CRITICAL SECURITY VERSION UPDATE:
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13
https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.13
admin
About
- Username
- admin
- Joined
- Visits
- 8,800
- Last Active
- Roles
- Administrator
Comments
-
Thanks for the bug report. I'll get that fixed.
-
This is timely, since we will be posting a 0.92 version shortly. I will include these comments to help clarify.
-
try using 'yes' and 'no' for the enum values
-
Is it 'No' or 'no'?
-
Is your RewriteBase set relative to you web root directory. For example, if you can access your site at http://localhost/, then the RewriteBase would just be "/". If you access it at http://localhost/hotfrets/ then the RewriteBase would be "/hotfret…
-
Good to know. As an FYI, for those that are on the Mac and would like a nice GUI for git, you should try Tower: http://www.git-tower.com/ It's currently in beta, but is pretty nice. I tend to use the command line for most stuff because it can be q…
-
Yes, you are right. The form tag does wrap the table or divs. What I meant by containing div or table was the html that is used to contain the form fields.
-
I can see how that can be confusing. The ID property gets assigned to the containing div or table that is used to render the form. You can set the form ID with the $form_attrs property, so in your case it would be: form_attrs' => 'method="post" a…
-
Thanks. I've found several related issues regarding different (or some may say incorrect) $_SERVER variables when PHP is set to run as fast-cgi. Would be curious if that is your case here.
-
For others, there seems to be an issue with array_slice on line 102 with an empty $limit value. The solution was to change it to this: $return = (empty($limit)) ? array_slice($return, $offset) : array_slice($return, $offset, $limit); Seems to be an…
-
Is there anything being returned by the next line with the call to the get_dir_file_info()? And then further down, if anything is being returned in the $return array? Also, if you have IRC, I'm at irc.freenode.net in the fuelcms room (first time do…
-
With regards to the image preview issue, could you echo out the $assets_path value on line 66 of the fuel/modules/fuel/models/assets_model.php to see what the value is there?
-
With the safe_htmlentities issue, I think there are actually 2 things that are going on. First, the Form::prep() method wasn't properly encoding those values for when they are being displayed in the form fields. The send part was that they are getti…
-
Sounds like it may be. Line 10 in that fuel_constants.php file was put in place a couple months ago, due to a strange way a server we encountered was generating the $_SERVER['SCRIPT_NAME'] variable. I think it's technically suppose to return back th…
-
That line should be: $data = (!empty($this->normalized_save_data['categories'])) ? $this->normalized_save_data['categories'] : array(); The save_related has kind of an odd method signature.
-
With regards to the htmlentities, I've been looking at it a little closer and I discovered a couple issues with it in which I think I have some fixes for locally and will include them in the upcoming 0.92 branch release that will hopefully be pretty…
-
What kind of server is it? Is it perhaps a windows box? Also, make sure to make the folders writable or they won't show up.
-
I'll look into the htmlentities issue to see if there is a fix I can make to that function. With regards to the MarkItUp image browser, the PHP version shouldn't cause any problems that I know of. What are you experiencing (e.g. an empty dropdown li…
-
Out of curiosity, what is the value of your $_SERVER['SCRIPT_NAME'] before line 10?
-
What happens if you comment out line 10 in the fuel/modules/fuel/config/fuel_constants.php file where $_SERVER['SCRIPT_NAME'] value is changed?
-
I think you are right in that is is related to the uri_protocol and sounds like a similar issue found in the thread below. I think the way WEB_PATH is set needs to probably be modified. WEB_PATH is set in the fuel/modules/fuel/config/fuel_constants.…
-
Sometimes I see that when a session cookie gets too big and needs to be cleared out (have something in place in next version to help that issue). Try clearing all cookies from that domain. Also, can you browse to the pages on your site OK and is th…
-
Thanks for the kind words. Feel free to share it when you are done in the forum (there is a share category for stuff like that).
-
Ha... it is 1:45 am... (I try not to do that too often). It's only work if you don't enjoy it right?... Was working on 0.92 branch.
-
Oh... yes. That didn't make it into the update (I'm maintaining too many branches right now I think). That fix has been posted.
-
Great! Glad you figured it out. With regards to the double slashes, that may be due to how the $config['base_url'] and WEB_PATH are set. The WEB_PATH constant is defined in the fuel/modules/config/fuel_constants.php file.
-
The fix that was put in place was to check if the $params was a string, it would assume you are passing the module name (which is what the previous version was looking for). If the parameters was an array, then it would send it as initialization par…
-
OK... I've posted a fix for that for you to try out in both branches.
-
Hmm... doesn't look like you can at the moment without some changes... let me look into a fix for that.
-
That is a bug. That should have been fixed (and is in the 0.91 branch), but wasn't. The correct code is the following in the catch block: if (strtolower(get_class($e)) == 'dwoo_exception') { echo (''.$e->getMessage().''); } else…