xoops-trackers Mailing List for XOOPS Web Application System

Bugs item #3416069, was opened at 2011-09-30 18:20
Message generated for change (Tracker Item Submitted) made by cesag
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3416069&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.5.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Cesag (cesag)
Assigned to: Nobody/Anonymous (nobody)
Summary: avatars upload problem

Initial Comment:
http://xoops.org/modules/newbb/viewtopic.php?post_id=341372#forumpost341372

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3416069&group_id=41586

Bugs item #2914167, was opened at 2009-12-14 13:37
Message generated for change (Comment added) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2914167&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.6.x
Status: Open
>Resolution: Postponed
Priority: 5
Private: No
Submitted By: Gerard Vanderveken (ghia)
Assigned to: Nobody/Anonymous (nobody)
Summary: DHTML editor removes new lines from code and quotes.

Initial Comment:
When using the standard dhtml editor for inserting quotes or code fragments, the line feeds are removed.
The popup box to receive the fragment should not be a one line textfield but a text area, so the new lines are preserved.
Eg assume following code fragment:
    function isGuest()
    {
        return false;
    }
When pasting this in eg a forum post and typing manualy the [code] and [/code] tags before and after, gives the right result.
If you click on the code icon (http://www.xoops.org/images/code.gif) and paste the fragment in the popup field, you get this in your code window in the post:
function isGuest()     {         return false;     }
This makes larger code fragments unreadable.
http://www.xoops.org/modules/newbb/viewtopic.php?post_id=320317#forumpost320317
The same goes for the quote function.

If you paste the fragment in the post, select it and then click on the code icon, the result is also OK.



----------------------------------------------------------------------

>Comment By: MusS (forxoops)
Date: 2011-09-23 10:13

Message:
Javascript prompt is only on a single line.
Actually dhtml editor use standard javascript functions.
Editor can be changed for next release

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2914167&group_id=41586

Bugs item #3411696, was opened at 2011-09-20 03:07
Message generated for change (Comment added) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.5.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Mr_Bohemian (sabahan)
Assigned to: MusS (forxoops)
Summary: custom avatar is not deleted after user change avatar

Initial Comment:
custom avatar is not deleted after user change avatar..it think should be deleted to save space

----------------------------------------------------------------------

>Comment By: MusS (forxoops)
Date: 2011-09-23 09:38

Message:
Fixed in SVN for core and profile module

----------------------------------------------------------------------

Comment By: Mr_Bohemian (sabahan)
Date: 2011-09-21 22:02

Message:
i made some further test

the problem is here
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c


1.You have uploaded a custom avatar
 
2. when you click none in avatar selection, your custom avatar in
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c
is deleted

3. you change custom avatar by uploading new custom avatar 
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c

your old avatar is not deleted there



----------------------------------------------------------------------

Comment By: MusS (forxoops)
Date: 2011-09-21 19:53

Message:
Works for me with the current svn version

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Bugs item #2929739, was opened at 2010-01-11 11:39
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2929739&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.4.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Gerard Vanderveken (ghia)
Assigned to: Nobody/Anonymous (nobody)
Summary: DHTML and Block editor example is different from real result

Initial Comment:
When in editing a custom block with HTML type a BBcode is used as eg [img]http://www.xoops.org/images/subject/icon3.gif[/img], then this image is showed in the preview area of the DHTML preview button, but in the final block the raw text will be showed. This raw text is also correct showed  with the preview button and the popup window with the block. 
This different behaviour of the two previews confuses the users:
http://www.xoops.org/modules/newbb/viewtopic.php?post_id=322248#forumpost322248

Solution has to make sure that the editor preview shows the same as the final result, depending on the block type. If this is not possible, the function of editor preview should be suppressed by eg adding #bcontent_hidden_data {display: none;} to the CSS file  

----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-22 10:53

Message:
Tested with 2.5.2 from svn and it works ok. Not sure if this was present on
2.5.1

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2010-02-20 10:55

Message:
The preview is also not working correct, for UTF-8 sites, which uses
accents as eg in French. The preview contains many � 
See this:
http://www.frxoops.org/modules/newbb/viewtopic.php?post_id=194326#forumpost194326
It can also be seen there when posting in the forum.
 

