jamal
May 1 2005, 04:27 AM
| | A new exploit is already out for phpbb 2.0.13. I've asked the phpbb development team about it, and they say it will be fixed in version 2.0.14.
It's a way to make yourself admin through exploitation of cookie data. Here's the fix anyway:
Add
$userdata['user_level'] = USER;
after every
$userdata['user_id']
= ANONYMOUS;
in session.php |
Reply
OpaQue
May 1 2005, 07:26 AM
Thanks for sharing this information with us. This will definately help most of the people using PHPbb
Reply
gunbound
May 1 2005, 05:07 PM
You mean session s.php, right? It's located in the includes folder. I found just two instances of CODE $user_id = $userdata['user_id'] = ANONYMOUS; is that all? I don't know PHP very well, so could you confirm that this is all right? Thanks.
Reply
mbd5882
May 1 2005, 06:21 PM
I beleve it is, You should take up a cource in php or asp. Its really cool or you could go onto Win server 2005 or 4, which ever ones out now. Anyway, as usual my sig- Thanks, FFC Webmaster, Asad Haider.
Reply
Odyssey
May 1 2005, 06:41 PM
Thanks for telling us about this flaw. I upgraded as soon as I found this out! To everoyne else - Make sure that you upgrade your version of phpBB as soon as possible, it is a good habbit to always upgrade
Reply
eX_Raven_
May 6 2005, 02:24 AM
Yes I strongly Advise everyone on phpBB to upgrade to 2.0.14 ASAP. My Clan was on phpBB 2.0.13 and some people who disliked us did the same thing and deleted our forums several times.
Reply
mobious
May 9 2005, 08:23 AM
why not just upgrade to 2.0.15? it's already released.
Reply
Similar Topics
Keywords : phpbb 13- Creating A Login Box That Links To My Phpbb Forum
- Have my phpBB Forum Intergrated with my Website (4)
- Trouble With Phpbb Email
- (1)
Hi guys, I want to know if there is anything you can do for sending confirmation email to your
users automatically when they have just regeistered, when the host server does not support SMTP
(Simple Mail Transfer Protocol). ? Thanks alot....
Phpbb Or Ip.b?
- Which is better? (11)
This is just a poll on which forum soolution you like better. I like both - I just want to see
what's YOUR opinion....
Forum Troubles
- In phpbb (2)
I am having forum trouble in phpbb. Whenever I go to post something or add someone to a group or
anything else, I get an error that looks like this: Could not find email template file ::
topic_notify DEBUG MODE Line : 111 File : emailer.php The email template thing changes but the
Line 111 and File emailer.php are always the same. It's getting really annoying. Can anyone
help me with this?...
Error On Emailer.php & Smtp.php At Phpbb
- ERROR on emailer.php & smtp.php at PhpBB (2)
Are you use free webhosting??? smtp.php and emailer.php are general error on CMS like phpBB . It
make email verification disabled.Why??? because free webhosting not allow us use smtp port .they
afraid their server will atacking with spam !! so what solution to solve this problem?? You
can search on google or join at phpBB forum !!! but if it can not solve all this problem
it only able 1 trick ..you must download emailer MOD at www.phpbbhacks.com to inactive emailer.php
or smtp.php ...
Phpbb Customization?
- wappy is not so great with web scripts :-) (7)
ok i feel a little silly posting this as im sure the answers are simple but im really not used to
working with pre-made web scripts that have so many files: Q1. I have added a real cool army theme
to my phpBB with a matching smiley set and its looking good, i also have the matching rank icons but
where on earth do i upload them in the script? Q2. Which file in my template/style/script do i need
to edit to place some extra links at the bottom of my index page, for example a link back to my main
site or some link exchange links/web partners?...
Phpbb Forums
- (11)
Hey you guys no how people host free Phpbb forums And they all have ads on them Well i making a
setup like that with no ads at all I do not no when i will have this setup..... Also i may set up
a ibp forum If you would like to see this let me know if you do not i wont make it smile.gif So
let me know...
Phpbb Password Protector
- Any Good Ones Out There? (3)
I have searched and searhed and searched for a good Password Protection Mod for the PHPBB Forums,
but i cannot find one that will work, i have uploaded the files necessary to the Admin/mods section,
then i do what it says in the file that tells me how to do it, but they never work for me.. im
Getting this.. QUOTE Warning: main(./extension.inc): failed to open stream: No such file or
directory in /home/phillip/public_html/rpg/admin/mods/Password-protected forums
0.5.1/phpbb_root_path/db_update.php on line 22 Warning: main(./extension.inc): failed to open
stream: No...
How To Make Oscommerce Work With Phpbb
- making oscommerce work with phpbb (1)
i'd like to make oscommerce work with phpbb.imean that any person register to phpbb is
automatically regitered to oscommerce and vice versa. if you have any advice or idea that may help
plz send it.(any help would be appricated)...
Phpbb Shoutbox Possible?
- (6)
Hi people, i'm running a phpbb forum and now i've to put a shoutbox on it.. Is it possible?
