head 1.5; access; symbols pkgsrc-2022Q3:1.4.0.106 pkgsrc-2022Q3-base:1.4 pkgsrc-2022Q2:1.4.0.104 pkgsrc-2022Q2-base:1.4 pkgsrc-2022Q1:1.4.0.102 pkgsrc-2022Q1-base:1.4 pkgsrc-2021Q4:1.4.0.100 pkgsrc-2021Q4-base:1.4 pkgsrc-2021Q3:1.4.0.98 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.96 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.94 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.92 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.90 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.4.0.86 pkgsrc-2020Q2-base:1.4 pkgsrc-2020Q1:1.4.0.66 pkgsrc-2020Q1-base:1.4 pkgsrc-2019Q4:1.4.0.88 pkgsrc-2019Q4-base:1.4 pkgsrc-2019Q3:1.4.0.84 pkgsrc-2019Q3-base:1.4 pkgsrc-2019Q2:1.4.0.82 pkgsrc-2019Q2-base:1.4 pkgsrc-2019Q1:1.4.0.80 pkgsrc-2019Q1-base:1.4 pkgsrc-2018Q4:1.4.0.78 pkgsrc-2018Q4-base:1.4 pkgsrc-2018Q3:1.4.0.76 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.74 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.72 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.4.0.70 pkgsrc-2017Q4-base:1.4 pkgsrc-2017Q3:1.4.0.68 pkgsrc-2017Q3-base:1.4 pkgsrc-2017Q2:1.4.0.64 pkgsrc-2017Q2-base:1.4 pkgsrc-2017Q1:1.4.0.62 pkgsrc-2017Q1-base:1.4 pkgsrc-2016Q4:1.4.0.60 pkgsrc-2016Q4-base:1.4 pkgsrc-2016Q3:1.4.0.58 pkgsrc-2016Q3-base:1.4 pkgsrc-2016Q2:1.4.0.56 pkgsrc-2016Q2-base:1.4 pkgsrc-2016Q1:1.4.0.54 pkgsrc-2016Q1-base:1.4 pkgsrc-2015Q4:1.4.0.52 pkgsrc-2015Q4-base:1.4 pkgsrc-2015Q3:1.4.0.50 pkgsrc-2015Q3-base:1.4 pkgsrc-2015Q2:1.4.0.48 pkgsrc-2015Q2-base:1.4 pkgsrc-2015Q1:1.4.0.46 pkgsrc-2015Q1-base:1.4 pkgsrc-2014Q4:1.4.0.44 pkgsrc-2014Q4-base:1.4 pkgsrc-2014Q3:1.4.0.42 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.40 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.38 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.4.0.36 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.34 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.4.0.32 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.30 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.4.0.28 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.26 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.24 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.22 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.20 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.4.0.18 pkgsrc-2011Q3-base:1.4 pkgsrc-2011Q2:1.4.0.16 pkgsrc-2011Q2-base:1.4 pkgsrc-2011Q1:1.4.0.14 pkgsrc-2011Q1-base:1.4 pkgsrc-2010Q4:1.4.0.12 pkgsrc-2010Q4-base:1.4 pkgsrc-2010Q3:1.4.0.10 pkgsrc-2010Q3-base:1.4 pkgsrc-2010Q2:1.4.0.8 pkgsrc-2010Q2-base:1.4 pkgsrc-2010Q1:1.4.0.6 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.4.0.4 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.4.0.2 pkgsrc-2009Q3-base:1.4 pkgsrc-2009Q2:1.3.0.2 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.2.0.20 pkgsrc-2009Q1-base:1.2 pkgsrc-2008Q4:1.2.0.18 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.16 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.14 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.12 pkgsrc-2008Q2-base:1.2 cwrapper:1.2.0.10 pkgsrc-2008Q1:1.2.0.8 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.6 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.4 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.2 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.1.1.1.0.8 pkgsrc-2007Q1-base:1.1.1.1 pkgsrc-2006Q4:1.1.1.1.0.6 pkgsrc-2006Q4-base:1.1.1.1 pkgsrc-2006Q3:1.1.1.1.0.4 pkgsrc-2006Q3-base:1.1.1.1 pkgsrc-2006Q2:1.1.1.1.0.2 pkgsrc-2006Q2-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.5 date 2022.12.23.13.47.42; author taca; state dead; branches; next 