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2929739&group_id=41586

Bugs item #3026201, was opened at 2010-07-07 07:22
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3026201&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  install/upgrade
Group: XOOPS 2.4.x
Status: Open
>Resolution: Postponed
Priority: 5
Private: No
Submitted By: Simon Roberts (wishcraft)
>Assigned to: trabis (trabis)
Summary: Upgrader has not been replaced

Initial Comment:
A number of times  during the RC phase the upgrader for the keygen was provided to be replacement for the existing one this is a refactorised version of the same code, this still hasn't been patched on the SVN with the orginal upgrade keygen being removed.

Here it is again. This is to replace the existing keygen and counter has been provided as the code will not need to change its byte matching only the version.txt when new XOOPS_VERSION Strings are introduced.

----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-21 22:48

Message:
We will consider the removal of XOOPS LICENSE KEY on next version. If your
modules require XOOPS LICENSE KEY, you should implement it in your modules.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3026201&group_id=41586

Bugs item #2951165, was opened at 2010-02-13 10:37
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2951165&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Modules - Profile
Group: XOOPS 2.4.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: XoopsGold (xoopsgold)
Assigned to: Mark Boyden (mboyden)
Summary: [BUG] [MODULE_PROFILE] Core Update installer changes fieldid

Initial Comment:
Recently, I converted the installation from 2.2 to 2.4.4. Everything went fine.

Some of my scripts did not function because I has hard coded the fieldid in custom scripts.

Looking into the fieldids in profile_field table, I noticed that all of those old fieldids were gone! The cuurent and new installation uses the newly created fieldids.

Now this was just very hard to gulp.

I do not see any reason why this should be done this way.

A xoops installation should always use the unique name of a table fior the conversation as well as should not destroy the entire structure.

In the conversion, the name of field for the system i.e. "field_name" should have been used instead of anything else.

Now I see that the whole fieldids are changed, I do not know how the hell all the permissions will work, but thats the question of time. I will find out if it did and patch it.

To prevent further such disaster, one should immediately change the installation scripts in the core.

----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-21 22:24

Message:
Is this bug still present? If so, can you provide a patch?

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2951165&group_id=41586

Bugs item #2909799, was opened at 2009-12-07 01:13
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2909799&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.4.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Gerard Vanderveken (ghia)
>Assigned to: trabis (trabis)
Summary: Unbalanced [quote] introduces unbalanced <div> tag

Initial Comment:
When in eg the forum only the opening [quote] BBcode is used without the closing [/quote], an opening <div> tag is generated but not a closing one.
This makes an misalignment in the div tags and will also ruin the layout.
See this
http://www.xoops.org/modules/newbb/viewtopic.php?post_id=320510#forumpost320510
The quote tags should only be processed in pairs.
AFAIK this was not a problem in earlier versions.
This may also be applicable to other BBcodes.
  

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-21 22:06

Message:
Fixed in SVN and waiting for review

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2009-12-19 20:40

Message:
I don't  know how to solve this. If I use replace by matching both start
and end tags then it does not work with nested quotes. This requires a
complex logic to find the matching tags so we could discard the not
matching ones.

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2009-12-19 14:40

Message:
Checked with module.textsanitizer rev 4044
[quote]
[quote]This is a quote[/quote]
translates still to:
Quote:<div class="xoopsQuote"><blockquote>  Quote:<div
class="xoopsQuote"><blockquote>This is a quote</blockquote></div>

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2009-12-13 13:44

Message:
Checking the code review
http://xoops.svn.sourceforge.net/viewvc/xoops/XoopsCore/trunk/htdocs/class/module.textsanitizer.php?view=diff&pathrev=4029&r1=3999&r2=4000
can't convince me that this is resolved as easy as that and it makes me
wonder if it brings some solution, and why it is not applicable to similar
coding above.
I can't image that this modification makes pairing to the [quote] and
[/quote] tag. 
I think a similar solution as for the [code] or [url] tag is needed.

