Wakaba/Kareha patches - Wakaba and Kareha support board

Wakaba/Kareha patches (107)

1 Name: Anonymous : 2009-10-22 16:08 ID:0RX4zZms [Del]

Wakaba and Kareha are refreshingly malleable, and I find it surprising that there isn't already a thread for all the "extras" can be patched onto a board, so here goes.

For the record, here are some existing patches on this board:

PostgreSQL support. Seems to be highly unpolished, but works.
Thumbnails in the admin panel
APNG support (changes the file extension to .apng, to make these more obvious)
Some miscellaneous historical patches, all of which seem to have been integrated into the codebase

88 Name: Anonymous : 2012-02-05 14:57 ID:lrw7jQEH (Image: 0x0 patch, 0 kb) [Del]

No
thumbnail

Anyone running a Wakaba board ought to read this.

There's a serious vulnerability in Wakaba 3.0.8 and below which let's anyone inject whatever HTML they want to in posts. This can be fixed by removing a couple of lines in the get_decoded_hashref() and get_decoded_arrayref() subroutines in wakaba.pl, as shown in the included patch file. There should be no problem in making these changes.

Board moderators with no access to the board files may add /chr\([0-9]/ to spam.txt in order to fix the problem.

89 Name: !WAHa.06x36 : 2012-02-05 18:19 ID:q5Et8xfu [Del]

>>88

Looks like that is there to work around some absurdity in MySQL. I supposed MySQL has since changed and is now doing the wrong thing?

I'll put together a 3.0.9.

90 Name: !WAHa.06x36 : 2012-02-05 18:38 ID:Heaven [Del]

>>88

Done: http://wakaba.c3.cx/releases/wakaba_3.0.9.zip

	Return Entire thread Previous 100 posts Next 100 posts Last 50 posts
Name:	Link: Leave these fields empty (spam trap): More options...
Verification:
Formatting:	Always use this formatting