I world championship has circumscribed then in 2006 tip play minced meat in EM 2008 tip play.

The minced meat functions perfectly.
Unfortunately, there is allerding security problems with the minced meat.

The minced meat has 3 dateien,
it would be nice if to itself somebody would find around the Sicherheits l?cke to close.

Thank many

Sorry for my English

you need a better translation program, i cant understand what you need.

he needs help with an addon wich seems to have a security leak.

minced meat?

you need a better translation program, i cant understand what you need.

Yes have a problem with a addon.
Yes zhe addon has a security leak

Yes have a problem with a addon.
Yes zhe addon has a security leak

try http://de.babelfish.yahoo.com/ ;)

I have the WM addon from The Sisko into the EM 2008 addon!
That addon runs without problems however has chop security problems...
unfortunately I cannot do that

Help my Please!

Where did you get this hack? Have you tried posting in the thread you got the hack in? They are probably better able to help you with the security problem. We can't help you if we don't have the code (and probably can't even then).

Where did you get this hack? Have you tried posting in the thread you got the hack in? They are probably better able to help you with the security problem. We can't help you if we don't have the code (and probably can't even then).

The creator of this Addon of it makes however nothing more white, unfortunately. Me only communicated in addon security of problems gives more white I also not.

In german :

http://www.vbulletin-germany.org/showthread.php?t=1518

to make a long story short: the original hack was a sports betting addon for world soccer championship in 2006 and the original coder (TheSisko) doesnt support it anymore and the old download thread doesn´t exist too. Tyran1 changed the code into an addon for european championship 2008 but unfortunately the original code has a security leak (i guess sql-injections) which tyran is not able to fix by himself.

@tyran: maybe you should provide the hack to the users here, because without it no one will be able to help you just like lynne allready said.

to make a long story short: the original hack was a sports betting addon for world soccer championship in 2006 and the original coder (TheSisko) doesnt support it anymore and the old download thread doesn?t exist too. Tyran1 changed the code into an addon for european championship 2008 but unfortunately the original code has a security leak (i guess sql-injections) which tyran is not able to fix by himself.

@tyran: maybe you should provide the hack to the users here, because without it no one will be able to help you just like lynne allready said.


Thank you.

Ok the Addon in the appendix

If it's an SQL injection problem, then it's probably these lines in EM2008.php:

$sql = "INSERT INTO " . TABLE_PREFIX . "rth_em08_bets (user_id,em_game_number,bet_result,bet_home,bet_vi sitor)
VALUES (".$vbulletin->userinfo['userid'].",".$game.",".$result['bet_result'].",".$result['home'].",".$result['visitor'].")";

... where none of those variables being inserted have been cleaned properly.

At the very least, I'd do ...

$game = $db->escape_string($game);
$result['bet_result'] = $db->escape_string($result['bet_result']);
$result['home'] = $db->escape_string($result['home']);
$result['visitor'] = $db->escape_string($result['visitor']);

... before that query.

-- hugh

If it's an SQL injection problem, then it's probably these lines in EM2008.php:

$sql = "INSERT INTO " . TABLE_PREFIX . "rth_em08_bets (user_id,em_game_number,bet_result,bet_home,bet_vi sitor)
VALUES (".$vbulletin->userinfo['userid'].",".$game.",".$result['bet_result'].",".$result['home'].",".$result['visitor'].")";

... where none of those variables being inserted have been cleaned properly.

At the very least, I'd do ...

$game = $db->escape_string($game);
$result['bet_result'] = $db->escape_string($result['bet_result']);
$result['home'] = $db->escape_string($result['home']);
$result['visitor'] = $db->escape_string($result['visitor']);

... before that query.

-- hugh

Many thank you!!!!! Sorry which I ask however was that everything?

--------------- Added 1201713109 at 1201713109 ---------------

One has me further to place called these obviously also a problem to explain...

$vbulletin->input->clean_array_gpc('p', array(
'betgame' => TYPE_ARRAY,

[...]
$userbetcheck = $db->query_first("SELECT count(*) as anzahl FROM " . TABLE_PREFIX . "rth_em08_bets
WHERE user_id = ".$vbulletin->userinfo['userid']."
AND em_game_number = ".$game."");

and

//phase?
$default_phase = ($em_now < $phase2_timestamp) ? 1 : 2;
$_GET['phase'] = (!empty($_GET['phase'])) ? $_GET['phase'] : $default_phase;
$show['phase'] = $_GET['phase'];
$phase_name = $vbphrase['EM2008_phase'.$_GET['phase']];
$_GET['phase'] = $phase_array[$_GET['phase']];

--------------- Added 1201713261 at 1201713261 ---------------

One wrote me: "Das are not no stringers, and/or should be. = > intval() or other method over to guarantee that it more integer sind"

Yes, I just pointed out the obvious one. There is other work needs doing to proeprly sanitize your inputs.

Basically any user input you use in a query should be cleaned properly - that is, make sure it's been through the vbulletin GPC cleaner, and unless you have specific reasons not to, use escape_string.

And of course NEVER use $_GET, $_POST or $_REQUEST directly. Always run all input through the vbulletin GPC cleaner.

Suggest you read this excellent article:

https://vborg.vbsupport.ru/showthread.php?t=154411

-- hugh

Thank you @all.

The Thread can Closed!