IMPORTANT. Dolphin 6.1.4 Security Patch Release

Thanks for the quick action!

nice and easy update, thank you team, nice to see you are on the ball now.

They should all be so easy. Thanks for the patch.

groups/orca/ would have never thought.... glad I know how to follow instructions...Most of the time :) Thanks VictorT

Victor,

Thank you for jumping on these problems! Again you impress me with your sincerity to provide the community with not only functional but also secure software.

Good Job!

Juker

Thank you Victor

The patch work fine

thank you for this hard work for make big dolphin script :)

regards
Rawaf
http://www.a7lakalam.com

I have upgraded with 6.1.4 but still getting this message from the date of site problems recently with regard to globals settings
Warning: main([path_to]inc/header.inc.php): failed to open stream: No such file or directory in /home/jaijine/public_html/periodic/cupid.php on line 21

Fatal error: main(): Failed opening required '[path_to]inc/header.inc.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/jaijine/public_html/periodic/cupid.php on line 21

before this message never used to come..now everyday around 30 to 40 messages are sent from server to our id...

Kindly advice..

I disagree with this patch, and funny, this was caught by me almost 8 months ago, in orca 1.2 - if you add this patch, it allows certain tags to be included in the title text, this is a problem, who wants an image or what not as a title - try it :) - this is the correct fix, without changing forum.php - in utils.inc.php - change:
function prepare_to_db(&$s, $iAllowHTML = 1)
{
if ($iAllowHTML){ cleanPost($s);
}
to:
function prepare_to_db(&$s, $iAllowHTML = 1)
{
if ($iAllowHTML){cleanPost($s);}else{strip_tags($s);}
}

This fix will strip ALL html out of the title --- much nicer...

:)

I posted this somewhere a WHILE ago...

The new version of 6.1.4 is having following errors..
(1) if you have made any id from admin, it will not appear in the general list of members...

(2) Visitors cant see the original size of photos..as the action button even after activating from admin panel, does not show the action menu.....if you are not logged in or you are a visitor...

(3) Alignment problems in pages.....in firefox the photo, video, music pages drift towards the left hand side and in internet explorer the same are not at all aligned as they were in the previous version...

(4) In groups while posting, if you are doing copy and paste....and changing the font and size..the same does not take effect.. it also does not take the original fonts..

(5) Music files starts immediately whereas video files take lot of time in starting whereas in 6.1.1 they used to start immediately..

(6) From the promo flash on homepage, default images comes again and again after deleting also from admin panel.

(7) Profile voting cant be done by visitors...this function was there in the 6.1.1

(8) Tags appear in the profile page, but are not active. no link is with them....

Any one with solution to the above will be a gr8 help for the following religious site..

Ref : www.jai-jinendra.com

After installing 6.1.3 and 6.1.4, on trying to compile Orca language I am getting error "Language files compilation have been failed. Please check folders permissions."

All level 1 folders under /orca/ are set to 777.

Same problem with /groups/orca/

Can someone please guide on solving this issue.

Folder permissions are:
/orca/ 777
/orca/cachejs 777
/orca/classes 777
/orca/conf 777
/orca/inc 777
/orca/js 777
/orca/layout 777
/orca/log 777
/orca/xml 777

Are there any further level folders within /orca/ that needs changing permissions?

thanks for the update

I completed the install and now have this error instead of my site.

Fatal error: Call to undefined function: getrayintegrationjs() in /home/triuneit/public_html/inc/admin_design.inc.php on line 324

What is the problem? Any help would be great!

My Site Is Being Hacked!

I have 70 active members and on Sunday night 10 members disappeared, on Monday night another 10 members disappeared, on Tuesday I began rebuilding and added 12 new members for a total of 62 and on Tuesday night 25 members disappeared. On Wednesday I removed all of the members except nine from my website and this morning (Thursday) one of the nine is missing.

When I installed the patch 6.1.4 I tried to recompile the language files but for /groups/orca or for /orca I get a "Failure To Recompile" error message and I can no longer recompile languages.

