MiniCMS for CPG1.5? - Page 2 MiniCMS for CPG1.5? - Page 2
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

MiniCMS for CPG1.5?

Started by lamama, July 31, 2009, 01:01:20 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

halnat

Quote from: Joachim Müller on October 11, 2009, 08:23:52 PM
28 files in the minimcms folder that contain the strings $_GET, $_POST or $_SERVER. Just a lot of work to "inspektify"... ;)

Read http://documentation.coppermine-gallery.net/en/dev_superglobals.htm for details in case you're ready to do the job.

I have a version up and running that installs and can display existing content. It needs more work to be able to create new content... anybody else working on this?

Αndré

Quote from: halnat on December 26, 2009, 02:15:32 PM
I have a version up and running that installs and can display existing content. It needs more work to be able to create new content... anybody else working on this?
Please attach that version. Thank you.

halnat

Here comes....

This is an early mock-up port to 1.5.2. There are a number of things that do not work. In fact, there are only two things that I have been able to do with it: I was able to install it as a plug in, and it did display the content that I created in cpg 1.4.x. Creating content is not really possible, as all space characters get filtered away. Everythingbecomesonelargeword.

It may not be as cooperative with anyone else - and please understand that I do not provide support for this version of the port. However, anyone who like to play with fire or would like to contribute to the port is welcome to a test drive  ;)

Maybe someone could help load it up to svn - I'm not familiar with that.

The file was too large to be attached. It can be downloaded from http://www.natvik.com/bfdoc/minicms.zip

football-pics.com

No news on a MiniCMS?

A plugin that could show the latest 10 galleries as links (link name = album title) could also help me out

Joachim Müller

Respect board rules if you want answers - I already told you so:
Quote from: Joachim Müller on June 02, 2010, 03:02:56 PMNot a valid support request (board rules).

Ludo

#25
Quote from: halnat on December 26, 2009, 11:23:11 PM
This is an early mock-up port to 1.5.2. There are a number of things that do not work. In fact, there are only two things that I have been able to do with it: I was able to install it as a plug in, and it did display the content that I created in cpg 1.4.x. Creating content is not really possible, as all space characters get filtered away. Everythingbecomesonelargeword.
Finally I took halnat's work over, and it seems I made it out to get MiniCMS work properly on 1.5.6, by simply replacing Inspekt's getAlnum method with getRaw (disapproved, I know, but still the only way I found to make it work). There are still some minor issues, but I'm confident to fix them soon.

football-pics.com

great news... thanks. When will it be available?

Αndré

Instead using getAlNum or getRaw, we should us getMatched allowing alphanumeric characters, number and some other digits like whitespace and punctuation marks, or validate the input after using getRaw.

Joachim Müller

As Αndré suggested you're allowed to use getRaw if you sanitize the data afterwards really thoroughly.

Ludo

Quote from: Αndré on June 12, 2010, 01:30:21 PM
Instead using getAlNum or getRaw, we should us getMatched allowing alphanumeric characters, number and some other digits like whitespace and punctuation marks, or validate the input after using getRaw.
Speaking about FCKEditor output, isn't it already sanitized enough by the editor itself?

Ludo

Quote from: football-pics.com on June 12, 2010, 12:12:59 PM
great news... thanks. When will it be available?
You'd better subscribe this topic  ;D

Joachim Müller

Quote from: Ludo on June 14, 2010, 03:41:48 PM
Speaking about FCKEditor output, isn't it already sanitized enough by the editor itself?
I have no idea, sorry.

schnurzeltier

Quote from: football-pics.com on June 12, 2010, 12:12:59 PM
great news... thanks. When will it be available?

Hi there, some new's about this?
Greetings
Bernd

Joachim Müller

No. There's absolutely no sense in replying to this thread asking for updates. As far as I can see nobody is working on this. If you want it badly, start working on it. Do as suggested per board rules in the future and post a link to your gallery.

Ludo

#34
Quote from: Joachim Müller on June 21, 2010, 03:51:41 PMAs far as I can see nobody is working on this.

Quote from: Ludo on June 12, 2010, 10:57:27 AM
Finally I took halnat's work over, and it seems I made it out to get MiniCMS work properly on 1.5.6, by simply replacing Inspekt's getAlnum method with getRaw (disapproved, I know, but still the only way I found to make it work). There are still some minor issues, but I'm confident to fix them soon.

Αndré

Where do we find your work, Ludo?

Ludo


Joachim Müller

If it is so hard to port this plugin because of the many places where you have to sanitize user inout, maybe you should circumvent the issues that using Inspekt imposes on coders in the first place. This will of course ruin the additional level of security and will make the code less well-designed, but for a port that big you might want to use the approach that extrabigmehdi used in his Joomla bridge for cpg1.5.x:
Quote from: extrabigmehdi on March 19, 2009, 02:50:57 PMConcerning the code used in my bridge, I guess I'm not respecting the "spirit" of the  "Inspekt package" . I  got to access directly to stored superglobals with "_source" property  (especially $COOKIE) before calling Joomla .
So basically what Mehdi does is re-globalize all input that Inspekt de-globalized in the first place. Not a nice thing to do and definitely not something that should be performed lightheartedly, but given the issues that exist for this particular plugin maybe the interessted porters should take a look at that approach.

Αndré

I'll port MiniCMS now, as Ludo hasn't published his port.

Αndré

#39
Added halnat's version to the svn repository and applied several fixes.

As far I can judge it's currently possible to add, delete and move entries.