Coppermine 1.4.19 has been released to fix a MySQL injection flaw, again. This is how TimesToCome was hacked last April and why you now have all these shiny new security tools and information on this website.
I went to the Coppermine site only because there was a huge increase in cross site scripting attempts last night on the Coppermine albums.
Anyhow update if you have not.
Tags: coppermine · mysql · security
I’ve known for a few months I needed to move to another hosting company but I kept putting it off because the thought of redoing all the Coppermine stuff horrified me.
It turned out to be pretty easy. OK after 4 hours of going in circles I now know how to do it and it is easy now.
Backup old stuff:
Download your entire Coppermine directory from your old host to your home computer. This may take a while if you have lots of pictures.
Using whatever tools your webhost provides backup and download your Coppermine MySQL database. Most hosts use phpMyAdmin. If you have that available select your Coppermine database; Select Export; Select Save as file; Give it a file name ( template ) and download it with no compression.
Upload to new server:
Upload your entire Coppermine directory to your new webhost ( this may take a while )
Create a new database for Coppermine on your new host using what ever tools the host provides. Write down your user name, database name, and server if it gives you a server name. ( Most of the time it will be on the same server and you will just use localhost. )
Import the old database to the new database. If you are using phpMyAdmin, select the database; Select Import; chose the file and upload.
If you get permissions errors from MySQL while importing your data base try this: On your computer open your database backup you downloaded in a text editor. It is a plain text file you can easily work with it. ( Make a copy first of course! ) Remove every thing until the lines
–
– Table structure for table ‘cpg_albums’
–
Leave those lines and every thing after them in the file but remove the lines before that. The user name, database, CREATE DATABASE etc are all what is causing the permissions problem. Dump the lines below - yours will be slightly different.
– phpMyAdmin SQL Dump
– version 2.9.1.1
– http://www.phpmyadmin.net
–
– Host: 10.6.255.255
– Generation Time: Mar 11, 2008 at 02:06 PM
– Server version: 4.1.22
– PHP Version: 4.4.4
–
– Database: `her0731003345419`
–
CREATE DATABASE `her0731003345419` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
USE `her0731003345419`;
– ——————————————————–
–
– Table structure for table `cpg_albums`
–
It took me several hours to find that information. It is not well documented anywhere. The rest of the move was painless.
The last thing you have to do now is to change your user name, host and database name in your config.inc.php file to use your new database. You’ll find this file in Coppermine/includes. Just edit the entries and remove your old user name, password and host and enter your new password, host and database name.
Tags: coppermine · how to · mysql
One problem that shows up when you back up ( mirror ) your Wordpress to your local copy of Wordpress is that Wordpress uses absolute urls rather than relative. So the Wordpress install on your local machine may point to entries and stuff at the live site. To fix this you need to change the base url. If you try to change it using the wp-admin tools on your local machine it points to your live site which you do not want to change.
All the directions I read have you break your live site, copy files, then fix your live site. That’s living a bit too dangerously for me. This just requires you log onto my sql and change the default base url.
To fix this log onto mysql ( mysql -u your_username -p )
Once you are logged in type:
select option_value from wp_options where option_name = ’siteurl’;
*Use siteurl literally not your actual siteurl.
It will show you where the local Wordpress install thinks it is located.
To change this to your local machine type
update wp_options set option_value = ‘http://127.0.0.1/wordpressDirectory’ where option_name = ’siteurl’;
wordpressDirectory should be the local directory you installed your Wordpress copy into. To be sure this is correct just retype the select option_value from wp_options where option_name = ’siteurl’;
Tags: how to · mysql · wordpress
Instructions for Leopard, OSX 10.5 are here
Setting up Wordpress on my home computer was supposed to be painless but did not turn out that way at all.
If you are installing Wordpress on OSX and everything is set up and working but Wordpress will not talk to the server skip right to step 10 on the instruction page. Or better go to MySQL Reference for OSX there are a few solutions on that page. I took the easy one.
Another great set of instructions for setting up Wordpress on OSX is Installing WordPress on Tiger. It is a very easy to follow set of instructions. I had to go look up a few things that weren’t covered there. I hope I covered everything in my directions.