New fix to phpBB - Security Update in viewtopic.php

Website announcements.

Moderator: Moderators

New fix to phpBB - Security Update in viewtopic.php

Postby Krisiun on Thu Nov 18, 2004 5:16 pm

Was found a new bug in phpBB, submitted by the "howdark.com" group.

Here is the fix:

:arrow: OPEN the file viewtopic.php

:arrow: FIND:

[code start="479" highlight="486" file="viewtopic.php"]//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));

for($i = 0; $i < sizeof($words); $i++)
{[/code]
:arrow: REPLACE WITH:

[code start="479" highlight="486" file="viewtopic.php"]//
// Was a highlight request part of the URI?
//
$highlight_match = $highlight = '';
if (isset($HTTP_GET_VARS['highlight']))
{
// Split words and phrases
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));

for($i = 0; $i < sizeof($words); $i++)
{[/code]
:arrow: SAVE/CLOSE/UPLOAD THE FILE


Original Posting can be found here:

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
[span style="color: red; font-weight: bold"]Krisiun[/span]
phpBB Brasil
http://www.phpbbrasil.com.br
krisiun@phpbbrasil.com.br
Krisiun
Registered User
Registered User
 
Posts: 99
Joined: Sun Oct 24, 2004 5:18 pm

Postby ThE KuKa on Thu Nov 18, 2004 8:51 pm

Thanks Krisiun and greets
User avatar
ThE KuKa
Registered User
Registered User
 
Posts: 67
Joined: Tue Aug 03, 2004 4:32 pm
Location: Spain

Postby PostBot on Thu Nov 18, 2004 8:55 pm

Moved to announcements and highlighted lines that needs to be changed :)
Do NOT pm me, I don't visit this forum anymore, don't own it, don't provide any support and don't moderate.
User avatar
PostBot
Moderator
Moderator
 
Posts: 10659
Joined: Sat Aug 02, 2003 3:52 pm
Location: Mars


Return to Announcements

Who is online

Users browsing this forum: No registered users and 1 guest