Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
karakas
Hangin' Around


Joined: Feb 20, 2004
Posts: 29

PostPosted: Mon Mar 01, 2004 7:06 am Reply with quote

Only registered users can see links on this board! Get registered or login!

I don't know how much this affects PHP-Nuke, since the GET array is checked against "<script>" strings, but could somebody commend on this?
 
View user's profile Send private message Visit poster's website
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Mon Mar 01, 2004 8:51 am Reply with quote

In viewtopic.php find:
Code:
// 

// Decide how to order the post display
//
if ( !empty($HTTP_POST_VARS['postorder']) || !empty($HTTP_GET_VARS['postorder']) )
{
   $post_order = (!empty($HTTP_POST_VARS['postorder'])) ? $HTTP_POST_VARS['postorder'] : $HTTP_GET_VARS['postorder'];
   $post_time_order = ($post_order == "asc") ? "ASC" : "DESC";
}
else
{
   $post_order = 'asc';
   $post_time_order = 'ASC';
}

Replace with:
Code:
// 

// Decide how to order the post display
//
if ( !empty($HTTP_POST_VARS['postorder']) || !empty($HTTP_GET_VARS['postorder']) )
{
   $post_order = (!empty($HTTP_POST_VARS['postorder'])) ? htmlspecialchars($HTTP_POST_VARS['postorder']) : htmlspecialchars($HTTP_GET_VARS['postorder']);
   $post_time_order = ($post_order == "asc") ? "ASC" : "DESC";
}
else
{
   $post_order = 'asc';
   $post_time_order = 'ASC';
}
if (!eregi("^((asc)|(desc))$",$post_order) )
{
        message_die(GENERAL_ERROR, 'Selected post order is not valid');
}

To test it view any topic and at the end of the url add:
Code:
&postorder=chatserv

Not the result kiddies would expect.


Last edited by chatserv on Fri Mar 05, 2004 4:57 pm; edited 2 times in total 
View user's profile Send private message Visit poster's website
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Fri Mar 05, 2004 4:46 pm Reply with quote

See this update Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
chatserv
PostPosted: Fri Mar 05, 2004 5:00 pm Reply with quote

Updated mine as well, even while what i had first suggested would do the trick it can't hurt to have both methods., not only do you block the attempt but you let the lamer know you patch your files.
 
Raven
PostPosted: Fri Mar 05, 2004 5:03 pm Reply with quote

Oh I totally agree. I just wanted to let everyone know what the 'official' code was, from the authoring group. Saves answering the questions that would probably come Smile
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©