1.4; commitid vOL4bAnFxNQiDG6E; 1.4 date 2009.09.13.01.15.11; author taca; state Exp; branches; next 1.3; 1.3 date 2009.05.26.14.19.29; author taca; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2007.05.20.15.56.45; author taca; state Exp; branches 1.2.20.1; next 1.1; 1.1 date 2006.06.15.13.26.44; author taca; state Exp; branches 1.1.1.1; next ; 1.3.2.1 date 2009.09.13.14.57.36; author tron; state Exp; branches; next ; 1.2.20.1 date 2009.05.30.21.14.02; author tron; state Exp; branches; next ; 1.1.1.1 date 2006.06.15.13.26.44; author taca; state Exp; branches; next ; desc @@ 1.5 log @www/geeklog: update to 2.2.2 This is a leaf package. Please refer for changes before 2.2.2. 2.2.2 (2022-09-27) Geeklog v2.2.2 is now available for download and is the recommended version for all production sites. An update package is also available that contains only the files needed to upgrade from Geeklog v2.2.1sr1 to 2.2.2. This version of Geeklog now fully supports PHP v8.1. The minimum system requirements for installing Geeklog v2.2.2 is: * PHP v5.6.4 or higher (PHP 8.1 is supported) * MySQL v4.1.2 or higher (MySQL 5 recommended) * Postgresql v9.1.7 or later There was 95 closed issues for this version of Geeklog which resulted in 468 code commits (with 2,342 changed files). The major new features, improvements and fixes in this version include: * [Feature] Added Top 10 Likes and Dislikes to User Profile * [Feature] Added Likes Control to Static Pages and Polls * [Feature] Added Error Limit for submissions that works similar to Speed Limit. Ban plugin v2.0.4 supports this feature * [Feature] Geeklog Core emails now use templates (for HTML and plain text) and are sent as HTML by default * [Feature] Add an option to anonymize IP addresses and APIs to handle them * [Feature] Added redirects in Routing Manager * [Feature] reCAPTCHA Plugin support reCAPTCHA v3 * [Improvement] Support for PHP 8.1 * [Improvement] Now uses PHPMailer to send emails (replaces abandoned Swiftmailer) * [Improvement] Added Persian language and dropped support for languages that have not received new translations in a while * [Improvement] Removed unused user settings and cleaned up user tables structure * [Improvement] Sitemap is now updated and not completely recreated each time something changes * [Bug] Added missing postmode field to Admin User Editor * [Bug] After logging out of one user account, cannot log into different user account in the same browser * [Bug] Fixed Staticpage Editor Doesn't Remember Some Settings on Reload of Editor * [Bug] Handling of Zip Files that have Files with Names not Compatible with the Web Servers OS ... as well as a lot of other improvements and bug fixes. The complete list can be found on Github and in the history text file located in the docs directory of this release. In the next month or so we plan to release a number of updated 3rd party plugins that include bug fixes, support for PHP v8.1, and support for the latest Geeklog v2.2.2 features (where needed). This includes: * Autotags * Ban * Downloads * FAQ and FAQMan * Forum (the new version will only work with Geeklog v2.2.2) * GUS * Media Gallery * Menu * Messenger * Net Tools * Searchrank These plugins can be found on Github in our Geeklog Plugins Repository. Most are currently in testing and have close to final code. Feel free to test these updated plugins and provide any feedback. @ text @$NetBSD: patch-aa,v 1.4 2009/09/13 01:15:11 taca Exp $ * Correct interpreter path. --- emailgeeklogstories.orig 2008-12-14 18:57:36.000000000 +0900 +++ emailgeeklogstories @@@@ -1,4 +1,4 @@@@ -#!/usr/local/bin/php -q +#!