Discuss: MyBB PR2 Security Update [1/11/05]
I'll take it please , last I know of my host is still on 4.XXX
I've sent you a PM with download link and the instructions on upgrading (if you already are running PR2).

Thanks I got them and will be using them ASAP.
can i get that link as well? running 4.1.12

May I add, for people who are interested in the latest code, it's mainly for those who like to live on the "bleeding edge" of the development. Things may not work correctly sometimes, but what is marked as fixed here is fixed in that code.
Can I Have A Copy To Please? The Server i'm on is running mysql 4.0.25-standard

I got hacked but will be sticking with MyBB because I think it's a great bit of software (and my forum isn't exactly mission critical).

One thing that would be useful is if thr MyBB team could report severe security vunerabilities as soon as it's discovered, with some kind of workaround. So that we don't get hacked while waiting for a patch to come out.

hey , there,

umm what would happen to edited files, they will be replaced by this patch, and umm isn't there anyway to patch that with avoiding the changes i have made?

Download a file comparison tool like WinMerge and compare the old files to the new ones. The programm will show all changed lines in the code so that you can patch your board manually. Wink

If you use WinMerge you can also generate a patch file which contains all changes. For that go to Tools -> Generate Patch and choose the old file, the new file and an empty text file to write the patch. Big Grin
[Image: donation_drive_sig.png]
hey, i have tried that program and did the patch u talked about , but that thing screwed up my forum Toungue thx that i have just made a backup a while ago, anyway , after uploading the new patch , the page starts to looks like this
9c9 < * $Id: showthread.php 625 2005-08-24 18:26:26Z dennis $ --- > * $Id: showthread.php 878 2005-11-01 12:26:02Z chris $ 56c56 < $query = $db->query("SELECT * FROM ".TABLE_PREFIX."forums WHERE fid='".$thread[fid]."' AND active!='no'"); --- > $query = $db->query("SELECT * FROM ".TABLE_PREFIX."forums WHERE fid='".$thread['fid']."' AND active!='no'"); 227,228d226 < } < if($forum['open'] != "no") { 295c293 < if($forum['allowtratings'] != "no") { --- > if($forum['allowtratings'] != "no" || $forumpermissions['canratethreads'] != "no") { 349c347,350 < $page = intval($mybb->input['page']); --- > if($mybb->input['page'] != "last") > { > $page = intval($mybb->input['page']); > } 358a360,366 > // Recount replies if user is a moderator to take into account unapproved posts. > if($ismod) > { > $query = $db->query("SELECT COUNT(*) AS replies FROM ".TABLE_PREFIX."posts WHERE tid='$tid'"); > $qarray = $db->fetch_array($query); > $thread['replies'] = $qarray['replies'] - 1; > } 362a371,375 > if($mybb->input['page'] == "last") > { > $page = $pages; > } > 366a380 > 372a387,388 > $upper = $start+$perpage; >

anyway thx in advance

Forum Jump:

Users browsing this thread: 1 Guest(s)