×
Kunena 5.1.10 Released - Security release (03 Mar 2019)

The Kunena team has announce the arrival of Kunena 5.1.10 [K 5.1.10] which is now available for download as a native Joomla extension for J! 3.9.x. This version addresses most of the issues that were discovered in K 5.1 and issues discovered during the development stages of K 5.1. This is a security release.

Question No Avatar upload in user profile since K 5.1

More
4 months 3 weeks ago - 4 months 3 weeks ago #1 by uz-online
Hi,
When a user will change the default profile image (Avatar) to a new image, the user is clicking Edit profile.
Then go to Avatar-image. Then the user will upload a new image with the correct size and file format. The image is shown at the desktop but in the console there is an error message "POST check.mydomain.de/profil/index.php?option=com_kunena .... &task=upload&format=json 404 (Not found)" (Screenshot).

After click at Save. The message that the profile is saved will apear. But when you go back to the profil/avatar page. There is nothing changed (No Upload, No Avatar).

I've testet on Version K 5.0.13 and every thing is working fine. But with backup from K 5.1 until now K 5.5 there is an upload no more possible.

I am using sh404sef and if I disable sh404sef it works! What can I do?
Attachments:
Last edit: 4 months 3 weeks ago by uz-online.

Please Log in or Create an account to join the conversation.

More
4 months 2 weeks ago #2 by rich

Please Log in or Create an account to join the conversation.

More
4 months 2 weeks ago #3 by uz-online
My .htaccess is OK.

I've testet with two different Templates and on my Server. I can see this request:

Template purity_III
[06/Nov/2018:10:39:15 +0100] "POST /profil/task-loadavatar.html?5bff424817654f8afc44afc6abb09493=1&format=json HTTP/1.1" 200 87 "https://www.kabe-freunde.de/profil/edit/219-gast.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" "www.kabe-freunde.de"
[06/Nov/2018:10:39:25 +0100] "POST /profil/edit/index.php?option=com_kunena&view=user&task=upload&format=json HTTP/1.1" [b]500[/b] 534 "https://www.kabe-freunde.de/profil/edit/219-gast.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" "www.kabe-freunde.de"
Template helix_ii
[06/Nov/2018:10:48:09 +0100] "POST /profil/task-loadavatar.html?5bff424817654f8afc44afc6abb09493=1&format=json HTTP/1.1" 200 87 "https://www.kabe-freunde.de/profil/edit/219-gast.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" "www.kabe-freunde.de"
[06/Nov/2018:10:48:16 +0100] "POST /profil/edit/index.php?option=com_kunena&view=user&task=upload&format=json HTTP/1.1" [b]404[/b] 12793 "https://www.kabe-freunde.de/profil/edit/219-gast.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" "www.kabe-freunde.de"

I am thinking there ist a problem with incorrect URL. Kunena is using a relative URL instead of a relative to site or absolute one .

Please Log in or Create an account to join the conversation.

More
4 months 2 weeks ago #4 by rich

I am thinking there ist a problem with incorrect URL. Kunena is using a relative URL instead of a relative to site or absolute one .

You're right, but it's not the relative url, it adds a double slash to the path to "media" if you set in Crypsis "Load bootstrap css" and "Load Icomoon icons".
Can you please test something? Go to "/components/com_kunena/template/crypsis/template.php" line 87 - 93 and remove the slashes at the beginning before "media". Then empty the cache and test, whether it works.

Please Log in or Create an account to join the conversation.

More
4 months 2 weeks ago #5 by uz-online
I've done.
1. Crypsis "Load bootstrap css" and "Load Icomoon icons".
2. remove the slashes at the beginning before "media".
But it is the same problem. No Avatar ist uploading and "POST /profil/edit/index.php?option=com_kunena&view=user&task=upload&format=json HTTP/1.1" is still logging 404 (Serverlogfile).

What do you think about to "use of RELATIVE URL instead of JRouted URLs, which is not OK"?

Please Log in or Create an account to join the conversation.

More
4 months 2 weeks ago #6 by rich

What do you think about to "use of RELATIVE URL instead of JRouted URLs, which is not OK"?

I'm not sure, but know, that relative urls within the forum not always correct linking, when the Joomla installation is in a extra folder (not on root).

I've noticed on your page, that on the addresses it lacks the word "forum" such as:
webaddress/index
webaddress/recent and so on..
Are this addresses created by sh404sef?
If you open a topic it shows correct webaddress/forum/topicname

If you want upload a avatar the address is correct?
Should be .../forum/profile/edit/xxx-username.html (xxx is user id).

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #7 by uz-online
Thanks for your answer.
I've send your note about missing word "forum" in URL to sh404SEF. After that I've got this answer:

What option can I use to generate URL like webaddress/forum/profile/edit/xxx-username.html (xxx is user id)?

sh404SEF: None that I can think of.

If edit that generated URL on sh404SEF with leading word "forum/" avatar is uploading!

sh404SEF: That's expected as the And when the bug will be fixed in Kunena, they will also upload.

sh404SEF: As long as Kunena will post to URL like /profil/edit/index.php?xxx, this will work on some pages and fail on some other depending on routing options. The only way out is those posting URLs to be fixed.

I am a bit desperate
Best regards

Please Log in or Create an account to join the conversation.

More
4 months 1 week ago #8 by uz-online
I've got some more information about the bug in kunena fileupload since 5.1 from sh404SEF:

The problem is in (for Kunena 5.1.1) /components/com_kunena/template/crypsis/assets/js/upload.avatar.js at line 40.
Incorrect code:
$('#fileupload').fileupload({
		url: 'index.php?option=com_kunena&view=user&task=upload&format=json',
As mentioned earlier, this is using directly index.php?option=com_kunena&view=user&task=upload&format=json instead of an absolute URL.

And after digging further in the code, even when the bug above is fixed, what I found is that Kunena itself is rejecting the request until the "Direct component access" option is set to "Yes" under its configuration.

I've change the Code at line 40 and Avatar uploading is working!
Best regards
The following user(s) said Thank You: cucumiau

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Time to create page: 0.171 seconds