Hi!
My extreme apologies for the lateness of this fix, and my thanks to Eric for bringing it to my attention (unfortunately it came while I was away and the person who received it did not give it the proper attention it deserved).
I will update DBMan and Links 2.0 in the next 10 minutes or so fixing that issue, and a minor one brought to my attention from Blackwatch Labs -- passing in an invalid config file name can give viewers insight into your system setup as it shows the environment variables. By default you won't get a full error message unless db_debug is turned on.
For those of you who have modified it a lot, it is a quick fix, in sub query replace:
with:
Again, my apologies about this! Once we finish our new SQL library, we plan to release a new updated version of DBMan as everyone here at Gossamer (myself included) has learned a lot, and the new code will show that. =)
Neither DBMan SQL, Links SQL or Gossamer Mail are affected by this (FileMan is, but it's only in the admin -- we will update it as well). If you have any questions about this, please don't hesitate to ask!
Cheers,
Alex
--
Gossamer Threads Inc.
My extreme apologies for the lateness of this fix, and my thanks to Eric for bringing it to my attention (unfortunately it came while I was away and the person who received it did not give it the proper attention it deserved).
I will update DBMan and Links 2.0 in the next 10 minutes or so fixing that issue, and a minor one brought to my attention from Blackwatch Labs -- passing in an invalid config file name can give viewers insight into your system setup as it shows the environment variables. By default you won't get a full error message unless db_debug is turned on.
For those of you who have modified it a lot, it is a quick fix, in sub query replace:
Code:
$regexp_func[$field] = eval "sub { m/$tmpreg/o; }";Code:
$regexp_func[$field] = eval 'sub { m/$tmpreg/o; }';Neither DBMan SQL, Links SQL or Gossamer Mail are affected by this (FileMan is, but it's only in the admin -- we will update it as well). If you have any questions about this, please don't hesitate to ask!
Cheers,
Alex
--
Gossamer Threads Inc.
Security Notice: Offical Fix -- Important!