Tickets ConLite :: https://dev.conlite.org/tickets/ Tickets ConLite :: ConLite: Recently closed tasks 2017-07-16T11:39:46Z FS#173: i18n gettext: i18n cannot handle text (mo/po) with multiple lines https://dev.conlite.org/tickets/index.php?do=details&task_id=173 2017-07-16T11:39:46Z Ortwin Pinke Adapt i18n class from Con 4.9 Adapt i18n class from Con 4.9

]]>
FS#170: PHPMailer < 5.2.18 Remote Code Execution https://dev.conlite.org/tickets/index.php?do=details&task_id=170 2017-07-06T11:15:10Z Ortwin Pinke see http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html Check if used PHPMailer is affected by this vulnerability and fix it if needed. see http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html

Check if used PHPMailer is affected by this vulnerability and fix it if needed.

]]>
FS#166: Backslashes in module code will be removed using sync to db https://dev.conlite.org/tickets/index.php?do=details&task_id=166 2017-07-06T10:56:45Z Ortwin Pinke If you sync modules in filesystem to db, used backslashes in input or output will be removed in db-table.You may test behavior by just setting an html-output with backslashed quotation marks. If you sync modules in filesystem to db, used backslashes in input or output will be removed in db-table.
You may test behavior by just setting an html-output with backslashed quotation marks.

]]>
FS#171: System and client allows xss in backend https://dev.conlite.org/tickets/index.php?do=details&task_id=171 2017-07-06T09:31:52Z Ortwin Pinke Go to administration &rarr; system &rarr; expert settings.Create new setting and set value to: &lt;script&gt;alert(&#8221;XSS Alert&#8221;);&lt;/script&gt;Script will be executed. Same with client settings Go to administration → system → expert settings.
Create new setting and set value to: <script>alert(”XSS Alert”);</script>
Script will be executed. Same with client settings

]]>
FS#168: Change folder for cronjob files https://dev.conlite.org/tickets/index.php?do=details&task_id=168 2016-10-07T16:25:17Z Ortwin Pinke Move .job files from conlite/cronjobs to data/cronlog like con 4.9 does. Also remove check for write permissions for the old folder. Move .job files from conlite/cronjobs to data/cronlog like con 4.9 does. Also remove check for write permissions for the old folder.

]]>
FS#169: No log-file for pseudo-corn https://dev.conlite.org/tickets/index.php?do=details&task_id=169 2016-10-07T16:24:57Z Ortwin Pinke Normally pseudo-cron uses a log-file to write down all tasks. But there are no logs written down. Check whole behavior of pseudo-cron Normally pseudo-cron uses a log-file to write down all tasks. But there are no logs written down. Check whole behavior of pseudo-cron

]]>
FS#167: TinyMCE: no float after saving image in html-text https://dev.conlite.org/tickets/index.php?do=details&task_id=167 2016-06-29T12:58:44Z Ortwin Pinke If you try to use floating in tinymce for an image style is not added to img-tag after saving content. If you try to use floating in tinymce for an image style is not added to img-tag after saving content.

]]>
FS#149: EditArea: Check compressor usage https://dev.conlite.org/tickets/index.php?do=details&task_id=149 2015-11-11T19:34:16Z Ortwin Pinke There is a problem with cache files and/or cache path for compressor of editarea.Contenido uses generated files in editarea path, ConLite has a modified compressor class using backend cache path. There is a report that this files where not generated always, so editarea is not working.Also in editarea class for ConLite method getProperties all properties are loaded if the editor is deactivated. Change this useless behaviour to ommit unneeded db-queries. Maybe it&#8217;s a good idea to deliever compressed editarea.js always if caching not possible.Check whole procedure and fix it before release of stable 2.0! There is a problem with cache files and/or cache path for compressor of editarea.
Contenido uses generated files in editarea path, ConLite has a modified compressor class using backend cache path. There is a report that this files where not generated always, so editarea is not working.
Also in editarea class for ConLite method getProperties all properties are loaded if the editor is deactivated. Change this useless behaviour to ommit unneeded db-queries.

Maybe it’s a good idea to deliever compressed editarea.js always if caching not possible.
Check whole procedure and fix it before release of stable 2.0!

]]>
FS#156: Updatenotifier not working https://dev.conlite.org/tickets/index.php?do=details&task_id=156 2015-10-06T07:40:01Z Ortwin Pinke While checking updatenotifier there was a wrong display for updates either with right or wrong versionnumber in vendor.xml. This is caused by using an simple_xml object instead of a string. While checking updatenotifier there was a wrong display for updates either with right or wrong versionnumber in vendor.xml. This is caused by using an simple_xml object instead of a string.

]]>
FS#155: Onlineuser function throws SQL error https://dev.conlite.org/tickets/index.php?do=details&task_id=155 2015-10-06T05:54:10Z Ortwin Pinke see forum &rarr; http://forum.conlite.org/viewtopic.php?f=9&amp;t=240&amp;p=292 see forum → http://forum.conlite.org/viewtopic.php?f=9&t=240&p=292

]]>