Menu
▾
▴
phpwebsite-developers
|
From: Matthew M. <ma...@tu...> - 2005-07-05 15:01:19
|
Hello all, I have added a extra hack detection to the patch. You can grab it here: http://phpwebsite.appstate.edu/downloads/security/phpwebsite_security_patch_20050705.2.tgz I haven't received any feedback yet. I will release and announce as is at 1:00pm. Thanks, Matt -- Matthew McNaney Electronic Student Services Appalachian State University http://phpwebsite.appstate.edu |
|
From: Matthew M. <ma...@tu...> - 2006-04-19 18:03:40
|
After some feedback, the patch has gone through some revision. Get the update here: http://phpwebsite.appstate.edu/downloads/security/phpws_patch_20060419.2.tgz Special thanks to Shaun for continually highlighting my shortcomings. Matt -- Matthew McNaney Electronic Student Services Appalachian State University http://phpwebsite.appstate.edu |
|
From: Verdon V. <ve...@gm...> - 2006-05-29 16:41:19
|
Hi, I'm encountering a strange thing while trying to write an install.sql file for a module I am working on. I'm hoping fresh eyes might help. Thanks for any advice. Regards, verdon If I run the sql statement below, in phpmyadmin, it works fine. If I try to boost instead, I get this generic error DB Error: syntax error CREATE TABLE mod_cstconference_applications ( id int NOT NULL default '0', regnum int NOT NULL default '0', regstudent tinyint NOT NULL default '0', regprov varchar(20) default '', regonline tinyint NOT NULL default '0', applicants text, firstname varchar(60) default '', lastname varchar(60) default '', organization varchar(255) default '', address1 varchar(255) default '', address2 varchar(255) default '', city varchar(120) default '', province varchar(60) default '', postal varchar(20) default '', phone varchar(60) default '', email varchar(120) default '', total ) [nativecode=1064 ** You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1] This is the sql... CREATE TABLE mod_cstconference_applications ( id int NOT NULL default '0', regnum int NOT NULL default '0', regstudent tinyint NOT NULL default '0', regprov varchar(20) default '', regonline tinyint NOT NULL default '0', applicants text, firstname varchar(60) default '', lastname varchar(60) default '', organization varchar(255) default '', address1 varchar(255) default '', address2 varchar(255) default '', city varchar(120) default '', province varchar(60) default '', postal varchar(20) default '', phone varchar(60) default '', email varchar(120) default '', total text, PRIMARY KEY (id) ) TYPE=MyISAM; |
|
From: Matthew M. <ma...@tu...> - 2006-05-29 17:51:15
|
Have you tried dropping the TYPE=MyISAM;? On Mon, 2006-05-29 at 12:42 -0400, Verdon Vaillancourt wrote: > Hi, > > I'm encountering a strange thing while trying to write an install.sql > file for a module I am working on. I'm hoping fresh eyes might help. > > Thanks for any advice. Regards, > verdon > > > If I run the sql statement below, in phpmyadmin, it works fine. If I > try to boost instead, I get this generic error > > DB Error: syntax error > CREATE TABLE mod_cstconference_applications ( id int NOT NULL default > '0', regnum int NOT NULL default '0', regstudent tinyint NOT NULL > default '0', regprov varchar(20) default '', regonline tinyint NOT NULL > default '0', applicants text, firstname varchar(60) default '', > lastname varchar(60) default '', organization varchar(255) default '', > address1 varchar(255) default '', address2 varchar(255) default '', > city varchar(120) default '', province varchar(60) default '', postal > varchar(20) default '', phone varchar(60) default '', email > varchar(120) default '', total ) [nativecode=1064 ** You have an error > in your SQL syntax. Check the manual that corresponds to your MySQL > server version for the right syntax to use near ')' at line 1] > > This is the sql... > > CREATE TABLE mod_cstconference_applications ( > id int NOT NULL default '0', > regnum int NOT NULL default '0', > regstudent tinyint NOT NULL default '0', > regprov varchar(20) default '', > regonline tinyint NOT NULL default '0', > applicants text, > firstname varchar(60) default '', > lastname varchar(60) default '', > organization varchar(255) default '', > address1 varchar(255) default '', > address2 varchar(255) default '', > city varchar(120) default '', > province varchar(60) default '', > postal varchar(20) default '', > phone varchar(60) default '', > email varchar(120) default '', > total text, > PRIMARY KEY (id) > ) TYPE=MyISAM; > > > > ------------------------------------------------------- > All the advantages of Linux Managed Hosting--Without the Cost and Risk! > Fully trained technicians. The highest number of Red Hat certifications in > the hosting industry. Fanatical Support. Click to learn more > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642 > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers -- Matthew McNaney Electronic Student Services Appalachian State University http://phpwebsite.appstate.edu |
