Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Is the project still maintained?
| Comment | File | Size | Author |
|---|---|---|---|
| #11 | node_browser.module.patch | 3.04 KB | snipe |
Comments
Comment #1
apadernoI am moving the report to the right issue queue.
Comment #2
Dave ReidPlease post links back to the original module so we don't have to search for it.
Comment #3
apadernoI am sorry again; the link to the project page is http://drupal.org/project/node_browser.
Comment #4
Dave ReidMarked as abandoned.
Comment #6
snipe CreditAttribution: snipe commentedHey there
i've just port this project old codes to D6 at
http://drupal.org/node/287451#comment-2622918
its just a half an hour work done to move to d5 to d6 so it is not a solutions, will make further changes soon in upcoming weeks
i would like to maintain the project as it have good potential to used as business directories, yellow pages
Thanks You
Suketu Topiwala
Demarlos Solutions
http://www.demarlos.biz
Comment #7
apadernoThere is a note about the project being not secure on the project page. In order to allow any further development (if there aren't any other projects with the same or similar purpose) a patch to resolve the security issue must be provided.
Comment #8
snipe CreditAttribution: snipe commentedHi, i've just downloaded the 5.x-2.5 version and will start working on the code standards with drupal 6 with patch in upcoming weeks
Comment #9
snipe CreditAttribution: snipe commentedHi
i am not able to find exactly what is the issue regarding security in Drupal5, i mean to say i would like to Continue with Drupal 6 Development
if solving drupal 5's issues are critically required i will look at them asap before i move to drupal 6
Regards
Suketu
Comment #10
andypostAnyway you should provide a patch, this patch should be against current HEAD (which is DRUPAL-5) You already have code at http://drupal.org/node/287451#comment-2622918 with a half of code
Comment #11
snipe CreditAttribution: snipe commentedHey
okey i have made a small changes, find the attached patched file for review, its for D5, once the project get active, i will start converting it to D6 & then after D7, it still needs much work to be done
Regards
Suketu
Comment #12
andypost@suketu.topiwala Are you sure that removing a part of code could fix a security issue?
Comment #13
snipe CreditAttribution: snipe commentedI think so, as that parts were may allow Sql Injunction to work
this was my initial view, so if some one can testify it, it will be great
Regards
Suketu
Comment #14
apadernoThis kind of reviews are made from the Drupal.org security team. You should probably ask to somebody that is part of the Drupal.org security team to review the code you wrote.
Comment #15
snipe CreditAttribution: snipe commentedHow to do that?
Comment #16
redndahead CreditAttribution: redndahead commented@snipe are you still interested in maintaining this?
Comment #17
tim.plunkettContacting snipe through his contact form, I will follow up if he doesn't.
Comment #18
snipe CreditAttribution: snipe commentedHey @redndahead, I was stuck in some projects, also I am still not the maintainer of the project, I'll let you know in next few days about the plan
Regards
Comment #19
snipe CreditAttribution: snipe commented@tim, Yes I am interested in maintenance for the project, Please let me know what are the proceedings to get the ownership
Regards
Comment #20
tim.plunkettComment #21
apaderno@snipe As the module has been reported to have a security issue, your patch needs to be reviewed from somebody of the security team, as only the security team is able to check if your patch resolves the issue they reported.
Comment #22
tim.plunkettComment #23
snipe CreditAttribution: snipe commented@kiamlaluno , can you tell me how can I ask security team to review the patch, Its a year old issue now. because there are many persons are asking to get this module for their website.
Comment #24
tim.plunkett@snipe, follow the instructions here: http://drupal.org/node/251466#security
Once that issue is dealt with, please mark this issue back to "active".
Comment #25
tim.plunkettMarking back to fixed per #4.