|
Can't upload pics after patching exploit (functions_gallery_imageedit) I have a client running vBGallery 2.0 -- patched the file as described and now whenever I try to upload a pic I get: "No Image specified. If you followed a valid link, please notify the administrator" When I choose to upload it from a directory on the server it then puts an entry in the database - but - no image comes up when clicked -- doesn't even bother to copy it over to the proper dir so there's the reason. gallery/files is chmodded -R 777 -- this all worked fine before patching that file, not sure what the issue is - I'm stumped! Have 2 errors in the error log: Quote:
Help! thanks :) |
Ditto... I'm having the same issue on my install - when a user tries to upload they get the same message |
am also having the same problem |
Try this out: /forums/includes/functions_gallery_imageedit.php Find: Code: Content visible to verified customers only.Code: Content visible to verified customers only.Code: Content visible to verified customers only.Code: Content visible to verified customers only. |
I was doing testing w/ non alphanumeric characters and the 1st revision of the code wiped every thing out of the file name. ".jpg" and saved. :o - Now I added a failsafe, if file is totally striped of the name generate one with md5(). - also updated more filenames to ban. Let me know. |
1 Attachment(s) Nope - that didn't help.. Thanks for the suggestion though. Still get the "No image specified error: |
Shoot me some ftp / adminCP access via PM. - i'll take a look |
well, my problem is actually different, sorry! |
Same problem happening here even after the above fix.... |
Quote:
- your gallery/files folder has no ownership. - owner: (?) they end to be owned by your login username. I could not chmod 777 with my ftp client: Error-> no permission.. You will need to do this in CPanel or SSH. ----------------------------- There was another member that did a command line gzip site backup/restore and sent it to the new server.. the problem is.. he was logged in as root.. so all permissions got set to "root" Once the ownership of the files/folders were change to the current user logged in then chmod all other operations were ok. |
I checked my directory permissions and they are correct - still having issue... |
Quote:
Thanks Zachariah. |
am also having the same problem |
Error in order of operations. /forums/includes/functions_gallery_imageedit.php Move Code: Content visible to verified customers only.Code: Content visible to verified customers only. |
Code is already above specified comment; And all of my upload directories are 777... Quote:
|
Zachariah - just saw you uploaded an image... I'll run a few tests and let you know if all is OK; thanks. |
I ran a few tests and only admins can upload... Gallery was running smoothly until the patch - I checked all permissions and nothing has changed. WHen regular members try to upload thy get the error message... |
stupid question.. is this issue fixed now? if yes.. was it the stripos function? (that has to be outside all functions to work.. so that fix is mandatory anyway - but only for php versions lower that 5.0x) Luc |
| All times are GMT -5. The time now is 03:03 PM. |
Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0