You are not logged in. Please login or register.
PunBB Forums → Posts by Parpalak
A new security bug was reported for the latest 1.2 revision: a user could subscribe to the forums he didn't have a permission to read (if one knew the forum ID).
This bug is fixed and PunBB 1.2.21 is released. It is recommended that you update your PunBB 1.2.* installation.
Thanks to Smartys for report.
Visit Downloads page for the PunBB 1.2.21 packages and patches. Or get the latest revision from SVN.
is there any reason to still have it installed?
No, you can delete pun_repository and update extensions by yourself.
Though we'll try to do something with it later.
I've made some tests. safe_mode really causes this issue. Seems like it can't be fixed at all 
Try this:
RewriteBase /forum/The file should have UTF-8 encoding. Try to set this encoding in your text editor before saving.
I decided to leave the numbers as they were because I suppose the PunBB developers had a reason for it.
You can use any numbers or letters you prefer.
The reason for the @'s is to suppress the errors that would be generated by conflicting sessions.
Is there errors in original pun_antispam extension? Please, post here error messages and describe when they appear.
Added to 1.3.1 bugs.
Will it be made available via the extensions system or will I have to keep an eye out here for it?
It's in SVN, you can download it via trac browser ("Zip Archive" link at the bottom of the page). But this style is in the development stage yet.
when the new themes will be ready?
Soon 
Message size may increase because "preparse_bbcode" function can add extra bb-codes to the message body (1806 line).
We'll try to reproduce this bug. What database version do you use?
Thanks for the update.
I could update my forum without any problems
You are welcome
I don't know, let's ask them.
Please, describe your impression of pun_repository. Does it work fine? Have you any trobles with it?
demo doesn't work.
Your PunBB database is out-of-date and must be upgraded in order to continue. Please run db_update.php in order to complete the upgrade process.
It was a demo of how easy PunBB is updated
Fixed.
1. You have to install pun_bbcode extension (via pun_repository or from the extensions page)
2. The files mentioned above are
.../include/parser.php
.../extensions/pun_bbcode/bar.phpwhere '...' is the directory you have installed PunBB.
Edit: Maybe I'll make so extension on weekend if someone don't make it before
See this topic: http://punbb.informer.com/forums/topic/ … extension/
can u make me know how to intall your extension in more detail
It's not an extension. Please, read the post more attentively.
It's very easy add customs bbcodes to you PunBB forum througth "pun_bbcode" official extension
You must edit only 2 files.
- /extensions/pun_bbcode/bar.php
- /includes/parser.php
Just follow the instructions. Any other questions?
Though one could make a nice extension based on the code above. If there is a lack of hooks in pun_bbcode, we can easily add required hooks.
Make sure the permission for the cache directory is 777 and it contains no *.php files after uploading a fresh version.
Creating (cache), uploading (avatar) and downloading (getting the tgz) files works. What is the technical diference for extracting the tgz files?
There is a difference between these cases. Owner of the cache directory is your user (because you have manually uploaded it), and owner of any directory created by PHP-script is the web-server.
Here are safe mode restrictions: http://php.net/manual/en/features.safe- … ctions.php
fopen(): Checks whether the directory in which the script is operating has the same UID (owner) as the script that is being executed.
Consequently, PHP-script can create a file in cache directory, but (for example) it can't create a file in extensions/pun_bbcode subdirectory (since pun_bbcode has different owner).
I think that safe mode of PHP may cause this bug. I've just made some tests on PHP5-hosting with safe mode turned on and obtained similar errors. Before these tests I didn't really believe it could be safe mode because pun_repository worked perfect on other PHP4-hosting with safe mode turned on.
I'll make some additional experiments on Monday. But if safe mode realy causes this trouble we will not be able to do something with it.
What exactly is this safe_mode?
See http://ru2.php.net/features.safe-mode for details.
Any news on it?
I've sent a private message to you. Please, verify it ("New messages" link at the top of every forum's page).
do we really have to give this permission (777)?
It depends on hosting settings. PHP should simply have writing access to these directories. If PHP runs in safe mode, one should usually give 777 permission. Otherwise, 755 is enough. Anyway, you should worry if something doesn't work (you can't upload avatars or obtain an error message like "cache is not writable").
overwrite all the old file and go to index.php, but first backup old file and DB.
I don't remember exactly, but it had to do with updating the database. I did that, still no luck. It kept requesting the same thing.
There is a thing you should remember while upgrading. After owerwritting files verify that .../cache, .../img/avatars and .../extensions (for pun_repository) directories have enough write permissions (usually 777).
Your sample can be managed this way.
There is a "Moderate forum" link on the view forum page. You should follow this link. Then you should select topics you want to merge and press the "Merge" button.
You can use 1.3 demo to test this procedure.
Usually redirect can be set via admin tools. But you can set a redirect editing .htaccess. For example, if you don't like www, you can write there the following lines:
RewriteCond %{HTTP_HOST} ^www\.site\.com$ [NC]
RewriteRule ^(.*)$ http://site.com/$1 [R=301,L]PunBB Forums → Posts by Parpalak
Powered by PunBB, supported by Informer Technologies, Inc.