|
From: Verdon V. <ve...@gm...> - 2006-05-29 18:13:46
|
That did the job... thanks Matt :) verdon On 29-May-06, at 1:44 PM, Matthew McNaney wrote: > Have you tried dropping the TYPE=MyISAM;? > > > > On Mon, 2006-05-29 at 12:42 -0400, Verdon Vaillancourt wrote: >> Hi, >> >> I'm encountering a strange thing while trying to write an install.sql >> file for a module I am working on. I'm hoping fresh eyes might help. >> >> Thanks for any advice. Regards, >> verdon >> >> >> If I run the sql statement below, in phpmyadmin, it works fine. If I >> try to boost instead, I get this generic error >> >> DB Error: syntax error >> CREATE TABLE mod_cstconference_applications ( id int NOT NULL default >> '0', regnum int NOT NULL default '0', regstudent tinyint NOT NULL >> default '0', regprov varchar(20) default '', regonline tinyint NOT >> NULL >> default '0', applicants text, firstname varchar(60) default '', >> lastname varchar(60) default '', organization varchar(255) default '', >> address1 varchar(255) default '', address2 varchar(255) default '', >> city varchar(120) default '', province varchar(60) default '', postal >> varchar(20) default '', phone varchar(60) default '', email >> varchar(120) default '', total ) [nativecode=1064 ** You have an error >> in your SQL syntax. Check the manual that corresponds to your MySQL >> server version for the right syntax to use near ')' at line 1] >> >> This is the sql... >> >> CREATE TABLE mod_cstconference_applications ( >> id int NOT NULL default '0', >> regnum int NOT NULL default '0', >> regstudent tinyint NOT NULL default '0', >> regprov varchar(20) default '', >> regonline tinyint NOT NULL default '0', >> applicants text, >> firstname varchar(60) default '', >> lastname varchar(60) default '', >> organization varchar(255) default '', >> address1 varchar(255) default '', >> address2 varchar(255) default '', >> city varchar(120) default '', >> province varchar(60) default '', >> postal varchar(20) default '', >> phone varchar(60) default '', >> email varchar(120) default '', >> total text, >> PRIMARY KEY (id) >> ) TYPE=MyISAM; >> >> >> >> ------------------------------------------------------- >> All the advantages of Linux Managed Hosting--Without the Cost and >> Risk! >> Fully trained technicians. The highest number of Red Hat >> certifications in >> the hosting industry. Fanatical Support. Click to learn more >> http://sel.as-us.falkag.net/sel? >> cmd=lnk&kid=107521&bid=248729&dat=121642 >> _______________________________________________ >> Phpwebsite-developers mailing list >> Php...@li... >> https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > -- > Matthew McNaney > Electronic Student Services > Appalachian State University > http://phpwebsite.appstate.edu > > > > ------------------------------------------------------- > All the advantages of Linux Managed Hosting--Without the Cost and Risk! > Fully trained technicians. The highest number of Red Hat > certifications in > the hosting industry. Fanatical Support. Click to learn more > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=107521&bid=248729&dat=121642 > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > |
|
From: Greg M. <drk...@co...> - 2006-05-30 00:17:29
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Verdon Vaillancourt wrote:
> Hi,
>
> I'm encountering a strange thing while trying to write an install.sql
> file for a module I am working on. I'm hoping fresh eyes might help.
>
> Thanks for any advice. Regards,
> verdon
>
>
> If I run the sql statement below, in phpmyadmin, it works fine. If I try
> to boost instead, I get this generic error
>
> DB Error: syntax error
> CREATE TABLE mod_cstconference_applications ( id int NOT NULL default
> '0', regnum int NOT NULL default '0', regstudent tinyint NOT NULL
> default '0', regprov varchar(20) default '', regonline tinyint NOT NULL
> default '0', applicants text, firstname varchar(60) default '', lastname
> varchar(60) default '', organization varchar(255) default '', address1
> varchar(255) default '', address2 varchar(255) default '', city
> varchar(120) default '', province varchar(60) default '', postal
> varchar(20) default '', phone varchar(60) default '', email varchar(120)
> default '', total )
- -------------------^
Look here.
[nativecode=1064 ** You have an error in your SQL
> syntax. Check the manual that corresponds to your MySQL server version
> for the right syntax to use near ')' at line 1]
>
> This is the sql...
