English version - phpBB2 by Przemo 1.12.6 UPDATE 1
Matteo - 30-08-2010, 13:01 Temat postu: phpBB2 by Przemo 1.12.6 UPDATE 1 In connection with the possibility of XSS attack, please perform the following changes to the forum code:
admin/admin_mass_email.php
FIND: Kod: | mass_email('', '', '', '', '', $HTTP_GET_VARS['start']); |
REPLACE WITH: Kod: | mass_email('', '', '', '', '', intval($HTTP_GET_VARS['start'])); |
groupcp_mail.php
FIND: Kod: | mass_email('', $userdata['user_email'], '', '', '', $HTTP_GET_VARS['start']); |
REPLACE WITH: Kod: | mass_email('', $userdata['user_email'], '', '', '', intval($HTTP_GET_VARS['start'])); |
common.php
FIND: Kod: | $PHP_SELF = ($HTTP_SERVER_VARS['PHP_SELF']) ? $HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_ENV_VARS['PHP_SELF']; |
BEFORE, ADD: Kod: | if (isset($HTTP_GET_VARS['sid']) && !preg_match('/^[A-Za-z0-9]*$/', $HTTP_GET_VARS['sid']))
{
$HTTP_GET_VARS['sid'] = '';
}
if (isset($HTTP_POST_VARS['sid']) && !preg_match('/^[A-Za-z0-9]*$/', $HTTP_POST_VARS['sid']))
{
$HTTP_POST_VARS['sid'] = '';
}
|
viewtopic.php
FIND: Kod: | $reply_topic_back_url = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postdays=0&postorder=0&start=" . ($HTTP_GET_VARS['cp'] * $user_posts_per_page));
message_die('GENERAL_MESSAGE', sprintf($lang['Loser_protect'], $HTTP_GET_VARS['cp'], $HTTP_GET_VARS['ap'], '<a href="' . $reply_topic_back_url . '">', '</a>', '<a href="' . $reply_topic_url . '">', '</a>')); |
REPLACE WITH: Kod: | $reply_topic_back_url = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&postdays=0&postorder=0&start=" . (intval($HTTP_GET_VARS['cp']) * $user_posts_per_page));
message_die('GENERAL_MESSAGE', sprintf($lang['Loser_protect'], intval($HTTP_GET_VARS['cp']), intval($HTTP_GET_VARS['ap']), '<a href="' . $reply_topic_back_url . '">', '</a>', '<a href="' . $reply_topic_url . '">', '</a>')); |
includes/functions_hierarchy.php
FIND: Kod: | $link = '<a href="' . $wpgm . '" title="' . $wdesc . '" class="gensmall"' . $style_color . '>' . $wname . '</a>'; |
REPLACE WITH: Kod: | $link = '<a href="' . $wpgm . '" title="' . htmlspecialchars(strip_tags($wdesc)) . '" class="gensmall"' . $style_color . '>' . $wname . '</a>'; |
includes/functions_validate.php
FIND: Kod: | if (strstr($username, '"') || strstr($username, '&') || strstr($username, chr(160)) || strstr($username, ' ') || strstr(stripslashes($username), '\\') || strstr(stripslashes($username), '%') ) |
REPLACE WITH: Kod: | if (strstr($username, '"') || strstr($username, '&') || strstr($username, chr(160)) || strstr($username, chr(173)) || strstr($username, ' ') || strstr(stripslashes($username), '\\') || strstr(stripslashes($username), '%') ) |
admin/admin_priv_msgs.php
FIND: Kod: | $delete = (isset($HTTP_GET_VARS['delete'])) ? $HTTP_GET_VARS['delete'] : $HTTP_POST_VARS['delete']; |
REPLACE WITH: Kod: | $delete = (isset($HTTP_GET_VARS['delete'])) ? intval($HTTP_GET_VARS['delete']) : intval($HTTP_POST_VARS['delete']); |
FIND: Kod: | $start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0; |
REPLACE WITH: Kod: | $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; |
privmsg.php
FIND: Kod: | OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) "; |
REPLACE WITH: Kod: | OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) "; |
FIND: Kod: | $min_msg_time = CR_TIME - ($msg_days * 86400); |
REPLACE WITH: Kod: | $min_msg_time = CR_TIME - ($msg_days * 60); | Comment: Several people reported to me about writing code to convert the same. No. In the word UNREAD is replaced letter R and E.
templates/*/login_body.tpl
FIND: Kod: | <td><input type="password" name="password" size="25" maxlength="25" class="post2" onFocus="Active(this)" onBlur="NotActive(this)" /></td> |
REPLACE WITH: Kod: | <td><input type="password" name="password" size="25" maxlength="40" class="post2" onFocus="Active(this)" onBlur="NotActive(this)" /></td> |
For the lazy and people who haven't other modifications - I recommend to download package from main page and overwrite files (except config.php).
For all the people who don't yet update forum to 1.12.6 version - download the new version (from main page too).
For people who don't want to modify files manually - I attach a file .patch, which update forum from version 1.12.6 to 1.12.6p1.
(official content, thanks to chelloPL)
|
|
|