If you uploaded the 'class_core.php' file it should be working fine.
Try rebuild the Versions cache.
Edit: I should quote people next time, now I look like a fool.
Someone posted that they were getting that they were getting "You are running version 1.2.3 you are not running the newest..." you get the point. ^_^
rh1n0 Wrote:If you uploaded the 'class_core.php' file it should be working fine.
Try rebuild the Versions cache.
Edit: I should quote people next time, now I look like a fool.
Someone posted that they were getting that they were getting "You are running version 1.2.3 you are not running the newest..." you get the point. ^_^
I was gonna reply too because I was trying to quote his post and it wasn't working
Updated without problems.. didn't have any .php files in my uploads folder.
Somebody probably already noted it, but the functions.php file causes the Quick Theme bug to rear it's head again (same fix I assume does it this time, haven't been able to try it yet).
Nothing was changed which will cause the quick theme to fail.
rillig Wrote:I wonder about the quality of the provided patch:
* Why should a function (get_ip) that has absolutely nothing to do with database access use the function $db->escape_string?
* Why do you leave space characters in the IP address?
* Why is escape_string necessary at all, after you have filtered out everything except [0-9. ]?
Roland
Looking over the REGEX, it allows for digits and decimal points to remain (everything else is replaced by the empty string) - nothing that merits being escaped as long as it's treated as a string.
Great. Thank you very much.
Hopefully this won't delay 1.4. I can't wait for it =D
I have version 1.2.2.
What if I make only the following change on my forum?
Is that enough?
=====================
2. inc/functions.php
=====================
Find:
--
return $ip;
}
--
ABOVE it add:
--
global $db;
$ip = $db->escape_string(preg_replace("#([^.0-9 ]*)#", $ip, ""));
--
=====================
DONE
=====================
PHP_Paul Wrote:What were the file names that you deleted?
I had a Download Section mod installed. For some reason, deleting the files via the interface provided by the mod or the FTP didn't work so I had to write a small script.
I knew the php file was mine cause I always stick my name at the top in a comment, even if it's something like this.
theman80 Wrote:I have version 1.2.2.
What if I make only the following change on my forum?
Is that enough?
=====================
2. inc/functions.php
=====================
Find:
--
return $ip;
}
--
ABOVE it add:
--
global $db;
$ip = $db->escape_string(preg_replace("#([^.0-9 ]*)#", $ip, ""));
--
=====================
DONE
=====================
I would suggest upgrading to MyBB 1.2.3 first - get the changed file at:
http://community.mybboard.net/showthread.php?tid=16273 , if you really don't want to upgrade, you can use the attachment in that thread (
http://community.mybboard.net/showthread.php?tid=16273) to fix the security issue found in MyBB 1.2.2 and then apply the MyBB 1.2.4 patch.