Web based family history software

Question New releases of webtrees

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
2 years 2 days ago #121 by fisharebest
Replied by fisharebest on topic New releases of webtrees
> Before I start an manual update to 2.1.10 I would like to hear your ideas please.

There was a problem with PHP 7.4 and 2.1.10.

2.1.11 is now available - which fixes this.

But we have just discovered that some web-hosts are creating invalid HTTP headers. See other discussions on the forum.
So I will need to create a new release to work around this...

Thank you for your patience.

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

More
2 years 2 days ago #122 by anjop
Replied by anjop on topic New releases of webtrees
THANKS!
I will wait for further release and instruction! There is no hurry!
Better a running system with an older release then problems with a new one!
Good luck and thx!

www.helmutpaul.at / www.lippsfamilie.de
www.paul-engl.at / www.komoot.de/user/anjop
----
webtrees 2.1.22; theme: colours; modules: Different Vesta Modules; Fancy Imagebar; Theme modifications (by Rob Peters);
PHP Version 8.1.30; mySQL 4.9.7; Mac OSX 14.7.1; webbrowser Safari

Please Log in or Create an account to join the conversation.

More
2 years 2 days ago - 2 years 1 day ago #123 by jprause
Replied by jprause on topic New releases of webtrees
Successfully automatically upgraded from 2.1.9 to 2.1.11 with preliminary patching the UpgradeWizardStep.php according to webtrees.net/upgrade/ .
Thanks Greg for your unflagging work!

Josef

webhosting:-- webtrees 2.1.18, PHP version 8.1.16, MySQL 8.0.22, test site webtrees 2.1.18
local desktop:-- webtrees 2.1.18, PHP version 8.2.12, MySQL 8.0.28, Apache2 2.4.41, Linux Ubuntu 22.04 64bit
Last edit: 2 years 1 day ago by jprause.

Please Log in or Create an account to join the conversation.

  • Czarnecki
  • Visitor
  • Visitor
2 years 2 days ago #124 by Czarnecki
Replied by Czarnecki on topic New releases of webtrees
I have been trying to upgrade to the latest version 2.1.11 and am getting an error related to aura vendor and teh vendor folder in general . I am still on version 2.06 and cannot upgrade at all always getting fatal error. Can anybody help?

Please Log in or Create an account to join the conversation.

  • Czarnecki
  • Visitor
  • Visitor
2 years 2 days ago #125 by Czarnecki
Replied by Czarnecki on topic New releases of webtrees
I am on PHP 7.4 and have fatal error anytime I try to upgrade from 2.06 including version 2.1.11 .

Please Log in or Create an account to join the conversation.

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
2 years 2 days ago #126 by fisharebest
Replied by fisharebest on topic New releases of webtrees
> am getting an error related to aura vendor
> always getting fatal error

It is always helpful to give the exact error message.

> and have fatal error anytime I try to upgrade

Try upgrading manually?

webtrees.net/upgrade/manual/

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
2 years 1 day ago #127 by fisharebest
Replied by fisharebest on topic New releases of webtrees
There have been 5 releases in the last week. This is not good, and I apologise for causing issues for everyone.

Now that things have settled down, I thought I ought to write a summary of events...


webtrees 2.1.8 introduced validation to all input parameters. This includes things such as checking that all inputs are valid UTF8, that mandatory parameters exist, that numbers are numeric, etc.

This is a good thing for application security. A major database library (used by webtrees) had an issue last year where a malicious user could send a list of values to the server, when it expected a single value - and this allowed a hacker to make a SQL injection attack. webtrees wasn't vulnerable to this - but it highlights the importance of validation.

Of course, there are thousands of inputs thoughout webtrees, and I got a few of the validation rules wrong. For example, some optional values were listed as mandatory.

So, I created 2.1.9, which corrected these validation rules. At this point, it was discovered that a bug had been introduced in 2.1.8. This bug prevented the auto-update from working. This is fairly serious, as many users will only update using the auto-update.

At this stage I withdrew the two releases - by telling the upgrade server to report that the latest version was still 2.1.7. This prevented any more people from installing 2.1.8 and 2.1.9

Next was 2.1.10 which fixed the auto-update. Lots of people had also reported that many aggressive web-crawlers were causing their sites to slow down. So the release also included a second change (copied from 2.2) which blocks them. It seemed a low-risk change. But, the anti-robot code didn't work with PHP 7.4 - which is about half our users.

