Search found 39 matches
- Fri Feb 10, 2012 3:06 pm
- Forum: Tips and Tricks
- Topic: display random child
- Replies: 2
- Views: 3552
Re: display random child
Mesaredo, this Smarty snippet works in templates as well as in Global Content Blocks. Make sure that the module CGSimpleSmarty is installed, so that the class cgsimple is available. Another example to display a random title from one of the child pages of the page "parent": {$cgsimple->get_...
- Tue Feb 07, 2012 7:40 pm
- Forum: CMSMS Core
- Topic: Removing Content Blocks
- Replies: 6
- Views: 2062
Re: Removing Content Blocks
Some background information: I have a little little smarty loop that displays a catalog of sub-pages as thumbnails. The style of some of the thumbnails is controlled by a parameter that I put in a content block. If the webmaster switches templates without resetting the parameter in the content block...
- Tue Feb 07, 2012 5:40 pm
- Forum: CMSMS Core
- Topic: Removing Content Blocks
- Replies: 6
- Views: 2062
Re: Removing Content Blocks
Yes, it's useful at times.
It's not a bug report or feature request, I just need a different behavior for content blocks in a rather special case.
It's not a bug report or feature request, I just need a different behavior for content blocks in a rather special case.
- Tue Feb 07, 2012 3:52 pm
- Forum: CMSMS Core
- Topic: Removing Content Blocks
- Replies: 6
- Views: 2062
Removing Content Blocks
I noticed that content blocks for a page remain in the database even after the template is changed: 1.) assign template containing a content block (i.e. {content block="test" } 2.) replace the template with another, not containing the content block ({content block="test"} 3.) the...
- Sat Oct 22, 2011 8:53 pm
- Forum: [locked] CMSMS 1.10 Beta
- Topic: Release Notes are missing from final
- Replies: 1
- Views: 51188
Release Notes are missing from final
In install/releasenotes.txt it just says
--------------------------------
CMSMS Version 1.10 - Martinique
--------------------------------
Release notes will go here when 1.10 is released.
--------------------------------
CMSMS Version 1.10 - Martinique
--------------------------------
Release notes will go here when 1.10 is released.
- Wed Oct 12, 2011 11:50 am
- Forum: CMS Show Off
- Topic: Awesome customized website for non - profit organization
- Replies: 6
- Views: 4570
Re: Awesome customized website for non - profit organization
Sure. Almost every variable in the Submission template of the default template set is unsafe and susceptible to Cross Site Scripting attacks. The fix would be not to echo any user variables at all or to sanitize them first with PHP's strip_tags. And don't use Smarty's strip_tags, it's broken and als...
- Wed Oct 12, 2011 6:11 am
- Forum: CMS Show Off
- Topic: Awesome customized website for non - profit organization
- Replies: 6
- Views: 4570
Re: Awesome customized website for non - profit organization
nyandres,
FormBuilder is vulnerable to XSS attacks.
You must fix this problem in FormBuilder's templates or not use FormBuilder at all, because the default settings are highly unsafe.
A nice little demo on request.
Best regards,
David
FormBuilder is vulnerable to XSS attacks.
You must fix this problem in FormBuilder's templates or not use FormBuilder at all, because the default settings are highly unsafe.
A nice little demo on request.
Best regards,
David
- Sat Aug 27, 2011 9:21 am
- Forum: Closed Issues
- Topic: [closed] Re: Thumbnails in dropdown
- Replies: 4
- Views: 3084
Re: Thumbnails in dropdown
your orginal post is still there on viewtopic.php?f=74&t=56406 I did check to see if I could get this post back but sad to say no luck. My bad :) tk -J As I said, no harm done. To get back on topic: I'd be great to have an option to filter filenames with a certain prefix. The function create_fi...
- Sat Aug 27, 2011 7:37 am
- Forum: Closed Issues
- Topic: [closed] Re: Thumbnails in dropdown
- Replies: 4
- Views: 3084
Re: Thumbnails in dropdown
Code: Select all
I don't know if the post was removed or if I overwrote the post.. if I did I'll try to retrive it back as I didn't start this. My bad if so :D
No harm done.
Regars,
David
- Sat Aug 27, 2011 7:31 am
- Forum: Closed Issues
- Topic: [fixed] search doesn't find numeric values
- Replies: 5
- Views: 3780
Re: search doesn't find numeric values
1-888-675-9874 why would you search for that? if you’re looking for a number then you wouldn't know it :D .. so I can't even think of a reason to search for a number by its self. I'd believe this issue would not be one to do something about. Hi Jeremy, there is even an open ticket in the bug tracke...
- Sat Aug 27, 2011 7:14 am
- Forum: Closed Issues
- Topic: [fixed] filemanager: delete/rename directory with certain ch
- Replies: 5
- Views: 4304
Re: filemanager: delete/rename directory with certain charac
FileManager.module.php already contains a function ContainsIllegalChars() . It could be extended and then reused in action.newdir. Example: actions.newdir if ($this->ContainsIllegalChars($params["newdirname"]) || $params["newdirname"][0]==".") { $this->Redirect($id, 'de...
- Fri Aug 26, 2011 4:42 pm
- Forum: CMS Show Off
- Topic: Get a Print Quote / Druckereivergleich (beta)
- Replies: 3
- Views: 2457
Re: Get a Print Quote / Druckereivergleich (beta)
You might want to fix those XSS vulnerabilities in FormBuilder...
- Fri Aug 26, 2011 3:35 pm
- Forum: Closed Issues
- Topic: [fixed] News: no permission check in action.editarticle.php
- Replies: 7
- Views: 4747
Re: News: no permission check in action.editarticle.php
I agree. I edited my initial post and removed the URL. It was stupid to post it here but I thought only 1.10 was affected.cb2004 wrote:Wow. Lets get this removed from the forum.
- Fri Aug 26, 2011 1:51 pm
- Forum: Closed Issues
- Topic: [fixed] News: no permission check in action.editarticle.php
- Replies: 7
- Views: 4747
Re: News: no permission check in action.editarticle.php
Previous versions of CMS Made Simple are also affected.
Very nice.
Try the submit button
Very nice.
Try the submit button
- Fri Aug 26, 2011 8:00 am
- Forum: Module und Tags
- Topic: Such Modul funktioniert nicht mehr.
- Replies: 5
- Views: 4300
Re: Such Modul funktioniert nicht mehr.
Poste hier mal deine .htaccess, hoechstwahrscheinlich ist der fehler dort zu finden.