Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Perl May 15th, 2016 at 8:51pm Mark & QuoteQuote Apache error log is full of: Quote: Unescaped left brace in regex is deprecated, passed through in regex; marked by <-- HERE in m/ { <-- HERE yabbbr} / at ./Sources/Subs.pm line 1861. Quote: Subs.pm: CGI::param called in list context from ./Sources/Subs.pm line 1142, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/cpanel_lib/CGI.pm line 404. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #1 - May 15th, 2016 at 9:36pm Mark & QuoteQuote in Subs.pm find Code (Perl) and replace with Code (Perl) \{yabbbr} also in Subs.pm find Code (Perl) foreach my $name ( $CGI_query->param() ) { and replace with Code (Perl) my @nama = $CGI_query->param(); foreach my $name (@nama) { Now I have NOT fully tested this but it doesn't throw errors to the Apache errorlog and my YaBB install appears to still be working. Edited: There are similar issues to the yabbbr in ExtendedProfiles.pm Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #2 - May 15th, 2016 at 9:41pm Mark & QuoteQuote The line: Quote: @value = $CGI_query->param($name); needs to be: Quote: @value = $CGI_query->multi_param($name); When using Perl 5.22. At least Perl 5.20 still had param() working in list context. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #3 - May 15th, 2016 at 10:34pm Mark & QuoteQuote You're right. Later I'll test how that code behaves on older versions of Perl. Edited: multi_param does NOT work with Perl 5.08 or Perl 5.14. (At least with how they're configured here but I'm updating the CGI module to see it that helps.) Edited: Nope - even with the newest version of the CGI module the call for multi-param crashes YaBB. What we're going to have to do is write a mod specifically for upgrading to use Perl 2.22. (Like the Apache 2.4 mod.) Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #4 - May 15th, 2016 at 11:00pm Mark & QuoteQuote Dandello wrote on May 15th, 2016 at 10:34pm:You're right. Later I'll test how that code behaves on older versions of Perl. I haven't checked when multi_param() was introduced but you might want to use version check if it was introduced too late... GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #5 - May 16th, 2016 at 1:41am Mark & QuoteQuote It was introduced in CGI 4.28 (approx) and it does (apparently) work with older versions of Perl. BUT there are other code differences. Code (Perl) for my $name ( $CGI_query->param ) { if ( $name =~ /^file(\d+|_avatar)$/xsm ) { next; } # files are directly called in Profile.pm, Post.pm and ModifyMessages.pl @value = $CGI_query->multi_param($name); Code (Perl)$CGI_query->param without the () gets the whole parameter list in CGI 4.28. And apparently the new system requires a stated parameter if the () is used. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #6 - May 16th, 2016 at 7:56am Mark & QuoteQuote Dandello wrote on May 16th, 2016 at 1:41am: Code (Perl)$CGI_query->param without the () gets the whole parameter list in CGI 4.28. And apparently the new system requires a stated parameter if the () is used. Apache error log already looks a lot better... only 4 errors in 11 hours and all of them are harmless. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #7 - May 21st, 2016 at 2:26pm Mark & QuoteQuote Another interesting one: when using the -w flag in YaBB.pl, Captcha doesn't render - not even in the Admin Center. But it does when there's no -w flag and I use 'use warnings;' in YaBB.pl instead. The problem appears to be related to Captcha.pm not rendering properly under 'use warnings'. Decoder.pm also has a problem when called from the registration page when Captcha is enabled. (Working on that one.) Edited: Captcha.pm only works with 'no warnings;' when YaBB.pl has the -w flag. Hunting down the cause. « Last Edit: May 21st, 2016 at 3:53pm by Dandello » Reason: typos Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #8 - May 21st, 2016 at 4:25pm Mark & QuoteQuote I used a lot of croaks with variable contents to track which path was taken when diagnosing why things didn't work after the Perl upgrade... It took me half dozen attempts for it to hit even the first croak Essentially I had to reverse and negate almost all of the if tests. