MyBB Community Forums

This link

<a href="misc.php?action=clearpass&amp;fid={$fid}">

should normally delete a forum password but it doesn't work.... You know why?

"It's the "&" turn it into "&"!"

Haha, I knew that would come...so you think that works?

<a href="misc.php?action=clearpass&fid={$fid}">

...
NO!

Here's how to fix that prob. (The coders forgot to add an update query o.O)

Open up misc.php

Find (Around Line 90 -100):

	if($mybb->input['fid'])
	{
		my_unsetcookie("forumpass[".intval($mybb->input['fid'])."]");
		redirect("index.php", $lang->redirect_forumpasscleared);
	}

Replace with:

	if($mybb->input['fid'])
	{
		my_unsetcookie("forumpass[".intval($mybb->input['fid'])."]");
		$db->update_query("forums", array("password" => ""), "fid=".intval($mybb->input['fid'].""));
		redirect("index.php", $lang->redirect_forumpasscleared);
	}

So now the link works xD Only thing you've to do is to clear your cache or wait for the task to clear it.

Hope I could help you.

Please do NOT use the code modification here. It causes a vulnerability.

(2008-08-09, 11:51 PM)Tikitiki Wrote: [ -> ]Please do NOT use the code modification here. It causes a vulnerability.

Where else?

I would add that below...

	if($mybb->usergroup['cancp'] == 1)
	{
          $db->update_query("forums", array("password" => ""), "fid=".intval($mybb->input['fid'].""));
       }

Better??

Nope. Your not supposed to delete the password from the forum.