Foren / Cotonti / Bugs / Webiste bugs after update

12NächsteLetzte

Kilandor
#1 8. Januar 2009, 15:58
Post any bugs or problems you find here since the update.
Trustmaster
#2 8. Januar 2009, 16:00
Currently the biggest problem we have found is Subforums malfunction caused by sed_forum_subforums thing.
May the Source be with you!
esclkm
#3 8. Januar 2009, 16:45
Warning: include_once(./plugins/recentpolls/recentpolls.php) [function.include-once]: failed to open stream: No such file or directory in /home/.tom/cotonti/cotonti.com/system/core/index/index.inc.php on line 44

Warning: include_once() [function.include]: Failed opening './plugins/recentpolls/recentpolls.php' for inclusion (include_path='.:/usr/local/php5/lib/php:/usr/local/lib/php') in /home/.tom/cotonti/cotonti.com/system/core/index/index.inc.php on line 44
on index
littledev.ru - мой маленький зарождающийся блог о котонти.
снижение стоимости программирования и снижение стоимости производства разные вещи. Первое можно скорее сравнить с раздачей работникам дешевых инструментов, чем со снижением зарплаты
Kilandor
#4 8. Januar 2009, 16:53
Yep, thats fixed now, I removed files without unisntalling :)
oc
#5 10. Januar 2009, 06:00
It is actually going on for a while, system logs you off some reason spontaneously
Brock
#6 10. Januar 2009, 07:15
Yeah, as OC said, I've been getting the same problem.
Web Design Database - www.wddb.com
Kilandor
#7 10. Januar 2009, 13:01
Its linked to a change in the auth system, and the quick login as far as i can tell. I thought I fixed it. But it looks like something else needs to be done.

It seems to work fine if you login through users.php?m=auth
Trustmaster
#8 10. Januar 2009, 17:18
It happens when:
[list=1]
  • You are logged in with "remember me" flag
  • You send a request (e.g. click a link) and then without waiting for page to load you send another request (e.g. click a link again)

  • It is request and cookie forgery protection: a secret key changes on every request and the cookie is changed every request too. If you send a request but your cookie hasn't updated yet, the site considers that as request forgery and breaks the session.

    It is quite a high wall for CSRF and XSS attackers, but as I see it causes problems for many users so, seems like unfortunately we will have to lower our defence in favor of user comfort.
    May the Source be with you!
    Kilandor
    #9 10. Januar 2009, 17:37
    I think you just need to make it only once per session, like i login, I get a security key. If my session expires/logout, I get a new key, and or have it also based on last loggedtime, so say after X time it creates a new key, instead of on every single request.
    oc
    #10 10. Januar 2009, 18:09
    We can do it like "onclick="$(this).disabled" with jquery. If it is a protection..

    And by the way, you didn't active Tags plugin yet.

    Dieser Beitrag wurde von oc (am 10. Januar 2009, 18:36, vor 16 Jahre) bearbeitet
    Trustmaster
    #11 10. Januar 2009, 20:53
    Yes, it should refresh security key if at least a minute has passed since last refresh.

    Updated to r272, now logoff problems should be gone.
    May the Source be with you!

    Dieser Beitrag wurde von Trustmaster (am 11. Januar 2009, 01:23, vor 16 Jahre) bearbeitet
    sbardy
    #12 12. Januar 2009, 02:23
    sbardy
    | Users | Profile | My files | No private messages
    Warning, failed to load your prefered theme for the prefered skin, please check your profile and update values.

    * Home
    * Forums
    * IRC Chat
    * Org
    * Wiki
    * Search
    * Trac
    Trustmaster
    #13 12. Januar 2009, 04:37
    Yes we need to include a query to set a default theme if it is missing.
    May the Source be with you!
    KillerSneak
    #14 17. Januar 2009, 22:21
    Hi guys, how and where can i get the latest release. I installed the SVN stuff and all but when i click the folder to update it doesn't do anything ??

    I want to run the current build but can't obtain it? Please help me out so i can also start to convert my templates and website so it's ready for use with Contoni - Sed-N
    Trustmaster
    #15 17. Januar 2009, 22:31
    The easiest way is to use Trac => Source => trunk and click the Zip Archive button at the bottom ;-)
    May the Source be with you!

    12NächsteLetzte