Joomler!.net - Decided on Joomla!

Jboard is Multiple Board!

 

Archives

Blog

Demo

Home » Blog » and
1 votes
Written by:Joomler! 16750 hits Sunday, 09 February 2014 10:11

バージョンアップがあったが、この脆弱性への対応は含まれていないようだ。

徳丸さんのサイトで公開されていたので対策してみました。

とりあえず、下記のコード変更をすぐに適用するか、mod_tags_similarを無効にしてください。対象バージョンは、mod_tags_similarが有効なおそらく3.1以降のどれも該当すると思います。(mod_tags_similarがそのバージョンからのようなので)
※また、この変更はもちろん正式なものではないので次のバージョンアップの情報に注意しましょう。

変更するファイルは、ROOT/modules/mod_tags_similar/helper.phpです。

元のコード

		$id         = (array) $app->input->getObject('id');

		// Strip off any slug data.
		foreach ($id as $id)
		{
			if (substr_count($id, ':') > 0)
			{
				$idexplode = explode(':', $id);
				$id        = $idexplode[0];
			}
		}

		// For now assume com_tags and com_users do not have tags.
		// This module does not apply to list views in general at this point.
		if ($option != 'com_tags' && $view != 'category'  && $option != 'com_users')

変更後のコード

		$id         = (array) $app->input->getObject('id');

		// Strip off any slug data.
		foreach ($id as $id)
		{
			if (substr_count($id, ':') > 0)
			{
				$idexplode = explode(':', $id);
				$id        = $idexplode[0];
			}
		}

		$id = (int)$id;

		// For now assume com_tags and com_users do not have tags.
		// This module does not apply to list views in general at this point.
		if ($id > 0 && $option != 'com_tags' && $view != 'category'  && $option != 'com_users')

$idを明示的にintにしている部分と、$idが0以下なら何もしないようにしています。

また、合わせて徳丸さんが以下のように書かれていたが、どうか。

 
0 votes
Written by:Joomler! 25486 hits Tuesday, 12 November 2013 11:02

Two factor authentication Extend released.

twofactorauth_extend_256Featured

  • This plugin simplifies Two factor authetication.
    This plugin can make two factor authetication skip by carrying out the check of OS, a browser, and an IP address for a required two factor authentication code for every login. 
    When it accesses from different OS, IP address, and browser, the process of the usual two factor authentication is performed.

How to use

  • Enabled two factor authentication and select Google Authenticator.
  • Install two factor authentication extend(this plugin) and configure.
    * twofactorauth_extend_orderPlease set it to run at first.

 

 
0 votes
Written by:Joomler! 25200 hits Tuesday, 21 May 2013 09:43

XMLRPC for Joomla!2.5.x and 3.x version 2.0.4 released.

Fix

  • The file upload error which sometimes takes place
  • The error by an old method

How to install or update

  • Normal install
 
0 votes
Written by:Joomler! 24616 hits Thursday, 24 January 2013 15:21

xmlrpc128XMLRPC for Joomla!2.5.x and 3.0.x version 2.0.1 released.

Fix

  • Get recent posts

How to install or update

  • Normal install

Please download from the following link.

 
0 votes
Written by:Joomler! 24175 hits Sunday, 14 October 2012 13:12

XMLRPC for Joomla!2.5.x and 3.0.x version 2.0.0

xmlrpc128New features

  • Change author as “Created by alias” (Added wp.getAuthors and permission “Change Author”)
    * Select other users
  • Some changes

Changes

  • Default path for file to “Relatvie”
    If you want “Absolute”, please select “Absolute”.

* If You can not access “your site/component/xmlrpc/rsd.xml or manifest.xml”, please see the following link.

XMLRPC 1.7.1 - WindowsLiveWriter 2011 Unable to connect

 
<<<12>>>
1 / 2

JContentPlus for Joomla!1.5 powered by Joomler!.net

デル株式会社
joomler.net is not affiliated with or endorsed by the Joomla! Project or Open Source Matters.
The Joomla!(R) name is used under a limited license from Open Source Matters in the United States and other countries.
joomler.net is not affiliated with or endorsed by Open Source Matters or the Joomla! Project.