Re: [SliTaz] attachments

[ Thread Index | Date Index | More lists.tuxfamily.org/slitaz Archives ] 

Hi Eric,

thx for your answer

as fare as I understand this:

 $bb_attachments['allowed']['extensions']['default']=array('gif','jpeg','jpg','pdf','png','txt',log); // anyone who can upload can submit these

it should be possible for any user to upload those extensions.

But the reality is, that only gif, jpeg, jpg and png are possible for users.. If txt and log files would also be possible, I think, that would be great - do you see any chance for that?

Should we try to delete Bazos straight after a backup?

And one more question? on which OS and kernel the forum is running - there is quite a big rumor about spectre and meltdown and updating the kernel - at the moment, KPTI-Patch is only available for Kernel 4.4.111, 4.9.76, 4.14..13 and 4.15.rc6

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/

https://en.wikipedia.org/wiki/Kernel_page-table_isolation

I think, we have some user sensitive datas - like mailadress and passwords, so I think, the forum should run soon on one of those kernels or at least inculde the KPTI-Patch.....

ciao

Thomas

 
On Fri, 5 Jan 2018 10:25:59 +0100 (CET)
Eric Joseph-Alexandre <erjo@xxxxxxxxxx> wrote:

> HI Thomas, 
> 
> This forum code is very and old not maintained and we may consider to change it. 
> 
> For attachment we have to modify the plugins: 
> 
> -- readme.txt -- 
> * if you get `error: denied mime` on every upload, mime_content_type function or shell access must exist to verify mime types - otherwise you can force all types to be allowed by editing `bb-attachments.php` an 
> 
> 
> -- bb-attachments.php -- 
> $bb_attachments['allowed']['extensions']['default']=array('gif','jpeg','jpg','pdf','png','txt',log); // anyone who can upload can submit these 
> $bb_attachments['allowed']['extensions']['moderate']=array('gif','gz','jpeg','jpg','pdf','png','txt','zip','tazpkg','log','sh','conf'); // only if they can moderate 
> $bb_attachments['allowed']['extensions']['administrate']=array('bmp','doc','gif','gz','jpeg','jpg','pdf','png','txt','xls','zip','tazpkg','log','conf','sh'); // only if they can administrate 
> 
> $bb_attachments['allowed']['mime_types']['default']=array('text/plain', 'image/jpeg', 'image/jpg', 'image/png', 'image/gif', 'application/pdf', 'application/x-pdf'); // for anyone that can upload 
> $bb_attachments['allowed']['mime_types']['moderate']=array('text/plain', 'image/jpeg', 'image/jpg', 'image/png', 'image/gif', 'application/pdf', 'application/x-pdf', 'application/zip', 'application/x-zip' , 'app 
> $bb_attachments['allowed']['mime_types']['administrate']=array('application/octet-stream', 'text/plain', 'text/x-c', 'image/bmp', 'image/jpeg', 'image/jpg', 'image/png', 'image/gif', 'application/pdf', 'applicat 
> 
> 
> Bozos 
> ----- 
> 
> I think this will remove all user considerd has Bozos. 
> 
> Cheers 
> 
> Eric. 
> 
> ----- Le 4 Jan 18, à 22:25, Thomas Hinterberger kult-ex@xxxxxxxxx a écrit : 
> 
> > dear all, 
> > 
> > I am Keymaster in the forum, but I dont find any possibilities in the admin 
> > dashboard to change the upload possibilities of the users 
> > 
> > http://forum.slitaz.org/topic/which-files-users-are-not-able-to-upload 
> > 
> > I have no idea, who is responsible for the forum - but it would be great, if we 
> > can change this 
> > 
> > another question - what happens, when I press the button "Delete all Bozos" - we 
> > have tons of junk users - is there any way to get rid of them? 
> > 
> > ciao 
> > 
> > Thomas 
> > 
> > -- 
> > SliTaz GNU/Linux Mailing list - http://www.slitaz.org/ 
> 


-- 

--------------------------------------------------------------

     Von HUMANITÄT / Über NATIONALITÄT / Zur BESTIALITÄT

~ ~ ~ ~ ~ ~ ~ ~    Franz Grillparzer   1849    ~ ~ ~ ~ ~ ~ ~ ~ 


--
SliTaz GNU/Linux Mailing list - http://www.slitaz.org/

Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/