1 ritex Aug 22, 2005 00:22
3 ritex Aug 22, 2005 02:44
i install the b2evo by the fantastico that is on my server.
all i had to do was made the template... (that's terrible, i know, i need it fast)
thanx for the idea of compare, i forgot to end the tag.
but the mysql error on the comments is killing me... any idea?
i have to upgrade the mysql or the b2?
4 edb Aug 22, 2005 03:31
You really really really need to upgrade. I don't know for a fact that it will fix your problem, but back in version 10 the security hole that happened was something about MySQL injection hacking. Since your problem is something to do with a MySQL query I think (but really don't know) that you might have a serious problem there.
Fantastico is a nice tool - I use it every time I want to install another b2evolution (and don't know how to actually create my own database), but it is giving out an old unpatched version. Here's what you need to do to upgrade:
First, FTP your conf/_config.php file. Fantastico put all your database connection information in it. Also make sure you have a copy of your skin on your PC. I reckon you do, but it doesn't hurt to make sure.
Next download the latest version and the xml-rpc security patch - they are available from the downloads page. While that is downloading go to your server/host and delete ALL the files Fantastico installed for you.
Okay now unzip the latest version and the patch. The patch has 2 files you have to put in your new b2evocore folder - it over-writes two files already in there. Now put YourSkin folder inside the skins folder, then FTP all the new files back to your server.
About your conf/_config.php file: There are 4 lines about your database connection, 1 line for your base url, 1 line for your admin email id, and one line that says "config is done". Make sure they are all transfered from the old file to the new one.
Now go to YOUR_DOMAIN/PATH_TO_BLOG/install and tell it you are upgrading. It won't hurt the posts or comments you already have - it will just make sure your database has all the right tables and files. When that is done delete your install folder.
I hope you're not using a dialup connection like I am. Takes a long time to get the zip then upload the files through the phone :(
5 edb Aug 22, 2005 03:32
One thing first:
Did you edit your skin's _feedback.php file? If so that might be the issue. It gets used to comment, so if it's bad you won't know until you try to see the commenting form.
Also, do you have another skin you can try?
6 ritex Aug 22, 2005 19:40
hey, well i install b2 two days ago, didnt have time to make another lay.
are you sure that didnt have another way to upgrade the b2evo? because i already posted on new blog, and dont wanna lost all things.
My server support is trying to find the problem. if they dont find it, i will upgrade everything, but now they working with this... but i'll send to them what you wrote for me.
Just say to me if b2evo do not have a patch that just upgrade the parts that are modified? :>
7 edb Aug 22, 2005 20:16
Sorry - there is no patch to do only the upgrade parts. Actually wait a minute. There are two different security patches. You would still be running version 10 but you would have the security patches.
http://b2evolution.net/news/2005/01/07/security_issue and http://b2evolution.net/news/2005/07/05/fix_for_xml_rpc_vulnerability give you information about the two patches.
BTW I am 99% certain you can upgrade without losing your posts. I just read what I wrote and I don't see where I said anything about dropping your MySQL database tables. If you have no posts then you should drop all the tables, but since you have posts simply do not drop the tables. Leave the database alone and do the file parts - delete all the old and install all the new stuff.
Your posts and comments and settings and stuff live in the database. The files just talk to the database so they can make pages for your visitors. I have never done it, but as far as I know you will be able to keep your database and tables then run the installer after upgrading your files. The installer will then say "oh okay the database is like version 10 so I need to add a little piece here and a little piece there". All your information in the database will not be destroyed.
Include this when you send the info to your server people and (hopefully) everything will work out. It seems like more work than it's worth but once you get it going you probably won't have to do this anymore. Best of luck!
8 ritex Aug 22, 2005 20:17
thanx
i will install again.
I see three things bad when I look at your source code.
The first is the very top part. There is no reason why that line should ever show up. I suggest looking at your skin's _main.php and comparing it to the _main in the 'custom' skin. If you don't have the original files anymore just download the zip from the skins repository. BTW if you put that line into your _main.php just take it back out. Skin main files don't need it.
Second, you are using version 0.9.0.10. You really really really should upgrade to version 0.9.0.12 AND add the xml-rpc patch. It's not just new stuff - it's important server security.
Third, way down at the bottom of your main page I see the error you spoke of.
That too tells me you did something bad in your skin. Find where you have "phplog_hit()" and change it to "php log_hit()"