I've updated to 1.3.3 but continue to get the "hacking attempt" error whenever quiz answers are submitted. Traced the alert to the following code - but not sure what is triggering it:
// Merge all into one extremely huge array; unset
// this later
$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
unset($input['input']);
unset($input['not_unset']);
while (list($var,) = @each($input))
{
if (in_array($var, $not_unset))
{
die('Hacking attempt detected !');
}
// unset($$var); // MOD Backslashes Added
}
unset($input);
}
Also, could you update your text file so we see the latest version available - the text file currently shows 1.2: http://www.cmxmods.net/quiz_latest.txt
Gephri wrote:I've updated to 1.3.3 but continue to get the "hacking attempt" error whenever quiz answers are submitted. Traced the alert to the following code - but not sure what is triggering it:
// Merge all into one extremely huge array; unset
// this later
$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
unset($input['input']);
unset($input['not_unset']);
while (list($var,) = @each($input))
{
if (in_array($var, $not_unset))
{
die('Hacking attempt detected !');
}
// unset($$var); // MOD Backslashes Added
}
unset($input);
}
Also, could you update your text file so we see the latest version available - the text file currently shows 1.2: http://www.cmxmods.net/quiz_latest.txt
Have you made all the required changes? This was fixed in 1.3.1
And regarding the version, see Toy's post
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!
"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
It was to do with the radio boxes, and their name attribute being set to a number. From memory, to solve this, uqm_ was added in front of the variable. It was done in quiz.php IIRC
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!
"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)