MyBB Community Forums

I'm using mybb 1.6.5 and I'm using the BlackEvo4 V2 Sweet by cwis then when I scan my template I receive this error

Quote:The templates below matched known security issues. Please review them

The errors occurs in calendar template. Here is the code of the template.

<html>
<head>
	<title>{$mybb->settings['bbname']} - {$lang->calendar}</title>
	{$headerinclude}
</head>
<body>
	{$header}
	<table border="0" cellspacing="0" cellpadding="0" class="tborder2">
		<thead>
			<tr>
				<td class="thead" colspan="8">
					<div class="theadleft"></div>
					<div class="theadright"></div>
					<div class="theadmain">
					<div class="float_right">
						<a href="{$prev_link}">&laquo; {$monthnames[$prev_month['month']]} {$prev_month['year']}</a> | <a href="{$next_link}">{$monthnames[$next_month['month']]} {$next_month['year']} &raquo;</a>
					</div>
					<div><strong>{$monthnames[$month]} {$year}</strong></div>
					</div>
				</td>
			</tr>
			<tr>
				<td class="tcat">&nbsp;</td>
			{$weekday_headers}
			</tr>
		</thead>
	</table>
	<table border="0" cellspacing="{$theme['borderwidth']}" cellpadding="{$theme['tablespace']}" class="tborder">
		<tbody>
		{$calendar_rows}
		</tbody>
	</table>
<br/>
<form action="calendar.php" method="post">
	<table border="0" cellspacing="{$theme['borderwidth']}" cellpadding="{$theme['tablespace']}" class="tborder">
		<tr>
			<td class="trow1">
				<table width="100%" cellspacing="0" cellpadding="0" border="0">
					<tr>
						<td class="trow1" valign="top">{$addevent}</td>
						<td class="trow1" align="right">
						<span class="smalltext"><strong>{$lang->jump_month}</strong></span>
						<select name="month">
							<option value="{$month}">{$monthnames[$month]}</option>
							<option value="{$month}">----------</option>
							<option value="1">{$lang->alt_month_1}</option>
							<option value="2">{$lang->alt_month_2}</option>
							<option value="3">{$lang->alt_month_3}</option>
							<option value="4">{$lang->alt_month_4}</option>
							<option value="5">{$lang->alt_month_5}</option>
							<option value="6">{$lang->alt_month_6}</option>
							<option value="7">{$lang->alt_month_7}</option>
							<option value="8">{$lang->alt_month_8}</option>
							<option value="9">{$lang->alt_month_9}</option>
							<option value="10">{$lang->alt_month_10}</option>
							<option value="11">{$lang->alt_month_11}</option>
							<option value="12">{$lang->alt_month_12}</option>
						</select>
						<select name="year">
							<option value="{$year}">{$year}</option>
							<option value="{$year}">----------</option>
							{$yearsel}
						</select>
						{$gobutton}
						<br/><br/>
						<span class="smalltext"><strong>{$lang->jump_to_calendar}</strong></span>
						{$calendar_jump}
						{$gobutton}
						</td>
					</tr>
				</table>
			</td>
		</tr>
		</table>
	</form>
{$footer}
</body>
</html>

Any php masters out there that could check this out for me if this is vulnerable or not? I'm really noob at php I would really appreciate it if someone could check this out for me because I really love this theme

Thank you so much.

Replace:

{$monthnames[$prev_month['month']]}

with:

{$prev_month['month']}

and:

{$monthnames[$next_month['month']]}

with:

{$next_month['month']}

It's just the way MyBB detects potential security issues. Nothing to worry about.

(2011-12-30, 09:27 PM)Nathan Malcolm Wrote: [ -> ]Replace:

{$monthnames[$prev_month['month']]}

with:

{$prev_month['month']}

and:

{$monthnames[$next_month['month']]}

with:

{$next_month['month']}

It's just the way MyBB detects potential security issues. Nothing to worry about.

WOW, now I really need to learn php. XD
Seriously, thank you so much now the error is gone <3

No problem, glad I could help.

I'm attempting to install BlackEvo4 and It's having the same issues even after the above mentioned edits.

HElp needed here http://community.mybb.com/thread-139871.html