Vanilla 2.0.18.4 Released
This release fixes a security hole in Vanilla that can leave your forum open to XSS attacks. There are also a couple of other minor fixes included with this release. We strongly recommend updating to this version of Vanilla.
Changelog:
- 2012-03-26 Partially fix #1330 by checking the format field on models.
- 2011-09-28 Fixed canonical url in /categories/*.
- 2012-03-16 Fixed canonical url bug when looking at a category.
If you are running Vanilla 2.0.18+ and want the files to fix the security hole you can do the following:
- Download Vanilla 2.0.18.4
- Replace the following files on your site:
- applications/dashboard/locale/en-CA/definitions.php
- library/core/class.validation.php
- library/core/functions.validation.php
1
Comments
Great job! It solves the security vulnerability that was posted this morning.
http://vanillaforums.org/discussion/19533/bug-1330-unauthorized-db-manipulation-via-post-form-tampering
Really fast reaction time.
There was an error rendering this rich post.
fast reaction time
I have been waiting so long for 2.1
There was an error rendering this rich post.
Thanks . i also downloded the latest version and installing my website's forum on it only.
Download page shows 2.0.18.4.
Just downloaded and installed this on a test system, and attempting to embed it in a WPress site.
Issue, the screencasts at http://www.screenr.com/kqY do not match what I am seeing on the embed page on the dashboard. Also, after installing the WP site, the page that is supposed to be auto-created is not and the features I saw on the screencast does not match what I am looking at on the embed page on my WP dashboard.
Any help is appreciated.
I tried to update from 2.0.8.1 to 2.0.8.4. Copied and overwrited the files, deleted ini files from cache.
But when running http://forum.gtricks.com/utility/update, it shows blank page. No success no failure information.
The debugger is confusing, and just says
Success: falseBodyClass: 'Dashboard Utility update Home'There was an error rendering this rich post.
anything I should be worried about?
There was an error rendering this rich post.
hmmm I am going to install vanilla over a new site now...
Will this fix the bug Below?
http://vanillaforums.org/discussion/19677/openid-authentication-failure-on-firefox
@aery Try /utility/structure if you're having trouble.
@Lincoln tried it. It always remains consistent.
Even after clicking on button "Run Structure and Data Scripts" and after getting the structure successfully executed, I always get the same things on Rescaning.
The code -
There was an error rendering this rich post.
@aery time to open a new thread. I lost you when you either get a blank page or you get a page with The debugger is confusing, and just says
I also missed what is wrong with the SQL queries you showed. Do they work in phpMyAdmin?
There was an error rendering this rich post.
I'm wondering if your MySQL doesn't have InnoDB support. Try running the following query to see if InnoDB is there:
@Todd it does have -
There was an error rendering this rich post.
ahum! InnoDB Support DISABLED
There was an error rendering this rich post.
The support is disabled but it does have that installed.
There was an error rendering this rich post.
does this help
www.mydigitallife.info/enable-mysql-innodb-storage-engine-support-in-xampp-installation/
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine I dont know what my hosting provider is using
Anyways, thanks for the help
There was an error rendering this rich post.
So my hosting provider does not support InnoDB but MyISAM.
What shall I do now?
There was an error rendering this rich post.
Change engine=innodb to engine=myisam
Let's see if your SQL queries work then.
There was an error rendering this rich post.