Joomla Upgrade

Netcraft reported a serious SQL injection flaw in Mambo and Joomla. Given that SQL injection is pretty much the worst that can happen to your site, I immediately ran to the Joomla download page and got myself the upgrade from 1.0.8 to 1.0.10. Ran flawlessly, except for the usual SEF problem reported on several sites.

To fix that, I had to go to includes/sef.php and manually change the behavior. How annoying! In this case, I had to go down to line 511 of the new file, where you’ll find the following lines:

// comment line below if you dont have mod_rewrite
// return $mosConfig_live_site .’/’. $string . $fragment;

// allows SEF without mod_rewrite
// uncomment Line 508 and comment out Line 510

// uncomment line below if you dont have mod_rewrite
// return $mosConfig_live_site .’/’. $string . $fragment;
// If the above doesnt work – try uncommenting this line instead

Fact is you want the last line, but if you have links that refer back to index.php (as I have for editing links), then you have to except those. Basically, if the link already contains ‘index.php’, you can do without the mod.

Annoying. And then I recalled that Joomla has edit links built into the administration tool…