@@PREFIX@@/bin/php -q @ 1.4 log @Update Geeklog 1.5.2sr5 by adding patches since 1.5.2sr5 isn't provided as full release. And add updated fckeditor for Geeklog. These updates should fix known security problems, Secunia SA36372. Jul 30, 2009 (1.5.2sr5) ------------ This release addresses the following security issues: - Gerendi Sandor Attila reported an XSS in the forms to email a user and to email a story to a friend. - The "Mail Story to a Friend" function didn't check story permissions, so that it was possible to email a story even if you didn't have the permissions to view it on the site. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.3 2009/05/26 14:19:29 taca Exp $ @ 1.3 log @Update geeklog package from 1.4.1nb4 to 1.5.2.4 (1.5.2sr4). pkgsrc changes: overhaul this package. * Add LICENSE. * Clean up bmake's macros, such as addition of PRINT_PLIST_AWK. Geeklog changes: too many chagnes to write here. * New user-friendly installation. * New Configuration GUI. * New Webservice GUI. * And more. Please refer http://www.geeklog.net/docs/english/changes.html for more information. Fixed some security problems about SQL injection vulnerability. @ text @d1 3 a3 1 $NetBSD: patch-ab,v 1.2 2007/05/20 15:56:45 taca Exp $ @ 1.3.2.1 log @Pullup ticket #2889 - requested by taca geeklog: security update Revisions pulled up: - www/geeklog/Makefile 1.23 - www/geeklog/PLIST 1.10 - www/geeklog/distinfo 1.10 - www/geeklog/patches/patch-aa 1.4 - www/geeklog/patches/patch-aj 1.2 - www/geeklog/patches/patch-ak 1.1 - www/geeklog/patches/patch-al 1.1 - www/geeklog/patches/patch-ba 1.1 - www/geeklog/patches/patch-bb 1.1 - www/geeklog/patches/patch-bc 1.1 - www/geeklog/patches/patch-bd 1.1 --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 13 01:15:11 UTC 2009 Modified Files: pkgsrc/www/geeklog: Makefile PLIST distinfo pkgsrc/www/geeklog/patches: patch-aa patch-aj Added Files: pkgsrc/www/geeklog/patches: patch-ak patch-al patch-ba patch-bb patch-bc patch-bd Log Message: Update Geeklog 1.5.2sr5 by adding patches since 1.5.2sr5 isn't provided as full release. And add updated fckeditor for Geeklog. These updates should fix known security problems, Secunia SA36372. Jul 30, 2009 (1.5.2sr5) ------------ This release addresses the following security issues: - Gerendi Sandor Attila reported an XSS in the forms to email a user and to email a story to a friend. - The "Mail Story to a Friend" function didn't check story permissions, so that it was possible to email a story even if you didn't have the permissions to view it on the site. @ text @d1 1 a1 3 $NetBSD$ * Correct interpreter path. @ 1.2 log @Update geeklog to 1.4.1. pkgsrc's change: improving our README file. Geeklog 1.4.1 New Features * Support for Microsoft SQL Server. Starting with this release, Geeklog can now also be installed on Microsoft SQL Server, so it's no longer restricted to just MySQL. The MS SQL support was developed by Randy Kolenko. Thanks, Randy! Please note that any third-party plugins will have to offer support for MS SQL before they can be installed on Microsoft SQL Server. The bundled plugins (Calendar, Links, Polls, Spam-X, Static Pages) have already been updated accordingly. * Calendar plugin. The formerly built-in calendar and events have now been moved into a separate plugin. This complements the move of the polls and links sections into plugins in Geeklog 1.4.0 and makes Geeklog more modular as you can now easily disable or replace functionality that you don't need for your site. * Multi-language support. It is now possible to build truly multi-linugal sites with Geeklog where not only the navigation but also the