| Author |
Message |
|
|
It gives some new features, fixes some bugs.
I don't know wich bugs, but it might be better then the version you now use.
version 2.3.0 had a bug in the admin section and 2.3.1 fixed that.
But it sounds if version 2.2 has a SQL Injection Exploit bug, this is common to bad coding in php scripts.
Do you have a link to your guestbook?
|
 |
|
|
Thanks for the fast reply!
We're currently checking the server logs. The file has probably been uploaded together with a comment. Not a server leak...a script leak. 
I can't find the release notes of the latest version. What garuantees does this new version has?
Thanks!
|
|
|
|
Check the logfiles in your server and see how they got in.
Maybe the server has a leak.
You could also upgrade to version 2.3.1
|
|
|
|
Dear All,
Today the guestbook (version 2.2) on a very popular site in NL ha sbeen kind of hacked.
Someone was able to remove the top of the page (the logo part) and include a racial text...!
Several people have been on the phone!
We have removed it but want to make sure this NEVER happens again...
Thanks! (perhaps a chmod on a file?)
I'll wait here for your answer...
Thanks
|
|
|
|
i have found the problem.
the file wasn't complete on the server (ftp problem).
thx.
Toni
|
|
|
|
Hi friends
Excuse me, my English is not so good!
I've worked for more than 2 years with the advanced guestbook.
Today I tried to install the newest version (2.3.1) on a new URL.
I didn't have any problems with unzip, upload, create tables
and set the rights 777. I can see the indexsite. But when I
would make an entry and klick on the button "sign the guestbook"
get the following errormessage.
Parse error: parse error, unexpected $ in /home/.sites/117/site84/web/guestbook/lib/add.class.php on line 354
Do you have experience with this error? Could you give me a hint??
I'm looking forward to receiving your answer.
Thanks a lot for your help!!!
Greetings from Switzerland
Toni
focolio@gmx.ch
|
|
|
|
|
this is for TOP DOWNLOAD BY THE WAY
|
|
|
|
I fixed the same problem with 2.3.1 by dropping book_auth and re-creating it using the script provided. If you notice, there are some differences with the older version. Hope this helps.
|
|
|
|
After messing around for hours....cannot get this thing to work. THis is the error message I get when I try to access the admin sceen:
Thu Apr 22 21:56:11 2004] [error] [client 68.20.2.130] File does not exist: /home/graycr2/public_html/500.shtml
[Thu Apr 22 21:56:11 2004] [error] [client 68.20.2.130] Premature end of script headers: /home/graycr2/public_html/cgi-bin/download.pl
This is how I have setup the script.
Does anything lookout of place? ANyhelp would be greatly appreciated.
#!/usr/bin/perl
#########################################################################
# Top Downloads v2.0 #
# Copyright (c)2000 Chi Kien Uong #
# URL: http://www.proxy2.de #
# #
# This Software is distributed under the GNU General Public #
# License. For more details see license.txt #
# #
# To count a download use: #
# <a href="download.pl?file=file_id">file</a> #
# #
# To show your top xx downloads: #
# http://www.host.com/cgi-bin/download.pl?job=show&top=xx #
# #
# Administration: #
# http://www.host.com/cgi-bin/download.pl?admin=enter #
# #
#########################################################################
# url to script
$cgiurl = "http://www.GrayCrosby.Com/cgi-bin/download.pl";
# url to the image files without trailing "/"
$base_gif = "http://www.GrayCrosby.com/gif";
# administration password - should not contain '&','=' and "
$admin_pass = "pass123";
# file locking ($lock=0 for Win32!);
$lock = 1;
# check http referer 0=no 1=yes;
$check = 0;
@valid=('http://www.graycrosby.com');
# log files
$basedat = "log.txt";
$daylog = "daylog.txt";
$stats = "download_stats.txt";
# base url to the downloads without trailing "/" (use for scanning)
$base_url = "http://www.graycrosby.com/downloads";
# path to the downloads from the server root! (use for scanning)
$base_dir = "/home/www/~graycr2/public_html/downloads";
$back_img = "$base_gif/texture1.gif"; # url of background image
$bgcolor = "#FFFFFF"; # background color
$table_width = 560; # width of hole table
$table_text = 250; # width reserve for the file description
$table_bg = "#F7F7F7"; # table background color
$table_top = "#E1A8A8"; # top table background color
$font_size = "8pt"; # font size
$show_default = 15; # 10=TOP_10 20=TOP_20,etc.
$bar_image_height =10;
$max_day = 28;
$max_bar_height = 180;
%scan = (
zip => '*.zip',
gz => '*.gz',
exe => '*.exe',
mp3 => '*.mp3',
pdf => '*.pdf',
avi => '*.avi'
);
# End Setup
|
|
|
|
whenever people try yo add pics in my advanced gbook it dos'nt show up and when i try it says
cannot upstream and the pic does not show up
can someone help me
|
|
|
|
|
Would kindly post how you did it. I've tried following the install directions with no success. Not quiet sure what to replace with own domain and urls. Thanks in advance. Lucho
|
|
|
|
that is an error when you do sql injection in the admin login
on the username field will produce that error
I'm also searching for the fix..
|
|
|
|
Here are the changes I made to the script....when I try to pull up the admin page....I get an error saying the file does not exist? Can anyone help?
#!/usr/local/bin/perl
# url to script
$cgiurl = "http://www.graycrosby.com/cgi-bin/download.pl";
# url to the image files without trailing "/"
$base_gif = "http://www.graycrosby.com/gif";
# administration password - should not contain '&','=' and "
$admin_pass = "pass123";
# file locking ($lock=0 for Win32!);
$lock = 1;
# check http referer 0=no 1=yes;
$check = 0;
@valid=('http://www.graycrosby.com');
# log files
$basedat = "log.txt";
$daylog = "daylog.txt";
$stats = "download_stats.txt";
# base url to the downloads without trailing "/" (use for scanning)
$base_url = "http://www.graycrosby.com/downloads";
# path to the downloads from the server root! (use for scanning)
$base_dir = "/home/www.graycrosby.com/public_html/downloads";
$back_img = "$base_gif/texture1.gif"; # url of background image
$bgcolor = "#FFFFFF"; # background color
$table_width = 560; # width of hole table
$table_text = 250; # width reserve for the file description
$table_bg = "#F7F7F7"; # table background color
$table_top = "#E1A8A8"; # top table background color
$font_size = "8pt"; # font size
$show_default = 15; # 10=TOP_10 20=TOP_20,etc.
$bar_image_height =10;
$max_day = 28;
$max_bar_height = 180;
%scan = (
zip => '*.zip',
gz => '*.gz',
exe => '*.exe',
mp3 => '*.mp3',
pdf => '*.pdf',
avi => '*.avi'
);
# End Setup
THanks
|
|
|
|
oops...
How can I ban an address without an ip number? or how can I find the number from such an address....
Thanks
Rich
|
|
|
|
I'm getting junk messages from an ip-less joker. They are logged like this:
18.west-valley-02rh15rt.ut.dial-access.att.net
or
cache-dtc-ac17.proxy.aol.com
|
|
|
|
![[Search]](/forum/templates/html/images/icon_mini_search.gif){kind=icon}
![[Hottest Topics]](/forum/templates/html/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/forum/templates/html/images/icon_mini_members.gif){kind=icon}
![[FAQ]](/forum/templates/html/images/icon_mini_faq.gif){kind=icon}
![[Register]](/forum/templates/html/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/html/images/icon_mini_login.gif){kind=icon}
Login