phpAdsNew 2.0.8-pr1 CRITICAL BUGFIX RELEASE

3-minute read
bugs phpadsnew php_scripts Security

Here we go again… phpAdsNew is a great software, but anyone using it will know that we need to be very careful to patch it quickly to avoid to have our system exploited by many of the bugs that are constantly discovered (this is not only true for phpAdsNew, but most of the popular php scripts have this problem…). Anyway, yesterday (20061024) there was new bugfix version released, 2.0.8-pr1, and anyone logging in the phpAdsNew admin interface was warned to perform the upgrade as soon as possible.

Also in the maintenance page of the admin of phpAdsNew we can see the following message:

It is highly recommended to install this update as soon as possible, because it contains a number of security fixes. The version of phpAdsNew which you are currently using might be vulnerable to certain attacks and is probably not secure. For more information about upgrading please read the documentation which is included in the files below.

phpAdsNew 2.0.8-pr1

CRITICAL BUGFIX RELEASE

phpAdsNew 2.0.8-pr1 was released to fix a vulnerability that was recently discovered.

Every user is urged to upgrade!

This release contains no other fixes or improvements from 2.0.8 because there was not enough time to fully test the recent changes and mark the current development version as stable. A new full featured release is scheduled to be available in the next few weeks, however we wish to stress that upgrading to 2.0.8-pr1 is strongly advised.

If you are upgrading from phpAdsNew 2.0.8, you could download phpAdsNew-2.0.8-to-2.0.8-pr1-upg.zip which only contains modified files for a drop-in replacement.

My suggestion to anyone using phpAdsNew 2.0.8 for the easiest way to upgrade is to use the patched only files (phpAdsNew-2.0.8-to-2.0.8-pr1-upg.zip) and not do a full reinstall using the full release. You only have to overwrite the changed files and you are done (since this is a minor change release it is safe to do this). After doing this, you will have to connect to the admin interface and you will see the normal maintenance page:

Welcome to phpAdsNew 2.0.8-pr1

The database structure and configuration file need to be upgraded in order to function correctly. Click Proceed to start the upgrade process.

Depending on which version you are upgrading from and how many statistics are already stored in the database, this process can cause high load on your database server. Please be patient, the upgrade can take up to a couple of minutes.

After you click continue you are done.

Congratulations!

The upgrade of phpAdsNew was succesful.

In order for phpAdsNew to function correctly you also need to make sure the maintenance file is run every hour (previously this was every day). More information about this subject can be found in the documentation.

Click Proceed to go to the administration interface. Please do not forget to lock the config.inc.php file to prevent security breaches."

All this process takes less than 5 minutes, so you better do it asap, then regret later.

comments powered by Disqus