Icy Phoenix

Hi, I getting a few reports of a "Security Alert – CBack CrackerTracker" on registration.
I have tried creating some test accounts to see if I can replicate the error they are getting but, I seem to register fine every time.
Ive disabled all the CBack CrackerTracker features now in ACP to see if that makes a difference :roll:

Any ideas why some and not all would get this problem?

question. have you created some costum profile fields, with radio buttons??

Hya spydie, I do have a couple of custom fields but only text field nothing ells mate.

anyway.

you might think about killing CrTracker in the script that gives the error.

spydie wrote: [View Post]

anyway.

you might think about killing CrTracker in the script that gives the error.

Not sure what you mean :?

try to put this in profile.php

in the top part of the script

define('MG_KILL_CTRACK', true);

just after <?php

then check if the problem persists

Ok done that, see how it goes, cheers 8)

batman wrote: [View Post]

Ok done that, see how it goes, cheers 8)

Mate, Below the last post here there are 5 similar topics to the question of this thread - One or more of them has the answer to your question.

Most importantly, while I was never a lover of cBack's cracker tracker - it does serve a purpose.

To willy-nilly kill it defeats that purpose.

If you go to cTracker in the ACP and have a look at the cTracker log files - it will tell you what it is blocking, along with the file name.

Then you can decide how to handle it - Reduce the level - ignore arrays or even end up killing it - But at least you will know why you are killing it, even if it doesn't need to be.

mort wrote: [View Post]

batman wrote: [View Post]

Ok done that, see how it goes, cheers 8)

Mate, Below the last post here there are 5 similar topics to the question of this thread - One or more of them has the answer to your question.

Most importantly, while I was never a lover of cBack's cracker tracker - it does serve a purpose.

To willy-nilly kill it defeats that purpose.

If you go to cTracker in the ACP and have a look at the cTracker log files - it will tell you what it is blocking, along with the file name.

Then you can decide how to handle it - Reduce the level - ignore arrays or even end up killing it - But at least you will know why you are killing it, even if it doesn't need to be.

With all due respect Mr. Mort :LOL: the ones in the similar threads are old support topics, possibly for older versions etc. ?

Im still getting to grips with Icy as it works a lot different to Integra which I have been using for 7 years, the same features etc. I'm finding a lot of what I had sussed out with integra are in different file locations and even not necessarily within the same tpl or php file, even worded differently so having to go through a lot of new learning curves.
The thing is, I know exactly how I want my site to function, even small language changes to how things are worded can make a huge difference in making My members experience on my site a lot better

I'm not turning the features of willy nilly, Its just a process of elimination at the moment.
Under normal circumstances if I was experiencing false positives I would put in debug mode and replicate the problem so I can ad the fix, problem is I'm unable to replicate the error.

Trust me I do use the search prior to asking for pointers, plus Ive only been using for a week and have made a heck of a lot of alterations on my site, not so many style design changes as yet but in other areas, that's on top of some teething problems.
Not being a coder is a bit of a pain as you have to play around with things to have a basic understanding of how it effects the site if altered, this all takes time and only so many hours in a day but I'm getting there slowly but surely. 8)

No offence - My post was designed to point you in the right direction. ;)

I was being subtle, because I didn't want to disappoint spydie that it the thread by the "Inactive User" MG states that the problem with check-boxes has been fixed.

If it hasn't and you say you didn't add check-boxes anyway, then the problem is something else. Other than that - Killing a whole file for the sake of avoiding a security problem is only going to maybe leave the file open to possible attacks.

It would be better if MG knows what Cracker Tracker is blocking - Then he could make allowances for it in CT, just like he did with adding check-boxes.

One day you may get hacked, and it doesn't help if you open up files by removing what MG is trying to protect.

On the other hand - PHP v5* is much more secure than the previous versions in that things are done very differently. - Maybe MG needs to re-evaluate if cTracker has a useful purpose any more. :?: