Discuss: MyBB 1.2.9 Released - Important Security Update
#81
destroyer Wrote:Someone forgot to update the full package.

I understand that it might be too late to post here and you may never re-read this but hope somebody else will anyway find it... some day.

I guess, this also was forgotten to change:

// Compatible version of MyBB
$langinfo['version'] = "128";

(File: mybb_129.zip \Upload\inc\languages\english.php).
#82
voronv Wrote:
destroyer Wrote:Someone forgot to update the full package.

I understand that it might be too late to post here and you may never re-read this but hope somebody else will anyway find it... some day.

I guess, this also was forgotten to change:

// Compatible version of MyBB
$langinfo['version'] = "128";

(File: mybb_129.zip \Upload\inc\languages\english.php).

It's not necessary in an update.
#83
if($mybb->input['imtype'] != "aim" && $mybb->input['imtype'] != "icq" && $mybb->input['imtype'] != "msn" && $mybb->input['imtype'] != "yahoo")
	{
		error($lang->error_invalidimtype);
	}

You should use in_array function
#84
Security fixes always use the simplest updates (The least amount of lines possible..)
#85
    if( !in_array( $mybb->input['imtype'], array('aim','icq','msn','yahoo') ) )
    {
        error($lang->error_invalidimtype);
    } 

Big Grin
#86
lekhacnhu Wrote:
    if( !in_array( $mybb->input['imtype'], array('aim','icq','msn','yahoo') ) )
    {
        error($lang->error_invalidimtype);
    } 

Big Grin

Ok, so that is a tad shorter (albeit not exactly up to MyBB Standards), but are we changing for the sake of changing it? It's not going to happen
#87
In the near. Maybe, Im not sure! Mybb will add "custom field" feature for Additional Contact Information, Google talk for example.

Additional Contact Information in Setting table:
//serialize
Array(
'aim'=>'AIM Screen Name', // or $lang...
'icq'=>'ICQ Number',
...
'gtalk'=>'Google Talk',
)
or separate to categories (Required, Option, Contact, Away...)

Fetch data and get array result. Finaly, check keys by array_key_exists function. This solution can secure all field and custom field!

PS: I want Field Category in New Custom Profile Field Smile
#88
lekhacnhu Wrote:In the near. Maybe, Im not sure! Mybb will add "custom field" feature for Additional Contact Information, Google talk for example.

Additional Contact Information in Setting table:
//serialize
Array(
'aim'=>'AIM Screen Name', // or $lang...
'icq'=>'ICQ Number',
...
'gtalk'=>'Google Talk',
)
or separate to categories (Required, Option, Contact, Away...)

Fetch data and get array result. Finaly, check keys by array_key_exists function. This solution can secure all field and custom field!

PS: I want Field Category in New Custom Profile Field Smile

This is a thread to discuss 1.2.9 not ideas


Forum Jump:


Users browsing this thread: 1 Guest(s)