PyroCMS is an easy to use, powerful, and modular CMS and development platform built with Laravel 5.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
Pyro is an experienced and powerful Laravel PHP CMS.
Home Page: https://www.pyrocms.com/
License: Other
PyroCMS is an easy to use, powerful, and modular CMS and development platform built with Laravel 5.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
Hi, its me again.... I have a theme that works in 0.9.9.7, but it don't work properly in 1.0-dev, solution to it is add in every set_partial his third parameter to FALSE. It is related with the file search and actually I don't know why affects, so that could be a backward compatibility when release 1.0-dev because people must fix they themes before uploading to PyroCMS.
Thanks
I just test pyrocms 1-dev in my Nginx this morning, and i always get 404 page, should i fix my nginx configuration ? FYI, i have added some script from http://codeigniter.com/forums/viewthread/99180/. Thx guys.
i 'm new in pyro and instal at localhost xampp
everything is so right but when i want to add category photo there is erorr,
A PHP Error was encountered
Severity: Notice
Message: Undefined index: enable_comments
Filename: models/photo_albums_m.php
Line Number: 33
A PHP Error was encountered
Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at ibraries\Exceptions.php:166)
Filename: libraries/Session.php
Line Number: 662
A PHP Error was encountered
Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at codeigniter\libraries\Exceptions.php:166)
Filename: helpers/url_helper.php
Line Number: 541
what should i do to fix it
Line 144 reads:
return $this->load->view('../../'.$path.'/views/display', $data, TRUE);
and I believe it should be:
return $this->load->view('../../.'.$path.'views/display', $data, TRUE);
notice the missing period after the second slash is missing therefore widget views were not working on the front end.
EDIT: also notice the extra / in front of views on line 144 forgot to mention that in original post
Public Controller
// Asset library needs to know where the theme directory is
$this->config->set_item('theme_asset_dir', dirname($this->theme->path).'/'); //True
$this->config->set_item('theme_asset_url', dirname($this->theme->web_path).'/'); //False
Correct
$this->config->set_item('theme_asset_url', $this->theme->web_path); //True
pyrocms v1.0.0-dev
I noticed some bugs with the v1.0 dev :
A) it seems i had a little problem with the minimal password length, i explain:
B) I noticed another little problem, switching lang from admin pages break the url :
C) I can't create a new page, i fill the required fields in the first tab, then click save, and i receive :
URL: ../index.php/admin/pages/create
A Database Error Occurred
Error Number: 1364,
Field 'body' doesn't have a default value
INSERT INTO pages (slug, title, parent_id, layout_id, css, js, meta_title, meta_keywords, meta_description, rss_enabled, comments_enabled, status, updated_on) VALUES ('test', 'test', 0, 1, '', '', '', '', '', 0, 0, 'live', 1281912015)
Windows 7
Any help gratefully received. Used download zip file v0.9.9.4
Rich
Hey,
Running v0.9.9.5 out of the box and every time I go to add an instance of a widget I get the validation error that says: 'the nonce field is required'. This involves the Title field (with or without data in it) and after the error comes up it clears the field and fails to save the widget.
I believe that the Title field is controlled by the actual 'Widget' widget but can't actually find the validation rules that control this field.
I have tried to comment out line 86 of the ajax.php file however this fails to fix the issue for me.
Please would you mind suggesting a fix/hack for this issue,
James Norman
Hey!
I ran into a problem with dwoo, or something.
Well, I downloaded pyrocms (by getting the zip-file from Github) and installed it with the installer..
I can log onto the admin page without problems, but when i try to go to localhost, it says;
"Fatal error: Cannot use object of type stdClass as array in D:\wamp\www\system\pyrocms\cache\dwoo\compiled\14b904037144a6519eb97054a27af04a.d17.php on line 4"
Help, please?
Not full language suport in forum...