 

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2009-12-12 09:42

Message:
Fixed in SVN and waiting for review

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2909799&group_id=41586

Bugs item #3411696, was opened at 2011-09-20 03:07
Message generated for change (Comment added) made by sabahan
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.5.x
>Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Mr_Bohemian (sabahan)
>Assigned to: MusS (forxoops)
Summary: custom avatar is not deleted after user change avatar

Initial Comment:
custom avatar is not deleted after user change avatar..it think should be deleted to save space

----------------------------------------------------------------------

>Comment By: Mr_Bohemian (sabahan)
Date: 2011-09-21 22:02

Message:
i made some further test

the problem is here
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c


1.You have uploaded a custom avatar
 
2. when you click none in avatar selection, your custom avatar in
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c
is deleted

3. you change custom avatar by uploading new custom avatar 
xxx/modules/system/admin.php?fct=avatars&op=listavt&type=c

your old avatar is not deleted there



----------------------------------------------------------------------

Comment By: MusS (forxoops)
Date: 2011-09-21 19:53

Message:
Works for me with the current svn version

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Bugs item #3201929, was opened at 2011-03-07 15:16
Message generated for change (Settings changed) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3201929&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.6.x
Status: Open
>Resolution: Postponed
Priority: 5
Private: No
Submitted By: Michael Beck (beckmi)
Assigned to: MusS (forxoops)
Summary: Change upper limit for Banner impressions

Initial Comment:
It seems like currently the highest number of banner impressions is 16777215, i.e. the type "mediumint(8)" in the database is too small and should be changed to something higher, like "int"

----------------------------------------------------------------------

Comment By: MusS (forxoops)
Date: 2011-09-11 20:56

Message:
need databse modification, so see that for the next important release (stay
open just for include in 2.6)

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3201929&group_id=41586

Bugs item #3051852, was opened at 2010-08-23 22:13
Message generated for change (Settings changed) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3051852&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.6.x
Status: Open
Resolution: Postponed
Priority: 5
Private: No
Submitted By: madreus (madreus)
Assigned to: trabis (trabis)
Summary: Config options issue - possible during install/update module

Initial Comment:
Example notification options. If the various options (defined in xoops_version.php) have the same title (defined in the language file), in the form of preferences is displayed only one of item.

This is a piece of code

foreach ($categories as $category) {
                $events =& notificationEvents ($category['name'], false, $module->getVar('mid'));
                foreach ($events as $event) {
                    if (!empty($event['invisible'])) {
                        continue;
                    }
                    $option_name = $category['title'] . ' : ' . $event['title'];
                    $option_value = $category['name'] . '-' . $event['name'];
                    $options[$option_name] = $option_value;
                }
            }

The key in $options array is $option_name. Therefore, two (or more) options can be merged into one if the titles of two (or more) different options will be translated exactly the same in the language file. The probability of such a mistake is much higher (many translators) rather than giving the same name by the developer in xoops_version.php

The code is in two files (main.php AND modulesadmin.php) in /modules/system/admin/modulesadmin/

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-18 11:29

Message:
This will be addressed on future version

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3051852&group_id=41586

Bugs item #3411696, was opened at 2011-09-20 03:07
Message generated for change (Comment added) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.5.x
>Status: Pending
Resolution: None
Priority: 5
Private: No
Submitted By: Mr_Bohemian (sabahan)
Assigned to: Nobody/Anonymous (nobody)
Summary: custom avatar is not deleted after user change avatar

Initial Comment:
custom avatar is not deleted after user change avatar..it think should be deleted to save space

----------------------------------------------------------------------

>Comment By: MusS (forxoops)
Date: 2011-09-21 19:53

Message:
Works for me with the current svn version

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Bugs item #2704039, was opened at 2009-03-22 19:50
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2704039&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.3.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Drieben (drieben)
>Assigned to: trabis (trabis)
Summary: backend.php does not work in 2.3.3

Initial Comment:
I upgraded to 2.3.3. Thereafter, the backend.php does not work: it generates errors: invalid characters in "description" field. IE7 doesnot give the entire page. Looking at the XML-source, the problem is a quote-character in the description field (such as in "embryo's" or "Father's").

My site is a non-UTF-8 site. It is defined in global.php as:

define('_CHARSET', 'latin1_swedish_ci');
define('_LANGCODE', 'nl');

I replaced the 2.3.3-backend.php with the 2.3.2b-backend.php: thereafter it works fine !