Can anyone help with the virus attack?

Thanks

Attention Boonex Community - Hacker Alert!

No Password on your site is safe. My member passwords are being bypassed and all membership information is being systematically deleted. I have temporarily changed the status of my remaining existing members to unconfirmed and the hacker cannot see them. Change your memberships to unconfirmed until this hacker attack is eliminated.

I want to give the Boonex team the benefit of the doubt. I think they are working hard to beat down these hackers and my problem may be a new problem not covered by the patches.

Juker

I also got the same problem. My members profiles are disappearing suddenly. It is weird, but i don't think is a hack attack, but just a misconfiguration. I looked into the Database pruning from the admin panel, and the profiles by last login would be to be deleted after 180 days from the last login. I changed that to "0" (zero) and everything looks ok now, after i re-inserted the profiles from my backup. I'm not sure if my member profiles will remain after i will switch that in future... Whatever, Boonex having a look over this issue may clear this for us. Perhaps is a bug!?

Hi,

I haven't lost any more members since switching the deletion to 0 days. It is a configuration problem and I thank you for pointing out the solution.

God Bless,

Juker

eyeway KMD keeps hacking sites with there mod installs. Watch out once you give them your host login info to do the mods they get your ftp info and keep hacking it. Thanks goes out to Mike for such a good team he is working with.

Not sure about the patch, but I have latest release and patch and my entire site has been compromised and hacked. Not good.

Hello BOONEX:

Someone went into my database in past few days and DELETED ALL PUBLIC_HTML content !!!

Which means my website has become totally deleted !!!

Forunatelly, I was able to restore it with the help of my hosting provider, but it is huge BLAM for you guys...!

Since only your Tech Support had all te passwords required for going into my database, I ask you to investigate this case immediatelly and give me an explanation!

I have latest release and patch and my entire site has been compromised and hacked, too.

I have had the same thing happen. My host recommended that I ask Boonex for help because they say my site is very vulnerable.

xsl url ?>
Warning: Cannot modify header information - headers already sent by (output started at /home/comunida/public_html/orca/layout/uni_en/params.php:14) in /home/comunida/public_html/orca/inc/util.inc.php on line 36

Warning: Cannot modify header information - headers already sent by (output started at /home/comunida/public_html/orca/layout/uni_en/params.php:14) in /home/comunida/public_html/orca/inc/util.inc.php on line 37

Warning: Cannot modify header information - headers already sent by (output started at /home/comunida/public_html/orca/layout/uni_en/params.php:14) in /home/comunida/public_html/orca/inc/util.inc.php on line 38

Warning: Cannot modify header information - headers already sent by (output started at /home/comunida/public_html/orca/layout/uni_en/params.php:14) in /home/comunida/public_html/orca/inc/util.inc.php on line 39

Warning: Cannot modify header information - headers already sent by (output started at /home/comunida/public_html/orca/layout/uni_en/params.php:14) in /home/comunida/public_html/orca/classes/en/BxXslTransform.php on line 61

This patch 6.1.4 has wrecked our forum and Boonex support can not or will not fix it. After a month of back and forth with them we are appealing to any one who can fix this problem. When we try to recompile the language files for /groups/orca or for /orca we get a [L[Language files compilation have been failed]] error message.

The last suggestion Boonex gave us is to have your system administrator update the libxsl library on your server. Well we don't have a system administrator and we don't know what the libxsl library is and apparently Boonex is not going to step up and fix the problem without passing the buck back to us.

Any help will be greatly appreciated.

My site also hacked

MIne too and I stopped using Dolphin because of it. Sorry guys I can't afford getting in trouble due to abuse reports coming in on my accounts on my servers. This should have been taken care of before the 6.1.4 was released. I host at Hostforweb on a vps server and they tell me boonex has to take care of the issure meanwhile I shut down my domains that where running Dolphin and all of its programs, addon's and so fourth.