Hi... I get this
ERROR - 2010-09-07 22:49:12 --> Severity: Warning --> include_once(system/pyrocms/libraries/MY_Config.php): failed to open stream: No such file or directory /media/Documentos/Programación/pyrocms/system/pyrocms/config/config.php 327
ERROR - 2010-09-07 22:49:12 --> Severity: Warning --> include_once(): Failed opening 'system/pyrocms/libraries/MY_Config.php' for inclusion (include_path='/media/Documentos/Programación/pyrocms') /media/Documentos/Programación/pyrocms/system/pyrocms/config/config.php 327
ERROR - 2010-09-07 22:49:12 --> Severity: Warning --> include_once(system/pyrocms/libraries/MY_Router.php): failed to open stream: No such file or directory /media/Documentos/Programación/pyrocms/system/pyrocms/config/config.php 327
ERROR - 2010-09-07 22:49:12 --> Severity: Warning --> include_once(): Failed opening 'system/pyrocms/libraries/MY_Router.php' for inclusion (include_path='/media/Documentos/Programación/pyrocms') /media/Documentos/Programación/pyrocms/system/pyrocms/config/config.php 327
in logs when surfing in a fresh PyroCMS installation, any site, any time using PyroCMS 1.0-dev
Votre variable a �t� enregistr�e.
Accents are replaced by interrogation marks .. The fix is to change all accents in the lang file with html accent like &a a c u t e;... so boring !!
Metadata set in the Pages controller via append_metadata is lost in the MY_Parser::parse() function.
On entry into parse() $data->template['metadata'] contains the metadata added by the Pages controller, but the string returned by parse() no longer contains that metadata.
The really weird part is that when parse() calls _parse(), string_parse() is reached, not _parse() and by that time the metadata is all gone.
When I click to add an page, the ckeditor doesn't load:
http://localhost/pyrocms/admin/pages/create
/pyrocms/admin/pages/create:394
TypeError: Result of expression 'css_editor' [[object HTMLTextAreaElement]] is not a function.
/pyrocms/system/pyrocms/assets/js/ckeditor/lang/pt-br.js?t=A39E
Failed to load resource: the server responded with a status of 404 (Not Found)
/pyrocms/system/pyrocms/assets/js/ckeditor/ckeditor.js:44
TypeError: Result of expression 'l.lang.contextmenu' [undefined] is not an object.
The form contact is too secure. I have made a test and it takes too long to validate the fields.
What are the solutions?
The label translations for username and display_name is missing and it is not possible to register an account - i fill all fields and get the message:
Unable to access an error message corresponding to your field name.
There is some bugs here :
Some sql errors :
http://localhost/pyrocms/forums/topics/view/1-
http://localhost/pyrocms/forums/topics/view
I think it can be injected..
cheers.
I want to use fancyupload on pyrocms. Admin_controller not allow when I upload files. problem is swf upload authentication.
my upload controller
class Admin extends Admin_Controller
{
public function __construct()
{
parent::Admin_Controller();
$this->template->set_partial('sidebar', 'admin/sidebar');
}
// Admin: List Anket
public function index()
{
$this->template->build('admin/form', $this->data);
}
public function upload()
{
if (!isset($_FILES['Filedata']) || !is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
$error = 'Invalid Upload';
}
else
{
move_uploaded_file($_FILES['Filedata']['tmp_name'], ASSETSDIR . $_FILES['Filedata']['name']);
}
}
}
When I create a Page, and edit them to put a javascript on it's script tab,
after saving, it's changing to an html entities.
I tried this to embed on the script text field:
alert( 'test' );
then it change into somthing like this:
alert( 'sdfasdf' );
i dunno if this is a bug or it's my configuration, but i looked into my configuration that could relate to it, but no luck to find it if this is not a bug then i hope someone can help me fix this. i hope you can fix this soon. I am just starting to love the pyrocms. it's my day 1 to dwell in it.
thank you.
