Tickets ConLite :: https://dev.conlite.org/tickets/ Tickets ConLite :: ConLite: Recently closed tasks 2017-08-01T12:52:40Z FS#172: AMR-Plugin: update plugin to last 4.8 version https://dev.conlite.org/tickets/index.php?do=details&task_id=172 2017-08-01T12:52:40Z Ortwin Pinke Update AMR-Plugin to version used in Contenido 4.8.20. Also modifiy sql-setup. Update AMR-Plugin to version used in Contenido 4.8.20. Also modifiy sql-setup.

]]>
FS#174: Localize newsletter plugin https://dev.conlite.org/tickets/index.php?do=details&task_id=174 2017-08-01T12:51:14Z Ortwin Pinke Due too changes for localization not scanning plugin folders we have to do a separate localization for plugins. Due too changes for localization not scanning plugin folders we have to do a separate localization for plugins.

]]>
FS#173: i18n gettext: i18n cannot handle text (mo/po) with multiple lines https://dev.conlite.org/tickets/index.php?do=details&task_id=173 2017-07-16T11:39:46Z Ortwin Pinke Adapt i18n class from Con 4.9 Adapt i18n class from Con 4.9

]]>
FS#170: PHPMailer < 5.2.18 Remote Code Execution https://dev.conlite.org/tickets/index.php?do=details&task_id=170 2017-07-06T11:15:10Z Ortwin Pinke see http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html Check if used PHPMailer is affected by this vulnerability and fix it if needed. see http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html

Check if used PHPMailer is affected by this vulnerability and fix it if needed.

]]>
FS#166: Backslashes in module code will be removed using sync to db https://dev.conlite.org/tickets/index.php?do=details&task_id=166 2017-07-06T10:56:45Z Ortwin Pinke If you sync modules in filesystem to db, used backslashes in input or output will be removed in db-table.You may test behavior by just setting an html-output with backslashed quotation marks. If you sync modules in filesystem to db, used backslashes in input or output will be removed in db-table.
You may test behavior by just setting an html-output with backslashed quotation marks.

]]>
FS#171: System and client allows xss in backend https://dev.conlite.org/tickets/index.php?do=details&task_id=171 2017-07-06T09:31:52Z Ortwin Pinke Go to administration &rarr; system &rarr; expert settings.Create new setting and set value to: &lt;script&gt;alert(&#8221;XSS Alert&#8221;);&lt;/script&gt;Script will be executed. Same with client settings Go to administration → system → expert settings.
Create new setting and set value to: <script>alert(”XSS Alert”);</script>
Script will be executed. Same with client settings

]]>
FS#168: Change folder for cronjob files https://dev.conlite.org/tickets/index.php?do=details&task_id=168 2016-10-07T16:25:17Z Ortwin Pinke Move .job files from conlite/cronjobs to data/cronlog like con 4.9 does. Also remove check for write permissions for the old folder. Move .job files from conlite/cronjobs to data/cronlog like con 4.9 does. Also remove check for write permissions for the old folder.

]]>
FS#169: No log-file for pseudo-corn https://dev.conlite.org/tickets/index.php?do=details&task_id=169 2016-10-07T16:24:57Z Ortwin Pinke Normally pseudo-cron uses a log-file to write down all tasks. But there are no logs written down. Check whole behavior of pseudo-cron Normally pseudo-cron uses a log-file to write down all tasks. But there are no logs written down. Check whole behavior of pseudo-cron

]]>
FS#167: TinyMCE: no float after saving image in html-text https://dev.conlite.org/tickets/index.php?do=details&task_id=167 2016-06-29T12:58:44Z Ortwin Pinke If you try to use floating in tinymce for an image style is not added to img-tag after saving content. If you try to use floating in tinymce for an image style is not added to img-tag after saving content.

]]>
FS#149: EditArea: Check compressor usage https://dev.conlite.org/tickets/index.php?do=details&task_id=149 2015-11-11T19:34:16Z Ortwin Pinke There is a problem with cache files and/or cache path for compressor of editarea.Contenido uses generated files in editarea path, ConLite has a modified compressor class using backend cache path. There is a report that this files where not generated always, so editarea is not working.Also in editarea class for ConLite method getProperties all properties are loaded if the editor is deactivated. Change this useless behaviour to ommit unneeded db-queries. Maybe it&#8217;s a good idea to deliever compressed editarea.js always if caching not possible.Check whole procedure and fix it before release of stable 2.0! There is a problem with cache files and/or cache path for compressor of editarea.
Contenido uses generated files in editarea path, ConLite has a modified compressor class using backend cache path. There is a report that this files where not generated always, so editarea is not working.
Also in editarea class for ConLite method getProperties all properties are loaded if the editor is deactivated. Change this useless behaviour to ommit unneeded db-queries.

Maybe it’s a good idea to deliever compressed editarea.js always if caching not possible.
Check whole procedure and fix it before release of stable 2.0!

]]>