<![CDATA[ MODX Evolution 1.0.14 Out Now - My Forums]]> https://forums.modx.com/thread/?thread=91265 <![CDATA[Re: MODX Evolution 1.0.14 Out Now]]> https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499676 http://modx.com/extras/package/ajaxsearch]]> Jako Jun 07, 2014, 02:54 AM https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499676 <![CDATA[Re: MODX Evolution 1.0.14 Out Now]]> https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499674
Fatal error: Call to undefined method DBAPI::freeResult() in PATH\TO\MODX\assets\snippets\ajaxSearch\classes\ajaxSearchRequest.class.inc.php on line 69

Strange... Is this method applied to a more recent MODX version?]]> diatomin Jun 07, 2014, 01:11 AM https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499674 <![CDATA[Re: MODX Evolution 1.0.14 Out Now]]> https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499625 following htaccess rules:

/assets/.htaccess
# Restrict direct access to script file types and templates
<FilesMatch "\.(php|tpl)$">
   Order allow,deny
   Deny from all
</FilesMatch>


In this case index-ajax.php was in root and made me vulnerable, but this removes direct access to all php files in assets folder.
https://github.com/modxcms/evolution/pull/266

Update: "Some multiTV options will not work with that. But I will try to add a .htaccess in the multiTV folder."--Jako]]> mrhaw Jun 06, 2014, 11:16 AM https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499625 <![CDATA[MODX Evolution 1.0.14 Out Now]]> https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499546
We'd like to thank the contributors for this release who are: Thomas Jakobi (Jako), Dmytro Lukianenko (Dmi3yy), Segr Kaparov (Segr), Masanori Yamamoto (yama), Kari Söderholm (Haprog), Pavel Yakimov (yakimoff), MrSwed, and Pathologic.

With regard to the important AjaxSearch security issue, there are three options to mitigate the issue:

  • (better) Update AjaxSearch to 1.10.1
  • (best) Upgrade to MODX Evolution 1.0.14

To everyone who filed bugs and made feature requests. Thanks and keep them coming!

To keep your MODX sites safe and performing their best, we strongly recommend upgrading to the latest version of Evolution. If you need someone to assist you with your MODX Evolution upgrade, check out our MODX Professionals directory.

Here are the highlights of the 1.0.14 release:

  • Important AjaxSearch update that addresses a critical security issue.
  • A variety of core bug fixes
  • Improved logging/debugging
  • A number of updates to Wayfinder, WebLogin, Ditto, and TinyMCE
  • Read a complete list of changes in the changelog.txt file located at /install/

Download Evolution 1.0.14 now.
]]> opengeek Jun 05, 2014, 03:19 PM https://forums.modx.com/thread/91265/modx-evolution-1-0-14-out-now#dis-post-499546