Joomla! Discussion Forums

J! 1.0.13 doesn't work with JSMF 2.0.2... Is there a way to downgrade to J! 1.0.12?

Did you do backups before upgrading? And, did you talk to the third party developer?

No. I didn't do any backup. and the JSMF development is paused i think...

Not good. I don't have an answer for you. I was looking at the JSMF forums as it appears Cowboy will continue JSMF development/support. That is where I'd start - see when/if a new JSMF bridge will be available.

The way to back out an upgrade is to use your backups. That is obviously why it's important to take backups prior to an upgrade.

Look around both forums and see if others are finding the same issue and what they are doing. I'll keep an eye open, too, and post back if I see something.

Amy

I have found this:
http://www.joomlahacks.com/component/op ... 3#msg18913

Excellent find. Still, do a backup before you do that. Especially a database backup. Good job!

And - THANKS for posting a link back here, too!
Amy

Will do, currently i can't access joomlacode.org, I keep getting Network Error (tcp_error). Probably from my ISP.

The include\joomla.php file for v 1.0.13 is the one that has the new password logic. You could try to simply replace that one file with the previous include\joomla.php file from the v 1.0.12 version. (I tried attaching it but it's too big for the forum attachments.)

This should be tried on a TEST system, not in a production environment, but you have already upgraded and you don't have backups. So, before you back out all of the changes, including important security updates, maybe you should try simply backing out that one file that is causing the bridge a problem.

Then, any passwords that were changed SINCE you upgraded will have to be changed back.  If no one logged on, there are no passwords that have to be changed. Probably, you will have to at least change your admin password. Following are some instructions Beat from CB provided (Thanks Beat) that RussW shared (Thanks RussW.)



Please let me know if you tried this and how things turned out.
Amy

PS - email me at AmyStephen at gmail dot com if you want me to mail you the file.

The only user who logged after the update is me, i've just downgraded and everything seems to be working... I'll tell you if my users got problems in logging.

Thanks for your help

Hi Amy and all,

With respect to this bit from Amy



I came across this : http://www.simplemachines.org/community/index.php?topic=184557

I am no expert, but I understand that the answer from the FSF make any bridge between GPL'Joomla and SMF illegal. Because the bridge from Joomla has to be GPL (or possibly LGPL) and this must be passed on to the target application (SMF) which is not GPL and won't be, as per SMF people words.

Looks like the end of SMF and Joomla ?
I am posting this here because they say they will support the bridge until technical issues make it so that the existing stuf don't work, and that's just what happened with v 1.0.13 of Joomla.

What do you think ?

Regards

@ shumisha: this was posted several times already

Hi Leolam,

Sorry about this then, but as Amy, who is generally well informed, mentioned 15 hours ago the possibility to use Cowboy bridge, and as I saw an information which consequence is that any bridge to SMF is illegal, I thought I would ask the question here.

In other words my post is not about the announcement of the SMF bridge issue, it is about the fact (rather my  understanding of it) that no bridge can be built between SMF and Joomla, and of course between Joomla and any other application that is not GPL

Am I correct in assuming this ?

Regards

shumisha,
I wont comment on that issue since I am not a lawyer....

cheers

@shumisha : your post was a good informative post since it informs that here is no need to worry about SMF bridge anymore in terms of new pasword storing incompatibility. If somebody is spamming here it is me and advertiser

Please help me to understand about the security-upgrade in Joomla! 1.013 ...

I know the MD5 algorithm. Tested Brute force a couple of years ago to see what it takes to retrieve a password out of a hash but let me get this right? The security-breach is only there when you can access the hash-table in the database and compare the content with the so-called rainbow table? Or am I missing some point here?


I'm very depressed about the way perfectly logic rules make something useful as a Joomla!-SMF bridge non-distributable. I like SMF ... 

The bridges stopped working because of the change in Joomla!'s password storing mechanism, while it is different reason why its development was discontinued.
The second thing is because of license incompatibility and no will on SMF's end to work something out. Only SMF can change something because only they are able to change license or allow some kind of solution. (Joomla! license is "inherited" from various code sources, so Joomla! has no power to change it.)

without wanting to start any discussions here: this statement in pertinent not correct and needs correction. Joomla has made a choice and they stick to tha at this moment and thats all,. They would be able to change the minute "they" want
cheers
Leo

Nope, the choice was made before Joomla even existed.

no further discussion here. Decision of Joomla core to stick and enforce GPL has nothing to do with Mambo or Miro

cheers

Back to the topic.

In addition to Beat's explanation on how to downgrade, posted here by Amy, I would like to hint you that if you are editing your database in phpMyAdmin you can encode your password with MD5 by choosing MD5 in function select list (usually left from editing field). So there is no need to find anexternal MD5 generator.

Sweet! I did not realize that, thanks Roman. 

Your comments on the bridge are 100% correct, too.

