We have a program running on HackerOne, and one of the recurring questions is if the hackers there can be compensated for their efforts. As an open source project without a company financially backing us, I don't think offering payment is an option. I was thinking more about t-shirts or other funny/nice gadgets with ImpressCMS branding.
The hackers at hackerone have done a great job, and certainly in the beginning stage, I would like to thank them all with a little something.
The problem I have encountered is that the costs could become astronomically high if we would handle the sending around the world by ourselves. I made a quick check : sending a t-shirt (worth 8-10€) to India for example, would cost me 56€.
Talking with @Mekdrop we discussed drop-shipping services, because those services would take the sending of the items on their account (which would be less of a headache to handle for us as well). However, not all of those services allow for your own things to be printed or created.
I would like to hear experience with drop-shipping services, and also other options we migh not have thought about.
And the Softaculous build has been updated to 1.4.2 as well here. No easier way to give ImpressCMS 1.4.2 a spin if your hosting provider offers Softaculous support!
The RC has become a final release - see the news and download!
Steve Twitter: @skenow Facebook: Steve Kenow
Hi,
I just released ImpressCMS 1.4.2 RC. Lots of small bugfixes, most of them security-related. Please have a look and see if it works on your system in your situation. Any bugs? post them on Github, or you can add them here in this forum post as well
Release 1.4.2 Release Candidate · ImpressCMS/impresscms (github.com)
Just to make it abundantly clear : from now on, all security-related reports should be logged on Hackerone. The other form will be deactivated.
This year has been challenging, to say the least. People all around the world are having their predictable lives become very unpredictable. Things change every day. Health care systems and workers are being stretched thin to provide care to a growing number of people. Families are being isolated and separated.
In the past year, we've released 1.4.0 and 1.4.1, along with 1.3.12 and 3 more test releases of 2.0.
Thank you all! Stay safe!
Steve Twitter: @skenow Facebook: Steve Kenow
Hi,
I started an installation page for ImpressCMS v2 to help you out if you want to test the current v2.0 alpha builds. I received feedback that the installation is not that clear, so here is a page that should help out. Feel free to add/adapt where needed : Installing ImpressCMS 2 - Wiki : ImpressCMS
could it be that the file is too large? I admit that 100K is small
I upload the image on : https://github.com/ImpressCMS/impresscms/issues/807 (I can't upload the file here..)
Hi,
ImpressCMS definitely has multiple editors at its disposal. They can be configured in the 'General Settings' page, more info in the wiki here.
We currently have CKEditor, TinyMCE and an old-skool simple text editor available. At the moment, new editors need to be installed manually on your site, but a PR on Github is waiting for ImpressCMS 2.0 to manage the editors just like the modules and the translations, using Composer.
I can confirm the issues that you have found. I already filed a bug report for the editor administration page, in fact.
When you talk about a database error, do you mean the one on the user page, or is it another one?
https://github.com/ImpressCMS/impresscms/issues/807
Composer version 1.10.17 2020-10-30 22:31:58
PHP 7.4.11 (cli) (built: Sep 29 2020 13:18:06) ( ZTS Visual C++ 2017 x64 )
After successful installation I can't access different functionality,different editors?(I am not sure if impressCMS have a editor). I also receive a database error message.
For functionality that I can't access (see images)
no editors ? :
autotask
symlink
Great, thanks for confirming that the issue was fixed on your side as well. No problem with slow replies, normal life has its necessities too
I can not even spend a fraction of the time I would like to on ImpressCMS, I sympathize.
Hi,
yes, we are using the h1 platform, and as of a few minutes ago, we are a public project at https://hackerone.com/impresscms
Feel free to post any security related issues there so we can monitor them more easily.
Final question : Are you using h1 platform? Can I get invite (I plan to test this now after successful installation)
I can login now and the error before is already fix.
Apologize for late reply, I will test this now and I will update you
Hi, I checked on multiple instances and the problem is now gone. The Pull Request is now integrated in the master branch. I plan on doing a new alpha by the end of the week.
There is a possible fix for this, could you test it out on your setup as well? I'll check it on mine before approving the Pull Request, but 2 checks is better than 1
Hi, I was able to verify on both PHP 7.3 and PHP 7.4, both with and without a database prefix. It's a bug I created an issue on github.
Hi ! I try it for this time I remove the modification on the code but still it render the error message, If I try to apply again the modification the error message will disappear but still I can't use it..