>
> CREATE TABLE mod_cstconference_applications (
> id int NOT NULL default '0',
> regnum int NOT NULL default '0',
> regstudent tinyint NOT NULL default '0',
> regprov varchar(20) default '',
> regonline tinyint NOT NULL default '0',
> applicants text,
> firstname varchar(60) default '',
> lastname varchar(60) default '',
> organization varchar(255) default '',
> address1 varchar(255) default '',
> address2 varchar(255) default '',
> city varchar(120) default '',
> province varchar(60) default '',
> postal varchar(20) default '',
> phone varchar(60) default '',
> email varchar(120) default '',
total text
);
- --^
- ----------------^
Try taking all the mysql junk out of the create statement at the very
end of the create statement. The translation from PEARDB to mysql my be
bad. Moreover, if you are planning for a fallout module, then this code
would not be portable to postgresql anyhow as I recall.
HTH,
Greg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFEe48Cxyxe5L6mr7IRAkpmAJ9msbZu96uS8eKSFY89u5GF+88TCgCfY4dA
i+YYSGSlLmelWxEjBEJhBjc=
=725Y
-----END PGP SIGNATURE-----
|
|
From: Verdon V. <ve...@ve...> - 2005-07-05 15:17:03
|
Hi Matt, Thanks for your diligence on this. I'm in meetings all morning and haven't had a chance to test yet, though I hope to this afternoon. Is this patch (and leak) specific to current version of phpws, or for those of us with older installations running also, do we need to try and back-port this? Thanks, verdon On 5-Jul-05, at 11:04 AM, Matthew McNaney wrote: > Hello all, > > I have added a extra hack detection to the patch. You can grab it here: > > http://phpwebsite.appstate.edu/downloads/security/ > phpwebsite_security_patch_20050705.2.tgz > > I haven't received any feedback yet. I will release and announce as is > at 1:00pm. > > Thanks, > Matt > > -- > Matthew McNaney > Electronic Student Services > Appalachian State University > http://phpwebsite.appstate.edu > > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > > |
|
From: Matthew M. <ma...@tu...> - 2005-07-05 15:45:45
|
A few changes are in the security.php file so look at that for clues as to what needs back porting. There are also some changes in the Search and Users modules as well as a small fix in Database.php to prevent the output of error messages. As always, backup your work. Matt On Tue, 2005-07-05 at 11:17 -0400, Verdon Vaillancourt wrote: > Hi Matt, > > Thanks for your diligence on this. I'm in meetings all morning and > haven't had a chance to test yet, though I hope to this afternoon. Is > this patch (and leak) specific to current version of phpws, or for > those of us with older installations running also, do we need to try > and back-port this? > > Thanks, > verdon > > > On 5-Jul-05, at 11:04 AM, Matthew McNaney wrote: > > > Hello all, > > > > I have added a extra hack detection to the patch. You can grab it here: > > > > http://phpwebsite.appstate.edu/downloads/security/ > > phpwebsite_security_patch_20050705.2.tgz > > > > I haven't received any feedback yet. I will release and announce as is > > at 1:00pm. > > > > Thanks, > > Matt > > > > -- > > Matthew McNaney > > Electronic Student Services > > Appalachian State University > > http://phpwebsite.appstate.edu > > > > > > > > ------------------------------------------------------- > > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > > from IBM. Find simple to follow Roadmaps, straightforward articles, > > informative Webcasts and more! Get everything you need to get up to > > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > > _______________________________________________ > > Phpwebsite-developers mailing list > > Php...@li... > > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > > > > > > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers -- Matthew McNaney Electronic Student Services Appalachian State University http://phpwebsite.appstate.edu |
|
From: George B. <gbr...@lu...> - 2005-07-05 15:48:28
|
Hi, Matt, I installed the latest patch (the one below) on a basic site (0.10.0) and tried a search. I also opened User Administration and visited its various functions. No problems found. George ______________________ George Brackett, Principal George Brackett Associates On Jul 5, 2005, at 11:04 AM, Matthew McNaney wrote: > Hello all, > > I have added a extra hack detection to the patch. You can grab it > here: > > http://phpwebsite.appstate.edu/downloads/security/ > phpwebsite_security_patch_20050705.2.tgz > > I haven't received any feedback yet. I will release and announce as is > at 1:00pm. > > Thanks, > Matt > > -- > Matthew McNaney > Electronic Student Services > Appalachian State University > http://phpwebsite.appstate.edu > > > > ------------------------------------------------------- > SF.Net email is sponsored by: Discover Easy Linux Migration Strategies > from IBM. Find simple to follow Roadmaps, straightforward articles, > informative Webcasts and more! Get everything you need to get up to > speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click > _______________________________________________ > Phpwebsite-developers mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwebsite-developers > > |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X