User Functions


There are no upcoming events

What's New

Stories last 2 weeks

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

Downloads last 2 weeks

No new files

Welcome to Geeklog Thursday, October 27 2016 @ 06:29 pm EDT

Image Support in Articles!

  • View Printable Version
  • Contributed by:
  • Views:
We are nearing the release candidate for 1.3.5. In CVS now, I have added the support for images in articles. For the impatient, you can download it from CVS. An actual release candidate is probably still a couple of days off yet.

If you try the new image support, please let me know what you think or how it could be improved.

Emailing Geeklog Topics

  • View Printable Version
  • Contributed by:
  • Views:
Hi folks,

Using Geeklog 1.3.4 which I\'m thoroughly impressed with, however there\'s just one feature I\'ve not managed to make work correctly as yet - and that\'s the Emailing Topics for User option, I\'ve setup CRON to run the \'emailgeeklogstories\' script as php (which I\'ve corrected the paths etc in) but when the job executes on it\'s daily rotation I\'m emailed the following error from CRON:

#!/usr/local/bin/php -q
Warning: Cannot add header information - headers already sent by
(output started at
/path-to-geeklog/public_html/email.php:2) in
/path-to-geeklog/system/lib-sessions.php on line 150
Warning: Cannot add header information - headers already sent by
(output started at
/path-to-geeklog/public_html/email.php:2) in
/path-to-geeklog/system/lib-sessions.php on line 162

(the paths in the real error are correct, but changed here to path-to-geeklog).

email.php is the modified version of the emailgeeklogstories script (the only modification being the path to geeklog) and it\'s in the public_html folder for the geeklog installation, the line in my crontab looks like this:

0 20 * * * lynx -dump http://geeklog-url/email.php

(again, geeklog-url is actually my domain name in the crontab ;) ).

Anybody have any ideas? Sorry about the lengthy post - I\'m too lame to work this one out for myself, though ;)

Possible CSS vulnerability in search.php

  • View Printable Version
  • Contributed by:
  • Views:
I think search.php of geeklog-1.3.x has
possible cross site scripting vulnerability. For example, let put this string as search keyword.


This gives alert window when JavaScript is enabled.
Because any HTML tags are transparently displayed in a \"No matchs\" screen, and search.php accept GET method, this can be easily exploitable with manner of ordinary cross site scripting attacks.
This simple patch for search.php can prevent this type of attack.

--- search.php Fri Apr 5 01:21:15 2002
+++ Mon Apr 8 03:38:07 2002
@@ -264,7 +264,7 @@
$retval .= $searchresults->parse(\'output\',\'searchresults\');
} else {
$retval .= COM_startBlock($LANG09[13])
- . $LANG09[14].\' <b>\'.htmlentities($query).\'</b> \'.$LANG09[15]
+ . $LANG09[14].\' <b>\'.$query.\'</b> \'.$LANG09[15]
. COM_endBlock();

Who's Online

Guest Users: 12

Need Help?

If you need help in setting up or using Geeklog, please see the documentation, the FAQ, the Wiki, try our search page or browse through the Support Forum. Chances are someone else already had the same problem.

More resources are listed on the support page.

If you still can't find an answer, feel free to post in the forum or ask on Gitter in the Geeklog room.

International Support:
[] [GeeklogPolska] [Geeklog Japanese] [Geeklog France] [Geeklog Spain]


PHP Support for the next version of Geeklog

Which PHP version are you on?

  •  PHP 5.2.x
  •  PHP 5.3.x
  •  PHP 5.4.x
  •  PHP 5.5.x
  •  PHP 5.6.x
  •  PHP 7.0.x
  •  Don't know / other
This poll has 2 more questions.
Other polls | 33 voters | 0 comments