Elgg 1.7.3 security release

Elgg 1.7.3 has been released and addresses a security vulnerability.  Users are encouraged to upgrade immediately.  Visit the blog for more information.

  • I realize I this months resident drama queen....but that said, what are my options on reverting back to 1.7.2 in light of the fact Site Access captcha doens't work in 1.7.3 or 1.7.4 not does Profile Manager's registration requirement for icon photo in 1.7.4.

    Can I revert back to 1.7.2 and keep my "upgraded" databes?

  • Brett-Can you comment on my reverting back to 1.7.1 or .2 but keeping my 1.7.4 upgraded database? Any issues you can see?

  • The database did not change in the upgrades to 1.7.3 and 1.7.4 which means you should in theory be able to run 1.7.2 code with your current database (but not 1.7.1).

    I think it was 1.7.2 that finally completed the data directory structure change that began in 1.6.0. If Profile Manager works with 1.7.1 and doesn't work with 1.7.2, it is likely that it is using usernames for the profile icon filenames (the old way) rather than GUIDs. GUIDs are much better for supporting national character sets. If so, reverting the code to 1.7.2 will not solve your issue.

    I have no idea what might be causing problems with the captcha of SiteAccess. If you are using it only for that, you could switch to the reCAPTCHA plugin.

  • Cash thanks, always the calming voice around here. I use Vazco Gmaps and pretty much needs SiteAccess.  Uddhava says he plans a version without captcha, would be nice to be able to change captcha's without leaving Site Access. My system is pretty complex. I had Site Access with it's captcha for reg's and then Zacher used Elgg captcha for a non logged in comment system I have on my profiles.

    Zacher's team tuned around things I would guess. My upgrading is the usual wrench in the cogs, when it was working great. I just thought the upgrade wouldn't cause new issues, but anyways, this is how we progress, no?

  • Getting this in my new 1.7.4 install when I click on group topic title-

    DatabaseException

    Unknown column 'a.parent_guid' in 'where clause'

    QUERY: SELECT count(a.id) as sum from elgg_annotations a WHERE a.parent_guid=1 and ( (1 = 1) and a.enabled='yes')

  • Oops... there's definitely no parent_guid in the annotations table.  It was something we had been considering but decided to upgrade comments to entities instead of adding fields to the annotations table.  Looks like it got into the code somehow anyways...

    Can you report this to Trac?  Thanks.

  • Evan I will report it. Can you also comment of whether the discussions are now threaded? I only had this before when I installed "threaded discussions" plugin I think. I removed it, upgraded to 1.7.4 and see this, isn't this threaded, and was this added into core?

    threaded?

  • Threaded comments were not added to core in 1.7.4.

  • Apoligies I have Vazco_comments running. It was for something in profiles but now I see it effects the discussions. I will try disabling and see what happens with the error.

  • My newest 1,7.4 install is now broken. My custom profile is broken up. I get this error now quite often. Any ideas?

    DatabaseException

    Unknown column 'a.parent_guid' in 'where clause'

    QUERY: SELECT count(a.id) as sum from elgg_annotations a WHERE a.parent_guid=9 and ( (1 = 1) and a.enabled='yes')

     

This discussion is closed.

This discussion is closed and is not accepting new comments.

Feedback and Planning

Feedback and Planning

Discussions about the past, present, and future of Elgg and this community site.