Thomas Wright
Forum Replies Created
-
Forum: Plugins
In reply to: Including upload-form with CategoriesI have now added this feature in version 0.70 of the plugin.
Forum: Plugins
In reply to: [Easy Comment Uploads] Plugin Allowed Access to HackersI have done some testing and it seems that this exploit relies on a rather naive quirk of Apache’s mod_mine (https://httpd.apache.org/docs/1.3/mod/mod_mime.html#multipleext) so it did not affect my own server and hence I did not see it in my testing. In the upcoming version of the plugin (0.70) I am making multiple changes which should increase the security of the plugin including fixing the bug in the blacklist filter, adding the .phtml filetype to the blacklist, and enabling a whitelist of known safe types as well by default.
Forum: Plugins
In reply to: [Easy Comment Uploads] Plugin Allowed Access to HackersWere you running the latest version of the plugin? There were some known remote code execution vulnerabilities in older versions of the plugin, but the current version of the plugin currently uses a blacklist of dangerous file types (which should be complete for most servers but might not work if your configuration varies significantly) and has an option which allows you to whitelist the types of files which are allowed to be uploaded, providing much better security.
I am sorry you experienced issues, and if you can provide more details, I will look into your problems. However, from time to time, security problems do emerge and care must be taken to make sure your site remains up to date and secure.
Forum: Plugins
In reply to: Including upload-form with CategoriesHi,
this seems like a great idea; I should be able to include it in the next version when I have time.Forum: Plugins
In reply to: [Plugin: Easy Comment Uploads] 404 error in upload-form.phpI am afraid I have not yet tested the plugin in IIS, although I think the issue might just be that upload-form.php includes the file using a relative path rather than performing a more robust search for the location of the core WordPress files. I will investigative this further when I get the chance.
Hello,
whilst this is currently not supported, I will add the ability to change the message in a future version of the plugin.Forum: Plugins
In reply to: [Easy Comment Uploads] Easy Comment Uploads Bad Behavior WarningThis issue should be fixed in version 0.60.
For anyone experiencing this issue, it should be fixed in version 0.60.
I have now set this as the default behaviour in version 0.60.
This is not the first time someone has asked about filetype icons but the best way to do this is not within the plugin but via some more general rules in CSS. There is actually already a plugin to add this functionality for all linked files, including those uploaded using the plugin.
Hello, that is indeed the right place. Probably the easiest thing to do is use two capture groups for the url/file name and join them up as appropriate.
I will certainly be adding this feature in the next version.
Hi,
I will try to add an option for this in the next version, but for the time being, the easiest solution is probably using CSS.Thanks, I will be including this is the next version.
(For some reason, I never had this issue with any of the listed plugins myself which made fixing this rather difficult ?? ).
Forum: Plugins
In reply to: [Easy Comment Uploads] [Plugin: Easy Comment Uploads] Lightbox issueHello,
if you are still trying to get this working, this feature requires you install the WordPress lightbox plugin: https://www.ads-software.com/extend/plugins/lightbox-2/.Forum: Plugins
In reply to: [Easy Comment Uploads] [Plugin: Easy Comment Uploads] Problem with 'space'Hello,
I am currently looking into this and other filename related issues and should be able to include a fix in the next version.