Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
dean
Worker
Worker


Joined: Apr 14, 2004
Posts: 193

PostPosted: Sun Sep 19, 2004 2:27 am Reply with quote

Ill second the idea of bringing up the forums again, if only as an archive. Mayve one of us can build on it?
 
View user's profile Send private message
TheosEleos
Life Cycles Becoming CPU Cycles


Joined: Sep 18, 2003
Posts: 960
Location: Missouri

PostPosted: Sun Sep 19, 2004 2:57 am Reply with quote

Deseroka wrote:
I don't think you need to apologize for being over busy. We can all relate to that.


Indeed! I don't want you guys to feel bad. Do your thing and do it well. Wink

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website AIM Address ICQ Number
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Sep 19, 2004 1:50 pm Reply with quote

The problem with electronic messaging is that you can so easily be misunderstood. Sometimes it's a language issue, immaturity (age), presentation, etc. It can be all things. When I read Deseroka'a post I didn't see anything wrong with it. It seems that often times we have a tendancy to react to what we think someone is saying. It would be wiser to ask for clarification to a statement before debating it and not attack the poster, per se. There will be MANY who will be dissappointed and po'd as D. This is to be expected when a fine and popular product like CM is no longer supported in what is the most popular free CMS avaialable. OTOH, it is the author's right to do what he wants to do, n'est pas? Frankly I can understand not wanting to have to constantly work around the security issues, however, CM has suffered from their own security issues outside of phpNuke, some very severe. So, it is a mixed bag for them and by going this route they lessen their chances of negative exposure through a flaw of the 'wrapper'. In any event, let's try to take each other's comments with a grain of salt before lashing out.
 
View user's profile Send private message
akamu
New Member
New Member


Joined: Jun 22, 2004
Posts: 6

PostPosted: Thu Sep 23, 2004 1:35 am Reply with quote

personally I don't blame you for being pissed off, We understood that when we made the decision (which was not a spur of the moment thing) .

Since Raven is distributing coppermine he and his staff should be glad to help you out with what issues you are having....
 
View user's profile Send private message Visit poster's website
Raven
PostPosted: Thu Sep 23, 2004 7:21 am Reply with quote

Unfortunately, that is not correct, and is really quite ridiculous. I was releasing CM as a courtesy because I felt it was the best package out there, at the time. All I did was offer it pre-installed. As with all 3rd party software, other than my own, buyer beware. It is the responsibility of the author to support their product, not me.
 
Rage
Insane


Joined: Jul 30, 2004
Posts: 85

PostPosted: Fri Sep 24, 2004 8:35 am Reply with quote

Coppermine is probably still the best gallery for the purpose of nuke, and its a shame that development for nuke has stopped.

_________________
It's not that I'm afraid of dying, it's just that I don't want to be there when it happens. - Woody Allen 
View user's profile Send private message
Deseroka
Client


Joined: Apr 15, 2003
Posts: 466
Location: FL

PostPosted: Fri Sep 24, 2004 10:21 am Reply with quote

I love Coppermine. But I have to give Gallery it's due. I have it running stand alone too, and I love how it allows members to upload more than one pic at a time.
 
View user's profile Send private message
Deseroka
PostPosted: Wed Nov 17, 2004 1:43 pm Reply with quote

Anyone ever succeed at migrating to Gallery from Coppermine?
 
oprime2001
Worker
Worker


Joined: Jun 04, 2004
Posts: 119
Location: Chicago IL USA

PostPosted: Fri Nov 19, 2004 4:42 pm Reply with quote

Well, seems like there is a rash of (new?) coppermine exploits going around -- as in Only registered users can see links on this board! Get registered or login! and Only registered users can see links on this board! Get registered or login!. Being the paranoid that I am, I decided not to wait for the Only registered users can see links on this board! Get registered or login!. So, I've started to migrate my image galleries from Coppermine to Only registered users can see links on this board! Get registered or login!. I started with a smaller image gallery (just under 300 pix in 18 albums) with no comments nor captions.

The move was pretty straightforward. Fortunately, the Gallery install script found most everything that it needed (e.g. Only registered users can see links on this board! Get registered or login!, album paths, module paths etc.). I used the Only registered users can see links on this board! Get registered or login! to upload the albums and photos; I couldn't pull them out of the Coppermine installation.

