Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

No new stories

Comments last 2 weeks


Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Tuesday, June 18 2013 @ 11:13 PM EDT

> >

Geeklog 1.6.0sr1 and 1.5.2sr5

Security
  • Thursday, July 30 2009 @ 02:00 PM EDT
  • Contributed by:
  • Views:
    5,522

Geeklog 1.6.0sr1 and 1.5.2sr5 address the following security issues:

  1. Gerendi Sandor Attila reported an XSS in the forms to email a user and to email a story to a friend.
  2. The "Mail Story to a Friend" function didn't check story permissions, so that it was possible to email a story even if you didn't have the permissions to view it on the site.

For Geeklog 1.6.0, we also fixed two bugs (an SQL error when the story submission queue was off and a call to a nonexistent function).

The following files are available:

What's Related

Story Options

Trackback

Trackback URL for this entry:
http://www.geeklog.net/trackback.php/geeklog-1.6.0sr1

Here's what others have to say about 'Geeklog 1.6.0sr1 and 1.5.2sr5':

[...] AudioPlayer.setup("http://devnote.com.mx/wp-content/plugins/podcasting/player/player.swf", { width: 290 ~); Geeklog.net . Fuente: Alcance Libre Comparte/Guarda Otros artículos relacionados Disponible Geeklog 1.5.2sr1. Disponible Geeklog [...] [read more]

[...] desde Geeklog 1.5.2sr4 Un paquete acumulativo desde cualquier versión previa a 1.5.2 Fuente: Geeklog.net . Relacionado con esto... paquete completo paquete de actualizaci&... paquete de actualizaci&... paquete acumulativo Geeklog.net [...] [read more]

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Geeklog 1.6.0sr1 and 1.5.2sr5
  • Authored by:mysuzie on Thursday, July 30 2009 @ 05:19 PM EDT
When logging on to my site www.suzyq.ca, I get the following message. Can anyone advise what this means.

Message:
Warning: fopen(/home/mysuzie/logs/error.log) [function.fopen]: failed to open stream: Permission denied in /home/mysuzie/public_html/lib-common.php on line 1521
An SQL error has occured. Please see error.log for details.

Any help would be appreciated.

Thank you
Sue
  • error.log
  • Authored by:Dirk on Friday, July 31 2009 @ 03:29 AM EDT

First of all: Please do not post support request on completely unrelated articles. That's what our forums are for. Thanks.

You seem to have two problems: An SQL error occurs. Geeklog tries to log it, but you didn't make the error.log file writable. To fix the latter, please refer to the installation instructions again - all the files and directories that have to be writable are listed there. Once you did that, try again and if the error occurs again, post the error message in a new forum post.

  • Geeklog 1.6.0sr1 and 1.5.2sr5
  • Authored by:taca on Friday, July 31 2009 @ 10:35 AM EDT
Hi.

As for 1.5.2sr5, is there plan to full release tar ball?
I found some more changes with 1.5.2sr5, such as documentation update,
but they aren't included in these update archive files.

Best regards.
---
taca
  • Geeklog 1.6.0sr1 and 1.5.2sr5
  • Authored by:Dirk on Friday, July 31 2009 @ 04:08 PM EDT

We only provide complete tarballs for the current version - and that's 1.6.0 now.

  • Geeklog 1.6.0sr1 and 1.5.2sr5
  • Authored by:taca on Friday, July 31 2009 @ 07:30 PM EDT
I see.

But I wish updated documentation to be included in the update archive.

Best regards.
---
taca
  • Geeklog 1.6.0sr1 and 1.5.2sr5
  • Authored by:jspujji on Friday, July 31 2009 @ 05:11 PM EDT
How can I view some sites created with geeklog
  • Geeklog sites
  • Authored by:Dirk on Saturday, August 01 2009 @ 08:18 AM EDT

Please use our forums for questions that are not related to a specific article.

Our Links section has many examples of Geeklog sites. Examples of popular sites are Groklaw, Mac OS X Hints, and MacFixIt.