MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Miscellaneous Archive > Old Announcements > Announcements Discussion > Discuss: MyBB 1.2.9 Released - Important Security Update
Full Version: Discuss: MyBB 1.2.9 Released - Important Security Update
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7 8 9

voronv

2007-07-29, 04:02 AM
destroyer Wrote:Someone forgot to update the full package.

I understand that it might be too late to post here and you may never re-read this but hope somebody else will anyway find it... some day.

I guess, this also was forgotten to change:

// Compatible version of MyBB
$langinfo['version'] = "128";

(File: mybb_129.zip \Upload\inc\languages\english.php).

Ryan Gordon

2007-07-29, 05:00 AM
voronv Wrote:
destroyer Wrote:Someone forgot to update the full package.

I understand that it might be too late to post here and you may never re-read this but hope somebody else will anyway find it... some day.

I guess, this also was forgotten to change:

// Compatible version of MyBB
$langinfo['version'] = "128";

(File: mybb_129.zip \Upload\inc\languages\english.php).

It's not necessary in an update.

lekhacnhu

2007-09-25, 11:59 AM
if($mybb->input['imtype'] != "aim" && $mybb->input['imtype'] != "icq" && $mybb->input['imtype'] != "msn" && $mybb->input['imtype'] != "yahoo")
	{
		error($lang->error_invalidimtype);
	}

You should use in_array function

Ryan Gordon

2007-09-25, 02:02 PM
Security fixes always use the simplest updates (The least amount of lines possible..)

lekhacnhu

2007-10-02, 01:17 PM
    if( !in_array( $mybb->input['imtype'], array('aim','icq','msn','yahoo') ) )
    {
        error($lang->error_invalidimtype);
    }

Big Grin

Ryan Gordon

2007-10-02, 02:14 PM
lekhacnhu Wrote:
    if( !in_array( $mybb->input['imtype'], array('aim','icq','msn','yahoo') ) )
    {
        error($lang->error_invalidimtype);
    }

Big Grin

Ok, so that is a tad shorter (albeit not exactly up to MyBB Standards), but are we changing for the sake of changing it? It's not going to happen

lekhacnhu

2007-10-05, 07:52 PM
In the near. Maybe, Im not sure! Mybb will add "custom field" feature for Additional Contact Information, Google talk for example.

Additional Contact Information in Setting table:
//serialize
Array(
'aim'=>'AIM Screen Name', // or $lang...
'icq'=>'ICQ Number',
...
'gtalk'=>'Google Talk',
)
or separate to categories (Required, Option, Contact, Away...)

Fetch data and get array result. Finaly, check keys by array_key_exists function. This solution can secure all field and custom field!

PS: I want Field Category in New Custom Profile Field Smile

Ryan Gordon

2007-10-06, 12:32 AM
lekhacnhu Wrote:In the near. Maybe, Im not sure! Mybb will add "custom field" feature for Additional Contact Information, Google talk for example.

Additional Contact Information in Setting table:
//serialize
Array(
'aim'=>'AIM Screen Name', // or $lang...
'icq'=>'ICQ Number',
...
'gtalk'=>'Google Talk',
)
or separate to categories (Required, Option, Contact, Away...)

Fetch data and get array result. Finaly, check keys by array_key_exists function. This solution can secure all field and custom field!

PS: I want Field Category in New Custom Profile Field Smile

This is a thread to discuss 1.2.9 not ideas
Pages: 1 2 3 4 5 6 7 8 9
MyBB Community Forums > Community Archive > Archived Forums > Miscellaneous Archive > Old Announcements > Announcements Discussion > Discuss: MyBB 1.2.9 Released - Important Security Update