So, quickly came 2.1.11 to fix the PHP compatibility. Then, we found that some web-hosts (such as OVH) are adding invalid HTTP headers, which are being blocked by the validation rules.

So, 2.1.12 removed this validation. I'll review this and look for an alternative solution when there is more time.

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

  • Patrick
  • Away
  • Junior Member
  • Junior Member
More
2 years 1 day ago #128 by Patrick
Replied by Patrick on topic New releases of webtrees
Hello Greg,
I have just run the automatic update from 2.1.9 to 2.1.12
The different phases went well, I clicked on "Continue"... and webtrees displayed a blank page (with the URL " webtrees.faivre.ml/admin ").
I had the idea to go back one page, it then displayed only the title "Control Panel", a second backspace allowed the complete display of the page, which indicates the version 2.1.12
webtrees seems to work fine.
Curious, isn't it?
Best regards,
Patrick

Translated with www.DeepL.com/Translator (free version)

webtrees 2.2.1 - (fancy-imagebar, jc-theme-justlight et jc-fancy-treeview disabled) - faces
Navigateur Firefox - Raspbian 12 bookworm - PHP 8.3.8 - MariaDB 10.11.3 - Apache/2.4.59 (Raspbian)
My website : www.webtrees.damia.ch

Please Log in or Create an account to join the conversation.

More
2 years 1 day ago #129 by hermann
Replied by hermann on topic New releases of webtrees
Thank you, Greg! Finally, webtrees is now more secure and more robust against intrusion attacks and web-crawlers. This counts!

Hermann
Designer of the custom module "Extended Family"

webtrees 2.1.21 (all custom modules installed, PHP 8.3.12, MariaDB 10.6) @ ahnen.hartenthaler.eu

Please Log in or Create an account to join the conversation.

  • Bogie
  • Offline
  • Elite Member
  • Elite Member
  • Life is good!
More
2 years 1 day ago #130 by Bogie
Replied by Bogie on topic New releases of webtrees

There have been 5 releases in the last week. This is not good, and I apologise for causing issues for everyone.

Don't worry! Things like that can happen and you had good reasons. The more installations we have, the more variants there will be and the more complex the requirements become to keep track of the different environments.

Thank you for your tireless efforts to keep our valuable data safe!

Bogie
webtrees 2.1.22 | PHP 8.3.12 | MariaDB 10.11.8 | Apache on Ubuntu
AutoComplete places of @tkempf, chart modules of @magicsunday, Fancy treeview of @justCarmen

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #131 by anjop
Replied by anjop on topic New releases of webtrees
Thank you Greg for this intensive and precise work!!!
Now the updates of my two genealogies went smooth and fast and without problems!
Just business as usual! What a joy!
Thanks!

www.helmutpaul.at / www.lippsfamilie.de
www.paul-engl.at / www.komoot.de/user/anjop
----
webtrees 2.1.22; theme: colours; modules: Different Vesta Modules; Fancy Imagebar; Theme modifications (by Rob Peters);
PHP Version 8.1.30; mySQL 4.9.7; Mac OSX 14.7.1; webbrowser Safari

Please Log in or Create an account to join the conversation.

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
1 year 11 months ago #132 by fisharebest
Replied by fisharebest on topic New releases of webtrees
webtrees 2.1.13 is now available - see webtrees.net/blog/

Fixes:

* Compatibility issues with PostgreSQL, SQLite and SQL-Server.
* Cannot save tree-preferences without contact details.
* Provide select-options for NAME:FONE/ROMN:TYPE.
* HTML error prevents privacy rules from saving.
* Interactive tree not updating in full-screen mode.

Updates and new features:

* ‘Ugly’ URLs are redirected to pretty ones, for SEO.
* Dutch historic events.
* Support for GEDCOM7 versions of INDI/FAM:RESI which allow a value.
* The FAQ page now uses the default tree by default.

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
1 year 11 months ago #133 by fisharebest
Replied by fisharebest on topic New releases of webtrees
[strike]Compatibility issues with PostgreSQL, SQLite and SQL-Server.[/strike]

This change didn't make it. It will be in the next release instead.

