instantupdate / cms Goto Github PK
View Code? Open in Web Editor NEWInstant Update is a Open Source CMS based on NO template engine.
License: GNU General Public License v2.0
Instant Update is a Open Source CMS based on NO template engine.
License: GNU General Public License v2.0
I've managed to get this to work with statically generated files from Jekyll, and it's awesome especially the inline editing stuff to boot.
You interested? I could do a pull request.
One thing that I have been bothered and trying to fix is all the index.php that keep appearing. Might have something to do with Jekyll being in a sub directory. I'll figure it out :-) Thanks for making this man!
Hi,
I've just came across this project and I was wondering whether a) it's still under active maintenance and b) what the long term plan might look like.
Do you have plans to update Codeigniter or move away from it?
Thank you!
Ok some of my comments have been over misconfiguration on my part, but here is a real issue I may have found.
When toggle edits, things are fine, edits are made. But when I go to stop editing, and toggle the editor off, nothing happens, and the debug console shows an error everytime I click it:
Uncaught The editor instance "my-editable-id" is already attached to the provided element.
So what now? How to fix this problem I wonder?
I enabled mod rewrite. I log in, click on live edit.
It takes me to index.php, I can edit. Great.
I navigate to another page on the site. Since I have rewriting enabled, it takes me to /pagename.html, and the editing controls are gone.
If I type index.php/pagename.html I can edit.
My html and template files are in the root directory, is this correct?
How to make it so I can navigate the site and live edit at the same time again?
Thanks,
David
For some reason, I'm not getting the sidebar with the edit controls. I followed all the documentation. Is there something I'm missing?
I found the module of manage files
So I try to upload a php type file, The content is “”
upload success
Access this file of test.php
Remote code execution
I hope your fix this issue,limit the upload file.
author:[email protected]
I have installed Instant Update 0.2.2 Instant Update 0.2.2 but installed.txt shows 0.2.1
on index.php/administration/users/edit/1 page
While in live edit mode, if you click logout, nothing happens.
So if you have rewriting enabled, and your site has any absolute links like this:
a href="/services/location.html"
and your at /services/location.html and you click the link, the link becomes
/services//services/location.html
How to fix this?
Tells me I have wrong username and password but I know its right. Debug console shows lots of errors, one of which is broken link to jquery ui. There is a get template directory php line before an external link in the auth_login php file.
After logging in and attempting inline edit, error appears in console
Uncaught ReferenceError: IU_USER_PERMISSIONS is not defined
at HTMLDocument.<anonymous> (?g=user-js:33)
at l (jquery.js:2)
at Object.fireWith [as resolveWith] (jquery.js:2)
at Function.ready (jquery.js:2)
at HTMLDocument.A (jquery.js:2)
Hey crew, theres a broken link here: auth_login.php
<script type="text/javascript" src="base_url(); ?>http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>should be:
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script>The install URL specified in the readme is dead :
http://my.instant-update.com/t/instant-update-installation/29
As soon as I plug my template into IU, no SVG's will load. I have to convert all SVG's to PNG's and load those if I want to use Instant Update.... Wuts up with that yo? How do we fix fixy!
The logout button while in live edit mode does not work for me. Is it just me?
Is there a way to make a user that can only edit certain pages???
Hi mates :)
with all php versions newer as vs. php 5.4 the iu-application/controllers/process.php at line 165, 166 generates the following errors:
A PHP Error was encountered
Severity: 8192
Message: Non-static method BrowserOS::get_os() should not be called statically, assuming $this from incompatible context
Filename: controllers/process.php
Line Number: 166
A PHP Error was encountered
Severity: 8192
Message: Non-static method BrowserOS::get_browser_no_version() should not be called statically, assuming $this from incompatible context
Filename: controllers/process.php
Line Number: 167
Hope You can solv it ;)
Kind regards from Germany and huge thanks for the awesome IU-CMS.
Andy
Hello! I just found your project and think it's very good!
I tried to register to the forums at http://my.instant-update.com/, however the confirmation email is never received.
I using gmail and wondering could your email server be blacklisted? (I recently had similar issue with another service)
Maybe you should check that mails are sent normally? Mail configuration?
The gmail I was using is: e. . . . . . . . [email protected]
If you have an html comment, preceding a '<' with no space, it does not render the beginning '<' of the next element, so the html code is rendered as text. Example:
I have the following html:
<h1>Hello world</h1>
Every thing is fine. Now I have a comment preceding it:
<!--comment--><h1>Hello world</h1>
the browser renders this:
h1>Hello world</h1>
Loaded as static html, the browser renders it fine, so there is clearly an issue with there not being white space after a comment that makes the first character after a comment disappear. How can we fix this, as the agency I work for uses dreamweaver templates that force comments right before elements for library items.
First error:
A PHP Error was encountered
Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at /var/www/web917/html/webcrew/iu-system/core/Exceptions.php:170)
Filename: core/Input.php
Next Error:
HP Error was encountered
Severity: 8192
Message: Non-static method BrowserOS::get_browser_no_version() should not be called statically, assuming $this from incompatible context
Filename: controllers/process.php
Last Error:
Severity: 8192
Message: Non-static method BrowserOS::get_os() should not be called statically, assuming $this from incompatible context
Filename: controllers/process.php
I hope You can fix it and find a solution for it. I`m using a shared hosting with php 5.6
Kind regards, Andy
I've noticed that some things like the mysql_escape_string has been deprecated from 5.3 and therefore causes errors.
I've made a patch if you want to peer review it. I think that part of making sure data injection is good could be improved on which I may do later today. I'll submit now.
I found the V0.3.3 has a CSRF vulnerability can operate on a web site.
When I set $config['csrf_protection'] = TRUE; in iu-application/config/config.php
For example add a user:
Payload:
the csrf vulnerability in V0.3.3 can do anything,just like upload file,add user,mkdir,chang password and so on
Advise:
1, determine the current user identity through token or session.
2, sensitive operation needs to verify code, change password need to verify the old password. (unable to construct when constructing PoC. If you know your password, go directly to the background, why use CSRF)
I hope you can fix this vulnerability
author:[email protected]
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.