BTW i am using version 0.9.9.5
hi CI dev team,
i came across with this when deleting an area from a widget.. it is not showing the warning contents on comfirm box before you completely delete the widget area.
i test it right after upgrading from 0.9.9.5 to 0.9.9.6
HI CI dev team,
when testing the widgets admin area, i was able to load/drag a widget on the specified widget area if i only have one widget area exist, but when i create another widget area. i cannot load/drag any widgets on the second created widget area. but i can load/drag a widget on the first created widget area. hope you can fix this soon. thanks.
i upgraded from 0.9.9.5 to 0.9.9.6
File: third_party/photos/models/photo_albums_m.php
Line: 33
Change:
'enable_comments' => $input['enable_comments'],
To
'enable_comments' => isset($input['enable_comments'])?$input['enable_comments']:0,
PyroCMS v0.9.9.7
pyrocms/admin/photos/create
Enable Comments
A PHP Error was encountered
Severity: Notice
Message: Undefined property: stdClass::$enable_comments
Filename: admin/form.php
Line Number: 36
I have a problem to use de contact widget... when I install the pyro cms this widget not work
Layout page should control the column left too(navigation)...
I've noticed that when we changed the status of an article from live to draft, the article still shows on the website. Is this a minor cache issue or a bug? I think the page should only show a blank page or maybe a message that the article doesn't exist when a user visits a link of a deactivated page.
Following error occures:
A PHP Error was encountered
Severity: Warning
Message: simplexml_load_file() [function.simplexml-load-file]: third_party/modules/contact/details.xml:13: parser error : Opening and ending tag mismatch: en line 13 and nl
Filename: models/modules_m.php
Line Number: 469
A PHP Error was encountered
Severity: Warning
Message: simplexml_load_file() [function.simplexml-load-file]: kers een email kunnen sturen, zonder dat u ze een emailadres hoeft te tonen.</nl
Filename: models/modules_m.php
Line Number: 469
A PHP Error was encountered
Severity: Warning
Message: simplexml_load_file() [function.simplexml-load-file]: ^
Filename: models/modules_m.php
Line Number: 469
A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: models/modules_m.php
Line Number: 474
A PHP Error was encountered
Severity: Warning
Message: Invalid argument supplied for foreach()
Filename: models/modules_m.php
Line Number: 474
A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: models/modules_m.php
Line Number: 495
Fatal error: Call to a member function attributes() on a non-object in /public_html/hvs/application/modules/modules/models/modules_m.php on line 496
As the title says, here's some issues I've noticed when testing the latest version out..
When I try to add a news article, it says:
"An Error Was Encountered
Unable to load the requested class: validation"
And when trying to edit pages, The Page body field doesnt exist, apparently.
Well, there's a box which is a bit darker gray than the other, but there's no text editor.
When entering the "Content > Variables" page on the admin site, there's two messages coming up:
"A PHP Error was encountered
Severity: Notice
Message: Array to string conversion
Filename: libraries/Template.php
Line Number: 263"
And
"A PHP Error was encountered
Severity: Warning Message: strtolower() expects parameter 1 to be string, array given Filename: admin/layout.php Line Number: 36"
That's the problem I've encountered so far. :)
Once installation was complete, there was a php error when trying to load the admin controller. In the file MY_form_helper.php on line 18 a function is called from the form_validation class. It seems that this class had not been loaded and so an error was thrown. I added the form_validation library to the autoload config file and this resolved the issue.
I get the following error in my left menu:
A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: models/navigation_m.php
Line Number: 243
To reproduce: Clear the navigation cache and reload any page (The error disappears when loading from cache, but that may be by design).
Possibly Related: I did get one error in the backend while creating pages when I tried to create the same page twice (database error about a unique index violation).
I'm running:
PyroCMS 0.9.9.7
Windows XP
Apache2
PHP 5.2.14
MySQL 5.0.51
Was trying to get RSS feed to not use a cache, completely disabled the simplepie cache and it was still caching posts. News section showed up to date info immediately upon changes being made.
The RSS feed wont show changes until the news cache is cleared out. So News is not using its own cache?
[Copied from old repository]
Hello. Just to say that 'upload module' needs PHP Zip/Zlib extension module to work and is not validated at installation, only GD library. Error appears in line 368 from the Unzip PyroCMS library without those extensions. I think that default xAMP installation came with them by default but is good to validate again.
There are errors in the 1-tables.sql file. Any column of type "text" or "blob" cannot be assigned a default value. In several tables columns with names "content" and "css" were assigned defaults. This meant the sql would not run and the database could not be created.
