Topic: [Solved]: About the new security release (Read 5768 times)

fotografi · « **on:** August 06, 2008, 01:01:04 pm »

First I want to thank the team for the great job.
The problem for me is that I can not for the moment upgrade the whole functions.inc.php file because I did a lot of changes there.
Is possible to have only the lines of code to change in this file? I mean something step by step, like replace this with these.

Regards.

Abbas Ali · « **Reply #1 on:** August 06, 2008, 01:29:40 pm »

In functions.inc.php [function user_get_profile]

Replace

Code: [Select]

        if (isset($_COOKIE[$CONFIG['cookie_name'].'_data'])) {
                $USER = @unserialize(@base64_decode($_COOKIE[$CONFIG['cookie_name'].'_data']));
        }

with

Code: [Select]

        if (isset($_COOKIE[$CONFIG['cookie_name'].'_data'])) {
                $USER = @unserialize(@base64_decode($_COOKIE[$CONFIG['cookie_name'].'_data']));
                $USER['lang'] = strtr($USER['lang'], '$/\\:*?"\'<>|`', '____________');
        }

That is the only security related change in that file.

fotografi · « **Reply #2 on:** August 06, 2008, 02:38:42 pm »

Thank you Sir.

Regards

Joachim Müller · « **Reply #3 on:** August 06, 2008, 07:57:02 pm »

For reference: the subject "About the new security release" is a bit vague. It should read "About the security release cpg1.4.19".

You could have used a diff viewer like WinMerge to figure out the changes

News:

Author Topic: [Solved]: About the new security release (Read 5768 times)

fotografi

[Solved]: About the new security release

Abbas Ali

Re: About the new security release

fotografi

Re: About the new security release

Joachim Müller

Re: [Solved]: About the new security release