Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

web link bugs
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.8
Author Message
evil_1
New Member
New Member



Joined: Jun 14, 2005
Posts: 9
PostPosted: Thu Jul 07, 2005 11:47 pm Reply with quote
hi
please tell me how can I fix this bugs :
Quote:

modules.php?name=Web_Links&l_op=TopRated&ratenum=This%20Site%20Is%20HACKED%20BY%someone&ratetype=num
modules.php?name=Web_Links&l_op=ratelink&ttitle=This%20Site%20Is%20Hacked%20By%20someone
modules.php?name=Web_Links&l_op=viewlinkcomments&ttitle=This%20Site%20Is%20Hacked%20By%20someone


my nuke version is 7.8 with chat serv 78patched and nuke sentinel

[/url]
 
View user's profile Send private message
chatserv
Member Emeritus



Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico
PostPosted: Fri Jul 08, 2005 1:32 am Reply with quote
Open modules/Web_Links/index.php
find 2 times:
Code:
   if ($ratenum != "" && $ratetype != "") {

change to:
Code:
   $ratenum = intval($ratenum);


   $ratetype = htmlentities($ratetype);


   if (!empty($ratenum) && !empty($ratetype)) {

find 4 times:
Code:
   $transfertitle = ereg_replace ("_", " ", $ttitle);

change to:
Code:
   $ttitle = htmlentities($ttitle);


   $transfertitle = ereg_replace ("_", " ", $ttitle);


Last edited by chatserv on Fri Jul 08, 2005 2:02 am; edited 1 time in total 
View user's profile Send private message Visit poster's website
chatserv
PostPosted: Fri Jul 08, 2005 1:38 am Reply with quote
Also applies to modules/Downloads/index.php
 
Manuel
Regular
Regular



Joined: May 28, 2005
Posts: 90
PostPosted: Fri Jul 08, 2005 3:35 pm Reply with quote
i removed $ttitle from my downloads module because it's buggy and has problems with sentinel and others

_________________
Image 
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
evil_1
PostPosted: Sun Jul 10, 2005 2:54 am Reply with quote
Thanks Dear chatserv
I replaced patch code (Total 6 line)
First Bug Fixed :
Code:



modules.php?name=Web_Links&l_op=TopRated&ratenum=This%20Site%20Is%20HACKED%20BY%20someone&ratetype


but these bug not fix
Code:



modules.php?name=Web_Links&l_op=viewlinkcomments&ttitle=This%20Site%20Is%20Hacked%20By%20someone


modules.php?name=Web_Links&l_op=ratelink&ttitle=This%20Site%20Is%20Hacked%20By%20someone

I'm sure apply your patch code correct
Thank You
 
chatserv
PostPosted: Sun Jul 10, 2005 7:51 pm Reply with quote
You can't hack a site with a line like This%20Site%20Is%20Hacked%20By%20someone, try using something else to see if it goes through, that line just translates to This Site Is Hacked By someone
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> phpnuke 7.8


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©