Elgg 1.7.3 security release

Elgg 1.7.3 has been released and addresses a security vulnerability.  Users are encouraged to upgrade immediately.  Visit the blog for more information.

  • I assume you mean the instructions below? Which suggests that I look into a database column issue? All new to me, but I could try. MySql in Cpanel? If so then what might I do...delete a column?


    unknown column 'e.admin' in 'where clause'

    QUERY: SELECT * FROM elgg_users_entity as e
    WHERE (
    e.guid = 24
    AND e.admin = 'yes'

  • No, I meant the instructions on upgrade.php?upgrade=upgrade.  You seem to have followed them now. What page is this error occurring on?

  • Evan do you mean which page on website...aha...when I try to login enter my info I takes my to a broken website...then if I click on..to the blue screen with error

  • so the URL shows mysite/TahoeBilly with the bluw screen, so then I enter mysite/upgrade.php and it returns with same blue screen and mysite/upgrade.php?upgrade=upgrade

  • instructions are the same-

    Unknown column 'e.admin' in 'where clause'

    QUERY: SELECT * FROM elgg_users_entity as e
    WHERE (
    e.guid = 24
    AND e.admin = 'yes'

  • Those are not instructions.  That is just an error.

    It looks like your database upgraded but did not successfully complete one or more of the scripts.  I don't know of any way to tell which scripts were missed, but obviously the one about this admin column didn't make it in.  Anyone else have any suggestions?

  • 2010040201.php

    $qs[] = "ALTER TABLE {$CONFIG->dbprefix}users_entity
        ADD admin ENUM('yes', 'no') NOT NULL DEFAULT 'no' AFTER `banned`";

    about half-way in the list of upgrades did not quite make it ;-(

    function version_upgrade() {
        // It's possible large upgrades could exceed the max execution time.

    must have run out of exec time ;-(
    could possibly be too low memory and server getting entagled in hard-swaps...

  • If the upgrade script had failed due to running out of time, the database would not be showing the latest version. I think it is more likely that none of the upgrade scripts ran due to the problem with copying the code into the wrong directory.

    If this is true, editing the datalist table in the database to set the version to 2010030101and then running the upgrade script should fix the issue.

  • Cash indeed I wiped the files (not dbase) and reloaded fresh, still same error. I sense you are correct in your suspicion of the problem.

    Can you give someone like me clear instructions on how to "edit the datalist table" and set version to vesrion "2010030101">?



  • Do you have a tool for viewing/editing the database? Something like phpMyAdmin or one of those hosting provided control panels?

    If so, use it to view the datalist table in the Elgg database. Find the entry for version and edit its value.

This discussion is closed.

This discussion is closed and is not accepting new comments.

Feedback and Planning

Feedback and Planning

Discussions about the past, present, and future of Elgg and this community site.