Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Avatar Uploading
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.00.00 - v2.02.00 Distro
Author Message
Duke
Regular
Regular



Joined: Jan 09, 2006
Posts: 56
Location: Under your bed
PostPosted: Sun Feb 19, 2006 5:19 am Reply with quote
Has anyone else experienced a problem with not being able to upload avatars to your Profile?

All the permissions seem fine, gallery avatars work and browsing my machine for an avatar, and uploading seem to work fine with no error messages yet no avatar ever displays.

Any ideas?

Thanks.

BTW, thank Raven for your help in getting this distro installed, much appreciated!
 
View user's profile Send private message Send e-mail Visit poster's website
Susann
Moderator



Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support
PostPosted: Sun Feb 19, 2006 4:41 pm Reply with quote
Change chmod to 777 for modules/Forums/images/avatars/xy.gif

or define in your forums configuration such a path:

modules/Forums/images/avatars/userpic/xy.gif
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing



Joined: Apr 30, 2004
Posts: 3221
PostPosted: Sun Feb 19, 2006 10:09 pm Reply with quote
Just note that uploading is a security risk. If you really do not need this feature, you should keep it disabled

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Duke
PostPosted: Mon Feb 20, 2006 3:11 am Reply with quote
I'm aware that avatar uploading is a risk but I would like my members to have as much account freedom as possible. Is it safer to allow remote avatars then?

BTW, thanks for the help folks, apparently I'm a bigger phpnub than I originally thought.
 
Susann
PostPosted: Mon Feb 20, 2006 7:29 am Reply with quote
I´m not the security expert but from phpBB security tracker I know cross site srcipting with IE in avatar upload was fixed in version 2.0.18.
If you use the search function you ´ll find several topics about this security risk:

http://www.ravenphpscripts.com/postt1876.html
 
Duke
PostPosted: Mon Feb 20, 2006 11:10 pm Reply with quote
Thanks again for the help.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.00.00 - v2.02.00 Distro


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©