7.5 update

Regular Joined: Nov 02, 2004 Posts: 54 Location: Colombia

Hi,

I just installed phpnuke 7.5

patch it against sql injection and as well the fomun module to 2.0.11

What other pacth should I use?

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Make sure it's pacthed with Chatserv's 2.8 series.

Posted: Wed Jan 26, 2005 9:14 am

Raven,

Where can I get the Chatserv's 2.8 series and what is that patch for?

Posted: Wed Jan 26, 2005 9:20 am

Off my front page. Chatserv is the authoritative source when it comes to patch sets. You can read in the docs what is patched Smile

Posted: Thu Jan 27, 2005 10:59 am

Raven,

Chatserv 2.8 installed...DONE!! but I thought that tha update of the forum module 2.0.11 was ok, but it's not.

Where can I get info about how to update this module and how can I know which version of the module I have. I'm using nuke 7.5

Thanks

Subject Matter Expert Joined: Feb 23, 2004 Posts: 358

In the currently posted 2.8 patched (Nuke 7.5), all of the relevant Forum files in the /includes and /modules/Forums folders have all of the phpBB 2.0.11 files. If you have run the update script that creates the _bbconfirm table and updates _bbconfig for version number, then you're good to go..

PHrEEk

Posted: Thu Jan 27, 2005 1:53 pm

Sorry, i'm lost

I did upgrade to 2.8 patch , but I don't remember have ran any update script. i just ftp some files and that's it...no update to the DB as far as I can remember.

Posted: Thu Jan 27, 2005 2:47 pm

ok, you didn't mention whether this is an upgrade of an existing Nuke x.x install, or a scratch site, but regardless, there is usually always 2 steps to any upgrade or patch procedure. The first part is to upgrade the filesystem by uploading and overwriting via FTP (you seem to have done this). The 2nd part is to run any scripts that alter the DB. Typically, this is only to modify the version number. As such, this is only a 'cosmetic' change and is unnecessary to start benefitting from the new filesystem. Other times, this might be a very important step.

Now, a virgin Nuke 7.5 contains phpBB 2.0.10. If you download and install ALL of the files in Chatserv's 2.8 patches, your phpBB filesystem will automagically be upgraded to 2.0.11. In other words, there is no need to install a virgin 7.5, do an upgrade from phpBB 2.0.10 to 2.0.11 and also install the 2.8 patches. Just installing the 2.8 patches gets both jobs done. If you have installed the 2.8 and didn't run any SQL script, then your Forums are in fact 2.0.11, but the version at the bottom might read 2.0.10.

So... check your DB. Do you have a {prefix}_bbconfirm table? At the bottom of your Forums does it say 2.0.10 or 2.0.11?

Here are 2 SQL queries you can run from within phpMyAdmin that will complete your upgrade if you need them.

Create a _bbconfig table:
(NOTE: This is only necessary if you currently use, or plan to use Forums registration for new users. If you use Nuke registration and plan to keep it that way, creating this table is unnecessary. Please replace {prefix} with your actual bb table prefix.)

Code:

DROP TABLE IF EXISTS `{prefix}_bbconfirm`;


CREATE TABLE IF NOT EXISTS `{prefix}_bbconfirm` (


  `confirm_id` char(32) NOT NULL default '',


  `session_id` char(32) NOT NULL default '',


  `code` char(6) NOT NULL default '',


  PRIMARY KEY  (`session_id`,`confirm_id`)


) TYPE=MyISAM;

Set phpBB version number from 2.0.10 to 2.0.11
(NOTE: This is a cosmetic change. Running this change to your phpBB version number will not protect you against known vulnerabilities unless you also have the proper files installed to reflect this version. It is highly recommended that you keep your version number up to date in your db, but to hide it from website visitors. You should remove all software version numbers from being displayed publicly. That way, script kiddies can't Google version numbers and make your site an instant target.)

Code:

UPDATE {prefix}_bbconfig SET config_value='.0.11' WHERE config_name='version';

PHrEEk