Cacti (home)ForumsDocumentation
Cacti: offical forums and support
It is currently Sun May 28, 2017 11:05 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: Nectar not working correctly after update to Cacti 088f
PostPosted: Wed Aug 26, 2015 3:41 am 
Offline

Joined: Wed Aug 26, 2015 3:08 am
Posts: 7
HI,

I have upgraded Cacti 088d to 088f. After the upgrade I made a duplicate of a Nectar report. I noticed a change in the report name. It was quoted with ' .
Trying to remove the symbol made things even worse. The report items are now also escaped with \\ and closed with ' .

Items being modified are:
Report Name
Subject
From Name
To Email Address(es)
BCC Address(es)

Could this be the result of various SQL Injection vectors bugfixes included in Cacti 088e?

Workaround:
Manually updated the records in the database.

Look for :
select id,name,format_file,subject,from_name,from_email,email,bcc from plugin_nectar;
The records should not contain ' characters.

E.g.
update plugin_nectar SET bcc='' WHERE id=1;
update plugin_nectar SET subject='Nectar Report' WHERE id=1;


Regards,
RKR


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: cigamit and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group