uploading html files to cpg 1.3.2 uploading html files to cpg 1.3.2
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

uploading html files to cpg 1.3.2

Started by cluckeyo, January 18, 2005, 02:36:51 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

cluckeyo

I notice i have the option of uploading html files in my gallery.  But when i attempt to upload the file i get an error (unknown mime type)  Can anyone please help with this.  Here is the source code, ty...cluckeyo :)

USER:
------------------
Array
(
    [ID] => 2d3c453bd90c03dcb0679ca48e02624d
    [am] => 1
)

==========================
USER DATA:
------------------
Array
(
    [user_id] => 1
    [user_group] => 1
    [user_active] => YES
    [user_name] => carol
    [user_password] => ********
    [user_lastvisit] => 2005-01-18 07:09:03
    [user_regdate] => 2004-11-05 22:07:11
    [user_group_list] => 2
    [user_email] => caroloconnor@sbcglobal.net
    [user_website] => http://members.ebay.com/ws/eBayISAPI.dll?ViewUserPage&userid=cluckeyo
    [user_location] => Sharp,  Texas
    [user_interests] => Web Design, eBay Stores, My Dog, Gardening, Canning
    [user_occupation] => cluckeyo eBay Store (owner and operator)
    [user_actkey] =>
    [user_favpics] =>
    [disk_max] => 1024
    [disk_min] => 0
    [can_rate_pictures] => 1
    [can_send_ecards] => 1
    [ufc_max] => 3
    [ufc_min] => 3
    [custom_user_upload] => 1
    [num_file_upload] => 5
    [num_URI_upload] => 3
    [can_post_comments] => 1
    [can_upload_pictures] => 1
    [can_create_albums] => 1
    [has_admin_access] => 1
    [pub_upl_need_approval] => 0
    [priv_upl_need_approval] => 1
    [group_name] => Administrators
    [upload_form_config] => 3
    [group_quota] => 0
    [can_see_all_albums] => 1
    [group_id] => 1
    [groups] => Array
        (
           
  • => 2
                [1] => 1
            )

    )

    ==========================
    Queries:
    ------------------
    Array
    (
       
  • => SELECT extension, mime, content FROM cpg_filetypes;
        [1] => SELECT * FROM cpg_users WHERE user_id='1'AND user_active = 'YES' AND user_password != '' AND BINARY MD5(user_password) = '66ac484afaa8ae39d591c8b46036e29f'
        [2] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg_usergroups WHERE group_id in (2,1)
        [3] => SELECT group_name FROM  cpg_usergroups WHERE group_id= 1
        [4] => DELETE FROM cpg_banned WHERE expiry < 1106052093
        [5] => SELECT * FROM cpg_banned WHERE ip_addr='4.253.65.62' OR ip_addr='4.253.65.62' OR user_id=1
        [6] => SELECT extension FROM cpg_filetypes WHERE mime='text/html'
    )

    ==========================
    GET :
    ------------------
    Array
    (
    )

    ==========================
    POST :
    ------------------
    Array
    (
        [URI_array] => Array
            (
               
  • => http://12-steps.org/family/members/carol/carol.html
            )

        [control] => phase_1
    )

    ==========================
    VERSION INFO :
    ------------------
    PHP version: 4.3.10 - OK
    ------------------
    mySQL version: 4.0.22-standard
    ------------------
    Coppermine version: 1.3.2
    ==========================
    Module: gd
    ------------------
    GD Support enabled
    GD Version bundled (2.0.28 compatible)
    FreeType Support enabled
    FreeType Linkage with freetype
    GIF Read Support enabled
    GIF Create Support enabled
    JPG Support enabled
    PNG Support enabled
    WBMP Support enabled
    XBM Support enabled
    ==========================
    Module: mysql
    ------------------
    Active Persistent Links 2
    Active Links 3
    Client API version 4.0.22
    MYSQL_MODULE_TYPE external
    MYSQL_SOCKET /var/lib/mysql/mysql.sock
    MYSQL_INCLUDE -I/usr/include/mysql
    MYSQL_LIBS -L/usr/lib -lmysqlclient 
    ==========================
    Module: zlib
    ------------------
    ZLib Support enabled
    Compiled Version 1.1.4
    Linked Version 1.1.4
    ==========================
    Server restrictions (safe mode)?
    ------------------
    Directive | Local Value | Master Value
    safe_mode | Off | Off
    safe_mode_exec_dir | no value | no value
    safe_mode_gid | Off | Off
    safe_mode_include_dir | no value | no value
    safe_mode_exec_dir | no value | no value
    sql.safe_mode | Off | Off
    disable_functions | no value | no value
    file_uploads | On | On
    include_path | .:/usr/lib/php:/usr/local/lib/php | .:/usr/lib/php:/usr/local/lib/php
    open_basedir | /home/carolo/:/usr/lib/php:/usr/local/lib/php:/tmp | no value
    ==========================
    email
    ------------------
    Directive | Local Value | Master Value
    sendmail_from | no value | no value
    sendmail_path | /usr/sbin/sendmail -t -i | /usr/sbin/sendmail -t -i
    SMTP | localhost | localhost
    smtp_port | 25 | 25
    ==========================
    Size and Time
    ------------------
    Directive | Local Value | Master Value
    max_execution_time | 30 | 30
    max_input_time | -1 | -1
    upload_max_filesize | 2M | 2M
    post_max_size | 55M | 55M
    ==========================
    Page generated in 0.067 seconds - 7 queries in 0.002 seconds - Album set :

Casper

Coppermine as it comes does not allow html uploads.  You should not be able to upload html, and if you changed the database to allow it, you are taking a huge risk.

You should never allow the upload of any type of file that can be executed in a browser into the gallery, this includes .js and .php files
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here