Can I upgrade to SMF 2.1 RC1 through the package manager?

[mrsfalcon]

Just checking - the official documentation says to upload the files and run the upgrader from the browser, but I had a lot of problems when I did it that way and ended up reverting. I'm primarily concerned with accidentally deleting my attachments directory, which has a ton of files in it.

[Arantor]

No, you can't.

Upgrades of major versions must be done by uploading the files over the top. Good news, though, if you're uploading over the top of it, you can't accidentally delete the attachments.

But if in doubt, take a backup first (making sure to put your FTP client into binary mode)

[mrsfalcon]

Thanks - much appreciated!

[GigaWatt]

But if in doubt, take a backup first (making sure to put your FTP client into binary mode)

Hmmm... good to know I'm not the only one handing out this advice .

[Sir Osis of Liver]

This was an ongoing problem in 2.0, but wasn't it fixed by adding an extension to attachment files in 2.1?

[GigaWatt]

Yes, I think that was the main reason for adding extensions to the attachments (I also think there was a mod that did that in 2.0), but still, I got burned once, I'm not going to rely on the client to automatically decide whether the file is a text file or not any more... sticking to binary mode and would advise everyone to do the same .

[Sir Osis of Liver]

Yes, so do I, but there's a specific reason for corrupt transfers, and I believe it only occurs in FileZilla using default settings.  In FZ Transfer menu there are three options, Auto, ASCII, and Binary, Auto is default.  But buried in Edit -> Settings -> Transfers -> File Types there's a checkbox for 'Treat files without extension as ASCII file', that's the killer, it's checked by default.  It's just a fluke (or maybe a flounder ) that the setting conflicts with SMF file hash.  It's caused a lot of grief in recent years.

[Arantor]

Yes, so do I, but there's a specific reason for corrupt transfers, and I believe it only occurs in FileZilla using default settings.  In FZ Transfer menu there are three options, Auto, ASCII, and Binary, Auto is default.  But buried in Edit -> Settings -> Transfers -> File Types there's a checkbox for 'Treat files without extension as ASCII file', that's the killer, it's checked by default.  It's just a fluke (or maybe a flounder ) that the setting conflicts with SMF file hash.  It's caused a lot of grief in recent years.

No, it doesn't mess with the file hash, it physically damages the file itself. (The hash then being different is merely a symptom of the damage)

Yes, this is the reason an extension was added in 2.1 so FileZilla would assume binary rather than text mode.

[Gwenwyfar]

Did that affect only attachments?

[Arantor]

Did that affect only attachments?

Yes. FileZilla presumes that a file without an extension was a text file so applied the normalisation of line endings between the server and your machine which would damage most files.

All normal SMF files and I think all the download and gallery mods should be fine with this.

[Gwenwyfar]

Oh, I see. I always zip anything for large uploads, takes less time that way. Never had to upload anything extensionless that way.

[Arantor]

It's more than SMF renames the file when you save it as an attachment so there's no risk of the server trying to interpret it as something else... imagine the fun of a file with a .php extension not having that stripped on upload. It suddenly becomes a huge risk.

[Gwenwyfar]

Ahh. Is that why it's a generic extension then?

[Arantor]

Yes, it needs to have no extension, or a generic extension, to prevent the web server treating it as special, if the other protections against directly hitting the folder fail.

[Sir Osis of Liver]

No, it doesn't mess with the file hash, it physically damages the file itself.

That's what I meant.  When the code was written to hash the filename, it apparently wasn't known that FZ would behave this way if there's no extension (the setting is well hidden).  It was never patched in 2.0, I would guess because it would be difficult to apply a fix to existing attachments.

[Arantor]

Oh, it's been known for years. It was even reported to the FZ team a number of years ago. But the code to hash the attachments is also now many years old.

Fixing it was always deemed out of scope for 2.0 because it's not officially ever been deemed a security issue. But it has been fixed in 2.1 during the large upgrade.

[GigaWatt]

And, on the plus side, when you upgrade to 2.1, you know exactly which files somehow got lost in cyberspace . The ones that don't have extensions, don't exist as attachments in the database .