskspace pretty quickly, so I tend to get owners to host their videos on Youtube. You'll want to add the "youtube" CKEditor plugin (v2.1.14 is compatible with the version of CKEditor used in Fuel). Remembe…
-
That worked. Thanks.
-
Further information: Taking $this->load->model('anotherdb_model'); out of the __construct and putting it into the controller function that uses it and replacing it with the $this->load->model('dummy_model'); stanza seems to get things…
-
pulling the launcher out of the fuel directory structure makes it work. I was hoping to use Fuel permissions to handle access to the tool, hence the advanced module. The same error exists for any iframe content within modules - eg. if the iframe p…
-
The CSS is loaded automatically by the main CK_Finder tool. The library function is rendering the JS since there's PHP involved in setting up the script to work. eg. flagging the CK_Finder tool use as authorised by Fuel permissions and making the …
-
$fields['image_selector'] = array( 'class' => 'MY_custom_fields', //library file 'function' => 'image_selector', 'css' => '', 'js' => array(), 'represents' => array('name' => 'image') ); It poi…
-
Didn't work. What did, for me on my server, was this at the top of the config.php: ini_set('session.cookie_samesite', 'Lax'); ini_set('session.cookie_secure', TRUE); I think CSRF cookies and the cookie section of config.php are indep…
-
What version are you on? I reported a bug with the class field not being saved earlier in the year which was fixed in the development branch (around May?)
-
That's what I would do. In my experience, the view file take priority over the CMS so I would move the home.php away from the file structure. Clear the Fuel cache when you're ready for the change to go public. [fuel_page_variables] is keyed on page…
-
Based on Bootstrap. Sounds like a good idea to me. I'm short on bandwidth but would be happy to contribute
-
Youtube iframes can be used with CKEditor, the Youtube plugin and Purifier. You need to use the latest Fuel version that has HTML5_Purifier support. ./config/editors.php $config['ckeditor']['default'] = array( 'toolbar' => array( …
-
The default MY_string_helper.php is <?php // to simplify updates, we post the helpers in the fuel module require_once(FUEL_PATH.'helpers/MY_string_helper.php'); try: echo FUEL_PATH.'helpers/MY_string_helper.php' Does it return somethi…
-
I'd look at your server resources if it runs OK on your PC.
-
Seems to have been an Apache issue rather than Fuel/CI. Not my server so don't have control over making sure it's set up right
-
Will do...
-
Here's part of the standard bootstrap notation for a set of tabs
-
Sounds like that would work. We could tidy up the config a bit too since I don't think the "comment" and "youtube" sections are used unless you manually assign one of them when you create the purifier object.
-
having dug into htmlpurifier-html5 a bit more, it looks like it's a bolt-on for htmlpurifier rather than a replacement - basically adding the html5 doctype. I think I prefer the config I implemented above since it allows the developer to edit the su…
-
Nice. Composer isn't required though. We can use https://php-download.com to compile xemlock/htmlpurifier-html5 and dump the resulting "vendor" directory into ./application/vendor. Add require_once(APPPATH.'vendor/autoload.php'); into the t…
-
OK. I think I've got the little b***er. $config['settings'] = array( 'default' => array( //'HTML.Trusted' => TRUE, // For Javascript... must also add 'script' to HTML.Allowed 'HTML.SafeIframe'…
-
The empty tags problem is fixed. Some ckeditor foo has sorted that but purifier was removing the attributes: With ckeditor fixed and purifier switched off: With purifier switched on: In the config, I changed: 'HTML.Allowe…
-
All occurrences of URI.SafeIframeRegexp in $purifier_config at function html_purify() are empty. [AutoFormat.RemoveEmpty.Predicate] => Array ( [colgroup] => Array …
-
Yes, using the whole develop branch and removing cache files. Empty tabs still being removed. Youtube still disappearing: $config['settings'] = array( 'default' => array( //'HTML.Trusted' => TRUE, // For Javascript..…