The other RSS-feeds at my site (News, Extcal, WF-Downloads etc) don't give any problem.

In my view, the difference is the html-specialcharacter-converting function:

in 2.3.2 it is: xoops_utf8_encode
in 2.3.3: convert_encoding

Is that the problem ?

Drieben







----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-21 18:49

Message:
convert_encoding requires server to have iconv() or it wont do any utf8
encoding.
I've added one more check on XoopsLocal so it can use utf8_encode (same
behavior has xoops_utf8_encode)

I hope this fixes your problem.

----------------------------------------------------------------------

Comment By: Marco (marcoxoops)
Date: 2009-03-22 20:30

Message:
yep, i've noticed several issues with UTF with this 2.3.3

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2704039&group_id=41586

Bugs item #2340323, was opened at 2008-11-24 22:09
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2340323&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.3.x
>Status: Closed
>Resolution: Wont Fix
Priority: 5
Private: No
Submitted By: Marco (marcoxoops)
>Assigned to: trabis (trabis)
Summary: 2.3.1 class/module.errorhandler : localization

Initial Comment:
error messages are not localized
class/module.errorhandler.php and class/errorhandler.php



----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-21 18:27

Message:
This classes will be removed/deprecated in next version so this wont be
fixed.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2340323&group_id=41586

Bugs item #3026492, was opened at 2010-07-07 18:32
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3026492&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.4.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: John Neill (catzwolf)
>Assigned to: trabis (trabis)
Summary: Xoops Forms using Single Quotes For Html tags

Initial Comment:
A lot of the Xoops Form elements are using single quotes for Html tags rather than double quotes. This will break if the module developer uses single quotes in words that use single quotes or use single quotes 'Captions' for example.

[quote]
<textarea name='faq_keywords' id='faq_keywords'  title='Related Pages Tags: - To relate different FAQs, enter a tag 'word' within each FAQ you wish to relate to each other.' rows='5' cols='50' >Text here</textarea>
[quote]

Fix: Use Double quotes for Html and addslashes?

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-20 23:42

Message:
Fixed in SVN and waiting for review

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3026492&group_id=41586

Bugs item #3000518, was opened at 2010-05-12 15:39
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.5.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Sven Strickroth (MrTux) (csware)
>Assigned to: trabis (trabis)
Summary: Required fields for registration are not always enforced

Initial Comment:
Required fields for registration are not enforced if javascript is disabled

----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-20 23:11

Message:
This bug was fixed for registration in profile module. Core registration is
fine.

I think we could have extra method in XoopsSecurity to validate Form
posts. We will work on it on future XOOPS versions.

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2011-09-19 22:18

Message:
I beg to differ.
Security leaks are always a bug!

----------------------------------------------------------------------

Comment By: MusS (forxoops)
Date: 2011-09-19 20:35

Message:
It's not a bug actually, but a new feature.
Moved to 2.6 for review

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2010-06-10 18:33

Message:
The client side validation is just an aid and courtesy for the user.
It prevents that he must retype his form after a wrong submission and
makes that the form when sent in will be acceptable. It is also an easy way
to help the user filling in the form, by warning him and then set the focus
on the field of the missing data.

However it is always the task of the server to check and enforce if the
required data fields are entered and the data are in the limits of the
expected as eg a date of 44-13 (dd-mm) or a selected option, which was not
in the dropdown list, may never pass.
Server side validation is one of the basic rules of (PHP) security.

So, I would call this a bug.

Bonus: It will prevent that even the lousiest script kiddies would
register on XOOPS sites.


----------------------------------------------------------------------

Comment By: Mark Boyden (mboyden)
Date: 2010-06-01 15:12

Message:
I guess it depends on what we mean by bug. The issue has been highlighted
before. There is no server-side validation on required fields, thus if you
can disable the javascript validation then a registration or update can
occur without required fields entered.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 15:10

Message:
Are you using profile module or XOOPS native user registration?
Required fields for registration are all checked in native registration.

