phpBB 2.0.8-2.0.9 UPDATE
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Y! MyWeb
Share:
Sponsors:
There has been a fix added to the phpBB 2.0.8 - 2.0.9 update. Originally the new function added unset_vars was causing problems with you entering the Forums admin. As a workaround (thanks to alphamonkey) open the modules/Forum/common.php and
find this line - around line 27
die("Hacking attempt");
}
After place:
//Unset Vars
function unset_vars(&$var)
{
while (list($var_name, $null) = @each($var))
{
if ( ! ( $var_name == 'phpbb_root_path' || $var_name == 'no_page_header' || $var_name == 'phpEx' || $var_name == 'admin' || $var_name == 'user' || $var_name == 'name' ) )
{
unset($GLOBALS[$var_name]);
}
}
return;
}
Find around line 41:
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
After Add:
// Unset globally registered vars - PHP5 ... hhmmm
if (@$ini_val('register_globals') == '1' || strtolower(@$ini_val('register_globals')) == 'on')
{
$var_prefix = 'HTTP';
$var_suffix = '_VARS';
$test = array('_GET', '_POST', '_SERVER', '_COOKIE', '_ENV');
foreach ($test as $var)
{ if (is_array(${
$var_prefix . $var . $var_suffix}))
{
unset_vars(${$var_prefix . $var . $var_suffix});
@reset(${$var_prefix . $var . $var_suffix});
}
if (is_array(${$var}))
{
unset_vars(${$var});
@reset(${$var});
}
}
if (is_array(${'_FILES'}))
{
unset_vars(${'_FILES'});
@reset(${'_FILES'});
}
if (is_array(${'HTTP_POST_FILES'}))
{
unset_vars(${'HTTP_POST_FILES'});
@reset(${'HTTP_POST_FILES'});
}
}
Save it and upload it. The files for download have also been updated so if you don't have hevaily ported forums you can use those.
Article submitted by: Telli
Last Update: 07-16-2004
Category: PHP Nuke News
find this line - around line 27
die("Hacking attempt");
}
After place:
//Unset Vars
function unset_vars(&$var)
{
while (list($var_name, $null) = @each($var))
{
if ( ! ( $var_name == 'phpbb_root_path' || $var_name == 'no_page_header' || $var_name == 'phpEx' || $var_name == 'admin' || $var_name == 'user' || $var_name == 'name' ) )
{
unset($GLOBALS[$var_name]);
}
}
return;
}
Find around line 41:
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
After Add:
// Unset globally registered vars - PHP5 ... hhmmm
if (@$ini_val('register_globals') == '1' || strtolower(@$ini_val('register_globals')) == 'on')
{
$var_prefix = 'HTTP';
$var_suffix = '_VARS';
$test = array('_GET', '_POST', '_SERVER', '_COOKIE', '_ENV');
foreach ($test as $var)
{ if (is_array(${
$var_prefix . $var . $var_suffix}))
{
unset_vars(${$var_prefix . $var . $var_suffix});
@reset(${$var_prefix . $var . $var_suffix});
}
if (is_array(${$var}))
{
unset_vars(${$var});
@reset(${$var});
}
}
if (is_array(${'_FILES'}))
{
unset_vars(${'_FILES'});
@reset(${'_FILES'});
}
if (is_array(${'HTTP_POST_FILES'}))
{
unset_vars(${'HTTP_POST_FILES'});
@reset(${'HTTP_POST_FILES'});
}
}
Save it and upload it. The files for download have also been updated so if you don't have hevaily ported forums you can use those.
Article submitted by: Telli
Last Update: 07-16-2004
Category: PHP Nuke News
Current rating: 5.47 by 42 users
Would you recommend this article to a friend? |
Not a Chance | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Absolutely |
Related News Stories
(9,086 reads) 08-30-2009
· Submit Your Php nuke modules, themes, news, Tips and blocks(7,206 reads) 04-13-2009
· Professional Nuke Installation/Repair Services(12,991 reads) 02-03-2009
· New PHP-Nuke Turkey Community Site(10,209 reads) 07-22-2008
· Nuke Install :: The Leading Professional Nuke Installers(18,007 reads) 08-20-2007
· Php Nuke 8.1 Patched(19,079 reads) 08-04-2007
· PHP-Nuke 8.1 Released(19,518 reads) 01-11-2007
· PNC 4.0 Release Date(15,045 reads) 01-11-2007
· Clan Themes BBToNuke Pack Released(15,926 reads) 09-21-2006
· Php Nuke 8.0 Released(14,844 reads) 07-18-2006
· PhpThemes.Net
Please register or sign-in to post comments.