Administrators Nabeel Posted September 30, 2013 Administrators Report Posted September 30, 2013 Hi all, I've updated the download to 2.1.936 - basically to null the file where I believe the exploit is coming from. I looked through the other files, and I think they look OK. Please update as soon as possible - really the only updated file was core/lib/php-ofc-library/ofc_upload_image.php. Instead of deleting it, I patched it, so then it will get patched on an upload. Sorry for all the trouble guys! Please be sure to look through your server and account very carefully - if you see something suspicious, delete it, or rename it to add a .txt extension so it can't be found, until you can verify if the file is safe or not. Thanks! 5 Quote
ARV187 Posted October 1, 2013 Report Posted October 1, 2013 Hi Nabeel, I'm a little confused, the latest changelog.htm file says Version 2.1.938: Build 938 (Version 2.1.938) Patched the php-ofc-library to remove an exploit Build 937 (Version 2.1.937) Navigation data included for routes, more accurate maps for schedules, ACARS and PIREPS Financial backend overhauled, all data is in real-time, and more accurate Expenses are saved, so your expenses will stick and stay different, month-to-month Aircraft can now be tied to a minimum rank to fly them All charts/graphs replaced with new OFC (Open Flash Charts) Google Maps replaced with v3 API (no more key needed! Added reCaptcha support into the registration. New format for skinning - whole page layout Ability to change a pilot's ID Send mass-email to specific groups Maintenance cron-script, for faster/more efficient background processing Added 'profile badge' page with links to your signature in various formats And numerous bug fixes Templates Changed: core_htmlhead.tpl - Javascript all cleaned up, path to Google Maps API changed for v3 acarsmap.tpl - Completely changed with map customizations (I would just start from scratch) route_map.tpl - Rewritten to accomodate v3 API (I would just start from scratch) profile_myroutesmap.tpl - Removed, replaced with flown_routes_map.tpl, used for RouteMap pirep_new.tpl - Added field for route, and aircraft restriction for rank schedule_results.tpl - Aircraft restriction for rank registration_mainform.tpl - Replaced old captcha with reCaptcha registration_customfields.tpl - Bug fixed with textarea field type finance_summarysheet.tpl - Updated for new finances finance_header.tpl - Updated for new finances finances_balancesheet.tpl - Updates for new finances contact_form.tpl - Implemented reCaptcha In my admin page i can see this: "'S'mofo butter layin' me to da' BONE! Jackin' me up... tight me!" Copyright © 2007 - 2013 phpVMS, nsslive.net License & About | Version 2.1.936 What is the last version? Quote
ARV187 Posted October 1, 2013 Report Posted October 1, 2013 Yes, i know, but in the file "changelog.htm" I can see differents versions... Quote
ARV187 Posted October 12, 2013 Report Posted October 12, 2013 So, what is a 2.1.938 version? is a future version? Quote
Administrators simpilot Posted October 13, 2013 Administrators Report Posted October 13, 2013 I would say it is an error in the changelog, it is automated I and must have gotten off a little. 936 is the latest release version. 1 Quote
ARV187 Posted October 13, 2013 Report Posted October 13, 2013 thanks for the clarification simpilot. Quote
lol767 Posted January 14, 2014 Report Posted January 14, 2014 how do i install it? Do i leave the install folder and do the process? Quote
KAC155 Posted February 7, 2014 Report Posted February 7, 2014 Hi, I got from github and the filename is nshahzad-phpVMS-v2.1.935-7-g89e65bb.zip so I assume it is version 2.1.935 ? Is there a newer version with the security patch? Can you please provide a direct link to where to download the latest patched version? Thanks. Quote
Topgun Posted February 14, 2014 Report Posted February 14, 2014 I have the same experience with the chart error. I updated the "core/lib/php-ofc-library/ofc_upload_image.ph But that didn't help.. i still see the error: ------------------------------------------ Open Flash Chart JSON Parse Error [syntax Error] Error at character 0, line 1: 0: <br /> ------------------------------------------ I would like to try download the file "nshahzad-phpVMS-v2.1.935-7-g89e65bb.zip" does anyone have the link to that? 1 Quote
AUZ Posted June 4, 2014 Report Posted June 4, 2014 Can anyone confirm what the latest stable version of phpvms is please ? Then, what is the latest beta version of phpvms please ? I have 935, 936 and 938 all showing in different admin panels on my localhost and live servers in several different installs and none of the OFC charts are working with a returned JSON error like stated above ... I would most appreciated if someone could tell me what version can give me the activity feed and the OFC Charts patched and working .... Thanks in advance, Adam Quote
Administrators simpilot Posted June 6, 2014 Administrators Report Posted June 6, 2014 The latest official "Release" is 935 which can be found here -> https://github.com/n...phpVMS/releases The version got bumped to 936 when the OFC patch was added (https://github.com/n...2cfa00467c64129) but it has not been set as a "Release" package. It is the active version that can be downloaded here -> https://github.com/nshahzad/phpVMS <- which also includes some other changes that may or may not be fully tested. Someone else came up with a version 938 as well but I do not know where this came from but I think it was a mistake in the change log that is updated automatically. It is discussed earlier in this thread. There is also the development version available here -> https://github.com/n...phpVMS/tree/dev There is also some forked versions that you can follow here -> https://github.com/nshahzad/phpVMS/network 1 Quote
AUZ Posted June 6, 2014 Report Posted June 6, 2014 Hello, Thanks Simpilot, My Development on local host has the folliwing; License & About | Version v2.1.934-202-g9a77c3d As this version looks to be the latest with the activity feed working. It did mention somewhere that it was v938 but I can't reference it anywhere at the moment and the more I go looking the more I get confused .... lol Its a shame with such a community of this size that we couldn't all work together for a few weeks and release an updated stable version. Thanks again and I shall ponder around testing all versions and try and make sense of it .. Cheers Quote
Administrators simpilot Posted June 8, 2014 Administrators Report Posted June 8, 2014 Its a shame with such a community of this size that we couldn't all work together for a few weeks and release an updated stable version. The core members of the project number less than three at this point I would say.... You can submit any updates that you author in the form of a pull request on the github account. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.