----------------------------------------------------------------------

Comment By: Sven Strickroth (MrTux) (csware)
Date: 2010-06-01 15:02

Message:
But the server side should also check if required fields were filled in
before accepting the registration. Client-side only checks are useless.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 14:17

Message:
It was not a bug.
Javascript is required for client-side form validation.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Bugs item #2795050, was opened at 2009-05-21 20:22
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2795050&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Modules - Profile
Group: XOOPS 2.3.x
>Status: Pending
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: zaza123 (zaza123)
Assigned to: trabis (trabis)
Summary: user profile Bug

Initial Comment:
I installed 233 and integrated XOOPS is the user profile module (v1.52)
if I create a new field, I agree multiple selection of 2 bugs:
1. the form, making sure to give all the necessary permits, with the choices being made by a director, no keeps.
2nd when the user goes to see his profile on the field does not appear with the choices made in the registration phase
3rd as if by magic if the user goes into the edit profile form appears but without any choice.
Versione XOOPS - XOOPS 2.3.3
Versione PHP - 5.2.9
Versione MySQL - 5.0.68-log
Versione Server API - cgi
Versione OS - Linux

safe_mode - Off
register_globals - On

 Sorry for my bad english ! (I'm Italian student)

thanks in advance to all
zaza123

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-20 21:35

Message:
Fixed in SVN and waiting for review

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-01 19:10

Message:
Ignore my last comment. Bug not fixed.

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-01 18:01

Message:
Fixed in SVN and waiting for review

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2009-11-06 21:38

Message:
Please check if this bug is present on 2.4 final. Thanks.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2795050&group_id=41586

Feature Requests item #3411816, was opened at 2011-09-20 12:06
Message generated for change (Tracker Item Submitted) made by sabahan
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430843&aid=3411816&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: XOOPS 2.5
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Mr_Bohemian (sabahan)
Assigned to: Nobody/Anonymous (nobody)
Summary: Last users comments to show on userinfo.php 

Initial Comment:
Hope this can be add to core n  profile module

http://www.xoops.org/modules/newbb/viewtopic.php?topic_id=63944&forum=28&post_id=288482#forumpost288482

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430843&aid=3411816&group_id=41586

Bugs item #3411696, was opened at 2011-09-20 03:07
Message generated for change (Tracker Item Submitted) made by sabahan
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.5.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Mr_Bohemian (sabahan)
Assigned to: Nobody/Anonymous (nobody)
Summary: custom avatar is not deleted after user change avatar

Initial Comment:
custom avatar is not deleted after user change avatar..it think should be deleted to save space

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3411696&group_id=41586

Bugs item #3000518, was opened at 2010-05-12 17:39
Message generated for change (Comment added) made by ghia
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.6.x
Status: Open
Resolution: Wont Fix
Priority: 5
Private: No
Submitted By: Sven Strickroth (MrTux) (csware)
Assigned to: Nobody/Anonymous (nobody)
Summary: Required fields for registration are not always enforced

Initial Comment:
Required fields for registration are not enforced if javascript is disabled

----------------------------------------------------------------------

>Comment By: Gerard Vanderveken (ghia)
Date: 2011-09-20 00:18

Message:
I beg to differ.
Security leaks are always a bug!

----------------------------------------------------------------------

Comment By: MusS (forxoops)
Date: 2011-09-19 22:35

Message:
It's not a bug actually, but a new feature.
Moved to 2.6 for review

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2010-06-10 20:33

Message:
The client side validation is just an aid and courtesy for the user.
It prevents that he must retype his form after a wrong submission and
makes that the form when sent in will be acceptable. It is also an easy way
to help the user filling in the form, by warning him and then set the focus
on the field of the missing data.

However it is always the task of the server to check and enforce if the
required data fields are entered and the data are in the limits of the
expected as eg a date of 44-13 (dd-mm) or a selected option, which was not
in the dropdown list, may never pass.
Server side validation is one of the basic rules of (PHP) security.

So, I would call this a bug.

Bonus: It will prevent that even the lousiest script kiddies would
register on XOOPS sites.


----------------------------------------------------------------------

Comment By: Mark Boyden (mboyden)
Date: 2010-06-01 17:12

Message:
I guess it depends on what we mean by bug. The issue has been highlighted
before. There is no server-side validation on required fields, thus if you
can disable the javascript validation then a registration or update can
occur without required fields entered.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 17:10

Message:
Are you using profile module or XOOPS native user registration?
Required fields for registration are all checked in native registration.

