small bug in searchnew.php small bug in searchnew.php
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

small bug in searchnew.php

Started by Andi, March 03, 2006, 09:40:38 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Andi

March 03, 2006, 09:40:38 AM Last Edit: May 13, 2006, 10:36:26 AM by GauGau
Hi Team :)

  Coppermine version: 1.4.5
  $Source: /cvsroot/coppermine/stable/searchnew.php,v $
  $Revision: 1.19 $
  $Author: gaugau $
  $Date: 2006/03/02 08:17:40 $

at line 242 is the following code:
Quotecpg_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__);

$lang_db_input_php is in this function getfoldercontent() not available. This causes a emty error-message, like this:

QuoteFehler


Datei: /usr/export/www/vhosts/funnetwork/hosting/schnikemike/schninuke/modules/Gallery/searchnew.php - Zeile: 242



solution:

add this at the top of the file:
Code Select
define('DB_INPUT_PHP', true);


and add Global $lang_db_input_php in the function-header
hope, I could help you... :)

Joachim Müller

#1
May 13, 2006, 10:36:05 AM
applied fix as suggested to stable and devel branch of svn. Thanks for spotting.
Print
Go Up Pages1
User actions