May i ask what is GD and where could i find it?

This is the K2 information
Web Server Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
PHP version 5.4.30
MySQL version 5.5.36-cll
GD image library bundled (2.1.0 compatible)
Multibyte string support Enabled
Upload limit 30M
Memory limit 256M
Open remote files (allow url fopen) Yes

[qoute]
Joomla's debug doesn't display debug when I get error 500 page. here is what i found on my logs folder today.

<b>jcontroller.log.php</b>

#<?php die('Forbidden.'); ?>
#Date: 2014-08-05 04:01:30 UTC
#Software: Joomla Platform 13.1.0 Stable [ Curiosity ] 24-Apr-2013 00:00 GMT

#Fields: datetime priority category message
2014-08-05T04:01:30+00:00 INFO controller Holding edit ID com_menus.edit.item.164 Array ( [0] => 164 )
[/qoute]

These are warnings not actual errors.
They will not cause error or alter your site's functionality.

Is there a Fatal Error recorded?

Also since this is a global issue it is probably unrelated to K2.
Is your site experiencing heavy traffic? It could be mySql crashing and causing tables to lock. Have you tried repairing your DB tables?

Yes, i use some derectives from master htaccess protection: docs.joomla.org/Htaccess_examples_%28security%29

No security extensions used by me.

Thx, for fast reply.

Here is the full .htaccess file, failed to put under spoiler sorry:

IndexIgnore *
Options +FollowSymLinks All -Indexes

## Mod_rewrite in use.

RewriteEngine On

########## Begin - File execution order, by Komra.de
DirectoryIndex index.php index.html
########## End - File execution order

## Удаляем .html c конца URL
RewriteRule ^index.html$ / [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} \.html$
RewriteRule ^(.*)\.html$ /$1 [R,L]
## Удаляем .html c конца URL

RewriteCond %{HTTP_HOST} ^mysite\.ru
RewriteRule ^(.*)$ www.mysite.ru/$1 [R=permanent,L]

## Фильтруем кавычки в url
RewriteRule ^(.*) /$1 [R=301,L]
## Фильтруем кавычки в url

## Удаляем слеш с конца урл
RewriteCond %{REQUEST_URI} ^.*/$ [NC]
RewriteCond %{REQUEST_URI} !^/administrator
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
## Удаляем слеш с конца урл

<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php)$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>

########## Begin - Add optional bad user agent or IP blocking code
#
# If you need to block certain user agents or IP addresses and
# other signatures, place that code here. Ensure the rules use
# the correct RewriteRule syntax and the [F] flag.
#
########## End - Add optional bad user agent or IP blocking code

########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# If the request query string contains /proc/self/environ (by SigSiu.net)
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
# (these attacks wouldn't work w/out Joomla! 1.5's Legacy Mode plugin)
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode or base64_decode data within the URL
RewriteCond %{QUERY_STRING} base64_(en|de)code[^(]*\([^)]*\) [OR]
## IMPORTANT: If the above line throws an HTTP 500 error, replace it with these 2 lines:
# RewriteCond %{QUERY_STRING} base64_encode\(.*\) [OR]
# RewriteCond %{QUERY_STRING} base64_decode\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
########## End - Rewrite rules to block out some common exploits

########## Begin - File injection protection, by SigSiu.net
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
########## End - File injection protection

########## Begin - Basic antispam Filter, by SigSiu.net
## I removed some common words, tweak to your liking
## This code uses PCRE and works only with Apache 2.x.
## This code will NOT work with Apache 1.x servers.
RewriteCond %{QUERY_STRING} \b(ambien|blue\spill|cialis|cocaine|ejaculation|erectile)\b [NC,OR]
RewriteCond %{QUERY_STRING} \b(erections|hoodia|huronriveracres|impotence|levitra|libido)\b [NC,OR]
RewriteCond %{QUERY_STRING} \b(lipitor|phentermin|pro[sz]ac|sandyauer|tramadol|troyhamby)\b [NC,OR]
RewriteCond %{QUERY_STRING} \b(ultram|unicauca|valium|viagra|vicodin|xanax|ypxaieo)\b [NC]
## Note: The final RewriteCond must NOT use the [OR] flag.
RewriteRule .* - [F]
## Note: The previous lines are a "compressed" version
## of the filters. You can add your own filters as:
## RewriteCond %{QUERY_STRING} \bbadword\b [NC,OR]
## where "badword" is the word you want to exclude.
########## End - Basic antispam Filter, by SigSiu.net

