058-006 - FIXED - More Security Fixes »  Show posts from    to     

Icy Phoenix


Old Patches - 058-006 - FIXED - More Security Fixes



Mighty Gorgon [ Sun 27 Aug, 2006 20:42 ]
Post subject: 058-006 - FIXED - More Security Fixes
Hi all.

I'm sorry for having to post again a critical patch about a new security hole I've found in phpBB XS thanks to mameto.

Please, apply this patch to your XS as soon as possible.

This patch fixes a security issue in BB Usage Stats and a couple of small bugs in other files.


ThE KuKa [ Sun 27 Aug, 2006 21:08 ]
Post subject: Respuesta: 058-006 - FIXED - More Security Fixes
Thanks MG and Mameto


andrea75 [ Thu 31 Aug, 2006 21:40 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
Why dymanic meta tags doesn't works after this update?


Mighty Gorgon [ Fri 01 Sep, 2006 16:47 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
andrea75 wrote: [View Post]
Why dymanic meta tags doesn't works after this update?

They are working here...


andrea75 [ Fri 01 Sep, 2006 17:13 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
Mighty Gorgon wrote: [View Post]
andrea75 wrote: [View Post]
Why dymanic meta tags doesn't works after this update?

They are working here...


No Luca... they are the same in all topics and in all pages...

Code: [Hide]
  1. <meta name="title" content="058-006 - FIXED - More Security Fixes" />  
  2. <meta name="author" content="phpBB XS Staff :: http://www.phpbbxs.eu/" />  
  3. <meta name="copyright" content="(c) 2002-2006 phpBB XS Staff" />  
  4. <meta name="keywords" content="phpbb xs, phpbbxs, phpbb, premodded, communities, forum, portal, cms, open source, community, mods, templates" />  
  5. <meta name="description" content="phpBB XS" />  
  6. <meta name="category" content="general" />  
  7. <meta name="robots" content="index, follow" /> 


the problem is solved by Antonio Mercurio here

http://www.phpbbplus.it/phpbbplus/viewtopic.php?t=3468


ganesh [ Fri 01 Sep, 2006 19:01 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
Thus... thanx to Antonio


Mighty Gorgon [ Fri 01 Sep, 2006 19:04 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
No guys... META are working... they are set to be shown only when TOPIC, FORUM or CAT is viewed... not for post...

Check this part of the MOD:

Code: [Hide]
  1. if ( isset($_GET[POST_TOPIC_URL]) )  
  2. {  
  3. $meta_topic_id = intval($_GET[POST_TOPIC_URL]);  
  4. }  
  5. elseif ( isset($_GET[POST_FORUM_URL]) )  
  6. {  
  7. $meta_forum_id = intval($_GET[POST_FORUM_URL]);  
  8. }  
  9. elseif ( isset($_GET[POST_CAT_URL]) )  
  10. {  
  11. $meta_cat_id = intval($_GET[POST_CAT_URL]);  


And try to view a topic...

Click here for example!

http://www.phpbbxs.eu/viewtopic.php?t=196

I wouldn't implement this even for posts, because it will slow down page loadings... and it's not a good thing...

Pages will be indexed when the topic link is clicked... and it's enough...


ganesh [ Fri 01 Sep, 2006 19:22 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
:0041:

Eheheh...


andrea75 [ Fri 01 Sep, 2006 19:54 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
Mighty Gorgon wrote: [View Post]
No guys... META are working... they are set to be shown only when TOPIC, FORUM or CAT is viewed... not for post...

Check this part of the MOD:

Code: [Hide]
  1. if ( isset($_GET[POST_TOPIC_URL]) )  
  2. {  
  3. $meta_topic_id = intval($_GET[POST_TOPIC_URL]);  
  4. }  
  5. elseif ( isset($_GET[POST_FORUM_URL]) )  
  6. {  
  7. $meta_forum_id = intval($_GET[POST_FORUM_URL]);  
  8. }  
  9. elseif ( isset($_GET[POST_CAT_URL]) )  
  10. {  
  11. $meta_cat_id = intval($_GET[POST_CAT_URL]);  


And try to view a topic...

Click here for example!

http://www.phpbbxs.eu/viewtopic.php?t=196

I wouldn't implement this even for posts, because it will slow down page loadings... and it's not a good thing...

Pages will be indexed when the topic link is clicked... and it's enough...


Thanks Luca.. now I have understand. Sorry for my ignoranceabout it! But it wasn't so simple to understand...


Mighty Gorgon [ Sat 02 Sep, 2006 05:00 ]
Post subject: Re: 058-006 - FIXED - More Security Fixes
andrea75 wrote: [View Post]
Thanks Luca.. now I have understand. Sorry for my ignoranceabout it! But it wasn't so simple to understand...

No problem... we are all here to learn!




Powered by Icy Phoenix