----------------------------------------------------------------------

Comment By: Sven Strickroth (MrTux) (csware)
Date: 2010-06-01 17:02

Message:
But the server side should also check if required fields were filled in
before accepting the registration. Client-side only checks are useless.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 16:17

Message:
It was not a bug.
Javascript is required for client-side form validation.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Bugs item #1991998, was opened at 2008-06-12 13:25
Message generated for change (Comment added) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=1991998&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
>Status: Closed
>Resolution: Out of Date
Priority: 5
Private: No
Submitted By: Bandit. S. (bandit-x)
Assigned to: MusS (forxoops)
Summary: Frameworks not being able to set addons_limit_module to zero

Initial Comment:
Frameworks/transfer/bar.transfer.php
Current code.
$limit = empty($GLOBALS["addons_limit_module"]) ? 3 : $GLOBALS["addons_limit_module"];

its preventing us from showing 0 (zero) items in transfer list. since zero is empty, we should use isset.



----------------------------------------------------------------------

>Comment By: MusS (forxoops)
Date: 2011-09-19 21:46

Message:
this framework is no longer used

----------------------------------------------------------------------

Comment By: Bandit. S. (bandit-x)
Date: 2008-06-12 13:26

Message:
Logged In: YES 
user_id=1426285
Originator: YES

XOOPS_FRAMEWORKS_VERSION", "1.22

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=1991998&group_id=41586

Bugs item #2938689, was opened at 2010-01-24 16:22
Message generated for change (Comment added) made by trabis
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2938689&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.5.x
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: dave f (ianez)
>Assigned to: trabis (trabis)
Summary: Warnings in admin panel also for renamed folders

Initial Comment:
Renamend xoops_data and xoops_lib (not out from the xoops root), with working .htacces file should not generate, in my opinion, a security warning, 
or at least should generate a simple notice (coloured orange or else) saying that the best solution could be moving the folder outside the root.
This preventing many user getting worried about those warnings..
As you may know a few hosting services allow to have folders out of the html root in basic hosting profiles, and users don't like to buy a domain and then have to put their site in www.mydomain.com/site.

Ian

----------------------------------------------------------------------

>Comment By: trabis (trabis)
Date: 2011-09-19 20:47

Message:
I've addressed this problem by adding "admin_warnings_enable" option in
xoops_data/configs/xoopsconfig.php to allow webmasters to enable/disable
the warning messages.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2938689&group_id=41586

Bugs item #3000518, was opened at 2010-05-12 15:39
Message generated for change (Comment added) made by forxoops
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.6.x
Status: Open
Resolution: Wont Fix
Priority: 5
Private: No
Submitted By: Sven Strickroth (MrTux) (csware)
Assigned to: Nobody/Anonymous (nobody)
Summary: Required fields for registration are not always enforced

Initial Comment:
Required fields for registration are not enforced if javascript is disabled

----------------------------------------------------------------------

>Comment By: MusS (forxoops)
Date: 2011-09-19 20:35

Message:
It's not a bug actually, but a new feature.
Moved to 2.6 for review

----------------------------------------------------------------------

Comment By: Gerard Vanderveken (ghia)
Date: 2010-06-10 18:33

Message:
The client side validation is just an aid and courtesy for the user.
It prevents that he must retype his form after a wrong submission and
makes that the form when sent in will be acceptable. It is also an easy way
to help the user filling in the form, by warning him and then set the focus
on the field of the missing data.

However it is always the task of the server to check and enforce if the
required data fields are entered and the data are in the limits of the
expected as eg a date of 44-13 (dd-mm) or a selected option, which was not
in the dropdown list, may never pass.
Server side validation is one of the basic rules of (PHP) security.

So, I would call this a bug.

Bonus: It will prevent that even the lousiest script kiddies would
register on XOOPS sites.


----------------------------------------------------------------------

Comment By: Mark Boyden (mboyden)
Date: 2010-06-01 15:12

Message:
I guess it depends on what we mean by bug. The issue has been highlighted
before. There is no server-side validation on required fields, thus if you
can disable the javascript validation then a registration or update can
occur without required fields entered.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 15:10

Message:
Are you using profile module or XOOPS native user registration?
Required fields for registration are all checked in native registration.