########## Begin - Advanced server protection - query strings, referrer and config
# Advanced server protection, version 3.2 - May 2011
# by Nicholas K. Dionysopoulos

## Disallow PHP Easter Eggs (can be used in fingerprinting attacks to determine
## your PHP version). See www.0php.com/php_easter_egg.php and
## osvdb.org/12184 for more information
RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]
RewriteRule .* - [F]

## SQLi first line of defense, thanks to Radek Suski (SigSiu.net) @
## www.sigsiu.net/presentations/fortifying_your_joomla_website.html
## May cause problems on legitimate requests
RewriteCond %{QUERY_STRING} concat[^\(]*\( [NC,OR]
RewriteCond %{QUERY_STRING} union([^s]*s)+elect [NC,OR]
RewriteCond %{QUERY_STRING} union([^a]*a)+ll([^s]*s)+elect [NC]
RewriteRule .* - [F]

## Referrer filtering for common media files. Replace with your own domain name.
## This blocks most common fingerprinting attacks ;)
## Note: Change www\.example\.com with your own domain name, substituting the
## dots with \. i.e. use www\.example\.com for www.example.com
RewriteRule ^(images/stories/([^.]+)\.(jpe[g2]?|jpg|png|gif|bmp|css|js|swf|ico|html?))$ - [L]
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^https?://(www\.)?mysite\.ru [NC]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule \.(jp(e?g|2)?|png|gif|bmp|css|js|swf|ico)$ - [F]

## Disallow visual fingerprinting of Joomla! sites (module position dump)
## Initial idea by Brian Teeman and Ken Crowder, see:
## www.slideshare.net/brianteeman/hidden-joomla-secrets
## Improved by @nikosdion to work more efficiently and handle template
## and tmpl query parameters
RewriteCond %{QUERY_STRING} (^|&)tmpl=(component|system) [NC]
RewriteRule .* - [L]
RewriteCond %{QUERY_STRING} (^|&)t(p|emplate|mpl)= [NC]
RewriteRule .* - [F]

## Disallow access to htaccess.txt, configuration.php, configuration.php-dist and php.ini
RewriteRule ^(htaccess\.txt|configuration\.php(-dist)?|php\.ini)$ - [F]

########## End - Advanced server protection - query strings, referrer and config

########## Begin - Advanced server protection rules exceptions ####
##
## These are sample exceptions to the Advanced Server Protection 3.1
## rule set further down this file.
##
## Allow UddeIM CAPTCHA
##RewriteRule ^components/com_uddeim/captcha15\.php$ - [L]
## Allow Phil Taylor's Turbo Gears
##RewriteRule ^plugins/system/GoogleGears/gears-manifest\.php$ - [L]
## Allow JoomlaWorks AllVideos
##RewriteRule ^plugins/content/jw_allvideos/includes/jw_allvideos_scripts\.php$ - [L]
## Allow Admin Tools Joomla! updater to run
##RewriteRule ^administrator/components/com_admintools/restore\.php$ - [L]
## Allow Akeeba Backup Professional's integrated restoration script to run
##RewriteRule ^administrator/components/com_akeeba/restore\.php$ - [L]
## Allow Akeeba Kickstart
##RewriteRule ^kickstart\.php$ - [L]

# Add more rules to single PHP files here

## Allow Agora attachments, but not PHP files in that directory!
##RewriteCond %{REQUEST_FILENAME} !(\.php)$
##RewriteCond %{REQUEST_FILENAME} -f
##RewriteRule ^components/com_agora/img/members/ - [L]