content of the site changes with the language. * Ships with FCKeditor 2.3.1, which once again includes a file manager for uploading images. * A function for mass-deletion of old or inactive users. The list automatically searches for users that have never logged in, only used the site for a very short time or have not been online since a very long time. The time span can be varied, and found users can be selectively deleted. Security In the light of the security issues discovered in Geeklog 1.4.0 and earlier versions, the Geeklog source code has undergone a code review. We have identified and addressed several minor issues and introduced new measures to enhance security in this release. As a welcome side effect, the code reviews have also uncovered a few bugs and inconsistencies that we also fixed in this release. Spam Protection With this release we are finally removing support for the discontinued MT-Blacklist. In its place, we are now using a system called Spam Link Verification (SLV) run by Russ Jones at www.linksleeve.org. SLV could be described as a community-driven, automatically updated blacklist. See the documentation of the Spam-X plugin for details. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1.1.1 2006/06/15 13:26:44 taca Exp $ d3 14 a16 4 --- config.php.orig 2006-12-31 02:43:18.000000000 +0900 +++ config.php @@@@ -65,13 +65,13 @@@@ $_DB_table_prefix = 'gl_'; // e. // the backslash '\' in paths. Make sure each path starts with a drive letter! d18 2 a19 66 // This should point to the directory where your config.php file resides. -$_CONF['path'] = '/path/to/geeklog/'; // should end in a slash +$_CONF['path'] = '@@GEEKLOG_DIR@@/'; // should end in a slash // You only need to change this if you moved or renamed the public_html // directory. In that case, you should specify the complete path to the // directory (i.e. without the $_CONF['path']) like this: // $_CONF['path_html'] = '/path/to/your/public_html/'; -$_CONF['path_html'] = $_CONF['path'] . 'public_html/'; +$_CONF['path_html'] = '@@GEEKLOG_PUBDIR@@/'; // +---------------------------------------------------------------------------+ @@@@ -80,7 +80,7 @@@@ $_CONF['path_html'] = $_CONF['pa // Make sure this is the correct URL to your site, i.e. to where Geeklog's // index.php file resides (no trailing slash). -$_CONF['site_url'] = 'http://www.example.com'; +$_CONF['site_url'] = 'http://localhost@@GEEKLOG_SITESUBDIR@@'; // Some hosting services have a preconfigured admin directory. In that case, // you need to rename Geeklog's admin directory to something like "myadmin" @@@@ -154,14 +154,14 @@@@ $_CONF['path_pear'] = $_CONF['path_syste // The default is 'mail' and will work in most environments. $_CONF['mail_settings'] = array ( - 'backend' => 'mail', // can be one of 'mail', 'sendmail', 'smtp' + 'backend' => 'smtp', // can be one of 'mail', 'sendmail', 'smtp' // sendmail parameters (only needed for 'backend' => 'sendmail') 'sendmail_path' => '/usr/bin/sendmail', 'sendmail_args' => '', // SMTP parameters (only needed for 'backend' => 'smtp') - 'host' => 'smtp.example.com', + 'host' => 'localhost', 'port' => '25', 'auth' => false, 'username' => 'smtp-username', @@@@ -183,7 +183,7 @@@@ $_DB_dbms = 'mysql'; // can be either 'm $_CONF['allow_mysqldump'] = 1; // 1 = on, 0 = off // full path of the mysqldump executable (Windows users: add ".exe"!) -$_DB_mysqldump_path = '/usr/bin/mysqldump'; +$_DB_mysqldump_path = '@@PREFIX@@/bin/mysqldump'; // additional options for mysqldump // If you're using InnoDB tables, include '--single-transaction' or you @@@@ -677,7 +677,7 @@@@ $_CONF['image_lib'] = ''; // can