Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Perl May 15th, 2016 at 8:51pm Mark & QuoteQuote Apache error log is full of: Quote: Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/ { <-- HERE yabbbr} / at ./Sources/Subs.pm line 1861. Quote: Subs.pm: CGI::param called in list context from ./Sources/Subs.pm line 1142, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/cpanel_lib/CGI.pm line 404. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #1 - May 15th, 2016 at 9:36pm Mark & QuoteQuote in Subs.pm find Code (Perl) and replace with Code (Perl) \{yabbbr} also in Subs.pm find Code (Perl) foreach my $name ( $CGI_query->param() ) { and replace with Code (Perl) my @nama = $CGI_query->param(); foreach my $name (@nama) { Now I have NOT fully tested this but it doesn't throw errors to the Apache errorlog and my YaBB install appears to still be working. Edited: There are similar issues to the yabbbr in ExtendedProfiles.pm Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #2 - May 15th, 2016 at 9:41pm Mark & QuoteQuote The line: Quote: @value = $CGI_query->param($name); needs to be: Quote: @value = $CGI_query->multi_param($name); When using Perl 5.22. At least Perl 5.20 still had param() working in list context. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #3 - May 15th, 2016 at 10:34pm Mark & QuoteQuote You're right. Later I'll test how that code behaves on older versions of Perl. Edited: multi_param does NOT work with Perl 5.08 or Perl 5.14. (At least with how they're configured here but I'm updating the CGI module to see it that helps.) Edited: Nope - even with the newest version of the CGI module the call for multi-param crashes YaBB. What we're going to have to do is write a mod specifically for upgrading to use Perl 2.22. (Like the Apache 2.4 mod.) Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #4 - May 15th, 2016 at 11:00pm Mark & QuoteQuote Dandello wrote on May 15th, 2016 at 10:34pm:You're right. Later I'll test how that code behaves on older versions of Perl. I haven't checked when multi_param() was introduced but you might want to use version check if it was introduced too late... GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #5 - May 16th, 2016 at 1:41am Mark & QuoteQuote It was introduced in CGI 4.28 (approx) and it does (apparently) work with older versions of Perl. BUT there are other code differences. Code (Perl) for my $name ( $CGI_query->param ) { if ( $name =~ /^file(\d+|_avatar)$/xsm ) { next; } # files are directly called in Profile.pm, Post.pm and ModifyMessages.pl @value = $CGI_query->multi_param($name); Code (Perl)$CGI_query->param without the () gets the whole parameter list in CGI 4.28. And apparently the new system requires a stated parameter if the () is used. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #6 - May 16th, 2016 at 7:56am Mark & QuoteQuote Dandello wrote on May 16th, 2016 at 1:41am: Code (Perl)$CGI_query->param without the () gets the whole parameter list in CGI 4.28. And apparently the new system requires a stated parameter if the () is used. Apache error log already looks a lot better... only 4 errors in 11 hours and all of them are harmless. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #7 - May 21st, 2016 at 2:26pm Mark & QuoteQuote Another interesting one: when using the -w flag in YaBB.pl, Captcha doesn't render - not even in the Admin Center. But it does when there's no -w flag and I use 'use warnings;' in YaBB.pl instead. The problem appears to be related to Captcha.pm not rendering properly under 'use warnings'. Decoder.pm also has a problem when called from the registration page when Captcha is enabled. (Working on that one.) Edited: Captcha.pm only works with 'no warnings;' when YaBB.pl has the -w flag. Hunting down the cause. « Last Edit: May 21st, 2016 at 3:53pm by Dandello » Reason: typos Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #8 - May 21st, 2016 at 4:25pm Mark & QuoteQuote I used a lot of croaks with variable contents to track which path was taken when diagnosing why things didn't work after the Perl upgrade... It took me half dozen attempts for it to hit even the first croak Essentially I had to reverse and negate almost all of the if tests. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #9 - May 21st, 2016 at 4:52pm Mark & QuoteQuote Ack!! Some warnings/errors go the the Apache error log and the ones you least expect (Like Captcha problems) go into the YaBB error log. But I found the *tard. Edited: The problems I'm seeing in 2.6.12 has to do with uninitialized variables in equivalency or numeric context, used once variables (because they're being imported) and the worst ones, non-numeric strings and blanks put into a numeric context. Most of the ones in the if statements can be fixed by first checking that the variable exists and isn't undef. A couple places the variable has to be checked to make sure it's a number instead of a text string. I mean, seriously, '1u' being compared to a number? How did that EVER work? (You don't have to answer that - I suspect older versions of Perl simply defaulted it to 0 when it saw a WTF. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #10 - May 21st, 2016 at 7:35pm Mark & QuoteQuote The cases where I had to reverse the tests were mostly where blank string was supposed to equal to undefined variable, variables that were loaded from files for example. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #11 - May 21st, 2016 at 8:02pm Mark & QuoteQuote What I've found should work is replacing the Code if ( $myimportedvar eq q{} ) with Code if ( !$myimportedvar ) In most cases we're actually checking to make sure that the variable has a value and (in theory) undef, 0, and q{} should all be false. The places it gets tricky is you can't use that test if the variable can legitimately have a 0 value. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #12 - May 21st, 2016 at 8:24pm Mark & QuoteQuote Dandello wrote on May 21st, 2016 at 8:02pm:The places it gets tricky is you can't use that test if the variable can legitimately have a 0 value. Well... While I was fixing the attachment handling code, there was cases when with "perl -w" it failed because it assumed it can always read the attachment list and find the entry... when the attachment list file was corrupted, it croaked because the attachment count was undefined and not zero. Same thing happened when editing attachments in a post... Adding first attachment worked, but adding second always failed. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #13 - May 21st, 2016 at 8:38pm Mark & QuoteQuote I'll look for that when I start working on that function. There are also a lot of spots where it croaks because the file it's trying to read from doesn't exist. (All those readline on closed file errors.) Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #14 - May 21st, 2016 at 8:42pm Mark & QuoteQuote Most of cases when files got corrupted was because YaBB didn't notice it was running out of disk space when writing file... Stupid Linux stops writing to files well before free space on a mounted filesystem hits zero. When that happens, the file size is reset to 0 and the file is truncated. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged