1.0.5 to 1.0.6 without install method

Do we have a list of files to upload on a 1.0.5 version just to prevent the security problem :
[#7175] Fix sanitization to strip tags recursively in parser and in eForm

i don't want to use the install method on live website

thanks

in the file /manager/includes/protect.inc.php
do you know if we change

foreach ($target as $key => &$value) {

to

foreach ($target as $key => $value) {

in the line 36, fix the [#7175] problem

thanks! [ed. note: blackmeridian last edited this post 12 years ago.]

I would like to know the same, since I have 20ish websites to update.
Can anyone provide a list with changed files in 1.0.6 (compared to 1.0.5)?
Or a method how to compare both releases
thx in advance!

One way to tell is to go to https://github.com/modxcms/evolution/tree/master and check the "age" column of the files.

I would still recommend running the installer in upgrade mode even if you only replace two or three files.

thanks for the link on github

https://github.com/modxcms/evolution/tree/master/manager/includes show that the file protect.inc.php was change to fix [#7175]

thanks !

Hi suzan, thx for your reply.
Checking the differences via GitHub is indeed a good option, thx for the tip.
I'll try both options (manual and installer). I don't have SLA's with all of my customers, so for some websites I'm looking for the quickest way.

Just out of curiosity (and eagerness to learn more about Evo), why would running the installer be a better option? Because of e.g. MySql errors? I saw some folks on this forum having troubles after upgrading.

No particular reason in this upgrade, but it's just something to keep in mind if just replacing the patched files appears to break the site.

Aight, point taken and sounds pretty obvious. Thx!