be one // If you set image_lib to 'imagemagick' give the complete path to mogrify // here (i.e. including the name of the executable), otherwise comment it out // NOTE: requires ImageMagick version 5.4.9 (or newer) -//$_CONF['path_to_mogrify'] = '/path/to/mogrify'; +//$_CONF['path_to_mogrify'] = '@@PREFIX@@/bin/mogrify'; // If you set image_lib to 'netpbm' give the path to the netpbm directory, you // need the trailing slash here. @@@@ -688,7 +688,7 @@@@ $_CONF['image_lib'] = ''; // can be one // only use netpbm with Geeklog, put that entire folder in /path/to/geeklog and // adjust the path below. The only programs you need from netpbm are giftopnm, // jpegtopnm, pngtopnm, ppmtogif, pnmtojpeg, pnmtopng and pnmscale -//$_CONF['path_to_netpbm'] = '/path/to/netpbm/'; +//$_CONF['path_to_netpbm'] = '@@PREFIX@@/bin/'; // Uncomment the following line if you experience problems with the image // upload. Debug messages will be added to the error.log file. @ 1.2.20.1 log @Pullup ticket #2782 - requested by taca geeklog: security update Revisions pulled up: - www/geeklog/DEINSTALL 1.5 - www/geeklog/INSTALL 1.4 - www/geeklog/Makefile 1.22 - www/geeklog/Makefile.common 1.7 - www/geeklog/PLIST 1.8 - www/geeklog/distinfo 1.9 - www/geeklog/files/README 1.4 - www/geeklog/files/createdb.php delete - www/geeklog/files/geeklog.conf 1.2 - www/geeklog/patches/patch-aa 1.3 - www/geeklog/patches/patch-ab delete - www/geeklog/patches/patch-ac delete - www/geeklog/patches/patch-ag delete - www/geeklog/patches/patch-ah delete - www/geeklog/patches/patch-ai delete - www/geeklog/patches/patch-aj 1.1 --- Module Name: pkgsrc Committed By: taca Date: Tue May 26 14:19:29 UTC 2009 Modified Files: pkgsrc/www/geeklog: DEINSTALL INSTALL Makefile Makefile.common PLIST distinfo pkgsrc/www/geeklog/files: README geeklog.conf pkgsrc/www/geeklog/patches: patch-aa Added Files: pkgsrc/www/geeklog/patches: patch-aj Removed Files: pkgsrc/www/geeklog/files: createdb.php pkgsrc/www/geeklog/patches: patch-ab patch-ac patch-ag patch-ah patch-ai Log Message: Update geeklog package from 1.4.1nb4 to 1.5.2.4 (1.5.2sr4). pkgsrc changes: overhaul this package. * Add LICENSE. * Clean up bmake's macros, such as addition of PRINT_PLIST_AWK. Geeklog changes: too many chagnes to write here. * New user-friendly installation. * New Configuration GUI. * New Webservice GUI. * And more. Please refer http://www.geeklog.net/docs/english/changes.html for more information. Fixed some security problems about SQL injection vulnerability. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 14 --- emailgeeklogstories.orig 2008-12-14 18:57:36.000000000 +0900 +++ emailgeeklogstories @@@@ -1,4 +1,4 @@@@ -#!/usr/local/bin/php -q +#!@@PREFIX@@/bin/php -q @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- config.php.orig 2006-05-28 18:41:42.000000000 +0900 d26 1 a26 1 +$_CONF['site_url'] = 'http://www.example.com@@GEEKLOG_SITESUBDIR@@'; d47 1 a47 1 @@@@ -180,7 +180,7 @@@@ $_DB_dbms = 'mysql'; // Do not change d50 1 a50 1 // full path to mysqldump executable (Windows users: add ".exe"!) d55 2 a56 2 // If you're using InnoDB tables, include the '--single-transaction' or you @@@@ -613,7 +613,7 @@@@ $_CONF['image_lib'] = ''; // can be one d65 1 a65 1 @@@@ -624,7 +624,7 @@@@ $_CONF['image_lib'] = ''; // can be one @ 1.1.1.1 log @Importing www/geeklog-1.4.0.3 (geeklog-1.4.0sr3). Geeklog is a PHP/MySQL based application for managing dynamic web content. "Out of the box", it is a blog engine, or a CMS with support for comments, trackbacks, multiple syndication formats, spam protection, and all the other vital features of such a system. @ text @@