Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Caught a bug in v1.4.13 (search)?  (Read 16268 times)

0 Members and 1 Guest are viewing this topic.

danicotra

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Caught a bug in v1.4.13 (search)?
« on: October 27, 2007, 02:18:32 pm »

Hello there.
I "hat in hand" write to you.
I don't know if I'm right but I think I found a bug within coppermine v1.4.13:
when I search for a photo I got an empty search string as thumbnail's title ("")
I noticed the problem is that in line 1255 of include/functions.inc.php , in function get_pic_data:
Code: [Select]
                        $album_name = $lang_meta_album_names['search'].' - "'. strtr($search_string, $HTML_SUBST) . '"';
as a result of the strtr() function I got an empty string because the $HTML_SUBST variable was empty despite it was globally referenced in line 897:
Code: [Select]
        global $USER, $CONFIG, $ALBUM_SET, $META_ALBUM_SET, $CURRENT_CAT_NAME, $CURRENT_ALBUM_KEYWORD, $HTML_SUBST, $THEME_DIR, $FAVPICS, $FORBIDDEN_SET_DATA;
Is that a bug?
To solve it I add the following line (which I took from init.inc.php):
Code: [Select]
$HTML_SUBST = array('&' => '&amp;', '"' => '&quot;', '<' => '&lt;', '>' => '&gt;', '%26' => '&amp;', '%22' => '&quot;', '%3C' => '&lt;', '%3E' => '&gt;','%27' => '&#39;', "'" => '&#39;');
just after the global references and now I finally see the correct search string upside the thumbnails of the found photos.

Is that a bug? Or it happens just to me? Or is there a better way to get things work?

Please let me know...
Thank you.
« Last Edit: November 05, 2007, 08:20:02 am by GauGau »
Logged

danicotra

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Caught a bug in v1.4.13 (search)?
« Reply #1 on: November 02, 2007, 09:33:52 pm »

Excuse me sirs, nobody else noticed this problem? Was I the only one facing this (let's call it so) "bug"?
Please answer. Thank you.
Logged

Nibbler

  • Guest
Re: Caught a bug in v1.4.13 (search)?
« Reply #2 on: November 03, 2007, 07:22:47 pm »

Can you replicate this on the demo ?

http://coppermine-gallery.net/Obsolete
Logged

danicotra

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Caught a bug in v1.4.13 (search)?
« Reply #3 on: November 04, 2007, 10:59:59 pm »

No Sir, the demo works good...
Then maybe the problem for me was due to web server (apache) or, most likely, php settings (maybe register globals turned off)?
Thank you anyway for your answer!
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Caught a bug in v1.4.13 (search)?
« Reply #4 on: November 05, 2007, 08:19:46 am »

Coppermine doesn't need the naughty register_globals. On our server (where the demo resides), register_globals is off.
If this issue doesn't exist on the demo, it is very likely that this is not a bug within coppermine, but something on your end. Marking thread as "invalid". If you have new insight, you're welcome to update this thread by reporting your results.
Logged

danicotra

  • Coppermine newbie
  • Offline Offline
  • Posts: 5
Re: Caught a bug in v1.4.13 (search)?
« Reply #5 on: November 05, 2007, 02:22:47 pm »

I noticed the same problem in every (I suppose) script that uses the $HTML_SUBST variable in conjunction with the strtr() functions (eg. delete.php in function parse_select_option when filling the array 'album_nm')... I must manually define the variable $HTML_SUBST every time to get over this (it's not a pleasure) !!!
Well, let's off php configuration, what I didn't say was I'm using Coppermine 1.4.13 bridged (bridge v1.02) inside e107 0.78... I think you can't give support for this but... I can't understand how a bridge can destroy the global referencing to variables (which I think it's the origin of my problems)? Probably the problem is somehow connected to this, I suppose... any Idea?
Thank you guys.
Logged
Pages: [1]   Go Up
 

Page created in 0.018 seconds with 20 queries.