Phorum 5.1.19 Released

While dealing with a bogus error report about an XSS issue in register.php, Oliver Riesen found an issue in the group moderation control center page. While I could not get it to be used as an XSS exploit, I am erring on the side of caution and assuming some other evil minded person could. So, that is why the Phorum 5.1.19 is released. This only affected you if you had the user dropdown list enabled. It is not enabled by default.

We are happy to announce the release of 5.1.18. This is a bug fix release. There were over 40 fixes in this version in all. Some notable fixes include an XSS issue found by Maurice, some MySQL 5 fixes, message counting performance fix and some fixes for vroots. The XSS issue was in the core. You don't need to change your templates.

Brian - Cowboy Ninja Coder - Personal Blog - Twitter

Edited 3 time(s). Last edit at 03/08/2007 12:33PM by ts77.

upgraded from 5.1.16a to 5.1.18 and get the following error message:

Something is wrong with the upgrade script. Please contact the Phorum Dev Team. (2006090700,2006102700)

Could I be helped? Thanks, hjp

make sure that you uploaded all the files, so that e.g. include/db/upgrade/mysql/2006102700.php exists on the server.

Also an upgrade script for 2006090700 is nowhere in the trunk, strange thing.

---

Thomas Seifert

Thanks for the quick response, Thomas.
I emptied out the include/db/upgrade/mysql/-folder, reuploaded all files from the new version. Made sure that there is no 2006102700.php anywhere. Tried again and got the same error.

greets, hjp

Made sure that there is no 2006102700.php

it HAS TO be there and its also in the tarball which you can download from this page.

---

Thomas Seifert

sorry, 2006102700.php is really in, I meant this 2006090700 from the error-message; it doesn´t exist.

hjp

That upgrade file is in the development trunk and not in 5.1. Did you ever try out a development 5.2 release on top of the 5.1 tree? Else I'm not sure how your setup would know about db upgrade 2006090700.

---

Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce

Uuuuh, yes I did.
I uploaded 2006090700.php again and..... it works!
Thank you guys, think I´ll make a donate for the "Conference".

And Maurice, I use your google maps module, it´s great. (I made my every-day-pub a userlocation, hehe)

Have a nice day and thanx again, hjp

Wow, phorum has come ALONG WAY since last I was here. I'm happy to see its still easy to use and still lite n' fast :-)

[edit] Except I got redirected to an odd place, "Phorum Support" instead of back to this thread :\ [/edit]



Edited 1 time(s). Last edit at 02/20/2007 03:25AM by Fade2k.

whats the odd place about it? phorum always redirects you to the forum and not to the thread after posting. that was this way in the "old versions" too ;) - even though there is a settings for that nowadays.

---

Thomas Seifert

That's merely a matter of a configuration setting in the admin. The admin can choose whereto the user should be redirected after posting a message. So nothing to be alarmed about :-)

---

Maurice Makaay
Phorum Development Team
my blog linkedin profile secret sauce

lol, its been along time. I forget things =0p

I just (like 2 seconds ago) finished the installer script, which looks the same (except not yellow) so I haven't gotten to see the admin area much as of yet :-)

As for whats odd about it.. I guess its just something I'm not accustom to. I'm probably more odd than that being an oddity to anyone else =0D

[edit] That oddity makes more sense anyway [/edit]



Edited 1 time(s). Last edit at 02/20/2007 05:51AM by Fade2k.