I know you protected forms from CSRF as you are already using CI 2 but what about actions links which depends on GET
links like 'site_name/users/logout' or even worse 'site_name/admin/news/categories/delete/1'
what if user is logged in and visits a malicious link sent by attacker for page contains something like
<img src="site_name/admin/news/categories/delete/1" />
as user is already logged in there will
be no problem and he'll have his category with id "1" deleted
I think we shouldn't rely on GET for actions. GET is only for displaying data
I think we can solve the problem using one of these two ways
1-I like what twitter makes to handle this issue I'll talk about logout link in the home page "old version" as an example
they present there markup for logout link something like
Sign out
and they have sign_out_form form at the top of page something like
<form style="display: none;" action="/sessions/destroy" id="sign_out_form" method="post">
<input type="hidden" value="SomeRandomToken" name="authenticity_token">
</form>
so a typical scenario when user click logout link as it has onclick event binded to it. he actually submits sign_out_form which have authenticity_token input field in it to protect user from csrf
but what if user disabled JavaScript in his browser the link won't have onclick event binded to it and will perform the default action "taking user to the value in href attribute" which in this case /logout
logout page have signout form in it with the same authenticity_token input field hidden for user to submit, so twitter can check for the value of authenticity_token
2-another way we could append token in the url of action link but I don't like this way ( ugly URLs and relying on GET for actions )
Finally I rally admire your work on pyrocms and learn a lot of useful stuff from reading your code I'm so sorry if I mentioned something wrong, and I hope I can contribute in this project soon :)
On Mediatemple GridService when i try to install the CMS on step 2 all the check seems to pass (all have the green icon): here what it says:
Your server software: Apache (with mod_rewrite).
PHP Settings
PyroCMS requires PHP version 5.0 or higher.
Your server is currently running version 5.2.6.
MySQL Settings
PyroCMS requires access to a MySQL database running version 5.0 or higher.
Your server is currently running 5.1.26-rc-5.1.26rc
Your client is currently running 4.1.11
GD Settings
PyroCMS requires GD library 1.0 or higher to manipulate images.
Your server is currently running version 2.0.34
but in the end it says "It seems that your server failed to meet the requirements to run PyroCMS. Please contact your server administrator or hosting company to get this resolved."
all accents on the control panel are defective.
Can I use your backend side code in my commercial application free of charge?
I seem to be unable to reset my password to access the forums.
I get the email saying "Please click here" but that just takes me back to the form asking for my username to send me the email again.
The V1.0 version of pyrocms is not showing on my pc in chrome, IE and FF. I only get a slightly dark white area where the editor should be.
Get this message when trying to add an article on the RSS feed widget or a Twitter account on the Twitter feed widget
Hi again...
if 'upload' from root pyro folder is where is loaded themes/modules/etc... so in file
/pyrocms/system/pyrocms/modules/controllers/admin.php line 83 must change from this
$config['upload_path'] = APPPATH.'uploads/';
to this
$config['upload_path'] = FCPATH.'uploads/';
why?? because first point to /pyrocms/system/pyrocms/uploads that (i think) is wrong and the second to /pyrocms/uploads, this last could be right.
please recheck and leave comments. At least with this change I can upload a theme.
Thanks
PD: well... the same thing to addons site
pyrocms/system/pyrocms/modules/modules/controllers/admin.php in line 62
Simple fix to two files see:
http://github.com/webPragmatist/pyrocms/commit/3d177f32a79b20880076f37e388c00e2d977d476
Sorry for hijacking the reformat it was just one line that changed.
Following error:
Incorrect integer value: '' for column 'parent' at row 1
Guess it is looking for a parent album id to insert but there isn't one as this is the first album
I'm having some warning errors in the native autoload, this is an example showed into CI log files
Severity: Warning --> include_once(system/pyrocms/libraries/MY_Config.php): failed to open stream: No such file or directory /var/www/pyrocms/system/pyrocms/config/config.php 328
I think it is because MY_Config class was moved to Core folder in Pyro V1
Also that is happening with MY_Router class, but i don't know why MY_loader and other classes moved to core folder, don't generate this error.