If yes from where do i get the script? And in which folder should i upload the file..anyhelp would
be much appreciated.. Thanks again...
Phpbb Install Error
- help w/ phpbb plz.... (2)
ok, i type in eveything that phpbbb asked to install, and i use the info i got in the mail and made
a db, but it doesn't work at all.......instaed it says "An error occurred trying to update the
database You have an error in your SQL syntax; check the manual that corresponds to your MySQL
server version for the right syntax to use near ''' at line 1" what does this mean and
how do i fix this and install the forum?? i have tried to install this many times now but it never
works /sad.gif' border='0' style='vertical-align:middle' alt='sad.gif' /> .....
Phpbb V2.0.16 Has Been Released
- Release Date 06/27/05 (4)
QUOTE phpBB Group announces the release of phpBB 2.0.16. This release addresses some bugfixes
and one critical security issue. http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011 ...
Script: Phpbb Mod, Total Users Registered
- Display the total users anywhere on your site. (1)
This is for phpBB V2+ It displays the total number of registered users anywhere you want. This file
is called: phpbb-totalusers.php CODE <?php /** * ©2005 Craig lloyd. All rights reserved. * *
Mod Title: Total Registered Users * Author: Craig Lloyd * Description: Shows
total number of registered users * Release: v1.2, 10th May 2005 *** * Demo:
http://www.toxicsims.co.uk/ (stats box) * Installation Level: Easy *
Installation Time: 1 minute * Files To Edit: This one * Included Files�...
I Need Help Installing Phpbb Fully Moded
- PLEASE HELP (6)
I NEED HELP INSTALING PHPBBFM(FULLY MODED PHPBB) CAN ANYONE PLEASE HELP IF THEY GOT AN IDEA BECUASE
heres a screenshot it might take a while to load depending on our internet conection: please add me
on msn at rudeturk@hotmail.com if u want to tell the answer more easyly or just reply thanks for
helping /sad.gif' border='0' style='vertical-align:middle' alt='sad.gif' /> I moved it here
from the tutorial section, it's not a tutorial so it don't belong there /smile.gif'
border='0' style='vertical-align:middle' alt='smile.gif' /> I'm not sure if this i...
Phpbb 2.0.12
- released!!! (8)
Today I got this message in my inbox: I wanted to share it with you all /cool.gif' border='0'
style='vertical-align:middle' alt='cool.gif' /> Hi everyone, phpBB Group announces the release
of phpBB 2.0.12. This release addresses a couple of potential exploits and fixes a number of issues
involving path disclosures, etc. It also introduces a new ACP based version check (language package
maintainers please note the additional localisation required for this). For further information
please see our announcements forum at phpBB.com : http://www.phpbb.com/phpBB/viewto...
I Need Some Help On Phpbb
- About the Attach MOD (9)
I've installed the attach MOD on my board, but it only works when I use SubSilver theme! I
want to use it in other themes, just like BlackandWhite (I use it). Can somebody help me? Thx...
Integramod 1.3.2c
- pre-modded phpBB (4)
Hey all, A few weeks ago I found the best pre-modded phpBB version, IntegraMod . It includes +100
hacks/mods: -Attachment Mod -Acronyms Mod -Admin Private Message Manager -Admin Userlist -Album Mod
-Many BB codes -BB code Box -Chatbox -Prillian (php IM) -Countryflags (upgradable with state flags)
-Calendar Mod -Download topics and posts (Also is a whole new dl system available) -Shoutbox
-Knowledge Base A whole list can be viewed here . It's highly customizable to your needs and I
would really recommend it allthough there are few themes available. Peace...
New Version Of Phpbb!
- Available for download! (18)
Beta and Alpha versions of phpBB, available for download! Go to http://area51.phpbb.com
Enjoy! Tell Admin about this. /tongue.gif' border='0' style='vertical-align:middle'
alt='tongue.gif' /> /biggrin.gif' border='0' style='vertical-align:middle' alt='biggrin.gif' /> ...
Annoying Extension Checker In Phpbb
- ^^ how do I get rid of it? (0)
I happily installed the new version of phpBB, and I noticed it checks the extension on off-site
avatars. I wrote a little php script which randomly cycles my avatars, so, needless to say, I was
rather disappointed. For some strange reason, I couldn't find where it checks the extension in
the phpBB code (so that I could comment it out). Does anybody know what I'm talking about?...
Phpbb Acting Very Strange
- phpBB, is this a bug? (5)
/ohmy.gif' border='0' style='vertical-align:middle' alt='ohmy.gif' /> When I haven't logged
in, the time format is GMT + 8 When I have logged in, the time format is GMT How can I change it
to GMT + 8 after I log in and after I log out? Test it here http://forum.karlo.trap17.com But
don't change my admin settings! Username: karlo Password: myself Thanks....
Looking for phpbb, 2, 0, 13, important
|
|
Searching Video's for phpbb, 2, 0, 13, important
|
advertisement
|
|
