Best Of
Sanmyaku theme install error?
The addon could not be enabled because it generated a fatal error:
how to install??
Security update: Vanilla 2.6.4
Get it here: https://open.vanillaforums.com/addon/vanilla-core
This release includes 5 security patches disclosed thru our HackerOne bounty campaign. They include fixes for:
- A remote code execution exploitable only by admins.
- Two XSS vectors in different parts of the Dashboard.
- An XSS vector in the OpenID addon (must be enabled) caused by old debug code.
We also made it more difficult to maliciously change a user's email by removing the cooldown period on prompting for your password when an email change is requested.
Warning: If you have any addons (themes or plugins) in your forum install with an invalid key, you will get an error on upgrade and will need to physically delete them from your installation. Fixing them is relatively painless, but a topic for elsewhere. We no longer allow invalid keys due to one of the security vulnerabilities above.
Please upgrade to the latest version of Vanilla as soon as possible. No other changes from 2.6.3 are in this version.
Re: Test
I think test posts should be categorized as spam. It is getting annoying.
Re: CHMOD -R 777 or CHMOD -R 755
donovanb is making a distinction between executable and writeable. Pre existing file don't need to be executable.
The order is of the numbers is user then group then others
| # | Permission | rwx | Binary |
|---|---|---|---|
| 7 | read, write and execute | rwx | 111 |
| 6 | read and write | rw- | 110 |
| 5 | read and execute | r-x | 101 |
| 4 | read only | r-- | 100 |
| 3 | write and execute | -wx | 011 |
| 2 | write only | -w- | 010 |
| 1 | execute only | --x | 001 |
| 0 | none | --- | 000 |
The long of the short is you should know/assign the user an group before considering permissions otherwise you could be making a misstep.
If you your host doen't allow this (e.g ftp only site), you are wasting your time with that host. Now you can get cheap servers you can ssh to.
Re: Help with Facebook SSO
sir can you setup, im tired to setup please sir?
Version 2.6.4 - install error
I am installing Vanilla Version 2.6.4. I carefully paste/type in all values for Database Host, Name, User etc. in the installer form but when clicking "Continue" I get the following error: Invalid log level: Failed to insert {type} ({content}): {error}.
PHP 7.2 - I even tried to go down to PHP 7.1 and PHP 7.0 but always the same error message.
The Webhost helpdesk had no explanation. Can anyone here decipher the error message and advise how to successfully complete the installation?
Re: Is it possible to style or brand the notification email?
There you can only change colors. How about the text? add, replace? Modify the HTML template...
Re: Fresh install of 2.6.3; how to integrate 2.1.11 database?
Thanks, I looked into that possibility, but it seemed as though I would be losing important data from the old (production) DB.
I actually got this working, as follows:
I ran the index.php?p=/utility/update/ and got an error page that said "Unknown column ‘t.FullName’ in ‘field list’". This had happened to me several other times today, and I would immediately try something else. This time, I went to the MySQL Workbench to look at the schema for the table that it was complaining about, which was “GDN_Tag”. I was expecting to ~not~ see the column “FullName", but lo and behold it ~was~ there. So I went back to my webpage, and it said “Update Complete”!
From there I was able run the utility/structure command and then to log in as admin.
So apparently, even though I was presented with the error page about the schmea for the GDN_Tag table not having that column, the update was actually running in the background and did its thing.
Re: NEW critical security update: Vanilla 2.6.3
@Vivant said:
It's strange because I've been using FileZilla for years without an issue - just this release for some reason.
I'm afraid only one of us has FileZilla to determine the root cause of that one. 
