I just upgraded to V4.1.12 from 4.1.11. And the up grad killed the uploader.. This is why I'm always reluctant to upgrade unless you have a stock board with no mods or personalization.
The file upload fix worked.
That's all I need to say. He did it. I recommend the fix to all VB users..
Announcement
Collapse
No announcement yet.
YUI flash uploader exploit and the vb recommended fix
Collapse
X
-
seems support just aint available for us on vb4 now i have another problem on another thread thats been left by support since 23 of october last year now with no fix so it does seen ipb or xenforo is the only way forward and the £170 i spent for vb4 just 18 months is worth nothing
-
Originally posted by Joe D. View PostYou're not going to get back the ability to CTRL+Click and upload 5 files at the same time with the AJAX uploader. You can upload 5 files but each one must be chosen individually. Sorry for the confusion.
Leave a comment:
-
Originally posted by Wayne Luke View PostYou should release this on www.vbulletin.org. Customers are free to use it at their own risk.
Leave a comment:
-
Originally posted by Wayne Luke View PostYou should release this on www.vbulletin.org. Customers are free to use it at their own risk.
http://www.vbulletin.org/forum/showthread.php?t=307008
- 1 like
Leave a comment:
-
You should release this on www.vbulletin.org. Customers are free to use it at their own risk.
Leave a comment:
-
Could it be a browser/caching issue relating to changing between ajax and flash settings?
Leave a comment:
-
Originally posted by alexm View Post
The only way I can duplicate this is if you use the 'Insert Image' button in the advanced editor. The image is attached and inserted but the attachment isn't listed below the 'Manage Attachments' button until it is refreshed (e.g. by doing a preview).
This appears to happen regardless of whether you use flash or ajax to upload the files so I'm assuming it has always been this way?
I'll have to research this a little more.
Leave a comment:
-
Originally posted by mediasnog View PostThe only problem I've found is with my installation of IE-10 is it works fine with quick reply, but in advanced reply or new thread files get uploaded, but the files don't populate in the 'Attachments' box for 'manage attachments'. You have to exit the upload screen and refresh the editor page. If you do that the files are there.
This appears to happen regardless of whether you use flash or ajax to upload the files so I'm assuming it has always been this way?
Leave a comment:
-
VB made such a huge issue out of how this could not be fixed and here we have alexm giving us a fix. Thank alexm we can still use this until our migration to Xenforo is compleated.
Now the next question is what will be the next issue that comes up in VB that they cannot fixedLast edited by DirtRider; Mon 13 Jan '14, 5:06am.
Leave a comment:
-
The only problem I've found is with my installation of IE-10 is it works fine with quick reply, but in advanced reply or new thread files get uploaded, but the files don't populate in the 'Attachments' box for 'manage attachments'. You have to exit the upload screen and refresh the editor page. If you do that the files are there.Last edited by mediasnog; Mon 13 Jan '14, 4:36am.
Leave a comment:
-
Hi Alex
Well my members and I really want to thank you.
I now have the forum back to where it was before this nonsense happened.
What a shame this was not sorted by vBulletin.
regards
Trevor
- 1 like
Leave a comment:
-
Hi Dmitri,
Unless anyone else can find any further problems which need fixing I'm not intending to develop it further. The .zip file posted earlier contains a working uploader.swf with the allowedDomain exploit fixed plus another potential exploit also fixed so those who want to stick with the flash uploader are now able to return the functionality back to exactly what it was before all this started, which was the main goal of this exercise.
Alex
- 1 like
Leave a comment:
-
Originally posted by alexm View PostFollowing some extremely helpful suggestions from FranzBanz I've updated the above .zip file with v2 of the patched flash uploader
1) finding another exploit (using another parameter). Exploit fixed by setting the parameter (not used by vBulletin) to null.
2) '-' added to allowed characters in allowedDomain
Leave a comment:
Related Topics
Collapse
-
by frank47Adding a Flash header.
I am trying to add a flash movie to the header.
Can easily add an image, but not object or java - driving me nuts. Have tried various approaches without success....-
Channel: Support Issues & Questions
Tue 12 Nov '13, 6:40am -
Leave a comment: