Kunena 6.3.6 Released - Security release

The Kunena team has announce the arrival of Kunena 6.3.6 [K 6.3.6] in stable which is now available for download as a native Joomla extension for J! 4.4.x/5.0.x/5.1.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 and issues discovered during the last development stages of K 6.3
Note: Please go to the Kunena Dashboard after an upgrade so that the Kunena database tables are also updated.

If you are having problems then, for your own benefit, it would save us all a lot of time if you would kindly post your configuration report when you ask for help from this forum. If you do not post your configuration report we will not ask you for it but you will probably not get your problem solved, either.

K 2.0 support will cease on 31 August 2013 and this section of the forum will be closed and archived after that time and no further questions will be answered about this version.

Important Invalid XHTML in /components/com_kunena/views/topic/view.html.php

More
11 years 4 months ago - 11 years 4 months ago #1 by Shaman
:evil: When you begin to write the correct code?

You will need to escape all instances of '&' to '& amp ;' or use htmlspecialchars
() in you code!

Code:
Jump To: Validation Output Errors found while checking this document as XHTML 1.0 Transitional!Result: 146 Errors, 280 warning(s) Address: Encoding: utf-8 Doctype: XHTML 1.0 Transitional Root Element: html Root Namespace: http://www.w3.org/1999/xhtml The W3C validators are developed with assistance from the Mozilla Foundation, and supported by community donations. Donate and help us build better tools for a better web. OptionsShow Source Show Outline List Messages Sequentially Group Error Messages by Type Validate error pages Verbose Output Clean up Markup with HTML-Tidy Help on the options is available. ^ Top Validation Output: 146 Errors Line 17, Column 690: cannot generate system identifier for general entity "view" …ft" href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" r… ? An entity reference was found in the document, but there is no reference by that name defined. Often this is caused by misspelling the reference name, unencoded ampersands, or by leaving off the trailing semicolon (;). The most common cause of this error is unencoded ampersands in URLs as described by the WDG in "Ampersands in URLs". Entity references start with an ampersand (&) and end with a semicolon (;). If you want to use a literal ampersand in your document you must encode it as "&" (even inside URLs!). Be careful to end entity references with a semicolon or your entity reference may get interpreted in connection with the following text. Also keep in mind that named entity references are case-sensitive; &Aelig; and æ are different characters. If this error appears in some markup generated by PHP's session handling code, this article has explanations and solutions to your problem. Note that in most documents, errors related to entity references will trigger up to 5 separate messages from the Validator. Usually these will all disappear when the original problem is fixed. Line 17, Column 690: general entity "view" not defined and no default entity …ft" href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" r… ? This is usually a cascading error caused by a an undefined entity reference or use of an unencoded ampersand (&) in an URL or body text. See the previous message for further details. Line 17, Column 694: reference not terminated by REFC delimiter …href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="… ? If you meant to include an entity that starts with "&", then you should terminate it with ";". Another reason for this error message is that you inadvertently created an entity by failing to escape an "&" character just before this text. Line 17, Column 694: reference to external entity in attribute value …href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="… ? This is generally the sign of an ampersand that was not properly escaped for inclusion in an attribute, in a href for example. You will need to escape all instances of '&' into '&'. Line 17, Column 694: reference to entity "view" for which no system identifier could be generated …href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="… ? This is usually a cascading error caused by a an undefined entity reference or use of an unencoded ampersand (&) in an URL or body text. See the previous message for further details. Line 17, Column 689: entity was defined here …eft" href="index.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" … Line 17, Column 701: cannot generate system identifier for general entity "layout" …ndex.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="nofollo… ? An entity reference was found in the document, but there is no reference by that name defined. Often this is caused by misspelling the reference name, unencoded ampersands, or by leaving off the trailing semicolon (;). The most common cause of this error is unencoded ampersands in URLs as described by the WDG in "Ampersands in URLs". Entity references start with an ampersand (&) and end with a semicolon (;). If you want to use a literal ampersand in your document you must encode it as "&" (even inside URLs!). Be careful to end entity references with a semicolon or your entity reference may get interpreted in connection with the following text. Also keep in mind that named entity references are case-sensitive; &Aelig; and æ are different characters. If this error appears in some markup generated by PHP's session handling code, this article has explanations and solutions to your problem. Note that in most documents, errors related to entity references will trigger up to 5 separate messages from the Validator. Usually these will all disappear when the original problem is fixed. Line 17, Column 701: general entity "layout" not defined and no default entity …ndex.php?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="nofollo… ? This is usually a cascading error caused by a an undefined entity reference or use of an unencoded ampersand (&) in an URL or body text. See the previous message for further details. Line 17, Column 707: reference not terminated by REFC delimiter …hp?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="nofollow" tit… ? If you meant to include an entity that starts with "&", then you should terminate it with ";". Another reason for this error message is that you inadvertently created an entity by failing to escape an "&" character just before this text. Line 17, Column 707: reference to external entity in attribute value …hp?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="nofollow" tit… ? This is generally the sign of an ampersand that was not properly escaped for inclusion in an attribute, in a href for example. You will need to escape all instances of '&' into '&'. Line 17, Column 707: reference to entity "layout" for which no system identifier could be generated …hp?option=com_kunena&view=topic&layout=reply&catid=8&id=24" rel="nofollow" tit…

PATCHED FILE "/components/com_kunena/views/topic/view.html.php" ATTACHED IN THIS MESSAGE (KUNENA 2.0.4)

PLEASE PATCH view.html.php IN OFFICIAL RELEASE AND IN FUTURE WRITE CORRECT CODE!

THANKS!!!
Attachments:
Last edit: 11 years 4 months ago by Shaman.

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago #2 by Shaman
PATCHED FILE "/components/com_kunena/views/topic/view.html.php" AGAIN! THIS (str 534-535):
Code:
<span class="kkarma-minus" alt="Karma-" ...> and <span class="kkarma-plus" alt="Karma+" ...>

there is no attribute "alt"!

THIS CORRECT:
Code:
<span class="kkarma-minus" title="Karma-" ...> and <span class="kkarma-plus" title="Karma+" ...>

PLEASE PATCH view.html.php IN OFFICIAL RELEASE!

THANKS!!!
Attachments:

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago #3 by Shaman
:) FINAL PATCH FOR view.html.php: REMOVE DUPLICATE title="" AND border="" ATTRIBUTE in span tag.

PLEASE PATCH view.html.php IN FUTURE OFFICIAL RELEASE!

THANKS!!!
Attachments:

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago - 11 years 4 months ago #4 by sozzled
A word of advice. Please do not use all capitals when you post on our forum. The developers have heard you and are looking at what you have written but using all capitals and [angry] red font is a little irritating.

We understand that various XHTML code validators will "object" to the possibility or probability that Kunena is not 100% "compliant" with the XHTML 1.0 recommendations but this does not mean that the XHTML will not work even if there are flaws in the way that Kunena has been written.

We appreciate your attention to detail. Would you be willing to join the Kunena development team and assist the project by running these kinds of checks on the code and re-writing the XHTML so that it passes the code validator scripts that you've been using?
Last edit: 11 years 4 months ago by sozzled.

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago #5 by Shaman
Ok. :) Now you know how some people are irritates invalid HTML/XHTML code ;)

Yes, invalid HTML/XHTML code works, but it although only slightly, but the affects the performance.

Thank you for the invitation! You are using github.com/kunena ? Corrections to make in branch github.com/Kunena/Kunena-Forum/tree/2.0 ? Say what conditions need to perform?

I have an account on github.com, I'll think about your offer.

Thanks!

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago - 11 years 4 months ago #6 by xillibit
Hello,

You need to a do pull request against master which contains (k3.0.1), the branch 2.0 is just keep for reference

If you are using an IDE (like eclipse) it can tell you what are wrong in your code

I don't provide support by PM, because this can be useful for someone else.
Last edit: 11 years 4 months ago by xillibit.

Please Log in or Create an account to join the conversation.

More
11 years 4 months ago - 11 years 4 months ago #7 by Shaman

xillibit wrote: Hello,

You need to a do pull request against master which contains (k3.0.1), the branch 2.0 is just keep for reference

If you are using an IDE (like eclipse) it can tell you what are wrong in your code

B) You fun of me? Do not want fix v2.0.4? Well, Goodbye guys.
Last edit: 11 years 4 months ago by Shaman.

Please Log in or Create an account to join the conversation.

Time to create page: 0.576 seconds