# Add more rules for allowing full access (except PHP files) on more directories here

## Uncomment to allow full access to the cache directory (strongly not recommended!)
#RewriteRule ^cache/ - [L]
## Uncomment to allow full access to the tmp directory (strongly not recommended!)
#RewriteRule ^tmp/ - [L]

# Add more full access rules here

########## End - Advanced server protection rules exceptions ####

########## Begin - Advanced server protection - paths and files
# Advanced server protection, version 3.2 - May 2011
# by Nicholas K. Dionysopoulos

## Back-end protection
## This also blocks fingerprinting attacks browsing for XML and INI files
RewriteRule ^administrator/?$ - [L]
RewriteRule ^administrator/index\.(php|html?)$ - [L]
RewriteRule ^administrator/index[23]\.php$ - [L]
RewriteRule ^administrator/(components|modules|templates|images|plugins)/([^/]+/)*([^/.]+\.)+(jp(e?g|2)?|png|gif|bmp|css|js|ico|swf|html?|mp(eg?|[34])|avi|wav|og[gv]|xlsx?|docx?|pptx?|zip|rar|pdf|xps|txt|7z|svg|od[tsp]|flv|mov)$ - [L]
RewriteRule ^administrator/ - [F]

## Explicitly allow access only to XML-RPC's xmlrpc/index.php or plain xmlrpc/ directory
RewriteRule ^xmlrpc/(index\.php)?$ - [L]
RewriteRule ^xmlrpc/ - [F]

## Disallow front-end access for certain Joomla! system directories
RewriteRule ^includes/js/ - [L]
RewriteRule ^(includes|language|libraries|logs|tmp)/ - [F]

## Allow limited access for certain Joomla! system directories with client-accessible content
RewriteRule ^(components|modules|plugins|templates)/([^/]+/)*([^/.]+\.)+(jp(e?g|2)?|png|gif|bmp|css|js|ico|swf|html?|mp(eg?|[34])|avi|wav|og[gv]|xlsx?|docx?|pptx?|zip|rar|pdf|xps|txt|7z|svg|od[tsp]|flv|mov)$ - [L]
## Uncomment this line if you have extensions which require direct access to their own
## custom index.php files. Note that this is UNSAFE and the developer should be ashamed
## for being so lame, lazy and security unconscious.
# RewriteRule ^(components|modules|plugins|templates)/([^/]+/)*(index\.php)?$ - [L]
## Uncomment the following line if your template requires direct access to PHP files
## inside its directory, e.g. GZip compressed copies of its CSS files
# RewriteRule ^templates/([^/]+/)*([^/.]+\.)+php$ - [L]
RewriteRule ^(components|modules|plugins|templates)/ - [F]

## Disallow access to rogue PHP files throughout the site, unless they are explicitly allowed
RewriteCond %{REQUEST_FILENAME} \.php$
RewriteCond %{REQUEST_FILENAME} !/index[23]?\.php$
## The next line is to explicitly allow the forum post assistant(fpa-xx)script to run
RewriteCond %{REQUEST_FILENAME} !/fpa-[a-z]{2}\.php
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^([^/]+/)*([^/.]+\.)+php$ - [F]

########## End - Advanced server protection - paths and files

########## Begin - Google Apps redirection, by Komra.de
## Uncomment the following line to enable:
# RewriteRule ^mail mail.google.com/a/example.com [R=301,L]
## If the above doesn't work on your server, try this:
## RewriteRule ^mail mail.google.com/a/example.com [R,L]
########## End - Google Apps redirection

########## Begin - Redirect index.php to /
## Note: Change example.com to reflect your own domain name
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^index\.php$ http%2://www.mysite.ru/$1 [R=301,L]
## If the above line throws a 500 error, change [R=301,L] to [R,L]
########## End - Redirect index.php to /

########## Begin - Joomla! core SEF Section
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for the site root, or for an extensionless URL,
# or the requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw|ini|zip|json|file))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
########## End - Joomla! core SEF Section

ServerSignature Off

RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{THE_REQUEST} (\\r|\\n|%0A|%0D) [NC,OR]

RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (libwww-perl|curl|wget|python|nikto|scan) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC,OR]

#Block mySQL injects
RewriteCond %{QUERY_STRING} (;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark) [NC,OR]

RewriteCond %{QUERY_STRING} \.\./\.\. [OR]

RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
RewriteCond %{QUERY_STRING} \.[a-z0-9] [NC,OR]
RewriteCond %{QUERY_STRING} (<|>|’|%0A|%0D|%27|%3C|%3E|%00) [NC]
# Note: The final RewriteCond must NOT use the [OR] flag.

