You are missing our premiere tool bar navigation system! Register and use it for FREE!

NukeCops  
•  Home •  Downloads •  Gallery •  Your Account •  Forums • 

Author: Zhen-XjellPostPosted: Tue Jun 08, 2004 4:15 am    Post subject:

Thanks for the tip, and that is a nice idea... if it can't pull it, just default it. TY



Nuke Cops -> Fortress™

All times are GMT - 8 Hours

Page 1 of 1

Powered by phpBB © 2001,2002 phpBB Group
Readme First
- Readme First! -

Read and follow the rules, otherwise your posts will be closed
Modules
· Home
· FAQ
· Buy a Theme
· Advertising
· AvantGo
· Bookmarks
· Columbia
· Community
· Donations
· Downloads
· Feedback
· Forums
· PHP-Nuke HOWTO
· Private Messages
· Search
· Statistics
· Stories Archive
· Submit News
· Surveys
· Theme Gallery
· Top
· Topics
· Your Account
Who's Online
There are currently, 170 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here
Nuke Cops :: View topic - Two 1.2b bugs...I think. Two 1.2b bugs...I think.

Nuke Cops -> Fortress™

Author: Waldo PostPosted: Tue Jun 08, 2004 12:44 am    Post subject: Two 1.2b bugs...I think.

Bug #1:

line ~280 or so:

Code:
."Spreadsheet: <A HREF=\"/fortress.csv\">fortress.csv</A>"


This presumes you are putting fortress and the fortress DB in your root directory. There are several reasons why you might NOT want to do this-- you (1) want to password protect the entire directory that the database file is in (2) want it in some arbitrary, non-guessable directory, or (2) don't want it accessible at all from the web.

There are a few fixes for this, but I'll leave it up to you to come up with your own.

Bug #2:

Line ~512 or so...
Code:
function Alligators($Food) {
        die("Banned by $Food"); }


$Food is defined as row #8 of the record pulled from the database. Unfortunately, when I just hit my own site with a test exploit, row #8 comes up blank. So I get a message:

Quote:
Banned by


with nothing after it. Using Safari/OS X for what it's worth. A solution might be to put something like this at the top of the function:

Code:
if (!isset($Food) {$Food=" me, you person.";}


Oh, one last thought-- a tip on making apache be able to write to the csv and htm files-- make the directory world-writable. As it turns out, this was necessary for me. This was really the reason I put those files in a subdirectory-- I don't want apache writing to the same directory all the other crap is in.

Just thought I'd pass along the love. Nice work on this so far. Hope comma seperated flat files don't slow page loads too much...

W
Powered by TOGETHER TEAM srl ITALY http://www.togetherteam.it - DONDELEO E-COMMERCE http://www.DonDeLeo.com - TUTTISU E-COMMERCE http://www.tuttisu.it
Web site engine's code is Copyright © 2002 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.282 Seconds - 277 pages served in past 5 minutes. Nuke Cops Founded by Paul Laudanski (Zhen-Xjell)
added by Evaders - DO NOT REMOVE
:: FI Theme :: PHP-Nuke theme by coldblooded (www.nukemods.com) ::