Announcement

Collapse
No announcement yet.

All known VB 4.2.5 bug fixes (combined.)

Collapse
This topic is closed.
X
This is a sticky topic.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mark.B
    replied
    It's a test category put in place to demonstrate it.

    vBulletin 4 has many, many thousands of live installations worldwide and is not a 'rough draft'.

    To clarify for a third time, there is not going to be any development work on vBulletin 4. The issues you experienced are due to poor server configuration and not bugs in vBulletin.

    Leave a comment:


  • WriteToEnlight
    replied
    Originally posted by Mark.B View Post
    You can easily change that yourself, and indeed you are meant to do so.
    "

    ( Maybe something like a "rough draft" at this time ... ? )


    ?

    "

    Leave a comment:


  • Mark.B
    replied
    You can easily change that yourself, and indeed you are meant to do so.
    As stated, no further work will be done on vBulletin 4. It is end of life.

    Leave a comment:


  • WriteToEnlight
    replied
    "

    ( Maybe something like a "rough draft" at the moment ...? )


    Maybe something like a current issue in Vbulletin 4.2.5 ?

    Section Widget Title - Section Title Display ?

    Click image for larger version

Name:	Vbulletin 425 Issue 1 2019-06-18.png
Views:	200
Size:	66.5 KB
ID:	4417090

    "
    Last edited by WriteToEnlight; Tue 18th Jun '19, 5:52pm.

    Leave a comment:


  • Mark.B
    replied
    Originally posted by WriteToEnlight View Post
    "

    ( Maybe something like a "rough draft" at the moment ..? )


    These are maybe something like some things that still haven't been addressed or fixed in a certain kind of a way in Vbulletin 4.2.5 "officially" in a certain kind of a way yet at the moment?


    "
    The issues you are experiencing in your thread are nothing to do with the software and everything to do with the server(s) you are running, as I've just explained in the thread.

    If the software had bugs of the nature you are referring to, we would have hundreds if not thousands of customers reporting them. It is certainly not a 'rough draft', having been released in 2009 and extensively developed up until 2016 when all focus moved to vBulletin 5.

    It is also worth noting that vBulletin 4 is end of life (from a development perspective) and no further development work will be carried out on it.

    Leave a comment:


  • WriteToEnlight
    replied
    "

    ( Maybe something like a "rough draft" at the moment ..? )


    These are maybe something like some things that still haven't been addressed or fixed in a certain kind of a way in Vbulletin 4.2.5 "officially" in a certain kind of a way yet at the moment?


    "

    Leave a comment:


  • Joe D.
    commented on 's reply
    Honestly I don't know, I would do it anyway.

  • scylla22
    commented on 's reply
    Do we need to do this if our site runs HTTPS?

  • Joe D.
    replied
    I just checked my VB 4.2.5 test site with Chrome and this fix and it worked fine with latest version of Chrome browser. Exactly what error are you getting? Can you post a screenshot?

    Leave a comment:


  • MK_1
    replied
    Originally posted by Joe D. View Post
    Advanced Post Editing fix for Google Chrome based browsers.

    An change in Google Chrome meant to protect sites from cross-site-scripting (XSS) exploits is backfiring and blocking legitimate scripts on various web applications including VB 4.2.5. The fix is to create a simple plugin that tells the browser to turn off this feature for the Advanced Editor pages.

    You can do this in one of two ways, either manually create the plugin or download the attached file and then upload it as a new product in the Admin CP -> Product Manager -> Add New Product.

    Do one or the other, not both.

    Manual Instructions:

    1) Go to Admin CP -> Plugins & Products -> Add New Plugin
    2) On the plugin page enter the following values:

    Product: vBulletin
    Hook Location: editpost_update_start
    Title: XSS Block Bug Fix
    Execution Order: 1
    Plugin PHP Code:
    Code:
    //bugfix from vbsupport
    header('X-XSS-Protection:0');
    Set Active:Yes

    Save changes.

    Or upload the attached .XML file and import it into Product Manager in the Admn CP. There are no settings, it works as soon as it is imported.
    Fix doesn't work for me? Or are there other issues with latest Chrome?

    Leave a comment:


  • Joe D.
    replied
    Note- Due to potential for exploit you should not be using ImageMagick as the Image Processing Library. (The exploit is in ImageMagick code, not vBulletin.) However by default vBulletin is set to use the GD image library so the majority of customers should be safe. To be sure go to the Admin CP -> Settings -> Options -> Image Settings and and make sure GD is used. If you have an error uploading images after changing make your PHP is configured to have the GD library.

    This is true for all VB 3.x and 4.x versions.

    Leave a comment:


  • djbaxter
    replied
    Thanks, Joe.

    Leave a comment:


  • Joe D.
    replied
    Basically you should just be suppressing warnings, there is no simple fix for this and it isn't really an error just a change in how PHP worked between 5.3.x and 5.4.x.

    Leave a comment:


  • Mark.B
    replied
    Please note this isn't a thread for support questions, it is for known and verified fixes to be posted. We will not be answering support questions here. Please start a new thread if you need support. Thanks.

    Leave a comment:


  • djbaxter
    replied
    Also this:

    Running vBulletin 4.2.5 with PHP7.1...

    I normally have warnings suppressed but needed to display them while troubleshooting something and when I do I see this in the AdminCP User Manager just after Image Options and before User Profile Fields:

    Code:
    PHP Warning: Illegal string offset 'userid' in ..../includes/functions.php on line 589
    
    PHP Warning: Illegal string offset 'userid' in ..../includes/functions.php on line 592
    
    PHP Warning: Illegal string offset 'usergroupid' in ..../includes/functions.php on line 532
    
    PHP Warning: Illegal string offset 'usergroupid' in ..../includes/functions.php on line 598
    
    PHP Warning: Illegal string offset 'userid' in ..../includes/functions.php on line 598
    The lines in question are:

    Code:
    589 if (!is_array($user_memberships["$userinfo[userid]"]) OR !$cache)
    
    592 user_memberships["$userinfo[userid]"] = fetch_membergroupids_array($userinfo);
    
    532 $membergroups[] = $user['usergroupid'];
    
    598 if ($userinfo['usergroupid'] == $usergroupid OR in_array($usergroupid, $user_memberships["$userinfo[userid]"]))
    In case it's relevant, I do have some custom fields in the user profiles.

    Suggestions for how to fix this?

    Leave a comment:

Related Topics

Collapse

Working...
X