4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
August 19, 2018, 09:39:39 PM

Login with username, password and session length
Search:     Advanced search
You're looking for some 4images templates and styles? Then visit this thread to show websites with 4images templates to download.
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Help / Hilfe
| |-+  Bug Fixes & Patches
| | |-+  [1.7 - 1.7.3] Security fix for Cross-Site Scripting Vulnerability
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: «« « 1 [2] 3 4 » »» Print
Author Topic: [1.7 - 1.7.3] Security fix for Cross-Site Scripting Vulnerability  (Read 148464 times)
RoadDogg
Sr. Member
****
Offline Offline

Posts: 488

Thank You
-Given: 1
-Receive: 1


View Profile WWW
« Reply #15 on: October 21, 2006, 10:01:40 PM »

Thank you verry much!
Logged

For support requests please don´t forget link to your Gallery/to phpinfo.php
1
2
3
<?
phpinfo()
?>
safe_mode must turned OFF
Please check Error Messages
devilsoulblack
Pre-Newbie

Offline Offline

Posts: 6

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #16 on: October 21, 2006, 10:43:33 PM »

thanks dude
Logged
ahmad
Newbie
*
Offline Offline

Posts: 14

Thank You
-Given: 0
-Receive: 1

Ahmad Alfy


View Profile WWW
« Reply #17 on: October 21, 2006, 10:56:35 PM »

Thanks for the fix dude
updating my gallery now !
Logged

beach-baer
Newbie
*
Offline Offline

Posts: 20

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #18 on: October 21, 2006, 11:02:23 PM »

Das klappt wie immer Prima bei euch Very Happy, Thanks
Logged
Sternie
Newbie
*
Offline Offline

Posts: 47

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #19 on: October 21, 2006, 11:04:50 PM »

kann mir das bitte nochmal jemand verdeutschen, um was für ein Security Fix es sich handelt und wo genau ich die Zeile einsetzen soll? Genau unter die Zeile zwischen die Zeile und der darunterbefindlichen klammer?
Logged
Nicky
Administrator
4images Guru
*****
Offline Offline

Posts: 3195

Thank You
-Given: 26
-Receive: 56


View Profile
« Reply #20 on: October 21, 2006, 11:13:27 PM »

damit wird eine sicherheits lücke geschlossen

wenn du v 1.7.2 oder 1.7.3 hast
öffne global.php und suche nach
1
$mode = (isset($HTTP_POST_VARS['mode'])) ? stripslashes(trim($HTTP_POST_VARS['mode'])) : stripslashes(trim($HTTP_GET_VARS['mode']));

oder wenn du 1.7 bis 1.7.1 hast
suche nach
1
$mode = (isset($HTTP_GET_VARS['mode'])) ? stripslashes(trim($HTTP_GET_VARS['mode'])) : stripslashes(trim($HTTP_POST_VARS['mode']));

gleich drunter füge diese zeile ein

1
$mode = preg_replace("/[^a-z0-9]+/i", "", $mode);

so.. hoffe dies war in gutem deutsch Smile

grüsse von einem nicht deutschen Wink
Logged

cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi
Sternie
Newbie
*
Offline Offline

Posts: 47

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #21 on: October 21, 2006, 11:21:10 PM »

danke Nicky  Very Happy grade bei solchen 'komplizierten' Sachen in denen ich mich absolut nicht auskenne bin ich mir in meinem Stolperenglisch immer zu unsicher irgendetwas auf GutGlück zu machen Smile

War eine gute deutsche Anweisung Smile

Sieht jetzt bei mir so aus:

$mode = (isset($HTTP_POST_VARS['mode'])) ? stripslashes(trim($HTTP_POST_VARS['mode'])) : stripslashes(trim($HTTP_GET_VARS['mode']));
  $mode = preg_replace("/[^a-z0-9]+/i", "", $mode);
}

richtig?
Logged
Nicky
Administrator
4images Guru
*****
Offline Offline

Posts: 3195

Thank You
-Given: 26
-Receive: 56


View Profile
« Reply #22 on: October 21, 2006, 11:24:09 PM »

schönheitsfehler *g*

1
2
  $mode = (isset($HTTP_POST_VARS['mode'])) ? stripslashes(trim($HTTP_POST_VARS['mode'])) : stripslashes(trim($HTTP_GET_VARS['mode']));
  $mode = preg_replace("/[^a-z0-9]+/i", "", $mode);

so ist viel schöner Wink
Logged

cheers
Nicky
Your first three "must do" before you ask a question ! (© by V@no)
- please read the Forum Rules ...
- please study the FAQ ...
- please try to Search for your answer ...

nicky.net 4 4images
Signature stolen from mawenzi
Sternie
Newbie
*
Offline Offline

Posts: 47

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #23 on: October 21, 2006, 11:26:44 PM »

danke schön, so steht es auch in der Datei, hab hier aber diese Codebox zum Posten nicht gefunden  Embarassed
Logged
ladyoz
Newbie
*
Offline Offline

Posts: 15

Thank You
-Given: 0
-Receive: 0


View Profile WWW
« Reply #24 on: October 22, 2006, 12:32:34 AM »

Thanks muchly guys  Very Happy
Logged

Despite the cost of living, it's still popular ...
Stinus
Newbie
*
Offline Offline

Posts: 12

Thank You
-Given: 0
-Receive: 0


View Profile WWW
« Reply #25 on: October 22, 2006, 01:03:52 AM »

Thank you verry much. Wink
Updatet.
Logged

Stian


A site about Old Fire Truck - Gallery - Forum
haythamghareeb
Newbie
*
Offline Offline

Posts: 11

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #26 on: October 22, 2006, 01:43:04 AM »

Thanks  Laughing
Logged
Matpatnik
Pre-Newbie

Offline Offline

Posts: 3

Thank You
-Given: 0
-Receive: 0


View Profile WWW
« Reply #27 on: October 22, 2006, 03:17:09 AM »

cool thank you Very Happy
Logged
Playgirl
Pre-Newbie

Offline Offline

Posts: 2

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #28 on: October 22, 2006, 06:12:07 AM »

Thank you Very Happy
Logged
Syslord
Pre-Newbie

Offline Offline

Posts: 8

Thank You
-Given: 0
-Receive: 0


View Profile WWW
« Reply #29 on: October 22, 2006, 10:11:54 AM »

Nice Thank you
Logged


Pages: «« « 1 [2] 3 4 » »» Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.053 seconds with 19 queries.