Announcement

Collapse
No announcement yet.

Manual Security Patch Instructions for VB 4.x.x

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #46
    OK... I missed a step when converting the Diff files into manual instructions. MK_1 noticed this way back on the first page but I did not.

    Anyone who has already made the changes needs to go back and do one more. I have updated the original instructions so anyone making from here on out is OK.

    Go back to the /includes/functions_misc.php file

    Find the code:
    Code:
        $temp = unserialize($serializedarr);
    Replace with:
    Code:
        $temp = json_decode($serializedarr, true);
    And save changes.

    This will fix the "Invalid Action Specified" bug with in-line moderation.

    Sorry all - my bad.

    Comment


    • #47
      7 days later: "Sorry all - my bad. "

      Nice. Thanks for the update, 7 days later.

      Comment


      • #48
        Joe wrote the instructions as a courtesy for customers who were unable to use the official .diff file we provided.

        The official .diff file was correct and was not missing the change listed above.
        MARK.B | vBULLETIN SUPPORT

        TalkNewsUK - My vBulletin 5.5.4 Demo
        AdminAmmo - My Cloud Demo

        Comment


        • #49
          Originally posted by Infopro View Post
          7 days later: "Sorry all - my bad. "

          Nice. Thanks for the update, 7 days later.
          7 days, yes, but the first report in this thread of something not working was 6:17pm my time yesterday. Before 8pm yesterday (less than 2 hours) I had gone over the code line by line and found the problem.

          If someone was having a problem for the full 7 days I would hope they would have said something sooner.

          Best I can tell, like on my site, no one noticed until yesterday.

          Comment


          • #50
            Exactly how do I apply VBIV-15935.patch?

            Seems a safer way of doing it than this.

            Vote for these issues:

            Comment


            • #51
              You need to learn how to apply Diff files. This is not the support thread for that, in the announcement I know Wayne linked to an old thread where someone explained how to use a .diff files. It is a good thing to learn if you're not going to upgrade to latest versions. Had the instructions been much more complicated than this there wouldn't have been manual instructions.

              Comment


              • #52
                Originally posted by malmazan View Post
                Exactly how do I apply VBIV-15935.patch?

                Seems a safer way of doing it than this.
                What version are you running?
                MARK.B | vBULLETIN SUPPORT

                TalkNewsUK - My vBulletin 5.5.4 Demo
                AdminAmmo - My Cloud Demo

                Comment


                • #53
                  We're using vb4.2.2 and we've applied the patch manually. We do not prefer overwriting the files since we might have previous edits done in our files.
                  Our vb version in ACP still display as vb4.2.2. How do we make it show as vb4.2.2 Patch Level 1 and get rid of the newer version to download notice?
                  vBulletin 4.2.5 | PHP 7.0.31 | MariaDB 10.2.17

                  Comment


                  • #54
                    Originally posted by Pocket Aces View Post
                    We're using vb4.2.2 and we've applied the patch manually. We do not prefer overwriting the files since we might have previous edits done in our files.
                    Our vb version in ACP still display as vb4.2.2. How do we make it show as vb4.2.2 Patch Level 1 and get rid of the newer version to download notice?
                    In your /includes/ directory create (or edit if it exists) a file called version_vbulletin.php with the following text:

                    PHP Code:
                    <?php

                    define
                    ('FILE_VERSION_VBULLETIN''4.2.2 Patch Level 1');

                    ?>

                    Comment


                    • #55
                      Originally posted by Joe D. View Post
                      You need to learn how to apply Diff files. This is not the support thread for that, in the announcement I know Wayne linked to an old thread where someone explained how to use a .diff files. It is a good thing to learn if you're not going to upgrade to latest versions. Had the instructions been much more complicated than this there wouldn't have been manual instructions.
                      I guess I just need to know the folder to place it in and one command line. Since you are offering the way to manually do it, you could just offer that info as well. I am not sure I see the problem with that.


                      Originally posted by Mark.B View Post
                      What version are you running?
                      4.2.2 Patch Level 1
                      Some php files are edited to overcome vB4's shortcomings.
                      Vote for these issues:

                      Comment


                      • #56
                        Originally posted by malmazan View Post

                        I guess I just need to know the folder to place it in and one command line. Since you are offering the way to manually do it, you could just offer that info as well. I am not sure I see the problem with that.
                        I'd help you if I could but I've never applied diff files myself and could offer no insight beyond what a simple Google search would find. I would suggest you start a topic dedicated to diff questions so someone with diff experience may see it and weigh in, likely they won't be looking in this topic.

                        Comment


                        • #57
                          I have just updated my test site which was on vB 4.2.2 using the patch... I did this just to make sure that when I manually update my live site which for many reasons is still currently using 4.2.0 was running the correct software versions and would still work OK...

                          After I did the patch on my test site, I now see the following errors,

                          when I went into admincp I got this error Fatal error: Cannot redeclare fetch_version_array() in /home/vwaf/public_html/testvb/forum/includes/adminfunctions_template.php

                          I had to re-upload the adminfunctions_template file to get the admincp to work again... It was OK before the patch

                          When I select a catagory in the forum home page I get this

                          Fatal error: Call to undefined method vB_Input_Cleaner:arse_url() in /home/vwaf/public_html/testvb/forum/includes/functions.php on line 2998


                          Any idea what caused this?

                          Stuart

                          Comment


                          • #58
                            Looks as though you made a mistake in the manual instructions. I would restore the original files and try again.
                            Either that or you have an add on that is conflicting.
                            MARK.B | vBULLETIN SUPPORT

                            TalkNewsUK - My vBulletin 5.5.4 Demo
                            AdminAmmo - My Cloud Demo

                            Comment


                            • #59
                              Originally posted by Mark.B View Post
                              Looks as though you made a mistake in the manual instructions. I would restore the original files and try again.
                              Either that or you have an add on that is conflicting.
                              I have not done a manual update... My test site runs 4.2.2 so I just used the patch

                              Comment


                              • #60
                                If this question is not about the manual instructions then please open a separate thread. This topic is ONLY for support of the manual instructions. Thank You.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X