----------------------------------------------------------------------

Comment By: Sven Strickroth (MrTux) (csware)
Date: 2010-06-01 15:02

Message:
But the server side should also check if required fields were filled in
before accepting the registration. Client-side only checks are useless.

----------------------------------------------------------------------

Comment By: D.J. (phppp)
Date: 2010-06-01 14:17

Message:
It was not a bug.
Javascript is required for client-side form validation.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=3000518&group_id=41586

Bugs item #2817289, was opened at 2009-07-06 03:42
Message generated for change (Settings changed) made by beckmi
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2817289&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
>Group: XOOPS 2.6.x
Status: Open
Resolution: Postponed
Priority: 5
Private: No
Submitted By: leon james (jsliu)
Assigned to: trabis (trabis)
Summary: Change Block Template File Bug

Initial Comment:
When we want to change the template file name of a block in an installed module, we change the xoops_version.php. Change the corresponding block config area. 
E.g.  Change this
$modversion['blocks'][6]['template'] = 'a.html';
to
$modversion['blocks'][6]['template'] = 'b.html';

Then go to the administration panel, module manage section. Update the system module. Go back to the home page, and check the block content. And you will find the block don’t show anything.

Details in http://www.cmsgp.org/article/28.html

----------------------------------------------------------------------

Comment By: trabis (trabis)
Date: 2011-09-15 19:13

Message:
The way core loads templates will be changed on next xoops version. We will
take care of it latter.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2817289&group_id=41586

Feature Requests item #2943719, was opened at 2010-02-01 06:32
Message generated for change (Comment added) made by beckmi
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430843&aid=2943719&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
>Category: None
>Group: None
Status: Open
>Resolution: Postponed
Priority: 5
Private: No
Submitted By: Gerard Vanderveken (ghia)
Assigned to: Nobody/Anonymous (nobody)
Summary: Install is not db independent

Initial Comment:
The install procedure has a selection for the database to use at the install.
For now the choice is limited to only MySQL.

But the install procedure is not using the database factory for calling the generic database functions, but calls the mysql functions directly. Eg page_dbconnection uses mysql_connect in stead of connect.

The selection of the database is set by a config.php. This should be automatic by scanning the directory for the presence of database drivers as eg mysqldatabase.php, mssqldatabase.php, etc.

----------------------------------------------------------------------

>Comment By: Michael Beck (beckmi)
Date: 2011-09-18 17:36

Message:
It will be updated when we add new databases in future version of XOOPS

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430843&aid=2943719&group_id=41586

Bugs item #2947416, was opened at 2010-02-07 10:19
Message generated for change (Comment added) made by beckmi
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2947416&group_id=41586

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Core -  Core
Group: XOOPS 2.4.x
>Status: Closed
>Resolution: Rejected
Priority: 5
Private: No
Submitted By: Gerard Vanderveken (ghia)
Assigned to: Nobody/Anonymous (nobody)
Summary: url tag can't translate

Initial Comment:
BBcode url tag doesn't cope with:
[url=http://dev.xoops.org/modules/xfmod/project/showfiles.php?group_id=1085&release_id=275]http://dev.xoops.org/modules/xfmod/pr ... d=1085&release_id=275[/url]
See this for the result:
http://www.xoops.org/modules/newbb/viewtopic.php?post_id=324035#forumpost324035

----------------------------------------------------------------------

>Comment By: Michael Beck (beckmi)
Date: 2011-09-18 13:02

Message:
You cannot set as a title of an URL link another URL link, as XOOPS will
take it as the valid link and override the real link. If the Title URL link
is defective, as you have it here (it contains spaces, which are not
allowed in BBCode), it will create unpredictable results. 

The guideline is:
- if you don't need a special name/title for your link, just paste the
link alone
- if you want to have a title for your link, do NOT use another URL as the
title, but only plain text.

----------------------------------------------------------------------

Comment By: Kris_fr (kris_fr)
Date: 2010-10-23 16:38

Message:
Work for me with xoops 2.5.0

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=430840&aid=2947416&group_id=41586