Shumisha - I hope to post a bit more on the SMF bridge later today and I hope SMF will rethink this approach. The announcement made on July 24 forces Joomla!/SMF end users to either a) use a CMS they did not freely choose or b) leave their sites vulnerable for the v 1.0.13 security fixes. A reasonable transition period would be very much appreciated and there is no reason that can't happen!

Now, to fire up my phpMyAdmin page and find that nifty MD5 utililty Roman mentioned...
Amy

Hi Amy,

Have fun with phpmyAdmin. Soon you'll be posting all over the place! Google just told me that there is also a xoops-smf bridge, a E107-smf bridge, a mambo-smf bridge and probably more. Wonder what will happen with those.
OK, that's fully off-topic. I stop.

regards to all

Wow! Great points. Very interesting - LOTS of bridges into GPL worlds that are "illegal"! Thank you! 

And, I think it is on-topic. If there is no bridge for SMF to Joomla!, then one would have to downgrade from 1.0.13, at this time.

Amy

Rock!  Thanks yam90! ... Amy

Talking of average users: I think I am one of those.

Reading of the 1.0.13 version I quickly got aware of the problems that might show up (maybe I am reading more into things than average users), and I have not yet upgraded because I simply do not know how to make a database backup (off topic?). I really won't upgrade without backup even if I fortunately don't have any bridges intalled...

• I am hasseling around with myphpadmin and I don't even know if I really need this powerful tool to make a simple database backup.
• I can't find a possibility on my virtual server's plesk surface (where I most would expect to find such a backup tool (or even better: just a button),
• Joomla itself doesn't seem to provide a possibility to backup it's database (or did I simply not find it? phpBB for example provides such a thing, but I don't blame Joomla if it doesn't)

After the installation of phpmyadmin (not really easy if you want to be sure not to open the doors to hackers) I find out that the day has gone and I must read on to understand how to use this powerful tool (remember, I just want to make a simple backup of a database...)

I think that I share my slightly off-topic problem with many average Joomla users, and it has a lot to do with the fact that most users do not make a database backup, and from time to time some of them run into severe problems.

I hope that I will solve my backup problem (maybe with some kind reader's help, good links are welcome too) before I'll feel urged to upgrade without backup (the fear of being hacked is there too...)

Thanks for reading, understanding and helping?

Hi Callit!

Welcome to Joomla!. I think WordPress has a great article on how to use phpMyAdmin to backup a database. There are also several extensions you can explore for backing up your J! database.

Also, I recommend you learn how to create a working server environment with XAMPP on your desktop and how to move your database and update the configuration so that you can perform upgrades locally, first, and problems can be identified and resolved before your production site is even involved.

Smart thinking making certain you know how to do this!
Amy

Hi Amy!

Thanks a lot, your post fits my needs 100%
This was a straight forward link!
The toughest task was to choose one of the extensions (a lot of review reading,  the winner was JoomlaPack). The rest was just a matter of an hour to read the instructions (to not let opened any door to hackers), 5 minutes to download and install, 5 minutes to backup, 30 minutes to upload to another server and 10 minutes to reinstall the copied Jommla site - not just for the fun of it but to know that it really would work if I should need it one day. - And wow! It really worked without the slightest sign of a problem in the whole way! All in all a 3-hour experience, I hardly can believe it!

Again, thanks a lot, I feel much better now than ever in my humble Jommla carreer.
Of course I'll do some intensive reading on the phpMYAdmin article you mentionned. To build a working server environment will be a challenge for me, but probably this is really a must for Successful Disaster Prevention SDP™

Kind regards,
Markus

Think I will add my rant. I won't mention any other Cms's or forums. Honestly, with this rant, pick one! I had recently tried Joomla, found 1.5 rc1 and upgraded, oops! Luckily I had backed up my database, I did not save the 1.0.12 ver and re downloaded (unbeknownst 1.0.13) and imported the database. It blew my SMF and CB out of the water.
So.
Error #1 I accidentally upgraded by .001 point.
Error #2. I downloaded from the extensions page that links to another sites download section, thus missing all of the front page warnings.

I can go on and on and on how Joomla did me over. Trouble is with any cms, every time ANY of them upgrade, they will kill some plugins and extensions. And since I have no coding experience I must wait for the plugins and extensions to play catch me up.

The other option is to wait for a developer to give a temp fix or some 11 year old decides to give you an answer in the forums.

Joomla out of the box works for me, so no need to complain.

So pay attention to what your doing, make backups regularly, and wait a month on a new upgrade and look at the extensions and plugins to be modified. If there is nothing going on with the extensions in a month after an upgrade, it is probably time to ditch it anyways.

Personally, I think the Joomla Developers have a sense of humor, albeit a sick one, What better way to find out if users are upgrading like there suppose to? Do a minor release and wait for the lashback
Joom: Are members actually using our CMS?
La: Lets send out this version and see.

I am dying for 1.5 as I love what I see.