Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - matab

Pages: [1] 2 3
1
Hi there ...

This problem was solved long time ago

You have two ways : -

1 / to put this ( http://www. ) in homepage field  .

or

2 / to remove homepage code from ur template

open (member_editprofile.html)
remove this code :
Code: [Select]
<td class="row1"><b>{lang_homepage}</b></td>
<td class="row1"><input type="text" name="user_homepage"  size="30" value="{user_homepage}" class="input" /></td>

2
Feedback & Suggestions / Re: for security ( .htaccess )
« on: March 05, 2008, 11:21:31 PM »
:| sorry guys

I want to know what u says
so plz any one can put reply in english ... so that I can answer it ..


3
Feedback & Suggestions / for security ( .htaccess )
« on: March 05, 2008, 02:15:41 PM »
hello guys ..

why we don't protect folder ( data & Sub-files ) that have Permissions 777 .. by

.htaccess
that contain this code :

Quote
php_flag engine off

RemoveType .php .php3 .phtml .pl .cgi .html .htm .asp .aspx

for not allow any one can upload ( shell ) in our 4images  ...


4
Now I understand  8)

Quote
BUT remember.... all added mods and changes in your php files and templates will be lost...

ooh god .. I added alot of mods in my 4images .. I will add it again now 8O


thx alooot Nicky  :oops:

5
Language Packs / Re: [Language] Arabic for V1.7.6
« on: March 05, 2008, 01:52:57 PM »
Sorry about the delay guys ...

Ahm@d

I'm not sure IF that problem is from lang files ...
however ..plz change

in ( main.php ) :

Code: [Select]
$lang['charset'] = "UTF8";
TO :

Code: [Select]
$lang['charset'] = "windows-1256";


and if that problem not show in (( Internet Explorer ))

that mean ur firefox is not support Arabic lang ...

plz check again


6
hello there ...

Nicky ....... I have one question  :|

is that how we upload our 4images ... I mean when I finished from upload files and folders, I will ready for 1.7.6
or is there any special file for upload after we upload files and folders ??

and what about those files :

Quote
update_1.0_to_1.5.php
update_1.5_to_1.6.php
update_1.6.1_to_1.7.php
update_RC-1_to_RC-2.php

it used for what ??


7
Chit Chat / How he did that?
« on: March 04, 2008, 02:28:47 PM »
Hello guys ...

today there was penetrate in my website by file Shell ..
that I found it in this path ( 4images/data/XXX.php )
my Q is ...
He ( upload or put ) his shell in that path , WHO ?!
I mean not in that path ( 4images/data/media/XXX.php )
from where he did it  ?


my v. 4images 1.7.4
php 4

8
Language Packs / Re: [Language] Arabic for V1.7.6
« on: February 08, 2008, 11:24:37 AM »
Note : there was Error in file main.php ( " ) so I fixed now

plz , download the lang file again ,,, and sorry Guys  :oops:

9
Language Packs / Re: [Language] Arabic for V1.7.6
« on: February 08, 2008, 06:42:00 AM »
u r welcome
and nice to met u again nicky  :wink:

10
Language Packs / [Language] Arabic for V1.7.6
« on: February 07, 2008, 01:48:22 PM »
Hello everyone

this is Arabic language for V1.7.6

translation by Matab ( me ) :wink: , for ( 4homepages.de ) ..

the Language file in attachments


Best wishes

11
مرحبا بكم جميعاً
hello every one


اخواني هذا حل لمشكلة قدم قبول الالبوم للاسامي العربية
this solution is for the problem that member can't register with Arabic names .

حلت هذه المشكلة بواسطة : thunderstrike , nicky, Jan
Solved this problem by : thunderstrike , nicky, Jan


افتح ملف global.php
open file global.php

ابحث عن
find :

Code: [Select]
function clean_array($array) {
  $search = array(
    // Remove any attribute starting with "on" or xmlns
    '#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',
    // Remove javascript: and vbscript: protocol
    '#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    '#([a-z]*)[\x00-\x20]*=([\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu',
    //<span style="width: expression(alert('Ping!'));"></span>
    // Only works in ie...
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',
    '#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu'
  );

  $replace = array(
    "$1>",
    '$1=$2nojavascript...',
    '$1=$2novbscript...',
    "$1>",
    "$1>",
    "$1>"
  );

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search2 =
      "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace2 = //str_repeat("\r", strlen($search2));
      "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  foreach ($array as $key => $val) {
    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = preg_replace($search, $replace, $val);

