
Ok Cool, thanks for clirifying that. I actually noticed it occurs on that simgle instance. So do i wait for your installation documentation or should i proceed to further dig deeper into it? ;-) SKYPE: sobbayi US: +1 202 297 6831 +1 202 470 0525 KE: +254 722 627 691 http://blog.sobbayi.com ----- Original Message ----- From: "Michael Pedersen" <sku@kaal.dk> To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Sent: Tuesday, October 20, 2009 10:53:56 AM GMT -05:00 US/Canada Eastern Subject: Re: [Skunkworks] Taesk CMS Hi Steve, Ahhh... yes you are right, someone put that in there at some point... I just took a tour of the office hunting for the guilty person ;-) Ofcourse you can just append "php" to your copy of the code - that will solve the problem for you. Meanwhile I'll make sure that this bug is fixed in Taesk 1.6.7. Just to clarify - it is still not the "register global" option in php - it is the "short_open_tag" option in php (and it is default on) see: http://dk.php.net/ini.core Never the less - it is a bug (although minor) and will be fixed - thank you for alerting me to this! Regards Michael Pedersen Steve Obbayi wrote:
@Michael I am sure of what i am saying here is a sample of the code from the index.php code i am trying to load assuming its the right piece of code:
Notice the legal notice starts with <?php
however there is a portion just above the line that says #Not a pretty setup guide - but it works starts with <? (this obviously requires Register Globals to be On. unfortunately that portion looks like it loads configurations and stuff.
Correct me if i am wrong
<?php /* This legal notice is only available in English.
Taesk CMS is Copyright 2001-2009 PLUSPEOPLE Aps - www.pluspeople.dk Taesk CMS is released under the GPLv3 licence, for full information regarding the GPLv3 licence see the included licence file.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
If the GPLv3 licence does not fullfill your (commercial) needs then contact PLUSPEOPLE regarding an alternative licence agreement.
If you have any questions about this legal notice, please contact PLUSPEOPLE at the following e-mail address: info@pluspeople.dk */
system('touch .htaccess');
?> <html> <head> <title>TaeskCMS 1.6 installation</title> <link rel="stylesheet" type="text/css" href="/taesk/template/1/1css/cms-default.css" media="screen"> </head> <body> <table border="0" cellspacing="0" cellpadding="0" width="100%"> <tr> <td bgcolor='#3D7AC4' width='100%' colspan=2 bgcolor="#3D7AC4"><img src="/taesk/template/1/1image/taeskcms.jpg" alt="" width="500" height="200"></td> </tr>
<tr> <td valign="top" style="padding:20px;"> <font class="taeskheader">TaeskCMS 1.6 installation</font> <? #Not a pretty setup guide - but it works
ini_set("include_path", $_SERVER["DOCUMENT_ROOT"] . "/taesk/webroot:" . $_SERVER["DOCUMENT_ROOT"] . "/public_site/include:" . $_SERVER["DOCUMENT_ROOT"] . "/taesk/include:./"); require_once("Configuration.php"); $config = Configuration::instantiate(); $step = (int)$_GET["step"]; $db = Database::instantiate(Database::TYPE_READ);
SKYPE: sobbayi US: +1 202 297 6831 +1 202 470 0525 KE: +254 722 627 691
http://blog.sobbayi.com http://sobbayi.blogspot.com
----- Original Message ----- From: "Michael Pedersen" <sku@kaal.dk> To: "Skunkworks Forum" <skunkworks@lists.my.co.ke> Sent: Tuesday, October 20, 2009 9:35:40 AM GMT -05:00 US/Canada Eastern Subject: Re: [Skunkworks] Taesk CMS
Hi Steve (and skunks).
I am impressed that you are attempting to install Taesk CMS before I have published a installation guide. However I'm not sure you figured out exactly what your problem is (kind of hard for me to say exactly).
Taesk CMS does infact require register globals to be disabled - and have been coded like this for several years - so that is clearly not the problem.
Also I think you have something mixed up in your understanding about what register globals is. In short register globals is the option that, if enabled, allows you to use user submitted data directly as variables - and yes this is a major security issue (and generally not recommended in any php development).
With register globals enabled you can write code like: $a = $searchInput // provided that you e.g. have a form field called "searchInput"
With register globals disabled you instead have to write it like: $a = $_POST["searchInput"];
Further more you mention replacing "<?" with "<?php" this is _not_ register globals, but another php option called "short-tags" (or something close to that), Again I have to tell you that Taesk CMS does not require short-tags to be enabled - in other words all the code blocks should infact already be written as "<?php".
I have personally not written code that required that option enabled since...... what ... 10 years ago when working in Icon Medialab...
Anyway - end result is that neither of the things you experience as problems should be problems with Taesk, if you can provide a bit more detail about (exactly) what you have done I might be able to help you better... As an alternative wait for the install guide that should be released shortly.
Regards Michael Pedersen
Steve Obbayi wrote:
@Michael. Hi I'd really like to say good work on this one but unfortunately I am having trouble running this on my development server. The problem is this. For security purposes you may need to alter you code to be able to run on a server that has "Register Globals" disabled. I do not use Globals on my production servers neither do i use it on my development server. i can bet you there are millions of servers out there that have "Register Globals" disabled. Besides it is the default setting for the PHP installation
So you may need to step through your code and change all instances of "<?" to "<?php"
otherwise looking forward to be able to run it on my server.
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke Other lists ------------- Announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science: http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi: http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general