[Xerte-dev] Re: Fixes last night (XOT)

Tue Mar 6 10:24:55 GMT 2012

Just installed all the new files on xampp, now get this when trying to edit:

[cid:image001.png at 01CCFB83.5FD5DAC0]

-----Original Message-----
From: xerte-dev-bounces at lists.nottingham.ac.uk [mailto:xerte-dev-bounces at lists.nottingham.ac.uk] On Behalf Of David Goodwin
Sent: 06 March 2012 07:38
To: For Xerte technical developers
Subject: [Xerte-dev] Fixes last night (XOT)

Hi

I made some fixes to XOT trunk last night - so you can at least install and login as a new user. (I did a full install and used demo.php to login). Again this breakage was due to merging by the looks of it.

The installer will now remove any existing xerte db tables if they exist before trying to create then.

The installer now tries to strongly suggest to people that they delete the setup folder. Can we change the installer so it aborts if someone has an existing database.php file or something so making deletion unnecessary? (obviously I can code it to - but is this an ok thing to do ?)

I've also created an issue on the google issue tracker covering a security problem in proxy_rss.php. Does XOT store a list of all remote urls someone may want to request anywhere so we can have a whitelist of good urls - at the moment someone can use proxy_rss.php to fetch any remote URL.

Thanks

David

David Goodwin

Pale Purple Ltd.

http://www.palepurple.co.uk

0845 0046746

07792 380669

_______________________________________________

Xerte-dev mailing list

Xerte-dev at lists.nottingham.ac.uk

http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20120306/0f360d36/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 27052 bytes
Desc: image001.png
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20120306/0f360d36/attachment-0001.png>