Closed sleemanj closed 3 years ago
I'm looking for a way to use one installation of Xinha for more than one Webside! In the ImageManger plugin (config.inc.php) there is only the way to set one path!
$IMConfig['images_url'] = str_replace( "backend.php", "", $_SERVER["PHP_SELF"] ) . "demo_images";
What can I do?
gogo
to gocher
niko commented:
this is just the default-value which can be overwritten by other settings. take a look at this wiki-page, the usage is explained there: ImageManager
and take a look at the bottom of config.inc.php
anonymous commented:
== dgd gdf gdfg dfg
dfg dfg''''[' dfgdg dfg dfg'''''] ---- ''''''
==
Pushing this to 2.0 release for two reasons
- it's a non-critical plugin, ImageManager is there and secure
- fixing this will change how InsertPicture is setup
2.0
trunk
changeset:1203
I have disabled InsertPicture (which is now resident in unsupported_plugins), while I have not had any reports of it being attacked/compromised, I had a look at the code in there and it did not fill me with confidence.
It should be removed sometime, but for now the message will advise developers that they should upgrade to ImageManager and that InsertPicture will go away soon.
fixed
new
to closed
currently you can write in ANY directory where the www-user has write-rights by setting the localpicturepath, which is a big security hole.
you could use the same algorithm as ImageManager does to protect the settings.
Reported by niko, migrated from http://trac.xinha.org/ticket/472