Release highlights:
- Escape quotes in attr values of input tags using a new helper: osc_esc_html #105
- PHP Warning if the user doesn’t have a description in his profile #108
- PHP Warning in Search model #110
- Modified behavior in add/edit form of custom fields #112
- Style of radio buttons in custom fields #117
- JS error in add/edit page in oc-admin #119
- XSS vulnerabilities in search page
- SQL injections in search page and AJAX request in oc-admin (need to be logged as an admin)
Special thanks to Filippo Cavallarin and High-tech Bridge for reporting discretely the security vulnerabilities until we’ve published a new version. Last week we uploaded a Romanian .sql file to geo.osclass.org/downloads (thanks to Eduard Mihai). During this week we’re going to upload Latvia (thanks to Edgars Burmistris). If you want to add or improve your country locations, please contact us to info@osclass.org.
Download
UPDATE 17/01/2012: Upload again the version because a mistake in custom fields of a last minute change
After upgrading from osc 2.3.4 to 2.3.5 I can’t see any plugins in the Dashboard but I can see them in the site oc-content/plugins subdirectory. I had disabled the plugins before I ran the upgrade. Weird – isn’t it?
@Gizmo: Is it the only problem you’re experiencing? Please, go to the forum and post there your problem.
Hi Juan,
Even after downloading the updated version I am getting following error message after manually upgrading.
The error is created at the time of posting a new item:
Warning: preg_match() expects parameter 2 to be string, array given in /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php on line 316
Warning: preg_match() expects parameter 2 to be string, array given in /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 54
Warning: preg_match() expects parameter 2 to be string, array given in /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php on line 316
Warning: preg_match() expects parameter 2 to be string, array given in /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 54
Warning: Cannot modify header information – headers already sent by (output started at /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php:316) in /home/XXXXXXXXXXXXX/oc-includes/osclass/core/Cookie.php on line 94
Warning: Cannot modify header information – headers already sent by (output started at /home/XXXXXXXXXXXXX/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php:316) in /home/XXXXXXXXXXXXX/oc-content/plugins/paypal/index.php on line 247
Here you have the solution: https://github.com/osclass/OSClass/commit/94a06a5660fc0319c1d82adac6dfb05c66425e17
Hello Juan the problem is not solved yet same error is coming on our website please check it out in inner pages of search panel. please try to solve this error as fast as possible.
After downloading the updated version I am getting following error message
Please Help me
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@adsbox.in and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at adsbox.in Port 80
@digant dalal: Can you try changing this file? http://forums.osclass.org/installation-update-help/warnings-from-2-3-5/msg20426/#msg20426
@M. K. Khan: Can you log your PHP errors as this page describe; http://wiki.osclass.org/Debug_PHP_errors Is it appearing some error in the debug.log file?
i bought some webspace and now i want to install osclass please help me
@Juan let me try now.
@Juan i was test but more errors are coming it is not yet fix. Dear Juan please try to solve this issue because a lots of users are coming on our website and they are not getting our services proper. Thanks Digant Dalal
ERRORS ARE
Warning: preg_match() expects parameter 2 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php on line 316
Warning: preg_match() expects parameter 2 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 54
Warning: strlen() expects parameter 1 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 72
Warning: preg_match() expects parameter 2 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Lexer.php on line 316
Warning: preg_match() expects parameter 2 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 54
Warning: strlen() expects parameter 1 to be string, array given in /home/content/36/8486036/html/oc-includes/htmlpurifier/HTMLPurifier/Encoder.php on line 72
i was try from this link http://sourceforge.net/projects/osclass/files/2.3/osclass.2.3.5.zip/download
@digant dalal: Are you sure you have changed the file? Everyone that have made this change, they have fixed this error. Please, post this problem in the forum.
@Juan yes i was update Params.php from here https://github.com/osclass/OSClass/blob/hotfixes/oc-includes/osclass/core/Params.php
and Error is now solved. Thanks for your great support Juan. I hope one day we will working together with the good business deal cheers.
Digant Dalal
Founder and CEO
Gravity Effects