I was fairly impressed with the ease of the installation. Much props to the Only registered users can see links on this board! Get registered or login!and Only registered users can see links on this board! Get registered or login!at Only registered users can see links on this board! Get registered or login!. Now to move that behemoth of an image gallery on one of my other sites: 1500+ pix in 10 albums! . Shocked
 
View user's profile Send private message
TheosEleos
PostPosted: Fri Nov 19, 2004 6:33 pm Reply with quote

It doesn't use mysql database though, does it?

When I used that in the past and had to change web hosts setting up all the permissions for all the files and folders was so bad I had to dump it altogether. It didn't use the database at the time so all the information was in file format.
 
CurtisH
Life Cycles Becoming CPU Cycles


Joined: Mar 15, 2004
Posts: 638
Location: West Branch, MI

PostPosted: Fri Nov 19, 2004 8:33 pm Reply with quote

Ugh.... I don't like gallery. I am slowly moving my site to RavenWebHosting and will have to replace coppermine. I wonder if the bbtouke port of phpbb photo album has any security issues. It seems to integrate into users accounts SOOOO much better than gallery

_________________
Those who dream by day are cognizant of many things which escape those who dream only by night. ~Poe 
View user's profile Send private message Visit poster's website Yahoo Messenger
oprime2001
PostPosted: Fri Nov 19, 2004 9:33 pm Reply with quote

TheosEleos wrote:
It doesn't use mysql database though, does it?

When I used that in the past and had to change web hosts setting up all the permissions for all the files and folders was so bad I had to dump it altogether. It didn't use the database at the time so all the information was in file format.

The latest stable release is Only registered users can see links on this board! Get registered or login!. This version still does NOT use a db. As for file/folder permissions, the only ones that I had to change manually were the .htaccess and config.php for the module once configuration was done. I do not know whether to attribute the relative ease in installation to the software or to the user (or a combination of both), but installation/configuration was much easier this time around than in my experience with Gallery in 2002/2003.

I have been playing around with Only registered users can see links on this board! Get registered or login! on Only registered users can see links on this board! Get registered or login!; this G2 version does use a db. I've been pleased with the G2 version, but the caveat with using the current alpha G2 version is that there might not necessarily be a migration path provided from the current dev versions to the gold release. Still, the G2 version is fun to try out!
 
VinDSL
Life Cycles Becoming CPU Cycles


Joined: Jul 11, 2004
Posts: 614
Location: Arizona (USA) Admin: NukeCops.com Admin: Disipal Designs Admin: Lenon.com

PostPosted: Sat Nov 20, 2004 10:34 pm Reply with quote

For what it's worth, I run a tweaked version of Surf's Coppermine 1.1d port, and I've been very happy with it overall. Sure, I've had a couple of problems...

When I first installed it on my site, someone used the 'new user registration' feature to set themselves up as a moderator on my website, so I turned that feature off, and it hasn't happened since. I also started using NSN YAT 650 about that time, so maybe that was part of the fix, and I didn't realize it...

Another time, a user tried to setup a personal photo album, and totally botched it, so I turned that feature off too.

And, somebody voted for a picture 5k times in one day. LoL! Whatever! I guess they liked the pic.

Other than those few things, I haven't had any problems. And, I might add, ppl try to run injections on it all the time, and nobody has been successful yet - knock on wood. So far the security proggies I run have caught them every time and banned them...

I've tried the 'new' Coppermine port[s], and while I appreciate the added features, and so forth, there is something about it that keeps me using 1.1d. I don't have any compelling reason to change, at this point, so I guess I'll stick with Surf's 1.1d version until something better comes along... Wink

_________________
.:: "The further in you go, the bigger it gets!" ::.
.:: Only registered users can see links on this board! Get registered or login! | Only registered users can see links on this board! Get registered or login! ::. 
View user's profile Send private message Visit poster's website ICQ Number
TheosEleos
PostPosted: Sun Nov 21, 2004 10:39 pm Reply with quote

The people over at G2 told me that if someone wants to port it over to a phpnuke module they would help out. I don't know enough about coding to do that but I sure wish someone else would. I would love to change back.
Only registered users can see links on this board! Get registered or login!
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon Nov 22, 2004 7:14 am Reply with quote

I found reasonably good instructions on the 4images forum for using it inside phpnuke. But there too some will not like the license. But it is a very nice script. I think VinDSL raises a good idea for many going back to a simpler "time so to speak" would be easier to maintain. Maybe a new port of Only registered users can see links on this board! Get registered or login! would be even more widely accepted? But in reality I think G2 is the future of integrated Gallery systems.

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©