Difference between revisions of "ETTVd:Known Bugs"

From WolfWiki
Jump to: navigation, search
(Webinterface)
(Webinterface)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 
== Webinterface ==
 
== Webinterface ==
 +
==== mktime bug on the demos page ====
 +
Warning: mktime() expects parameter 1 to be long, string given in includes/ettvd.class.php on line 109
 +
Notice: Undefined offset: 1 in includes/ettvd.class.php on line 105
 +
Notice: Undefined offset: 2 in includes/ettvd.class.php on line 106
 +
Quick and dirty fix:
 +
replace the lines 105-109 of the includes/ettvd.class.php which should look like this:
 +
list($date, $time)  = explode('-', trim($nfo[1]));
 +
list($year, $month, $day) = explode('.', $date);
 +
list($time, $recid)  = explode('_', $time);
 +
list($hour, $minute) = explode('.', $time);
 +
$demo['time'] = mktime($hour, $minute, 0, $month, $day, $year);
 +
with this:
 +
@list($date, $time)  = explode('-', trim($nfo[1]));
 +
@list($year, $month, $day) = explode('.', $date);
 +
@list($time, $recid)  = explode('_', $time);
 +
@list($hour, $minute) = explode('.', $time);
 +
$demo['time'] = @mktime($hour, $minute, 0, $month, $day, $year);
 
==== Login Page ====
 
==== Login Page ====
 
It's no bug at all but a "security expert" claims it is. In fact; you can steal your own cookie or deface the page you see (not for other clients tho :( ).
 
It's no bug at all but a "security expert" claims it is. In fact; you can steal your own cookie or deface the page you see (not for other clients tho :( ).
 
If you do NOT want to steal your own cookie or allow other ppl to steal their own cookies you may apply the following patch on the file templates/login.tpl:<br />
 
If you do NOT want to steal your own cookie or allow other ppl to steal their own cookies you may apply the following patch on the file templates/login.tpl:<br />
 
replace line 5:
 
replace line 5:
   <td class="cellb"><input type="text" name="username" id="username" alt="username" value="{$smarty.post.username}" {$error.username} /></td>
+
   &lt;td class=&quot;cellb&quot;&gt;&lt;input type=&quot;text&quot; name=&quot;username&quot; id=&quot;username&quot; alt=&quot;username&quot; value=&quot;{$smarty.post.username}&quot; {$error.username} /&gt;&lt;/td&gt;
 
with this:
 
with this:
   <td class="cellb"><input type="text" name="username" id="username" alt="username" value="{$smarty.post.username|htmlentities}" {$error.username} /></td>
+
   &lt;td class=&quot;cellb&quot;&gt;&lt;input type=&quot;text&quot; name=&quot;username&quot; id=&quot;username&quot; alt=&quot;username&quot; value=&quot;{$smarty.post.username|htmlentities}&quot; {$error.username} /&gt;&lt;/td&gt;
 
then replace line no. 8:
 
then replace line no. 8:
   <td class="cellb"><input type="password" name="password" alt="password" value="{$smarty.post.password}" {$error.password} /></td>
+
   &lt;td class=&quot;cellb&quot;&gt;&lt;input type=&quot;password&quot; name=&quot;password&quot; alt=&quot;password&quot; value=&quot;{$smarty.post.password}&quot; {$error.password} /&gt;&lt;/td&gt;
 
with:
 
with:
   <td class="cellb"><input type="password" name="password" alt="password" value="{$smarty.post.password|htmlentities}" {$error.password} /></td>
+
   &lt;td class=&quot;cellb&quot;&gt;&lt;input type=&quot;password&quot; name=&quot;password&quot; alt=&quot;password&quot; value=&quot;{$smarty.post.password|htmlentities}&quot; {$error.password} /&gt;&lt;/td&gt;
 
+
  
 
==== recmode 'connect' bug ====
 
==== recmode 'connect' bug ====

Latest revision as of 09:02, 30 October 2009

Webinterface

mktime bug on the demos page

Warning: mktime() expects parameter 1 to be long, string given in includes/ettvd.class.php on line 109
Notice: Undefined offset: 1 in includes/ettvd.class.php on line 105
Notice: Undefined offset: 2 in includes/ettvd.class.php on line 106

Quick and dirty fix: replace the lines 105-109 of the includes/ettvd.class.php which should look like this:

list($date, $time)   = explode('-', trim($nfo[1]));
list($year, $month, $day) = explode('.', $date);
list($time, $recid)  = explode('_', $time);
list($hour, $minute) = explode('.', $time);
$demo['time'] = mktime($hour, $minute, 0, $month, $day, $year);

with this:

@list($date, $time)   = explode('-', trim($nfo[1]));
@list($year, $month, $day) = explode('.', $date);
@list($time, $recid)  = explode('_', $time);
@list($hour, $minute) = explode('.', $time);
$demo['time'] = @mktime($hour, $minute, 0, $month, $day, $year);

Login Page

It's no bug at all but a "security expert" claims it is. In fact; you can steal your own cookie or deface the page you see (not for other clients tho :( ). If you do NOT want to steal your own cookie or allow other ppl to steal their own cookies you may apply the following patch on the file templates/login.tpl:
replace line 5:

  <td class="cellb"><input type="text" name="username" id="username" alt="username" value="{$smarty.post.username}" {$error.username} /></td>

with this:

  <td class="cellb"><input type="text" name="username" id="username" alt="username" value="{$smarty.post.username|htmlentities}" {$error.username} /></td>

then replace line no. 8:

  <td class="cellb"><input type="password" name="password" alt="password" value="{$smarty.post.password}" {$error.password} /></td>

with:

  <td class="cellb"><input type="password" name="password" alt="password" value="{$smarty.post.password|htmlentities}" {$error.password} /></td>

recmode 'connect' bug

Some commands are sent in the wrong order which may break recordmode connect on some systems - if you want to use it, spawn the recorder with recordmode ready and then edit it to "connect" OR apply the following patch on the includes/ettvd.class.php:
replace line 62-70:

  function broadcast($ip, $pass, $ettvpass, $gamename, $autodisconnect, $recmode, $readynum = 4, $slaveslots = 0, $replayerid = false) {
     $rec = $this->connect($ip, $pass, $ettvpass, $slaveslots);
     $this->gamename($rec, $gamename);
     $this->recmode($rec, $recmode);
     if($recmode == 'ready' && $readynum != 4) $this->readynum($rec, $readynum);
     if(!$autodisconnect) $this->autodisconnect($rec, 0);
     if($replayerid) $this->livecast($rec, $replayerid);
     return $rec;
  }

with:

  function broadcast($ip, $pass, $ettvpass, $gamename, $autodisconnect, $recmode, $readynum = 4, $slaveslots = 0, $replayerid = false) {
     $rec = $this->connect($ip, $pass, $ettvpass, $slaveslots);
     $this->gamename($rec, $gamename);
     if($replayerid) $this->livecast($rec, $replayerid);
     $this->recmode($rec, $recmode);
     if($recmode == 'ready' && $readynum != 4) $this->readynum($rec, $readynum);
     if(!$autodisconnect) $this->autodisconnect($rec, 0);
     return $rec;
  }

masterlist permission bug

On some systems the webinterface might print the message that there are missing permissions for the masterlist file even though it has chmod 777. To fix it just delete the file includes/masterlist and set the chmod of the includes/ dir to 777. The file will be created then.

ETTVd Daemon

All versions

Not getting all symlinks right on first start - just restart it ^^