# Return 403 Forbidden error.
RewriteRule .* index.php [F]

AddDefaultCharset utf-8

php_value max_execution_time 180
php_value memory_limit 512M

ErrorDocument 404 www.mysite.ru/error404



########## Block bad user agents
## The following list may include bots that no longer exist or are not a problem
## for your site. The list will always be incomplete and it is therefore wise to
## follow discussions on one of the many "security" mailing lists or on a forum
## such as www.webmasterworld.com/search_engine_spiders/
## It is also unwise to rely on this list as your ONLY security mechanism.
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ This email address is being protected from spambots. You need JavaScript enabled to view it. [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
## Note: The final RewriteCond must NOT use the [OR] flag.

## Return 403 Forbidden error.
RewriteRule .* - [F]

Hello,

I've got a Joomla 3.3.1 website with K2 2.6.8.

I've got six extra fields, and all but one of them can save without any problems. The one that has a problem saving has 1,400 options in its multi-select setup. When I click Save or Apply I get dumped to the Joomla Dashboard and the save process does not take.

I've already tested a number of scenarios including:

1.) The issue is not with a certain extra field value (such as a character) - it seems to fail if the k2_extra_fields database value is over 44KB in size which is right around 500 extra fields.
2.) I've already changed column value in k2_extra_fields from text to mediumtext and longtext

I'm running PHP 5.3.28, MySQL 5.5.37, 128MB Memory Limit.

Any ideas or pointers? Enabling error reporting at maximum does not product any errors, and there are no errors in error_log in the root of the Joomla installation.

Ciao ragazzi,
ho appena installato K2 e mi sono imbattuto nel primo problema.
In frontpage quando clicco sul link di qualsiasi articolo appare il seguente messaggio di errore.

1214 - The used table type doesn't support FULLTEXT indexes SQL=select c.`id`, c.`title` as article_title, c.`alias` as article_alias, c.`introtext` as article_text, c.`created` as article_created, c.`created_by` as article_created_by, u.name from nuvrj_k2_items c, nuvrj_users u where MATCH (c.`title`, c.`introtext`) AGAINST ('cree led' IN BOOLEAN MODE) and u.id=c.created_by and u.id=1476 and c.`id` <> 3238 order by c.`created` desc limit 0, 6


Sapete dirmi dove posso intervenire per risolvere il problema?

Grazie!

I am finding a Blind SQL Injection issue with K2. This seems serious to me and my customer who ran the security scan will hold up production and wants me to make this a formal report.
I have a simple use case, consider the URL
/component/k2/itemlist/filter?moduleId=699&Itemid=905
This is a fairly typical URL to search for a list
Now add this code in the middle %20%2B%20(SELECT%200%20FROM%20(SELECT%20SLEEP(28))qsqli_1111)%20&
This forms the URL
/component/k2/itemlist/filter?moduleId=699 %2B (SELECT 0 FROM (SELECT SLEEP(29))qsqli_1111) &Itemid=905
This will also "work" but has a significant delay whilst it sleeps, lower the number in the sleep statement and it sleeps less. Seems to me a clear opening for an injection error.
I do not believe this is a result of the K2 Search and Filter module used to create the initial URL because even if those modules are unpublished the basic url's still work, that module simply looks them up and builds them from user selections. So to me this is a k2 issue and possible a joomla core issue if you guys use the same parts. In any event can someone look into this???

Of course.

