Hi Everyone
I am running moodle 3.4.3.
I have installed boost training 3.1 (the latest version) and would like to change the background picture.
There doesn't appear to be a setting in appearance to do that. I can change banners boxes, icons etc but not the background image.
It seems odd to have all the other settings and not this one? What am I missing please?
cheers
Karen
Hi Karen,
Indeed the theme does not appear to have a change the background setting: https://github.com/EduardoKrausME/moodle-theme_boost_training/blob/master/settings.php.
Therefore:
G
Hi Karen,
I am not sure what Gareth may think of this theme, but I am always suspicious when a theme hides an image as a base64 format. One such image exists in this particular theme in the boost_training/scss/boost_training.scss file. Here is a link to it. https://github.com/EduardoKrausME/moodle-theme_boost_training/blob/master/scss/boost_training.scss#L84
Yes I know it is not active, but it could be if the // were removed!
I have reported other themes for this type of hidden coding where the image acts as a tracker to see where the theme is being used, and for all anyone knows it could be a potential security risk for anyone using such a theme.
The fact it has been Passed by Moodle must mean that it is OK, but even so...there is always room for DOUBT!
Hope you found this helpsful?
Mary
Whats bad about base 64 encoded png files? How can you use it to track websites that use the theme? Do search engine robots index them?
Ok.... given the statement "I have reported other themes for this type of hidden coding where the image acts as a tracker to see where the theme is being used, and for all anyone knows it could be a potential security risk for anyone using such a theme." - what evidence you you have to support this assertion?
Hi Mary
Thanks for the reply.
I want all the features to be customisable easily and dont have the expertise (or patience) for CSS or HTML.
I have been thinking I might therefore need to go to a commercial theme like Lambda. Is there an overall general consensus on a reliable theme for bootstrap 4? Lambda is bootstrap 2 ? WIll it matter?
cheers
Karen
I'm not a fan of hidden encode/decoding of stuff. Too easy to hide malicious code on the end user.
Ok.... RE "Too easy to hide malicious code on the end user."... again, evidence please. Where are the reports of base 64 encoded png files being used to hide malicious code that is hidden?
We've had several issues with other CMS's where when hacked this is the preferred method to hide the code. Purely based on past experience.
Just because it is used appropriately in this theme doesn't mean it is good or best practice.
