The Special SiteSplat Membership has launched! Check our In Da Club Plan 👌
  • phpBB 3.3.5 Do NOT update!
  • News, Announcements, Feedback, Improvements, Changes and Policies.
News, Announcements, Feedback, Improvements, Changes and Policies.
 #35724  by ThemeSplat
 October 7th, 2021, 7:10 pm
Well bunch of issues with extensions...
Do not update for now until I can verify what is breaking things left right and center ;) :poom:
 #35784  by Leinad4Mind
 October 28th, 2021, 8:20 pm
Let us know when it's safe. Today I had some time and I've updated all extensions. :plus1:

Will wait some more weeks, just in case :-)
 #35786  by franht1
 October 28th, 2021, 8:25 pm
thanks for the notice ... i will not update until new order!
 #35798  by ThemeSplat
 November 6th, 2021, 4:35 pm
Wait a bit longer. Almost went through all the extensions and fixed the issues were created with the 3.3.5 changes...
 #35823  by ThemeSplat
 November 11th, 2021, 4:32 pm
Should be ok to update now... However you do not need to update unless there are bugs or security issues that are a concern for your situation.

If any issues with premium extensions are encountered after the update, make sure you also update the extensions and or if an update is not available make sure to report any issues so they can be addressed asap.
 #35825  by Dion
 November 11th, 2021, 10:40 pm
phpBB 3.3.5 has a pretty serious bug in its migrations code. This bug is one of the reasons why Dave has asked people to avoid updating to phpBB 3.3.5. The bug in 3.3.5 can be demonstrated with the following migration function that does nothing more than create a JSON-encoded string as a $config variable. The function works correctly in all previous versions of phpBB that supported migrations.
Code: Select all
	public function update_data()
	{
		return array(
			array('config.add', array('dd_migrationbug', '{"A":"101a","B":"102b","C":"103c","D":"104d","E":"105e","F":"106f","G":"107g","H":"108h","I":"109i","J":"110j","K":"111k","L":"112l","M":"113m","N":"114n","O":"115o","P":"116p","Q":"117q","R":"118r","S":"119s","T":"120t"}'))
		);
	}

The issue is in the phpbb/config/db.php file. The set_atomic() function now contains the following in its INSERT query:
Code: Select all
				'config_name'	=> $this->db->sql_escape($key),
				'config_value'	=> $this->db->sql_escape($new_value),

All previous versions of phpBB contained the following:
Code: Select all
				'config_name'	=> $key,
				'config_value'	=> $new_value,

The use of sql_escape() is incorrect -- the sql_build_array() function also calls this function with strings, which means the string is being double-escaped.

One hopes the phpBB devs fix this quickly, because it will undoubtedly result in a large number of broken extensions. The following ticket is the culprit:

https://tracker.phpbb.com/browse/PHPBB3-16870

PRENEXT_POST_NAVIGATION

Recent Topics

still terrible delay. The package is done. Now its[…] »MORE«

phpBB 3.3.5 has a pretty serious bug in its migrat[…] »MORE«

It might quite nooby question but after registrati[…] »MORE«

Can be achieved using Advanced Profile Fields too […] »MORE«

Favorites

About us

BBOOTS™ Is The First And Only Fully Responsive PhpBB® Unofficial HTML5/CSS3 Theme. It’s Clean And Crisp Design Looks AWESOME Across All Browsers And Devices.

It Utilizes A Bootstrap Based Layout Which Has Been Long Waited For And That Is Sure To AMAZE The phpBB Fan Club.

BBOOTSThe Unofficial Responsive Theme