PhpDig.net

Go Back   PhpDig.net > General Forums > Feedback & News

Reply
 
Thread Tools
Old 12-12-2004, 02:35 AM   #1
Charter
Head Mole
 
Charter's Avatar
 
Join Date: May 2003
Posts: 2,539
PhpDig Version 1.8.5 Released

Hi. PhpDig version 1.8.5 has been released as a 'minor although very necessary' release. You must upgrade if you use a version of PhpDig earlier than v.1.8.5. The changes can be found in the Changelog file. There is one database table change fro mv.1.8.4. To upgrade, make the change to the database table, reconfigure the new connect.php and config.php files, and copy over all of the files, overwriting the old files. Change your passwords and then upgrade, no ifs, no ands, no buts!

Note: If you are upgrading from an older version, make the database table updates in steps, for example, update the database tables 1.8.3 -> 1.8.4 -> 1.8.5 and then reconfigure the new connect.php and config.php files, and copy over all of the files, overwriting the old files.
__________________
Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.
Charter is offline   Reply With Quote
Old 12-12-2004, 02:50 AM   #2
Charter
Head Mole
 
Charter's Avatar
 
Join Date: May 2003
Posts: 2,539
As a side note: Do not r****mly apply PhpDig patches that you find in the forums! These forums have supported many versions of PhpDig, so several of the code changes are not applicable to PhpDig v.1.8.5. Also, take extreme care should you change the code; otherwise, you might leave yourself open to exploits.
__________________
Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.
Charter is offline   Reply With Quote
Old 12-12-2004, 01:54 PM   #3
Charter
Head Mole
 
Charter's Avatar
 
Join Date: May 2003
Posts: 2,539
If you downloaded PhpDig v.1.8.5 prior to the date of this post, then make the following changes:

In limit_upd.php find:
PHP Code:
while (list($id,$url,$days_db,$links,$depth,) = mysql_fetch_row($result_id)) { 
And replace with:
PHP Code:
while (list($id,$url,$days_db,$links,$depth) = mysql_fetch_row($result_id)) { 
Note the removal of the straggling comma after the $depth variable. This fixes the MySQL warning when you try to update sites from the admin panel.


In both search_function.php (two times) and function_phpdig_form.php (one time) find:
PHP Code:
$template_demo $_REQUEST['template_demo']; 
And replace with:
PHP Code:
$template_demo urlencode(stripslashes(urldecode($_REQUEST['template_demo']))); 
Note there are two replacements needed in search_function.php and one replacement needed in function_phpdig_form.php. The $template_demo variable can be passed back out to the browser, so this makes sure that output prints correctly.


In search_function.php find:
PHP Code:
$refine_url "&refine=1&site=$site&path=$path"
And replace with:
PHP Code:
$refine_url "&refine=1&site=$site&path=$path"
This change is for conformity in link format, using & instead of just the & symbol.


If you downloaded PhpDig v.1.8.5 after the date of this post, then the changes have already been made.
__________________
Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.
Charter is offline   Reply With Quote
Old 12-12-2004, 03:52 PM   #4
Charter
Head Mole
 
Charter's Avatar
 
Join Date: May 2003
Posts: 2,539
Here are some things to check to try and see if you were affected by the security problem in PhpDig versions less than v.1.8.5. Search your server access logs and check for anyone accessing your important files. For example, search your logs for config.php and other important files and review the output for suspicious requests. You will know it if you see it. Also check for any file starting with a string of numbers, that file being writable or in a writable location. If you find such a file and it is not your content, review the file, then delete the file and again check your logs for any requests to the file. In any case, make sure to change your passwords if you were running a version of PhpDig less than v.1.8.5.
__________________
Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.
Charter is offline   Reply With Quote
Old 12-15-2004, 10:18 PM   #5
Charter
Head Mole
 
Charter's Avatar
 
Join Date: May 2003
Posts: 2,539
Ho hum... So attached to this post is a file listing the code changes between PhpDig v.1.8.5 and PhpDig v.1.8.6, assuming the code changes already posted in this thread have already been applied to v.1.8.5.

Note that there are no database table changes from v.1.8.5 to v.1.8.6. The attached file is provided for your convenience, should you be on you way to hacking v.1.8.5 but want to upgrade to v.1.8.6. Really, you should upgrade, but I'm not going to beg.

Anyway, if I didn't forget to list any steps in the attached file, and you can follow it, then there shouldn't be a problem upgrading to v.1.8.6, but if you do run into problems, then download v.1.8.6 directly. As always, the changes can be found in the Changelog file.

Note: If you downloaded PhpDig v.1.8.6 directly after the date of this post, then all the code changes posted in this thread have already been applied. Again, there are no database table changes between PhpDig v.1.8.5 and PhpDig v.1.8.6.

C'mon, upgrade! Oh, and don't go r****mly applying code changes from old posts, as these forums have supported multiple versions of PhpDig so it is possible that such code no longer applies.

Also, any possible code changes to PhpDig v.1.8.6 shall be continued in this thread.
Attached Files
File Type: txt phpdig_185_to_186.txt (23.2 KB, 7 views)
__________________
Responses are offered on a voluntary if/as time is available basis, no guarantees. Double posting or bumping threads will not get your question answered any faster. No support via PM or email, responses not guaranteed. Thank you for your comprehension.
Charter is offline   Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PhpDig Version 1.8.4 Released Charter Feedback & News 4 12-12-2004 02:43 AM
PhpDig Version 1.8.3 Released Charter Feedback & News 6 08-01-2004 02:04 PM
PhpDig Version 1.8.2 Released Charter Feedback & News 0 07-12-2004 05:41 PM
PhpDig Version 1.8.1 Released Charter Feedback & News 6 07-08-2004 07:17 PM
PhpDig Version 1.6.3 Released Charter Feedback & News 0 11-10-2003 05:00 PM


All times are GMT -8. The time now is 07:18 PM.


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 2001 - 2005, ThinkDing LLC. All Rights Reserved.