It also fixed the Ü/Ä/Ë issue for German users.

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #134 by ArchPrime
Replied by ArchPrime on topic New releases of webtrees

webtrees 2.1.13 is now available - see webtrees.net/blog/

For some reason , for the last couple of versions, I have received emailed notifications via this forum that a webtrees update was available, but when I go to my website control panel, this reports that there is no newer version available.

Website: www.kingfamily.prime.net.nz
webtrees version 2.1+

Please Log in or Create an account to join the conversation.

  • fisharebest
  • Topic Author
  • Away
  • Administrator
  • Administrator
More
1 year 11 months ago #135 by fisharebest
Replied by fisharebest on topic New releases of webtrees
It is possible that your server cannot make outgoing HTTP requests - and so cannot check for new versions.

Look in the table wt_site_setting for these three settings. What values do you have?
Code:
+-----------------------------+---------------------------------------------------------------------------------------------------+ | setting_name | setting_value | +-----------------------------+---------------------------------------------------------------------------------------------------+ | LATEST_WT_VERSION | 2.1.13|2.0.0|https://github.com/fisharebest/webtrees/releases/download/2.1.13/webtrees-2.1.13.zip | | LATEST_WT_VERSION_EMAIL | 2.1.7 | | LATEST_WT_VERSION_TIMESTAMP | 1671102165 | +-----------------------------+---------------------------------------------------------------------------------------------------+

Greg Roach - greg@subaqua.co.uk - @fisharebest@phpc.social - fisharebest.webtrees.net

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #136 by ArchPrime
Replied by ArchPrime on topic New releases of webtrees
LATEST_WT_VERSION 2.1.12|2.0.0|https://github.com/fisharebest/webtrees/releases/download/2.1.12/webtrees-2.1.12.zip

LATEST_WT_VERSION_EMAIL 2.1.12

LATEST_WT_VERSION_TIMESTAMP 1671045611

Website: www.kingfamily.prime.net.nz
webtrees version 2.1+

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #137 by Warius
Replied by Warius on topic New releases of webtrees

LATEST_WT_VERSION_TIMESTAMP 1671045611
this is Wed Dec 14 2022 19:20:11 GMT+0000

webtrees contacts the update server approximately every 24 hours - i.e. in 5 hours.

signature

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #138 by otmar.mayr
Replied by otmar.mayr on topic New releases of webtrees
Automatisches Update funktioniert bei mir schon lange nicht mehr. I habe diese Eintragungen:

LATEST_WT_VERSION 2.0.16|2.0.0|https://github.com/fisharebest/webtre...
LATEST_WT_VERSION_TIMESTAMP 1632847453

LATEST_WT_VERSION_EMAIL - gibt es bei mir nicht.

Hängt das mit meiner alten PHP-Version zusammen?

www.verwandten.info / PHP-Version 8.2 / webtrees 2.1.21

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #139 by ArchPrime
Replied by ArchPrime on topic New releases of webtrees

LATEST_WT_VERSION_TIMESTAMP 1671045611
this is Wed Dec 14 2022 19:20:11 GMT+0000

webtrees contacts the update server approximately every 24 hours - i.e. in 5 hours.

Would/should I not be initiating contact and directly interrogating the update server by looking at that page in Control Panel?

If not, if control panel is going to make an assertion about the existence of updates, should it at least advise the time this was last checked, and the next scheduled check, so as to avoid providing apparently conflicting advice, as I experienced?

Website: www.kingfamily.prime.net.nz
webtrees version 2.1+

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #140 by Peter_S
Replied by Peter_S on topic New releases of webtrees

If not, if control panel is going to make an assertion about the existence of updates, should it at least advise the time this was last checked, and the next scheduled check, so as to avoid providing apparently conflicting advice, as I experienced?
I would also welcome this requirement.

Similar to the Windows update in the Windows settings:
Installed version: 2.1.12 - you are up to date
Last check: Today, 00:14


Button: Check for updates

Peter

webtrees 2.1.22, vesta modules, chart modules of magicsunday, extended family and imprint of hartenthaler
PHP 8.3.12, MariaDB 10.11.8
Webhosting: genonline.de

Please Log in or Create an account to join the conversation.

Powered by Kunena Forum