Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Oversized images in latest security release

Hello all,

I updated to the latest version today (2.1.12) and I have been having some strange problems.... Images that are not stock images are oversized, an example being in the plugins list, some custom plugin icons are oversized, as well as the images in the bootstrap theme options, and badges in YAGA... does anyone else have these issues, or is it just me?

Comments

  • peregrineperegrine MVP
    edited October 2015

    Oversized images in latest security release

    read the announcement!!!! and the comments for a better understanding.

    Vanilla 2.1.12 released - security update

    http://vanillaforums.org/discussion/30966/vanilla-2-1-12-released-security-update

    Always a smart idea to read the comments in the release announcement and you will avoid problems. Stay informed.

    an error was introduced in the "latest" (2.12.p2) core vanilla release and it has been neglected as far as updated release.

    linc may or may not fix the problem that affects nearly everyone who upgrades. Even though it will lead to image related problems for many many forum owners who neglect to read all the user comments in announcement and upgrade. Perhaps a strategy to move people to the cloud or 2.2rc1. Or maybe he just wants to see how many people have the issues, if he doesn't fix release. or maybe he's just waiting to see if there are more problems before issuing another patch. no word yet.

    either use suggestion in announcement or perhaps better replace the function with the one from 2.2rc1 like so:

    img function in

    library/core/functions.render.php with this around line 500 or so.

    from

    if (!function_exists('Img')) {
       /**
        * Returns an img tag.
        */
       function Img($Image, $Attributes = '', $WithDomain = FALSE) {
          if ($Attributes == '')
             $Attributes = array();
    
          if (!IsUrl($Image))
             $Image = SmartAsset($Image, $WithDomain);
    
            return '<img src="'.htmlspecialchars($Image, ENT_QUOTES).'"'.$Attributes.' />';
       }
    }
    

    to

    if (!function_exists('img')) {
        /**
         * Returns an img tag.
         */
        function img($Image, $Attributes = '', $WithDomain = false) {
            if ($Attributes != '') {
                $Attributes = Attribute($Attributes);
            }
    
            if (!IsUrl($Image)) {
                $Image = SmartAsset($Image, $WithDomain);
            }
    
            return '<img src="'.htmlspecialchars($Image, ENT_QUOTES).'"'.$Attributes.' />';
        }
    }
    

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • @peregrine Thank you good sir!

  • peregrineperegrine MVP
    edited October 2015

    . > @ApolloPiglet said:

    peregrine Thank you good sir!

    ok.

    I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.

  • Exactly what I was looking for, thanks!

Sign In or Register to comment.