Last Saw: bagu: 55 Mins Ago kalchev: 3 Hours 51 Mins Ago N2theW: 5 Hours 23 Mins Ago netshark: 6 Hours 29 Mins Ago abu_faisal: 8 Hours 24 Mins Ago LARK: 10 Hours 11 Mins Ago mysql: 14 Hours 48 Mins Ago Geo: 15 Hours 46 Mins Ago kangasim: 19 Hours 30 Mins Ago zebulon: 23 Hours 54 Mins Ago abo3ouf: 1 Day 19 Hours 45 Mins Ago ourse: 2 Days 4 Hours 51 Mins Ago beeber: 3 Days 7 Mins Ago Emil: 3 Days 6 Hours 45 Mins Ago Farsus: 5 Days 35 Mins Ago HDMan: 7 Days 10 Hours 22 Mins Ago pisolo: 7 Days 13 Hours 27 Mins Ago Valetudas: 8 Days 2 Hours 10 Mins Ago Rukasuzu: 8 Days 5 Hours 6 Mins Ago
: RUNCMS 1.6.1 (build 20071224) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ BUGFIXES -------- [-] chmod in cache blocks after installing (Thanks for tatarin) [-] change theme in preferences [-] fix layout in mydownloads item [-] NEWBB_PLUS - missed & in urls of archive pages [-] HEADLINES - use SNOOPY from RunCMS and remove their own copy [-] NEWS - wrong month's detecting (Thanks for big_vyvorot) [-] error with edit/delete news on some new version of PHP
[!] For all developers - NEVER! NEVER use GET/POST vars as GLOBAL variable - use $_GET, $_POST or $_REQUEST arrays!!!
[-] Fatal error in userinfo.php if user not found (Tnx 2San for bug-report) [-] not highlighting of the IPs with .0. parts in MyTextsanitizer class [-] get blocks from handler instead dublicate creation of theirs in XoopsBlock::getAllBlocksByGroup() & XoopsBlock::getAllBlocks()
SECURITY -------- [-] Vulnerability in pagetype using (Thanks for Zormax)
[-] Blind SQL Injection in mydownloads [-] Linked XSS vulnetability in XoopsPageNav class [-] Vulnerability in XoopsGroup::isAccessible() [-] Image XSS Vulnetability in page edituser.php (uploading avatar) [-] Site administrator can page make a PHP Injection in admin area in the some files
P.S. Special thanks to Alexandr Polyakov from Digital Security Research Group for bugs & vulnerabilities report
FEATURES -------- [+] New RCCachedPage & RCThumbnail classes [+] New EXPIREMENTAL feature - the compiled kernel, which should greatly increase speed of RunCMS sites by removing at least 6 queries on EVERY page
[!] Note that it could be UNSTABLE and please use it ONLY on fully installed & tuned site by open class/core.php and turn of $compiling = true;
If you would make some changes in groups, group memberships, blocks, modules, smileys you SHOULD 1) turn it off, 2) remove cache/compiled_kernel.php file 3) tune you RunCMS 4) and ONLY after all you changes should be done, turn the compiling on (new file should be created automatically)
9: Guest (s)
: RUNCMS 1.6.1 (build 20071224)
