PEAK XOOPS - News in englishin japanese

Archive | RSS |
  
Site News : blowfish.php
Poster : GIJOE on 2005-08-05 05:48:24 (15989 reads)

I've just ported blowfish.c into blowfish.php.

A lot of thanks to Bruce Schneier and Paul Kocher.

Although I know mcrypt module supports variety encryption-decryption, there are many php environment without mcrypt.

Thus, I think that this is a MUST class for CMS.

This is an advance hint...

Read more... | 16254 bytes more |2 comments

Site News : Free Layout of center parts (Blocks&Body)
Poster : GIJOE on 2005-08-01 06:50:41 (35965 reads)

in englishin japanese
In XOOPS >= 2.0.10JP and 2.2.x , `weight` is assigned in header.php.

(`weight` is not assigned in older XOOPS 2.0.x even with 2.0.13)

This means that you can fully controll the orders of center parts by changing their weights.

Now, I've made a theme has such a feature.

You can download from here.
http://www.peak.ne.jp/xoops/md/mydownloads/singlefile.php?cid=3&lid=57

This theme is based on matchan's "KIHON1" which was made for our book "Customizing XOOPS".

I'm appreciated if this feature is included in many themes

Read more... | 2911 bytes more |0 comments

Site News : New Auto-Login Hack (V3) is applied
Poster : GIJOE on 2005-07-31 16:03:06 (9908 reads)

AUTO-LOGIN V3 is a little safer than V2.
V3 stores user's password as md5 encoded with time limitation.
If cookie is stolen by someone, he can't login after auto-login expiration.
This means that short expiration makes your site a little bit safer.

This hack is applied now.
$_COOKIE['autologin_pass'] of V3 is incompatible with V2.

Thus, you as a user enabling auto-login have to log-in manually once.

0 comments

Site News : I'm down by the mumps...
Poster : GIJOE on 2005-07-15 18:24:20 (11337 reads)

I've gotten the mumps yesterday.
High temperature and pain of cheek make me mad.

I'm sorry that I can't support at all while a week or two weeks.

10 comments

Site News : Security Alert: class/criteria.php
Poster : GIJOE on 2005-06-29 10:32:31 (11230 reads)

in englishin japanese
This is a serious report about almost version of XOOPS.
A missing of single quotation makes a big hole.
(I shall never write the details like POC)

I think it's EMERGENCY for users using XOOPS < 2.0.10-1JP or 2.0.12.

You can fix it easily with any version of XOOPS.
- Open class/criteria.php
- go to line 342
- find the function named render()
- remove like this


	/**
	 * Make a sql condition string
	 * 
	 * @return  string
	 **/
	function render() {
		if ( is_numeric($this->value) || in_array(strtoupper($this->operator), array('IN', 'NOT IN'))) {
			$value = $this->value;
		} else {
			if ( '' === ($value = trim($this->value)) ) {
				return '';
			}
			if ( (substr($value, 0, 1) != '`') && (substr($value, -1) != '`') ) {
				$value = "'$value'";
			}
		}
		$clause = (!empty($this->prefix) ? "{$this->prefix}." : "") . $this->column;
		if ( !empty($this->function) ) {
			$clause = sprintf($this->function, $clause);
		}
		$clause .= " {$this->operator} $value";
		return $clause;
	}

0 comments

« 1 2 3 4 (5) 6 7 8 ... 13 »
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!