If you are not registered or logged in, you may still use these forums but with limited features. Show recent topics
  [Search] Search   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [FAQ]  FAQ 
[Register] Register / 
[Login] Login 
Messages posted by: Aryan
Forum Index » Profile for Aryan » Messages posted by Aryan
Author Message
somehow the visitor succeed to place the following code in new entry:


Thus he hacked my guestbook ... you can imagine what happens when this code loads
HTML codes are disabled, AG codes are enabled, and when I'm trying to place that code myself on new post, I cant ( it says that message contains invalid words)

But somehow he DID it and overcomed all restrictions !!!

How is that possible and how can it be corrected?

That can be a big problem, although I've censored words javascript and script ...
u can download latest release RC-4 here:
http://sourceforge.net/projects/phpbb

and the support forums are here:
http://phpbb.sourceforge.net/phpBB2/
u must change to lang subfolder and edit corresponding .php (if u use only english - english.php, if u use more languages - all corresponding files for them) on row 12:
I'm posting a question about IP not logging ....
But there is no answer ...
Maybe support is discontinued ... or webmaster died?!?!?

It will be a big loss
just edit body.php located in templates folder, and modify it for your local needs ...
ask if u need more help
By the way ALL entries from that user are with missing IP ...
Once again - how is that possible ?!?!?
1. How to enable smilies in comments
2. How to change date and time to be independent of server time

10x for any help
its secured trough .htaccess file which is in /admin subfolder.
thus nobody can view your config.inc.php, which is located in same folder.
.htaccess files sets apache directory permission to selected directories and/or files ... if u dont know what im talking about ...
Everything worked fine with my Adv. Guestbook ... till today ...
Now im logging in admin area and everything looks ok, but when try to open some admin links like "easy admin" it returns me back to login page?!? 8O

Where can be the problem???
I saw that my host have upgraded their servers, also they recommend to set all .php with 606 rights. However that doesnt solve problem ...

And by the way what are right permissions for .php files in AGB?

Pls. help! Im sad
I have an entry from guest in my guestbook where IP address nor host name is logged.
How is that possible?
hoshea wrote:
Thanks for the reply. I know this part but is it something like a unix time stamp. The "date" data that I am trying to input from my old guestbook is in the mysql timestamp format but I dont believe the "date" field on this database is?



This timestamp may be converted in EXCEL by using the following formula:



you can also ask perl to help by typing



x is the unix timestamp and y is the offset in seconds from UTC. (Perl knows y).
clear
anyway big 10x for your support
done.
but all is the same ... same error and i dont receive 500 error ?!?!? 8O
hmmm ... be more speciffic ... how to check if i can use <Allow Override> directive and what to place in such case in .htaccess file ... and where to place .htaccess file ?
10x for reply but that doesnt help at all
my gb is on public server, not on my own ... so u can imagine that i cant ask them to change their php.ini

if u have any other ideas u r welcome ...
 
Forum Index » Profile for Aryan » Messages posted by Aryan
Go to:   
Based on the open source JForum