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #9 - May 21st, 2016 at 4:52pm Mark & QuoteQuote Ack!! Some warnings/errors go the the Apache error log and the ones you least expect (Like Captcha problems) go into the YaBB error log. But I found the *tard. Edited: The problems I'm seeing in 2.6.12 has to do with uninitialized variables in equivalency or numeric context, used once variables (because they're being imported) and the worst ones, non-numeric strings and blanks put into a numeric context. Most of the ones in the if statements can be fixed by first checking that the variable exists and isn't undef. A couple places the variable has to be checked to make sure it's a number instead of a text string. I mean, seriously, '1u' being compared to a number? How did that EVER work? (You don't have to answer that - I suspect older versions of Perl simply defaulted it to 0 when it saw a WTF. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #10 - May 21st, 2016 at 7:35pm Mark & QuoteQuote The cases where I had to reverse the tests were mostly where blank string was supposed to equal to undefined variable, variables that were loaded from files for example. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #11 - May 21st, 2016 at 8:02pm Mark & QuoteQuote What I've found should work is replacing the Code if ( $myimportedvar eq q{} ) with Code if ( !$myimportedvar ) In most cases we're actually checking to make sure that the variable has a value and (in theory) undef, 0, and q{} should all be false. The places it gets tricky is you can't use that test if the variable can legitimately have a 0 value. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #12 - May 21st, 2016 at 8:24pm Mark & QuoteQuote Dandello wrote on May 21st, 2016 at 8:02pm:The places it gets tricky is you can't use that test if the variable can legitimately have a 0 value. Well... While I was fixing the attachment handling code, there was cases when with "perl -w" it failed because it assumed it can always read the attachment list and find the entry... when the attachment list file was corrupted, it croaked because the attachment count was undefined and not zero. Same thing happened when editing attachments in a post... Adding first attachment worked, but adding second always failed. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #13 - May 21st, 2016 at 8:38pm Mark & QuoteQuote I'll look for that when I start working on that function. There are also a lot of spots where it croaks because the file it's trying to read from doesn't exist. (All those readline on closed file errors.) Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #14 - May 21st, 2016 at 8:42pm Mark & QuoteQuote Most of cases when files got corrupted was because YaBB didn't notice it was running out of disk space when writing file... Stupid Linux stops writing to files well before free space on a mounted filesystem hits zero. When that happens, the file size is reset to 0 and the file is truncated. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #15 - May 21st, 2016 at 9:00pm Mark & QuoteQuote Ahh! a variation on the famous 0 length vars file problem. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #16 - May 21st, 2016 at 9:11pm Mark & QuoteQuote Dandello wrote on May 21st, 2016 at 9:00pm:Ahh! a variation on the famous 0 length vars file problem. It can basically happen with any file. I've seen it happen on attachment list file, instant message mailboxes etc... if opening file succeeds but writing doesn't, all data is lost, because it doesn't keep copy of the overwritten data. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #17 - May 21st, 2016 at 9:44pm Mark & QuoteQuote Monni wrote on May 21st, 2016 at 9:11pm:if opening file succeeds but writing doesn't, all data is lost, because it doesn't keep copy of the overwritten data. Yet another reason to start seriously looking at mySQL for the data storage. In theory, it's less likely to wipe the data. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #18 - May 21st, 2016 at 10:44pm Mark & QuoteQuote Dandello wrote on May 21st, 2016 at 9:44pm:Monni wrote on May 21st, 2016 at 9:11pm:if opening file succeeds but writing doesn't, all data is lost, because it doesn't keep copy of the overwritten data. Yet another reason to start seriously looking at mySQL for the data storage. In theory, it's less likely to wipe the data. I've used SMF which is basically MySQL version of YaBB as it is based on YaBB SE and it had database corruption issues instead... In YaBB we get one or two zero-length files, but when MySQL database gets corrupted, it usually means everything is unreadable. I know MySQL has repair command, but that doesn't always fix corruption successfully. With forum that is over 1 GB in size, that kinda means we would have to shutdown the forum for about 4 hours every week to take synchronized backups of both the attachment files and data moved to MySQL database, and copy them off-site. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #19 - May 23rd, 2016 at 2:17pm Mark & QuoteQuote There are large YaBB forums where the 'normal' backup can take 4+ hours. (Like YaBBForum itself.) But the backup issues for SQL based data is something that has to be seriously considered. It does no good to use mySQL for the data if we can't make good and fast backups of that data - and an easy way to restore the data when necessary. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #20 - May 24th, 2016 at 11:09am Mark & QuoteQuote Dandello wrote on May 23rd, 2016 at 2:17pm:There are large YaBB forums where the 'normal' backup can take 4+ hours. (Like YaBBForum itself.) But the backup issues for SQL based data is something that has to be seriously considered. It does no good to use mySQL for the data if we can't make good and fast backups of that data - and an easy way to restore the data when necessary. Even if the backup isn't very large, just the time it takes to download the backup off-site is long, because shared hosting plans have limited diskspace and bandwidth and usually can only hold 4-5 backups on-site at most and only if there is no system backup in progress... Incremental backup currently doesn't work so it can't be used to save size of the individual backups... GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #21 - May 24th, 2016 at 1:25pm Mark & QuoteQuote That's a problem I can't reproduce. HOWEVER, if it IS related to the problem I was having with Advanced Backup, put the if statements back and move Code automaintenance('off'); into 'sub print_BackupSettings' just above the return. Hopefully that will fix the problem(s) with your Backup.pm as I suspect the problems you were having with the if statements had to due with the $max_process_time being set longer than your allowed process time. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #22 - May 24th, 2016 at 2:13pm Mark & QuoteQuote Dandello wrote on May 24th, 2016 at 1:25pm:That's a problem I can't reproduce. HOWEVER, if it IS related to the problem I was having with Advanced Backup, put the if statements back and move Code automaintenance('off'); into 'sub print_BackupSettings' just above the return. Hopefully that will fix the problem(s) with your Backup.pm as I suspect the problems you were having with the if statements had to due with the $max_process_time being set longer than your allowed process time. If I put the if statement back, I just get too small backup file... it doesn't contain all of the directories... The problem is that when it fails, it doesn't actually write anything to the file as the external zip command uses temporary files. When doing incremental backups, it just prints "Nothing to do." and browser can't handle that because there is no HTTP headers. If I use internal zip from Perl, I just get croak due to file corruption. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged
Dandello Forum AdministratorYaBB Modder Offline I love YaBB 2.7! Posts: 2235 Location: The Land of YaBB Joined: Feb 12th, 2014 Gender: Mood: Annoyed Zodiac sign: Re: Perl Reply #23 - May 24th, 2016 at 2:43pm Mark & QuoteQuote What happens if you choose a different backup method? (Or is a different one not available? I'm thinking your hosts's 'upgrade' trashed more than just YaBB's functionality. Unfortunately, on my testbed I only have Archive Tar and Archive Zip available. I'm assuming nothing of note is showing up in the server error log.) BTW, overly small zip file sizes was one of the problems with Advanced Backup on micro-sized YaBBs until I put the $max_process_time down to 5 seconds or less. Perfection is not possible. Excellence, however, is excellent. WWW IP Logged
Monni Language Offline Min izāmō Posts: 413 Location: Kaarina, Finland Joined: Jul 16th, 2014 Gender: Mood: Frustrated Zodiac sign: Re: Perl Reply #24 - May 24th, 2016 at 5:51pm Mark & QuoteQuote Dandello wrote on May 24th, 2016 at 2:43pm:What happens if you choose a different backup method? (Or is a different one not available? I'm thinking your hosts's 'upgrade' trashed more than just YaBB's functionality. Unfortunately, on my testbed I only have Archive Tar and Archive Zip available. I'm assuming nothing of note is showing up in the server error log.) BTW, overly small zip file sizes was one of the problems with Advanced Backup on micro-sized YaBBs until I put the $max_process_time down to 5 seconds or less. I didn't really test if Archive::Tar was supported because of the timeout issue... I saw no reason to drop $max_process_time further as it always failed on the big directory, not the smaller ones. When it hadn't failed yet, it said the step took 7.3 seconds. GTalk Skype/VoIP Facebook Twitter YouTube ICQ IP Logged