I have just installed the 0.9.9.7 PyroCMS, following your video, into a local MAMP Pro instance (that's why the url is http://pyrocms/) and while the database is created and the installation procedure finished successfully when I try logging in nothing happens at all, no errors, simple a page refresh (reloads the page I am currently on).
Watching the NET console in Firebug (mac os x 10.6 / ff 3.6.10) I noticed that I am getting the following response to the GET request for 'admin' "Failed to load source for: http://pyrocms/index.php/admin".
During the install everything was green and was deemed to be writeable. The files sit locally in my "Sites" folder and there is no 'admin' folder in the root of that folder.
Please let me know if there is anything I can try to get this working.
Thanks.
When you click on the Link Type of Modules in Navigation->Add Navigation Link, the select box shows up, and the HTML has all of the options present, but clicking on the select box doesn't bring up the options.
I am translating it into italian, I am reporting somethings I find during the translation.
1.(Maybe)
location: /application/modules/themes/language/english/themes_lang.php
$lang['themes.mass_delete_success'] = '%s themes out of %s themes successfully deleted.';
$lang['themes.mass_delete_error'] = '%s themes out of %s themes successfully deleted.';
those two above strings are same but maybe they cannot be the same: success and delete
$lang['user_activation_email_body'] = 'Thank you for activting yout account with %s. To log in to the site, please visit the link below:'; activting
activting yout == activating your
3.suggestion:
in /application/language/english/admin_lang.php I prefer to to replace;
$lang['cp_upgrade_message'] = 'You are currently running version %s, but your database is version %s. Please <a href="%s">click here</a> to upgrade the database.';
with:
$lang['cp_upgrade_message'] = 'You are currently running version %s, but your database is version %s. Please <a href="%s" title="upgrade the database">click here</a> to upgrade the database.';
because title attr is a good thing to have.
4.Not sure if it is a bug or it doesnt needs to be translate
location: /application/language//admin_lang.php
$lang['cp_upgrade_message'] = 'You are currently running version %s, but your database is version %s. Please <a href="%s">click here to upgrade the database.'; #translate
5.location: /application/modules/variables/details.xml
seems that they aren't translated
<es>Variables</es>
<fr>Variables</fr>
<es>Manage global variables to access from everywhere.</es>
<fr>Manage global variables to access from everywhere.</fr>
Regards
Alberto
Hi, this is my first site using pyro and I'm experiencing some very weird issues.
The site just freezes, no errors, no blank screen, just continuous spinner.. I'm not even sure where it's coming from but it happens on both local and remote sites and it seems to happen when I have the site open in more than one tab, it'll be ok for a bit and then it'll start the freezing, like something has reached a limit or blocked up or something.. I thought it was an .htaccess thing but I've tried a few things without success.. So I thought it might be the cache but clearing it out doesn't seem to help.. has anyone experienced anything like this with Pyro?
I realise that there are probably going to be more questions than answers so please ask if you need clarification as I'm getting really frustrated because it's not telling me what/where the problem is.. I'm using 0.9.7 and I've been trying to upgrade to 0.9.9.7 but that is another story.. Should the upgrade solve these problems?
Many thanks in advance,
Rob.
When registering I get error:
Invalid CSRF Token
Hi all,
Lets start:
I work with permissions created my own user (called manager).
When I want to use the tinycimm and open the image manager it displays a error (You dont have permission to access this feature.).
Using: PyroCMS 0.9.9.6
core/tinycimm/libraries/Tinycimm.php
I search the error and this code came up:
!$this->ci->user_lib->check_role('admin') and die('You dont have permission to access this feature.');
This code lets us see that only the admin can view/use the module.
I have found a solution don't know if it is a good or a bad one.
Here it is:
Replace: !$this->ci->user_lib->check_role('admin') and die('You dont have permission to access this feature.');
with this:
if(file_exists($xml_file = 'tinycimm/details.xml'))
{
$module = $this->_format_xml($xml_file) + array('slug'=>basename('tinycimm'));
// This user has no permissions for this module
if(!$this->permissions_m->has_admin_access( $this->user_lib->user_data->role, $module['slug']) ) die('You dont have permission to access this feature.');
}
So this is a solution. I think there are more places that it needs to change.
Greets,
Crystaldragon
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.