HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Vanilla 2.1.3 - security release

2

Comments

  • phreakphreak Vanilla*APP (White Label) & Vanilla*Skins Shop MVP

    Thanx guys for discovering the issue. thumbsUp

    • VanillaAPP | iOS & Android App for Vanilla - White label app for Vanilla Forums OS
    • VanillaSkins | Plugins, Themes, Graphics and Custom Development for Vanilla
  • @Bleistivt said:
    Maybe someone, preferably a moderator, could make a new zip of Vanilla 2.1.2 with the global JS bug fixed and upload it here.
    I think it really hurts the software if the newest version people should download is in a somewhat broken state.

    I'm completely new to Vanilla forum and was wondering why nothing was working, spent ages trying to figure it out. Turns out there's a bug in the javascript and its been left broken for the weekend. It's not a good first impression.

  • man.. i should have scrolled down before messing with troubleshooting for an hour :D

    eh.. it happens.

  • peregrineperegrine MVP
    edited September 2014

    @jaymz said:
    man.. i should have scrolled down before messing with troubleshooting for an hour :D

    eh.. it happens.

    At least you read the announcement and came back to read the comments later. thats a plus, if it helped.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • @peregrine, thanks for the fix with the global.js file.

    Add Pages to Vanilla with the Basic Pages app

  • Nice thanks guys fixed my issues :)

  • LincLinc Detroit Admin

    What is driving me mad is this: No one can seem to explain why the previous call in 2.1 worked but the one in 2.1.2 doesn't. The fact of the fix doesn't interest me half as much as knowing why it happened so I can prevent another faulty release in the future.

  • peregrineperegrine MVP
    edited September 2014

    What is driving me mad is this: No one can seem to explain why the previous call in 2.1

    it didn't work in 2.1 - the hours were never updated. and the method of getting defintions changed. it just didn't crash.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • peregrineperegrine MVP
    edited September 2014

    @Linc

    What is driving me mad is this: No one can seem to explain why the previous call in 2.1 worked but the one in 2.1.2 doesn't. The fact of the fix doesn't interest me half as much as knowing why it happened so I can prevent another faulty release in the future.

    the way i figure it....
    evaluation of expression was always false in 2.1

    if (hourOffset != $(this).val()) { // they were always equal in all cases

    thats why the houroffset never worked correctly

           // Ajax/Save the ClientHour if it is different from the value in the db.
           $('input:hidden[id$=SetHourOffset]').livequery(function() {
              if (hourOffset != $(this).val()) {
                 $.post(
                    gdn.url('/utility/sethouroffset.json'),
                    { HourOffset: hourOffset, TransientKey: gdn.definition('TransientKey') }
                 );
              }
           });
    

    http://vanillaforums.org/discussion/comment/213937/#Comment_213937

    http://vanillaforums.org/discussion/comment/214078/#Comment_214078

    and it was masked by the fact that admins were ususally setting their own timezones so it didn't matter and they never noticed the time was off.

    it may have been working in 2.1b2 - not sure.

    that is why so many new fourm owners are having problem 2.1 never updated user table correctly, hence with 2.1.2 the houroffset was always different js vs db table (as a result of all users created during 2.1 phase) and just fresh install of 2.1.2 it finally evaluated gdn.url which was never defined early enough.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • LincLinc Detroit Admin
    edited October 2014

    That makes better sense, thanks. Didn't realize it never eval'd. I thought that bug only happened as of 2.1.1

  • Dr_SommerDr_Sommer Dr. of tender Programing ;) ✭✭

    This peregrine is really a Magician!!! Thanx... :wink:

  • peregrineperegrine MVP
    edited September 2014

    @Dr_Sommer said:
    This peregrine is really a Magician!!! Thanx... :wink:

    @Dr_Sommer

    Oh boy, the magician badge! :wink:

    However, the vanilla staff developers are the magicians, they created the magical magnificent prize-winning forum known as:





    with a 5 beerglass rating.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited September 2014

    This is the CodeMagician Badge , because you always hit the bull's eye and pull a rabbit out of your a**, I mean Hat.... :D

  • LincLinc Detroit Admin

    I have re-released as 2.1.3, now with the fix to global.js and another I spotted. I simply renamed this thread & updated the diff since it's an "oops" release.

  • LincLinc Detroit Admin

    If anyone sees folks reporting Javascript-broken-like issues in the last week, will you please help spread the word to upgrade to 2.1.3? Especially folks who went back to 2.1.1 until it was fixed.

  • peregrineperegrine MVP
    edited September 2014

    what about updating the add-ons pockets plugin so it is the same as the github version 1.1.2 . which works in vanilla 2.1.x unlike the current pockets.http://vanillaforums.org/addon/pockets-plugin-1.0.1b

    seeing as most people are downloading vanilla 2.1.x

    many people are having these issues because they fail to read this discussion and the spreadsheet.

    http://vanillaforums.org/discussion/26703/plugins-themes-that-work-and-don-t-work-in-vanilla-2-1

    http://vanillaforums.org/discussion/27894/pockets-plugin-not-working

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    Maybe adding a Notice somewhere that the htaccess file will get overwritten and they need to make sure it is like the one they had before to avoid 404 error due to rewrite url not being correct in the htaccess file after update.

  • @vrijvlinder said: Maybe adding a Notice somewhere that the htaccess file will get overwritten and they need to make sure it is like the one they had before to avoid 404 error due to rewrite url not being correct in the htaccess file after update.

    yes, might prevent alot of mishaps. and a note to make a local backup copy of config.php and .htaccess before upgrading.

    or a htaccess_sample file to be moved to .htaccess and adjusted if need be, to avoid overwrite entirely.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • i upadate to vanilla 2.1.3 but comment not refresh in 5 sec. how can i fix it.

Sign In or Register to comment.