You are not registered yet. Please click here to register!
 
       
Set to my Home page Add to Favorites
 
Home Page     DIỄN ĐÀN     Register     Statistics     Contact Us     Rules     RSS 2.0
LOGIN
Username  
Password  
   
   
Register
Forgot your password?
DataLife Engine Support » DataLife Engine » Bug Fix » Insufficient filtering of incoming data for DLE 8.5
Category
Script Gen:0.00306s.
Popular
» Module Referer 6.4
» DataLife Engine v.8.5 FULL English by DLEVIET
» DLE Search Cloud Module
» DataLife Engine v.8.5 Final Release
» Flash tags cloud
» Category Module
» DLE Site Info 2.1 Module
» Category Tree 1.3
» Template zeos.in
» DataLife Engine v.9.0 Press Release
Sponsor
Your
Ads
here
Last News
» DataLife Engine v.9.0 FULL English by DLEVIET
» DataLife Engine v.9.0 Final Release
» Change html tag italic(i) and bold(b) to tag (em) and (strong) for SEO
» Automatic Upload Image Module
» DataLife Engine v.9.0 Press Release
» Insufficient filtering of incoming data for DLE 8.5
» Fix bug cross-site scripting (XSS) attacks
» Can't post new post ( help me plz)
» What is database? pl tell me detailed answer?
» problem in template.class.php
Archives
September 2010 (1)
August 2010 (1)
July 2010 (2)
June 2010 (3)
May 2010 (15)
April 2010 (10)
Tags Cloud
3news, bookmark module, bookmark us, bookmarks, build, category, compress, css, Datalife (dle) Search Cloud Module, dle, DLE Search CLoud Module, dleviet, dynamic, google adsense, guest, guest popup, javascript, mid team, Multiple, new user, pingationMod, Please register, popup, register, SEO, sexy, sexy bookmark, sexy social bookmarks, site, Sitemaps, top user module, viet
Referer
Google: dle search cloud module
Google: install sitemap module in datalife engine
Google: Show whole archive datalife
Google: DLE Viet
Google: datalife engine modules 9.0
Google: template+for+DataLife+Engine
Google: site link+datalife
Google: datalife module free
Google: dle.vn
Google: data life engine
Last Comments
Author: ashish
Article: Tree Menu
DLEVIET Partner
» indirTeam.Com
» AfghaN waRez
» MASOO DOWNLOAD
» 7 Download
» Free Full Software Download
» Albanian Sharing Warez
» Share4all.Com
» Download all U want
» Free flash games online, free play games online
» Free download ebook, free download software, free download theme, free download template, free download game
» rapidshare pc psp games
» Warez-VN
» full free download
» A - Z Softwares
» Thu Vien Webmaster
» Universal Url Checker
» VietHak Team
» GetVn
Add Your Site

Powered By SiteReport.org
 

Your Ads Here
 

DataLife Engine » Bug Fix : Insufficient filtering of incoming data for DLE 8.5
Author: admin | 9 June 2010 | Views: 1028
 
Problem: User is allowed to upload files to server (no pictures), may go beyond the permitted download folder, and if he has the administrator account, then interrogate the script.

Error in version: All Versions

The degree of danger: Medium (High if the administrator account are online)

FIX

1. Open file engine/inc/files.php

Find
$serverfile = trim( htmlspecialchars( strip_tags( $_POST['serverfile'] ) ) );


replace with
        if ($member_id['user_group'] == 1) $serverfile = trim( htmlspecialchars( strip_tags( $_POST['serverfile'] ) ) ); else $serverfile = '';

        if ( $serverfile != '' ) {

            $serverfile = str_replace( "\\", "/", $serverfile );
            $serverfile = str_replace( "..", "", $serverfile );
            $serverfile = str_replace( "/", "", $serverfile );
            $serverfile_arr = explode( ".", $serverfile );
            $type = totranslit( end( $serverfile_arr ) );
            $curr_key = key( $serverfile_arr );
            unset( $serverfile_arr[$curr_key] );

            if ( in_array( strtolower( $type ), $allowed_files ) )
                $serverfile = totranslit( implode( ".", $serverfile_arr ) ) . "." . $type;
            else $serverfile = '';

        }

        if( $serverfile == ".htaccess") die("edit codeing attempt!");


2. Open file engine/classes/thumb.class.php

Find
$this->img['des'] = imagecreatetruecolor( $this->img['lebar_thumb'], $this->img['tinggi_thumb'] );


ABOVE add
        if ($this->img['lebar_thumb'] < 1 ) $this->img['lebar_thumb'] = 1;
        if ($this->img['tinggi_thumb'] < 1 ) $this->img['tinggi_thumb'] = 1;


Distribution version 8.5 has been updated.

