Page 2 of 2
Posted: Tue Jun 13, 2006 4:51 pm
by Swader
So what do I need to do....
I at present have this code...
Code: Select all
if (in_array($var, $not_unset))
{
die('Hacking attempt!');
}
unset($$var);
Should I replace it with the other one.??
Posted: Tue Jun 13, 2006 4:58 pm
by Swader
sputum wrote:The problem is this change in the last phpbb update in the common.php:
Code: Select all
#
#-----[ FIND ]---------------------------------------------
#
if (!in_array($var, $not_unset))
{
unset($$var);
}
#
#-----[ REPLACE WITH ]---------------------------------------------
#
if (in_array($var, $not_unset))
{
die('Hacking attempt!');
}
unset($$var);
Thnx... I reverted it and its working now.
Guyz who have updated to the latest 2.0..21 version do this....
Code: Select all
#
#-----[ FIND ]---------------------------------------------
#
if (in_array($var, $not_unset))
{
die('Hacking attempt!');
}
unset($$var);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
if (!in_array($var, $not_unset))
{
unset($$var);
}
Posted: Tue Jun 13, 2006 5:02 pm
by sputum
thats a workaround, but i guess its kind of a security problem...
i guess the quiz mod has to be modieifed...
btw: majorflame bookmakers mod has the same Problem!
Posted: Wed Jun 14, 2006 8:09 am
by battye
Ah, thank you for finding that. I will investigate it and see what is happening.
Posted: Mon Jun 19, 2006 5:24 pm
by fighteur8
have you find a solution ?
except the code to change in common.php wich is a security issue...
Posted: Tue Jun 20, 2006 7:58 am
by battye
fighteur8 wrote:have you find a solution ?
except the code to change in common.php wich is a security issue...
Sort of. It is quite complicated, and I imagine will require a fair few changes.
Posted: Wed Jul 05, 2006 9:26 pm
by MetaneT
fighteur8 wrote:have you find a solution ?
except the code to change in common.php wich is a security issue...
firstly hi all,
thanks to the coders of this cool mod
I got the same
Hacking Attemp problem before I did the code changes u gave above.
Now it is well working but I wondered if the changes makes any security issue?
sorry for my bad english
Posted: Sun Jul 09, 2006 5:20 am
by battye
Posted: Mon Jul 23, 2007 8:46 pm
by Nano
I'm running phpBB 2.0.21 with Cash Mod.. and upgraded from Quiz mod 1.3.0 to 1.3.3 however I still have the problem "Hacking Attempt" when a user submits their answers to a quiz. I've searched all day today for answers to this persisting issue, and frequently I see that 1.3.1 fixed this, however I cannot find where to download 1.3.1, only 1.3.3. Are there instructions in 1.3.1 that are not in 1.3.3 that will help me fix this? As in SQL changes or anything? The included quiz_install and quiz_updater seem to make no changes in SQL tables updating 1.3.0>1.3.3. If the changes are in included files I've uploaded them all... if the changes are in Files to Edit section of instructions I've done those too.. but the problem persists. Any ideas? Everything else works perfectly only the Hacking Attempt when user submits answers /boggle.
Posted: Tue Jul 24, 2007 6:22 am
by battye
v1.3.1:
here
v1.3.2:
here
and of course, 1.3.3 is available at cmxmods.net
Thanks for registering!
Posted: Tue Jul 24, 2007 3:40 pm
by Nano
Ahh thanks for the links and quick reply
I'll try em out later on this afternoon.
Posted: Tue Jul 24, 2007 3:45 pm
by battye
You're welcome
Welcome to the forum, feel free to check out our OT Forum