error in a search form due the -19th-2014-SECURITY-UPDATE

7 posts by 2 authors in: Forums > CMS Builder
Last Post: June 20, 2014   (RSS)

By Steve99 - June 20, 2014

Hi Carlos,

Just to note, that update was only meant to apply to version 2.60.

It appears that particular function was deprecated. There are other mysql escape functions built into the cmsb library including mysql_escape, mysql_escapeLikeWildcards, and mysql_escapef. Sounds like mysql_escapeLikeWildcards would be your replacement function.

Hope this helps.

Cheers,Steve

By CarlosPinedo - June 20, 2014 - edited: June 20, 2014

I thought it was something related to the text field in the search form. When I erase this line

<input type="text" name="title,info_doc_tem,info_doc_text,info_doc_aut,info_doc_fech_query" value="" style="width:315px;">

Everything works great.  I believe it has to do with changes in the way that _query works. What do you believe?

Carlos

By Steve99 - June 20, 2014

Were you running CMSB version 2.60 when you applied those patched files? Or was it an older version?

By CarlosPinedo - June 20, 2014 - edited: June 20, 2014

I was running the 2.53 Version . It means i didn´t need this update?

By Steve99 - June 20, 2014

Correct, you did not need that update. It was only for something that appeared in 2.60.  If you upload your old library files you'll be back to normal.

Alternatively, you could do the full CMSB upgrade to the latest 2.61 version.

Ok, thanks a lot !! Steve.

Carlos