      $val = str_replace("\r\n", "\n", $val);
      $val = str_replace("\r",   "\n", $val);
      $val = strtr($val, $search2, $replace2);
      $val = str_replace("\r", '', $val);  // \r === \x0D

      do {
        $oldval = $val;
        $val = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i', "", $val);
      } while ($oldval != $val);
    }

    $array[$key] = $val;
  }

  return $array;
}


استبدلها بـ
replace with

Code: [Select]
function clean_string($string) {
  $canCheckUTF8Error = defined('PREG_BAD_UTF8_ERROR') && function_exists('preg_last_error');

  // Remove any attribute starting with "on" or xmlns
  $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+[\x00-\x20\"\'])(on|xmlns)[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove javascript: and vbscript: protocol
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2nojavascript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2nojavascript...',$string);
  }
  $string = $tmp;
  $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iUu','$1=$2novbscript...',$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iU','$1=$2novbscript...',$string);
  }
  $string = $tmp;

  // <span style="width: expression(alert('Ping!'));"></span>
  // only works in ie...
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*expression[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $string = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*behaviour[\x00-\x20]*\([^>]*>#iU',"$1>",$string);
  $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iUu',"$1>",$string);
  if ($canCheckUTF8Error && (PREG_BAD_UTF8_ERROR == preg_last_error())) {
      $tmp = preg_replace('#(<[^>]+)style[\x00-\x20]*=[\x00-\x20]*([\`\'\"]*).*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:*[^>]*>#iU',"$1>",$string);
  }
  $string = $tmp;

  // Remove namespaced elements (we do not need them...)
  $string = preg_replace('#</*\w+:\w[^>]*>#i',"",$string);

  // Remove all control (i.e. with ASCII value lower than 0x20 (space),
  // except of 0x0A (line feed) and 0x09 (tabulator)
  $search =
    "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x0B\x0C\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
  $replace = //str_repeat("\r", strlen($search2));
    "\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D\x0D";

  $string = str_replace("\r\n", "\n", $string);
  $string = str_replace("\r",   "\n", $string);
  $string = strtr($string, $search, $replace);
  $string = str_replace("\r", '', $string);  // \r === \x0D

  // Remove really unwanted tags
  do {
    $oldstring = $string;
    $string = preg_replace('#</*(applet|meta|xml|blink|link|style|script|embed|object|iframe|frame|frameset|ilayer|layer|bgsound|title|base)[^>]*>#i',"",$string);
  } while ($oldstring != $string);

  return $string;
}

function clean_array($array) {
  foreach ($array as $key => $val) {
    $key = clean_string($key);

    if (is_array($val)) {
      $val = clean_array($val);
    } else {
      $val = clean_string($val);
    }

    $array[$key] = $val;
  }

  return $array;
}

ملاحظة : إذا لم يعمل معك هذا الحل مباشرة , قم بمسح الاعضاء والمحاوله مره آخرى
not : if this solution is not work with you directly , delete the user and try again .


المصدر
Source
http://www.4homepages.de/forum/index.php?topic=18256.msg99614#msg99614

12
Discussion & Troubleshooting / Re: problem with arabic username????
« on: December 27, 2007, 06:57:09 PM »
its fix with me now thunder !! ...

when I did this :

http://www.4homepages.de/forum/index.php?topic=18256.msg99614#msg99614

and I did what nicky said to me :

(( delete the user in my album and try again ))

may be is work with baghdad4ever directly not with me ...

13
Discussion & Troubleshooting / Re: problem with arabic username????
« on: December 27, 2007, 05:17:11 PM »
thank you

it is fixed now :D :D

And ... solution for fix ?

I think he mean in register ...

plz , baghdad4ever

check if the member can it login in with Arabic user name after they register !?


In Arabic :
أخوي شيك اذا الاعضاء يقدرون يسون تسجيل دخول للالبوم بعد التسجيل
لان الحل اللي واضعه الاخ حل المشكلة فقط بالتسجيل ...

14
Discussion & Troubleshooting / Re: problem with arabic username????
« on: December 27, 2007, 02:31:36 AM »
ok thx thunder for big help

I will wait anyone that can it help as to find solution for prob in ( login in )

15
Discussion & Troubleshooting / Re: problem with arabic username????
« on: December 27, 2007, 02:19:03 AM »
ok I remove it all ...

 plz is there any solution for this problem ?  :(

Pages: [1] 2 3