You need to apply this patch. github.com/joomlaworks/k2/commit/9b4c27b60034bc80def73a0c28cd4a15bf81cd38

Okay, but in the last stable version 2.6.8 .. there is a problem with publishing time .. always shows 00:00 .. is there any way fix this?

Thanks )

Does it work with 2.7.0 ?
You can download older versions from here: getk2.org/downloads/ but sadly not the DEV ones.

I've try it .. but i prefer 2.6.9. Can I download it again, because I save 2.7 over the 2.6.9 on my computer.

Thanks.

Same place where you donwloaded the 2.6.9
getk2.org/assets/get/

From where can I download 2.7 dev?

Thanks.

Can you try with the latest DEV version (2.7.0) ?
Just in case (a real longshot) take a backup before updating.

1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')}' at line 1 SQL=DELETE FROM #_k2_tags_xref WHERE itemID={intval(

Hello,

does anyone know how to fix this? It shows when update to Joomla 3.3.1 when try to add new item. I'm using K2 v2.6.9 (dev build).

Thanks.

Hello

I try to install K2 component for many times but always get

Fatal error: Class 'K2HelperHTML' not found in public_html/administrator/components/com_k2/k2.php on line 77.

Versions of K2 that I try to install are 2.6.8 and 2.6.7 but all of them get that error. Do you know how should I do?

And these are my website information

1. Hosting : Hostgator
2. Joomla 3.3.1
3. Rocket Theme : Corvus
4. OS Linux g
5. PHP 5.4.29
6. MySQLi 5.5.33-31.1

Other components which can interact with K2:

1. roksprocket
2. ganty framework
3. JCE editor

I have the same issue, fresh install of Joomla 3.3 and I try to install K2 2.6.8 and get this error...
Table 'joomla_1gki3cllhd.y5zp7_k2_categories' doesn't exist SQL=SHOW FULL COLUMNS FROM `y5zp7_k2_categories`

I get it the message shortly after hitting upload & install in the extension manager. I have not messed around with the database at all. I agree that the table isn't there, but why should it be I am just trying to install K2 now so why would I already have K2 related tables? Any help would be greatly appreciated.

Hello,

I have K2 2.6.8, Joomla 3.3.1

When I edit "Category Item Layout" and click save, I receive the error below. It just happen today, never had this error before since working with K2 for almost 2 years. Please advise.

Thank you,

M


An error has occurred.

1213 Deadlock found when trying to get lock; try restarting transaction SQL=UPDATE `xxxx_finder_terms` AS t INNER JOIN `xxxx_finder_links_termse` AS m ON m.term_id = t.term_id SET t.links = t.links - 1 WHERE `link_id` = 6441 AND m.link_id = '6441'

Hello everyone,

I tried installing K2_v2.6.8.zip on Joomla! 3.3.0 but it kept failing with a 1146 error,
stating that the *_k2_* tables did not exist.

Background:

- HTTP server: nginx/1.2.1
- Scripting: PHP 5.4.4-14+deb7u9
- DB: mysql Ver 15.1 Distrib 10.0.11-MariaDB

Given that structure is quite tested and running (we're hosting a hundred other websites)
and the privileges on the DB are ok, I made it work by

- unzipping the source (K2_v2.6.8.zip)
- editing the file "administrator/components/com_k2/install.mysql.sql"
- creating tables by hand (user is the same of "configuration.php")
- commenting the whole file
- zipping back everything
- upload and install

Now it works.
I think the problem was something related to the table names
(e.g.: CREATE TABLE IF NOT EXISTS `#__k2_attachments`)
where the "#_" sign gets replaced.

To cut it short, I don't know which was the exact matter.

Hope someone finds it useful,

Hi. The information you provided is inadequate. Clarify what's going on. You say you cannot access items or categories. Are you getting a message from Joomla! A meesage from the browser? A blank screen? An empty list ? Also try to enable Joomla! debugger to see any SQL errors.

I am getting the same error as above. I have tried installing K2 a couple of times...Still getting the error msg

jos1.jos_k2_items' doesn't exist SQL=SHOW FULL COLUMNS FROM `jos_k2_items`


this is on joomla 3.3