Support Forum Project Downloads FAQ Documentation About Demo Tutorials Blog Plugins
November 21, 2009, 03:56:53 am *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Maintenance release cpg1.4.25 - upgrade recommended
The Coppermine development team is releasing an update for Coppermine in order to fix an issue with http uploads that could occur in particular versions of PHP.The fix is not security-critical, so if your gallery is running fine with cpg1.4.23 or cpg1.4.24 you don't need to upgrade. If you are running an older version than cpg1.4.23, you must update to this latest version as soon as possible because of the security impact (the past few maintenance releases before cpg1.4.24 all were security-related).
[more]
   Home   Help Search Board rules Login Register  
forum.coppermine-gallery.net > No Support > Announcements > Topic: Remove relocate_server.php file from your website
Pages: [1]   Go Down
« previous next »
  Send this topic  |  Print  
Author Topic: Remove relocate_server.php file from your website  (Read 47038 times)
0 Members and 1 Guest are viewing this topic.
kegobeer Topic starter
Dev Team member
****
Gender: Male
Posts: 4637


Beer - it does a body good!


WWW
« on: November 27, 2005, 01:09:59 pm »
If you installed 1.4.2 or any 1.4 betas, you have a file called relocate_server.php in your root Coppermine directory.  You need to remove this file as soon as possible.  This file is designed to assist when moving from one server to another.  It allows the user to view the information in config.inc.php, but doesn't ask for any authentication.  If you have this file on your server your MySQL database information is available for anyone who executes the script.

Remove this file from your website as soon as possible.

Thank you.
Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots
Makc666
Translator
**
Gender: Male
Russian Federation Russian Federation

Posts: 1105


Русский (ISO-8859-1) - Russian - Ğóññêèé (Windows)


WWW
« Reply #1 on: November 27, 2005, 02:22:43 pm »
Why there is no any news about this "Critical Update" on the main page?
http://coppermine-gallery.net/
Now every one read the forums... Huh
Logged
(http://makc666.com/wedont.gif) "А стукачков мы не любим!"

Официальный Русский Перевод - 1.4.x

[MOD] Restriction of email domains
kegobeer Topic starter
Dev Team member
****
Gender: Male
Posts: 4637


Beer - it does a body good!


WWW
« Reply #2 on: November 27, 2005, 02:27:24 pm »
Maybe because not all the devs have access to change it?

Locking this thread now.

Edit: Now listed on the index.
« Last Edit: November 27, 2005, 07:58:14 pm by kegobeer » Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots
Joachim Müller
Administrator
*****
Gender: Male
Germany Germany

Posts: 45051


aka "GauGau"


WWW
« Reply #3 on: April 09, 2006, 11:26:15 am »
As suggested above, the file relocate_server.php must be removed from your server, as it could be used by others to tamper with your site. If you actually need it, get the copy I attached to this posting, but make sure to remove it from your server after having used it.
* relocate_server.zip (4.17 KB - downloaded 1399 times.)
Logged
Joachim Müller
Administrator
*****
Gender: Male
Germany Germany

Posts: 45051


aka "GauGau"


WWW
« Reply #4 on: April 21, 2006, 08:09:56 am »
In cpg1.4.5, I re-added a file named relocate_server.php to make sure that users who upgrade actually fix the older, dangerous version of that file. The file I have added to cpg1.4.5 is harmless and will only forward users to your index page.
Logged
Pages: [1]   Go Up
  Send this topic  |  Print  
forum.coppermine-gallery.net > No Support > Announcements > Topic: Remove relocate_server.php file from your website
 « previous next »
 
Jump to:  

Powered by SMF 1.1.10 | SMF © 2006-2009, Simple Machines LLC
Page created in 0.031 seconds with 15 queries.