Download this software with Usenet safely! Fast and anonymous 14 days free
Keywords: serverfile, &34&34, version, administrator, serverfile_arr, account, &39&39, str_replace&40, online, htmlspecialchars&40, trim&40, Distribution, _POST&91&39serverfile&39&93, this&62img&91&39tinggi_thumb&39&93, this&62img&91&39lebar_thumb&39&93, totranslit&40, Problem, Medium, strip_tags&40, updated.
 
 
 
Please register to view full news and comment.
HTML:
BBCode:
Link:
 
Related:
   
 
Good(+) -12 Bad(-)
 Comments (2)  Print
 
 
#1 Author: Michael
12 June 2010 18:39 | Yahoo: -- |
 

Member

Registered: 14.03.2010
the last line of the fist replaced new code
is actually (in DLE offcial site) is
if ($ serverfile == ". htaccess") die ("Ha*cking attempt!");

(remove * )


but in your site you had written
if( $serverfile == ".htaccess") die("edit codeing attempt!");


and the code Ha*cking Attempt is a critical code/function of DLE if you will write any thing else in the place of h@cking attempt then the script will suffer problems

mr admin

you had used word filter to remove the work ha*ck (remove *) with word "edit code"

now this is causing problems in the coding :D


now the users who had used and edited their files with the ur code they may get in prob :P

don't worry mr admin
google adsence bot will noy cause you problems if you will write the word "h@ck" once or 4, 5 times
so remove that word filter and use search and find to replace all the already replaced words :)
 
 
News: 5 | Comments: 38    
 
 
#2 Author: tvthanh78
12 June 2010 22:24 | Yahoo: tvthanh78 |
 

Member

Registered: 27.02.2010
Yes, sloppy admin too!
Please check carefully your own posts before posting!
tongue
Thanks admin for the above, and thanks to Michael for the bottom !
 
 
News: 0 | Comments: 3    
 
 
Information
 
Members of Guest cannot leave comments.

  
 

Recent Search Engine

Fill Up 2 Final | in main.tpl | java in main.tpl | admin.php | archive | Show whole archive |
HELP DLEVIET
Donate via PAYPAL

Donate via WebMoney
Z959915539544
Facebook
POLL
How do you know DataLife Engine Support?

Search Engine
Other DLE Support websites
Forum
Friends
Others
Last DLE Version

9.0 / 2010
Calendar
«    September 2010    »
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
Statistics
Site Statistics
Top Author:
  1    admin 136
  2    hanjull 60
  3    phuongtueba 22
  4    keylove 17
  5    nguyenvantrinh 17
  6    novasas 9
  7    mrminh 8
  8    Pakistan 8
  9    DjMixTape 5
  10    Michael 5


Membership:
  Total : 1651   ( +11 )
  This month : 255
  This hour : 6
  Banned : 31
  Newest member :
Kinqwolf


Articles:
  Total : 402  ( +28 )
  This Month : 179
  This hour : 2
  Awaiting validation : 298


Comments:
  Total : 638  ( +0 )
  This month : 69
  This hour : 0
Online
Members: 2
davidigoliaph SAGITARIUS

Bots: 3
BaiDuSpidercrawl Bot
MSN Bot

Guest: 2
Total: 7

Site Visits
Today Visits: 90
This Week Visits: 16358
This Month Visits: 10799
This Year Visits: 569033
All Visits: 1418014
Record: 67620 In 18.05.2009
TRANSLATE
TOP OF MONTH
» DataLife Engine v.9.0 Final Release
» DataLife Engine v.9.0 FULL English by DLEVIET
Ranking
 
Copyright © 2008-2009 By DLEViet.com, All Rights Reserved.
Please keep copyright when you post to another website : "Copy from DLEViet.com" or "Source : dleviet.com". Thank for join with us.